Adapted from the lpadmin man page, for an HP JetDirect printer:
> pfexec lpadmin -p lp01 -v /dev/null -m netstandard -o dest=lp01.example.com:9100 -o protocol=tcp -T PS -I postscript
> pfexec lpset -a banner=never lp01
> pfexec lpadmin -d lp01
> pfexec enable lp01
> pfexec accept lp01
Links for February 26, 2010:
- Best Practice Guide for Microsoft SQL Server on NetApp Storage – "This best practice guide is designed to give storage administrators and database administrators the keys to successfully deploying Microsoft® SQL Server® 2005 and 2008 on NetApp® storage. This technical report will discuss Microsoft and NetApp high-availability solutions, best practices for data management, backup and recovery, and best practices for storage layout."
YMMV; adjust as you see fit:
svcadm disable svc:/network/nfs/mapid:default
svcadm disable svc:/network/nfs/cbd:default
svcadm disable svc:/network/nfs/status:default
svcadm disable svc:/network/nfs/nlockmgr:default
svcadm disable svc:/network/rpc/rstat:default
svcadm disable svc:/application/x11/xfs:default
svcadm disable svc:/network/finger:default
svcadm disable svc:/network/ftp:default
svcadm disable svc:/network/login:rlogin
svcadm disable svc:/network/nfs/rquota:default
svcadm disable svc:/network/nfs/client:default
svcadm disable svc:/network/rpc/rusers:default
svcadm disable svc:/network/rpc/cde-ttdbserver:tcp
svcadm disable svc:/network/shell:default
svcadm disable svc:/network/telnet:default
svcadm disable svc:/network/cde-spc:default
svcadm disable svc:/application/management/seaport:default
svcadm disable svc:/application/management/snmpdx:default
svcadm disable svc:/application/management/dmi:default
svcadm disable svc:/system/webconsole:console
svcadm disable svc:/application/print/ipp-listener:default
Use ssh-keygen, just like you would with an account’s key pair:
# ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
# ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
To use pfexec similarly to sudo, use “usermod” to give the account the “Primary Administrator” profile:
# usermod -P'Primary Administrator' aleonard
“aleonard” will now be able to preface commands with “pfexec” to run them as root, similar to sudo when configured not to prompt for a password.
References: Less known Solaris features: pfexec
Configure ‘/usr/lib/mail/cf/sendmail.mc’ to meet your needs; for example, to use the access_db and mailertable features:
divert(0)dnl
VERSIONID(`@(#)sendmail.mc 1.11 (Sun) 06/21/04')
OSTYPE(`solaris8')dnl
DOMAIN(`generic')dnl
FEATURE(access_db, `hash -o -T /etc/mail/access')
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
MAILER(`local')dnl
MAILER(`smtp')dnl
The new ’sendmail.cf’ can be built in ‘/usr/lib/mail/cf/sendmail.mc’ by running ‘make’ as root. Copy the new ’sendmail.cf’ file to ‘/etc/mail’ and restart sendmail by running:
# svcadm restart sendmail
An example mailertable mail map would be as follows:
example.org smtp:mx.example.org
Once your map files are ready, use ‘makemap’ to create the database files for each map:
# makemap -v hash mailertable < mailertable
# makemap -v hash access < access
Links for February 25, 2010:
- nlnetlabs.nl :: DNSSEC HOWTO :: – "This HOWTO is intended for those people who want to deploy DNSSEC and are seeking a document that lives between a typical high level description of the topic (see the excellent Surfnet White Paper on DNSSEC for that (http://www.surfnet.nl/Documents/DNSSSEC-web.pdf ), the typical out of the box recipe, and an in depth description of the technology."
Links for February 22, 2010 through February 23, 2010:
Use “devfsadm”; from the man page:
devfsadm(1M) maintains the /dev namespace. It replaces the previous suite of devfs administration tools including drvconfig(1M), disks(1M), tapes(1M), ports(1M), audlinks(1M), and devlinks(1M).
References: Adding a Hard Drive to Solaris 10
Seen multiple places around the web; I’m not sure where attribution should lie, but this is not original to me:
# ~/.ssh/config
#
Host *.amazonaws.com
CheckHostIP no
StrictHostKeyChecking no
UserKnownHostsFile /dev/null