[rescue] Sun's new policy sucks...

Mike Meredith mike at redhairy1.demon.co.uk
Thu Apr 7 16:53:07 CDT 2005 

On Thu, 7 Apr 2005 14:26:10 -0700 (MST), Gary Nichols wrote:
> Mike - have any handy sources for a quick reference on setting up
> zones on  Sol 10?

1: http://www.blastwave.org/docs/Solaris-10-b51/DMC-0002/dmc-0002.html
2: http://www.sun.com/bigadmin/features/articles/zones_partition.html

The (quite rough) script I use follows. It's somewhat localised, and
makes certain assumptions (hostname of a zone = hostname of global zone
. '-' . zone name), but could be useful as a starting point.
Improvements welcome :)

#!/bin/ksh
#
# Shell script to create a zone with certain assumptions.
# Parameters:
#       0:      Interface to use (ce3)
#       1:      IP address to use
#       2:      zone name to use

verbose=1
hostname=`hostname`
[[ $verbose == 1 ]] && echo Interface: $1
[[ $verbose == 1 ]] && echo IP: $2
[[ $verbose == 1 ]] && echo Zonename: $3
hostname=`echo $hostname-$3`
[[ $verbose == 1 ]] && echo Hostname: $hostname

[[ -z "$1" ]] && echo "No interface given" && exit 1
[[ -z "$2" ]] && echo "No IP address given" && exit 1
[[ -z "$3" ]] && echo "No zonename given" && exit 1

cat > /var/tmp/zone-create.$$ << END
create
set zonepath=/data/zones/$3
set autoboot=true
add net
set address=$2
set physical=$1
end
add inherit-pkg-dir
set dir=/opt/nw-sun
end
verify
commit
END

/usr/sbin/zonecfg -z $3 -f /var/tmp/zone-create.$$
if [ $? != 0 ]
then
         echo "Could not configure zone"
        exit
fi

/usr/sbin/zoneadm -z $3 install ||\
        echo "Could not install zone"
/usr/sbin/zoneadm -z $3 boot ||\
        echo "Could not boot zone"

# In here should be something to actually do the Suninstall part of zone
# creation.
cat > /data/zones/$3/root/etc/sysidcfg << END
system_locale=C
terminal=ansi
network_interface=primary {
        hostname=$hostname
        ip_address=$2
}
timeserver=localhost
security_policy=NONE
name_service=DNS {domain_name=iso.port.ac.uk
                  name_server=148.197.5.13,148.197.254.1,148.197.254.2
                  search=port.ac.uk,iso.port.ac.uk,admin.port.ac.uk}
timezone=GB
root_password=LpQlzbUlQmJRE
END

cp /.profile /.kshenv /data/zones/$3/root
#       Copy in sensible root environment
cp /etc/profile /data/zones/$3/root/etc
#       Copy in sensible profile for everyone else
rm /data/zones/$3/root/etc/skel/*
#       Clean out skeliton directory

cat > /data/zones/$3/root/.newzoneprofile << END

svcadm disable autofs
svcadm disable ftp
svcadm disable svc:/network/rpc-100068_2-5/rpc_udp:default
svcadm disable finger
svcadm disable rstat
svcadm disable rquota
svcadm disable rusers
svcadm disable shell:default
svcadm disable rlogin
svcadm disable smserver
svcadm disable xfs
svcadm disable telnet
mkdir /ISOadm
cd /ISOadm
ln -s /opt/nw-sun .
/ISOadm/nw-sun/site-scripts/cr-systeam
END
chmod +x /data/zones/$3/root/.newzoneprofile

echo Now logging into new zone with zlogin -e \@ -C $3. Exit with "@."
/usr/sbin/zlogin -e \@ -C $3

More information about the rescue mailing list