Book Image

Oracle Solaris 11: First Look

By : Philip P. Brown
Book Image

Oracle Solaris 11: First Look

By: Philip P. Brown

Overview of this book

Oracle Solaris provides innovative, built-in features that deliver breakthrough high availability, advanced security, efficiency, and industry-leading scalability and performance to help businesses grow. "Oracle Solaris 11: First Look" covers the new features and functionality of Oracle Solaris 11 and how these new features and improvements will make it easier to deploy services to the enterprise while improving performance and reducing total cost of ownership.This book starts with coverage of Image Packaging System and the new installation methods. It then moves swiftly to network configuration. The book also includes some security features and improvements.  

Related Content you might be interested in

Current Title:

Small book image
Oracle Solaris 11: First Look
Philip P. Brown
Jan, 2013 | 168 pages
No titles found
Table of Contents (19 chapters)
Oracle Solaris 11: First Look
Oracle Solaris 11: First Look
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
IPS – The Image Packaging System
IPS – The Image Packaging System
The brave new world of IPS
Repositories/repos
Package naming schemes
Overview of package and patch installation
Practical examples of pkg command usage
Dealing with repositories
Package updates and patching
Summary
2
Solaris 11 Installation Methods
Solaris 11 Installation Methods
It's the Oracle of install systems!
Default passwords
Installation from CD-ROM
Overview of how AI install works
Network bootstrap process details
Setting up a local install server with installadm
Common traps and pitfalls
Solaris 11 release version versus support version
Summary
3
Sysadmin Configuration Differences
Sysadmin Configuration Differences
Welcome to the new normal
Host identity: the sysconfig command
Driver configuration: /etc/driver/drv
Network address configuration: ipadm and dladm
Wireless configuration: Stick to the GUI if you can
Miscellaneous differences in system-level configuration
Summary
4
Networking Nuts and Bolts
Networking Nuts and Bolts
Networking re-architected
Orientation to new Solaris 11 networking
Interface naming and IP labels
NWAM – NetWork AutoMagic
IPMP – IP multipathing
Link aggregation
VNIC – Virtual NIC
VLAN tagging
IP tunneling
Bridging
Network resource management
Other changes
Summary
5
NWAM – Networking Auto-reconfiguration
NWAM – Networking Auto-reconfiguration
What is NWAM and how you can use it
Summary
6
ZFS – Now You Can't Ignore It!
ZFS – Now You Can't Ignore It!
ZFS – your future, today
ZFS root – no more UFS
ZFS booting and beadm
ZFS, beadm, and zones
Deduplication now possible
ZFS encryption
ZFS diff between snapshots
Miscellaneous changes and improvements
Summary
7
Zones in Solaris 11
Zones in Solaris 11
Taking things to the next zone
New zone utilities
New zone capabilities
Fast zone creation via clone
Automatic Network Interfaces – the anet resource
Preconfiguring zones
Immutable zones
Summary
8
Security Improvements
Security Improvements
Keeping the horse in the barn
Mandatory auditing
Immutable zones
ProFTPd is the new FTP server
Sudo privileged access tool
Direct root use now blocked by default
Fine-grained RBAC privileges
On-disk encryption
Summary
9
Miscellaneous
Miscellaneous
What's in this chapter anyway?
Virtual consoles, also known as virtual terminals, are back
Fast reboot
CUPS printing
Power management
Notifications triggered by SMF state transitions
Trusted Solaris extras
COMSTAR and iSCSI
Summary
IPS Package Reference
IPS Package Reference
New ACL Permissions and Abbreviations
New ACL Permissions and Abbreviations
Solaris 10 Available Enhancements
Solaris 10 Available Enhancements
ZFS backported enhancements
Other enhancements
Index
Index

Appendix B. New ACL Permissions and Abbreviations

As mentioned in Chapter 6, ZFS – Now You Can't Ignore It, chmod is now responsible for setting ACLs on files. It allows for both a long form and a short form. For convenience, here is a simple table of all ACL types. Please note that some things are only applicable to files, or conversely, to directories. Additionally, sometimes you must use a different verbose name for directories versus files.

It is nice to note that the old standby rwx letter abbreviations in chmod mean the same thing they always have. For convenience, here again is the example usage given previously, to allow user mysql to write to the file /etc/zshrc. The first line is equivalent in result to the second one:

chmod A+user:mysql:write_data:allow/etc/zshrc
chmod A+user:mysql:w:allow/etc/zshrc

The following is a table with the full set of allowable ACLs:

Abbreviation

Verbose parameter

a

read_attributes

A

write_attributes

c

read_acl (allowed to see what the ACLs are)

C

write_acl (allowed to set ACLs)

d

delete (the file)

D (directory only)

delete_child

O

write_owner ( change owner of file/directory)

p (file only)

append_data (not implemented yet)

p (directory only)

add_subdirectory

r (file only)

read_data

r (directory only)

list_directory

S

synchronize (not implemented yet)

R

read_xattr (extended attributes)

w

write_data

W

write_xattr (extended attributes)

x

execute

Previous Section
End of Chapter
Next Chapter