Unix & Linux Stack Exchange
Q&A for users of Linux, FreeBSD and other Unix-like operating systems
Latest Questions
2
votes
2
answers
1092
views
How to await Solaris zone boot (first time)
Solaris 11. I've found that the zone boot command (e.g. `zoneadm -z myzone boot`) returns before the zone is fully booted/configured. The problem is related to freshly created zones. More precisely what I do is this: zoneadm -z myzone install -c mytemplate.xml zoneadm -z myzone boot When the second...
Solaris 11.
I've found that the zone boot command (e.g.
zoneadm -z myzone boot) returns before the zone is fully booted/configured. The problem is related to freshly created zones.
More precisely what I do is this:
zoneadm -z myzone install -c mytemplate.xml
zoneadm -z myzone boot
When the second line finishes the system reports that the zone is in running state (which is technically true). In reality the zone is still busy doing manifest importing, i.e. doing initial configuration. Therefore at this point there's no guarantee that the artifacts defined in mytemplate.xml (such as users) will actually exist. This will typically take an additional minute or two.
This is a problem in my scripted creation of zones. I can obviously do a very long sleep and hope that by then the zone has finished its configuration tasks but that seems like a stupid solution. I wouldn't know for how long to wait.
Is there a way for my script to ensure that the zone's background configuration processes have completed before I continue ?
peterh
(940 rep)
Aug 10, 2014, 06:21 PM
• Last activity: Dec 20, 2022, 11:38 AM
7
votes
2
answers
13044
views
List processes that have been running more than 2 hours
How can I list processes, with a defined name, that have been running for more than 2 hours. This is what I have tried. ps -efo pid,comm,etime | grep 'process name' | awk '{print $3}' ---- This is for Solaris. Or can someone help how to create a script that will send an email with the process IDs if...
How can I list processes, with a defined name, that have been running for more than 2 hours. This is what I have tried.
ps -efo pid,comm,etime | grep 'process name' | awk '{print $3}'
----
This is for Solaris.
Or can someone help how to create a script that will send an email with the process IDs if there are processes running longer than 2 hours.
Vinod
(71 rep)
Jul 19, 2019, 02:50 PM
• Last activity: Jun 7, 2022, 10:55 AM
3
votes
2
answers
361
views
How to configure a global zone along with two non-global zones in solaris 10?
I have a SUN M3000 server. I want to configure this as a global zone (named z1dms) which will have two non-global zone (named zu9dms and zu10dms). Please tell me how to configure.
I have a SUN M3000 server. I want to configure this as a global zone (named z1dms) which will have two non-global zone (named zu9dms and zu10dms). Please tell me how to configure.
Nainita
(2972 rep)
Jun 13, 2015, 07:02 AM
• Last activity: Dec 13, 2021, 10:58 AM
0
votes
1
answers
202
views
In Solaris UNIX what is a mountpoint and what makes a mountpoint different than a regular file system?
I don't really know the significance of a mountpoint in UNIX Solaris or what a mountpoint is used for, could someone explain this, what do I have to know about a mountpoint as an administrator?
I don't really know the significance of a mountpoint in UNIX Solaris or what a mountpoint is used for, could someone explain this, what do I have to know about a mountpoint as an administrator?
Tom
(19 rep)
Jun 3, 2021, 08:39 PM
• Last activity: Jun 3, 2021, 11:04 PM
2
votes
1
answers
5831
views
Find out global zone Name once you logged into a NON global zone
I understand in Unix Oracle-Solaris OS the `zoneadm list` command will easily show all the available zones. But if I am logged into a non global zone there is no easy way to get information about the global zone. I see the `arp` command can be of some help because it will return the NIC mac address....
I understand in Unix Oracle-Solaris OS the
zoneadm list command will easily show all the available zones.
But if I am logged into a non global zone there is no easy way to get information about the global zone.
I see the arp command can be of some help because it will return the NIC mac address. Then with the NIC mac address I can arp again to get all the machine name associated with that (NIC) mac address.
This process sounds kind of intricate to me.
Is there any better way to get that info?
ztank1013
(2261 rep)
Sep 29, 2011, 09:00 PM
• Last activity: Sep 27, 2020, 09:50 AM
1
votes
1
answers
1101
views
Dedicated CPU allocation to zone in Solaris 11
I have created a zone called `web` in Solaris 11. Now I want to allocate one dedicated CPU resource to that zone. But it's throwing an error: "No such entry". I did the following... zonecfg:web> select dedicated-cpu select dedicated-cpu: No such entry zonecfg:web>
I have created a zone called
web in Solaris 11. Now I want to allocate one dedicated CPU resource to that zone. But it's throwing an error: "No such entry".
I did the following...
zonecfg:web> select dedicated-cpu
select dedicated-cpu: No such entry
zonecfg:web>
tushar
(37 rep)
Mar 14, 2016, 09:47 AM
• Last activity: Apr 20, 2019, 03:33 PM
0
votes
1
answers
908
views
Determine Solaris server model inside a zone?
I'm a DBA doing some inventory and as part of it, I gather some system info. I'm wondering if it's possible to determine what hardware a zone is running on if you only have access to the zone? I think the answer is "no" because you can't run prtdiag. prtconf also is not available (to any usable exte...
I'm a DBA doing some inventory and as part of it, I gather some system info. I'm wondering if it's possible to determine what hardware a zone is running on if you only have access to the zone?
I think the answer is "no" because you can't run prtdiag. prtconf also is not available (to any usable extent).
Most of what I need (number of cpus, amount of RAM, OS release, etc.) I can get, so this is a bit of icing on the cake to say "it's on an M5000" or whatever. Works fine from a true physical but I think the info is unavailable in a zone. Anything I missed? Thanks!
raindog308
(111 rep)
Nov 15, 2018, 03:40 PM
• Last activity: Nov 22, 2018, 04:38 PM
0
votes
1
answers
641
views
Does Solaris 11.4 support Solaris 11.3 branded zones?
My gut feeling is "no", but an Oracle salesperson told me yes. I am not talking kernel zones here btw.
My gut feeling is "no", but an Oracle salesperson told me yes. I am not talking kernel zones here btw.
Noj
(21 rep)
Oct 24, 2018, 09:02 AM
• Last activity: Nov 8, 2018, 06:18 PM
1
votes
2
answers
895
views
Upgrading Solaris zone to solaris 11
We have solaris zones running in [Sparc T5](https://blogs.oracle.com/orasysat/the-sparc-t5-servers-have-landed) server Currently a solaris zone run Solaris 10 OS version. $uname -a SunOS zone01 5.10 Generic_150400-30 sun4v sparc sun4v Going further, we would like this zone to run Solaris 11 OS versi...
We have solaris zones running in [Sparc T5](https://blogs.oracle.com/orasysat/the-sparc-t5-servers-have-landed) server
Currently a solaris zone run Solaris 10 OS version.
$uname -a
SunOS zone01 5.10 Generic_150400-30 sun4v sparc sun4v
Going further, we would like this zone to run Solaris 11 OS version, because Solaris 10 OS is going End of Support.
-------------------------------------
Critical goal is: We do not want to build new solaris zones(Solaris OS 11) at any cost. We want existing zones to get upgraded to Solaris 11. Why do we use these zones? Because we have a business application running on it, which is the actual usage scenario.
My understanding for upgrade of zone is, shut down all solaris zones and upgrade Sparc T5 server(not solaris zone) from solaris 10 to solaris 11. Start solaris zones after upgrade of Sparc T5 server.
What is the recommended approach to upgrade an OS of an existing solaris zone?
Edit: I read that: "We can simply detach a Zone from one Global Zone (OS) and attach it to another Global Zone on another machine along with the application."
Can't a solaris 10 zone be migrated from version 10 global zone to version 11 global zone? And then upgrade the migrated zone...
overexchange
(1596 rep)
Aug 3, 2018, 06:06 PM
• Last activity: Aug 3, 2018, 10:52 PM
1
votes
0
answers
443
views
How to check the shell of a running process?
I am working on Solaris 11 zone and I need to check which shell a running process is using. I have the PID but I am not sure where to get the information from. I have a scenario where some resource limits (limit on open file descriptors) should be applied to all processes. But it looks like some pro...
I am working on Solaris 11 zone and I need to check which shell a running process is using. I have the PID but I am not sure where to get the information from.
I have a scenario where some resource limits (limit on open file descriptors) should be applied to all processes. But it looks like some processes are not following the limit. It might be possible that they are being launched using a different shell which has different limit parameters.
For a little insight, I am using the
ulimit command in /etc/profile to set the files limit. That way, it gets set for every session, whenever a user logs in. The problem scenario is explained in detail in this question .
So I just need to see whether those processes are using Bash or some other shell. That would answer whether the assumption is correct or not.
Alchemist
(591 rep)
Dec 31, 2017, 06:38 AM
• Last activity: Dec 31, 2017, 11:16 AM
4
votes
1
answers
817
views
Solaris 11 zones, networking and blocked ports
Our Solaris admin quit. We are building a new system. I have been tasked to help. I have a Solaris box with a global zone and 15 non-global zones. Some NGZs can ssh to other NGZ. Many cannot ssh at all. I can zlogin from GZ to all NGZ. Here is how I have tried to troubleshoot: ```` 1) copy a master...
Our Solaris admin quit. We are building a new system. I have been tasked to help.
I have a Solaris box with a global zone and 15 non-global zones.
Some NGZs can ssh to other NGZ. Many cannot ssh at all. I can zlogin from GZ to all NGZ.
Here is how I have tried to troubleshoot:
`
1) copy a master hosts file to all zones
2) ssh -vvv somehost* (for problem zones this hangs at " debug2: ssh_connect: needpriv 0 debug1: Connecting to x.x.x.x [x.x.x.x] port 22."
3) telnet somehost 22 (for problem zones this never connects)
Marinaio
(298 rep)
Oct 27, 2017, 07:56 PM
• Last activity: Dec 1, 2017, 05:28 PM
1
votes
1
answers
1338
views
ZFS mount dataset for zone
I shutdown my non-global zone and umount her point zfs zonepath. command for umount: zfs unmount -f zones-pool/one-zone details: zfs list | grep one zones-pool/one-zone 15,2G 9,82G 32K /zones-fs/one-zone zones-pool/one/rpool/ROOT/solaris 15,2G 9,82G 7,83G /zones-fs/one/root in the above, it is seen...
I shutdown my non-global zone and umount her point zfs zonepath.
command for umount:
zfs unmount -f zones-pool/one-zone
details:
zfs list | grep one
zones-pool/one-zone 15,2G 9,82G 32K /zones-fs/one-zone
zones-pool/one/rpool/ROOT/solaris 15,2G 9,82G 7,83G /zones-fs/one/root
in the above, it is seen that there is an occupied space, 9.82G of 15.2G
more details:
# zfs get mountpoint zones-pool/one-zone
NAME PROPERTY VALUE SOURCE
zones-pool/one-zone mountpoint /zones-fs/one-zone local
# zfs get mounted zones-pool/one-zone
NAME PROPERTY VALUE SOURCE
zones-pool/one-zone mounted no -
but, if I try mount point zfs
I can not see the content
step 1 mount:
zfs mount zones-pool/one-zone
step 2 see mount with df -h:
df -h | grep one
zones-pool/one-zone/rpool/ROOT/solaris 25G 32K 9,8G 1% /zones-fs/one-zone/root
zones-pool/one-zone 25G 32K 9,8G 1% /zones-fs/one-zone
step 3 list content:
ls -l /zones-fs/one-zone/root
total 0
why?
also in step 2, you see that df -h prints 1% used
I do not understand
ymk369
(133 rep)
Nov 30, 2017, 11:02 PM
• Last activity: Dec 1, 2017, 12:30 AM
0
votes
0
answers
244
views
In what scenarios does one have to run privileged LXC 1.x containers
We have a requirement to replace Solaris zones with Linux containers, that's why we are evaluating LXC1 containers. Since it's not safe to run privileged containers, can anyone shed some light as to when it's necessary to run containers in privileged mode? As running them in unprivileged mode would...
We have a requirement to replace Solaris zones with Linux containers, that's why we are evaluating LXC1 containers.
Since it's not safe to run privileged containers, can anyone shed some light as to when it's necessary to run containers in privileged mode? As running them in unprivileged mode would require a lot of tinkering with scarcely documented CAPs (Linux capabilities) apparmor/ selinux contexts, cgroup controls (depending on unique requirements in each application's case)?
Junaid Shahid
(79 rep)
Aug 4, 2017, 11:52 AM
• Last activity: Aug 4, 2017, 12:03 PM
2
votes
1
answers
305
views
What is OS apix module?
I'm using Solaris 10 Update 10 OS on my HPE BL460c Gen8 server. It is recommended by HPE to disable OS apix module, > For ProLiant Gen8 servers, HPE Recommends disabling the OS apix > module. To disable the apix module add the following to the > /etc/system file and reboot the system: set apix_enabl...
I'm using Solaris 10 Update 10 OS on my HPE BL460c Gen8 server. It is recommended by HPE to disable OS apix module,
> For ProLiant Gen8 servers, HPE Recommends disabling the OS apix
> module. To disable the apix module add the following to the
> /etc/system file and reboot the system: set apix_enable = 0
What is this **OS apix module**? What does actually happen when it is disabled?
Amit24x7
(676 rep)
May 17, 2017, 01:58 PM
• Last activity: May 17, 2017, 06:14 PM
2
votes
2
answers
576
views
Solaris 10 non global zones and rc scripts
There are a handful of Solaris zones that run a `rc3.d/` script (which is normal), however, there is a single script that runs during boot and removes itself upon completion. (This is known from viewing the script elsewhere on another box, which is apart of some legacy/defunct programs.) For whateve...
There are a handful of Solaris zones that run a
rc3.d/ script (which is normal), however, there is a single script that runs during boot and removes itself upon completion. (This is known from viewing the script elsewhere on another box, which is apart of some legacy/defunct programs.) For whatever reason the script reappears after every boot of the zone and executed--which has been verified by browsing /var/svc/log/milestone-multi-user-server\:default.log
The problem/question begins with this: **What in the world can cause the script to reappear in rc3.d/?** In fact, there is no rc2.d/ rc3.d/ init.d/ script which run beforehand that might cp the script over to rc3.d/, and the script itself does not seem to reside anywhere in the zone or global. And, a further note, I have not been able to find a (obvious) SMF service that might run a script to do the above action.
frank.s
(66 rep)
May 28, 2014, 10:51 PM
• Last activity: Jan 5, 2017, 06:47 PM
3
votes
1
answers
1053
views
Cannot install zone on Solaris 11
I am trying to install a *zone* on Solaris 11. I am using [these instructions][1]. I get up to *Listing 2* when the error occurs. # zoneadm -z testzone install The following ZFS file system(s) have been created: rpool/zones/testzone Progress being logged to /var/log/zones/zoneadm.20140522T025544Z.te...
I am trying to install a *zone* on Solaris 11. I am using these instructions .
I get up to *Listing 2* when the error occurs.
# zoneadm -z testzone install
The following ZFS file system(s) have been created:
rpool/zones/testzone
Progress being logged to /var/log/zones/zoneadm.20140522T025544Z.testzone.install
Image: Preparing at /zones/testzone/root.
ERROR: an exception occurred.
'NoneType' object has no attribute 'bind'
Please check logs for further information.
ERROR: auto-install failed.
The install log is:
root@solaris-11:~# cat /var/log/zones/zoneadm.20140523T065105Z.testzone.install
[Fri May 23 16:51:05 EST 2014] ==== Starting: /usr/lib/brand/solaris/pkgcreatezone -z testzone -R /zones/testzone ====
[Fri May 23 16:51:05 EST 2014] Progress being logged to /var/log/zones/zoneadm.20140523T065105Z.testzone.install
[Fri May 23 16:51:08 EST 2014] Image: Preparing at /zones/testzone/root.
[Fri May 23 16:51:12 EST 2014] Running auto-install: '/usr/bin/auto-install -z testzone -Z rpool/zones/testzone/rpool -m /tmp/manifest.xml.PCa4ad -c /usr/share/auto_install/sc_profiles/enable_sci.xml'
[Fri May 23 16:51:14 EST 2014] ERROR: auto-install failed.
[Fri May 23 16:51:14 EST 2014] Exiting with exit code 255
[Fri May 23 16:51:14 EST 2014] ==== Completed: /usr/lib/brand/solaris/pkgcreatezone -z testzone -R /zones/testzone ==== root@solaris-11:~# zonecfg -z testzone export
create -b
set brand=solaris
set zonepath=/zones/testzone
set autoboot=true
set bootargs=-m verbose
set ip-type=exclusive
add anet
set linkname=net0
set lower-link=auto
set configure-allowed-address=true
set link-protection=mac-nospoof
set mac-address=random
end root@solaris-11:~# zonecfg -z testzone info
zonename: testzone
zonepath: /zones/testzone
brand: solaris
autoboot: true
bootargs: -m verbose
file-mac-profile:
pool:
limitpriv:
scheduling-class:
ip-type: exclusive
hostid:
fs-allowed:
anet:
linkname: net0
lower-link: auto
allowed-address not specified
configure-allowed-address: true
defrouter not specified
allowed-dhcp-cids not specified
link-protection: mac-nospoof
mac-address: random
mac-prefix not specified
mac-slot not specified
vlan-id not specified
priority not specified
rxrings not specified
txrings not specified
mtu not specified
maxbw not specified
rxfanout not specified
vsi-typeid not specified
vsi-vers not specified
vsi-mgrid not specified
etsbw-lcl not specified
cos not specified
pkey not specified
linkmode not specified
root@solaris-11:~#
Kinesia
(31 rep)
May 25, 2014, 02:17 AM
• Last activity: Dec 30, 2016, 10:51 PM
0
votes
2
answers
326
views
Patching a Solaris flar archive
I have a Solaris flar archive of an old Solaris 10 environment, now I'm not allowed to update the running system in any way so would like to be able to: 1. Extract the flar archive somewhere (without installing it) 2. Apply some Solaris patches to the extracted archive. 3. Repackage the flar archive...
I have a Solaris flar archive of an old Solaris 10 environment, now I'm not allowed to update the running system in any way so would like to be able to:
1. Extract the flar archive somewhere (without installing it)
2. Apply some Solaris patches to the extracted archive.
3. Repackage the flar archive
4. Use the flar archive to setup a branded zone.
Why do it this way? Well because I need a set of minimum patches to get the darned thing to work as a branded zone.
I know how to do step 4 if I ever get to it.
Sprout
(1 rep)
Oct 22, 2015, 07:40 PM
• Last activity: Dec 30, 2016, 08:34 PM
3
votes
3
answers
362
views
Solaris 10 - Is zone isolation sufficient for segregating high and low security servers?
Let's consider the typical scenario of a Web application that has a web server, application server and database server. All servers are located in different network zones separated by firewalls. From the security point of view, is it possible to install all the three servers as Solaris 10 zones on t...
Let's consider the typical scenario of a Web application that has a web server, application server and database server. All servers are located in different network zones separated by firewalls.
From the security point of view, is it possible to install all the three servers as Solaris 10 zones on the same physical server?
Do Solaris zones have security mecanisms to isolate servers to make sure that a compromised Web server could not affect other servers?
tech4505
(31 rep)
Apr 4, 2016, 07:47 PM
• Last activity: Apr 8, 2016, 12:43 PM
0
votes
1
answers
1555
views
Is there a difference between init 0 and 5 in a non-global zone?
Does it make any difference if I shut down a non-global zone with `init 0` or `init 5`? Should one of them be preferred?
Does it make any difference if I shut down a non-global zone with
init 0 or init 5? Should one of them be preferred?
ceving
(3752 rep)
Feb 11, 2016, 03:29 PM
• Last activity: Feb 11, 2016, 04:39 PM
1
votes
0
answers
131
views
Is it a good idea to use zlogin's "safe" login mode to shutdown a zone?
This question refers to Solaris 10, which does not have a `zoneadm` option to cleanly shutdown a non-global zone. We have sometimes problems to shutdown non-global zones using `zlogin init 5`. While reading the man-page of `zlogin` I stumbled upon the "safe" login mode option `-s`. The man-page soun...
This question refers to Solaris 10, which does not have a
zoneadm option to cleanly shutdown a non-global zone.
We have sometimes problems to shutdown non-global zones using zlogin init 5. While reading the man-page of zlogin I stumbled upon the "safe" login mode option -s. The man-page sounds as if the option might have some unpleasant side effect.
> This mode should only be used to recover a damaged zone when other
> forms of login have become impossible.
But the man-page does not explain it any further. This leads to my question: is it a good idea to always use the -s option when trying to shutdown a non-global zone using zlogin?
ceving
(3752 rep)
Feb 11, 2016, 03:50 PM
Showing page 1 of 20 total questions