You can specify a set of keywords in the sysidcfg file to preconfigure a system. The keywords are described in sysidcfg File Keywords.
The name_service keyword in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services previously set up for site.xml. Therefore, you might need to reset your name service after installation.
You must create a unique sysidcfg file for every system that requires different configuration information. You can use the same sysidcfg file to preconfigure the time zone on a set of systems if you want all the systems to be assigned the same time zone. However, if you want to preconfigure a different root (superuser) password for each of those systems, you need to create a unique sysidcfg file for each system.
You can place the sysidcfg file in one of the following.
Table 2–2 sysidcfg Locations
NFS file system |
If you put the sysidcfg file in a shared NFS file system, you must use the -p option of the add_install_client(1M) command when you set up the system to install from the network. The -p option specifies where the system can find the sysidcfg file when you install the current Solaris release. |
UFS or PCFS diskette |
Place the sysidcfg file in the root (/) directory on the diskette. If you are performing a custom JumpStart installation and you want to use a sysidcfg file on a diskette, you must place the sysidcfg file on the profile diskette. To create a profile diskette, see Creating a Profile Diskette for Standalone Systems in Solaris 10 5/09 Installation Guide: Custom JumpStart and Advanced Installations. You can place only one sysidcfg file in a directory or on a diskette. If you are creating more than one sysidcfg file, you must place each file in a different directory or on a different diskette. |
HTTP or HTTPS server |
If you want to perform a WAN boot installation, place the sysidcfg file in the document root directory of the web server. |
You can use the naming service or DHCP to preconfigure your system. For information, see Chapter 3, Preconfiguring With a Naming Service or DHCP.
Create a file called sysidcfg in a text editor with the keywords you want.
Make the sysidcfg file available to clients by using one of the locations described at Table 2–2.
The following is an example of a sysidcfg file for a SPARC based system. The host name, IP address, and netmask of this system have been preconfigured by editing the naming service. Because all of the system configuration information is preconfigured in this file, you can use a custom JumpStart profile to perform a custom JumpStart installation. In this example, the NFSv4 domain name is automatically derived from the naming service. Because the service_profile keyword is not included in this example, configuration is not altered for the network services during installation.
keyboard=US-English system_locale=en_US timezone=US/Central terminal=sun-cmd timeserver=localhost name_service=NIS {domain_name=marquee.central.example.com name_server=nmsvr2(172.31.112.3)} nfs4_domain=dynamic root_password=m4QPOWNY network_interface=hme0 {hostname=host1 default_route=172.31.88.1 ip_address=172.31.88.210 netmask=255.255.0.0 protocol_ipv6=no} security_policy=kerberos {default_realm=example.com admin_server=krbadmin.example.com kdc=kdc1.example.com, kdc2.example.com} |
The following sample sysidcfg file is for a group of x86 based systems. In this example, the NFSv4 domain name is specified to be example.com. This custom name overrides the default domain name. Also in this example, the network services are disabled or restricted to local connections only.
keyboard=US-English timezone=US/Central timeserver=timehost1 terminal=ibm-pc service_profile=limited_net name_service=NIS {domain_name=marquee.central.example.com name_server=nmsvr2(172.25.112.3)} nfs4_domain=example.com root_password=URFUni9 |
In the following sample sysidcfg file, configuration information is specified for both the eri0 and eri1 network interfaces. The eri0 interface is configured as the primary network interface, and eri1 is configured as a secondary network interface. In this example, the NFSv4 domain name is automatically derived from the naming service.
timezone=US/Pacific system_locale=C terminal=xterms timeserver=localhost network_interface=eri0 {primary hostname=host1 ip_address=192.168.2.7 netmask=255.255.255.0 protocol_ipv6=no default_route=192.168.2.1} network_interface=eri1 {hostname=host1-b ip_address=192.168.3.8 netmask=255.255.255.0 protocol_ipv6=no default_route=NONE} root_password=JE2C35JGZi4B2 security_policy=none name_service=NIS {domain_name=domain.example.com name_server=nis-server(192.168.2.200)} nfs4_domain=dynamic
If you plan to use the sysidcfg file in an installation over the network, you need to set up an installation server and add the system as an installation client. For more information, see Chapter 4, Installing From the Network (Overview).
If you plan to use the sysidcfg file in a WAN boot installation, you need to perform additional tasks. For more information, see Chapter 10, WAN Boot (Overview).
If you plan to use the sysidcfg file in a custom JumpStart installation, you need to create a profile and a rules.ok file. For more information, see Chapter 2, Custom JumpStart (Overview), in Solaris 10 5/09 Installation Guide: Custom JumpStart and Advanced Installations.
For more information about the sysidcfg file, see the man page sysidcfg(4).
You can use two types of keywords in the sysidcfg file: independent and dependent. Dependent keywords are guaranteed to be unique only within independent keywords. A dependent keyword exists only when it is identified with its associated independent keyword.
In this example, name_service is the independent keyword, while domain_name and name_server are the dependent keywords:
name_service=NIS {domain_name=marquee.central.example.com name_server=connor(192.168.112.3)} |
Table 2–3 lists the keywords you can use to configure system information in the sysidcfg file.
Table 2–3 Keywords to Use in sysidcfg
Configuration Information |
Keyword |
---|---|
Keyboard layout and language | |
Naming service, domain name, name server | |
Network interface, host name, Internet Protocol (IP) address, netmask, DHCP, IPv6 | |
Domain name definition for NFSv4 | |
Root password | |
Security policy | |
Network security profile | |
Language in which to display the install program and desktop | |
Terminal type | |
Time zone | |
Date and time |
The following sections describe the keywords that you can use in the sysidcfg file.
The sysidkdb tool configures your USB language and its corresponding keyboard layout.
The following procedure occurs:
If the keyboard is self-identifying, the keyboard language and layout automatically configures during installation.
If the keyboard is not self-identifying, the sysidkdb tool provides you with a list of supported keyboard layouts during installation, so that you can select a layout for keyboard configuration.
PS/2 keyboards are not self-identifying. You will be asked to select the keyboard layout during the installation.
You can configure the keyboard language and its corresponding keyboard layout information by using the keyboard keyword. Each language has its own keyboard layout. Use the following syntax to select a language and its corresponding layout.
keyboard=keyboard_layout
For example, this entry sets the keyboard language and its corresponding keyboard layout for the German language:
keyboard=German
The value provided for keyboard_layout must be a valid value. Otherwise, an interactive response is required during installation. The valid keyboard_layout strings are defined in the /usr/share/lib/keytables/type_6/kbd_layouts file.
Previously, the USB keyboard assumed a self-identifying value of 1 during the installation. Therefore, all of the keyboards that were not self-identifying always configured for a U.S. English keyboard layout during installation.
If the keyboard is not self-identifying and you want to prevent being prompted during your JumpStart installation, select the keyboard language in your sysidcfg file. For JumpStart installations, the default is for the U.S. English language. To select another language and its corresponding keyboard layout, set the keyboard entry in your sysidcfg file as in the example provided above.
For further information, see the sysidcfg(4) and sysidtool(1M) man pages.
You can use the name_service keyword to configure the naming service, the domain name, and the name server for the system. The following sample shows the general syntax for the name_service keyword.
name_service=name-service {domain_name=domain-name name_server=name-server optional-keyword=value} |
Choose only one value for name_service. Include all or none of the domain_name, name_server, or optional keywords, as needed. If no keywords are used, omit the curly braces {}.
The name_service option in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services that were previously set up for site.xml. Therefore, you might need to reset your name service after installation.
The following sections describe the keyword syntax to configure the system to use a specific naming service.
Use the following syntax to configure the system to use the NIS naming service.
name_service=NIS {domain_name=domain-name name_server=hostname(ip-address)} |
Specifies the domain name
Specifies the host name of the name server
Specifies the IP address of the name server
The following example specifies a NIS server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.
name_service=NIS {domain_name=west.example.com name_server=timber(192.168.2.1)} |
For more information about the NIS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).
Use the following syntax to configure the system to use the NIS name service.
name_service=NIS+ {domain_name=domain-name name_server=hostname(ip-address)} |
Specifies the domain name
Specifies the host name of the name server
Specifies the IP address of the name server
The following example specifies a NIS+ server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.
name_service=NIS+ {domain_name=west.example.com name_server=timber(192.168.2.1)} |
For more information about the NIS+ name service, see System Administration Guide: Naming and Directory Services (NIS+).
Use the following syntax to configure the system to use DNS.
name_service=DNS {domain_name=domain-name name_server=ip-address,ip-address,ip-address search=domain-name,domain-name,domain-name, domain-name,domain-name,domain-name} |
Specifies the domain name.
Specifies the IP address of the DNS server. You can specify up to three IP addresses as values for the name_server keyword.
(Optional) Specifies additional domains to search for naming service information. You can specify up to six domain names to search. The total length of each search entry cannot exceed 250 characters.
The following example specifies a DNS server with the domain name west.example.com. The server IP addresses are 10.0.1.10 and 10.0.1.20. example.com and east.example.com are listed as additional domains to search for naming service information.
name_service=DNS {domain_name=west.example.com name_server=10.0.1.10,10.0.1.20 search=example.com,east.example.com} |
For more information about the DNS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).
Use the following syntax to configure the system to use LDAP.
name_service=LDAP {domain_name=domain_name profile=profile_name profile_server=ip_address proxy_dn="proxy_bind_dn" proxy_password=password} |
Specifies the domain name of the LDAP server.
Specifies the name of the LDAP profile you want to use to configure the system.
Specifies the IP address of the LDAP profile server.
(Optional) Specifies the proxy bind distinguished name. You must enclose the proxy_bind_dn value in double quotes.
(Optional) Specifies the client proxy password.
The following example specifies an LDAP server with the following configuration information.
The domain name is west.example.com.
The installation program uses the LDAP profile that is named default to configure the system.
The IP address of the LDAP server is 172.31.2.1.
The proxy bind distinguished name includes the following information.
The common name for the entry is proxyagent.
The organizational unit is profile.
The proxy domain includes the west, example, and com domain components.
The proxy password is password.
name_service=LDAP {domain_name=west.example.com profile=default profile_server=172.31.2.1 proxy_dn="cn=proxyagent,ou=profile, dc=west,dc=example,dc=com" proxy_password=password} |
For more information about how to use LDAP, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).
Use the network_interface keyword to perform the following tasks.
Specify a host name
Specify an IP address
Specify the default router address
Specify a netmask value
Use DHCP to configure the network interface
Enable IPv6 on the network interface
The following sections describe how to use the network_interface keyword to configure the system interfaces.
To turn off networking for the system, set the network_interface value to none. For example:
network_interface=none |
You can use the network_interface keyword to configure a single interface in the following ways.
With DHCP – You can use a DHCP server on your network to configure the network interface. For more information on how to use a DHCP server during your installation, see Preconfiguring System Configuration Information With the DHCP Service (Tasks).
To use the DHCP server to configure a single interface on the system, use the following syntax for the network_interface keyword.
network_interface=PRIMARY or value {dhcp protocol_ipv6=yes-or-no} |
Instructs the installation program to configure the first up, non-loopback interface that is found on the system. The order is the same as the order that is displayed with the ifconfig command. If no interfaces are up, then the first non-loopback interface is used. If no non-loopback interfaces are found, then the system is nonnetworked.
Instructs the installation program to configure a specific interface, such as hme0 or eri1.
Instructs the installation program to configure the system to use either IPv6 or to not use IPv6.
For WAN boot installations, you must set the value of protocol_ipv6=no.
Without DHCP – If you do not want to use DHCP to configure the network interface, you can specify the configuration information in the sysidcfg file. To instruct the installation program to configure a single interface on the system without using DHCP, use the following syntax.
network_interface=PRIMARY or value {hostname=host_name default_route=ip_address ip_address=ip_address netmask=netmask protocol_ipv6=yes_or_no} |
Instructs the installation program to configure the first up, non-loopback interface that is found on the system. The order is the same as the order that is displayed with the ifconfig command. If no interfaces are up, then the first non-loopback interface is used. If no non-loopback interfaces are found, then the system is not networked.
Do not use the PRIMARY keyword value if you want to configure multiple interfaces.
Instructs the installation program to configure a specific interface, such as hme0 or eri1.
(Optional) Specifies the host name of the system.
(Optional) Specifies the IP address of the default router. If you want the installation program to detect the router by using the ICMP router discovery protocol, omit this keyword.
If the installation program cannot detect the router, you are prompted for the router information during the installation.
(Optional) Specifies the IP address of the system.
(Optional) Specifies the netmask value for the system.
(Optional) Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.
To perform an unattended custom JumpStart installation, you must specify a value for the protocol_ipv6 keyword.
For WAN boot installations, you must set the value of protocol_ipv6=no.
Include any combination or none of the hostname, ip_address, and netmask keywords, as needed. If you do not use any of these keywords, omit the curly braces ({}).
The following example instructs the installation program to use DHCP to configure the eri0 network interface. IPv6 support is not enabled.
network_interface=eri0 {dhcp protocol_ipv6=no} |
The following example configures the interface eri0 with the following settings.
The host name is set to host1.
The IP address is set to 172.31.88.100.
The netmask is set to 255.255.255.0.
IPv6 support is not enabled on the interface.
network_interface=eri0 {hostname=host1 ip_address=172.31.88.100 netmask=255.255.255.0 protocol_ipv6=no} |
You can configure multiple network interfaces in your sysidcfg file. For each interface that you want to configure, include a network_interface entry in the sysidcfg file.
You can use the network_interface keyword to configure multiple interfaces in the following ways.
With DHCP – You can use a DHCP server on your network to configure a network interface. For more information on how to use a DHCP server during your installation, see Preconfiguring System Configuration Information With the DHCP Service (Tasks).
To use the DHCP server to configure a network interface on the system, use the following syntax for the network_interface keyword.
network_interface=value {primary dhcp protocol_ipv6=yes-or-no} |
Instructs the installation program to configure a specific interface, such as hme0 or eri1.
(Optional) Specifies value as the primary interface.
Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.
For WAN boot installations, you must set the value of protocol_ipv6=no.
Without DHCP – If you do not want to use DHCP to configure the network interface, you can specify the configuration information in the sysidcfg file. To instruct the installation program to configure multiple interfaces without using DHCP, use the following syntax.
network_interface=value {primary hostname=host_name default_route=ip_address or NONE ip_address=ip_address netmask=netmask protocol_ipv6=yes_or_no} |
Instructs the installation program to configure a specific interface, such as hme0 or eri1.
(Optional) Specifies value as the primary interface.
(Optional) Specifies the host name of the system.
(Optional) Specifies the IP address of the default router. If you want the installation program to detect the router by using the ICMP router discovery protocol, omit this keyword.
If you configure multiple interfaces in the sysidcfg file, set default_route=NONE for each secondary interface that does not use a static default route.
If the installation program cannot detect the router, you are prompted for the router information during the installation.
(Optional) Specifies the IP address of the system.
(Optional) Specifies the netmask value for the system.
(Optional) Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.
To perform an unattended custom JumpStart installation, you must specify a value for the protocol_ipv6 keyword.
For WAN boot installations, you must set the value of protocol_ipv6=no.
Include any combination or none of the hostname, ip_address, and netmask keywords, as needed. If you do not use any of these keywords, omit the curly braces ({}).
In the same sysidcfg file, you can use DHCP to configure certain interfaces, while also specifying the configuration information for other interfaces in the sysidcfg file.
In the following example, the network interfaces eri0 and eri1 are configured in the following way.
eri0 is configured by using the DHCP server. IPv6 support is not enabled on eri0.
eri1 is the primary network interface. The host name is set to host1, and the IP address is set to 172.31.88.100. The netmask is set to 255.255.255.0. IPv6 support is not enabled on eri1.
network_interface=eri0 {dhcp protocol_ipv6=no} network_interface=eri1 {primary hostname=host1 ip_address=172.146.88.100 netmask=255.255.255.0 protocol_ipv6=no} |
To prevent being asked to specify an NFSv4 domain name during installation, use the nfs4_domain keyword in the sysidcfg file. This keyword suppresses selection of a domain name during the installation process. Use the following syntax:
nfs4_domain=dynamic or custom_domain_name |
This reserved keyword dynamically derives the NFSv4 domain name, based on naming services configuration. For example:
nfs4_domain=dynamic |
This example enables the domain name to be derived by the naming service.
The reserved keyword, dynamic, is not case sensitive.
By default, NFSv4 uses a domain name that is automatically derived from the system's naming services. This domain name is sufficient for most configurations. In a few cases, mount points that cross domain boundaries can cause files to appear to be owned by “nobody” because no common domain name exists. To prevent this situation, you can override the default domain name and select a custom domain name.
This value overrides the default domain name.
This value must be a valid custom domain name. A valid domain name is composed of a combination of alphanumeric characters, dots, underscores, and dashes only. The first character must be an alphabetical character. For example:
nfs4_domain=example.com |
This example sets the value that is used by the nfsmapid daemon to be example.com. This selection overrides the default domain name.
In previous releases, scripts enabled users to avoid being prompted for the NFSv4 domain name during installation.
For JumpStart installations in the Solaris 10 OS, you could use the workaround JumpStart sample script, set_nfs4_domain, to suppress the NFSv4 prompt during installation. This script is no longer required. Use the sysidcfg keyword, nfs4_domain, instead.
In prior releases, the /etc/.NFS4inst_state.domain file was created by the sysidnfs4 program. This file would suppress the prompt for an NFSv4 domain name during installation. This file is no longer created. Use the sysidcfg keyword, nfs4_domain, instead.
You can specify the root password to the system in the sysidcfg file. To specify the root password, use the root_password keyword with the following syntax.
root_password=encrypted-password |
encrypted-password is the encrypted password as it appears in the /etc/shadow file.
You can use the security_policy keyword in your sysidcfg file to configure your system to use the Kerberos network authentication protocol. If you want to configure the system to use Kerberos, use the following syntax.
security_policy=kerberos {default_realm=FQDN admin_server=FQDN kdc=FQDN1, FQDN2, FQDN3} |
FQDN specifies the fully qualified domain name of the Kerberos default realm, the administration server, or key distribution center (KDC). You must specify at least one, but no more than three, key distribution centers.
If you do not want to set the security policy for the system, set security_policy=NONE.
For more information about the Kerberos network authentication protocol, see System Administration Guide: Security Services.
This example configures the system to use Kerberos with the following information.
The Kerberos default realm is example.com.
The Kerberos administration server is krbadmin.example.com.
The two key distribution centers are kdc1.example.com and kdc2.example.com.
security_policy=kerberos {default_realm=example.COM admin_server=krbadmin.example.com kdc=kdc1.example.com, kdc2.example.com} |
You can use the service_profile keyword to install a more secure system by restricting network services. This security option is available only for initial installations. An upgrade maintains all previously set services.
Use one of the following syntaxes to set this keyword.
service_profile=limited_net |
service_profile=open |
limited_net specifies that all network services, except for Secure Shell, are either disabled or constrained to respond to local requests only. After installation, any individual network service can be enabled by using the svcadm and svccfg commands.
open specifies that no network service changes are made during installation.
If the service_profile keyword is not present in the sysidcfg file, no changes are made to the status of the network services during installation.
The network services can be enabled after installation by using the netservices open command or by enabling individual services by using SMF commands. See Revising Security Settings After Installation in Solaris 10 5/09 Installation Guide: Planning for Installation and Upgrade.
For further information about limiting network security during installation, see Planning Network Security in Solaris 10 5/09 Installation Guide: Planning for Installation and Upgrade. See also the following man pages.
netservices(1M)
svcadm(1M)
svccfg(1M) commands
You can use the system_locale keyword to specify the language in which to display the install program and desktop. Use the following syntax to specify a locale.
system_locale=locale |
locale specifies the language that you want the system to use to display the installation panels and screens. For a list of valid locale values, see the /usr/lib/locale directory or International Language Environments Guide.
You can use the terminal keyword to specify the terminal type for the system. Use the following syntax to specify the terminal type.
terminal=terminal_type |
terminal_type specifies the terminal type for the system. For a list of valid terminal values, see the subdirectories in the /usr/share/lib/terminfo directory.
You can set the time zone for the system with the timezone keyword. Use the following syntax.
timezone=timezone |
In the previous example, timezone specifies the time zone value for the system. The directories and files in the /usr/share/lib/zoneinfo directory provide the valid time zone values. The timezone value is the name of the path relative to the /usr/share/lib/zoneinfo directory. You can also specify any valid Olson time zone.
In the following example, the system time zone is set to mountain standard time in the United States.
timezone=US/Mountain |
The installation program configures the system to use the time zone information in /usr/share/lib/zoneinfo/US/Mountain.
You can use the timeserver keyword to specify the system that sets the date and time on the system you want to install.
Choose one of the following methods to set the timeserver keyword.
To configure the system to serve as its own time server, set timeserver=localhost. If you specify localhost as the time server, the system's time is assumed to be correct.
To specify another system as the time server, specify either the host name or the IP address of the time server with the timeserver keyword. Use the following syntax.
timeserver=hostname or ip-address |
hostname is the host name of the time server system. ip-address specifies the IP address of the time server.