The Hive Archive

http://www.opensolaris.org/os/community/zfs/source/

Today, I was searching Google for help installing Perl modules through CPAN using the default Solaris Perl. Sadly, my own blog was one of the search results, and it was no help. I guess this entry is going to make the situation even worse.

So I suppose I should put some useful information:

• Solaris Perl is compiled using Sun Studio and not gcc
• You must compile Perl modules with the same compiler Perl was compiled with
• The Blastwave Perl is also uselessly compiled using Sun Studio and not gcc
• Sun Studio is now free instead of thousands of dollars and free to download
• The Sunfreeware Perl Package is compiled with gcc. Go sanity!

I’m sure if you cared enough and wanted to waste time, you could download the Sun Studio compiler just for your handful of Perl modules, or you could download the Sunfreeware package and use gcc, the compiler that God intended you to use. Your choice man. BTW, Sun, you suck.

Device manufacturers still haven’t caught on that floppy drives are no longer standard equipment on most modern machines. I recently came across this issue when trying to install a RAID driver on a Solaris 10 (x86) box, and solved it thusly:


# lofiadm -a /export/home/mmichie/tmp/ARCMSR.DD /dev/lofi/1
# mount -F pcfs /dev/lofi/1 /mnt/floppy/

# mkisofs -R -J -o driverdisk.iso /mnt/floppy/
Total translation table size: 0
Total rockridge attributes bytes: 2428
Total directory bytes: 16384
Path table size(bytes): 122
Max brk space used 10000
278 extents written (0 MB)


In other words, download the raw floppy image and mount it as a loopback device. Then use mkisofs to translate it to an iso. Use your favorite CD-R burning software to burn the ISO. Install your driver disk. This can be done similarly in Linux, the main difference will be mounting the floppy image:

mount -o loop driverdisk.img /mnt

The mkisofs command will be exactly the same as Solaris.

For all you Googlers out there:

If you see the following in /var/cron/log on Solaris:

! bad user (root) or setgid failed (root)

The solution is restarting cron.

Coming from OpenBSD background, installing Solaris can be an eye opening experience. There are many services enabled and listening to the world; luckily for Sun, most Solaris boxes are running on Sparc. Linux used to do the same thing, up until Red Hat starting to get a reputation for getting owned. Finally, there is some sanity at Sun and the Open Solaris project has some design documents on what they are working toward:

Secure by Default Design Specification

SBD is available in Nevada build 42 and greater.

Found the following at http://daemons.net/~matty/blog/?p=456:

SARC case 2004/368 : Secure By Default
BUG/RFE:4875624 *syslogd* turn off UDP listener by default
BUG/RFE:5004374 Ship with remote services disabled by default
BUG/RFE:5016956 By default rpcbind should not listen for remote requests
BUG/RFE:5016975 By default snmpd/dx should not be enabled.
BUG/RFE:5016998 By default inetd should not listen for remote connections.
BUG/RFE:5017041 By default sendmail should not listen for remote connections
BUG/RFE:5046450 Create a greenline profile for Secure by Default installation
BUG/RFE:6267741 RFE: One-touch knob for outbound-only sendmail
BUG/RFE:6414308 syslogd could use some lint soap

Oddly enough, I was just complaining about this myself.

When are we going to start making Operating Systems install secure by default?

$ netstat -a|grep -i listen|awk '{print $1}'
*.sunrpc
*.32771
*.lockd
*.32772
*.32773
*.32774
*.32775
*.32776
*.telnet
*.ftp
*.finger
*.login
*.shell
*.fs
*.32777
*.ssh
*.5987
*.898
*.32778
*.5988
*.32779
*.9010
*.32780
*.32782
*.32781
*.smtp
*.smtp
*.submission
*.telnet
*.ftp
*.finger
*.login
*.shell
*.fs
*.ssh
*.smtp