Thursday Nov 18, 2010

Upgrading from OpenSolaris 2009.06 to Solaris 11 Express 2010.11

In this entry I document my experience of upgrading from OpenSolaris 2009.06 to Solaris 11 Express 2010.11. I selected to include lots of output, in case you want to compare your experience to mine.[Read More]

Tuesday Nov 16, 2010

Video Tutorial: Installing Solaris 11 Express in VirtualBox

Jim Laurent has put together a nice 12 minute screencast on installing Solaris 11 Express in VirtualBox, including how to setup shared folders with the host OS.

The video also covers an important tip, which is that the root password is expired at install time and must be immediately changed. Otherwise, GUI tools prompting for the root password will not work. You can read the details in the release notes: Gksu Does Not Report Expired Password.

Monday Nov 15, 2010

Solaris 11 Express is Here!

After a long, drawn out wait, the latest release of the OpenSolaris distribution, now called Solaris 11 Express, is finally here!

In the 17 months since the last official release of OpenSolaris a lot of new goodies have been added. Some of my favorites:

  • ZFS Deduplication
  • ZFS Encryption
  • Boomer audio subsystem
  • Interactive Text Installer
  • Solaris 10 Zones

For all the details on the new features see the article What's New in Oracle Solaris 11 Express 2010.11.

Key Resources

White Papers

Technical Articles


Product Documentation

Upgrade Note

The Release Notes do include instructions on how to upgrade to Solaris 11 Express from OpenSolaris. If you're still running OpenSolaris 2009.06 (build 111b), you'll first need to update to the never released (until now) 2010.05 (build 134). If you're already on a development build of OpenSolaris, you should be good to go. I also recommend using the command line when running image-update. I've had mixed results when trying to use to the Image Update GUI.

Tuesday Nov 09, 2010

Live Streaming Today from Oracle Solaris Summit

A who's who of Solaris engineers are presenting Solaris 11 Express today at the Oracle Solaris Summit. You can watch a high-definition live stream from the following URL:

If you're unable to watch the live event, it is being recorded and I'll post a link to that when it's available.

Details on the Oracle Solaris Summit 

This FREE all-day event will take deep-dives into each of the major technologies in Oracle Solaris 11 Express that you'll need to understand to deploy Oracle Solaris 11 in the enterprise. Each discussion is led by a Solaris engineering or technical expert.

Tuesday, Nov 9, 2010 in Ballroom A4/A5, San Jose Convention Center. The summit starts at 9:00 AM Pacific Standard Time. You can see what time that is for you here.


    \* 9:00 am - 9:30 am - Introduction to Oracle Solaris 11 Express, - Markus Flierl
    \* 9:30 am - 11:00 am - Image Packaging System - Bart Smaalders
    \* 11:00 am - 12:30 pm - Deploying Oracle Solaris 11 in the Enterprise -Dave Miner
    \* 12:30 pm - 1:30 pm - LUNCH BREAK
    \* 1:30 pm - 2:30 pm - Advances in Solaris Networking with Crossbow and Beyond - Nicolas Droux
    \* 2:30 pm - 3:00 pm - Oracle Solaris Containers in Oracle Solaris 11 Express - Dan Price
    \* 3:00 pm - 3:15 pm - BREAK
    \* 3:15 pm - 4:15 pm - ZFS Features in Oracle Solaris Express - Cindy Swearingen
    \* 4:15 pm - 4:45 pm - New Security Features in Oracle Solaris 11 Express - Glenn Faden
    \* 4:45 pm - 5:30 pm - Deploying Applications Using SMF and Other Solaris 11 Features - Liane Praza

Wednesday Nov 03, 2010


I was about to write a new blog on Solaris' Fault Management Architecture when I realized my friend Bob Netherton has beaten to it by almost 3 years.

We like to tout the benefits of FMA a lot, but it's often hard to demonstrate because you don't want to go around destroying CPUs and memory modules just to see FMA in action. However, by creating a ZFS pool with files as disks, it's quite easy to demonstrate and that's exactly what Bob does in his blog ZFS and FMA - Two great tastes ......

Note, there's also an FMA Demo Kit that you can use to simulate faults to other hardware components, but I haven't played with that myself yet. Other resources I found helpful:

Friday Oct 15, 2010

Associating a PID with a Service

The question of how to associate a process id with a SMF service recently came across an internal alias and I thought it was worth sharing.

Take this generic looking Java process:

bleonard@opensolaris:/system$ ps -fp 949
     UID   PID  PPID   C    STIME TTY         TIME CMD
    root   949   947   0   Oct 11 ?           3:46 /usr/jdk/jdk1.6.0_13/bin/java -Xms4M -Xmx128M -D

If I'd like to trace back to which SMF service started this process, I start by getting the process' contract ID:

bleonard@opensolaris:/system$ ps -o ctid -p 949

I can then use the ctstat command to cross reference the contract ID to the SMF service:

bleonard@opensolaris:/system$ ctstat -vi 59
59      0       process owned   7       0       -       -       
	cookie:                0x20
	informative event set: none
	critical event set:    core signal hwerr empty
	fatal event set:       none
	parameter set:         inherit regent
	member processes:      947 949
	inherited contracts:   none
	service fmri:          svc:/application/management/common-agent-container-1:default
	service fmri ctid:     59
	creator:               svc.startd
	aux:                   start

And just to go full circle:

bleonard@opensolaris:/system$ svcs -lp  common-agent-container-1
fmri         svc:/application/management/common-agent-container-1:default
name         Cacao, a common Java container for JDMK/JMX based management solution
enabled      true
state        online
next_state   none
state_time   Mon Oct 11 12:54:59 2010
logfile      /var/svc/log/application-management-common-agent-container-1:default.log
restarter    svc:/system/svc/restarter:default
contract_id  59 
dependency   require_all/none svc:/system/filesystem/local (online)
dependency   require_all/none svc:/network/initial (online)
process      947 /usr/lib/cacao/lib/tools/launch -w /var/run/cacao/instances/default/run -L 1638
process      949 /usr/jdk/jdk1.6.0_13/bin/java -Xms4M -Xmx128M -D

For a nice little tutorial on contracts, check out this Contract Subsystem Lab.

Wednesday Oct 06, 2010

IPS Search and Actions

When searching for an IPS package, I usually type something quick and simple like:

bleonard@opensolaris:~$ pkg search netbeans
INDEX      ACTION    VALUE                     PACKAGE
description set       NetBeans                  pkg:/libnb-php@6.5.1-0.111
description set       NetBeans                  pkg:/libnb-groovy@6.5-0.86
description set       NetBeans                  pkg:/netbeans-java@6.5.1-0.111

And scroll through the result list hoping to find what I'm looking for. However, in my example above, that's 437 lines!

bleonard@opensolaris:~$ pkg search netbeans | wc -l

Often times I'll shorten the list by grepping for my build:

bleonard@opensolaris:~$ pkg search netbeans | grep 111
description set       NetBeans                  pkg:/libnb-php@6.5.1-0.111
description set       NetBeans                  pkg:/netbeans-java@6.5.1-0.111
description set       NetBeans                  pkg:/libnb-visualweb@6.5.1-0.111

Which reduces the list down to 134 for this example:

bleonard@opensolaris:~$ pkg search netbeans | grep 111 | wc -l

However, I generally tend to ignore the first two columns, INDEX and ACTION. Actions, in the case of IPS, are actually nouns and not verbs as the name would lead you to expect. Actions are the things that get installed (files, directories, links, drivers, licenses, users, groups, etc). Here's a nice description of the Actions in IPS.

When you perform a search, the search string is checked against all of these actions types, which as seen above, can produce a lot of results. For example, 5 of the 134 results above all refer to the same package, pkg:/sunstudioexpress@0.2009.3.1:

bleonard@opensolaris:~$ pkg search netbeans | grep 111 | grep pkg:/sunstudioexpress@0.2009.3.1
basename   dir       opt/SunStudioExpress/prod/nb-dbxtool/ide10/docs/org/netbeans pkg:/sunstudioexpress@0.2009.3.1-0.111
basename   dir       opt/netbeans-6.5ss/ide10/docs/org/netbeans pkg:/sunstudioexpress@0.2009.3.1-0.111
basename   file      opt/SunStudioExpress/prod/nb-dbxtool/bin/netbeans pkg:/sunstudioexpress@0.2009.3.1-0.111
basename   file      opt/netbeans-6.5ss/bin/netbeans pkg:/sunstudioexpress@0.2009.3.1-0.111
basename   link      opt/SunStudioExpress/netbeans pkg:/sunstudioexpress@0.2009.3.1-0.111

That's because the search results are returning 3 directories, 2 files and 1 link, all in the same package, that contain the search string "netbeans".

If you just want to see a list packages that match the search string, use the -p option.

bleonard@opensolaris:~$ pkg search -p netbeans | grep 111 
pkg:/amp-dev@0.5.11-0.111 (
pkg:/developer/netbeans/plugin/nb-dtrace@1.0-0.111 (
pkg:/developer/sunstudio12u1@12.1.1-0.111 (

This returns a much more reasonable 60 results with just the package names, making the result list much more easier to read through. I wish -p was the default option, rather than the -a (which shows the matching actions).

Wednesday Sep 29, 2010

ps tip

I often use the ps -ef command when looking for a running process. However, sometimes I'm frustrated by the fact that ps truncates the the CMD output. As an example:

bleonard@opensolaris:~$ ps -ef | grep evolution-data
bleonard 15803     1   0   Sep 27 ?           0:00 /usr/lib/evolution-data-server-1.2/evolution-data-server-2.24 --oaf-activate-i

In a recent opensolaris-help forum post, Mike Meyer provided some undocumented BSD compatible options to get more details:

I habitually use "ps auxww" (note no "-" - bsd ps doesn't require it, and that triggers the BSD mode of /usr/bin/ps), which is all processes (ax) in a "user" (u) format. No w option truncates each line at 80 characters, one w option truncates each line at 132 characters, and two w options doesn't truncate it at all.

So, for my example:

bleonard@opensolaris:~$ ps auxww | grep evolution-data
bleonard 15803  0.0  0.22351610840 ?        S   Sep 27  0:00 /usr/lib/evolution-data-server-1.2/evolution-data-server-2.24 --oaf-activate-iid=OAFIID:GNOME_Evolution_DataServer_CalFactory:1.2 --oaf-ior-fd=28

Of course, as it was also pointed out, once you know the process id you can get the same argument information, in a more readable format using, the pargs command:

bleonard@opensolaris:~$ pargs 15803
15803:	/usr/lib/evolution-data-server-1.2/evolution-data-server-2.24 --oaf-activate-ii
argv[0]: /usr/lib/evolution-data-server-1.2/evolution-data-server-2.24
argv[1]: --oaf-activate-iid=OAFIID:GNOME_Evolution_DataServer_CalFactory:1.2
argv[2]: --oaf-ior-fd=28

Or, in single line as pointed out in the comments below:

bleonard@opensolaris:~$ pgrep evolution-data | xargs pargs 
15803:	/usr/lib/evolution-data-server-1.2/evolution-data-server-2.24 --oaf-activate-ii
argv[0]: /usr/lib/evolution-data-server-1.2/evolution-data-server-2.24
argv[1]: --oaf-activate-iid=OAFIID:GNOME_Evolution_DataServer_CalFactory:1.2
argv[2]: --oaf-ior-fd=28

Tuesday Sep 28, 2010

Understanding the Space Used by ZFS

Until recently, I've been confused and frustrated by the zfs list output as I try to clear up space on my hard drive.

[Read More]

Monday Sep 27, 2010

The Second Sighting

The ObservatoryTwo years ago we started The Observatory shortly after the first release of OpenSolaris hit the streets. Since then we've published over 200 entries to which we've received almost 1000 comments and we've consistently been a top 20 blog at (or what we simply call bsc).

A couple of weeks back, John Fowler, EVP of Systems here at Oracle, delivered a strategy webcast where he outlined the future of Solaris. In that webcast, John finally announced what we've all been anticipating as we've watched the evolution of OpenSolaris - Solaris 11. And just last week at Oracle OpenWorld, Solaris 11 Express, which had only been a rumor up to this point, was finally officially announced.

To that extent, we also want to evolve The Observatory as we move forward with the future of Oracle Solaris. Therefore, we are making a slight adjustment to the tagline of this blog, moving from "A Closer Look at Using OpenSolaris" to "A Closer Look at Using Oracle Solaris", which will cover all Oracle Solaris technologies, including OpenSolaris (call me crazy like a fox, but I'm still running OpenSolaris 2009.06).

So, for the most part, the song remains the same, we just have an updated album cover.

Friday Aug 06, 2010

Distribution Constructor

One of the features that shipped with OpenSolaris 2008.11 was the ability to create your own custom distributions of the product. This is pretty powerful if you want to deploy OpenSolaris throughout your organization tailored to your users' needs. [Read More]

Friday Jul 16, 2010

Process Arguments and Environment Variables

If you want to quickly determine the arguments or environment variables used by a process, pargs, one of a handful of very useful proc tools, is for you.

For example, NetBeans is started with a bunch of arguments. Rather than hunting through the netbeans configuration files, I can locate netbeans' process id:

bleonard@opensolaris:~$ ps -ef | grep netbeans
bleonard  5215     1   0 17:35:16 ?           0:00 /bin/bash /usr/netbeans/bin/../platform10/lib/nbexec --userdir /export/home/ble
Then simply run:
bleonard@opensolaris:~$ pargs 5215
5215:	/bin/bash /usr/netbeans/bin/../platform10/lib/nbexec --userdir /export/home/ble
argv[0]: /bin/bash
argv[1]: /usr/netbeans/bin/../platform10/lib/nbexec
argv[2]: --userdir
argv[3]: /export/home/bleonard/.netbeans/6.7
argv[4]: --jdkhome
argv[5]: /usr/java
argv[6]: --branding
argv[7]: nb
argv[8]: --clusters
argv[9]: /usr/netbeans/nb6.7:/usr/netbeans/ergonomics1:/usr/netbeans/ide11:/usr/netbeans/java2:/usr/netbeans/bin/../xml2:/usr/netbeans/apisupport1:/usr/netbeans/webcommon1:/usr/netbeans/websvccommon1:/usr/netbeans/enterprise5:/usr/netbeans/bin/../mobility8:/usr/netbeans/profiler3:/usr/netbeans/ruby2:/usr/netbeans/bin/../python1:/usr/netbeans/php1:/usr/netbeans/bin/../visualweb2:/usr/netbeans/bin/../soa2:/usr/netbeans/identity2:/usr/netbeans/bin/../uml6:/usr/netbeans/harness:/usr/netbeans/cnd2:/usr/netbeans/dlight1:/usr/netbeans/groovy1:/usr/netbeans/bin/../extra:/usr/netbeans/bin/../javafx2:
argv[10]: -J-Dnetbeans.importclass=org.netbeans.upgrade.AutoUpgrade
argv[11]: -J-Dnetbeans.accept_license_class=org.netbeans.license.AcceptLicense
argv[12]: -J-Xmx512m
argv[13]: -J-client
argv[14]: -J-Xss2m
argv[15]: -J-Xms32m
argv[16]: -J-XX:PermSize=32m
argv[17]: -J-XX:MaxPermSize=200m
argv[18]: -J-Xverify:none
argv[19]: -J-Dapple.laf.useScreenMenuBar=true
argv[20]: -J-Dsun.java2d.noddraw=true

To see the environment variables available to a process, use the -e option. For example, here are some of the relevant variables used by sqlplus:

bleonard@opensolaris:~$ pargs -e `pgrep sqlplus`
7114:	sqlplus
envp[0]: ORACLE_HOME=/export/home/bleonard/Download/instantclient_11_2
envp[12]: LD_LIBRARY_PATH=/export/home/bleonard/Download/instantclient_11_2
envp[48]: _=/export/home/bleonard/Download/instantclient_11_2/sqlplus

Thursday Jul 15, 2010


Continuing on the thread of who logged in last, Richard Hamilton has provided a nice little C program to dump the contents of /var/adm/lastlog. Here's what he has to say about lastlog:

/var/adm/lastlog: this file is an array of fixed-sized binary records, containing a single timestamp (time of last login), the tty name, and for remote logins, the host name or IP (in text form, but only 16 characters long). The UID of the user is the record number. That means the file may appear gigantic, but it's actually sparse on disk, not nearly as large as it appears. But most copy/backup/archive utilities do not preserve sparseness, so they would produce a copy that was as large as it appeared.

I've attached the source for a program that will dump out this file in readable form. Remember, there's only one entry per UID, so it will show only the single most recent login time (even if they're logged in more than once at a time), and it does not show logouts. But with a fixed set of users, it doesn't grow, so people tend to leave it alone and not blow it away. In other words, it may not be all the information you want, but it's more likely to be there.

To build the program, you'll need a C compiler. If you don't already have one installed, there are several to choose from, but for this small C program I'm going with The GNU C compiler.

bleonard@os200906:~$ pfexec pkg install SUNWgcc
DOWNLOAD                                    PKGS       FILES     XFER (MB)
Completed                                    4/4   2100/2100   30.26/30.26 

PHASE                                        ACTIONS
Install Phase                              2537/2537 

Once SUNWgcc is installed, download lastlog.c and compile it as follows:

bleonard@os200906:~/Downloads$ gcc lastlog.c -o lastlog

Then run it to see the contents of /var/adm/lastlog:

bleonard@os200906:~/Downloads$ ./lastlog 
root       console  Fri Dec  5 18:47:28 2008 
bleonard   console  Wed Jul 14 11:26:48 2010 
karl       pts/5    Thu Jul 15 11:12:57 2010


Just a quick tip as this question came across the opensolaris-help forum - "How can I (as admin) find out when a certain user e.g. "karl" most recently logged in and most recently logged out of a system?"

The simple answer is last:

bleonard@opensolaris:~$ last karl 
karl      pts/5         Thu Jul 15 11:12   still logged in
karl      sshd         Thu Jul 15 11:12   still logged in
karl      pts/5        opensolaris      Thu Jul 15 11:11 - 11:12  (00:00)
karl      sshd         opensolaris      Thu Jul 15 11:11 - 11:12  (00:00)

Thursday Jun 24, 2010

Monitoring OpenSolaris from your iPhone, iPod or iPad

Yes, there's an app for that too. Karim Berrah has put together a nice blog on how to build iStat so you can monitor your OpenSolaris servers from your iPhone, iPod Touch or iPad. Cool stuff! 


The Observatory is a blog for users of Oracle Solaris. Tune in here for tips, tricks and more as we explore the Solaris operating system from Oracle.

Connect with Oracle Solaris:


« April 2014