Installing from the Command Line

We recommend installing Solaris ISP Server from a browser using the host configuration software. Please install from the command line only if you are completely familiar with the product and its various component dependencies.

If you choose to install from the command line, you will not get the benefits of the host configuration software. The host configuration software allows you to perform, as part of the installation process from a browser, some security modifications. It allows you to save the configuration specifications you provide during installation as a configuration scenario for repeatable installation.

A scenario is the combination of the current state of the server plus the specifications you provided; in other words, the desired final state of the server. If you save the scenario using the host configuration software, you can use it for setting up JumpStart^TM scripts to duplicate the scenario on other servers or for repeatable installation. The host configuration software also allows you to execute some non-interactive postinstallation commands or a script.

---

Note -

Please proceed to the individual component installation section to install the component. Before proceeding to install, ensure that you meet the component interdependencies by verifying the recommended order of installation in Chapter 3, Installation Requirements.

---

To Install Solaris ISP Server 2.0 Software

For each Solaris ISP Server component you wish to install, perform the steps discussed in this section and then proceed to the individual component installation procedure.

1. Change the directory to components/componentid/ where componentid is the unique component identifier of the Solaris ISP Server component you wish to install.

   We recommend you install the components in the same order as listed in the "Order Of Installation".

2. Enter ./install

   The component install script:

   • Prints a message: WARNING: parameters from the system default admin file have been merged with /etc/opt/SUNWisp/hc/admin. See "Solaris ISP Server admin File" for more information.

   • Requires configuration information for installing Solaris ISP Server 2.0 components. Please proceed to the individual component installation procedure to specify the parameters.

To Install Solaris ISP Server Platform (SUNWisp)

The Solaris ISP Server platform provides the platform extensions with configuration management tools and enhancements for logging. On each Solaris ISP Server host in the network, you must install this software.

1. Please enter the root of the distribution media:

   Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

2. Enter the host name of the Sun Directory Services server:

   Enter the host name of the Sun Directory Services server. All Solaris ISP Server components installed on this machine will contact this Sun Directory Services for making initial entries and for authentication.

3. Install the Solaris ISP Server Administration Guide?

   Press Return for yes or enter b for no. If you select yes, the Solaris ISP Server 2.0 Administration Guide in HTML format is installed.

4. Install the Host Configuration manual pages?

   Press Return for yes or enter b for no. If you select yes, the manual pages for the host configuration command line tools are installed.

5. Solaris ISP Server requires the following OS patches.Should the necessary patches be installed automatically?

   Press Return for yes or enter b for no. If you select yes, the operating system patches are installed.

See "Determining that Installation was Successful".

To Install JDK (SUNWjdk)

JDK provides the Java classes needed by several of the Solaris ISP Server components. You cannot customize installation of this software.

Please enter the root of the distribution media:

Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

See "Determining that Installation was Successful".

To Install HotJava (SUNWdthj)

This is the web browser you must use to access Sun^TM Internet Administrator^TM and most Solaris ISP Server component GUI. You cannot customize installation of this software.

Please enter the root of the distribution media:

Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

See "Determining that Installation was Successful".

To Install the License Server for Solaris ISP Server (SUNWlicsw)

This is the FlexLM server for Solaris ISP Server. You cannot customize installation of this software. Use the license certificate for this software to obtain a license key and initialize more entries in Sun Directory Services.

Please enter the root of the distribution media:

Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

See "Determining that Installation was Successful".

To Install Sun Directory Services (SUNWconn)

This Lightweight Directory Access Protocol (LDAP) implementation provides a shared repository for user (administrator), service configuration, and subscriber information in Sun^TM Directory Services.

For more information about the configuration fields, see Sun Directory Services 3.1 Administration Guide, Sun Directory Services 3.1 User's Guide, and Solaris ISP Server 2.0 Administration Guide.

Solaris ISP Server 2.0 components require Sun Directory Services 3.1. If:

• You are currently running a version of Sun Directory Services less than Sun Directory Services 3.1, abort this installation. Uninstall the existing version of Sun Directory Services and then install this component.

• You are currently running a version of Sun Directory Services greater than the one selected for installation, abort this installation.

• Your existing version of Sun Directory Services does not meet the configuration requirements of Solaris ISP Server components, abort this installation. See relevant documentation and reconfigure your existing Sun Directory Services before installing this component.

• You do not wish to use data detected on the machine during this installation of Sun Directory Services, abort this installation. This Sun Directory Services will detect, on the system, data:

  • If you manually uninstalled Sun Directory Services from this machine. To use this data, you must manually install Sun Directory Services 3.1 before installing this component.

  • From compatible and incompatible releases of this component. Data from a compatible release will be used to restore previous configurations of this component and data from incompatible release will be preserved, but not used during this installation.

  • In an unrecognized state. This data will be preserved, but not used during this installation.

1. Please enter the root of the distribution media:

   Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

2. Enter the DNS domain of your organization

   Enter the DNS domain name of your organization (for example, xyz.com).

3. Enter the DN (distinguished name) of your organization

   Enter your organization name and the two-character country code. To enter, use the format ou=foo,o=xyz,c=US where ou refers to the organisationalUnit, o refers to the organizationName, and c refers to the countryName.

4. Enter the root DN (distinguished name) for Sun Directory Services

   Enter the distinguished name for binding to the directory services as the server administrator. Use the format cn=admin,o=sun,c=US, where cn is the commonName, o is the organizationName, and c is the countryName.

   ---

   Note -

   Here, c and o must match the values specified in step 3.

   ---

5. Enter the root password for Sun Directory Services

   Enter the password for the server administrator for binding to the directory services.

   ---

   Note -

   Make a note of the information you entered in steps one through four if you want Sun^TM Internet Administrator^TM to contact this directory services server.

   ---

6. Do you want to run the RADIUS server included with this component?

   Press Return for yes or enter b for no. If you select no, the RADIUS server bundled with Solaris ISP Server will not be started.

7. This component requires the following patches. Should these patches be installed automatically?

   You must install this patch for Sun Directory Services to work with Solaris ISP Server 2.0 components.

See "Determining that Installation was Successful".

To Install SKIP (SUNWicg)

Simple key-management for Internet Protocols (Sunscreen^TM SKIP) supports secure IP communication between hosts. You can install and configure this component on every host to protect admin communications (see also "Ensuring Security" in Solaris ISP Server 2.0 Administration Guide). You cannot customize installation of this software.

Please enter the root of the distribution media:

Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

See "Determining that Installation was Successful".

To Install Sun Internet FTP Server (SUNWftp)

You cannot customize installation of Sun^TM Internet FTP Server^TM. After installation, to access the browser-based graphical user interface of this software, ensure that you register this Sun Internet FTP Server with a Sun Internet Administrator on the network.

Please enter the root of the distribution media:

Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

See "Determining that Installation was Successful".

To Install Sun Internet News Server (SUNWsns)

This is a highly-scalable multi threaded news server. After installation, to access the browser-based graphical user interface of this software, ensure that you register this Sun^TM Internet News Server^TM with a Sun Internet Administrator on the network.

1. Please enter the root of the distribution media:

   Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

2. Select the desired News server configuration

   Press Return for Reader and Feeder Services which is the default [c] option. Or, enter:

   • a for Reader Service Only (Remote feed). Or,
   • b for Feeder Service Only.

   ---

   Note -

   These three choices allow you to specify the type of service you wish to provide from this news server.

   ---

3. Enter the UNIX user name of the News service administrator

   Enter the user name of this news server administrator and press Return. The default uid is root.

4. Enter the UNIX group name of the News service administrator

   Enter the group name and press Return. The default gid is sys.

5. Enter the fully qualified DNS domain name for your News server host.

   Enter the fully qualified DNS domain name of this news server host and press Return.

See "Determining that Installation was Successful".

To Install Sun WebServer (SUNWhttp)

This is used by most Solaris ISP Server 2.0 components and can also be used for standard web service.

1. Please enter the root of the distribution media:

   Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

2. Do you want SSL support?

   This allows you to have secure communication with Sun Internet Administrator via Secure Socket Layer (SSL). SSL supports Verisign certificates for protected, encrypted communications. Press Return for yes or enter b for no. If you select no, the SSL packages will not be installed.

3. Do you want Apache configuration emulation so that Microsoft FrontPage Server Extensions may be installed?

   This option allows your customers to use Microsoft FrontPage for authoring, administration, and dynamic content. Press Return for yes or enter b for no

4. Do you want this installation to create and populate a web server and site in /var/http/sws_server?

   Press Return for yes or enter b for no. If you select yes, a web server and a customizable web site are created.

5. Under what user name should a Web server daemon operate by default?

   Specify the user name under which you want this web server daemon to operate.

   ---

   Note -

   For security reasons, do not run Sun WebServer as user root, or user nobody. We recommend creating a second user and executing the Sun WebServer daemon under that name.

   ---

6. Do you want in-kernel HTTP acceleration to be activated (after reboot) for port 80?

   This option is available only if you are installing on Solaris 7. The cache in-kernel activator will greatly enhance the performance of the web server for static pages. Press Return for yes or enter b for no.

See "Determining that Installation was Successful".

To Install Sun Internet Administrator (SUNWixamc)

This provides secure central management for distributed Internet services.

The configuration information you enter here is stored in /var/opt/SUNWixamc/awsconf/aws.conf.

1. Please enter the root of the distribution media:

   Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

2. Install the Solaris ISP Server manual pages?

   This option allows you to install the on line Solaris ISP Server man pages. Press Return for yes or enter b for no.

3. Enter the root DN (distinguished name) for Sun Directory Services

   Enter the distinguished name to bind to the directory server as the server administrator. To specify, use the format: cn=admin,o=xyz,c=US where cn is the commonName, o is the organizationName, and c is the countryName.

4. Enter the root password for Sun Directory Services.

   Enter the password to bind to the directory services as the server administrator.

5. Enter the DN (distinguished name) of your organization (must match value specified for Sun Directory Services):

   Enter the distinguished name of your organization. To specify, use the format: o=sun,c=US where o is the organizationName and c is the countryName.

   ---

   Note -

   The values you enter in steps three through five must match the values you entered at the time of installing the directory services this Sun Internet Administrator will contact to make initial entries.

   ---

6. Enter a user name for the administrator of Sun Internet Administrator

   Enter the user login name for the administrator of the Sun Internet Administrator.

7. Enter a password for the administrator of Sun Internet Administrator

   Enter a password for the administrator of Sun Internet Administrator.

   ---

   Note -

   You will need the information you entered in steps six and seven to log into the Sun Internet Administrator GUI.

   ---

See "Determining that Installation was Successful".

To Install Sun Internet Services Monitor (SUNWixmon)

This performance monitoring software allows you to set up special monitor machines that emulate a subscriber's experience with the services.

1. Please enter the root of the distribution media:

   Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

2. What port do you want the monitoring web server to use?

   Press Return to accept the default port. The default port is 2381. Or, specify another port number.

3. What color do you want to use to display normal results? Provide three integer values (RGB) from 0 to 255, separated by '.'

   By default, green is used to display normal results. Press Return to accept the default. Otherwise, specify the RGB value for the color of your choice.

4. What color do you want to use to display results that exceed performance thresholds? Provide three integer values (RGB) from 0 to 255, separated by '.'

   By default, yellow is used to display performance that exceed threshold. Press Return to accept the default. Otherwise specify the RGB value for the color of your choice.

5. What color do you want to use to display errors? Provide three integer values (RGB) from 0 to 255, separated by '.'

   By default, red is used to display errors (such as timeout). Press Return to accept the default. Otherwise specify the RGB value for the color of your choice.

6. What color do you want to use to display selected bars on the graph? Provide three integer values (RGB) from 0 to 255, separated by '.'

   By default, black is used to display bars selected in the graph. Press Return to accept the default. Otherwise specify the RGB value for the color of your choice.

   ---

   Note -

   You can, at any time after the installation, reset the colors by referring to Sun Internet Services Monitor online help.

   ---

See "Determining that Installation was Successful".

To Install Security Hardening

You can install this component to ensure security for passwords and safeguard file permissions to the file owner. When you install this component, a script similar to the script in ftp://ftp.wins.uva.nl:/pub/solaris/fix-modes.tar.gz is run on the machine and this script makes modes of files installed as part of Solaris packages more secure. See "Solaris ISP Server Overview" in Solaris ISP Server 2.0 Administration Guide for more information.

1. Please enter the root of the distribution media:

   Enter the path of the distribution media from which you are installing. Enter either the directory path where you unwrapped the electronic distribution or the directory path of the mounted CD-ROM.

2. Run fixmodes to secure permissions on setuid and setgid files?

   Press Return for yes or enter b for no.

3. Change umask to 077 in default /.cshrc and /.profile?

   Press Return for yes or enter b for no.

4. Add root to /etc/ftpusers to prevent root access through FTP?

   Press Return for yes or enter b for no.

5. Set MAXWEEKS in /etc/default/passwd to force password expiration?

   Press Return for yes or enter b for no. If you press Return, specify MAXWEEKS value:. Default is 12.

6. Edit /etc/syslog.conf for more granular event logging and intrusion detection?

   Press Return for yes or enter b for no.

7. Run bsmconv and configure /etc/security to log administrative actions, logins, and logouts?

   Press Return for yes or enter b for no.

See "Determining that Installation was Successful".

To Install LDAP Client Library Packages (SUNWlldap)

You can install the LDAP (lightweight directory access protocol) client library on any machine on your network to enable access to LDAP libraries. After installation, install the LDAP manual page patch (106497 or 106498) to access the manual pages.

1. Become superuser and change directory to /components/SUNWisp/pkgs.

2. Enter # tar -cvf SUNWlldap /tmp/SUNWlldap.tar

   This stores SUNWlldap.tar package in the /tmp directory. You must tar the file only if you are going to copy this file on to another machine.

3. If you are installing from a CD-ROM, proceed to step 5. If you are installing from an electronic distribution, you must log out of the machine where you unwrapped the electronic distribution and log into the machine where you wish to install the package. Become superuser and proceed to step 4.

4. Get SUNWlldap.tar and enter # tar -xvf SUNWlldap.tar to untar the file.

5. Enter # pkgadd -d . SUNWlldap

   The LDAP client library package is installed.