Friday Dec 12, 2008

Optimizing OpenSolaris With Open Source

Optimization of OpenSolaris hash and cryptographic algorithms using open source from OpenSSL and elsewhere. Optimized ARCFOUR (RC4), MD5, SHA1, SHA2 (SHA256, SHA384, SHA512), and AES on AMD64 and Intel EM64T hardware with 64-bit OpenSolaris.[Read More]

Monday Dec 01, 2008

Solaris IPv6 Packages

Here's some IPv6-capable packages provided for Solaris, which is certified as IPv6-ready. These packages extend IPv6-functionality for a few of the more-obscure applications I tend to use. That is: Lynx for text-only web browsing, NcFTP for file transfer, NTP for time synchronization, and TIN, a text-only NNTP news reader. I built these packages for Solaris 10 and OpenSolaris, for SPARC and X86.[Read More]

Friday Nov 14, 2008

Solaris IPv6 tunnel setup

How to configure and setup a IPv6 tunnel on Solaris and OpenSolaris to connect to the IPv6 network. As IPv4 addresses run out, and non-computer Internet devices become more widespread, IPv6 will become more and more important. [Read More]

Friday Oct 31, 2008

Optimizing Byte Swapping for Fun and Profit

Optimization of OpenSolaris byte-swapping functions, mainly for 64-bit integers on x86 systems.[Read More]

Wednesday Sep 10, 2008

Acrobat Reader 8 for Solaris x86

How to run Acrobat Reader 8 on Solaris x86[Read More]

Tuesday Jan 01, 2008

Upgrading a Linux Server to OpenSolaris

Upgrading a Linux (OpenSUSE) Server to OpenSolaris[Read More]

Friday Nov 30, 2007

Simple Live Upgrade Example For Fun and Profit

Simple example of using Live Upgrade (LU) to clone a root filesystem to create a second Solaris boot slice (Boot Environment or BE).[Read More]

Friday Oct 12, 2007

WiFi (WPA) with Solaris Express on my Thinkpad laptop

Setting up wireless with Solaris SXDE 9/07 on a x86 laptop.[Read More]

Saturday Sep 01, 2007

Ebook File Creation from HTML

Automatically generating ebook file formats from HTML. That is, generating Plain Text, PDF, PalmOS DOC PDB, zTXT, and Plucker from HTML on Solaris or other UNIX-class system[Read More]

Sunday Nov 26, 2006

Using CUPS Print Server for Solaris 10

Using CUPS printing software with Solaris 10[Read More]

Solaris laptop battery status

How to display the battery status from laptops running Solaris.[Read More]

Thursday Nov 16, 2006

Mounting a Linux NFSv4 filesystem on Solaris

Fix for mounting a NFSv4 filesystem from Linux on Solaris (NFSv4 is broken on Linux)[Read More]

Tuesday Oct 31, 2006

The Signature Collection

A collection of email signature tag lines, several with ASCII graphics[Read More]

Tuesday May 02, 2006


Origin of the computer term "cookies"[Read More]

Wednesday Nov 16, 2005

Solaris ZFS and Zones: Simple Example

The following is a simple example of creating a ZFS filesystem and using it to hold a newly-created Solaris Zone (Solaris Container). Zones are in Solaris 10 now. ZFS is a new filesystem in OpenSolaris that allows for large, more reliable filesystems. Tke three key advantages are:

  • Simple administration
  • Data integrity (64-bit checksums on data)
  • Large capacity format for future growth (2\*\*128 512-byte block files). That's 256 quadrillion zettabytes.
Other features are:
  • Filesystems built on virtual storage "pools"
  • Copy-on-write removes need for recovery (no fsck)
  • Dynamic striping and multiple block sizes optimizes throughput (512 to 128K)
  • Optional compression
  • No modifications needed for apps

ZFS software is in packages SUNWzfsr and SUNWzfsu.

Create a ZFS Pool

First, you need a virtual device for ZFS. Normally this would be raw disk (or raw disk slice, if you prefer). However, for testing/demonstration, I'll create a regular file (this takes a few minutes):

# mkfile 5g /virtualDeviceForZFS

Now I create a "ZFS Storage Pool" for one or more ZFS filesystems:

# zpool create poolForZones /virtualDeviceForZFS
# zpool list
NAME                    SIZE    USED   AVAIL    CAP  HEALTH     ALTROOT
poolForZones           4.97G   32.5K   4.97G     0%  ONLINE

To create a mirrored-pool use the keyword "pool" and specify two virtual devices.

Create a ZFS Filesystem

Now, I'll create a ZFS filesystem using the ZFS pool I just created:

# zfs create poolForZones/twilightZone
# zfs set mountpoint=/twilightZone poolForZones/twilightZone
# zpool status -z
  pool: poolForZones
 state: ONLINE
 scrub: none requested

        NAME                    STATE     READ WRITE CKSUM
        poolForZones            ONLINE       0     0     0
          /virtualDeviceForZFS  ONLINE       0     0     0

# mount |grep twilightZone
/twilightZone on poolForZones/twilightZone read/write/setuid/devices/exec/atime/dev=3f50004 on Mon Nov 14 12:34:37 2005
# df -k /twilightZone
Filesystem            kbytes    used   avail capacity  Mounted on
                     5169408       8 5169341     1%    /twilightZone
# ls -l /twilightZone
total 0

Note that /twilightZone is not in /etc/vfstab. Mounting is done automatically at boot time by ZFS:

# grep /twilightZone /etc/vfstab

If you want to allow the filesystem to be managed inside the zone, use the zfs zoned=on option when creating or modifying the filesystem.

Create a Solaris Zone

Use zonecfg to setup your zone:

# zonecfg -z twilightZone
twilightZone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:twilightZone> create
zonecfg:twilightZone> set zonepath=/twilightZone
zonecfg:twilightZone> set autoboot=true
zonecfg:twilightZone> add net
zonecfg:twilightZone:net> set address=
zonecfg:twilightZone:net> set physical=ce0
zonecfg:twilightZone:net> end
zonecfg:twilightZone> verify
zonecfg:twilightZone> commit
zonecfg:twilightZone> exit

Install a Solaris Zone

Now install packages to your Solaris Zone:

# zoneadm -z twilightZone install
/twilightZone must not be group readable.
/twilightZone must not be group executable.
/twilightZone must not be world readable.
/twilightZone must not be world executable.
could not verify zonepath /twilightZone because of the above errors.
zoneadm: zone twilightZone failed to verify

Ooops. We need to set proper permissions. The directory must not be world or group read, write, or execute:

# ls -ld /twilightZone
drwxr-xr-x   2 root     sys            2 Nov 14 12:34 /twilightZone
# chmod go-rxw /twilightZone
# ls -ld /twilightZone
drwx------   2 root     sys            2 Nov 14 12:34 /twilightZone

Try install with zoneadm again.  This takes several minutes:

# zoneadm -z twilightZone install
Preparing to install zone <twilightZone>.
Creating list of files to copy from the global zone.
Copying <2808> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <946> packages on the zone.
Initializing package <252> of <946>: percent complete: 26%
. . .
Initialized <946> packages on zone.
Zone <twilightZone> is initialized.
The file </twilightZone/root/var/sadm/system/logs/install_log> contains a log of the zone installation.

Later, if you wish to halt, uninstall, or delete a zone, use these commands, respectively:

zoneadm -z twilightZone halt
zoneadm -z twilightZone uninstall
zonecfg -z twilightZone delete

By default zonecfg creates a "sparse" zone--that is read-only files are shared from the "global" zone. This saves a lot of space as shown below: only 68 MB is used (as opposed to the 4GB or so for the global zone):

# df -k /twilightZone
Filesystem            kbytes    used   avail capacity  Mounted on
                     5169408   68508 5100754     2%    /twilightZone

If a "sparse" zone isn't desired, use "create -b" instead of "create" in zonecfg above. This prevents the new zone from "inheriting" packages from the global zone. This is called a "whole root" configuration.

The zone has been created, but it won't show up until after the initial boot:

# zoneadm list -v
  ID NAME             STATUS         PATH
   0 global           running        /

Boot and Configure a Solaris Zone

Lets boot the zone and login to the console with zoneadm and zlogin. The initial boot prompts for basic configuration information (language, locale, terminal, hostname, name service, time zone, and root password):

# zoneadm -z twilightZone boot
# zlogin -C twilightZone
[Connected to zone 'twilightZone' console]
Loading smf(5) service descriptions:   1/108
. . .
twilightZone2 console login: root
. . .

Use "~." to disconnect from the console.

More Info

Technorati Tags: ZFS Zones Solaris OpenSolaris

<script type="text/javascript" src=""></script>
<script src=""></script>

Solaris cryptography and optimization.


« February 2016