跳过导航链接 | |
退出打印视图 | |
安装 Oracle Solaris 11.1 系统 Oracle Solaris 11.1 Information Library (简体中文) |
本节中的示例是可使用 installadm create-profile 命令添加到安装服务的完整系统配置文件。
本节显示了您可能希望用作修改基础的系统配置文件样例。可以在 /usr/share/auto_install/sc_profiles/sc_sample.xml 中获取此样例。创建安装服务后,可以在 image-path/auto_install/sc_profiles/sc_sample.xml 中获取此配置文件样例。
<?xml version="1.0"?> <!-- Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. --> <!-- Sample system configuration profile for use with Automated Installer Configures the following: * User account name 'jack', password 'jack', GID 10, UID 101, root role, bash shell * 'root' role with password 'solaris' * Keyboard mappings set to US-English * Time zone set to UTC * Network configuration is automated with Network Auto-magic * DNS name service client is enabled See installadm(1M) for usage of 'create-profile' subcommand. --> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="system configuration"> <service name="system/config-user" version="1"> <instance name="default" enabled="true"> <property_group name="user_account"> <propval name="login" value="jack"/> <propval name="password" value="9Nd/cwBcNWFZg"/> <propval name="description" value="default_user"/> <propval name="shell" value="/usr/bin/bash"/> <propval name="gid" value="10"/> <propval name="uid" value="101"/> <propval name="type" value="normal"/> <propval name="roles" value="root"/> <propval name="profiles" value="System Administrator"/> </property_group> <property_group name="root_account"> <propval name="password" value="encrypted_password"/> <propval name="type" value="role"/> </property_group> </instance> </service> <service version="1" name="system/identity"> <instance enabled="true" name="node"> <property_group name="config"> <propval name="nodename" value="solaris"/> </property_group> </instance> </service> <service name="system/console-login" version="1"> <instance name="default" enabled="true"> <property_group name="ttymon"> <propval name="terminal_type" value="sun"/> </property_group> </instance> </service> <service name="system/keymap" version="1"> <instance name="default" enabled="true"> <property_group name="keymap"> <propval name="layout" value="US-English"/> </property_group> </instance> </service> <service name="system/timezone" version="1"> <instance name="default" enabled="true"> <property_group name="timezone"> <propval name="localtime" value="UTC"/> </property_group> </instance> </service> <service name="system/environment" version="1"> <instance name="init" enabled="true"> <property_group name="environment"> <propval name="LANG" value="en_US.UTF-8"/> </property_group> </instance> </service> <service name="network/physical" version="1"> <instance name="default" enabled="true"> <property_group name="netcfg" type="application"> <propval name="active_ncp" type="astring" value="Automatic"/> </property_group> </instance> </service> </service_bundle>
可以在 /usr/share/auto_install/sc_profiles/static_network.xml 中获取此配置文件样例的一个版本。下面显示的此配置文件版本已经过修改,从而配置以下参数:
bge0,IPv4 静态地址为 10.0.0.10,网络掩码为 255.0.0.0
10.0.0.1 IPv4 缺省路由
bge1,具有 IPv6 addrconf 地址类型
DNS 8.8.8.8 名称服务器
作为主机名查找的 DNS 搜索列表的 example1.com 和 example2.com
使用表示法 IPaddress/netmask 指定网络掩码,其中 netmask 是指定网络掩码高序位数目的数字。
|
<?xml version="1.0"?> <!-- Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. --> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="system configuration"> <service name="system/config-user" version="1"> <instance name="default" enabled="true"> <property_group name="user_account"> <propval name="login" value="jack"/> <propval name="password" value="9Nd/cwBcNWFZg"/> <propval name="description" value="default_user"/> <propval name="shell" value="/usr/bin/bash"/> <propval name="gid" value="10"/> <propval name="type" value="normal"/> <propval name="roles" value="root"/> <propval name="profiles" value="System Administrator"/> </property_group> <property_group name="root_account"> <propval name="password" value="$5$dnRfcZse$Hx4aBQ161Uvn9ZxJFKMdRiy8tCf4gMT2s2rtkFba2y4"/> <propval name="type" value="role"/> </property_group> </instance> </service> <service version="1" name="system/identity"> <instance enabled="true" name="node"> <property_group name="config"> <propval name="nodename" value="solaris"/> </property_group> </instance> </service> <service name="system/console-login" version="1"> <instance name="default" enabled="true"> <property_group name="ttymon"> <propval name="terminal_type" value="sun"/> </property_group> </instance> </service> <service name="system/keymap" version="1"> <instance name="default" enabled="true"> <property_group name="keymap"> <propval name="layout" value="US-English"/> </property_group> </instance> </service> <service name="system/timezone" version="1"> <instance name="default" enabled="true"> <property_group name="timezone"> <propval name="localtime" value="UTC"/> </property_group> </instance> </service> <service name="system/environment" version="1"> <instance name="init" enabled="true"> <property_group name="environment"> <propval name="LANG" value="en_US.UTF-8"/> </property_group> </instance> </service> <service name="network/physical" version="1"> <instance name="default" enabled="true"> <property_group name="netcfg" type="application"> <propval name="active_ncp" type="astring" value="DefaultFixed"/> </property_group> </instance> </service> <service name="network/install" version="1" type="service"> <instance name="default" enabled="true"> <property_group name="install_ipv4_interface" type="application"> <propval name="name" type="astring" value="bge0/v4"/> <propval name="address_type" type="astring" value="static"/> <propval name="static_address" type="net_address_v4" value="10.0.0.10/8"/> <propval name="default_route" type="net_address_v4" value="10.0.0.1"/> </property_group> <property_group name="install_ipv6_interface" type="application"> <propval name="name" type="astring" value="bge1/v6"/> <propval name="address_type" type="astring" value="addrconf"/> <propval name="stateless" type="astring" value="yes"/> <propval name="stateful" type="astring" value="yes"/> </property_group> </instance> </service> <service name="network/dns/client" version="1"> <property_group name="config"> <property name="nameserver"> <net_address_list> <value_node value="8.8.8.8"/> </net_address_list> </property> <property name="search"> <astring_list> <value_node value="example1.com example2.com"/> </astring_list> </property> </property_group> <instance name="default" enabled="true"/> </service> <service version="1" name="system/name-service/switch"> <property_group name="config"> <propval name="default" value="files"/> <propval name="host" value="files dns mdns"/> <propval name="printer" value="user files"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> </service_bundle>
您可以将本节中的配置文件样例用作模板以创建自己的配置文件,也可以将 sysconfig 工具与 naming_services 分组结合使用来根据您对提示做出的响应生成配置文件。有关使用 sysconfig 创建系统配置文件的更多信息,请参见使用 SCI 工具创建配置文件和 sysconfig(1M) 手册页。
示例 11-8 启用指定域的 NIS
此配置文件示例可执行以下配置:
启用 my.domain.com 的 NIS
使用广播来搜索 NIS 服务器(该服务器必须处于同一子网中)
启用名称服务高速缓存服务(该服务是必需的)
<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <!-- Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. --> <service_bundle type='profile' name='default'> <service name='network/nis/domain' type='service' version='1'> <property_group name='config' type='application'> <propval name='domainname' type='hostname' value='my.domain.com'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='network/nis/client' type='service' version='1'> <property_group name='config' type='application'> <propval name='use_broadcast' type='boolean' value='true'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/switch' type='service' version='1'> <property_group name='config' type='application'> <propval name='default' type='astring' value='files nis'/> <propval name='printer' type='astring' value='user files nis'/> <propval name='netgroup' type='astring' value='nis'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/cache' type='service' version='1'> <instance name='default' enabled='true' /> </service> </service_bundle>
示例 11-9 配置 NIS 和禁用 DNS
此配置文件示例可执行以下配置:
使用 NIS 服务器(该服务器必须处于同一子网中)的自动广播来配置名称服务 NIS
配置 NIS 域 my.domain.com
启用名称服务高速缓存服务(该服务是必需的)
禁用 DNS 名称服务
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <!-- service name-service/switch below for NIS only - (see nsswitch.conf(4)) --> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files nis"/> <propval type="astring" name="printer" value="user files nis"/> <propval type="astring" name="netgroup" value="nis"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- service name-service/cache must be present along with name-service/switch --> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <!-- if no DNS, must be explicitly disabled to avoid error msgs --> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- configure the NIS client service to broadcast the subnet for a NIS server --> <service version="1" type="service" name="network/nis/client"> <property_group type="application" name="config"> <propval type="boolean" name="use_broadcast" value="true"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
示例 11-10 配置 NIS
以下配置文件将名称服务 NIS 的服务器 IP 地址配置为 10.0.0.10,将域配置为 mydomain.com。显式指定服务器 IP 地址时,NIS 服务器不需要处于同一子网中。
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <!-- name-service/switch below for NIS only - (see nsswitch.conf(4)) --> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files nis"/> <propval type="astring" name="printer" value="user files nis"/> <propval type="astring" name="netgroup" value="nis"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- name-service/cache must be present along with name-service/switch --> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <!-- if no DNS, must be explicitly disabled to avoid error msgs --> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="mydomain.com"/> <!-- Note: use property with net_address_list and value_node as below --> <property type="net_address" name="ypservers"> <net_address_list> <value_node value="10.0.0.10"/> </net_address_list> </property> </property_group> <!-- configure default instance separate from property_group --> <instance enabled="true" name="default"/> </service> <!-- enable the NIS client service --> <service version="1" type="service" name="network/nis/client"> <instance enabled="true" name="default"/> </service> </service_bundle>
示例 11-11 启用指定域的 NIS 和 DNS
本示例可配置 DNS 和 NIS 名称服务:
指定多个 DNS 名称服务器
指定 DNS 域搜索列表
指定 NIS 域
指定广播以搜索 NIS 服务器
<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <!-- Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. --> <service_bundle type='profile' name='default'> <service name='network/dns/client' type='service' version='1'> <property_group name='config' type='application'> <propval name='domain' type='astring' value='us.example.com'/> <property name='nameserver' type='net_address'> <net_address_list> <value_node value='130.35.249.52' /> <value_node value='130.35.249.41' /> <value_node value='130.35.202.15' /> </net_address_list> </property> <property name='search' type='astring'> <astring_list> <value_node value='us.example.com example.com example.com' /> </astring_list> </property> </property_group> <instance name='default' enabled='true' /> </service> <service name='network/nis/domain' type='service' version='1'> <property_group name='config' type='application'> <propval name='domainname' type='hostname' value='mydomain.com'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='network/nis/client' type='service' version='1'> <property_group name='config' type='application'> <propval name='use_broadcast' type='boolean' value='true'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/switch' type='service' version='1'> <property_group name='config' type='application'> <propval name='default' type='astring' value='files nis'/> <propval name='host' type='astring' value='files dns'/> <propval name='printer' type='astring' value='user files nis'/> <propval name='netgroup' type='astring' value='nis'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/cache' type='service' version='1'> <instance name='default' enabled='true' /> </service> </service_bundle>
示例 11-12 配置 DNS 及搜索列表
以下配置文件示例可配置以下参数:
名称服务 DNS
服务器 IP 地址 1.1.1.1 和 2.2.2.2
域 dom.ain.com
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <!-- name-service/switch below for DNS only - (see nsswitch.conf(4)) --> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files"/> <propval type="astring" name="host" value="files dns"/> <propval type="astring" name="printer" value="user files"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- name-service/cache must be present along with name-service/switch --> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <property_group type="application" name="config"> <!-- Note: use property with net_address_list and value_node as below --> <property type="net_address" name="nameserver"> <net_address_list> <value_node value="1.1.1.1"/> <value_node value="2.2.2.2"/> </net_address_list> </property> <!-- Note: use property with astring_list and value_node, concatenating search names, as below --> <property type="astring" name="search"> <astring_list> <value_node value="dom.ain.com ain.com"/> </astring_list> </property> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
示例 11-13 配置 LDAP 和 LDAP 搜索基
此配置文件示例可配置以下参数:
名称服务 LDAP,服务器 IP 地址为 10.0.0.10
服务 system/nis/domain 中指定的域 my.domain.com
LDAP 搜索基(必需),dc=my,dc=domain,dc=com
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files ldap"/> <propval type="astring" name="printer" value="user files ldap"/> <propval type="astring" name="netgroup" value="ldap"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/ldap/client"> <property_group type="application" name="config"> <propval type="astring" name="profile" value="default"/> <property type="host" name="server_list"> <host_list> <value_node value="10.0.0.10"/> </host_list> </property> <propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
示例 11-14 配置 LDAP 及安全 LDAP 服务器
此配置文件示例可配置以下参数:
名称服务 LDAP,服务器 IP 地址为 10.0.0.10
服务 system/nis/domain 中指定的域 my.domain.com
LDAP 搜索基(必需),dc=my,dc=domain,dc=com
LDAP 代理绑定标识名 cn=proxyagent,ou=profile,dc=my,dc=domain,dc=com
LDAP 代理绑定口令,作为一种安全措施进行了加密。可以使用以下方法之一查找加密的值:
通过 sysconfig create-profile 获取 bind_passwd 属性值。
通过 LDAP 服务器上 SMF 配置获取值。
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files ldap"/> <propval type="astring" name="printer" value="user files ldap"/> <propval type="astring" name="netgroup" value="ldap"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/ldap/client"> <property_group type="application" name="config"> <propval type="astring" name="profile" value="default"/> <property type="host" name="server_list"> <host_list> <value_node value="10.0.0.10"/> </host_list> </property> <propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/> </property_group> <property_group type="application" name="cred"> <propval type="astring" name="bind_dn" value="cn=proxyagent,ou=profile,dc=my,dc=domain,dc=com"/> <!-- note that the password below is encrypted --> <propval type="astring" name="bind_passwd" value="{NS1}c2ab873ae7c5ceefa4b9"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
DNS 名称服务可以与 LDAP 名称服务结合使用。DNS 的典型用途是解析节点名称(包括 LDAP 服务器名称),LDAP 的典型用途是解析所有其他名称。服务 system/name-service/switch 用于指定 DNS 以进行节点名称搜索,指定 LDAP 以解析其他名称,如本示例中的第一个 service 元素所示。
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files ldap"/> <propval type="astring" name="host" value="files dns"/> <propval type="astring" name="printer" value="user files ldap"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <property_group type="application" name="config"> <property type="net_address" name="nameserver"> <net_address_list> <value_node value="10.0.0.10"/> </net_address_list> </property> <propval type="astring" name="domain" value="my.domain.com"/> <property type="astring" name="search"> <astring_list> <value_node value="my.domain.com"/> </astring_list> </property> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/ldap/client"> <property_group type="application" name="config"> <propval type="astring" name="profile" value="default"/> <property type="host" name="server_list"> <host_list> <!-- here, DNS is expected to resolve the LDAP server by name --> <value_node value="ldapserver.my.domain.com"/> </host_list> </property> <propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
可以按照类似的方式将 NIS 与 DNS 结合使用。
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files nis"/> <propval type="astring" name="host" value="files dns"/> <propval type="astring" name="printer" value="user files nis"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <property_group type="application" name="config"> <property type="net_address" name="nameserver"> <net_address_list> <value_node value="10.0.0.10"/> </net_address_list> </property> <propval type="astring" name="domain" value="my.domain.com"/> <property type="astring" name="search"> <astring_list> <value_node value="my.domain.com"/> </astring_list> </property> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/client"> <property_group type="application" name="config"> <propval type="boolean" name="use_broadcast" value="true"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>