At Sun there are tools which we’ve distributed with Solaris internally through NIS auto mount maps and other things which all depended on NIS. Now with the new OpenSolaris installer a number of us are finding we’ve forgotten how to get NIS setup on a machine and have never setup Real Media RealPlayer, Adobe Flash, or even OpenOffice.
Setting up NIS
On OpenSolaris, since much of the independent developer community uses the domain name system (DNS) for host resolution, etc we have that as the default and didn’t implement a pretty wrapper to setup a system for NIS as has been done in the past. However, the steps aren’t too onerous.
Remove All the “Helpful” Bits
Disable Network Automagic (NWAM) if it doesn’t get along with your system
- Disabling NWAM
- Run svcadm disable physical:nwam; svcadm enable physical:default
- Setup /etc/hostname.<interface>
- Put the hostname of your machine in a file called /etc/hostname.<interface> where interface is your ifconfig(1) interface name (i.e. bge0, yukonx0, etc.)
- Setup /etc/defaultrouter
- Put the router’s IP address in /etc/defaultrouter
- Setup your /etc/netmasks file if you have a non class-C network (non 255.255.255.0 netmask)
- Put in an entry following the form <network> <netmask> (e.g. 172.16.24.0 255.255.252.0)
Configure NIS
- Setup /etc/hosts
- Enter your:
- NIS Server’s IP Address and name(s)
- Your system’s IP Address and nodename (if you also disabled NWAM)
- Setup /detc/defaultdomain
- Put your domain name in the file but remember it is case sensitive (i.e. clay.Boulder.Co.US)
- Setup /etc/nsswitch.conf
- Ensure the following lines have nis in them, so NIS is used to resolve (of course some of these are site specific too, so pick as appropriate):
- passwd
- group
- hosts
- ipnodes
- ethers
- netgroup
- automount
- printers
- auth_attr
- prof_attr
- Change /etc/auto_master for the full IPS experience
- To prevent mounting certain directories through a NIS auto.master map add the following to the end of /etc/auto_master (of course changing the mountpoint as appropriate):
/usr/local -null - Now turn on NIS
- To enable and finish configuring NIS one should now only need to run ypinit -c and follow the prompts:
- Enter the domain name (as entered in /etc/defaultdomain
- Enter the NIS server´s name (as entered into /etc/hosts)
- Ensure the NIS client service is enabled
- To turn on NIS all one should need to do is run svcadm enable nis/client
- Now to check everything
- Everything should be setup and running now, but to make sure run svcs -x nis/client and if in the maintenance state there is a couple of possible reasons:
- The log file says directory /var/yp/bindings/<domainname> not setup
- Run mkdir /var/yp/bindings<domainname> and (for good measure) add /var/yp/binding/<domainname>/ypservers with the name of your NIS server (same as the entry in /etc/hosts in it
- Things don't seem to resolve correctly
- Run ypwhich(1) to see if you are binding to the correct server
- Ensure /var/yp/aliases has your domain name and the keyword ypservers in it
- The correct format for the aliases file is:
<domainname> <domainname>
ypservers ypservers
After trying any of these restart NIS with svcadm restart nis/client
Installing OpenOffice
Installing OpenOffice demonstrates the beauty of the Image Packaging System (IPS). As long as you have a working network connection and can resolve and connect to pkg.OpenSolaris.ORG then all one needs do is enter pfexec pkg install openoffice (or omit pfexec if root), and in a few minutes OpenOffice will be installed into /usr/bin/soffice.
Installing Real Player
Real Media's RealPlayer is very easy to install. Simply go to Real.COM and at this time the option on their main page should be "Download RealPlayer" and you'll want your architecture (for 2008.05 X86). Save the file and then run chmod 755 <filename> and execute the file by typing the full path or ./<filename> to execute it. I've found (if installing as root) that trying to answer Y to "Make Symlinks?" is a bad idea on OpenSolaris. Afterwards, to start RealPlayer just run <your install locations>/realplay.
Installing Adobe Flash
Making the operating system easier to use and having a full web-browsing experience available are two goals we had in mind while creating the Indiana project (the ancestor to OpenSolaris 2008.5), however due to license restriction we could not bundle Adobe Flash. But, the Mozilla project already had an awesome answer to this: If you need to install Adobe Flash go to a website which uses Flash. That's it, click the "Download Plug-in" Option and answer the prompts. It's super simple!
Although if you need to have Flash available for the entire system (as downloading through Firefox's easy way is only for your particular user) then go to Adobe's web-site, click "Get Flash Player" and download Flash for Solaris X86. Then (after expanding the archive -- e.g. bzip2 -dc /tmp/<filename> | tar -xf ) copy the two files (one shared library -- .so -- one Firefox .xpt file) to /usr/lib/firefox/plugins/. Then, you are done; if you really want you can check if it installed correctly by putting about:plugins in your Firefox URL bar and pressing return.
If one has a lone OpenSolaris system surrounded by assorted Linux, is it useful to set up NIS?
Mention of "pfexec" in installing OpenOffice. Reading the man.page I gather that "pfexec" is perhaps the Solaris RBAC equivalent of "sudo" but more complicated.
Housekeeping comment: White text on light gray background is really hard to read.
One can setup NIS between many Linux varieties and OpenSolaris, if one wishes to share password and group credentials (as well as printer and ethernet maps), and anything else NIS can share between the systems. However, I would recommend going forward that institutions look to L(ight) W(eight) D(irectory) A(ccess) P(rotocol) solutions such as Sun’s Java System Enterprise Edition Directory Server, or the OpenD(irectory)S(erver) project backed by Sun.
Yes pfexec (aka profile execute) is a Solaris equivalent of sudo(1) in many ways. It is part of the R(oles)B(ased)A(ccess)C(controls) sub-system of Solaris. Similarly, if one creates a non-root user during install, the root account becomes a role only assumable by authorized users, as defined in the /etc/user_attr file, by default. RBAC provides many very nice ways to ensure administrative tasks are credited (or blamed) upon the proper administrator, and users can perform the tasks they need to be able to perform without compromising system security.
Thank you for the heads up on the theme. I’ll look into alternatives as time permits.
–Update–
Instead of going through all the pain of configuring NIS by hand, use sys-unconfig(1) which many people have reported success with.
Just one typo: defaultdomain file should not be under \/detc\/, but under the normal \/etc\/.
(one shared library — .so — one Firefox .xpt file) to /usr/lib/firefox/plugins/
I have copied both files to above mentioned directory.Firefox 3.0.1 browser did not recognise flash plugin.
Installed Firefox 3.0.1 startup directory is located at /opt/sfw/bin/.
I am not using default 2.0.14 version firefox browser on opensolaris 2008-05.
any sugestion/remedy would be appreciated in order to make flash work on firefox 3.0.1/opensolaris 2008-05
Hi Your NIS setup was very useful.
There was one problem though which
is when user’s home directories are
mounted off an nfs server.
Problem:
On doing an su – <username>
Error:
su: No Directory!
Solution:
Create <username> with home directory
mounted off of server’s home directory’s
nfs share.
For those new to *Solaris, a good starting point for your nsswitch.conf would be a copy of one of the /etc/nsswitch.* templates.
If you’re using NIS for example, just
# cp /etc/nsswitch.nis /etc/nsswitch.conf
and then modify your new nsswitch.conf file (if necessary).
An update for NWAM phase 0.5 one can modify /etc/nwam/llp to provide for static IP addresses i.e.:
yukonx0 static 192.168.0.1
iwk0 dhcp
I can’t get your procedure to work
with OpenSolaris 2008.11. the nis/client service won’t get out of
maintenance mode.
root@mep-6:/net/mep-1/mep# svcs -a | grep nis
disabled Jan_26 svc:/network/rpc/nisplus:default
disabled 17:00:25 svc:/network/nis/server:default
online 16:57:32 svc:/network/nis/xfr:default
online 16:58:49 svc:/network/nis/update:default
online 16:59:10 svc:/network/nis/passwd:default
maintenance 17:01:21 svc:/network/nis/client:default
root@mep-6:/net/mep-1/mep# svcs -x nis/client
svc:/network/nis/client:default (NIS (YP) client)
State: maintenance since Tue Jan 27 17:01:21 2009
Reason: Start method exited with $SMF_EXIT_ERR_CONFIG.
See: http://sun.com/msg/SMF-8000-KS
See: ypstart(1M)
See: /var/svc/log/network-nis-client:default.log
Impact: This service is not running.
The log shows this problem everytime I try to enable
the nis/client service
root@mep-6:/net/mep-1/mep# tail /var/svc/log/network-nis-client:default.log
[ Jan 27 17:01:21 Enabled. ]
[ Jan 27 17:01:21 Executing start method ("/lib/svc/method/yp"). ]
/lib/svc/method/yp: ypbind is already running.
[ Jan 27 17:01:21 Method "start" exited with status 96. ]
root@mep-6:/net/mep-1/mep# cat /var/svc/log/network-nis-client:default.log
Hi Tom,
I’m admittedly not as much a NIS sage as I’d like to understand why ypbind is already running. If it’s a one off thing perhaps rebooting (or killing ypbind) would help.
Also, for anyone, I suggest following Sriram’s Blog for a much more clean set-up and good comments too (http://blogs.sun.com/natarajan/entry/setting_up_static_ip_and).