Solved

Solaris install pointers

Posted on 2003-10-22
7
343 Views
Last Modified: 2013-12-27
OK, say that tomorrow you've got to install Solaris 8 (SunOS 5.8) on a SparcServer 20 (no laughing!) with 384 MB, OpenBoot v2.25, 2 internal drives (2GB, 8GB) and an external Exabyte 8mm DAT tape drive. Its got a GX card and a Sun monitor and is going to be hooked to a simple Ethernet network and a public IP address (behind a firewall, natch). Its going to be a jack-of-all-trades box - shuffle some E-Mail (sendmail v8.12), host a few web pages (Apache 2), hold a couple of shell accounts, a little FTPing here and there, mebbe have a DNS zone or two as a slave (BIND 8). Nothing exceptionally strenuous, but a lot of different things. It'll have the usual GNU and other software added to it - gcc, perl, yadda, yadda....

So you slap on v8, then.....?

1a) Do you put on Maintenance Update #7 first, and then the Recommended Patch Cluster, or is the Cluster first? Or do you need both?

1b) The Maintenance Update is about twice the size of the Cluster. What does the Recommended Cluster omit that the Maintenance Update has? Or do they cover completely different ground?

2) Are there any specific patches not found in the Update or Cluster that you would put on?

3) Any pitfalls between a fully patched v8 install and latest versions of major programs/utilities (for example "Don't run gcc v3.3.2 with Patch 12345-01!!!")

4) A pointer/link to Solaris hardening references that specifically cover v8 would be appreciated.

This doesn't strike me as a very hard Question, but I do need the info soon. Replies that manage not to laugh at the pizza box get extra points. :-)
0
Comment
Question by:PsiCop
7 Comments
 
LVL 24

Accepted Solution

by:
shivsa earned 100 total points
ID: 9603530
1. Maintenance update is like a update to Solaris itself. they provide you with a complete set of Solaris patches that have been tested as a unit and can be easily installed or deinstalled. You can simply add the update to your existing Solaris computing environment and have improved system stability and performance.

1b. recommend cluster is a set of patches till todate. it will be having more latest fixes than the maintenance update(if that is a little old).
because it is released more often.

recommended:
install latest maintenance update and than if u have patch cluster released after that maintenance update, install it on top of this.The one on the MU may be several months out of date.

3. The Solaris patch clusters do not always include all patches that may be preferred for complete system functionality. Individual patch README files contain additional information regarding related patches that may be desired for complete fixes to reported problems. Additionally, certain hardware platforms may require specific patches that are not included in the patch cluster. Please consult Sun Solaris documentation, specifically installation release notes, and Sun's Web site sunsolve.sun.com for further information.

4. http://www.yassp.org/os.html



0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 100 total points
ID: 9603597
1.
"1a) Do you put on Maintenance Update #7 first, and then the Recommended Patch Cluster, or is the Cluster first? Or do you need both?

1b) The Maintenance Update is about twice the size of the Cluster. What does the Recommended Cluster omit that the Maintenance Update has? Or do they cover completely different ground?"

shivsa  already give you a good explanation, have a look at the following Sun docs to
get more details:

http://www.sun.com/service/support/sw_only/pmstrategies10.02.pdf

When you have very limites HD SPACE, you can skip the Maintenance Update,  but you MUST
apply the latest recommended path (critical !). if you really want to save disk space, install it
with "nosave" option

2) Are there any specific patches not found in the Update or Cluster that you would put on?

It might happen, eg, if you only apply the latest recommended path, and you want to install
a special appliction software with might require the system add a particular Solaris package
/patch, this is not happen that often.

0
 
LVL 38

Expert Comment

by:yuzh
ID: 9603619
Sorry, I type in a <enter> key!

Now keep going:

3) Any pitfalls between a fully patched v8 install and latest versions of major programs/utilities (for example "Don't run gcc v3.3.2 with Patch 12345-01!!!")

after you install the lates recommended path cluster, you shouldn't have problem
with gcc compiler, unless there is bug in the compiler. You can alway download
the free tools from:
http://sunfreeware.com/

4) A pointer/link to Solaris hardening references that specifically cover v8 would be appreciated.

have a look at:

http://oldlook.experts-exchange.com/Operating_Systems/Solaris/Q_20489173.html
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 38

Expert Comment

by:yuzh
ID: 9603652
0
 
LVL 1

Assisted Solution

by:riaanvd
riaanvd earned 100 total points
ID: 9603799
Go for the standard solaris install and then apply the solaris 8 recommended patches. The system should be able to run the OS even if it is a bit slow. The rest of the stuff is basically OS dependant so if the OS runs fine your other apps and utils will run fine.
A good link for security is:
http://www.sun.com/bigadmin/collections/security.html
For extra patches you need to look on:
sunsolve.sun.com
The best would be to test it and start an install if the machine is available. I can't see any reason why it shouldn't work.

good luck.
Riaan
0
 
LVL 34

Author Comment

by:PsiCop
ID: 9619994
Thank you all for your comments. I know where to get the patches, I have a SunSolve account, I just needed some pointers on Tab A vs. Slot B.

Since everyone contributed useful information, I'm going to split the points evenly.  I appreciate the pointers.
0
 
LVL 34

Author Comment

by:PsiCop
ID: 9620008
And since no one laughed at my server box (altho riaanvd did say it was slow) I'll up the points.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now