Solaris 10 5/09 Installation Guide: Network-Based Installations

Preconfiguring With the sysidcfg File

You can specify a set of keywords in the sysidcfg file to preconfigure a system. The keywords are described in sysidcfg File Keywords.


Note –

The name_service keyword in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services previously set up for site.xml. Therefore, you might need to reset your name service after installation.


You must create a unique sysidcfg file for every system that requires different configuration information. You can use the same sysidcfg file to preconfigure the time zone on a set of systems if you want all the systems to be assigned the same time zone. However, if you want to preconfigure a different root (superuser) password for each of those systems, you need to create a unique sysidcfg file for each system.

You can place the sysidcfg file in one of the following.

Table 2–2 sysidcfg Locations

NFS file system 

If you put the sysidcfg file in a shared NFS file system, you must use the -p option of the add_install_client(1M) command when you set up the system to install from the network. The -p option specifies where the system can find the sysidcfg file when you install the current Solaris release.

UFS or PCFS diskette 

Place the sysidcfg file in the root (/) directory on the diskette.

If you are performing a custom JumpStart installation and you want to use a sysidcfg file on a diskette, you must place the sysidcfg file on the profile diskette. To create a profile diskette, see Creating a Profile Diskette for Standalone Systems in Solaris 10 5/09 Installation Guide: Custom JumpStart and Advanced Installations.

You can place only one sysidcfg file in a directory or on a diskette. If you are creating more than one sysidcfg file, you must place each file in a different directory or on a different diskette.

HTTP or HTTPS server 

If you want to perform a WAN boot installation, place the sysidcfg file in the document root directory of the web server.

You can use the naming service or DHCP to preconfigure your system. For information, see Chapter 3, Preconfiguring With a Naming Service or DHCP.

ProcedureTo Create a sysidcfg Configuration File

  1. Create a file called sysidcfg in a text editor with the keywords you want.

  2. Make the sysidcfg file available to clients by using one of the locations described at Table 2–2.


Example 2–1 SPARC: sysidcfg File

The following is an example of a sysidcfg file for a SPARC based system. The host name, IP address, and netmask of this system have been preconfigured by editing the naming service. Because all of the system configuration information is preconfigured in this file, you can use a custom JumpStart profile to perform a custom JumpStart installation. In this example, the NFSv4 domain name is automatically derived from the naming service. Because the service_profile keyword is not included in this example, configuration is not altered for the network services during installation.

keyboard=US-English
system_locale=en_US
timezone=US/Central
terminal=sun-cmd
timeserver=localhost
name_service=NIS {domain_name=marquee.central.example.com
                  name_server=nmsvr2(172.31.112.3)}
nfs4_domain=dynamic
root_password=m4QPOWNY
network_interface=hme0 {hostname=host1 
                       default_route=172.31.88.1 
                       ip_address=172.31.88.210 
                       netmask=255.255.0.0 
                       protocol_ipv6=no}
security_policy=kerberos {default_realm=example.com 
                          admin_server=krbadmin.example.com 
                          kdc=kdc1.example.com, 
                          kdc2.example.com}


Example 2–2 x86: sysidcfg File

The following sample sysidcfg file is for a group of x86 based systems. In this example, the NFSv4 domain name is specified to be example.com. This custom name overrides the default domain name. Also in this example, the network services are disabled or restricted to local connections only.

keyboard=US-English
timezone=US/Central
timeserver=timehost1
terminal=ibm-pc
service_profile=limited_net

name_service=NIS {domain_name=marquee.central.example.com
                  name_server=nmsvr2(172.25.112.3)}
nfs4_domain=example.com
root_password=URFUni9


Example 2–3 sysidcfg File for Configuring Multiple Interfaces

In the following sample sysidcfg file, configuration information is specified for both the eri0 and eri1 network interfaces. The eri0 interface is configured as the primary network interface, and eri1 is configured as a secondary network interface. In this example, the NFSv4 domain name is automatically derived from the naming service.

timezone=US/Pacific
system_locale=C
terminal=xterms
timeserver=localhost
network_interface=eri0 {primary
                        hostname=host1
                        ip_address=192.168.2.7
                        netmask=255.255.255.0
                        protocol_ipv6=no
                        default_route=192.168.2.1}

network_interface=eri1 {hostname=host1-b
                        ip_address=192.168.3.8
                        netmask=255.255.255.0
                        protocol_ipv6=no
                        default_route=NONE}
root_password=JE2C35JGZi4B2
security_policy=none
name_service=NIS {domain_name=domain.example.com
                  name_server=nis-server(192.168.2.200)}
nfs4_domain=dynamic

Continuing the Installation

If you plan to use the sysidcfg file in an installation over the network, you need to set up an installation server and add the system as an installation client. For more information, see Chapter 4, Installing From the Network (Overview).

If you plan to use the sysidcfg file in a WAN boot installation, you need to perform additional tasks. For more information, see Chapter 10, WAN Boot (Overview).

If you plan to use the sysidcfg file in a custom JumpStart installation, you need to create a profile and a rules.ok file. For more information, see Chapter 2, Custom JumpStart (Overview), in Solaris 10 5/09 Installation Guide: Custom JumpStart and Advanced Installations.

See Also

For more information about the sysidcfg file, see the man page sysidcfg(4).

Syntax Rules for the sysidcfg File

You can use two types of keywords in the sysidcfg file: independent and dependent. Dependent keywords are guaranteed to be unique only within independent keywords. A dependent keyword exists only when it is identified with its associated independent keyword.

In this example, name_service is the independent keyword, while domain_name and name_server are the dependent keywords:

name_service=NIS {domain_name=marquee.central.example.com
name_server=connor(192.168.112.3)}

Syntax Rule 

Example 

Independent keywords can be listed in any order. 

pointer=MS-S
display=ati {size=15-inch}

Keywords are not case sensitive. 

TIMEZONE=US/Central
terminal=sun-cmd

Enclose all dependent keywords in curly braces ({}) to tie them to their associated independent keyword. 

name_service=NIS 
       {domain_name=marquee.central.example.com
        name_server=connor(192.168.112.3)}

You can optionally enclosed values in single (`) or double quotes (“). 

network_interface='none'

For all keywords except the network_interface keyword, only one instance of a keyword is valid. However, if you specify the keyword more than once, only the first instance of the keyword is used.

name_service=NIS
name_service=DNS

sysidcfg File Keywords

Table 2–3 lists the keywords you can use to configure system information in the sysidcfg file.

Table 2–3 Keywords to Use in sysidcfg

Configuration Information 

Keyword 

Keyboard layout and language 

keyboard Keyword

Naming service, domain name, name server 

name_service Keyword

Network interface, host name, Internet Protocol (IP) address, netmask, DHCP, IPv6 

network_interface Keyword

Domain name definition for NFSv4 

nfs4_domain Keyword

Root password 

root_password Keyword

Security policy 

security_policy Keyword

Network security profile 

service_profile Keyword

Language in which to display the install program and desktop 

system_locale Keyword

Terminal type 

terminal Keyword

Time zone 

timezone Keyword

Date and time 

timeserver Keyword

The following sections describe the keywords that you can use in the sysidcfg file.

keyboard Keyword

The sysidkdb tool configures your USB language and its corresponding keyboard layout.

The following procedure occurs:

You can configure the keyboard language and its corresponding keyboard layout information by using the keyboard keyword. Each language has its own keyboard layout. Use the following syntax to select a language and its corresponding layout.

keyboard=keyboard_layout

For example, this entry sets the keyboard language and its corresponding keyboard layout for the German language:

keyboard=German

The value provided for keyboard_layout must be a valid value. Otherwise, an interactive response is required during installation. The valid keyboard_layout strings are defined in the /usr/share/lib/keytables/type_6/kbd_layouts file.


SPARC only –

Previously, the USB keyboard assumed a self-identifying value of 1 during the installation. Therefore, all of the keyboards that were not self-identifying always configured for a U.S. English keyboard layout during installation.


If the keyboard is not self-identifying and you want to prevent being prompted during your JumpStart installation, select the keyboard language in your sysidcfg file. For JumpStart installations, the default is for the U.S. English language. To select another language and its corresponding keyboard layout, set the keyboard entry in your sysidcfg file as in the example provided above.

For further information, see the sysidcfg(4) and sysidtool(1M) man pages.

name_service Keyword

You can use the name_service keyword to configure the naming service, the domain name, and the name server for the system. The following sample shows the general syntax for the name_service keyword.


name_service=name-service {domain_name=domain-name 
                                 name_server=name-server
                                 optional-keyword=value}

Choose only one value for name_service. Include all or none of the domain_name, name_server, or optional keywords, as needed. If no keywords are used, omit the curly braces {}.


Note –

The name_service option in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services that were previously set up for site.xml. Therefore, you might need to reset your name service after installation.


The following sections describe the keyword syntax to configure the system to use a specific naming service.

NIS Syntax for name_service Keyword

Use the following syntax to configure the system to use the NIS naming service.


name_service=NIS {domain_name=domain-name 
                   name_server=hostname(ip-address)}
domain-name

Specifies the domain name

hostname

Specifies the host name of the name server

ip-address

Specifies the IP address of the name server


Example 2–4 Specifying a NIS Server With the name_service Keyword

The following example specifies a NIS server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.


name_service=NIS {domain_name=west.example.com 
                  name_server=timber(192.168.2.1)}

For more information about the NIS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

NIS+ Syntax for name_service Keyword

Use the following syntax to configure the system to use the NIS name service.


name_service=NIS+ {domain_name=domain-name 
                   name_server=hostname(ip-address)}
domain-name

Specifies the domain name

hostname

Specifies the host name of the name server

ip-address

Specifies the IP address of the name server


Example 2–5 Specifying a NIS+ Server With the name_service Keyword

The following example specifies a NIS+ server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.


name_service=NIS+ {domain_name=west.example.com 
                   name_server=timber(192.168.2.1)}

For more information about the NIS+ name service, see System Administration Guide: Naming and Directory Services (NIS+).

DNS Syntax for name_service Keyword

Use the following syntax to configure the system to use DNS.


name_service=DNS {domain_name=domain-name 
                  name_server=ip-address,ip-address,ip-address
                  search=domain-name,domain-name,domain-name,
                  domain-name,domain-name,domain-name} 
domain_name=domain-name

Specifies the domain name.

name_server=ip-address

Specifies the IP address of the DNS server. You can specify up to three IP addresses as values for the name_server keyword.

search=domain-name

(Optional) Specifies additional domains to search for naming service information. You can specify up to six domain names to search. The total length of each search entry cannot exceed 250 characters.


Example 2–6 Specifying a DNS Server With the name_service Keyword

The following example specifies a DNS server with the domain name west.example.com. The server IP addresses are 10.0.1.10 and 10.0.1.20. example.com and east.example.com are listed as additional domains to search for naming service information.


name_service=DNS {domain_name=west.example.com 
                  name_server=10.0.1.10,10.0.1.20 
                  search=example.com,east.example.com}

For more information about the DNS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

LDAP Syntax for name_service Keyword

Use the following syntax to configure the system to use LDAP.


name_service=LDAP {domain_name=domain_name
                   profile=profile_name profile_server=ip_address 
                   proxy_dn="proxy_bind_dn" proxy_password=password}
domain_name

Specifies the domain name of the LDAP server.

profile_name

Specifies the name of the LDAP profile you want to use to configure the system.

ip_address

Specifies the IP address of the LDAP profile server.

proxy_bind_dn

(Optional) Specifies the proxy bind distinguished name. You must enclose the proxy_bind_dn value in double quotes.

password

(Optional) Specifies the client proxy password.


Example 2–7 Specifying an LDAP Server With the name_service Keyword

The following example specifies an LDAP server with the following configuration information.


name_service=LDAP {domain_name=west.example.com 
                   profile=default 
                   profile_server=172.31.2.1 
                   proxy_dn="cn=proxyagent,ou=profile,
                   dc=west,dc=example,dc=com" 
                   proxy_password=password}

For more information about how to use LDAP, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

network_interface Keyword

Use the network_interface keyword to perform the following tasks.

The following sections describe how to use the network_interface keyword to configure the system interfaces.

Syntax for Nonnetworked Systems

To turn off networking for the system, set the network_interface value to none. For example:


network_interface=none

Syntax for Configuring a Single Interface

You can use the network_interface keyword to configure a single interface in the following ways.


Example 2–8 Configuring a Single Interface By Using DHCP With the network_interface Keyword

The following example instructs the installation program to use DHCP to configure the eri0 network interface. IPv6 support is not enabled.


network_interface=eri0 {dhcp protocol_ipv6=no}


Example 2–9 Configuring a Single Interface By Specifying Configuration Information With the network_interface Keyword

The following example configures the interface eri0 with the following settings.


network_interface=eri0 {hostname=host1 ip_address=172.31.88.100
                        netmask=255.255.255.0 protocol_ipv6=no}

Syntax for Configuring Multiple Interfaces

You can configure multiple network interfaces in your sysidcfg file. For each interface that you want to configure, include a network_interface entry in the sysidcfg file.

You can use the network_interface keyword to configure multiple interfaces in the following ways.

In the same sysidcfg file, you can use DHCP to configure certain interfaces, while also specifying the configuration information for other interfaces in the sysidcfg file.


Example 2–10 Configuring Multiple Interfaces With the network_interface Keyword

In the following example, the network interfaces eri0 and eri1 are configured in the following way.


network_interface=eri0 {dhcp protocol_ipv6=no}
network_interface=eri1 {primary hostname=host1 
                        ip_address=172.146.88.100
                        netmask=255.255.255.0 
                        protocol_ipv6=no}

nfs4_domain Keyword

To prevent being asked to specify an NFSv4 domain name during installation, use the nfs4_domain keyword in the sysidcfg file. This keyword suppresses selection of a domain name during the installation process. Use the following syntax:


nfs4_domain=dynamic or custom_domain_name
dynamic

This reserved keyword dynamically derives the NFSv4 domain name, based on naming services configuration. For example:


nfs4_domain=dynamic

This example enables the domain name to be derived by the naming service.

The reserved keyword, dynamic, is not case sensitive.


Note –

By default, NFSv4 uses a domain name that is automatically derived from the system's naming services. This domain name is sufficient for most configurations. In a few cases, mount points that cross domain boundaries can cause files to appear to be owned by “nobody” because no common domain name exists. To prevent this situation, you can override the default domain name and select a custom domain name.


custom_domain_name

This value overrides the default domain name.

This value must be a valid custom domain name. A valid domain name is composed of a combination of alphanumeric characters, dots, underscores, and dashes only. The first character must be an alphabetical character. For example:


nfs4_domain=example.com

This example sets the value that is used by the nfsmapid daemon to be example.com. This selection overrides the default domain name.


Note –

In previous releases, scripts enabled users to avoid being prompted for the NFSv4 domain name during installation.

For JumpStart installations in the Solaris 10 OS, you could use the workaround JumpStart sample script, set_nfs4_domain, to suppress the NFSv4 prompt during installation. This script is no longer required. Use the sysidcfg keyword, nfs4_domain, instead.

In prior releases, the /etc/.NFS4inst_state.domain file was created by the sysidnfs4 program. This file would suppress the prompt for an NFSv4 domain name during installation. This file is no longer created. Use the sysidcfg keyword, nfs4_domain, instead.


root_password Keyword

You can specify the root password to the system in the sysidcfg file. To specify the root password, use the root_password keyword with the following syntax.


root_password=encrypted-password

encrypted-password is the encrypted password as it appears in the /etc/shadow file.

security_policy Keyword

You can use the security_policy keyword in your sysidcfg file to configure your system to use the Kerberos network authentication protocol. If you want to configure the system to use Kerberos, use the following syntax.


security_policy=kerberos {default_realm=FQDN 
                          admin_server=FQDN kdc=FQDN1, FQDN2, FQDN3}

FQDN specifies the fully qualified domain name of the Kerberos default realm, the administration server, or key distribution center (KDC). You must specify at least one, but no more than three, key distribution centers.

If you do not want to set the security policy for the system, set security_policy=NONE.

For more information about the Kerberos network authentication protocol, see System Administration Guide: Security Services.


Example 2–11 Configuring the System to Use Kerberos With the security_policy Keyword

This example configures the system to use Kerberos with the following information.


security_policy=kerberos 
                {default_realm=example.COM 
                 admin_server=krbadmin.example.com 
                 kdc=kdc1.example.com, 
                 kdc2.example.com}

service_profile Keyword

You can use the service_profile keyword to install a more secure system by restricting network services. This security option is available only for initial installations. An upgrade maintains all previously set services.

Use one of the following syntaxes to set this keyword.


service_profile=limited_net

service_profile=open

limited_net specifies that all network services, except for Secure Shell, are either disabled or constrained to respond to local requests only. After installation, any individual network service can be enabled by using the svcadm and svccfg commands.

open specifies that no network service changes are made during installation.

If the service_profile keyword is not present in the sysidcfg file, no changes are made to the status of the network services during installation.

The network services can be enabled after installation by using the netservices open command or by enabling individual services by using SMF commands. See Revising Security Settings After Installation in Solaris 10 5/09 Installation Guide: Planning for Installation and Upgrade.

For further information about limiting network security during installation, see Planning Network Security in Solaris 10 5/09 Installation Guide: Planning for Installation and Upgrade. See also the following man pages.

system_locale Keyword

You can use the system_locale keyword to specify the language in which to display the install program and desktop. Use the following syntax to specify a locale.


system_locale=locale

locale specifies the language that you want the system to use to display the installation panels and screens. For a list of valid locale values, see the /usr/lib/locale directory or International Language Environments Guide.

terminal Keyword

You can use the terminal keyword to specify the terminal type for the system. Use the following syntax to specify the terminal type.


terminal=terminal_type

terminal_type specifies the terminal type for the system. For a list of valid terminal values, see the subdirectories in the /usr/share/lib/terminfo directory.

timezone Keyword

You can set the time zone for the system with the timezone keyword. Use the following syntax.


timezone=timezone

In the previous example, timezone specifies the time zone value for the system. The directories and files in the /usr/share/lib/zoneinfo directory provide the valid time zone values. The timezone value is the name of the path relative to the /usr/share/lib/zoneinfo directory. You can also specify any valid Olson time zone.


Example 2–12 Configuring the System Time Zone With the timezone Keyword

In the following example, the system time zone is set to mountain standard time in the United States.


timezone=US/Mountain

The installation program configures the system to use the time zone information in /usr/share/lib/zoneinfo/US/Mountain.


timeserver Keyword

You can use the timeserver keyword to specify the system that sets the date and time on the system you want to install.

Choose one of the following methods to set the timeserver keyword.