Monday, July 27, 2015

Building own failsafe image using firefly scripts

I've put some distro-const scripts to the github repo at https://github.com/alhazred/firefly for anyone who wants to build their own illumos-based failsafe image. Current stuff was tested on OmniOS but also should work on OpenIndiana. Anyway the code can be simplified, so any pull-requests and customization are welcome.

Thursday, January 15, 2015

Get pid, user and command for the particular port in illumos


While the Solaris has the updated netstat with -u flag, illumos requires certain improvements in sockinfo, and possibly, rpcbind (tcpConnCreationProcess shows the old PID for rpcbind, until it did not become a demon). With help of pfiles is possible to obtain the desired information about pid for particular port, so I wrote a small pfiles-based utility which allows to determine the PID, user and command for the particular port:

# ./ptcpstat
PROTO           IP               PORT   PID    USER     COMMAND
--------  -------------------    ----- ------ -------- ------------------
AF_INET   127.0.0.1              25    692    root      /usr/lib/smtp/sendmail/sendmail -bl -q15m
AF_INET6  ::1                    25    692    root      /usr/lib/smtp/sendmail/sendmail -bl -q15m
AF_INET   127.0.0.1              587   692    root      /usr/lib/smtp/sendmail/sendmail -bl -q15m
AF_INET6  ::                     22    605    root      /usr/lib/ssh/sshd
AF_INET6  ::                     0     495    root      /usr/lib/inet/in.ndpd
AF_INET   0.0.0.0                520   637    root      /usr/sbin/in.routed
AF_INET   0.0.0.0                0     637    root      /usr/sbin/in.routed
AF_INET   0.0.0.0                10004 685    root      /usr/bin/python2.6 /usr/lib/pkg.depotd --cfg svc:/application/pkg/server:test
AF_INET   0.0.0.0                10000 9354   root      /usr/bin/python2.6 /usr/lib/pkg.depotd --cfg svc:/application/pkg/server:zfs
AF_INET6  ::ffff:198.168.1.1     22    2315   root      /usr/lib/ssh/sshd
AF_INET6  ::ffff:10.8.0.30       56027 2315   root      /usr/lib/ssh/sshd
AF_INET   0.0.0.0                80    1402   root      /usr/bin/python2.6 /usr/lib/pkg.depotd --cfg svc:/application/pkg/server:defaul
AF_INET6  ::ffff:198.168.1.1     22    2314   root      /usr/lib/ssh/sshd
AF_INET6  ::ffff:10.8.0.30       56027 2314   root      /usr/lib/ssh/sshd


Monday, May 19, 2014

How to prevent an IPS package from being upgraded

Recently I had a situation where some incorporating package depends on a package, say foo, version 3.1 and I had to wait for the update exactly to 3.2 and do not allow 3.1.1, 3.1.2, ...
"Freeze" option doesn't help here (may be should?) but it's a possible to use some versioning tricks in incorporating  manifest.
First option is to ensure that required version of 'foo' is published with trailing zero:

    foo@3.1.0
    foo@3.1.1
    foo@3.1.2

Then we can use "depend fmri=foo@3.1.0 type=incorporate" line in incorporating manifest and only upgrade to this version will be allowed.

More reliable option (and you don't need trailing zeros) is to use the timestamp in incorporate dependency:

    depend type=incorporate fmri=foo@3.1:20140507T021327Z

Only upgrade to version 3.1 with specific timestamp will be allowed here.

If foo@3.2 will be published and we want to wait until 3.3, then we can publish a new version of the incorporating package using next dependencies:

depend type=require fmri=foo@3.2
depend type=incorporate fmri=foo@3.2.0

P.S. Many thanks to @binarycrusader

Thursday, May 30, 2013

Firefly: failsafe image for illumos-based distros

If somebody is looking for illumos-based filesafe image, I've created small iso (usb image is available also) at sourceforge. This image provides the same method as old Solaris iso's: looks for bootable root pool, imports it to /a and mounts bootfs:

I hope someone will find this image useful for recovery purposes on any illumos-based distributions.

Friday, September 21, 2012

illumos grep(1) now able to traverse directories

This week I updated illumos grep(1), having added support for recursive searching:
$ man -M /usr/share/man grep
...
     -r
           Read all files under each directory, recursively. Fol-
           low  symbolic links on the command line, but skip sym-
           links that are encountered recursively. If file  is  a
           device, FIFO, or socket, skip it.

     -R
           Read all files under each directory, recursively, fol-
           lowing all symbolic links.

...

Enjoy!

Sunday, February 26, 2012

illumian, a new illumos based distro

This iso has become a rarity: as you know, NCP4 never saw the light:





Nevertheless illumos has now the second distribution - illumian, where the packaging system is the main difference from the OpenIndiana and the first iso has a very simple text-mode installer developed by Nexenta for the NCP distribution.
I hope illumian will continue to grow and improve, and for people who like Solaris but feel it could use a more practical "apt-get", illumian is exceptional.
If you're interesred in joining, feel free to talk in #illumian, or subscribe and make a post to the illumian-dev mailing list.