Top 10 Solaris Installation Annoyances

I just did an install of Solaris Express Community Release (a.k.a. Nevada build 41). Initial impressions are as important with operating system installs as they are in anything else, and it’s an area where Solaris feels crufty and old. I think Solaris could really benefit from some effort spent improving the “initial sysadmin experience”. The Linux distros totally got the importance of this in the 90s, and I truly believe that their huge rise in popularity this decade is in no small part due to their focus on improving their respective installers and “first moments”. If Sun is hoping to make ANY headway in their fight to reclaim the hearts and minds of unix/linux sysadmins, I think we need to look hard at the current state of affairs and accept that’s it’s bad. Really bad. I’m sure all of these have been discussed to death on blogs and forums and mailing lists, but since I’ve more or less been out of the Solaris loop for a good 5 years I’m going to blast ahead and write my own damned list anyway.

So, with the frustration of tonight’s install fresh on my mind, here’s my list of the First 10 things that really bug me when I install Solaris off the CDs (yes, I lied in the title of the post. I couldn’t resist the Top 10 meme):

The installer is unbearably slow… I mean, my _god_ it’s slow, just getting the first menu screen (or heaven forbid, X11 and the Java installer) going takes forever and then some. I’ve found that the best thing to do while I’m waiting on the installer to, I dunno, model nuclear explosions or whatever the hell it’s doing, is to wander off and eat lunch, take in a movie, or write a novel. Something to calm me down. That or I sit in a hurricane of a server room, rage slowly building, cursing Sun and uttering “I can’t take this. I’m freezing. This is the fastest server money can buy! What is taking so bloody long?! I mean, what fucking year is it already? It’s 2006, not 1992.. I could’ve probably bootstrapped the thing by hand by now! What on *earth* is it doing?!? Let’s see Jonathon deal with this bullshit. I mean, hell, Ghandi himself probably would have smashed the console to bits by now.” I think you get the idea.
Why can’t the installer eject the 1st CD when it goes to do the initial reboot of the system? I asked it to, but this has never worked for me. Annoyance #1 compounds the problem since I always walk away from the console before I loose it. And I come back to find the GUI installer running with a single terminal window open in the upper left corner of the screen, utterly naked with not even a window border, looking like 1989, and a big X11 “X” cursor of doom sitting in the middle of the screen. What happened? I guess I have to tell it what language I want, again. Hmmm. This screen looks familiar. When I press the keys, they do nothing. Oh! Look! The death cursor has placed the focus on the root display so I can’t actually do *anything*! Yay! Time to hard-reset the box so I can eject the CD and get on with the installation! Sun, for crying out loud, download any SuSE release from the last, say, 5 years and just copy what they do. This isn’t rocket science. (Hint: The boot CD, by default, chooses to boot the hard drive unless you tell it you want to do an install. There, problem solved.)
The installer goes comatose. You know, when you put in the second CD and hit “Ok” and then it just sits there with no feedback, for about 5 minutes. Nothing. Just a blank screen, or, sometimes, you’ll get lucky and be presented with a blank white window that has no text. Any normal person would think that the installer has crashed. Sure, if you’re a seasoned Solaris admin you’ve been through this before and wasted half a day figuring out that the install media is being scanned. But let’s face it, it’s crap and it’s completely unacceptable.
Name service is not configured by default. In 2006, I think it’s safe to assume DNS will be in use. Just take me straight to a “enter DNS info” screen if I pick to manually configure an interface. Of course, every attempt I’ve made at picking “DNS” and entering my local info has resulted at the end of the information gathering phase in a big phat config error. I get a nice sysid output failed message, I go back to review my settings and by golly I’m pretty damned sure they’re correct, but I get the error. If I just press on it seems like everything gets saved correctly anyways, so that’s this error about?
The default shell isn’t bash. Which I can sort of live with, since bash is at least installed in the base system now, but it looks ameturish that the default prompt is “bash-3.00#”. Come on… Can we at least get a simple /etc/bashrc that sets PS1 to include a hostname and the last component of the cwd? At least the younger sysadmins who learned the art on Linux won’t go “ewwww.. how antiquated is this system anyways?” when they see their first root prompt.

Oh yeah, baby, this is *exactly* what I want to see at the root of my filesystem just minutes after logging into the lovely graphical console:

bash-3.00# ls -la /
total 645
drwxr-xr-x  37 root     root        1024 Jun 20 22:50 .
drwxr-xr-x  37 root     root        1024 Jun 20 22:50 ..
-rw-------   1 root     root         437 Jun 20 22:37 .ICEauthority
drwx------   2 root     root         512 Jun 20 22:37 .Trash
-rw-------   1 root     root         103 Jun 20 22:37 .Xauthority
-rw-------   1 root     root         420 Jun 20 22:42 .bash_history
drwxr-xr-x   9 root     root         512 Jun 20 22:37 .dt
-rwxr-xr-x   1 root     root        5111 Jun 20 22:37 .dtprofile
drwx------   3 root     root         512 Jun 20 22:38 .gconf
drwx------   2 root     root         512 Jun 20 22:42 .gconfd
drwx------   6 root     root         512 Jun 20 22:37 .gnome2
drwx------   2 root     root         512 Jun 20 22:37 .gnome2_private
drwxr-xr-x   2 root     root         512 Jun 20 22:37 .gstreamer-0.10
-rw-r--r--   1 root     root          77 Jun 20 22:37 .gtkrc-1.2-gnome2
drwx------   3 root     root         512 Jun 20 22:37 .metacity
drwxr-xr-x   3 root     root         512 Jun 20 22:37 .nautilus
drwxr-xr-x   3 root     root         512 Jun 20 22:37 .softwareupdate
drwx------   2 root     root         512 Jun 20 22:42 .ssh
drwx------   3 root     root         512 Jun 20 18:05 .sunw
drwxr-xr-x   2 root     root         512 Jun 20 22:37 Desktop
etc...

Crap all over /! The horror! Can we please have a /root? I know this is bordering on blasphemy for some people, but man, get over it already. It’s messy, and it annoys the hell out of me.

Of course, I always go straight to /etc/passwd to make my own /root, where I’m greeted with this:
```
bash-3.00# vi /etc/passwd
screen: Unknown terminal type
I don't know what kind of terminal you are on - all I have is 'screen'.
[Using open mode]
"/etc/passwd" 15 lines, 580 characters
root:x:0:0:Super-User:/:/sbin/sh
:q
```
I’m not aware of any BSD or Linux that’s been without a screen termcap/terminfo for at least a decade. A *decade*. How ’bout we put one in the default install before Solaris 11 ships?
Bill Joy no longer works for Sun. That means we can finally, gloriously, replace the stock “vi” with “vim”. Just think of the productivity increases the world would realize!
Don’t you love how the default sendmail install is broken cause it can’t resolve the hostname you just entered in the installer (I’d like to say “a few minutes ago”, but let’s face it, it was hours ago)? I’ve blogged about this before. I.e. for the love of god can we ditch sendmail? My point here (if you ignore my sendmail hatred) is that on first boot, you get sendmail errors spewing out the system making noise about config errors and it’s very off-putting.

For an OS that does not turn on a firewall by default (or even give you the option of doing so), this is simply horrifying:

TCP: IPv4
Local Address        Remote Address    Swind Send-Q Rwind Recv-Q    State
-------------------- -------------------- ----- ------ ----- ------ -----------
*.*                  *.*                0      0 49152      0 IDLE
*.111                *.*                0      0 49152      0 LISTEN
*.*                  *.*                0      0 49152      0 IDLE
*.40865              *.*                0      0 49152      0 LISTEN
*.4045               *.*                0      0 49152      0 LISTEN
*.62081              *.*                0      0 49152      0 LISTEN
*.36450              *.*                0      0 49152      0 LISTEN
*.35260              *.*                0      0 49152      0 LISTEN
*.50341              *.*                0      0 49152      0 LISTEN
*.39373              *.*                0      0 49152      0 LISTEN
*.23                 *.*                0      0 49152      0 LISTEN
*.21                 *.*                0      0 49152      0 LISTEN
*.79                 *.*                0      0 49152      0 LISTEN
*.513                *.*                0      0 49152      0 LISTEN
*.514                *.*                0      0 49152      0 LISTEN
*.7100               *.*                0      0 49152      0 LISTEN
*.44819              *.*                0      0 49152      0 LISTEN
*.6112               *.*                0      0 49152      0 LISTEN
*.22                 *.*                0      0 49152      0 LISTEN
*.25                 *.*                0      0 49152      0 LISTEN
*.25                 *.*                0      0 49152      0 LISTEN
*.587                *.*                0      0 49152      0 LISTEN
*.50282              *.*                0      0 49152      0 LISTEN
*.6000               *.*                0      0 49152      0 LISTEN

And that’s *just* TCP, IPv4. Now, you might questions if this counts a “first moments” type of thing, but I think it does, because in my experience Solaris is the *only* OS shipping in any sort of volume that is configured, by default, without a firewall turned on and with tons of services bound to all available interfaces. Here’s what I checked that we have running locally: Windows SP1 and onwards, Mac OS X >= 10.2, Red Hat since forever, Ubuntu (5.10 and 6.06 at least), SuSE since at least 8.0. They all have firewalls on. By default. OS X and all the Linuxes also only bind deamons to localhost.* instead of *.* if that’s the only access they need. Red Hat runs sendmail by default (shudder) for example, but only binds to localhost. Frankly, I think this kind of default setup is unethical. If you think that’s perhaps taking it a bit too far, my guess is that you haven’t had your box 0wn3d (say, by another hole in fucking sendmail) and used to transmit all sorts of nasty, dirty, disgusting things to people around the Internet who should all be in jail. At the very least, this practice is stupid, and it gets me all angered up and feisty, so it goes on my list.

So there you have it. The first 10 things that pissed me off when I did the install tonight. I’ll try to do a follow up as I get further along on configuring this box to actually do something useful (in particular, it will be hosting a 12TB MySQL database).

Comment away and let me know what annoys you the most, or perhaps set me straight where I’ve gone astray.

About this entry

You’re currently reading “Top 10 Solaris Installation Annoyances,” an entry on VMUNIX Blues

Published:: 06.20.06 / 11pm

Category:: solaris, opensolaris, sysadmin

bash-3.00# vi /etc/passwd xterm-color: Unknown terminal type I don't know what kind of terminal you are on - all I have is 'xterm-color'. [Using open mode] "/etc/passwd" 15 lines, 580 characters root:x:0:0:Super-User:/:/sbin/sh :q

About

VMUNIX Blues is written by me, Mark Mayo, in Vancouver, BC. I like unix, coding, and the web, and naturally most articles I write here have something to do with what I like. If commenting on an article isn’t your style, you can always email me — mark (at) vmunix.com.

Recent Comments

Vic: I'm using ESX3 for the very first time. I have 6 nics on a SUN blade and have decied to 3 teams of 2 NICS. I...

darkfader: Hi, synchronous NFS often seems faster even than iSCSI that might take like a minute to get all your data...

Paul Fox: http : / / w w w crispdemoncouk click on the tools page to find the source to dtrace. no guarantees it...

mark: Joe: Gigabit. SHEP: I've been gloriously VDI ignorant, and plan to stay that way. Desktops == pain. No thanks....

mark: Great to see someone forging ahead regardless of license issues, Paul. Good luck with the port! I'd certainly...

omphile 06.21.06 / 12am

amen!

Dick Davies 06.21.06 / 1am

1,2 and 3 : burn a dvd. had no issues with that.

4. i suppose it could select dns by default. but if you don’t know your settings how will that help you?

5 and 6. Yes, / being roots home sucks. since bash isn’t the default shell, putting a purdy prompt in /etc/bashrc isn’t going to help (you didn’t dare suggest bash should be the default shell. I’m handing you some rope )

7. agree. that’s crap. and /etc/services is about a dozen lines long, which is rubbish.

8. I imagine most vim haters aren’t going to fall in love with vim

9. that’s because you cocked up 4. above

10. yeah, that’s frigging ludicrous. There’s a ’secure by default’ drive, which i think will be in b42, where most of that is off.

I really hated the cumbersome way they do custom installs.

If you deselect a package from the install list, the installer says ‘removing this will break the following 20 packages: …..’ but DOESN’T LET YOU DESELECT ALL THOSE TOO. That’s really shit.

I don’t mind a crap installer myself. I’m more bothered about daily admin - patches etc. It makes me twitchy when my ubuntu boxes are telling me there are 20 bugfixes today for gnome, but my sxcr box is silent about it, when /usr/sfw has the same stuff.

ux-admin 06.21.06 / 3am

One really has to ask oneself after reading your review, what kind of an “admin” wishes for a “better initial sysadmin experience”.

If you are a sysadmin, what are you doing installing from CDs or DVDs??? You should have designed and implemented a JumpStart infratructure by now, systems should have installed and configured themselves, automatically.

And `bash`?!?!?! You’ve got to be kidding me! Ever heard of `tcsh`, no? It’s only like 1000 times more flexible and powerful than `bash`.

/root? You’ve really got to be kidding me now. Who cares whether .rc files are strewn all over /, / is the root’s home directory, PERIOD. These things are irrelevant nitpicks from those that don’t know what to do with the whole thing.

And of course, we won’t even go into a discussion over the all open ports, Sendmail, security; if you don’t know what’s the deal there, I seriously doubt anything I would write would help you.

I really, and I mean REALLY don’t mean this as an offense, but as an honest piece of advice: please learn UNIX, and learn and UNDERSTAND Solaris before you even go on to think of yourself as a sysadmin.

You have a state of the art, most advanced operating system in the world in front of you, but the problem is, you’re trying to compare it to a dinky, hacked-together kernel-userland called Linux that doesn’t even stand up to Solaris’s ankle. And the worst of all, you don’t rightly understand what you have, and why things are the way they are. It’s not because “that’s how it was always done”, it’s because there is a damn fat good reason why.

In other words, you are currently not capable of properly interpreting what you’re seeing and working with.

Knut Grunwald 06.21.06 / 3am

I agree mostly to the start sequence, but i think, your incredibly long start time is a problem with your
cd-rom. I tried that once with a Enterprise 450 and use a external Plextor SCSI CD now. The build in
Toshiba is incredibly slow.
This applies also to most newer Maschine to since the laptop drives are not perfomance kings.

The start sequence should be optimized to take slow drives into account, but that’s a lot of work.

I never install the second CD from the drive. Since the network is up in that state, i mount the iso on an
other server and export them via nfs to anynody using -o ro,anon=0. Even the slowest hard disk is
ten times faster in seeking than a cd-drive.

The device discovery is …. a lot to exact for booting an installer.

I had the dns problem too. I had not given a route to the dns-server …

5. bash isn’t on the boot cd, which is much more annoying.

7. YES !!! This is something which is easily fixed and with little to no sideeffects. Could someone please
fix that.

My most annoying problem: If you install with a TFT-LCD attached to the machine, you can’t chose the
correct resolution in the installer. The display configuration will choose the highest available frequency,
which will result in an out of range mesage of the display. You can’t set the frequency to 60 Hz in the
installer.

Fortunately 10. Applies, so that a freshly installed machine is easily entered via the net.
You can’t login as root ? Yes, but you can change /etc/default/login
(All needed tools are supplied with solaris !)

Derek Morr 06.21.06 / 4am

I agree with everything in your post. Here are a few extra annoyances with the default install:

* DES passwords. Granted, it’s trivial to switch to MD5 orBlowfish, but why isn’t one of them used by default?

* Strong TCP initial sequence numbers aren’t enabled by default. This is another one of those one-line changes, but again, why isn’t it enabled by default?

* Non-executable stakc not enabled by default. Again, why?

* Configuring Kerberos in the installer doesn’t configure pam_krb5.

* X11 listens on TCP sockets. Leave that disabled, and let someone turn it on if they need it.

I really like Solaris, but it would be nice if I didn’t have to heavily customize the post-install state just to get it locked down.

John Levon 06.21.06 / 4am

6. The RFE is: 4960338 want to change root’s home directory

7. Dreadful isn’t it?

8. That would break backwards compatibility. But see: 6422494 VIM should be in WOS and installed as /usr/bin/vim

10. As others said, the secure by default changes have disabled all remote
services (except ssh, I think) by default in solaris nevada.

Matty 06.21.06 / 4am

It looks like Sun finally addressed #10:

http://daemons.net/~matty/blog/?p=456

Have you opened RFEs for these annoyances? It would be awesome if Sun addressed them in Solaris 11!
- Ryan

Dave Miner 06.21.06 / 8am

We’re working on fixing many of these issues. You should check out the OpenSolaris Installation community, where I’ve published a lengthy strategy document which outlines what we’re going to be doing around the installation experience. The projects are getting underway, and I’m sure we’ll make it much better.

The Secure By Default project recently integrated, and so upcoming builds will start showing a much tighter network service configuration.

Anyway, if you’d like to help fix things, which is probably more satisfying than just writing blog posts like this, there are plenty of OpenSolaris projects where you can contribute. I hope you will, because we sure don’t have enough people at Sun to do it all.

Derek 06.21.06 / 8am

Well said.

Manish 06.21.06 / 8am

I’m not a sys-admin and have only an year of Solaris x86
experience, that too while dual booting with Windows XP on
my ThinkPad.

a. I like Solaris text installer more than any. But then, I
have always liked text installations. It’s fast, to the point
and gets the work done without any fuss. Choice #4 on the
install menu. The whole Solaris install experience was way
better than any GNU/Linux distribution I’ve ever installed,
including but not limited to Debian, Slackware, Arch, SuSE,
Fedora, and Ubuntu.

b. Use DVD for installation, as Mr. Davies suggested.

c. Since I install Solaris x86 on a standalone machine with
only ADSL Internet access, I choose NONE and configure it
manually later. Creating /etc/resolv.conf and configuring
nsswitch.conf isn’t that big a hassle.

d. It’s easy to make BASH your default login shell, and so
it making /root your home. And, you shouldn’t really be using
GNOME as root. In fact, do not even login as root. This is
what ’su’ is there for. And this why / (root) is home directory
for the user root (/).

Also, I think it’s better to have custom tailored ~/.profile
and ~/.bashrc rather than changing those in /etc.

e. The sendmail/hostname issue annoyed me too, once. I setup
a funky domainname (localdomain) and then edit the /etc/hosts.
This does shut sendmail up.
For those who have with no clue, a script /usr/lib/mail/sh/chech-hostname
will provide some help.

f. Please let vi be vi. Vim can installed off the Companion
DVD (called Companion CD officially, even after a DVD was
release last time with Solaris 10U1), or fetched from
Blastwave/sunfreeware,

g. If you’re missing a GUI install/deinstall tool, prodreg
is there for you. As limited in features and functionality
it may be, but still it manages to live by its name and fame.
Sorry, no glory! :p

BTW, I’m still learning Solaris and UNIX in general. Maybe,
I’ll change sides completely when there’s official laptop
support added. Haha.

Dražen Kačar 06.21.06 / 8am

1, 2, 3: it’s a beta OS. If bugs piss you off, perhaps you shouldn’t be using beta software.

4: wasn’t DNS added to installer in Solaris 8? It worked fine, IIRC. So it’s just another bug in your beta system.

5: It’s a matter of opinion whether default OS configuration should change the tarball defaults. I’m against, but many people are not. If you like that, try using automounted /home with five different Linux distributions which are trying to make you happy by putting various settings in system configuration files. You’ll spend enormous amount of time in the attempt to make your applications behave the same way on all of them.

There are people who have their configuration files set up the way they like and they expect applications to work in a known and predictable way when they use them. But it just isn’t going to work if the OS chooses to set things which are off in the tarball default.

OK, your example is just PS1, which isn’t a big deal. OTOH, if you really think the default prompt is amateurish, perhaps you should suggest your change to the bash maintainers. It’s their baby, not Sun’s, after all.

6: annoying, I agree.

7: that’s far worse than 6. And it’s not just screen. A number of terminal descriptions should be added.

8: Read again comment for number 5. If you’re used to getting vim when you type “vi”, you’re free to use the alias command in your shell. It annoys the hell out of me when I want a “vi” and have to wait for the monster to come up. And that really takes time if you’re on a slow network link and vim is compiled with X support. No, you can’t just say that vim shouldn’t be compiled with X support, because some people expect that to be present when they type “vim”. Some other people expect Python interpreter to be present when they type “vim”.

Perhaps you don’t care about those things, but that only means you shouldn’t be the person in charge of the defaults.

So just learn to type “vim” when you want vim, or use an alias.

9: yeah, it has always been annoying that sendmail doesn’t work by default, unless you have mail relay it expects (perhaps that has been changed; I didn’t install Solaris in a long time). The default Solaris installation kind of expects that you’re behind corporate firewall. And that’s… humiliating. Am not a corporate drone.

10: again the expectation of a corporate firewall by default. I’d be satisfied if the installer asked whether you were a corporate drone or not. After all, corporate drones usually have their corporate sysadmins who are supposed to prepare corporate installation servers, so corporate drones are never supposed to mess with the interactive installer in the first place.

Dan Price 06.21.06 / 9am

I agree with some of what Mark says– but ux-admin isn’t correct in saying that there is a damn good reason for everything. Some things just haven’t been priorities. So: Come file bugs at bugs.opensolaris.org and make some proposals about what you want to see.

The bash prompt I think we could easily fix, why don’t you make a concrete proposal about what would look good?

As for open ports: Build 42 is “secure by default” which will eliminate most open ports– so that’s going to be fixed when you get the next build (assuming you fresh install. Otherwise, you can use the new ‘netservices’ command to clamp things down or open things up).

As for #7, how did you login? It sounds more like a problem with your $TERM– if you log into single user mode this is likely to happen (and that’s a bug I think, and already filed, and marked “bite size”).

As for #1, #2, #3, etc: come take a look at the installation community. They are busy rewriting the installer: http://blogs.sun.com/roller/page/dminer?entry=solaris_installation_strategy

Sigh 06.21.06 / 9am

If you were a desktop user ( from the .X, .dt directories under /) You have my sympathy…

But wait, you are a Unix admin, and there will be 12 TB mySQL storage to be connected to the server ( wait again, 12 TB mySQL data??), and you actually interactively installed your O/S? And you actually logged in as root and even started X / CDE on it?

Please, spend some more time learning Solaris…

mark 06.21.06 / 10am

I’ll reply to more of these great comments later today, but for now:

General comments:

1. Note that I was specifically taking this installation path (including using, *gasp*, a GUI) because I was _letting the installer pick defaults_ when possible. It runs a graphical installer by default, as do pretty much all the Linux distros. Complaining about how newbie I am cause I didn’t override the default installer selection and build a freakin’ jumpstart server is missing the point. I.e. I’m talking about the first impression a sysadmin new to Solaris gets.

2. Machine in question is a v20z, 2.2Ghz Opterons, and whatever CD-ROM they put it in. I would have used a DVD install if I could have, absolutely. it’s quite possible it’s a slow drive which exagerates points 1 and 2 of my post.

3. This post was largely written as a thought experiment. I don’t actually get too worked up about these things. I’m just putting on my “mr. fancy pants linux admin hat” and seeing what happens when I forget the decade of Solaris sysadmin’ing I did.

ux-admin: I was so totally waiting for a response like yours. Imagine, for just a second, that you were installing Solaris for the first time. Now go back and read your reply. That’s right, you sound like an ass, don’t you? Now, to be honest, when I re-read your reply it’s so perfectly out in left field that I’m thinking you’re actually a brilliant satirist, in which case I thank you for succinctly posting up all the wacko “mr. hardcore” replies in one shot and hence saving me from about a dozen individual comments. (and if you really are a csh user, then god help you)

drazen: The Solaris 9, 10, and 10u1 installers behave identically. I was wishfully hoping that things had improved in the last nevada builds. So my annoyances are not because “its a beta os”. Good points on vim, bash, and the “corporate drone” line I love.

Secure By Default starting with b42. AWESOME, AWESOME, AWESOME. Best news of the day!

More comments later, thanks folks!

ajp 06.21.06 / 10am

My top 3 annoyances about Solaris’ installer are:

5. Not having command history in the default shell is a pain in the backside. Bash would be my preference, but really all I want is a shell that doesn’t output garbage when I press the up/down arrows!

6. Don’t really understand why Solaris still ships with / as root’s home directory. This is the first thing I change once I have Solaris installed (along with the root shell of course).

7. I hate vi and vim as I have no interest in learning an obscure set of keystrokes. Either nano or pico should be on the main install DVD since they at least give you some obvious online help.

I agree about the sendmail issue, but for desktop users a quick “svcadm disable sendmail” is all that is required. For server users postfix is my personal preference.

Cheers

Andrew.

Derek Morr: Ditto on all your points. i’ve previously blogged about how to change the default password crypt. I wonder if the ‘Secure by Default’ effort has tackled some of your points? I’ll be looking forward to checking out b42!

Good point about default editor selection ajp. You’re completely right. An approachable editor like nano or pico should be installed by default.

I’m also willing to concede that replacing the default “vi” with “vim” was a silly pipe dream of mine.. But I will definitely stick to my guns that vim should be installed on the default system. Somewhere. In some form. Without X11. (duck’s from drazen)

ux-admin 06.21.06 / 11am

Hello again. Yes, I use csh by virtue of using tcsh, which is the superset of csh functionality. And it’s a damn good shell as a day-to-day tool, very easy to configure, very comfortable, and very, very flexible and powerful.

I feel bad for the poor souls that want bash, only because that’s what Linux uses as a default and because it seems “usable” to them; to me, it’s like someone gave me a knife that is blunt.

As for installing Solaris for the first time, yes, that was the very first UNIX I ever installed; and I saw no problem with it, this was Solaris 7.

WHAT I DID SEE is that the operating system required some UNDERSTANDING of what is being asked. Knowing as one of hundreds of users how powerful this system is, I knew that I simply needed to understand it. And this proved to be correct.

I had been very lucky that the first UNIX system I ever came in contact with was a Solaris 2.5.1 system. Otherwise, I could have ended up like you, and tons of other Linux kids, pardon, “administrators” that are parading out there today.

mark 06.21.06 / 11am

To Dave Miner: Ok, I’ve just followed Dan’s link through to your blog post. The flash demo looks spiffy. I clicked through to the forum page, and I’ll start by reading your proposal. As I prefaced the post with, I expected that the “installation situation” was probably already being openly discussed and tackled, and I’m now breathing a huge sigh of relief that yes indeed it is! Yay!

I haven’t really spent any time on the OpenSolaris forums, or engaged the community in any meaningful way to date, but perhaps this is an area where I can get involved.

mark 06.21.06 / 12pm

ux-admin, you sir are an idiot. I can’t believe someone would not use a shell “only because that’s what Linux uses”. I won’t make fun of you for using tcsh, but if you had a good UNDERSTANDING of the power of an integrated interactive and programming shell, you would perhaps reconsider (see reference #1 below). Frankly, considering your attitude, I’m shocked you aren’t a ksh zealot, since that’s clearly the golden shell the Solaris Gods intended you to use. And what exactly is there to UNDERSTAND about “what is being asked” in any of the points in my post? I suppose in your mind the fact that the installer sits there, unresponsiive for minutes at a time, is part of a master plan to give you time to reflect on the nature of Solaris’ various scheduling algorithms? Or I suppose when you first installed Solaris 7, the first thing you did was will a JumpStart server into existence out of the ether so that you could go straight to customizing your jumpstart scripts and skip this whole interactive installer nonsense?

I’m all for getting a deep understanding of how an operating system works, and learning to master the system you’re working in, but this is *completely* unrelated to my rant. Which I’m beginning to UNDERSTAND you didn’t even read. If you had, you’d see that it wasn’t a bloody “review” of Solaris, it was a critique of the initial impression experience that every first time user is subjected to.

References:

1) http://www.faqs.org/faqs/unix-faq/shell/csh-whynot/

2) I care about this initial experience because I’m with Jonathon, and that means reaching out and appealing to the millions of Linux sysadmins out there that you so arrogantly dismiss.

3) My first sysadmin job was during the SunOS to SYSV transition. So I’ve been using Solaris for a lot longer than you. I’m almost certainly older than you, so if I’m a kid I guess you’re an infant. I can pretty much gaurantee I have a deeper understanding of Solaris internals than you. And I probably have a bigger cock, too. Na-na-naa-na-naaaa-ner!

Micah R Ledbetter 06.21.06 / 12pm

Personally, I HATE having a UNIX give me a firewall by default. I’d much rather bind services to localhost so I don’t have to mess with a firewall if I don’t want to.

Here’s why: To services on or off, you have to keep track of all of the following: figure out whether your system is using inetd or xinetd; figure out if the service you want is in *inetd or in /etc/rc.d; figure out the specifics of /etc/rc.d scripts; figure out the specifics of adding a script to a new runlevel (different even among Linuxen, eg gentoo vs debian). Do we really need to figure out how to manuver a firewall on top of that? Can’t we just turn it off by default and bind services to localhost? What needs to be on BY DEFAULT, AND also needs to be available to the world? Anything besides ssh? I don’t think so.

And, if ssh is the only world-available service that we have, a firewall probably isn’t necessary BY DEFAULT. And finally, most peoplare are already going to be behind a firewall - home networks are very likey to have a fw/router in place to share the network connection between multiple computers, and corporate systems are even more likely to have some sort of hardware firewall. In fact, only if you are installing your system directly on to an unprotected network are you NOT likely to have a firewall in place already.

I just don’t see the point, and I think it would be one more step of “deactiveate this to get a decent system” on my checklist.

mark 06.21.06 / 1pm

Micah: Good point. I’m with you 100% that the first step is securing the services themselves (by either turning them off or by binding to localhost). One “problem” with turning on a firewall by default is that it can give a false sense of security, and as you say it’s just another thing to configure and potentially get wrong each time you activate/deactivate a service. It looks like the b42 ’secure by default’ stuff is taking your route and tackling the services directly, which I think is the right way to do it.

I do think the installer should, if not by default, at least give you the option of flipping on the firewall. A reasonable default ipf setting would be to allow outbound connections and let in ssh since it will be listening on all interfaces.

Maybe we can get svcadm to also adjust the firewall when a service is enabled/disabled? That would be spiffy.

I will also point out though that just because you’re behind a corporate firewall doesn’t mean you’re “safe”. There are lots of potential threats from the inside, especially within a large enterprise, and I’ve long argued that the biggest mistake sysadmins making in securing their boxes is assuming the “great network firewall in the sky” will protect them. I always lock down each host first, then proceed to punch the services I want exposed through the perimeter firewall(s).

mark 06.21.06 / 5pm

Another TERM to add for point #7:

“xterm-color” has been pretty common for, well, a long time. It’s what OS X’s Terminal.app sets by default, I just discovered…

ux-admin 06.21.06 / 11pm

“ux-admin, you sir are an idiot. I can’t believe someone would not use a shell “only because that’s what Linux uses”.”

That is NOT why I use and prefer `tcsh`, I use it simply because it is superior in just about every way to `bash`.

I am claiming exactly the opposite, that it is IDIOTIC and IGNORANT to PERSIST in using `bash` just because one doesn’t know any better. That is my point.

“I won’t make fun of you for using tcsh, but if you had a good UNDERSTANDING of the power of an integrated interactive and programming shell, you would perhaps reconsider (see reference #1 below).”

If you make fun of me for using something you don’t know anything about, you’ll just make an even bigger ass out of yourself.

Where you and I differ is that I’ve used `bash`, so I know how crappy it is. You Sir, on the other hand, do not seem to have any experience using `tcsh`, since the best you could do is refer me to a WELL KNOWN (in UNIX circles at least) document that’s ANCIENT in one incarnation form or another.

“Frankly, considering your attitude, I’m shocked you aren’t a ksh zealot, since that’s clearly the golden shell the Solaris Gods intended you to use.”

I do use /bin/ksh for writing shell scripts… at least on Solaris we don’t have to resort to specially issued versions of `ksh`, aka `pdksh`.

“And what exactly is there to UNDERSTAND about “what is being asked” in any of the points in my post?”

You did not rightly read what I wrote. If you want to do a custom install of Solaris from CD/DVD, the decisions necessary require you to have at the very minimum advanced understanding of Solaris FileSystems. Additonally, on the i86pc platform, one needs an understanding of how the so called “new boot” functions, and why it functions that way.

Then there is NIS, NIS , Kerberos, and so on. You need to understand what is being asked of you and how to configure it properly (since there is more than one way to skin a cat).

“I suppose in your mind the fact that the installer sits there, unresponsiive for minutes at a time, is part of a master plan to give you time to reflect on the nature of Solaris’ various scheduling algorithms?”

Again, you just proved the point I made earlier about you. The installer “sits there” because the whole installer is actually an instance of JumpStart, i.e. it uses the JumpStart architecture in its most rudimentary form. But it is enough of the infrastructure for the installer to actually try and obtain the information about how it should install ITSELF from the network.

So if you had an understanding of how JumpStart works, which as a “sysadmin” you should at least have a conceptual understanding of network installations, you would have been able to identify that the installer “sits there”, because he is waiting for his network queries to time out.

So if you consider yourself to be a sysadmin, reality check: I would not hire you to even change disks in failed mirrors, let alone administer UNIX and UNIX-like systems.

“Or I suppose when you first installed Solaris 7, the first thing you did was will a JumpStart server into existence out of the ether so that you could go straight to customizing your jumpstart scripts and skip this whole interactive installer nonsense?”

I installed Solaris 7 about 40 times before I understood how the whole system works, which makes your points all the more rediculous: Solaris is really meant to be installed over the network, with thousands of installations in parallel, not have some Linux kid whine about it when he tries to install it as a desktop and doesn’t even understand that the system is waiting for the network to tell it how it should install and configure itself. This is what I find to be the most ironical thing in your entire review, and I haven’t even discussed your other faux pas in detail.

“I’m all for getting a deep understanding of how an operating system works, and learning to master the system you’re working in, but this is *completely* unrelated to my rant.”

Only now are we starting to get to the bottom of the thing. It was a rant, but a very unjust rant at that. And that’s what rubs me the wrong way.

Solaris can be that perfect server or a desktop for you, but it can’t magically fill the knowledge and experience holes you have. That, my friend, you have to do for yourself.

mark 06.22.06 / 12am

ux-admin, the only thing I’ll respond to is the tcsh bit. Cause, to be honest, the rest of your reply is so out-of-this-world I don’t even know what to make of it, let alone how to respond in a manner that could get through to you.

I used tcsh for about a year or so (on BSD systems) until I started shell scripting more and concluded that using two different shell syntaxes (one for scripting and one for interactive use) was hurting my brain and my productivity. So I changed. I spent about 5 years in ksh (mostly ksh93 or pdksh that I’d download and install myself where possible) almost exclusively. The last bunch of years (I’ve lost count) have been in bash, and I’ve been happy. Truth be told, I like zsh the best, but it’s availability is spotty at best so I make due with bash or a ksh-variant.

(Aside: I’d actually take pdksh over the ancient /usr/bin/ksh (88) in stock Solaris. Since I’ve been cruising the OpenSolaris communities today, however, I’m happy to report that there’s a project underway to update ksh to ksh93! Yay!)

Oh, I will add that your “the installer ’sits there’, because he is waiting for his network queries to time out.” bit made me LOL.

Thank you. I needed that.

(hint: my original post actually says why it does this. it has nothing to do with jumpstart)

ux-admin 06.22.06 / 8am

Using more than one shell was “hurting your brain”?

Is there really anything more to say? Sonny, you’re not what we’d call sysadmin, let alone system engineering material.

Be that as it may, best of luck to you. You’ll need it.

mark 06.22.06 / 9am

Thx. I love you too.

Dick Davies 06.23.06 / 2am

The installer is not perfect. This should not be heresy. What a plum.

Jim Cotillier 06.24.06 / 11am

ux-admin:

You say, “Sonny, you’re not what we’d call sysadmin, let alone system engineering material.”

“Sonny” implies you see yourself as logically (if not physically) older and wiser than other posters. Let’s see how wise you are, if not how old you are.

The following is what I call a ’system programmer.’ If you are one, then I can hand you a raw system memory dump, with all annotation and automatic formatting turned of–meaning physically ripped off–of the 3,000 pages of PAPER that I will roll over to you on a dolly.

Looking at this pile of paper, 180,000-odd thousamd lines of hexadecimal barf in hexdump -C format, you get to tell me everything that system was doing at the time I took the dump, and who was doing it.

So, you need to know the core control blocks, what they look like, how to find them from scratch, and how to walk them by hand. You will be allowed to use an internal kernel data area reference manual in doing this, but that’s all.

If you think I’m just throwing that at you because of your putrid attitude, you’re partially right, but you should be aware that 30 years ago, senior systems programmer job interviews ROUTINELY had the interviewee do this, AND MANY STILL DO. I did it, and I have asked interviewees to do it over the years.

ANOTHER interview technique I use is to take the applicant over to the console of a machine that is in a high-priority enabled loop. I ask the applicant to stop the system (a la STOP-A if you prefer). Open a window into the area of storage where the looping instruction counter is at the stop (ALTER/DISPLAY MODE if you prefer).

Then, looking only at the raw hex, the interviewee must understand enough of the looping program to be able to change a critical instruction, also in hex, to one that will break the loop, and then hit START. You lose points of the looping process cores.

Of course, I will have set the machine up with this situation beforehand.

If you are hot enough to trott this, then I retract my flames. but I still hold that you should be more accomodationg of people with lesser abilities than your own.

‘Senior sysadmin’ today is ofen merely a euphamism for “knows how to install by following someone else’s scripts and procedures, and can dink around correctly with some stuff in /etc.

As far as this thread is concerned, if you don’t like , WRITE YOUR OWN, RFE to Sun, and stop wasting bandwidth with your vitriolic grousing.

Alan 06.26.06 / 12pm

Hi Mark: Thanks for the post. I totally agree with #9. Sendmail should have been shown the door a long time ago. Maybe Solaris can follow NetBSD’s example—they just switched to Postfix less than a month ago after Yet Another Sendmail Security Hole:

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-017.txt.asc

About the shell stuff. I don’t agree with most of what ux-admin has said, nor the manner in which he said it. But the fact remains that features which make a shell pleasant for programming are largely orthogonal to features which make it pleasant for interactive use. I’ve known many smart people who prefer tcsh for interactive use because it offers advanced interactive features like spelling correction. These people are well aware of tcsh’s deficiencies as a programming language; when they need to write programs, they simply type “sh” (or “bash”, or “ksh”).

If you like bash for both interactive use and programming, that’s fine. But IMO it’s perfectly reasonable for someone to prefer different shells for different purposes.

mark 06.26.06 / 7pm

Alan, thx for the NetBSD link! Cool to see them switching to Postfix as well (my favourite MTA).

As for the shell stuff, fair enough. The me vs. ux-admin “who’s a bigger man” banter was all rather childish and uncalled for, and really I shouldn’t have bitten his tcsh bait to begin with..

As I said, I personally didn’t like mixing two shell syntaxes daily. Of course, these days I don’t write sh (sh, bash, or ksh) scripts often and mostly rely on Ruby or Python for my scripting. So I could probably go back to tcsh no problems now. I always sorta like it when I come full circle. At this point, though, if I were to switch away from bash it would probably be to zsh.

Jim: Thx for the reality check! I would certainly be in a heap of trouble in one of your interviews! I have written device drivers, and even understood a fair bit of the FreeBSD VFS code for a while (when I worked on NFS code at the University of Guelph, next to the zen-master Rick Maclem), but that would be a hardcore interview.

As for the last statement, I probably will write or support some RFE’s, but I think my posting here can serve just as well as any post to an OpenSolariis jive forum or an official bug report. One of the goals of any open system is to foster an open community, and for that to happen conversations can and should happen outside the mothership’s facilities.

If I’ve started even a single debate anywhere within the Sun / OpenSolaris community about what a modern-day Linux sysadmin’s first impressions of Solaris *might* be, then I’ve succeded.

aorchid 06.27.06 / 2pm

Nice summary. I have burned the update 6/06 install to a DVD and am still waiting 30 minutes as it is ‘Reading Java Enterprise System…’ thinking that I must have to turn it off and start over (stuck? the curser does mover, so it must not be dead, or is it?). I have been attempting to complete the upgrade for over 4 hours. This is a new ultra 20.

teodoro lopez 06.28.06 / 11am

please, how install internet on solaris 2.5, have one ip, acces for internet via proxy on windows xp, sorry for my english.
tanks
teo

Knut Grunwald 06.29.06 / 9am

Nice discussion.
The Installer of Build 42a is broken for my hardware, since starting an application from the GUI takes forever.
At least one night was not enough.

So I installed from text mode using an nfs-mounted dvd image.

Jump start is fine, but we deliver systems to customer sides and don’t want the system to be moved at every reinstallation, because of hw-damage or upgrades.

Two reasons for this:
1. Customs - Computers and Computer parts have to be declared
CD and DVD media will go unnoticed (You can even declare them and take them back with you)
2. Installation on the side gives a good feeling the customer, that he is able to continue operations, even
when traveling is impossible.

Since breakdowns a seldom with solaris, this is just for the feel.

AnonymousCoward 07.25.06 / 3am

I’m glad other people feel the same - it’s fine to say that it’ possible to tweak and reconfigure following an install, but how many sysadmins out there actually have the time to fart around doing this for every install?

Another couple of annoyances:

- practically useless $PATH for ssh logins: /usr/bin. Who wants to prepend /usr/ucb everytime they want to see disk usage, the currently logged in user or link a file? These are common enough tasks and pose no security threat when they are in the path

- practically non-existent package management. apt-get install vim anyone?

The more people who speak up about this, the more likely it is that people in Sun will take notice.

Fred C 08.09.06 / 7pm

I agree whole-heatedly with these observations. While Solaris is light years ahead of other *nix platforms in terms of it’s ability to run enterprise class systems, there are several tiny things, mentioned above, that would essentially provide the much needed polish that the install is missing. The less post-install configuration my JumpStart system needs to do, the better I feel about the OS.

Incidently I’ll be interested to read up on the connection between Bill Joy and vi — sounds interesting.

To ux-admin: you epitomise the very ilk of sysadmin that I can’t stand to be around. Your fanatacism about which shell to and how things are to be done exposes you as nothing more than the Scientologist of System Administrators. Get over your way of doing things and appreciate alternative points of view.

I’m not sure if you follow Mark’s blog at all though I doubt very much that you have. If you did you’d see that you’re not dealing with the amature that you seem to be painting him to be, and your insinuations only serve to diminish your own credibility.

–FC

VMUNIX Blues » Blog Archive » Aventures in storage land - damned if you do, damned if you don’t… 09.07.06 / 1pm

[…] So if you remember my attempt to install Solaris 10 a little while back, I ended up running into a little problem. Namely, I had a couple of Apple-sourced LSI FC HBAs I wanted to connect up to the pair of Apple XServe RAID shelves. The problem was that while LSI provides a lovely “ipt” driver for use in Solaris 10 x86, so does Sun.. Sort of.. You see, the Sun v20z and galaxy servers all use LSI “MPT Fusion” onboard SCSI/SAS controllers. So Sun wisely provides a stock “ipt” driver in Solaris 10 that speaks to the onboard adapters just fine. But Sun’s driver does not support fibre-channel HBAs! So you have a stock driver that can’t talk to the FC HBAs, and a 3rd party driver LSI driver that can speak to the FC HBAs and the onboard, but can’t be installed since there’s already an ipt driver bound to the onboard device… Apparently there is a workaround, but Sun tech support and #opensolaris strongly discouraged it. They recommended just buying QLogic HBAs. Too late for that.. *sigh* […]

DragnLord 09.19.06 / 8am

the key to a “speedy” install from disk is to unplug the network cable before booting to disk

Gentry 11.30.06 / 3pm

which gvim
/opt/SUNWspro/bin/gvim

vim is in there, you just don’t know where to look.

The LSi driver problem ought to be solvable by unloading the ipt module, taking the package out, and putting in the one that works. It shouldn’t cause you any problems to do that, and I don’t know why you’ve gotten recommendations to the contrary.

Not everyone likes bash, and for some good reasons too. It’s best to write stuff in ksh, unless all you ever want to write stuff for is Linux.

A lot of these arguments amount to “It’s not like Linux, you’re not pandering to my ignorance”, and trivial installers complaints. Oddly, if all you are used to using is a hammer, every problem looks like a nail.

As for root’s home dir being messy, well if you -must- login as root, it’s not that bad of a habit to clean it back out. afterwards. Changing root’s home, and worse changing roots shell, well I’ve seen people fired over the results of doing that. Figure out why for bonus points.

mark 11.30.06 / 4pm

Gentry: I downloaded Sun Studio and sure enough, there’s vim and emacs in contrib. Neat. Bizarre, and completely unintuitive, but neat.

The LSI driver swap is non-trivial because you can’t unload the driver that’s providing your root filesystem, or even remove the package. At least not without a lot of futzing around (i.e. moving the disk to a system that doesn’t have a LSI HBA in it). Since all of Sun’s amd64 hardware uses on-board LSI controllers, this is a bit tricky. Sun *officially* says they will not support you if you replace their ipt driver with the 3rd party version. Go ahead and place a service call and see for yourself.

I write scripts in ksh, and put a she-bang line at the top of my scripts specifying the shell, but I do prefer zsh or bash for interactive use. But you’re correct that it’s purely a matter of personal preference. Bash is there by default, at least. So I’m reasonably happy.

Regarding the Linux comment, well, what did you expect? The whole point of this post was to look at what a Solaris installation feels like to someone coming from years of Linux sysadmining. It’s worth noting that I sysadmin’ed on Solaris boxes for nearly a decade before the market went to Linux. It’s my belief that the Linux market is Sun’s biggest growth opportunity, so considering how to better cater to these people ought to be worth spending some time on.

The root home dir comment is rediculous. Why put it on /? What purpose does it serve? What am I gaining by having it there? Of course I always move it myself, but if you’re new to Solaris you’re going to run the graphical installer from the DVD and you’re only going to get the opportunity to create a root account. When the machine reboots, what else are you going to do but login as root?

I kept root’s shell as /bin/sh back when it was statically compiled. It’s not anymore:

root@hubert:/bin# file sh
sh: ELF 32-bit LSB executable 80386 Version 1, dynamically linked, stripped

So I no longer see the point in sticking with /bin/sh as the root shell.

Nathaniel Petersen 12.21.06 / 7am

I kept root’s shell as /bin/sh back when it was statically compiled. It’s not anymore:

root@hubert:/bin# file sh
sh: ELF 32-bit LSB executable 80386 Version 1, dynamically linked, stripped

So I no longer see the point in sticking with /bin/sh as the root shell.

You couldn’t be more right if God from on-high burned them into stone tablets.

In my department, there is an ongoing debate over the shell issue. Personally, my only requirement is that I *must* be able to ’set -o vi’. That, and v to edit my command buffer. The shells that I use on a daily basis can do this (bash, ksh).

The only argument that I believe holds water for keeping /bin/sh as root’s shell is that it *does* take away those helpful shortcuts. Forcing an admin to explicitly type out each command gives the added fifth of a second to actually think about what you are doing.

rdoetjes 12.29.06 / 8am

This sounds as a complaint song of a mediocre Linux sysadmin. How cares about the install? Have you ever installed 2.6-2.8? Then you will see that Sun has improved the install signifigantly that every twat can install it.

The terminal issue you describe makes sense, you odd to know that xterm-color is a non-existing xxterm subset a simple TERM=vt100 for xterm terminals is easy enough.

Who cares about bash prompt? Are you inapt and can’t set the prompt yourself?
The reason that we don’t have a /root is very obvious (only lousy admins would not know), that’s that when you only have the / file system left that we can still function 100% properly. I don’t hear anything about the fact that Solaris 10 is smarter than Linux with shells. You can set a ldd linked shell as your root shell and when in single mode it will automatically switch to a static linked sh shell. You can always set it to a different location.

I agree lets get rid of Sendmail, however sendmail is a defacto MTA and many a program uses sendmail. Why should you alter this when it’s easy enough too install Postfiix yourself?

As of Solaris 10 11/06 SUN can install a “secure” OS. BVut we’ve always had SUNWjass (Jass) to harden your OS beyond anything that Linux/OSX and BSD can do. How many Unixes have password retry lockouts?

Install is indeed SLOOOOOW but then again buy a DVD rom drive and you only install once.

VIM is again for pussy admins. A real admin doesn’t need vim! I never used any of the VIM extensions and I can do just fine. Besides VIM is a hog of memory and vi is nice and slim.

Nameservice is install by default, you just don’t need to configure it. How hard is it to make an /etc/resolve.conf file afterwards?

Conclusion your problems with Solaris install is build on a Linux foundation and no experience with “real” unixes before that. Try installing AIX, Tru64, SCO or Irix you will see exactly the same.

mark 12.29.06 / 1pm

Hi rdoetjes. Although most of your points were already addressed above, since you took the time to leave feedback I’ll take some time to respond.

This sounds as a complaint song of a mediocre Linux sysadmin. How cares about the install?

I love how as soon as I criticize any part of Solaris, there’s no shortage of Solaris sysadmins out there who’s first response is “oh, look at the idiot linux guy! what a moron!”. Even if they don’t really mean it. It’s a gut reaction. I’m beginning to realize just how strong the bitterness towards Linux really is.

Anyhow, looking at the Solaris installer from the point of view of a Linux sysadmin was the *whole point of this post*. Personally, I come from a BSD and Solaris background, and I’m rather annoyed that I end up using Linux at least 90% of the time these days. So I’ve been turning a critical eye towards Solaris and asking “what’s driven such adoption in Linux?” when the commercial (and even BSDs) utterly failed to reach the community and “market” that Microsoft was so successful in targetting. What can Sun and/or the OpenSolaris community do to win back Linux shops?

Fundamentally, I think initial impressions are *critically important* in driving adoption of software, so that’s why I care about the installer.

The reason that we don’t have a /root is very obvious (only lousy admins would not know), that’s that when you only have the / file system left that we can still function 100% properly.

I didn’t suggest /root be a seperate filesystem, just a directory off /. /root is just as accessable as / in single-user mode. I have yet to hear a logical argument as to why root’s homedir must remain “/”, and until I do I’m firmly in the camp that wants a /root, and wants it used by default.

The dynamic/static sh argument isn’t a valid point, as there’s only one “sh” now and it’s dynamically linked. It does only link to libraries in /lib so you don’t need /usr mounted, so it is “single user friendly” I suppose, but when you boot to single user you can pick a different shell anyways. Personally, I’d prefer if I had to choose the featureless “sh” manually when booting single user, but was given a more featureful shell (the upcoming ksh93, if not bash, perhaps) by default for my normal duties. Alternatively, a better solutions might be to create a non-root user by default and force the user to login via that account instead of the root account after installation. Gain root priveleges through RBAC, similar to how OS X and most Linux distros utilize sudo these days. It seems I’m in the minority on the shell issue, though. Fair enough.

I’ll concede the vim point. How ’bout a non-X11 vim make it into /usr/sfw by default, though?

The rest of your arguments come down to “why complain, you can fix things up easily enough yourself after the install unless you’re an idiot Linux admin”. Which is nonsense. Why should I have to? Even if you’ve been using Solaris since 2.4, it’s a stupid waste of time, and that’s not even the point… A sysadmin new to Solaris just isn’t going to have any idea where to start. They aren’t going to know about jass, about how to actually set a usable PATH, fix crypt, enable syncookies, or how to do almost any of the things us experienced Solaris sysadmins do to bring Solaris up to snuff.

Try installing AIX, Tru64, SCO or Irix you will see exactly the same.

Yeah. And they’ve done so well in the marketplace, haven’t they!? Let’s be like AIX! Like Irix! That’s what we should do! Let’s give up and adopt Linux instead!

Seriously though, any OS has its idiosyncracies and nuances that take time to learn, appreciate, and master, but there’s lots of stupid stuff that stays the way it is for no good reason other than “that’s the way it’s always been”. If we’re to learn anything from the success of Linux, it’s that we shouldn’t be afraid to innovate in all areas of the UNIX experience. In my mind Solaris’ out-of-the-box-unreadiness is a contributing factor in why Solaris isn’t as attractive as the commercial Linux distros to many, many, many shops. It’s an unecessar barrier to entry. And that’s too bad, because everyone could benefit from taking a look at Solaris and the loads of stuff that truly is innovative. The good news is that the stuff I’m complaining about is pretty easy to fix in the grand scheme of things.

The only valid debate in my mind isn’t whether or not Solaris needs to improve in these areas, it’s whether or not “Solaris proper” is the place to tackle it. Should all such efforts be focused on the independant OpenSolaris efforts like Nexenta? I don’t have an answer for that one, but if I were Sun, I’d at least be hedging my bets in case Nexenta and friends don’t reach critical mass and get off the ground. Which probably means that these crufty bits of the Solaris experience need some tender loving care.

Damo 01.03.07 / 1am

#6: you shouldn’t log into X as root.

mark 01.03.07 / 1am

No, you shouldn’t, but the installer leaves you no choice if you follow along with the defaults. It will run X, and it will only create a root account.

gal 02.07.07 / 6pm

mark,

Interesting blog. I found the Solaris 10 install maddening as well, but mainly because dependencies are not automatically resolved.

Just a word of caution on replacing root’s default shell: be sure to compile statically linked and plop it in /sbin. Otherwise, a hosed /usr (/usr/local, whatever) file system will send you running for a boot CD just to run just to fsck the offending file system. Better just to fire up your favorite shell from /.profile (or /root/.profile, if you prefer).

Tyler 04.19.07 / 7am

I read this, and agree with some of the points. First
impressions really do count toards an OS -
I tried solaris last year,
but it’s implementation of ed was,
and still is, a piece of junk -
compared to BSD ed. Considering that
I use ed every day for everything from coding
to email, and use an ed-like web browser (edbrowse),
this was a major point. Zfs brought me
back to solaris though, and now that I have
more knowledge and time, I can get a half decent version
of ed on the system.. Soalris’s default
ed doesn’t even have the z command - viewing files
without z is annoying to the extreme.
,s/solaris/Solaris
a
- Tyler

Byron 05.15.07 / 10am

Solaris does indeed SUCK. Forget what all the UNIX (Eunuch) loosers say. I hate everything about Solaris, it’s dated as hell and is a far, far cry from being “The most advanced operating system ever”. Please if you have to note that to the world, why can’t your reputation speak for itself.

Solaris 5.8 and 5.9 are really old. However there are still ugly vulnerabilities that crop up with NIS, RPC Services to this day. Solaris 5.10 has managed to surpass 5.9 in the # of patches it can generate.

Somone above made the statement:

“You have a state of the art, most advanced operating system in the world in front of you, but the problem is, you’re trying to compare it to a dinky, hacked-together kernel-userland called Linux that doesn’t even stand up to Solaris’s ankle. And the worst of all, you don’t rightly understand what you have, and why things are the way they are. It’s not because “that’s how it was always done”, it’s because there is a damn fat good reason why.”

UH, mabe in 1992 there was a good reason to do things some arbitrary way. Get with the times folks it’s a new milleniumn. Hire some programmers and fix your damn product to be better than Linux. What you say? Service manager for 5.10 finally released. WOW! what was that syntax again?

Lastly, how many caveats are there when using Solaris to do anything?

Novell and IBM partnered and purchased SuSE, to prevent them from having to develop a proprietary OS in house. Sun’s old school methology stems from having proprietary hardware that requires proprietary software to work. All of this on a SPARC processor that hasn’t changed since 2003. R&D was too expensive to compete with x86 based chips, this is why they now utilize AMD’s. So long as the Government and money hungry VAR’s sell/purchase or promote Sun’s current products line they will die a slow death. Get with the program and go GNU while contributing something to the world…. besides grief on using your product(s).

Bhaskar 09.24.07 / 4am

Hi I installed Open Solaris 10 on a Dell PC with Intel Duo processor. The problem is that once the installation finishes and the system reboots, the OS tries to go into graphics mode and I hangs there. I have a dark screen on the LCD panel which says : -

1: Analog Input
Cannot Display This Video Mode
Optimum resolution 1280 X 1024 60Hz

The boot simply hangs thereafter. Please help. I am terribly pissed off with Solaris as of now.