Book Image

Oracle Solaris 11 Advanced Administration Cookbook

By : Alexandre Borges
Book Image

Oracle Solaris 11 Advanced Administration Cookbook

By: Alexandre Borges

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Oracle Solaris 11 Advanced Administration Cookbook
Alexandre Borges
Oct, 2014 | 478 pages
No titles found
Table of Contents (17 chapters)
Oracle Solaris 11 Advanced Administration Cookbook
Oracle Solaris 11 Advanced Administration Cookbook
Credits
Credits
About the Author
About the Author
Acknowledgments
Acknowledgments
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
IPS and Boot Environments
IPS and Boot Environments
Introduction
Determining the current package publisher
Listing and collecting the information and dependencies of a package
Installing a package, verifying its content, and fixing the package corruption
Managing the IPS history and freezing and uninstalling packages
Discovering the IPS Package Manager interface
Creating, activating, and destroying a boot environment
Listing and renaming a boot environment
Configuring an IPS local repository
Configuring a secondary IPS local repository
Publishing packages into a repository
Adding big applications into a repository
Creating your own package and publishing it
Managing an IPS publisher on Solaris 11
Pinning publishers
Changing the URI and enabling and disabling a publisher
Creating a mirror repository
Removing a repository and changing the search order
Listing and creating a boot environment
Mounting, unmounting, installing, and uninstalling a package in an inactive boot environment
Activating a boot environment
Creating a boot environment from an existing one
References
2
ZFS
ZFS
Introduction
Creating ZFS storage pools and filesystems
Playing with ZFS faults and properties
Creating a ZFS snapshot and clone
Performing a backup in a ZFS filesystem
Handling logs and caches
Managing devices in storage pools
Configuring spare disks
Handling ZFS snapshots and clones
Playing with COMSTAR
Mirroring the root pool
ZFS shadowing
Configuring ZFS sharing with the SMB share
Setting and getting other ZFS properties
Playing with the ZFS swap
References
3
Networking
Networking
Introduction
Playing with Reactive Network Configuration
Internet Protocol Multipathing
Setting the link aggregation
Configuring network bridging
Configuring link protection and the DNS Client service
Configuring the DHCP server
Configuring Integrated Load Balancer
References
4
Zones
Zones
Introduction
Creating, administering, and using a virtual network in a zone
Managing a zone using the resource manager
Implementing a flow control
Working with migrations from physical Oracle Solaris 10 hosts to Oracle Solaris 11 Zones
References
5
Playing with Oracle Solaris 11 Services
Playing with Oracle Solaris 11 Services
Introduction
Reviewing SMF operations
Handling manifests and profiles
Creating SMF services
Administering inetd-controlled network services
Troubleshooting Oracle Solaris 11 services
References
6
Configuring and Using an Automated Installer (AI) Server
Configuring and Using an Automated Installer (AI) Server
Introduction
Configuring an AI server and installing a system from it
References
7
Configuring and Administering RBAC and Least Privileges
Configuring and Administering RBAC and Least Privileges
Introduction
Configuring and using RBAC
Playing with least privileges
References
8
Administering and Monitoring Processes
Administering and Monitoring Processes
Introduction
Monitoring and handling process execution
Managing processes' priority on Solaris 11
Configuring FSS and applying it to projects
References
9
Configuring the Syslog and Monitoring Performance
Configuring the Syslog and Monitoring Performance
Introduction
Configuring the syslog
Monitoring the performance on Oracle Solaris 11
References
Index
Index

Playing with least privileges

Oracle Solaris 11, like other good UNIX-like operating systems, has a flaw in its inception; there is a privileged account called root that has all special privileges on a system and other accounts that have limited permissions such as regular users. Under this model, a process either has all special privileges or none. Therefore, if we grant permission for a regular user to run a program, usually we are granting much more than is needed, and unfortunately, it could be a problem if a hacker is to crack the application or the system.

In Oracle Solaris 10, developers have introduced a wonderful feature to make the permissions more flexible; least privilege. The base concept is easy; the recommendation is to only grant the necessary privilege for a process, user, or program in order to reduce the damage in case of a serious security breach. For example, when we manage the filesystem's security by applying read, write, and execute rights, we usually grant much more...

Previous Section
End of Section 4
Next Section