Solaris 10 11/06 Installation Guide: Network-Based Installations

`sysidcfg` File Keywords

Table 2–3 lists the keywords you can use to configure system information in the sysidcfg file.

Table 2–3 Keywords to Use in sysidcfg


Configuration Information	Keyword
Naming service, domain name, name server	`name_service` Keyword
Network interface, host name, Internet Protocol (IP) address, netmask, DHCP, IPv6	`network_interface` Keyword
Root password	`root_password` Keyword
Security policy	`security_policy` Keyword
Network security profile	`service_profile` Keyword
Language in which to display the install program and desktop	`system_locale` Keyword
Terminal type	`terminal` Keyword
Time zone	`timezone` Keyword
Date and time	`timeserver` Keyword
x86: Monitor type	x86: `monitor` Keyword
x86: Keyboard language, keyboard layout	x86: `keyboard` Keyword
x86: Graphics card, screen size, color depth, display resolution	x86: `display` Keyword
x86: Pointing device, number of buttons, IRQ level	x86: `pointer` Keyword

The following sections describe the keywords that you can use in the sysidcfg file.

`name_service` Keyword

You can use the name_service keyword to configure the naming service, the domain name, and the name server for the system. The following sample shows the general syntax for the name_service keyword.

name_service=name-service {domain_name=domain-name 
                                 name_server=name-server
                                 optional-keyword=value}

Choose only one value for name_service. Include all or none of the domain_name, name_server, or optional keywords, as needed. If no keywords are used, omit the curly braces {}.

Note –

The name_service option in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services that were previously set up for site.xml. Therefore, you might need to reset your name service after installation.

The following sections describe the keyword syntax to configure the system to use a specific naming service.

NIS Syntax for `name_service` Keyword

Use the following syntax to configure the system to use the NIS naming service.

name_service=NIS {domain_name=domain-name 
                   name_server=hostname(ip-address)}

domain-name: Specifies the domain name
hostname: Specifies the host name of the name server
ip-address: Specifies the IP address of the name server

Example 2–4 Specifying a NIS Server With the `name_service` Keyword

The following example specifies a NIS server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.

name_service=NIS {domain_name=west.example.com 
                  name_server=timber(192.168.2.1)}

For more information about the NIS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

NIS+ Syntax for `name_service` Keyword

Use the following syntax to configure the system to use the NIS name service.

name_service=NIS+ {domain_name=domain-name 
                   name_server=hostname(ip-address)}

domain-name: Specifies the domain name
hostname: Specifies the host name of the name server
ip-address: Specifies the IP address of the name server

Example 2–5 Specifying a NIS+ Server With the `name_service` Keyword

The following example specifies a NIS+ server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.

name_service=NIS+ {domain_name=west.example.com 
                   name_server=timber(192.168.2.1)}

For more information about the NIS+ name service, see System Administration Guide: Naming and Directory Services (NIS+).

DNS Syntax for `name_service` Keyword

Use the following syntax to configure the system to use DNS.

name_service=DNS {domain_name=domain-name 
                  name_server=ip-address,ip-address,ip-address
                  search=domain-name,domain-name,domain-name,
                  domain-name,domain-name,domain-name}

domain_name=domain-name: Specifies the domain name.
name_server=ip-address: Specifies the IP address of the DNS server. You can specify up to three IP addresses as values for the name_server keyword.
search=domain-name: (Optional) Specifies additional domains to search for naming service information. You can specify up to six domain names to search. The total length of each search entry cannot exceed 250 characters.

Example 2–6 Specifying a DNS Server With the `name_service` Keyword

The following example specifies a DNS server with the domain name west.example.com. The server IP addresses are 10.0.1.10 and 10.0.1.20. example.com and east.example.com are listed as additional domains to search for naming service information.

name_service=DNS {domain_name=west.example.com 
                  name_server=10.0.1.10,10.0.1.20 
                  search=example.com,east.example.com}

For more information about the DNS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

LDAP Syntax for `name_service` Keyword

Use the following syntax to configure the system to use LDAP.

name_service=LDAP {domain_name=domain_name
                   profile=profile_name profile_server=ip_address 
                   proxy_dn="proxy_bind_dn" proxy_password=password}

domain_name: Specifies the domain name of the LDAP server.
profile_name: Specifies the name of the LDAP profile you want to use to configure the system.
ip_address: Specifies the IP address of the LDAP profile server.
proxy_bind_dn: (Optional) Specifies the proxy bind distinguished name. You must enclose the proxy_bind_dn value in double quotes.
password: (Optional) Specifies the client proxy password.

Example 2–7 Specifying an LDAP Server With the `name_service` Keyword

The following example specifies an LDAP server with the following configuration information.

The domain name is west.example.com.
The installation program uses the LDAP profile that is named default to configure the system.
The IP address of the LDAP server is 172.31.2.1.
The proxy bind distinguished name includes the following information.
- The common name for the entry is proxyagent.
- The organizational unit is profile.
- The proxy domain includes the west, example, and com domain components.
The proxy password is password.

name_service=LDAP {domain_name=west.example.com 
                   profile=default 
                   profile_server=172.31.2.1 
                   proxy_dn="cn=proxyagent,ou=profile,
                   dc=west,dc=example,dc=com" 
                   proxy_password=password}

For more information about how to use LDAP, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

`network_interface` Keyword

Use the network_interface keyword to perform the following tasks.

Specify a host name
Specify an IP address
Specify the default router address
Specify a netmask value
Use DHCP to configure the network interface
Enable IPv6 on the network interface

The following sections describe how to use the network_interface keyword to configure the system interfaces.

Syntax for Nonnetworked Systems

To turn off networking for the system, set the network_interface value to none. For example:

network_interface=none

Syntax for Configuring a Single Interface

You can use the network_interface keyword to configure a single interface in the following ways.

With DHCP – You can use a DHCP server on your network to configure the network interface. For more information on how to use a DHCP server during your installation, see Preconfiguring System Configuration Information With the DHCP Service (Tasks).

To use the DHCP server to configure a single interface on the system, use the following syntax for the network_interface keyword.
network_interface=PRIMARY or value {dhcp protocol_ipv6=yes-or-no}
PRIMARY

Instructs the installation program to configure the first up, non-loopback interface that is found on the system. The order is the same as the order that is displayed with the ifconfig command. If no interfaces are up, then the first non-loopback interface is used. If no non-loopback interfaces are found, then the system is nonnetworked.

value

Instructs the installation program to configure a specific interface, such as hme0 or eri1.

protocol_ipv6=yes-or-no

Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

For WAN boot installations, you must set the value of protocol_ipv6=no.

Without DHCP – If you do not want to use DHCP to configure the network interface, you can specify the configuration information in the sysidcfg file. To instruct the installation program to configure a single interface on the system without using DHCP, use the following syntax.

network_interface=PRIMARY or value 
                  {hostname=host_name 
                   default_route=ip_address
                   ip_address=ip_address 
                   netmask=netmask 
                   protocol_ipv6=yes_or_no}

PRIMARY

Instructs the installation program to configure the first up, non-loopback interface that is found on the system. The order is the same as the order that is displayed with the ifconfig command. If no interfaces are up, then the first non-loopback interface is used. If no non-loopback interfaces are found, then the system is not networked.

Note –

Do not use the PRIMARY keyword value if you want to configure multiple interfaces.

value

Instructs the installation program to configure a specific interface, such as hme0 or eri1.

hostname=host_name

(Optional) Specifies the host name of the system.

default_route=ip_address or NONE

(Optional) Specifies the IP address of the default router. If you want the installation program to detect the router by using the ICMP router discovery protocol, omit this keyword.

Note –

If the installation program cannot detect the router, you are prompted for the router information during the installation.

ip_address=ip_address

(Optional) Specifies the IP address of the system.

netmask=netmask

(Optional) Specifies the netmask value for the system.

protocol_ipv6=yes_or_no

(Optional) Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

Note –

To perform an unattended custom JumpStart installation, you must specify a value for the protocol_ipv6 keyword.

For WAN boot installations, you must set the value of protocol_ipv6=no.

Include any combination or none of the hostname, ip_address, and netmask keywords, as needed. If you do not use any of these keywords, omit the curly braces ({}).

Example 2–8 Configuring a Single Interface By Using DHCP With the `network_interface` Keyword

The following example instructs the installation program to use DHCP to configure the eri0 network interface. IPv6 support is not enabled.

network_interface=eri0 {dhcp protocol_ipv6=no}

Example 2–9 Configuring a Single Interface By Specifying Configuration Information With the `network_interface` Keyword

The following example configures the interface eri0 with the following settings.

The host name is set to host1.
The IP address is set to 172.31.88.100.
The netmask is set to 255.255.255.0.
IPv6 support is not enabled on the interface.

network_interface=eri0 {hostname=host1 ip_address=172.31.88.100
                        netmask=255.255.255.0 protocol_ipv6=no}

Syntax for Configuring Multiple Interfaces

You can configure multiple network interfaces in your sysidcfg file. For each interface that you want to configure, include a network_interface entry in the sysidcfg file.

You can use the network_interface keyword to configure multiple interfaces in the following ways.

With DHCP – You can use a DHCP server on your network to configure a network interface. For more information on how to use a DHCP server during your installation, see Preconfiguring System Configuration Information With the DHCP Service (Tasks).

To use the DHCP server to configure a network interface on the system, use the following syntax for the network_interface keyword.
network_interface=value {primary dhcp protocol_ipv6=yes-or-no}
value

Instructs the installation program to configure a specific interface, such as hme0 or eri1.

primary

(Optional) Specifies value as the primary interface.

protocol_ipv6=yes-or-no

Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

Note –
For WAN boot installations, you must set the value of protocol_ipv6=no.

Without DHCP – If you do not want to use DHCP to configure the network interface, you can specify the configuration information in the sysidcfg file. To instruct the installation program to configure multiple interfaces without using DHCP, use the following syntax.

network_interface=value {primary hostname=host_name 
                          default_route=ip_address or NONE
                          ip_address=ip_address 
                          netmask=netmask 
                          protocol_ipv6=yes_or_no}

value

Instructs the installation program to configure a specific interface, such as hme0 or eri1.

primary

(Optional) Specifies value as the primary interface.

hostname=host_name

(Optional) Specifies the host name of the system.

default_route=ip_address or NONE

(Optional) Specifies the IP address of the default router. If you want the installation program to detect the router by using the ICMP router discovery protocol, omit this keyword.

If you configure multiple interfaces in the sysidcfg file, set default_route=NONE for each secondary interface that does not use a static default route.

Note –

If the installation program cannot detect the router, you are prompted for the router information during the installation.

ip_address=ip_address

(Optional) Specifies the IP address of the system.

netmask=netmask

(Optional) Specifies the netmask value for the system.

protocol_ipv6=yes_or_no

(Optional) Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

Note –

To perform an unattended custom JumpStart installation, you must specify a value for the protocol_ipv6 keyword.

For WAN boot installations, you must set the value of protocol_ipv6=no.

Include any combination or none of the hostname, ip_address, and netmask keywords, as needed. If you do not use any of these keywords, omit the curly braces ({}).

In the same sysidcfg file, you can use DHCP to configure certain interfaces, while also specifying the configuration information for other interfaces in the sysidcfg file.

Example 2–10 Configuring Multiple Interfaces With the `network_interface` Keyword

In the following example, the network interfaces eri0 and eri1 are configured in the following way.

eri0 is configured by using the DHCP server. IPv6 support is not enabled on eri0.
eri1 is the primary network interface. The host name is set to host1, and the IP address is set to 172.31.88.100. The netmask is set to 255.255.255.0. IPv6 support is not enabled on eri1.

network_interface=eri0 {dhcp protocol_ipv6=no}
network_interface=eri1 {primary hostname=host1 
                        ip_address=172.146.88.100
                        netmask=255.255.255.0 
                        protocol_ipv6=no}

`root_password` Keyword

You can specify the root password to the system in the sysidcfg file. To specify the root password, use the root_password keyword with the following syntax.

root_password=encrypted-password

encrypted-password is the encrypted password as it appears in the /etc/shadow file.

`security_policy` Keyword

You can use the security_policy keyword in your sysidcfg file to configure your system to use the Kerberos network authentication protocol. If you want to configure the system to use Kerberos, use the following syntax.

security_policy=kerberos {default_realm=FQDN 
                          admin_server=FQDN kdc=FQDN1, FQDN2, FQDN3}

FQDN specifies the fully qualified domain name of the Kerberos default realm, the administration server, or key distribution center (KDC). You must specify at least one, but no more than three, key distribution centers.

If you do not want to set the security policy for the system, set security_policy=NONE.

For more information about the Kerberos network authentication protocol, see System Administration Guide: Security Services.

Example 2–11 Configuring the System to Use Kerberos With the `security_policy` Keyword

The following example configures the system to use Kerberos with the following information.

The Kerberos default realm is example.com.
The Kerberos administration server is krbadmin.example.com.
The two key distribution centers are kdc1.example.com and kdc2.example.com.

security_policy=kerberos 
                {default_realm=example.COM 
                 admin_server=krbadmin.example.com 
                 kdc=kdc1.example.com, 
                 kdc2.example.com}

`service_profile` Keyword

You can use the service_profile keyword to install a more secure system by restricting network services. This security option is only available for initial installations. An upgrade maintains all previously set services.

Use one of the following syntaxes to set this keyword.

service_profile=limited_net

service_profile=open

limited_net specifies that all network services, except for Secure Shell, are either disabled or constrained to respond to local requests only. After installation, any individual network service can be enabled by using the svcadm and svccfg commands.

open specifies that no network service changes are made during installation.

If the service_profile keyword is not present in the sysidcfg file, no changes are made to the status of the network services during installation.

The network services can be enabled after installation by using the netservices open command or by enabling individual services by using SMF commands. See Revising Security Settings After Installation in Solaris 10 11/06 Installation Guide: Planning for Installation and Upgrade.

For further information about limiting network security during installation, see Planning Network Security in Solaris 10 11/06 Installation Guide: Planning for Installation and Upgrade. See also the following man pages.

netservices(1M)
svcadm(1M)
svccfg(1M) commands

`system_locale` Keyword

You can use the system_locale keyword to specify the language in which to display the install program and desktop. Use the following syntax to specify a locale.

system_locale=locale

locale specifies the language that you want the system to use to display the installation panels and screens. For a list of valid locale values, see the /usr/lib/locale directory or International Language Environments Guide.

`terminal` Keyword

You can use the terminal keyword to specify the terminal type for the system. Use the following syntax to specify the terminal type.

terminal=terminal_type

terminal_type specifies the terminal type for the system. For a list of valid terminal values, see the subdirectories in the /usr/share/lib/terminfo directory.

`timezone` Keyword

You can set the time zone for the system with the timezone keyword. Use the following syntax.

timezone=timezone

In the previous example, timezone specifies the time zone value for the system. The directories and files in the /usr/share/lib/zoneinfo directory provide the valid time zone values. The timezone value is the name of the path relative to the /usr/share/lib/zoneinfo directory. You can also specify any valid Olson time zone.

Example 2–12 Configuring the System Time Zone With the `timezone` Keyword

In the following example, the system time zone is set to mountain standard time in the United States.

timezone=US/Mountain

The installation program configures the system to use the time zone information in /usr/share/lib/zoneinfo/US/Mountain.

`timeserver` Keyword

You can use the timeserver keyword to specify the system that sets the date and time on the system you want to install.

Choose one of the following methods to set the timeserver keyword.

To configure the system to serve as its own time server, set timeserver=localhost. If you specify localhost as the time server, the system's time is assumed to be correct.
To specify another system as the time server, specify either the host name or the IP address of the time server with the timeserver keyword. Use the following syntax.
timeserver=hostname or ip-address
hostname is the host name of the time server system. ip-address specifies the IP address of the time server.

x86: `monitor` Keyword

For x86 based systems, you can configure the monitor information with the monitor keyword. Use the following syntax with the monitor keyword.

monitor=monitor_type

To set the value for the monitor keyword, run the kdmconfig -d command on the system you want to install. Copy the line of output that includes the monitor keyword, and include this line in the sysidcfg file.

For more information, see the kdmconfig(1M) man page.

x86: `keyboard` Keyword

For x86 based systems, you can configure the keyboard language and layout information with the keyboard keyword. Use the following syntax with the keyboard keyword.

keyboard=keyboard_language {layout=value}

To set the value for the keyboard keyword, run the kdmconfig -d command on the system you want to install. Copy the line of output that includes the keyboard keyword, and include this line in the sysidcfg file.

For more information, see the kdmconfig(1M) man page.

x86: `display` Keyword

For x86 based systems, you can configure the following information with the display keyword.

Graphics card
Screen size
Color depth
Display resolution

Use the following syntax with the display keyword.

display=graphics_card {size=screen_size 
                     depth=color_depth 
                     resolution=screen_resolution}

To set the appropriate values for the display keyword, run the kdmconfig -d command on the system you want to install. Copy the line of output that includes the display keyword, and include this line in the sysidcfg file.

For more information, see the kdmconfig(1M) man page.

x86: `pointer` Keyword

For x86 based systems, you can configure the following mouse information with the pointer keyword.

Pointing device
Number of buttons
IRQ level

Use the following syntax with the pointer keyword.

pointer=pointing_device {nbuttons=number_buttons irq=value}

To set the value for the pointer keyword, run the kdmconfig -d command on the system you want to install. Copy the line of output that includes the pointer keyword, and include this line in the sysidcfg file.

For more information, see the kdmconfig(1M) man page.

sysidcfg File Keywords

name_service Keyword

NIS Syntax for name_service Keyword

Example 2–4 Specifying a NIS Server With the name_service Keyword

NIS+ Syntax for name_service Keyword

Example 2–5 Specifying a NIS+ Server With the name_service Keyword

DNS Syntax for name_service Keyword

Example 2–6 Specifying a DNS Server With the name_service Keyword

LDAP Syntax for name_service Keyword

Example 2–7 Specifying an LDAP Server With the name_service Keyword

network_interface Keyword

Syntax for Nonnetworked Systems

Syntax for Configuring a Single Interface

Example 2–8 Configuring a Single Interface By Using DHCP With the network_interface Keyword

Example 2–9 Configuring a Single Interface By Specifying Configuration Information With the network_interface Keyword

Syntax for Configuring Multiple Interfaces

Example 2–10 Configuring Multiple Interfaces With the network_interface Keyword

root_password Keyword

security_policy Keyword

Example 2–11 Configuring the System to Use Kerberos With the security_policy Keyword

service_profile Keyword

system_locale Keyword

terminal Keyword

timezone Keyword

Example 2–12 Configuring the System Time Zone With the timezone Keyword

timeserver Keyword

x86: monitor Keyword

x86: keyboard Keyword

x86: display Keyword

x86: pointer Keyword

`sysidcfg` File Keywords

`name_service` Keyword

NIS Syntax for `name_service` Keyword

Example 2–4 Specifying a NIS Server With the `name_service` Keyword

NIS+ Syntax for `name_service` Keyword

Example 2–5 Specifying a NIS+ Server With the `name_service` Keyword

DNS Syntax for `name_service` Keyword

Example 2–6 Specifying a DNS Server With the `name_service` Keyword

LDAP Syntax for `name_service` Keyword

Example 2–7 Specifying an LDAP Server With the `name_service` Keyword

`network_interface` Keyword

Example 2–8 Configuring a Single Interface By Using DHCP With the `network_interface` Keyword

Example 2–9 Configuring a Single Interface By Specifying Configuration Information With the `network_interface` Keyword

Example 2–10 Configuring Multiple Interfaces With the `network_interface` Keyword

`root_password` Keyword

`security_policy` Keyword

Example 2–11 Configuring the System to Use Kerberos With the `security_policy` Keyword

`service_profile` Keyword

`system_locale` Keyword

`terminal` Keyword

`timezone` Keyword

Example 2–12 Configuring the System Time Zone With the `timezone` Keyword

`timeserver` Keyword

x86: `monitor` Keyword

x86: `keyboard` Keyword

x86: `display` Keyword

x86: `pointer` Keyword