Solaris 9 Resource Manager

Solaris 9 Resource Manager provides improvements to the management of system resources and enables system administrators to do the following:

• Allocate computing resources on a system.

• Monitor how these resources are being used and adjust allocations as necessary.

• Generate extended accounting information on resource usage. This information can be used for capacity planning and billing.

The resource controls framework allows you to set constraints on the system resources that are consumed by processes and tasks, which are collections of processes that are related to a single activity. 

Resource pools provide a way to partition system resources, such as processors, and maintain those partitions across reboots. A new fair share scheduler (FSS) has been added that allows the fine-grained sharing of CPU resources on a system. 

These features enhance your ability to manage how resources are allocated to applications in a server consolidation environment.  

In the Solaris 9 release, the full functionality is administered through a command-line interface. Performance monitoring and the setting of resource controls can also be done through the Solaris Management Console.  

For more information on resource management, see the following:

• System Administration Guide: Resource Management and Network Services

• Man pages prctl(1), pooladm(1M), poolcfg(1M), rctladm(1M), project(4), and FSS(7)

Solaris 9 

New Fixed-Priority (FX) Scheduling Class

The FX scheduler provides a scheduling policy for processes that require user or application control of scheduling priorities. The priorities of processes that run under FX are fixed. These priorities are not dynamically adjusted by the system. The FX class has the same priority range as the TS, IA, and FSS classes.  

For more information on the FX scheduler, see the Programming Interfaces Guide and the Multithreaded Programming Guide, and the priocntl(1) and dispadmin(1M) man pages.

For restrictions on using the FX and FSS schedulers on the same system, see "Fair Share Scheduler" in the System Administration Guide: Resource Management and Network Services.

Solaris 9 

New Display Options for the df, du, and ls Commands

The df, du, and ls -l commands have a new -h option to display disk usage and file or file system sizes in powers of 1024. This option simplifies interpretation of the output of the df, du, and ls -l commands by providing disk space in Kbytes, Mbytes, Gbytes, or Tbytes if the file or directory size is larger than 1024 bytes. For additional information on these display options, see "New df, du, and ls Options".

See the df(1M), du(1), and ls(1) man pages for further information.

Solaris 9 

Improved Process Debugging With the pargs and preap Commands

Two new commands, pargs and preap, improve process debugging. You can use the pargs command to print the arguments and environment variables that are associated with a live process or core file. Use the preap command to remove zombie processes. For additional information on these commands, see "pargs and preap Commands".

See the preap(1) man page and the proc(1) man page for information on using these commands.

Solaris 9 

iPlanet Directory Server Integration

The Solaris 9 release provides an integrated version of the iPlanet Lightweight Directory Access Protocol (LDAP) directory. The iPlanet Directory Server is a powerful, distributed directory server that is designed to manage an enterprise-wide directory of users and resources. This scalable directory service can be used for intranet applications, extranets with trading partners, and e-commerce applications to reach customers over the Internet.  

The Directory Server is managed through the iPlanet Console, the graphical user interface that is provided with the iPlanet Directory Server. Administrators use the Console to grant access rights, manage databases, configure the directory, and replicate the data to multiple directory servers. Users access the data through any LDAP-enabled client application, such as applications that were developed with the iPlanet LDAP Software Developers Kits (SDKs) for C and the Java^TM programming language.

Configuration for setup of the iPlanet Directory Server has been simplified by using idsconfig. Server and client configuration information is available in the System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

See also the iPlanet Directory Server 5.1 Collection at http://docs.sun.com. This collection includes the following books:

• iPlanet Directory Server 5.1 Deployment Guide

• iPlanet Directory Server 5.1 Administrator's Guide

• iPlanet Directory Server 5.1 Configuration, Command, and File Reference

• iPlanet Directory Server 5.1 Schema Reference

The iPlanet LDAP Directory Server 5.1 is integrated in the Solaris 9 release. For licensing terms, refer to the binary code license. 

Solaris 9 

Naming Service Support for Lightweight Directory Access Protocol (LDAP)

Naming service support has been enhanced in the Solaris 9 release. Changes include the following:

• Simplified configuration for setup of the iPlanet Directory Server 5.1, the LDAP directory server, using idsconfig.

• A more robust security model - Supports strong authentication and TLS-encrypted sessions. A client's proxy credentials are no longer stored in a client's profile on the directory server.

• ldapaddent command - Enables you to populate and dump data onto the server.

• Service search descriptors and attribute mapping.

• New profile schemas.

For information on security features in the Solaris 9 release, including the Secure LDAP Client, see "Security Enhancements". For further information, see the System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

Solaris 9 

NIS+-to-LDAP Migration Tools

The Solaris 9 release announces end-of-software-support for NIS+ and the move to the LDAP-based naming environment. This release includes migration tools to use for migrating from NIS+ to LDAP. For more information on the NIS+ announcement, refer to the following Web site:  

http://www.sun.com/directory/nisplus/transition.html

A detailed discussion of how to migrate from the NIS+ naming service to LDAP is included in the System Administration Guide: Naming and Directory Services (FNS and NIS+). For further information, see the System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

Solaris 9 

IP Security Architecture for IPv6

The IPsec security framework has been enhanced in the Solaris 9 release to enable secure IPv6 datagrams between machines. For the Solaris 9 release, only the use of manual keys is supported when using IPsec for IPv6. 

The IPsec security framework for IPv4 was introduced in the Solaris 8 release. The Internet Key Exchange (IKE) Protocol is available for IPv4.

For further information, see "IPsec (Overview)" in the System Administration Guide: IP Services.

Solaris 9 

Enhanced inetd Command

The inetd networking command has been enhanced to support the monitoring and filtering of incoming requests for network services. The server can be configured to log the client host name of incoming requests and thus enhance network security. The inetd command uses the same mechanism that is used by the Tcp-wrappers 7.6 utility described in "Freeware".

For further information, see the inetd(1M), hosts_access(4), and hosts_options(4) man pages.

Solaris 9 

Solaris FTP Client

The Solaris FTP client has been enhanced to include support for the following: 

• Using passive mode to connect to a remote host from behind a firewall

• Restarting a failed transfer from the beginning of the transfer or from a certain offset

• Setting the TCP window size to enhance the performance of file transfers

• Detecting that the remote system is another UNIX system and setting the default transfer mode appropriately for optimized performance

For information on the ftp command, see the ftp(1) man page.

Solaris 9 

Trivial File Transfer Protocols (TFTP) Enhancements

The Solaris TFTP client and server have been enhanced to support TFTP option extensions, negotiations of the blocksize, timeout interval, and transfer size. 

For further information, see the tftp(1) and in.tftpd(1M) man pages. See also the RFCs 2347, 2348 and 2349.

Solaris 9 

Support for IPv6 Over ATM

Support for using IPv6 over Asynchronous Transfer Mode (ATM) networks as specified by RFC 2492 has been introduced in the Solaris 9 release. 

For further information, see the System Administration Guide: IP Services.

Solaris 9 

Enhanced snoop Packet Capture

The snoop packet capture and display tool has been enhanced to decode and filter both AppleTalk and SCTP packets.

See the snoop(1M) man page for further information on this command.

Solaris 9 

Solaris PPP 4.0

Solaris PPP 4.0 enables a system in one location to communicate over telephone lines or leased communications media with a system at a remote location. This implementation of the Point-to-Point Protocol (PPP) is based on the widely used Australian National University (ANU) PPP, and is entirely new for the Solaris operating environment. PPP 4.0 is easily configured through a set of files. PPP 4.0 supports both asynchronous and synchronous communications and offers Password Authentication Protocol (PAP) and Challenge-Handshake Authentication Protocol (CHAP) authentication. Because Solaris PPP 4.0 is highly configurable, customers can easily tailor PPP to fit their remote communications needs. Also provided is the asppp2pppd conversion script for migrating from the earlier Solaris PPP (asppp) to Solaris PPP 4.0.

PPP 4.0 now includes the PPPoE feature, which enables the use of tunneling with PPP. Support for PPPoE was introduced in the Solaris 8 10/01 release. 

For further information, see the PPP module in the System Administration Guide: Resource Management and Network Services and the pppd(1M) man page.

For information on licensing terms, refer to the incorporated material at the following locations: 

/var/sadm/pkg/SUNWpppd/install/copyright

/var/sadm/pkg/SUNWpppdu/install/copyright

/var/sadm/pkg/SUNWpppg/install/copyright

Solaris 8 7/01 

Updated in Solaris 8 10/01 and Solaris 9 

Sun Internet FTP Server

Sun Internet FTP Server^TM, hereafter called the FTP Server, is fully compatible with the Solaris 8 FTP software while offering new capability and improvements to performance for Solaris 9 users.

The Solaris 9 FTP Server is based on WU-ftpd. Originally developed by Washington University, WU-ftpd is widely used for the distribution of bulk data over the Internet and is the preferred standard for large FTP sites. 

Solaris 9  

Sun RPC Library Extensions

The RPC library extensions project extends the Sun ONC+^TM RPC library with an asynchronous protocol. Programming interfaces have been added to the Transport Independent Remote Procedure Calls to provide one-way asynchronous messaging and non-blocking I/O.

For further information on ONC+ development, see the ONC+ Developer's Guide.

Solaris 9  

Enhancements to sendmail

The following new features are available in sendmail version 8.12, which is included in the Solaris 9 operating environment:

• A new configuration file, submit.cf

• New command-line options

• New and revised configuration file options

• New defined macros

• New macros that are used to build the configuration file

• New and revised m4 configuration macros

• New compile flags

• New delivery agent flags

• New queue features

• New uses for LDAP

• A method for identifying IPv6 addresses in configuration

• Changes to mail.local

• Changes to mailstats

• Changes to makemap

• A new maintenance utility, editmap(1M)

The following details might be of particular interest: 

• Per RFC 2476, sendmail now listens for submissions on port 587, a feature that was added, but not mentioned, in version 8.10.

• Because the AutoRebuildAliases option is no longer available, newaliases must be run manually now in order for changes to /etc/mail/aliases to become effective. Also, because sendmail is no longer setuid root, only root can run newaliases.

For further information, see the "Mail Services Topics" in System Administration Guide: Resource Management and Network Services. The series of chapters on mail services provides overview information, some procedures for setting up and modifying your mail service and for troubleshooting, some background information, and details about all of the new features.

Version 8.10 of sendmail was first available in the Solaris 8 4/01 operating environment. Version 8.12 of sendmail is available in the Solaris 9 operating environment.

Solaris 8 4/01 

Updated in Solaris 9 

Solaris Network Cache and Accelerator (NCA)

The Solaris Network Cache and Accelerator (NCA) has been improved with the addition of a sockets interface to NCA, through which any web server can communicate with NCA with minimal modifications. Web servers such as Apache, iPlanet Web Server, and Zeus are able to make use of NCA performance by using standard socket library functions. Also, NCA now supports vectored sendfile, which provides support for AF_NCA. Finally, the ncab2clf command has been enhanced by adding new options to support the ability to skip records before a selected date and to process a particular number of records when converting log files.

For more information about NCA, see "Managing Web Cache Servers" in the System Administration Guide: Resource Management and Network Services.

Solaris 8 7/01 

Updated in Solaris 9 

IP Network Multipathing

IP network multipathing provides your system with recovery from single-point failures with network adapters and increased traffic throughput. As of the Solaris 8 10/00 release, if a failure occurs in the network adapter, and if you have an alternate adapter connected to the same IP link, the system switches all the network accesses automatically from the failed adapter to the alternate adapter. This process ensures uninterrupted access to the network. Also, when you have multiple network adapters connected to the same IP link, you achieve increased traffic throughput by spreading the traffic across multiple network adapters. 

As of the Solaris 8 4/01 release, dynamic reconfiguration (DR) uses IP network multipathing to decommission a specific network device, with no impact on existing IP users.  

The Solaris 8 7/01 release introduced the new IPMP Reboot Safe feature. When a failed NIC is removed from the system by using dynamic reconfiguration, and a reboot occurs prior to reinsertion of a functioning NIC, the system attempts, but fails, to plumb an interface for the missing NIC. Rather than lose the IP address, the IPMP Reboot Safe feature transfers the IP address to another NIC in the IPMP interface group. 

For more information, see "IP Network Multipathing Topics" in the System Administration Guide: IP Services.

Solaris 8 10/00  

Updated in Solaris 8 4/01 and 7/01 

IP Network Multipathing DLPI Link-Up and Link-Down Notification Support

Link-down notifications enable the IP multipathing daemon to detect physical link failures faster. When a network interface is started, the IP multipathing daemon attempts to enable link-up and link-down notifications from the network interface driver. If the driver supports this feature, a link-down notification is generated when the interface detects the loss of the physical link to the network. A link-up notification is generated when the physical link is restored. The RUNNING flag is unset when a link-down notification is received, and set when a link-up notification is received. The IP multipathing daemon uses the RUNNING flag to monitor the physical link state.

For more information, see the IP network multipathing chapters in the System Administration Guide: IP Services.

Solaris 9  

Mobile Internet Protocol

Mobile Internet Protocol (Mobile IP) enables the transfer of information to and from mobile computers, such as laptop and wireless communications. As of the Solaris 8 6/00 release, the mobile computer can change its location to a foreign network and still access and communicate with and through the mobile computer's home network. The Solaris implementation of Mobile IP supports only IPv4.  

As of the Solaris 8 4/01 release, Mobile IP enables system administrators to set up reverse tunnels. By setting up a reverse tunnel from the mobile node's care-of address to the home agent, you ensure a topologically correct source address for the IP data packet. By using reverse tunnels, system administrators can also assign private addresses to mobile nodes. 

For more information on the Mobile Internet Protocol, see "Mobile IP Topics" in the System Administration Guide: IP Services.

Solaris 8 6/00 

Updated in Solaris 8 4/01 

Mobile Internet Protocol (Mobile IP) Agent Advertisements Over Dynamic Interfaces

Dynamically created interfaces are interfaces that are configured after the mipagent daemon starts. You can now configure the foreign agent implementation to send advertisements over dynamically created interfaces. You can also enable or disable some unsolicited advertisements over the advertising interfaces.

For more information on Mobile Internet Protocol, see "Mobile IP Topics" in the System Administration Guide: IP Services.

Solaris 9  

Berkeley Internet Name Domain

An updated version of Berkeley Internet Name Domain (BIND) has been integrated in the Solaris 9 release. The updated version is BIND version 8.2.4. 

BIND functionality includes the following:

• In.named configuration options - See the named.conf(4) and the named-bootconf(1M) man pages.

• Extensions to the resolver(3RESOLV) interface that are safe to use in multithreaded applications.

• The addition of the ndc(1M) command, which is used to start or stop reconfigure in.named, and the dnskeygen(1M) command, which is used to create TSIG and DNSSEC keys. See the dig(1M) man page for instructions on how to gather information from the DNS servers.

For more information, see the System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

Solaris 8 4/01 

Updated in Solaris 9 

Networking Freeware

See "Freeware" for information about GNU wget 1.6, Ncftp Client 3.0.3, and Samba 2.2.2 in the Solaris 9 release.

• Ncftp Client 3.0.3 uses the File Transfer Protocol (FTP) and is an alternative to the UNIX® ftp program.

• GNU wget 1.6 retrieves files from the Web by using HTTP and FTP.

• Samba 2.2.2 is a free SMB and CIFS client and server for UNIX and other operating systems.

Solaris 9 

Solaris Volume Manager

Solaris Volume Manager provides storage management tools that enable you to create and manage RAID 0, RAID 1, and RAID 5 volumes, as well as transactional (logging) devices and soft partitions. Solaris Volume Manager provides all of the capabilities of Solstice DiskSuite^TM and adds the following:

• Soft partitions - Allow numerous partitions on a single drive, thus breaking the 8-slice barrier

• Device ID support - Preserves Solaris Volume Manager configuration even if disks are moved or rearranged

• Active monitoring of disks - Detects silent failures

• Solaris Management Console based interface - Enables you to manage the enhanced storage devices through the same management interface that is used for other Solaris management tasks

• Solaris Volume Manager WBEM application programming interface (API) - Enables standards-based management of Solaris Volume Manager from any compliant tool

The Solaris 9 release seamlessly supports upgrading existing systems that run Solaris DiskSuite (SDS) to the Solaris Volume Manager without disturbing or changing the configuration. Upgrades of mirrored root file systems are fully and automatically supported. 

For more information, see the Solaris Volume Manager Administration Guide.

Solaris 9 

Unified diff Format

The diff and sccs-sccsdiff commands have been updated to include support for the GNU-style unified diff format in which context lines are only printed once in the listing of differences.

For information on these commands, see the diff(1) and sccs-sccsdiff(1) man pages.

Solaris 9 

Generic Log Rotation Facility

A generic log rotation facility is available in the Solaris 9 release. System administrators can use this facility to maintain and rotate system and application log files. For further information, see the logadm(1M) and logadm.conf(4) man pages.

Solaris 9 

Solaris Management Console

Solaris Management Console 2.1 is a GUI-based "umbrella application" that serves as the starting point for a variety of management tools. The console comes complete with a default toolbox that contains the following tools: 

• System Information - Display read-only data about the host, hardware, and software.

• Log Viewer - View application and command-line messages and manage log files.

• Processes - View, suspend, resume, and delete processes.

• Performance - Track the usage and consumption of system resources.

• Users - Set up and maintain user accounts, user templates, groups, mailing lists, administrative roles, and rights. Grant or deny rights to users and to administrative roles to control the specific applications each can work with and which tasks each can perform.

• Projects - Constrain how resources are allocated, by processes and by tasks that run in the current project.

• Computers and Networks - View and manage computers, networks, and subnetworks.

• Patches - Manage patches on systems that run the Solaris operating environment.

• Scheduled Jobs - Schedule, start, and manage jobs.

• Mounts and Shares - View and manage mounts, shares, and usage information.

• Disks - Create and view disk partitions.

• Enhanced Storage - Create and manage RAID 0 (concatenation and stripe), RAID 1 (mirror), RAID 5, soft partitions, and transactional volumes. Assemble flexible storage configurations that are resistant to data loss or downtime.

• Serial Ports - Configure and manage existing serial ports.

You can add or delete tools from the default toolbox or create a new toolbox to manage a different set of tools by using the console Toolbox Editor.  

Diskless clients can also be managed, though only through a CLI. 

For further information, see "Solaris Management Console (Overview)" in the System Administration Guide: Basic Administration.

Solaris 8 1/01 

Updated in Solaris 9 

Patch Manager

Patch Manager manages patches that are created for the Solaris 9 operating environment and compatible releases. You can display installed patches and their properties, add patches to one or more systems concurrently, remove patches, analyze a system's patch requirements, and download patches from the SunSolve Online service.  

The new smpatch(1M) command installs patches on single or multiple machines, analyzes patch requirements, and downloads required patches.

See the smpatch(1M) man page for further information.

Solaris 9  

Solaris WBEM Services 2.5

Solaris WBEM Services 2.5 is Sun Microsystems' implementation of Web-Based Enterprise Management (WBEM). WBEM is a set of management and Internet-related technologies that are intended to unify the management of enterprise computing environments. Solaris WBEM Services was updated to version 2.5 in the Solaris 9 release. Further information is provided in "Web-Based Enterprise Management Tools".

Solaris 9 

WBEM CIM Object Manager Now Listens to HTTP Port 5988

The CIM Object Manager listens for remote method invocation (RMI) connections on RMI port 5987 and now listens for XML/HTTP connections on HTTP port 5988. (In the Solaris 8 software release and updates of the Solaris 8 release, the CIM Object Manager listened for XML/HTTP connections on default HTTP port 80.) 

For further information, see the Solaris WBEM Services Administration Guide.

Solaris 9  

SNMP Adapter for WBEM

Intended for use by system administrators, the SNMP Adapter for WBEM enables Simple Network Management Protocol (SNMP) management applications to access system management information that is provided by Solaris WBEM Services.  

Used with the Solstice^TM Enterprise Agent (SEA) Master Agent, the SNMP Adapter for WBEM maps SNMP requests into equivalent WBEM Common Information Model (CIM) properties or instances.

The SNMP Adapter for WBEM also remaps the response from the CIM Object Manager into an SNMP response, which is returned to the management application.  

A mapping file contains the corresponding Object Identifier (OID), class name, property name, and Abstract Syntax Notation One (ASN.1) type for each object.  

The Solaris WBEM Services Administration Guide contains information about the SNMP Adapter for WBEM.

Solaris 9  

Solaris Product Registry 3.0

This registry includes these new features: 

• The ability to uninstall individual system packages.

• All of the Solaris system products that you installed in their localized version appear in the System Software Localizations folder.

• The registry is compatible with more installation wizards.

For further information, see the System Administration Guide: Basic Administration.

Solaris 8 1/01 

Modify Software Groups in Solaris Web Start Program

The Solaris Web Start installation method was updated to enable you to modify the selected Solaris Software Group by adding or removing software packages. 

For further information, see the System Administration Guide: Basic Administration.

Solaris 8 1/01 

System Administration Freeware Tools

For information about GNU grep 2.4.2 and GNU tar 1.13, see "Freeware". GNU grep 2.4.2 is a pattern matcher. GNU tar 1.13 is an archiver.

Solaris 9 

Extended File Attributes

The UFS, NFS, and TMPFS file systems have been enhanced to include extended file attributes, which enable application developers to associate specific attributes to a file. For example, a developer of a file management application for a windowing system might choose to associate a display icon with a file.  

Extended attributes are logically represented as files within a hidden directory that is associated with the target file.  

You can use the extended file attribute API and a set of shell commands to add and manipulate file system attributes. See the fsattr(5), openat(2), and runat(1) man pages for more information.

Many Solaris file system commands have been modified to support file system attributes by providing an attribute-aware option that you can use to query, copy, or find file attributes. For more information, see the specific file system command in the man pages. 

See also the System Administration Guide: Basic Administration for more information.

Solaris 9 

Improved UFS Direct I/O Concurrency

The performance of direct I/O, which is used by database applications to access unbuffered file-system data, has been improved by allowing concurrent read and write access to regular UFS files. Previously, an operation that updated file data would lock out all other read or write accesses until the update operation was completed.  

See the System Administration Guide: Basic Administration and the man page, mount_ufs(1M), for more information.

Solaris 8 1/01 

DNLC Improvements

The directory name look-up cache (DNLC) is enhanced to provide improved performance when you access files in large directories with 1000 or more files. 

The DNLC is a general file-system service that caches the most recently referenced directory names and their associated vnodes. UFS directory entries are stored linearly on disk. This means that locating an entry requires searching each entry for the name. Adding a new entry requires searching the entire directory to ensure the name does not exist. To solve this performance problem, entire directories are cached in memory by the DNLC. 

Another feature in this release is that DNLC caches file objects that have been looked up, but do not exist. This feature is known as negative caching, and is useful because some applications repeatedly test to check if a file exists. 

New tunable parameters are associated with the DNLC improvements. These parameters are set optimally and should not be changed casually.  

See the Solaris Tunable Parameters Reference Manual for further information.

Solaris 8 6/00 

UFS Snapshots (fssnap)

You can use the fssnap command to create a snapshot of a file system. A snapshot is a file system's temporary image that is intended for backup operations.

When the fssnap command is run, it creates a virtual device and a backing-store file. You can back up the virtual device, which looks and acts like a real device, with any of the existing Solaris backup commands. The backing-store file is a bitmapped file that contains copies of pre-snapshot data that has been modified since the snapshot was taken.

See the System Administration Guide: Basic Administration and the man page, fssnap(1M), for more information.

Solaris 8 1/01 

Updated mkfs Command

The mkfs command has been updated to improve performance when you create file systems. Improved mkfs performance is often 10 times faster than in previous Solaris releases. Performance improvements are seen on systems when you create both large and small file systems. However, the biggest mkfs performance improvements occur on systems with high-capacity or high-speed disks.

Solaris 8 1/01 

Solaris Live Upgrade 2.0

Solaris Live Upgrade provides a method of upgrading that substantially reduces the usual service outage that is associated with an operating system upgrade. You can duplicate your current running boot environment, then while the original boot environment continues to run, you can upgrade the duplicate. The duplicate boot environment is then activated to become the active boot environment when the system is rebooted. If a failure occurs, you can quickly fall back to the original boot environment with a simple reboot, thereby eliminating the downtime for the production environment associated with the normal test and evaluation process. 

In addition to upgrading a boot environment, you can install a Web Start Flash archive on an inactive boot environment. When you reboot the system, the configuration that you installed on an inactive boot environment is active. 

The Solaris 9 release includes several Live Upgrade enhancements that apply to the command-line interface only. The enhancements affect the following:

• Progress reporting

• Changes to the lumount and luumount commands

• Scheduling priorities

• Naming boot environments

For information on these command-line enhancements, see "Live Upgrade Command-Line Features". For further information on Solaris Live Upgrade, see "Solaris Live Upgrade Topics" in the Solaris 9 Installation Guide.

Solaris 8 7/01 

Updated in Solaris 9 

Web Start Flash Installation Feature

The Web Start Flash installation feature enables you to create a single reference installation of the Solaris operating environment on a machine and then replicate that installation on several machines. 

For further information, see "Web Start Flash Installation Feature Topics" in the Solaris 9 Installation Guide.

Solaris 8 4/01 

Web Start Flash Archive Retrieval Using FTP

The Web Start Flash program has been updated to allow you to retrieve a Web Start Flash archive by using FTP. When installing an archive, you can specify the location of an archive on an FTP server. 

For more details about how to retrieve an archive from an FTP server, see the Solaris 9 Installation Guide.

Solaris 9 

Minimal Installation

Files that constitute several features in the core software group, or metacluster, are now moved into separate, more logically organized packages. You can optionally exclude these packages from the Solaris operating environment when you install the Solaris software. You can also remove these packages by using pkgrm(1M) after installation.

Files that constitute the following features are moved into new or existing packages:

• Cache file system

• NFS

• Kerberos security

• Distributed file system

• NIS-related

• Network routing daemons

• Remote network r* commands

• telnet server

• tftp server

• Domain name server

• DARPA name server

• Remote procedure call services

• Boot or install server

• setuid and setgid

Solaris 9 

Longer Package Names

The pkgmk utility can now be used to create packages with names up to 32 characters in length. See the pkgmk(1) and pkgadd(1M) man pages.

Solaris 9 

Installation From the Solaris DVD

You can now install the Solaris operating environment and additional software from the Solaris DVD. The DVD enables you to perform either a Solaris^TM Web Start installation or a custom JumpStart^TM installation. The Solaris DVD includes the Solaris software, ExtraValue software, and the Solaris documentation.

For detailed instructions, see the Solaris 9 Installation Guide.

Solaris 8 2/02 

Solaris Web Start Program Uses sysidcfg File

The Solaris Web Start installation method has been modified to use the sysidcfg file to configure system information during an installation or upgrade. If you create a sysidcfg file with configuration information for your system, the Solaris Web Start program does not prompt you to enter the system information during installation.

For detailed instructions, see the Solaris 9 Installation Guide.

Solaris 8 2/02 

Solaris Web Start Program Enhancements

The Solaris Web Start installation method was updated to enable you to perform the following functions during the Solaris installation or upgrade:

• Select to automatically reboot the system after installation.

• Select to automatically eject the CD or DVD after installation.

• Select to preserve file systems.

For detailed instructions, see the Solaris 9 Installation Guide.

Solaris 8 2/02 

Additions to Time Zone Selections

The number of time zones available in the Solaris 9 operating environment has dramatically increased. When you install the Solaris operating environment, you can select time zones by geographic region. The time zone selections in the lists of continents and countries have been expanded. 

For detailed instructions, see the Solaris 9 Installation Guide.

Solaris 9 

Solaris Web Start Wizards SDK 3.0.1

Solaris Web Start Wizards^TM SDK simplifies the installation, setup, and administration of native Solaris, Java^TM, and non-Java applications. With Solaris Web Start Wizards software, developers can copackage both Solaris versions and Microsoft Windows versions of their applications. The installation wizard manages the platform specifics.

The Web Start Wizards SDK 3.0.1 is now included with the Solaris 9 release and can be installed by using the Solaris Web Start installation program.  

Solaris 9 

New Boot Options for a Custom JumpStart Installation

New options have been added for use with the boot command when you perform a custom JumpStart installation.

With the boot command, you can specify the location of the configuration files to use to perform the installation. You can specify a path to an HTTP server, an NFS server, or a file that is available on local media. If you do not know the path to the files, you can require that the installation program prompt you for the path after the machine boots and connects to the network.

The nowin option enables you to specify that the custom JumpStart program not begin the X program. You do not need to use the X program to perform a custom JumpStart installation, so you can shorten the installation time by using the nowin option.

For detailed instructions about how to use these new options, refer to "Custom JumpStart Installation Topics" in the Solaris 9 Installation Guide.

Solaris 8 7/01 

Upgrading Mirrors

The Solaris 9 release now supports operating environment upgrades of root mirrors and metadevices that were created by Solaris Volume Manager (formerly Solstice DiskSuite). If you are upgrading a system that has a metadevice that was created by Solaris Volume Manager, you no longer need to edit the system's vfstab. As for root mirrors, the mirror is detected and the operating environment on the mirror is upgraded just as would happen in a typical upgrade without metadevices.

Solaris 9 

Default Routing With System Identification Utilities

The system identification utilities automatically attempt to determine the default router during installation.  

For installation information, see the Solaris 9 Installation Guide.

Solaris 8 4/01 

Configuration With System Identification Utilities

During system identification, the system identification utilities can configure systems to be LDAP clients. Prior Solaris releases allowed the configuration of a machine only as an NIS, NIS+, or DNS client.  

For installation information, see the Solaris 9 Installation Guide.

Solaris 8 1/01 

Patch Analyzer

The Patch Analyzer is now available when you use the Solaris Web Start program to upgrade to a Solaris Update release. The Patch Analyzer performs an analysis on your system to determine which (if any) patches will be removed or downgraded by upgrading to a Solaris Update release. You do not need to use the Patch Analyzer when you upgrade to the Solaris 9 release. 

For further installation information, see the Solaris 9 Installation Guide.

Solaris 8 1/01 

Multiple Page Size Support

Multiple Page Size Support (MPSS) allows a program to use any hardware-supported page sizes to access portions of virtual memory. Previously only 8-KB pages were available for a program's stack, heap, or anonymous memory mapped with mmap().

You can use MPSS to run legacy applications with specific memory page size settings where they benefit from this sort of performance tuning. The use of larger page sizes might significantly improve the performance of programs that intensively use large amounts of memory.  

For more information, see the man pages for pagesize(1), mpss.so.1(1), and ppgsz(1).

Solaris 9 

Improved Multithreading Library

This release includes an improved and faster multithreading library, which was available as the alternate libthread in previous Solaris software releases.

For further information, see the Multithreaded Programming Guide and the threads(3THR) man page.

Solaris 9 

Solaris Network Cache and Accelerator (NCA)

The Solaris Network Cache and Accelerator (NCA) has been improved with the addition of a sockets interface to NCA through which any web server can communicate with NCA with minimal modifications. See "Networking".

Solaris 8 7/01 

Performance Improvement for Servers

Enhancements have been made to the algorithm that controls virtual/physical pages and how they are cached. These enhancements deliver increased system performance of around 10% for general user loads in servers. 

Solaris 8 1/01 

Dynamic Intimate Shared Memory (DISM)

Dynamic Intimate Shared Memory (DISM) allows a database to dynamically extend or reduce the size of the shared data segment, eliminating the misconfiguration problem and denial-of-service security vulnerability present with Intimate Shared Memory (ISM). 

The ISM is a shared memory segment consisting of large locked memory pages. The ISM number of locked pages remains constant (cannot be changed). Dynamic ISM (DISM) is pageable ISM shared memory, where the number of locked pages is variable (can be changed). Therefore, the DISM supports releasing or adding more physical memory to the system during dynamic reconfiguration. The size of the DISM can span available physical memory plus disk swap. 

See the man page shmop(2).

Solaris 8 1/01 

Dynamic Host Configuration Protocol (DHCP)

The Dynamic Host Configuration Protocol (DHCP) service enables host systems to receive IP addresses and network configuration information at boot time from a network server. The Solaris DHCP service has been enhanced in several ways to enable it to support larger numbers of clients:

• The Solaris DHCP server now uses multithreading to serve multiple clients simultaneously.

• A new data store that stores data in binary files can support larger numbers of clients with faster access than with the ASCII files and NIS+ data stores.

• Access to files and NIS+ data stores has been redesigned to support server multithreading.

• Data access architecture has been changed to enable third parties to write code modules to enable the DHCP server to use any data service to store DHCP data.

In addition, the Solaris DHCP server now supports dynamic DNS updates. You can enable the DHCP service to update the DNS service with the host names of DHCP clients that request a specific host name. 

The Solaris DHCP client can now be configured to request a specific host name. 

For more information, see the System Administration Guide: IP Services.

Solaris 8 7/01 

Diskless Client Management

Diskless client management is available through the command line. You can manage diskless clients, list OS services for diskless clients, and manage patches on all existing diskless clients.  

For information on diskless client management, see "Managing Diskless Client Support (Tasks)" in the System Administration Guide: Basic Administration.

Solaris 8 1/01  

Internet Key Exchange (IKE) Protocol

Internet Key Exchange (IKE) automates key management for IPsec. IKE replaces manual key assignment and refreshment on an IPv4 network, which enables the administrator to manage larger numbers of secure networks. 

System administrators use IPsec to set up secure IPv4 networks. The in.iked daemon provides key derivation, authentication, and authentication protection at boot time. The daemon is configurable. The administrator sets up the parameters in a configuration file. After the parameters are set up, no manual key refreshment is required.

For further information, see "Internet Key Exchange" in the System Administration Guide: IP Services.

Solaris 9  

Solaris Secure Shell

Secure Shell allows a user to securely access a remote host over an unsecured network. Data transfers and interactive user network sessions are protected from eavesdropping, session hijacking, and intermediary attacks. Solaris 9 Secure Shell supports SSHv1 and SSHv2 protocol versions. Strong authentication is provided that uses public key cryptography. The X Window System and other network services can be tunneled safely over Secure Shell connections for additional protection. 

The Secure Shell server, sshd, supports the monitoring and filtering of incoming requests for network services. The server can be configured to log the client host name of incoming requests and thus enhance network security. sshd uses the same mechanism that is used by the Tcp-wrappers 7.6 utility that is described in "Freeware".

For further information, see the sshd(1M), hosts_access(4), and hosts_options(4) man pages.

Solaris 9 

Kerberos Key Distribution Center (KDC) and Administration Tools

System administrators can improve system security by using Kerberos V5 authentication, privacy, and integrity. NFS is an example of an application that is secured with Kerberos V5. 

The following list highlights the new features of Kerberos V5.

• Kerberos V5 Server - The server includes the following components:

  • Principal (user) administration system - Includes a centralized server for local and remote administration of principals and security policies

    The system includes both a GUI and a CLI administration tool.

  • Key Distribution Center (KDC) - Uses the principal database information that was created by the administration server and issues tickets for clients

  • Principal database replication system - Duplicates the KDC database to a backup server

• MIT and Microsoft Windows 2000 password change interoperability - Kerberos V5 passwords can now be changed from a Solaris client to a MIT Kerberos server and Windows 2000.

• Tuned DES - Kerberos V5 kernel DES operations have been optimized for Sun4u systems.

• Kerberos encrypted communications now supported with the Solaris core - In the Solaris 9 release, an encryption module that supports Kerberos encrypted communications is available in the Solaris operating environment. Previously, an encryption module was available only on the Solaris Encryption Kit CD-ROM or through a web download.

• Addressless tickets - System administrators and users can now specify addressless tickets. This ability can be necessary in multi-homed and NAT network environments.

• Kerberos V5 PAM module supports password aging - The pam_krb5 module supports password aging set in the KDC for each user principal.

For further information, see "Administering the Kerberos Database" in the System Administration Guide: Security Services.

Solaris 9 

Secure LDAP Client

The Solaris 9 release includes new features for LDAP client-based security. A new LDAP library provides for SSL (TLS) and CRAM-MD5 encryption mechanisms. These encryption mechanisms enable customers to deploy methods for encryption over the wire between LDAP clients and the LDAP server. 

For further information about the iPlanet Directory Server 5.1, the LDAP directory server, see "Networking".

Solaris 9 

Encryption Modules for IPsec and Kerberos

Encryption with a maximum key length of 128 bits is included in the Solaris 9 release. Prior to the Solaris 9 release, encryption modules were available only on the Solaris Encryption Kit CD-ROM or through a web download. A number of these algorithms are now in the Solaris 9 operating environment. These algorithms include 56-bit DES privacy support for Kerberos as well as 56-bit DES and 3-key Triple-DES support for IPsec.  

Also with the Solaris 9 release, support for greater than 128-bit encryption with IPsec is available on the Solaris Encryption Kit CD-ROM or through a web download. IPsec supports the 128-bit, 192-bit or 256-bit Advanced Encryption Standard (AES), and 32-bit to 448-bit Blowfish (in 8-bit increments).

For information on IPsec support, see "IPsec (Overview)" in the System Administration Guide: IP Services. For information on Kerberos support, see "Introduction to SEAM" in the System Administration Guide: Security Services.

Solaris 9 

IP Security Architecture for IPv6

The IPsec security framework has been enhanced in the Solaris 9 release to enable secure IPv6 datagrams between machines. For the Solaris 9 release, only the use of manual keys is supported when using IPsec for IPv6. 

The IPsec security framework for IPv4 was introduced in the Solaris 8 release. The Internet Key Exchange (IKE) Protocol is available for IPv4.

For further information, see "IPsec (Overview)" in the System Administration Guide: IP Services.

Solaris 9 

Role-Based Access Control (RBAC) Enhancements

Role-based access control (RBAC) databases can be managed through the Solaris Management Console graphical interface. Rights can now be assigned by default in the policy.conf file. In addition, rights can now contain other rights. For further information about RBAC, see "Role-Based Access Control".

For further information, see "Role-Based Access Control" in the System Administration Guide: Security Services.

Solaris 8 1/01 

Xserver Connection Security Options

New options enable system administrators to allow only encrypted connections to the Solaris X server. For further information, see "Xserver Features".

Solaris 9 

Generic Security Services Application Programming Interface (GSS-API)

The Generic Security Services Application Programming Interface (GSS-API) is a security framework that enables applications to protect the data they transmit. The GSS-API provides authentication, integrity, and confidentiality services to applications. The interface permits those applications to be entirely generic with respect to security. That is, they do not have to check for the underlying platform (such as the Solaris platform) or security mechanism (such as Kerberos) being used. This means that applications that use the GSS-API can be highly portable. 

For more information, see the GSS-API Programming Guide.

Solaris 8 6/00 

Additional Security Software

For information about SunScreen^TM 3.2, a firewall product, see "Additional Software".

See also "Freeware" for information about the Tcp-wrappers 7.6 freeware in the Solaris 9 release. Tcp-wrappers 7.6 are small daemon programs that monitor and filter incoming requests for network services.

Solaris 9 

X11 Support for IPv6 on Solaris

The Solaris X Window System servers and client libraries now support the Internet Protocol Version 6 (IPv6) in addition to the Internet Protocol Version 4 (IPv4). This extension enables you to use IPv6 addresses and connections when displaying X applications across the network.  

Solaris 9 

Xserver Connection Security Options

New options enable system administrators to control which transport methods are used by the Solaris X server. Administrators who need to secure a host can now disable remote TCP connections directly to the Xserver, while allowing encrypted connections to be tunneled through Secure Shell.  

See the description of the -nolisten option in the Xserver(1) man page for further details.

Solaris 9 

Xsun Keyboard Bell Option

The Xsun server can now be configured to play a tone through an audio device instead of ringing the keyboard bell when a program emits a beep. By using this option, users can customize the volume, pitch, and length of beeps through the Xset program or CDE control panel. Users adjust the beep to match their hearing ability and personal preferences.  

See the description of the -audiobell option in the Xsun(1) man page for further details.

Solaris 9 

Using Xsun Server as a Display-only Device

New options enable the Xsun server to run without a keyboard or a mouse. You can run the Solaris window manager in display-only mode, without a mouse or a keyboard, in the following ways:

• As a display-only device

• As a display with alternative input devices other than a mouse or a keyboard

• Without a display to drive a frame buffer for hardware-accelerated offscreen rendering

See the Xsun man page for further information.

Solaris 8 2/02 

Write CD File Systems With the cdrw Command

The cdrw command enables you to write CD file systems in ISO 9660 format with Rock Ridge or Joliet extensions on CD-R or CD-RW media devices.

You can use the cdrw command to do the following:

• Create data CDs

• Create audio CDs

• Extract audio data from an audio CD

• Copy CDs

• Erase CD-RW media

Go to the following Web site for information on recommended CD-R or CD-RW devices: 

http://www.sun.com/io_technologies/pci/removable.html

See the cdrw(1) man page for information on using this command.

Solaris 9 

Improved Removable Media Management

Volume management features have been improved in this release to fully support removable media. This improvement means that DVD-ROMs, Iomega and Universal Serial Bus (USB) Zip drives and Jaz drives, CD-ROMs, and diskettes are mounted and available for reading when they are inserted.  

With Common Desktop Environment (CDE) and Solaris command-line enhancements, you can:

• Format, label, and set read or write software protection on removable media with the new rmformat command. This command replaces the fdformat command for formatting removable media.

• Create and verify a PCFS file system on removable media with the mkfs_pcfs and fsck_pcfs commands.

• Create an fdisk partition and a PCFS file system on removable media on a SPARC^TM system to facilitate data transfers to IA systems.

See the System Administration Guide: Basic Administration for information on managing removable media with the command-line interface. See the Solaris Common Desktop Environment: User's Guide for information on managing removable media with CDE's File Manager.

Solaris 8 6/00  

Updated in Solaris 8 10/00 

Sun StorEdge Traffic Manager

The Sun StorEdge^TM Traffic Manager feature supports multiple paths for I/O devices such as Fibre Channel-accessible storage. This feature balances the workload across multiple devices and increases reliability by redirecting requests from a failed interface card or storage device to an operational card or device.

Solaris 9 

Sun Gigaswift Ethernet Driver

As of the Solaris 8 7/01 release, Solaris functionality includes support for the Sun^TM Gigaswift 1000Base-T Ethernet driver. This product gives exceptional performance of a 1-Gbyte twisted-pair copper Ethernet link.

For further information, see the ce(7D) man page.

Solaris 8 7/01 

USB Devices

This release includes support for USB devices such as keyboards, mouse devices, audio devices, mass storage devices, and printers.  

Sun Microsystems support for USB devices includes the following: 

• Sun Blade^TM 100 and Sun Blade 1000 systems that run the Solaris 8 10/00, Solaris 8 1/01, Solaris 8 4/01, Solaris 8 7/01, the Solaris 8 2/02 release, or the Solaris 9 release support USB devices.

• Sun Blade, Netra^TM X1/T1, and Sun Fire^TM 280R systems that run the Solaris 9 release support USB devices.

• Sun Ray^TM systems also support USB devices.

  For information on using USB devices with a Sun Ray system, see the Sun Ray documentation.

Solaris 8 1/01 

Using USB Mass Storage Devices

Many USB mass storage devices are supported in the Solaris 9 environment. Some non-compliant USB devices might work by following the information given in the /kernel/drv/scsa2usb.conf file to see if a particular device can be supported.

For more information, see the System Administration Guide: Basic Administration.

Solaris 8 1/01 

Hot-Plugging USB Devices With the cfgadm Command

With the cfgadmcommand, you can simply hot-plug a USB device from a running system without having to shut down the system. You can also use the cfgadm command to logically hot-plug a USB device without physically removing the device. This scenario is convenient when you are working remotely and you need to reset a USB device. For more information, see the cfgadm_usb(1M) man page.

Solaris 8 1/01 

USB Printer Support

You can use Solaris Print Manager to set up a USB printer that is attached to a system with USB ports. 

The new logical device names for USB printers are: 

/dev/printers/[0...N]*

Therefore, when you add a USB printer to a printer server, select one of these devices for a USB printer under Printer Port on the Add New Attached Printer screen. 

For more information on using Solaris Print Manager to set up printers, see the System Administration Guide: Advanced Administration.

Although the new Solaris USB printer driver supports all USB printer-class compliant printers, a list of recommended PostScript^TM printers is in the usbprn(7D) man page.

For information and cautions about hot-plugging USB printers, refer to the Notes and Diagnostics sections of the usbprn(7D) man page.

Solaris 8 1/01 

Reconfiguration Coordination Manager (RCM)

Dynamic reconfiguration of system resources enables you to reconfigure system components while the system is still running. This feature has been available with the cfgadm command since the Solaris 8 release. The Reconfiguration Coordination Manager is the framework that manages the dynamic removal of system components. By using RCM, you can register and release system resources in an orderly manner.

You can use the new RCM script feature to write your own scripts to shut down your applications, or to cleanly release the devices from your applications during dynamic reconfiguration. The RCM framework launches a script automatically in response to a reconfiguration request, if the request impacts the resources that are registered by the script. 

Previously, you had to release resources from applications manually before you could dynamically remove the resource. Or, you could use the cfgadm command with the -f option to force a reconfiguration operation, but this option might leave your applications in an unknown state. Also, the manual release of resources from applications commonly causes errors.

See the System Administration Guide: Basic Administration and the rcmscript(4) man page for more information.

Solaris 8 1/01  

mp Program Enhancement

In the mp(1) program enhancement, the mp command is modified to work as an X Print Server client. With a properly configured X Print Server running in the host machine, mp can print output in any Print Description Language that the X Print Server supports. The newly introduced options, -D and -P, can be used for making mp work as an X Print Server client.

For more information, see "Print Filter Enhancement mp(1)" in the International Language Environments Guide.

Solaris 8 4/01 

New Dynamic Reconfiguration Error Messages

The dynamic reconfiguration software has been enhanced to improve troubleshooting dynamic reconfiguration problems. 

See the System Administration Guide: Basic Administration and the cfgadm(1M) man page for more information.

Solaris 8 1/01 

Universal Language Coverage

The Solaris 9 operating environment now includes support for 162 locale environments, covering 39 languages on the Solaris 9 Software CDs, the Solaris 9 DVD, and the Solaris 9 Languages CD. Further information about language support in Solaris is provided in "Language Support".

Solaris 9 

Support for the New Chinese GB18030-2000 Character Set

Beginning with the Solaris 8 2/02 release, the Solaris platform allows for input, display, and print of the entire GB18030-2000 character set (including nearly 30,000 characters). Any application that runs on the Solaris platform can thus benefit from a wider set of Chinese characters. For additional information on this feature, see "Language Support".

Solaris 9