If you run Windows XP home, XP Pro, Linux (Red Hat, Fedora, Ubuntu, Suse), Solaris 10 or Solaris Express this tool will tell you what will work or wont work in Solaris Express Developer Edition:
Sun Solaris Express tool (WARNING, V1.0, see note below for V2.0) (Java web start)
If you are:
Download Solaris
or media:
DVD (free)
[10/04/2007]
Note: a new version of SDD is available at:
http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=8&PartDetailId=SDDT-2.0-G-F&TransactionId=noreg
Click accept, then click Sun Device Detection Tool 2.0, English, run and select Solaris 10 8/07 or Solaris Express Developer Edition 9/07.
Muy Bien, Sun!
Tuesday, February 27, 2007
Tuesday, February 20, 2007
Solaris in music and image
We are blogging on a light note today!
In 1983, Radio-Canada broadcasted "The Mysterious Cities of Gold" (in French), a France, Luxemburg, Japan coproduction.
In this animated series was found an interesting, solar powered ship, the Solaris.
A musical theme by Haim Saban and Shuki Lévy was found throughout the episodes, including those with the Solaris.
Original soundtrack:
Majestueux Solaris (MP3)
Remake #1:
Majestueux Solaris A (MP3)
Remake #2:
Majestueux Solaris B (MP3)
It works with RealPlayer (Solaris 10 or Nevada), or with Rhythmbox (Solaris Nevada).
See citesdor.com for more details.
Wednesday, February 14, 2007
Solaris Express Developer Edition (2/07)
Well, it is finally available. I had mentionned before on SunQuebecthat the next release of Solaris Express would be interesting, and the reason is: the DVD now includes Sun Studio 11 and Netbeans 5.5. So it is now a complete environment.
It can be found here:
http://developers.sun.com/solaris/downloads/solexpdev/
This build also includes firefox 2, star office 8, and Sun is trying to appeal to LAMP developers with SAMP (Solaris, Apache, MySQL et PHP). Sun Web Server 7 is available and Postgresql has been included for a while now, so it's not a huge addition, but it makes for a pretty complete distribution.
Currently it is only x86/x64, but you can get equivalent functionality under Sparc with Solaris Express Community Edition B55 and above. I have B56, but B57 is now available.
The next Community Edition to keep an eye out for will be B60. This will include bootable ZFS for x86/x64, and I would guess it might appear in Solaris Express 4/07 if I understand the revision cycle, altough I now read that Solaris Express will now be quarterly so that might be 5/07.
François
It can be found here:
http://developers.sun.com/solaris/downloads/solexpdev/
This build also includes firefox 2, star office 8, and Sun is trying to appeal to LAMP developers with SAMP (Solaris, Apache, MySQL et PHP). Sun Web Server 7 is available and Postgresql has been included for a while now, so it's not a huge addition, but it makes for a pretty complete distribution.
Currently it is only x86/x64, but you can get equivalent functionality under Sparc with Solaris Express Community Edition B55 and above. I have B56, but B57 is now available.
The next Community Edition to keep an eye out for will be B60. This will include bootable ZFS for x86/x64, and I would guess it might appear in Solaris Express 4/07 if I understand the revision cycle, altough I now read that Solaris Express will now be quarterly so that might be 5/07.
François
Monday, February 12, 2007
Secure By Default
Learn to love SBD.
When doing the initial install of Solaris 10, select the secure by default (SBD) option. If this is Solaris Nevada, no option is given, it will be (mostly) secure by default. If the install is an upgrade, then it will not change the previous install. To activate the secure profile, run the following:
# /usr/sbin/netservices limited
Note that this will only allow local smtp and rpc, and only ssh remotely, so be careful if you are on a production box, everything else is tight.
Why should you care? Because you are safe from the latest Solaris 10 hack. If you haven't heard of it yet, you might want to search the web and learn more. Basically, it enables an attacker to telnet into a Solaris 10 machine.
I decided to head over the OpenGrok OpenSolaris source code browser, and look at login.c:
In login.c:
524 /* ONC_PLUS EXTRACT START */
525 /*
526 * validate user
527 */
528 /* we are already authenticated. fill in what we must, then continue */
529 if (fflag) {
530 /* ONC_PLUS EXTRACT END */
531 if ((pwd = getpwnam(user_name)) == NULL) {
532 audit_error = ADT_FAIL_VALUE_USERNAME;
533
534 log_bad_attempts();
535 (void) printf("Login failed: unknown user '%s'.\n",
536 user_name);
537 login_exit(1);
538 }
539 /* ONC_PLUS EXTRACT START */
540 } else {
541 /*
542 * Perform the primary login authentication activity.
543 */
544 login_authenticate();
545 }
So as long as the f flag is set, it never does the login_authenticate(). If that option was somewhat injected in a string...
1399 case 'f':
1400 /*
1401 * Must be root to bypass authentication
1402 * otherwise we exit() as punishment for trying.
1403 */
1404 if (getuid() != 0 || geteuid() != 0) {
1405 audit_error = ADT_FAIL_VALUE_AUTH_BYPASS;
1406
1407 login_exit(1); /* sigh */
1408 /*NOTREACHED*/
1409 }
1410 /* save fflag user name for future use */
1411 SCPYL(user_name, optarg);
1412 fflag = B_TRUE;
1413 break;
Quite the punishment for trying, no? This is similar to an old rlogin issue.
Sun Studio now has a thread analyzer that does race detection and other similar complex detection of problems in your code. Maybe security hole detection should be next? :)
So why did this come back?
54 * -f: This flag was introduced by PSARC 1995/039 in support
55 * of Kerberos. But it's not used by Sun's Kerberos implementation.
56 * It is however employed by zlogin(1), since it allows one to tell
57 * login: "This user is authenticated." In the case of zlogin that's
58 * true because the zone always trusts the global zone.
So if you are running Solaris secure by default and have not re-enabled telnet, you are safe.
Learn to love SBD.
______________________________________
Update:
For Tpatches and details from the sausage factory, see this blog:
Alan Hargreaves - the in.telnetd exploit
When doing the initial install of Solaris 10, select the secure by default (SBD) option. If this is Solaris Nevada, no option is given, it will be (mostly) secure by default. If the install is an upgrade, then it will not change the previous install. To activate the secure profile, run the following:
# /usr/sbin/netservices limited
Note that this will only allow local smtp and rpc, and only ssh remotely, so be careful if you are on a production box, everything else is tight.
Why should you care? Because you are safe from the latest Solaris 10 hack. If you haven't heard of it yet, you might want to search the web and learn more. Basically, it enables an attacker to telnet into a Solaris 10 machine.
I decided to head over the OpenGrok OpenSolaris source code browser, and look at login.c:
In login.c:
524 /* ONC_PLUS EXTRACT START */
525 /*
526 * validate user
527 */
528 /* we are already authenticated. fill in what we must, then continue */
529 if (fflag) {
530 /* ONC_PLUS EXTRACT END */
531 if ((pwd = getpwnam(user_name)) == NULL) {
532 audit_error = ADT_FAIL_VALUE_USERNAME;
533
534 log_bad_attempts();
535 (void) printf("Login failed: unknown user '%s'.\n",
536 user_name);
537 login_exit(1);
538 }
539 /* ONC_PLUS EXTRACT START */
540 } else {
541 /*
542 * Perform the primary login authentication activity.
543 */
544 login_authenticate();
545 }
So as long as the f flag is set, it never does the login_authenticate(). If that option was somewhat injected in a string...
1399 case 'f':
1400 /*
1401 * Must be root to bypass authentication
1402 * otherwise we exit() as punishment for trying.
1403 */
1404 if (getuid() != 0 || geteuid() != 0) {
1405 audit_error = ADT_FAIL_VALUE_AUTH_BYPASS;
1406
1407 login_exit(1); /* sigh */
1408 /*NOTREACHED*/
1409 }
1410 /* save fflag user name for future use */
1411 SCPYL(user_name, optarg);
1412 fflag = B_TRUE;
1413 break;
Quite the punishment for trying, no? This is similar to an old rlogin issue.
Sun Studio now has a thread analyzer that does race detection and other similar complex detection of problems in your code. Maybe security hole detection should be next? :)
So why did this come back?
54 * -f
55 * of Kerberos. But it's not used by Sun's Kerberos implementation.
56 * It is however employed by zlogin(1), since it allows one to tell
57 * login: "This user is authenticated." In the case of zlogin that's
58 * true because the zone always trusts the global zone.
So if you are running Solaris secure by default and have not re-enabled telnet, you are safe.
Learn to love SBD.
______________________________________
Update:
For Tpatches and details from the sausage factory, see this blog:
Alan Hargreaves - the in.telnetd exploit
Polyglot
I was hoping for an integrated multi language support with blogger / blogspot, but the only way I've found is to create 3 different blogs, and add a list of links to it. Next step is to figure out how to match posts and URLs. Looks like it is going to take some javascript to make this work right.
Anybody been there, done that?
Anybody been there, done that?
Mirrored Laptop with Compact Flash
An alternative to the USB stick to have a mirrored storage on a laptop is to use a PC card compact flash adapter, along with a compact flash card. These cards are available currently in capacities of up to 16GB, but are much more expensive than USB sticks.
For the purpose of demonstrating the concept, I used my old IBM microdrive (340MB) in CFII format. I think the largest ever made was 6 or 8GB, but with solid state cards capable of higher density, that is probably the end of the line for that technology. Still, I've had it for about 7 years now, so it has proven surprisingly reliable (unlike the iPaq this was in).
So, all you have to do is insert the PC card and Solaris hald (Solaris Nevada B56) picks up the microdrive, mounts it and is shown on the desktop.
bash-3.00# df -h
Filesystem size used avail capacity Mounted on
[...]
/dev/dsk/c1t0d0s2 3.6G 3.6G 0K 100% /media/SOL_11_X86
/dev/dsk/c8d0p0:1 341M 16K 341M 1% /media/MICRODRIVE
I then unmounted the microdrive. Assuming you have a free slice 7 on your internal hard disk (make sure you have an empty, pre-allocated slice), then you would do:
bash-3.00# zpool create internal mirror c0d0s7 c8d0p0
invalid vdev specification
use '-f' to override the following errors:
mirror contains devices of different sizes
bash-3.00# zpool create -f internal mirror c0d0s7 c8d0p0
bash-3.00# df -h
Filesystem size used avail capacity Mounted on
[...]
/dev/dsk/c1t0d0s2 3.6G 3.6G 0K 100% /media/SOL_11_X86
internal 304M 24K 304M 1% /internal
bash-3.00# zpool status
pool: internal
state: ONLINE
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
internal ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c8d0p0 ONLINE 0 0 0
errors: No known data errors
We can then proceed to set compression and mountpoint just like in the previous case we went through.
For the purpose of demonstrating the concept, I used my old IBM microdrive (340MB) in CFII format. I think the largest ever made was 6 or 8GB, but with solid state cards capable of higher density, that is probably the end of the line for that technology. Still, I've had it for about 7 years now, so it has proven surprisingly reliable (unlike the iPaq this was in).
So, all you have to do is insert the PC card and Solaris hald (Solaris Nevada B56) picks up the microdrive, mounts it and is shown on the desktop.
bash-3.00# df -h
Filesystem size used avail capacity Mounted on
[...]
/dev/dsk/c1t0d0s2 3.6G 3.6G 0K 100% /media/SOL_11_X86
/dev/dsk/c8d0p0:1 341M 16K 341M 1% /media/MICRODRIVE
I then unmounted the microdrive. Assuming you have a free slice 7 on your internal hard disk (make sure you have an empty, pre-allocated slice), then you would do:
bash-3.00# zpool create internal mirror c0d0s7 c8d0p0
invalid vdev specification
use '-f' to override the following errors:
mirror contains devices of different sizes
bash-3.00# zpool create -f internal mirror c0d0s7 c8d0p0
bash-3.00# df -h
Filesystem size used avail capacity Mounted on
[...]
/dev/dsk/c1t0d0s2 3.6G 3.6G 0K 100% /media/SOL_11_X86
internal 304M 24K 304M 1% /internal
bash-3.00# zpool status
pool: internal
state: ONLINE
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
internal ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c8d0p0 ONLINE 0 0 0
errors: No known data errors
We can then proceed to set compression and mountpoint just like in the previous case we went through.
Friday, February 9, 2007
Stick to ZFS, or The laptop with a mirrored drive
My everyday laptop is a Dell Latitude D600. It's old but it has served me well. It started its life with Windows 2000 on its hard disk. I switched back and forth between Solaris 10 and Windows 2000 (Windows XP was just too frustrating for me and at some point I've triple booted Mandriva, Suse or Ubuntu), until I decided to go Solaris Express (aka Nevada, aka what will become 11) which is the base anyway for OpenSolaris. Since Nevada B53, I've never looked back. I removed all other partitions and dedicated it to Solaris.
Now, most laptop can only take one drive. This is the case with the Latitude.
Stick to ZFS
Assuming you have a slice available on your laptop hard disk and you have a memory stick, a lot of fun can be had with ZFS.
This came about as I was pondering about making my laptop a little more safe for travelling. If I lost a hard drive, I could buy a new one and then just reinstall Solaris. The latest Solaris (B56) even has a Sun Studio and Netbeans when you select Solaris Express Developer at install time. Email, source and other stuff are remotely stored on a server etc. The only issue is all my documents that I'm saving in the local user/Documents folder (I am not always online). Yes, I do a backup to an external USB device, but I would like for this to be transparent. I tought, ZFS could do this, along with a USB stick. There are some sticks that are so small, you can leave them in the USB port when putting the laptop in its bag.
The laptop with a mirrored drive.
So here is the recipe. I insert my memory stick and check its logical node:
bash-3.00# rmformat
Looking for devices...
1. Logical Node: /dev/rdsk/c4t0d0p0
Physical Node: /pci@0,0/pci8086,4541@1d,1/storage@1/disk@0,0
Connected Device: KINGSTON USB DRIVE 1.12
Device Type: Removable
Bus: USB
Size: 246.0 MB
Label:
Access permissions:
Above is my test memory stick. My internal disk is c0d0:
bash-3.00# format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c0d0
/pci@0,0/pci-ide@1f,1/ide@0/cmdk@0,0
^C
I already know that slice 7 is unassigned but allocated and free. If I didn't know, I'd select the drive in format, then enter the partition mode and print the partition table. If the boot disk partition needs to be edited, you'll need to do that by booting Solaris from CD/DVD.
So, let us create a mirror:
bash-3.00# zpool create -f stick mirror c0d0s7 c4t0d0p0
bash-3.00# zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
stick 240M 89K 240M 0% ONLINE -
usb 298G 182G 116G 60% ONLINE -
bash-3.00# zfs create stick/Documents
bash-3.00# zfs set compression=on stick/Documents
bash-3.00# zfs set mountpoint=/export/home/fdion/Documents stick/Documents
bash-3.00# cp /export/home/fdion/mp3/PeteNamlook\ and\ MixMaster\ Morris/*.mp3 .
While the copy was going on (Pete Namlook and Mixmaster Morris' Dreamfish album), I pulled the usb stick. Copy completed without problem:
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
stick 97.9M 110M 24.5K /stick
stick/Documents 97.7M 110M 97.7M /export/home/fdion/Documents
bash-3.00# zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
stick 240M 97.9M 142M 40% DEGRADED -
usb 298G 182G 116G 60% ONLINE -
The mirror is degraded tough. Let's check the full status:
bash-3.00# zpool status
pool: stick
state: DEGRADED
status: One or more devices could not be opened. Sufficient replicas exist for
the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
see: http://www.sun.com/msg/ZFS-8000-D3
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
stick DEGRADED 0 0 0
mirror DEGRADED 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 UNAVAIL 0 306 0 cannot open
errors: No known data errors
Let's bring it online:
bash-3.00# zpool online stick c4t0d0p0
Bringing device c4t0d0p0 online
This took a little bit of time as the mirror finished fixing itself. Am I done? Let's check the status:
bash-3.00# zpool status
pool: stick
state: ONLINE
status: One or more devices has experienced an unrecoverable error. An
attempt was made to correct the error. Applications are unaffected.
action: Determine if the device needs to be replaced, and clear the errors
using 'zpool clear' or replace the device with 'zpool replace'.
see: http://www.sun.com/msg/ZFS-8000-9P
scrub: resilver completed with 0 errors on Fri Feb 9 14:22:09 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 ONLINE 0 306 0
errors: No known data errors
bash-3.00# zpool clear stick c4t0d0p0
bash-3.00# zpool status
pool: stick
state: ONLINE
scrub: resilver completed with 0 errors on Fri Feb 9 14:22:09 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 ONLINE 0 0 0
errors: No known data errors
Alright, everything is ok now. Just a recap of what I've done up to now:
bash-3.00# zpool history stick
History for 'stick':
2007-02-09.14:08:34 zpool create -f stick mirror c0d0s7 c4t0d0p0
2007-02-09.14:10:54 zfs create stick/Documents
2007-02-09.14:11:06 zfs set compression=on stick/Documents
2007-02-09.14:11:59 zfs set mountpoint=/export/home/fdion/Documents stick/Documents
2007-02-09.14:20:14 zpool online stick c4t0d0p0
2007-02-09.14:25:26 zpool clear stick c4t0d0p0
Pretty slick. Let's export and load this in another computer.
bash-3.00# zpool export stick
bash-3.00#
On another machine, I go and plug the memory stick in and:
bash-3.00# zpool import stick
cannot mount '/export/home/fdion/Documents': directory is not empty
Ah, yes, that's an issue, but we are just testing. I probably should have mounted a different user.
bash-3.00# zfs set mountpoint=/export/home/fdlaptop/Documents stick/Documents
bash-3.00# zpool export stick
bash-3.00# zpool import stick
Data is there, everything is fine. But, how does it look from ZFS standpoint?
bash-3.00# zpool status
pool: stick
state: DEGRADED
status: One or more devices could not be opened. Sufficient replicas exist for
the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
see: http://www.sun.com/msg/ZFS-8000-D3
scrub: resilver completed with 0 errors on Fri Feb 9 14:38:56 2007
config:
NAME STATE READ WRITE CKSUM
stick DEGRADED 0 0 0
mirror DEGRADED 0 0 0
c0d0s7 UNAVAIL 0 0 0 cannot open
c4t0d0p0 ONLINE 0 0 0
errors: No known data errors
This is as expected. Let's export again:
bash-3.00# zpool export stick
I put the stick back in the laptop, then
bash-3.00# zpool import stick
bash-3.00# zpool status
pool: stick
state: ONLINE
scrub: resilver completed with 0 errors on Fri Feb 9 14:41:42 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 ONLINE 0 0 0
errors: No known data errors
Impressive, no?
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
stick 97.9M 110M 24.5K /stick
stick/Documents 97.7M 110M 97.7M /export/home/fdlaptop/Documents
BTW, I did have compression enabled, but since I copied MP3 files, I expect no compression whatsoever:
bash-3.00# zfs get compressratio stick/Documents
NAME PROPERTY VALUE SOURCE
stick/Documents compressratio 1.00x -
Sure enough. I then copied 20M of office documents and pdfs and removed the mp3 files:
bash-3.00# zfs get compressratio stick/Documents
NAME PROPERTY VALUE SOURCE
stick/Documents compressratio 3.53x -
At 3.5x and small USB sticks available in 8GB, that's potentially 28GB mirrored! Currently, the 8 GB are a bit too high, but 4GB is <$80 (I've seen as low as $40). In the newer Solaris builds, a mirror can be reverted back to a non mirrored zone: bash-3.00# zpool detach stick c4t0d0p0
I pulled the stick out.
bash-3.00# zpool status
pool: stick
state: ONLINE
scrub: resilver completed with 0 errors on Fri Feb 9 14:41:42 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
errors: No known data errors
I now am back to a non mirrored mode. To recreate:
bash-3.00# zpool attach stick c0d0s7 c4t0d0p0
The only issue is if the two devices are not exactly the same size (or the memory stick is smaller than the hard disk slice), you will get:
cannot attach c4t0d0p0 to c0d0s7: device is too small
Just something to keep in mind.
Now, most laptop can only take one drive. This is the case with the Latitude.
Stick to ZFS
Assuming you have a slice available on your laptop hard disk and you have a memory stick, a lot of fun can be had with ZFS.
This came about as I was pondering about making my laptop a little more safe for travelling. If I lost a hard drive, I could buy a new one and then just reinstall Solaris. The latest Solaris (B56) even has a Sun Studio and Netbeans when you select Solaris Express Developer at install time. Email, source and other stuff are remotely stored on a server etc. The only issue is all my documents that I'm saving in the local user/Documents folder (I am not always online). Yes, I do a backup to an external USB device, but I would like for this to be transparent. I tought, ZFS could do this, along with a USB stick. There are some sticks that are so small, you can leave them in the USB port when putting the laptop in its bag.
The laptop with a mirrored drive.
So here is the recipe. I insert my memory stick and check its logical node:
bash-3.00# rmformat
Looking for devices...
1. Logical Node: /dev/rdsk/c4t0d0p0
Physical Node: /pci@0,0/pci8086,4541@1d,1/storage@1/disk@0,0
Connected Device: KINGSTON USB DRIVE 1.12
Device Type: Removable
Bus: USB
Size: 246.0 MB
Label:
Access permissions:
Above is my test memory stick. My internal disk is c0d0:
bash-3.00# format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c0d0
/pci@0,0/pci-ide@1f,1/ide@0/cmdk@0,0
^C
I already know that slice 7 is unassigned but allocated and free. If I didn't know, I'd select the drive in format, then enter the partition mode and print the partition table. If the boot disk partition needs to be edited, you'll need to do that by booting Solaris from CD/DVD.
So, let us create a mirror:
bash-3.00# zpool create -f stick mirror c0d0s7 c4t0d0p0
bash-3.00# zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
stick 240M 89K 240M 0% ONLINE -
usb 298G 182G 116G 60% ONLINE -
bash-3.00# zfs create stick/Documents
bash-3.00# zfs set compression=on stick/Documents
bash-3.00# zfs set mountpoint=/export/home/fdion/Documents stick/Documents
bash-3.00# cp /export/home/fdion/mp3/PeteNamlook\ and\ MixMaster\ Morris/*.mp3 .
While the copy was going on (Pete Namlook and Mixmaster Morris' Dreamfish album), I pulled the usb stick. Copy completed without problem:
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
stick 97.9M 110M 24.5K /stick
stick/Documents 97.7M 110M 97.7M /export/home/fdion/Documents
bash-3.00# zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
stick 240M 97.9M 142M 40% DEGRADED -
usb 298G 182G 116G 60% ONLINE -
The mirror is degraded tough. Let's check the full status:
bash-3.00# zpool status
pool: stick
state: DEGRADED
status: One or more devices could not be opened. Sufficient replicas exist for
the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
see: http://www.sun.com/msg/ZFS-8000-D3
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
stick DEGRADED 0 0 0
mirror DEGRADED 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 UNAVAIL 0 306 0 cannot open
errors: No known data errors
Let's bring it online:
bash-3.00# zpool online stick c4t0d0p0
Bringing device c4t0d0p0 online
This took a little bit of time as the mirror finished fixing itself. Am I done? Let's check the status:
bash-3.00# zpool status
pool: stick
state: ONLINE
status: One or more devices has experienced an unrecoverable error. An
attempt was made to correct the error. Applications are unaffected.
action: Determine if the device needs to be replaced, and clear the errors
using 'zpool clear' or replace the device with 'zpool replace'.
see: http://www.sun.com/msg/ZFS-8000-9P
scrub: resilver completed with 0 errors on Fri Feb 9 14:22:09 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 ONLINE 0 306 0
errors: No known data errors
bash-3.00# zpool clear stick c4t0d0p0
bash-3.00# zpool status
pool: stick
state: ONLINE
scrub: resilver completed with 0 errors on Fri Feb 9 14:22:09 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 ONLINE 0 0 0
errors: No known data errors
Alright, everything is ok now. Just a recap of what I've done up to now:
bash-3.00# zpool history stick
History for 'stick':
2007-02-09.14:08:34 zpool create -f stick mirror c0d0s7 c4t0d0p0
2007-02-09.14:10:54 zfs create stick/Documents
2007-02-09.14:11:06 zfs set compression=on stick/Documents
2007-02-09.14:11:59 zfs set mountpoint=/export/home/fdion/Documents stick/Documents
2007-02-09.14:20:14 zpool online stick c4t0d0p0
2007-02-09.14:25:26 zpool clear stick c4t0d0p0
Pretty slick. Let's export and load this in another computer.
bash-3.00# zpool export stick
bash-3.00#
On another machine, I go and plug the memory stick in and:
bash-3.00# zpool import stick
cannot mount '/export/home/fdion/Documents': directory is not empty
Ah, yes, that's an issue, but we are just testing. I probably should have mounted a different user.
bash-3.00# zfs set mountpoint=/export/home/fdlaptop/Documents stick/Documents
bash-3.00# zpool export stick
bash-3.00# zpool import stick
Data is there, everything is fine. But, how does it look from ZFS standpoint?
bash-3.00# zpool status
pool: stick
state: DEGRADED
status: One or more devices could not be opened. Sufficient replicas exist for
the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
see: http://www.sun.com/msg/ZFS-8000-D3
scrub: resilver completed with 0 errors on Fri Feb 9 14:38:56 2007
config:
NAME STATE READ WRITE CKSUM
stick DEGRADED 0 0 0
mirror DEGRADED 0 0 0
c0d0s7 UNAVAIL 0 0 0 cannot open
c4t0d0p0 ONLINE 0 0 0
errors: No known data errors
This is as expected. Let's export again:
bash-3.00# zpool export stick
I put the stick back in the laptop, then
bash-3.00# zpool import stick
bash-3.00# zpool status
pool: stick
state: ONLINE
scrub: resilver completed with 0 errors on Fri Feb 9 14:41:42 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
mirror ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
c4t0d0p0 ONLINE 0 0 0
errors: No known data errors
Impressive, no?
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
stick 97.9M 110M 24.5K /stick
stick/Documents 97.7M 110M 97.7M /export/home/fdlaptop/Documents
BTW, I did have compression enabled, but since I copied MP3 files, I expect no compression whatsoever:
bash-3.00# zfs get compressratio stick/Documents
NAME PROPERTY VALUE SOURCE
stick/Documents compressratio 1.00x -
Sure enough. I then copied 20M of office documents and pdfs and removed the mp3 files:
bash-3.00# zfs get compressratio stick/Documents
NAME PROPERTY VALUE SOURCE
stick/Documents compressratio 3.53x -
At 3.5x and small USB sticks available in 8GB, that's potentially 28GB mirrored! Currently, the 8 GB are a bit too high, but 4GB is <$80 (I've seen as low as $40). In the newer Solaris builds, a mirror can be reverted back to a non mirrored zone: bash-3.00# zpool detach stick c4t0d0p0
I pulled the stick out.
bash-3.00# zpool status
pool: stick
state: ONLINE
scrub: resilver completed with 0 errors on Fri Feb 9 14:41:42 2007
config:
NAME STATE READ WRITE CKSUM
stick ONLINE 0 0 0
c0d0s7 ONLINE 0 0 0
errors: No known data errors
I now am back to a non mirrored mode. To recreate:
bash-3.00# zpool attach stick c0d0s7 c4t0d0p0
The only issue is if the two devices are not exactly the same size (or the memory stick is smaller than the hard disk slice), you will get:
cannot attach c4t0d0p0 to c0d0s7: device is too small
Just something to keep in mind.
First post
Well, I keep having to restart my blog, maybe I should really host it. At any rate, this blog is about my experience at using Sun Solaris as my operating system on the desktop (and laptop, and server etc).
J'espère aussi avoir une version française, quasi-simultané.
Aprendo también español, yo es pues traducir este blog en esta lengua. (work in progress as can be seen :)
J'espère aussi avoir une version française, quasi-simultané.
Aprendo también español, yo es pues traducir este blog en esta lengua. (work in progress as can be seen :)
Subscribe to:
Posts (Atom)
