([Triple DES] Triple-Data Encryption Standard). A symmetric-key encryption method that provides a key length of 168 bits.
(Advanced Encryption Standard) A symmetric 128-bit block data encryption technique. The U.S. government adopted the Rijndael variant of the algorithm as its encryption standard in October 2000. AES replaces DES encryption as the government standard.
A file that contains a collection of files that were copied from a master system. The file also contains identification information about the archive, such as a name and the date that you created the archive. After you install an archive on a system, the system contains the exact configuration of the master system.
An archive could be a differential archive, which is a Solaris Flash archive that contains only the differences between two system images, an unchanged master image and an updated master image. The differential archive contains files to be retained, modified, or deleted from the clone system. A differential update changes only the files specified and is restricted to systems that contain software consistent with the unchanged master image.
One of the four directional keys on the numeric keypad.
A user-defined Bourne shell script, specified within the rules file, that performs tasks before the Solaris software is installed on the system. You can use begin scripts only with custom JumpStart installations.
To load the system software into memory and start it.
x86 only: A boot archive is a collection of critical files that is used to boot the Solaris OS. These files are needed during system startup before the root (/) file system is mounted. Two boot archives are maintained on a system:
The boot archive that is used to boot the Solaris OS on a system. This boot archive is sometimes called the primary boot archive.
The boot archive that is used for recovery when the primary boot archive is damaged. This boot archive starts the system without mounting the root (/) file system. On the GRUB menu, this boot archive is called failsafe. The archive's essential purpose is to regenerate the primary boot archive, which is usually used to boot the system.
A collection of mandatory file systems (disk slices and mount points) that are critical to the operation of the Solaris OS. These disk slices might be on the same disk or distributed across multiple disks.
The active boot environment is the one that is currently booted. Exactly one active boot environment can be booted. An inactive boot environment is not currently booted, but can be in a state of waiting for activation on the next reboot.
x86 only: The boot loader is the first software program that runs after you turn on a system. This program begins the booting process.
A server system that provides client systems on the same network subnet with the programs and information that they need to start. A boot server is required to install over the network if the install server is on a different subnet than the systems on which Solaris software is to be installed.
The CGI program that enables a web server to collect and store remote client-booting and installation console messages during a WAN boot installation.
(CA) A trusted third-party organization or company that issues digital certificates that are used to create digital signatures and public-private key pairs. The CA guarantees that the individual who is granted the unique certificate is who she or he claims to be.
A file that contains a digital certificate for a specific client system. During an SSL negotiation, the client might be asked to provide the certificate file to the server. The server uses this file to verify the identity of the client.
(Common Gateway Interface) An interface by which external programs communicate with the HTTP server. Programs that are written to use CGI are called CGI programs or CGI scripts. CGI programs handle forms or parse output the server does not normally handle or parse.
The result of adding a group of data items that are used for checking the group. The data items can be either numerals or other character strings that are treated as numerals during the checksum calculation. The checksum value verifies that communication between two devices is successful.
In the client-server model for communications, the client is a process that remotely accesses resources of a compute server, such as compute power and large memory capacity.
A system that you install by using a Solaris Flash archive. The clone system has the same installation configuration as the master system.
A logical collection of packages (software modules). The Solaris software is divided into software groups, which are each composed of clusters and packages.
A string of characters that begins with a command, often followed by arguments, including options, file names, and other expressions, and terminated by the end-of-line character.
A RAID-0 volume. If slices are concatenated, the data is written to the first available slice until that slice is full. When that slice is full, the data is written to the next slice, serially. A concatenation provides no data redundancy unless it is contained in a mirror. See also RAID-0 volume.
A software group that contains the minimum software that is required to boot and run the Solaris OS on a system. Core includes some networking software and the drivers that are required to run the Common Desktop Environment (CDE) desktop. Core does not include the CDE software.
File systems that are required by the Solaris OS. When you use Solaris Live Upgrade, these file systems are separate mount points in the vfstab file of the active and inactive boot environments. Example file systems are root (/), /usr, /var, and /opt. These file systems are always copied from the source to the inactive boot environment.
A type of installation in which the Solaris software is automatically installed on a system that is based on a user-defined profile. You can create customized profiles for different types of users and systems. A custom JumpStart installation is a JumpStart installation you create.
A file, which must be located in the same JumpStart directory as the rules file, that is a Bourne shell script that contains two types of functions: probe and comparison. Probe functions gather the information you want or do the actual work and set a corresponding SI_ environment variable you define. Probe functions become probe keywords. Comparison functions call a corresponding probe function, compare the output of the probe function, and return 0 if the keyword matches or 1 if the keyword doesn't match. Comparison functions become rule keywords. See also rules file.
The process of converting coded data to plain text. See also encryption.
A profile that is dynamically created by a begin script during a custom JumpStart installation.
(Data Encryption Standard) A symmetric-key encryption method that was developed in 1975 and standardized by ANSI in 1981 as ANSI X.3.92. DES uses a 56-bit key.
A software group that contains the End User Solaris Software Group plus the libraries, include files, man pages, and programming tools for developing software.
(Dynamic Host Configuration Protocol) An application-layer protocol. Enables individual computers, or clients, on a TCP/IP network to extract an IP address and other network configuration information from a designated and centrally maintained DHCP server or servers. This facility reduces the overhead of maintaining and administering a large IP network.
A Solaris Flash archive that contains only the differences between two system images, an unchanged master image and an updated master image. The differential archive contains files to be retained, modified, or deleted from the clone system. A differential update changes only the files that are specified and is restricted to systems that contain software consistent with the unchanged master image.
A nontransferable, nonforgeable, digital file issued from a third party that both communicating parties already trust.
An optical disc, as opposed to a magnetic disk, which recognizes the common spelling that is used in the compact disc (CD) market. For example, a CD-ROM or DVD-ROM is an optical disc.
A round platter, or set of platters, of a magnetized medium that is organized into concentric tracks and sectors for storing data such as files. See also disc.
A file that represents a structure of a disk (for example, bytes/sector, flags, slices). Disk configuration files enable you to use the pfinstall command from a single system to test profiles on different–size disks.
A client on a network that relies on a server for all of its disk storage.
The root of a hierarchy on a web server machine that contains the files, images, and data you want to present to users who are accessing the web server.
A part of the Internet naming hierarchy. A domain represents a group of systems on a local network that share administrative files.
The name that is assigned to a group of systems on a local network that share administrative files. The domain name is required for the Network Information Service (NIS) database to work properly. A domain name consists of a sequence of component names that are separated by periods (for example: tundra.mpk.ca.us). As you read a domain name from left to right, the component names identify more general (and usually remote) areas of administrative authority.
The process of protecting information from unauthorized use by making the information unintelligible. Encryption is based on a code, called a key, which is used to decrypt the information. See also decryption.
A software group that contains the Core Software Group plus the recommended software for an end user, including the Common Desktop Environment (CDE) and DeskSet software.
A software group that contains the entire Solaris release.
A software group that contains the entire Solaris release plus additional hardware support for OEMs. This software group is recommended when installing Solaris software on SPARC based servers.
A directory that contains critical system configuration files and maintenance commands.
The directory on a WAN boot server that contains the client configuration information and security data that are required for a WAN boot installation.
A file system on an OS server that is shared with other systems on a network. For example, the /export file system can contain the root (/) file system and swap space for diskless clients and the home directories for users on the network. Diskless clients rely on the /export file system on an OS server to boot and run.
x86 only: A boot archive that is used for recovery when the primary boot archive is damaged. This boot archive starts the system without mounting the root (/) file system. This boot archive is called failsafe on the GRUB menu. The archive's essential purpose is to regenerate the primary boot archive, which is usually used to boot the system. See boot archive.
A reversion to the environment that ran previously. Use fallback when you are activating an environment and the boot environment that is designated for booting fails or shows some undesirable behavior.
A logical partition of a disk drive that is dedicated to a particular operating system on x86 based systems. To install the Solaris software, you must set up at least one Solaris fdisk partition on an x86 based system. x86 based systems allow up to four different fdisk partitions on a disk. These partitions can be used to hold individual operating systems. Each operating system must be located on a unique fdisk partition. A system can only have one Solaris fdisk partition per disk.
A server that provides the software and file storage for systems on a network.
In the SunOSTM operating system, a tree-structured network of files and directories that you can access.
A user-defined Bourne shell script, specified within the rules file, that performs tasks after the Solaris software is installed on the system but before the system reboots. You use finish scripts with custom JumpStart installations.
To put data into a structure or divide a disk into sectors for receiving data.
One of the 10 or more keyboard keys that are labeled F1, F2, F3, and so on that are mapped to particular tasks.
In Solaris Zones, the global zone is both the default zone for the system and the zone used for system-wide administrative control. The global zone is the only zone from which a non-global zone can be configured, installed, managed, or uninstalled. Administration of the system infrastructure, such as physical devices, routing, or dynamic reconfiguration (DR), is only possible in the global zone. Appropriately privileged processes running in the global zone can access objects associated with other zones. See also Solaris Zones and non-global zone.
x86 only: GNU GRand Unified Bootloader (GRUB) is an open source boot loader with a simple menu interface. The menu displays a list of operating systems that are installed on a system. GRUB enables you to easily boot these various operating systems, such as the Solaris OS, Linux, or Microsoft Windows.
x86 only: A boot menu that is a submenu of the GRUB main menu. GRUB commands are displayed on this menu. These commands can be edited to change boot behavior.
x86 only: A boot menu that lists the operating systems that are installed on a system. From this menu, you can easily boot an operating system without modifying the BIOS or fdisk partition settings.
A directory entry that references a file on disk. More than one such directory entry can reference the same physical file.
A number that is produced by taking some input and generating a number that is significantly shorter than the input. The same output value is always generated for identical inputs. Hash functions can be used in table search algorithms, in error detection, and in tamper detection. When used for tamper detection, hash functions are chosen such that it is difficult to find two inputs that yield the same hash result. MD5 and SHA-1 are examples of one-way hash functions. For example, a message digest takes a variable-length input such as a disk file and reduces it to a small value.
The process of changing a string of characters into a value or key that represents the original string.
Keyed hashing method for message authentication. HMAC is used with an iterative cryptographic hash function, such as MD5 or SHA-1, in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function.
The name by which a system is known to other systems on a network. This name must be unique among all the systems within a particular domain (usually, this means within any single organization). A host name can be any combination of letters, numbers, and minus signs (-), but it cannot begin or end with a minus sign.
(Hypertext Transfer Protocol) (n.) The Internet protocol that fetches hypertext objects from remote hosts. This protocol is based on TCP/IP.
A secure version of HTTP, implemented by using the Secure Sockets Layer (SSL).
An installation that overwrites the currently running software or initializes a blank disk.
An initial installation of the Solaris OS overwrites the system's disk or disks with the new version of the Solaris OS. If your system is not running the Solaris OS, you must perform an initial installation. If your system is running an upgradable version of the Solaris OS, an initial installation overwrites the disk and does not preserve the OS or local modifications.
A server that provides the Solaris DVD or CD images from which other systems on a network can install Solaris (also called a media server). You can create an install server by copying the Solaris DVD or CD images to the server's hard disk.
(Internet protocol address) In TCP/IP, a unique 32-bit number that identifies each host in a network. An IP address consists of four numbers that are separated by periods (192.168.0.0, for example). Most often, each part of the IP address is a number between 0 and 225. However, the first number must be less than 224 and the last number cannot be 0.
IP addresses are logically divided into two parts: the network (similar to a telephone area code), and the local system on the network (similar to a phone number). The numbers in a Class A IP address, for example, represent “network.local.local.local” and the numbers in a Class C IP address represent “network.network.network.local.”
IPv6 is a version (version 6) of Internet Protocol (IP) that is designed to be an evolutionary step from the current version, IPv4 (version 4). Deploying IPv6, by using defined transition mechanisms, does not disrupt current operations. In addition, IPv6 provides a platform for new Internet functionality. IPv6 is described in more detail inChapter 3, Planning an IPv6 Addressing Scheme (Overview), in System Administration Guide: IP Services.
A user-defined task to be completed by a computer system.
When you use a profile diskette for custom JumpStart installations, the JumpStart directory is the root directory on the diskette that contains all the essential custom JumpStart files. When you use a profile server for custom JumpStart installations, the JumpStart directory is a directory on the server that contains all the essential custom JumpStart files.
A type of installation in which the Solaris software is automatically installed on a system by using the factory-installed JumpStart software.
A network authentication protocol that uses strong, secret-key cryptography to enable a client and server to identify themselves to each other over an insecure network connection.
The code for encrypting or decrypting data. See also encryption.
A file that contains keys shared by a client and server. During a WAN boot installation, the client system uses the keys to verify the integrity of, or decrypt the data and files transmitted from, the server.
(local area network) A group of computer systems in close proximity that can communicate by way of some connecting hardware and software.
(Lightweight Directory Access Protocol) A standard, extensible directory access protocol that is used by LDAP naming service clients and servers to communicate with each other.
A geographic or political region or community that shares the same language, customs, or cultural conventions (English for the U.S. is en_US, and English for the U.K. is en_UK).
A group of physical slices on one or more disks that appear to the system as a single device. A logical device is called a volume in Solaris Volume Manager. A volume is functionally identical to a physical disk for the purposes of an application or file system.
A section of a Solaris Flash archive that is used to validate a clone system. The manifest section lists the files on a system to be retained, added to, or deleted from the clone system. This section is informational only. The section lists the files in an internal format and cannot be used for scripting.
A system that you use to create a Solaris Flash archive. The system configuration is saved in the archive.
(Message Digest 5) An iterative cryptographic hash function that is used for message authentication, including digital signatures. The function was developed in 1991 by Rivest.
See install server.
x86 only: A file that lists all the operating systems that are installed on a system. The contents of this file dictate the list of operating systems that is displayed on the GRUB menu. From the GRUB menu, you can easily boot an operating system without modifying the BIOS or fdisk partition settings.
A minimal, bootable root (/) file system that is included in Solaris installation media. A miniroot consists of the Solaris software that is required to install and upgrade systems. On x86 based systems, the miniroot is copied to the system to be used as the failsafe boot archive. See failsafe boot archive.
See RAID-1 volume.
The process of accessing a directory from a disk that is attached to a machine that is making the mount request or a remote disk on a network. To mount a file system, you need a mount point on the local system and the name of the file system to be mounted (for example, /usr).
A workstation directory to which you mount a file system that exists on a remote machine.
A server that provides a naming service to systems on a network.
A distributed network database that contains key system information about all the systems on a network so that the systems can communicate with each other. With a naming service, the system information can be maintained, managed, and accessed on a network-wide basis. Without a naming service, each system has to maintain its own copy of the system information in the local /etc files. Sun supports the following naming services: LDAP, NIS, and NIS+.
A way to install software over the network from a system with a CD-ROM or DVD-ROM drive to a system without a CD-ROM or DVD-ROM drive. Network installations require a name server and an install server.
A group of systems (called hosts) that are connected through hardware and software so that they can communicate and share information. Referred to as a local area network (LAN). One or more servers are usually needed when systems are networked.
The SunOS 4.0 (minimum) Network Information Service. A distributed network database that contains key information about the systems and the users on the network. The NIS database is stored on the master server and all the slave servers.
The SunOS 5.0 (minimum) Network Information Service. NIS+ replaces NIS, the SunOS 4.0 (minimum) Network Information Service.
A virtualized operating system environment created within a single instance of the Solaris Operating System. One or more applications can run in a non-global zone without interacting with the rest of the system. Non-global zones are also called zones. See also Solaris Zones and global zone.
Systems that are not connected to a network or do not rely on other systems.
A file system that contains the mount points for third-party and unbundled software.
A system that provides services to systems on a network. To serve diskless clients, an OS server must have disk space set aside for each diskless client's root (/) file system and swap space (/export/root, /export/swap).
A collection of software that is grouped into a single entity for modular installation. The Solaris software is divided into software groups, which are each composed of clusters and packages.
A container for organizing the contents of a window, a dialog box, or applet. The panel might collect and confirm user input. Panels might be used by wizards and follow an ordered sequence to fulfill a designated task.
A script that you can run manually or as part of the Solaris installation program. The patch analyzer performs an analysis on your system to determine which (if any) patches will be removed by upgrading to a Solaris update.
A vendor-defined grouping of hardware platforms for the purpose of distributing specific software. Examples of valid platform groups are i86pc and sun4u.
The output of the uname -i command. For example, the platform name for the Ultra 60 is SUNW,Ultra-60.
Software that automatically saves the state of a system and turns it off after it is idle for 30 minutes. When you install the Solaris software on a system that complies with Version 2 of the U.S. Environmental Protection Agency's Energy Star guidelines, the Power Management software is installed by default. A sun4u SPARC based system is an example of a system that has Power Management installed by default. After a subsequent reboot, you are prompted to enable or disable the Power Management software.
Energy Star guidelines require that systems or monitors automatically enter a “sleep state” (consume 30 watts or less) after the system or monitor becomes inactive.
A boot archive that is used to boot the Solaris OS on a system. This boot archive is sometimes called the primary boot archive. See boot archive.
The decryption key used in public-key encryption.
A syntactical element that extracts attribute information about a system when using the custom JumpStart method to install. A probe keyword does not require you to set up a matching condition and run a profile as required for a rule. See also rule.
A text file that defines how to install the Solaris software when using the custom JumpStart method. For example, a profile defines which software group to install. Every rule specifies a profile that defines how a system is to be installed when the rule is matched. You usually create a different profile for every rule. However, the same profile can be used in more than one rule. See also rules file.
A diskette that contains all the essential custom JumpStart files in its root directory (JumpStart directory).
A server that contains all the essential custom JumpStart files in a JumpStart directory.
The encryption key used in public-key encryption.
A cryptographic system that uses two keys: a public key known to everyone, and a private key known only to the recipient of the message.
A class of volume that can be a stripe or a concatenation. These components are also called submirrors. A stripe or concatenation is the basic building block for mirrors.
A class of volume that replicates data by maintaining multiple copies. A RAID-1 volume is composed of one or more RAID-0 volumes called submirrors. A RAID-1 volume is sometimes called a mirror.
A software group that contains the minimum code that is required to boot and run a Solaris system with limited network service support. The Reduced Networking Software Group provides a multiuser text-based console and system administration utilities. This software group also enables the system to recognize network interfaces, but does not activate network services.
A program that provides a mechanism to administer and obtain access to the data on DVD-ROMs, CD-ROMs, and diskettes.
The top level of a hierarchy of items. Root is the one item from which all other items are descended. See root directory or root (/) file system.
The top-level file system from which all other file systems stem. The root (/) file system is the base on which all other file systems are mounted, and is never unmounted. The root (/) file system contains the directories and files critical for system operation, such as the kernel, device drivers, and the programs that are used to start (boot) a system.
The top-level directory from which all other directories stem.
A series of values that assigns one or more system attributes to a profile. A rule is used in a custom JumpStart installation.
A text file that contains a rule for each group of systems or single systems that you want to install automatically. Each rule distinguishes a group of systems, based on one or more system attributes. The rules file links each group to a profile, which is a text file that defines how the Solaris software is to be installed on each system in the group. A rules file is used in a custom JumpStart installation. See also profile.
A generated version of the rules file. The rules.ok file is required by the custom JumpStart installation software to match a system to a profile. You must use the check script to create the rules.ok file.
(SSL) A software library establishing a secure connection between two parties (client and server) used to implement HTTPS, the secure version of HTTP.
A network device that manages resources and supplies services to a client.
(Secure Hashing Algorithm) The algorithm that operates on any input length less than 264 to produce a message digest.
File systems that are user-defined files such as /export/home and /swap. These file systems are shared between the active and inactive boot environment when you use Solaris Live Upgrade. Shareable file systems contain the same mount point in the vfstab file in both the active and inactive boot environments. Updating shared files in the active boot environment also updates data in the inactive boot environment. Shareable file systems are shared by default, but you can specify a destination slice, and then the file systems are copied.
The unit into which the disk space is divided by the software.
A logical grouping of the Solaris software (clusters and packages). During a Solaris installation, you can install one of the following software groups: Core, End User Solaris Software, Developer Solaris Software, or Entire Solaris Software, and for SPARC systems only, Entire Solaris Software Group Plus OEM Support.
The Solaris software that is installed on a system, which you can access on the Solaris DVDs or CDs or an install server's hard disk to which you have copied the Solaris DVD or CD images.
A Solaris installation feature that enables you to create an archive of the files on a system, called the master system. You can then use the archive to install other systems, making the other systems identical in their configuration to the master system. See also archive.
A graphical user interface (GUI) or command-line interface (CLI) installation program that uses wizard panels to guide you step-by-step through installing the Solaris software and third-party software.
An upgrade method that enables a duplicate boot environment to be upgraded while the active boot environment is still running, thus eliminating downtime of the production environment.
A software partitioning technology used to virtualize operating system services and provide an isolated and secure environment for running applications. When you create a non-global zone, you produce an application execution environment in which processes are isolated from all other zones. This isolation prevents processes that are running in a zone from monitoring or affecting processes that are running in any other zones. See also global zone and non-global zone.
A computer that does not require support from any other machine.
A database that stores information about the state of your Solaris Volume Manager configuration. The state database is a collection of multiple, replicated database copies. Each copy is referred to as a state database replica. The state database tracks the location and status of all known state database replicas.
A copy of a state database. The replica ensures that the data in the database is valid.
See RAID-0 volume.
A working scheme that divides a single logical network into smaller physical networks to simplify routing.
A bit mask that is used to select bits from an Internet address for subnet addressing. The mask is 32 bits long and selects the network portion of the Internet address and 1 or more bits of the local portion.
A special user who has privileges to perform all administrative tasks on the system. The superuser has the ability to read and write to any file, run all programs, and send kill signals to any process.
A slice or file that temporarily holds the contents of a memory area till it can be reloaded in memory. Also called the /swap or swap file system.
A file in which you specify a set of special system configuration keywords that preconfigure a system.
(system.conf) A text file in which you specify the locations of the sysidcfg file and the custom JumpStart files you want to use in a WAN boot installation.
Any of the 24 longitudinal divisions of the earth's surface for which a standard time is kept.
A file that contains one or more digital certificates. During a WAN boot installation, the client system verifies the identity of the server that is trying to perform the installation by consulting the data in the truststore file.
The process of removing access to a directory on a disk that is attached to a machine or to a remote disk on a network.
An installation, or to perform an installation, on a system that changes software that is of the same type. Unlike an upgrade, an update might downgrade the system. Unlike an initial installation, software of the same type that is being installed must be present before an update can occur.
An installation that merges files with existing files and preserves modifications where possible.
An upgrade of the Solaris OS merges the new version of the Solaris OS with the existing files on the system's disk or disks. An upgrade saves as many modifications as possible that you have made to the previous version of the Solaris OS.
An option that is presented by the Solaris installation program . The upgrade procedure merges the new version of Solaris with existing files on your disk or disks. An upgrade also saves as many local modifications as possible since the last time Solaris was installed.
(Uniform Resource Locator) The addressing system used by the server and the client to request documents. A URL is often called a location. The format of a URL is protocol://machine:port/document.
A sample URL is http://www.example.com/index.html.
A file system on a standalone system or server that contains many of the standard UNIX programs. Sharing the large /usr file system with a server rather than maintaining a local copy minimizes the overall disk space that is required to install and run the Solaris software on a system.
A standard program, usually furnished at no charge with the purchase of a computer, that does the computer's housekeeping.
A file system or directory (on standalone systems) that contains system files that are likely to change or grow over the life of the system. These files include system logs, vi files, mail files, and UUCP files.
A group of physical slices or other volumes that appear to the system as a single logical device. A volume is functionally identical to a physical disk for the purposes of an application or file system.
In some command-line utilities, a volume is called a metadevice. Volume is also called pseudo device or virtual device in standard UNIX terms.
(wide area network) A network that connects multiple local area networks (LANs) or systems at different geographical sites by using telephone, fiber-optic, or satellite links.
A type of installation that enables you to boot and install software over a wide area network (WAN) by using HTTP or HTTPS. The WAN boot installation method enables you to transmit an encrypted Solaris Flash archive over a public network and perform a custom JumpStart installation on a remote client.
A miniroot that has been modified to perform a WAN boot installation. The WAN boot miniroot contains a subset of the software in the Solaris miniroot. See also miniroot.
A web server that provides the configuration and security files that are used during a WAN boot installation.
The CGI program that retrieves and transmits the data and files that are used in a WAN boot installation.
A text file in which you specify the configuration information and security settings that are required to perform a WAN boot installation.
The second-level boot program that loads the WAN boot miniroot, client configuration files, and installation files that are required to perform a WAN boot installation. For WAN boot installations, the wanboot binary performs tasks similar to the ufsboot or inetboot second-level boot programs.
See non-global zone