This is a list of tasks that you might want to execute after finishing the initial Solaris installation.
Create a home directory for root and assign bash as the default shell for the root user:
# mkdir /root # chmod 700 /root # vi /etc/passwd
In the passwd file, change the first line:
Use :wq! to instruct vi to override the read-only permission on the passwd file.
Eventually, move all root's config files to the new home directory:
# cd / # mv /.* /root
If you don't have any important configuration files for the root account yet, you can simply remove the files starting with a dot from the root of your file system, since they will be recreated whenever necessary.
The TT_DB directory can be removed if it exists. It is created when root logs in on the console using CDE, but since you are going to create at least one non-privileged user account, and use that to switch to the root user account, the TT_DB directory won't be recreated.
Check that you get the best performance possible for your graphics card. A default installation doesn't get the most out of your hardware. Tune your X settings.
Check the files that configure name resolution:
Check the man pages for these files for more information.
Create non-privileged users and groups:
# groupadd -g 101 group1 # useradd -u 101 -g 101 -s /bin/bash -c "First User" -m -d /export/home user1
User- and group IDs should be in between 100 and 60.000 in order not to interfere with system administrative accounts. User- and groupnames should not exceed 8 characters.
Set the password for the new user(s). Log out and use a non-privileged account from now on, unless you really need root access. In that case, use su - so as to source root's environment.
Patch the system:
~ > cd /var/tmp ~ > /usr/sfw/bin/ncftp sunsolve.sun.com <-- output omitted --> Logged in to sunsolve.sun.com. ncftp / > cd /pub/patches ncftp /pub/patches > get 9_Rec* <-- output omitted --> ncftp /pub/patches > bye
Have ncftp save a bookmark in order to reconnect to the same server and to be placed immediately in the same directory next time you want to download patches.
Unpack the patch cluster, read the README file and install:
~ > unzip 9_Recommended.zip ~ > su - Password: # cd /var/tmp/9_Recommended # ./install_cluster
The next morning, check the errors: for each patch that you could not install, go into the directory of that patch and read the README file for that patch. If you can not find out why a patch could not be installed on your system, contact Sun support.
Install additional packages, such as Oracle, SunONE software, Sybase, stuff downloaded from Sunfreeware or a mirror, or from the Software Companion CD, which contains Open Source packages. Among the more interesting ones in /cdrom/s9_software_companion/components/sparc/Packages/:
# cd /cdrom/s9_software_companion/components/sparc/Packages/ # pkgadd -d . SFWgfind Processing package instance
from findutils - GNU find utilities (sparc) 4.1,REV=2002.10.04.23.05 <--output omitted --> Using as the package base directory. ## Processing package information. ## Processing system information. 5 package pathnames are already properly installed. ## Verifying package dependencies. ## Verifying disk space requirements. ## Checking for conflicts with packages already installed. ## Checking for setuid/setgid programs. This package contains scripts which will be executed with super-user permission during the process of installing this package. Do you want to continue with the installation of <SFWgfind> [y,n,?] y Installing findutils - GNU find utilities as <SFWgfind> ## Installing part 1 of 1. 731 blocks Installation of <SFWgfind> was successful.
You can now run the gupdatedb command (after having created the /opt/sfw/var directory) to create the locate database (as root), upon which the users can find files very easy using the glocate command:
~ > /opt/sfw/bin/glocate .bashrc /export/home/tille/.bashrc /root/.bashrc
For each package, check where binaries and man pages are installed, and add these directories to the PATH and MANPATH directives, respectively, in your shell setup files - preferably /etc/profile, the system-wide configuration file.
The packages from the Software Companion CD install in /opt/sfw/bin, /opt/sfw/kde/bin etc. Note that the packages on the Software Companion CD will probably not contain the most recent versions of the GNU software. Check with the GNU site or Freshmeat for the latest releases.
The packages from Sunfreeware install in /usr/local. To prevent your /usr partition from filling up, create a symbolic link from /usr/local to /opt/local or /export/local:
# cd /usr # mkdir /opt/local # ln -s /opt/local local
Create shell configuration files for your users and for the root user, for instance ~/.bashrc for Bash users, ~/.kshrc for Korn shell users and ~/.profile for Bourne shell users. Additionally, create shell configuration files in /etc/skel and use the skeletton directory option when adding users (useradd -k /etc/skel).
Put system-wide settings in the /etc/profile file, e.g. PATH and MANPATH settings.
This is an example .bashrc file. A backslash (\) indicates the continuation of a line, you can leave them out when creating your own files and make path configurations on only one (very long) line.
# My Variables # ################ # Prompt settings export PS1="\[\033[1;46m\]\u@\h \w>\[\033[0m\] " export PS2="More Input> " # Path settings export PATH=/usr/bin:/usr/sbin:/usr/sfw/bin:/usr/dt/bin:/usr/openwin/bin:\ /opt/local/bin:/opt/sfw/bin:/opt/sfw/kde/bin export MANPATH=/usr/share/man:/usr/sfw/man:/usr/dt/man:/usr/openwin/man:\ /opt/local/man:/opt/sfw/man:/opt/sfw/kde/man # Other variables export CC=/opt/local/bin/gcc export HISTFILESIZE=2000 export EDITOR=vi export JAVA_HOME=/usr/java/j2sdk1.4.0 # My Aliases # ############## # Interactive remove, copy and move alias rm='rm -i' alias cp='cp -i' alias mv='mv -i' # Everything I often mistype alias kls='ls' # Colored ls output alias ls='/opt/local/bin/ls --color' # Force use of modern commands even when I'm not thinking straight alias more='less' alias rcp='scp' alias rsh='ssh' # Shortcuts for long commands: alias server='ssh -C -v remote_username@remote_host.remote.domain' # Other stuff # ############### # Commands I want to see the output from every time I open a new shell uptime echo # echo without arguments gives an empty line, to separate output cal # Give local users access to the display xhost | grep localhost > /dev/null if [ $? -ne 0 ]; then xhost +localhost fi # My Shell Options # #################### set bell-style visible set -o noclobber
See this mini-HOWTO for color-ls and these example shell setup files for more. A full explanation of all configuration files used by the Bash shell can be found in the Bash documentation or in this Bash guide. The GNU ls command supporting coloured output is also available from the SFWgfile package that comes with the Software Companion CD. This will install /opt/sfw/bin/gls, which also understands about the --color option.
If you like the Gnome desktop environment, download the gnome-2_0-fcs-solaris9-sparc.tar.gz (as of this writing) package from Sun.com. You'll need to register for this. After you have received a username and password, select the appropriate package for your platform (Sparc or Intel) and Solaris version (8 or 9). Accept the license agreement and download the package into /var/tmp on your system.
Unpack the archive and install:
~ > cd /var/tmp ~ > gunzip -c gnome-2_0-fcs-solaris9-sparc.tar.gz | tar xvf - <-- output omitted --> ~ > cd gnome-install ~ > less README ~ > su - Password: # cd /var/tmp/gnome-install # ./install
This is a graphical installer, so make sure root has access to your display, see the explanation about usage of the xhost command.
Install cronjobs using crontab -e:
10 3 * * * /usr/sbin/logadm 15 3 * * 0 /usr/lib/fs/nfs/nfsfind 1 2 * * * [ -x /usr/sbin/rtc ] && /usr/sbin/rtc -c > /dev/null 2>&1 30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean 0 0 * * * /root/bin/backup.sh 1 1 * * * catman -w 2 2 * * 0 echo "patch me" | mail root 3 3 * * * /opt/local/sbin/updatedb
Make sure ordinary users can not mess up your fabulous configuration:
# eeprom security-mode=command
In /etc/default/kbd change the value of the KEYBOARD_ABORT variable to disable, remove the commentary hashmark (#) and run the kbd -i command.