Monday, 10 December 2007

Upgrading to Solaris 08/07 using liveupgrade

I am currently upgrading my Solaris 10 06/06 installation to Solaris 10 08/07 , using "liveupgrade".

I wanted to do this as soon as 08/07 came out but Sun for some reason hadn't released the patches to Solaris 10 to enable this to work (see infodoc 72099).

The infodoc has now been updated to show the required patches. There are a lot. It would be nice to be able to use live upgrade to patch the system as this is one of the things for which it can be used but we have a catch 22 situation where we need the patches for live upgrade to work and live upgrade to install the patches that way.

I have now patched the 06/06 system but this was not straightforward as the infodoc has not been updated to reflect obsoleted patches, e.g. 119254-42 has been obsoleted by 119254-45. This isn't too bad but another problem comes when several of the patches have all been obsoleted by the kernel patch 120012-14 yet this will not install without one of those patches.

After reading a Sun bug report this is the way to solve the dependency problem when coming to add patch 125547-02:

patchadd 122660-10
patchadd 124204-03
patchadd 122660-10
patchadd 125547-02
patchadd 120011-14

I hope I haven't missed something here, my notes aren't as comprehensive as I would have liked but I ain't going through it again!

The Alternative Boot Environment (ABE) creation was then tried with
/usr/sbin/lucreate -A "for_sol10_0807" -n sol10_0807 \
-m /:/dev/md/dsk/d200:ufs,mirror \
-m /:/dev/dsk/c0t2d0s0:detach,attach,preserve \
-m /var:/dev/md/dsk/d203:ufs,mirror \
-m /var:/dev/dsk/c0t
but this failed with messages about the root for one of my zones being available in a a filesystem "/ressus". This was the case - it turns out that the root for any zones must be split off into the new ABE as well as the global root. This makes sense but the error messages don't make it clear that this is the problem. The creation was then tried again with:

/usr/sbin/lucreate -A "for_sol10_0807" -n sol10_0807 \
-m /:/dev/md/dsk/d200:ufs,mirror \
-m /:/dev/dsk/c0t2d0s0:detach,attach,preserve \
-m /var:/dev/md/dsk/d203:ufs,mirror \
-m /var:/dev/dsk/c0t
2d0s3:detach,attach,preserve \
-m /ressus:/dev/md/dsk/d205:ufs,mirror \
-m /ressus:/dev/dsk/c0t2d0s5:detach,attach,preserve

This worked, apart from shed loads of messages about being unable to remove files from read-only filesystems, I think this was again due to the non-global zone. The ABE did seem to be set up tough.

In the above commands it should have been possible to use e.g. d205 instead of /dev/md/dsk/d205 but this did not work.

The next problem was when using luupgrade to do the actual upgrade:

luupgrade -u -n sol10_0807 -s /cdrom/cdrom0/s0

this resulted in an error message about being unable to mount the miniroot.
 ERROR: Cannot mount miniroot at .

Another document describes this problem. The workround is to use the setup-install-server command (as used when setting up a jumpstart server) to copy the first CD boot files to another local directory:

 cd /cdrom/cdrom0/s0/Solaris_10/Tools
./setup_install_server /export/home/install_server
luupgrade -u -n sol10_0807 -s /export/home/install_server
This is now working (slowly). The next step will be to try the other CDs , e.g.
luupgrade -i -n second_disk -s /cdrom/cdrom0 \
-O "-nodisplay -noconsole"


It took hours for the first CD to install, the others took an hour or so each. Everything worked an I have now activated the new boot environment and rebooted.

No problems detected so far.

Friday, 9 November 2007

Getting LTSP 5 working on RHEL5

The Linux Terminal Server Project (LTSP) has released version 5 for integration with Linux distributions.

They have
instructions for using a tarball where a distribution has not integrated the release.

Here are some hints for installing LTSP 5 in RHEL5 (Red Hat Enterprise Linux 5) using the tarball.

I decided to the use the Debian etch tarball from the list of downloads as I am more familiar with Debian out of those listed.
Once the necessary RPMs have been installed DHCP, TFTP and NFS can be enabled in RHEL5 using system-config-services .

/usr/local/sbin/ltsp-update-sshkeys does not work because the tempfile command does not exist . Fix this by:
cd /bin
ln mktemp tempfile
then run

The filename in /etc/dhcp.conf for etherboot is /ltsp/debian_etch_i386/nbi.img

This is the /etc/dhcpd.conf file for my set up (a single client on my home network using a private address range):

# dhcpd.conf ddns-update-style ad-hoc;
option subnet-mask;
option broadcast-address;
option routers;
option domain-name-servers;
option domain-name "";
get-lease-hostnames true;

host {
hardware ethernet 00:10:5a:cd:45:7b;
filename "/ltsp/debian_etch_i386/nbi.img";
option root-path "/opt/ltsp/i386";
option subnet-mask;
option broadcast-address;
option routers;
option domain-name-servers;
option domain-name "";

subnet netmask {

here is the LTSP client that gets booted with Debian, is the LTSP server running RHEL5. Note that for LTSP 5 root-path does not include the IP address of the server. If you put it in you will get "nfsmount: need a path" repeating messages.

I could not get tftp to work without disabling selinux, there must be a way of changing the policy to allow this. Of course disabling selinux would not be OK where this is a local security requirement.

Similarly, even though the firewall was opened up for tftp and NFS there was a problem with another protocol so for the time being the firewall is also disabled!

The LTSP client screen will still not display because LTSP expects a file /etc/X11/Xsession to exist on the server. In RHEL5 this corresponds to /etc/X11/xinit/Xsession .

This can be fixed by specifying the environment variable LDM_REMOTECMD in /opt/ltsp/i386/etc/lts.conf:

LDM_REMOTECMD = /etc/X11/xinit/Xsession