Setting up Solaris on an Ultra Sparc
machine.
Sparc machines are kind of odd, for those of us used
to PC types. A sparc machine actually comes up in to the bios, automatically
when it boots up. The Sun bios itself is a bit foreign to PC users, though
mainframe and minicomputer users will see nothing surprising here. Like
the original versions of Unix, the bios of the Sparc machine is command driven.
That is to say, you type in commands, and await responses. This can be
a bit intimidating, until you learn your way around with some basic commands.
Unless you have purchased a machine with Solaris
pre installed, you will need to get the installation software. Unlike Microsoft,
Sun offers it's operating systems free of charge to students, evaluators,
and individuals. Only companies are expected to pay a licensing fee. Sun
does require a license, from the individual user, but it is granted free
of charge. Solaris can be ordered as a media set, or can be downloaded, but
be aware that the complete download is, as of this writing, 2.5gb, and that
subsequent versions can only get larger.
If you decide to download the set, be aware that
you will be downloading ISO images, not executables. The ISO images will
have to be burned into a set of bootable cd's. This is not difficult, and
most of the better cd burning software packages can do this with no problem.
In my own case, I used Nero. Double clicking on the saved ISO images brought
Nero up, and after verifying a couple of things with Nero, the cd's were
burned with no problem. In some cases, the ISO images will not work, or
you will encounter errors during install. You may try and reburn the ISO's,
or just bite the bullet, and order the CD set from Sun.
There are a number of people out there, who are making
a certain amount of money by selling or reprogramming Ultra Sparc PROMs.
This happens because a number of people get used Sun machines, and discover
that there is a PROM password, and they have no way of determining what it
might be. The solution to this problem is not replacing the chip; but simply
to plug in a sun keyboard and hold down the |stop + n keys at the same time.
This should get you past the PROM password. If this does not work, I go into
a bit more detail below, about how to get past a PROM password.
Purchasing a used Sun Ultrasparc, it is likely that
you will either have an erased hard drive, no hard drive at all, or an unoriginal
hard drive. In any of these cases, the system will boot, and you will the
receive message which states "Bad magic number in disk label" The system
will then hang. The first thing you will want to do is to unhang the system
and get an OK prompt. This can be done by hitting the STOP
and a keys at the same time. this should get you a prompt
which says OK. At the OK prompt you are in the bios, and can
type in commands. From here on in you will need the install software.
Once you have brought up the OK prompt, insert
Disc 1 of the Solaris install set into your CD drive. Once this is done,
type boot cdrom -s. This will restart the machine, and boot
off of the CD rom. The -s tells the computer to boot
in single user mode. You will get a bunch of error messages as the machine
looks for the network anyway, and then :INIT: SINGLE USER MODE. Once
the computer has booted, you can type in format, to start the
drive preparation. You will probably want to select the 0 drive, depending
upon your hardware configuration. You can check your IDE configuration by
typing probe-ide at the OK prompt. For those using SCSI drives,
the command would be probe-scsi.
Once the drive is formatted, it will be given a magic
number, the Solaris version of the Windows volume id. Once the drive is
formatted, and numbered, you will need to reboot, and select boot cdrom
to start the install. At this point, the installation is pretty straight
forward, with prompts, and many auto features. Solaris is not nearly as
difficult as it once was. One thing that will drive the pc user nuts, is
that the enter key by the number pad is not usable during this installation.
Because the Solaris install program is menu driven, I have not bothered to
include instructions for the install. It is at least as easy as installing
Windows, with the hardware detection phase being much easier.
If you are still hesitant to try installing Solaris,
Sun has step by step instructions on its website at
http://docs.sun.com/app/docs/doc/820-0176/6nbudp710?a=view
If you need to get past
a PROM password.
For those who are new to Unix, and to Sparc, the idea
of a PROM password may be a bit strange. It has caused untold numbers of
users to be unable to load or even to use their Sparc machines. Here is the
reason it exists. Unix has always been a multi tasking system, designed for
remote log in by many concurrent users, usually from dumb terminals. Different
users are given different levels of access to the system. The top user is
always the ROOT user. This is equivalent to the Windows administrator or super
user. Many Unix machines do not even have a control head; that is to say,
there may be no keyboard or monitor connected directly to the machine. In
the cases where there is such a control head, it is called the console.
Traditionally, a Unix system was completely secure,
as long as no one had access to the console. There was no way for the remote
user to spoof or break the system, because there was no way past the log
in screen, without a proper password, and user id. As was mentioned above,
there often was no console, and even in the cases were such a thing might
exist, it was generally very well secured, since the Unix machines of old
were very expensive, very large machines. This is not often the case today.
As computers grew smaller, cheaper, and more accessible,
some users began to discover that the log in password could be circumvented,
if one had access to the console, and if the computer were set to boot from
a source other than the hard drive. This was handy for users who may have
forgotten their passwords, and had access to the console, but greatly compromised
system security. Here are the instruction for circumventing the log in password:
Circumventing the log in password (if you have access
to the console, and there is no prom password)
1. Note the root partition (e.g. /dev/sd0a or /dev/dsk/c0t3d0s0)
2. Hit STOP-A or L1-A
3. Boot single-user from CD-ROM (boot cdrom -s) or network
install/jumpstart server (boot net -s)
4. Mount the root partition (e.g. /dev/dsk/c0t3d0s0) on "/a". "/a" is
an empty mount point that exists at this stage of the installation
procedure. (mount /dev/dsk/c0t3d0s0 /a)
5. Set your terminal type so you can use a full-screen editor, e.g. vi.
(you can skip this step if you know how to use "ex" or "vi" from open
mode). If you're on a sun console, type "TERM=sun; export TERM"; if
you're using an ascii terminal (or terminal emulator on a PC) for your
console, set TERM to the terminal type (e.g. TERM=vt100; export TERM).
6. Edit the passwd file (/a/etc/passwd for SunOS 4.x, /a/etc/passwd.adjunct
for SunOS 4.x with shadow passwords/C2 security), /a/etc/shadow for
Solaris 2.x and remove the encrypted password entry for root
7. cd to /; Type "umount /a"
8. reboot as normal in single-user mode ("boot -s"). The root account
will
not have a password. Give it a new one using the passwd command.
Because this procedure was so simple, it became necessary to find a way
to prevent users from easily changing the boot device, while at the same
time, permitting administrators this option. (Interestingly, a similar method
may still be used for circumventing local machine passwords in Windows.)
The solution found was to put a password on the bios, which would restrict
changing the boot device. This is most commonly done while logged in as root,
but can also be done directly in the bios.
How to Require, or change a Password for Hardware Access
(if you are able to log in as a superuser or root)
1. Log in as root, or as a superuser
2. In a terminal window, enter the PROM security mode, by typing the following:
# eeprom security-mode=command
(Note that security
mode will need to be equal to command (eeprom security-mode=command),
or to full (eeprom security-mode=full). Setting this to
none, will remove
any PROM security.)
3. You will then be asked for a PROM password:
Changing PROM password:
New password:
password
Retype new password:
password
4. If you are not prompted to enter a PROM password, the system already
has a PROM password. To change the current PROM password, run the command
# eeprom security-password=<Type
the Return key>
Changing PROM password:
New
password: password
Retype
new password: password
Prom Security Modes:
None
All OpenBoot settings can be changed, and any OpenBoot command executed.
Anyone with physical access to the system has full control over it.
Command
All commands except boot and go require a password.
Full
All commands except go require a password. Can only boot from the
default device.
If All Else Fails:
If you do not know the prom password, you can reset it via the eeprom
program, while logged in as root. If you do not know the root password, but
there is no password on the PROM, you can always change the boot device,
and then modify the password files. If you do not know the prom password
and cannot get into your system as root, you are in deep trouble. This is
the problem which many users encounter when buying used Sparc machines. There
is a method around this. It is a little chancy, because you have to screw
around with the motherboard, and unseat a chip while the machine is powered
up; but it will work, if you are desperate.
1. Boot the machine and enter the boot PROM. Get a password prompt.
2. Crack open the case and remove the PROM chip whilst the machine is on.
3. Hit enter on the password prompt: since it can't confirm the password
against the PROM, it lets you through.
4. Re-sit the PROM chip in the machine, whilst turned on.
5. Immediately execute the commands which clear the password. At the OK
prompt, this would either be:
ok> setenv
security-mode none (this would remove the password requirement)
or
ok>password
(this would prompt you for a new password)
You should:
ok devalias cdrom - this will show you current path to internal CD. Use this
to determine what new alias should look like.
ok setenv auto-boot? false
ok reset-all
ok probe-scsi-all - find the path to the new cdrom - write it down &
write target # as well
ok show-disks - find the exact path you just wrote down and type that letter
ok nvalias cdrom2 [Ctrl] + [y] which will paste that path. Finish with @sd6,0:f
if target 6 and an Ultra class machine [Return]
ok reset-all
ok boot cdrom2
Sun Ultra 10 use IDE port, not SCSI !!!
You can try the following things.
at ok prompt, type in:
probe-ide
To see if the box can see the IDE CDROM, if it cann't see it, check the CDROM
power cable, IDE
cable, cdrom drive, IDE port.
printenv
# Display all current parameters and current default values
Use the following systax to change the OBP settings:
setenv parameter value
set-default parameter -- Set parameter to default value
set-defaults -- Set parameter values to factory
default
eg, to set an aliase for cdrom:
nvalias mycdrom /pci@1f,4000/scsi@3,1/disk@6,0:f
^
| please replace it with the real device name
ok show-disks - chose the letter for the cdrom drive
ok nvalias cdrom2 [Ctrl] + [y] to paste the cdrom path. Added 1,0:f to the
end
ok reset-all
ok boot cdrom2
Factory setting (display using the devalias command:
cdrom /pci@1f,0/pci@1,1/ide@3/cdrom@2,0:f
If the CD-ROM is a slave on the primary controller:
ok nvalias cdrom /pci@1f,0/pci@1,1/ide@3/cdrom@1,0:f
If the CD-ROM is a slave on the secondary controller:
ok nvalias cdrom /pci@1f,0/pci@1,1/ide@3/cdrom@3,0:f
Now you can boot from CD-ROM using the new alias just created. For example,
boot cdrom.