SPARCstation Project

After a close friend traded me a SUN SPARCstation 10 for a set of old speakers I have been slowly teaching myself Solaris and challenging my UNIX skills with small projects. I will cover them here in as much detail as possible so that others can learn from my mishaps. The first step was to install Solaris 8 which I bought off ebay for $35. I could have gone with Linux but I wanted the full SUN experience. I won't cover the Solaris installation here. I also bought an external CD-ROM drive to go with the external SCSI drive my friend gave me. Look how perfectly they fit in this file cabinet I got at Target!

Here are the current specs:

Firewall

In order to setup the SS10 as a firewall I needed an additional NIC. I picked up a SUN Quad Fast Ethernet SBUS card off ebay for a decent price. I was hoping to use it as a switch (by plugging other machines into the extra ports) but that didn't turn out so well. I decided to use the on-board ethernet port (le0) to connect to my cable modem and one of the QFE ports (qfe0) to connect to my Linksys switch. Here's what I did to configure the interfaces:

	# cd /etc
	# touch hostname.le0
	# touch dhcp.le0
	# echo gw > hostname.qfe0
	# echo "192.168.1.1	gw	gw.huyler.net" >> hosts

So I configured le0 to obtain an ip address from my ISP's DHCP server and I gave qfe0 a static ip address and called it "gw" (short for gateway). However, when I rebooted the machine, the OS determined that its name should be "unknown" instead of "gw". After some research I found out that I had to modify /etc/default/dhcpagent so it would request the name from the DHCP server. I changed the last line to read:

	PARAM_REQUEST_LIST=1,3,6,12,15,28,43

On Solaris 8, you can see what each of these parameters means by looking at /etc/dhcp/inittab. But that was not the end of my DHCP problems. I rebooted again and this time the machine name came out as x-02-blah-blah-blah.comcast.net. The problem was that the ip address I was assigned resolved to h0800201a5de2.ne.client2.attbi.com! I contacted Comcast (who recently purchased AT&T Broadband) about the issue and they told me that 1) their DHCP server does not give out hostname's, 2) they do not support Solaris, and 3) they are still in the process of migrating servers over from attbi to comcast. Well, 1) I AM getting a hostname from their server, 2) I AM running Solaris whether they support it or not, and 3) its not my problem that they haven't finished their migration. I would have just left it as is but as many UNIX gurus know, sendmail will not operate unless it can resolve the FQDN of the host. So I did some more research and came up with a new solution...to give my server its own damn domain name. I registered huyler.net and pointed www2.huyler.net to the ip addressed that the Comcast server assigned me. Then I made the following changes:

• I created a file with my hostname in /etc..
  # echo www2 > /etc/nodename
• I modified /etc/init.d/initsvc and changed the line that said "hostname=`/sbin/dhcpinfo Hostname`" to "hostname=`cat /etc/nodename`".
• I modified /etc/resolv.conf and added the line "domain huyler.net".
• I modified /etc/nsswitch.conf and changed the line that said "hosts: dns" to "hosts: files dns".

After rebooting everything worked as expected. My machine name was now www2 and sendmail had no problems resolving the domain name. Most of my steps are outlined on this page (just incase you thought I figured this all out on my own).

Once I had the domain name and network interfaces worked out, I installed ipfilter for a firewall. Click here for detailed instructions on how to lock down your Solaris machine and configure ipfilter.

Samba Primary Domain Controller

An older version of samba came installed with Solaris 8 but I was having issues with it (can't remember the details) so I decided to pull down Samba 2.2.8a from SunFreeWare and install it. While researching different configurations I became interested in setting up Samba as a Primary Domain Controller (PDC). I have several computers in my apartment including my fiancee's laptop and the idea of roaming profiles was very intriguing. Basically, the PDC stores your user directory and whenever you log in, it maps a drive and downloads all your files. Getting this all setup took several weeks but it was worth it. Here is my final smb.conf file. Details about configuring Samba as well as Windows clients is available at the following links:

• How to compile and install Samba 2.2 on Solaris
• O'Reilly -- Using Samba
• The Unofficial Samba HOWTO
• How to configure Samba 2.2 as a PDC.
• How to Speed Up Roaming Profiles
• Migrating Local Users to Domain Users

Apache Web server and Horde Web mail Server

I have set up Apache on numerous occasions but the prerequisites for Horde had me jumping through hoops to get everything to work. I initially started out with the version of Apache that came installed with Solaris but when I tried to install mod_ssl (for https secure connections) I found out that Apache 1.3.26 was not supported. I downloaded the source for Apache 1.3.29 as well as php 4.3.2 and began the building process. Here is a list of the packages that I had to install:

• gcc_small-3.3.2-sol8-sparc-local (gcc 2.9 would not compile everything I needed)
• autoconf-2.57-sol8-sparc-local
• automake-1.7.2-sol8-sparc-local
• bison-1.75-sol8-sparc-local
• flex-2.5.4a-sol8-sparc-local
• glib-2.2.3-sol8-sparc-local
• jpeg-6b-sol8-sparc-local
• libgcc-3.3-sol8-sparc-local
• libiconv-1.8-sol8-sparc-local
• libpcap-0.8.1-sol8-sparc-local
• libpng-1.2.5-sol8-sparc-local
• libungif-4.1.0-sol8-sparc-local
• libxml-1.8.17-sol8-sparc-local
• libxml2-2.6.4-sol8-sparc-local
• m4-1.4-sol8-sparc-local
• make-3.80-sol8-sparc-local
• mysql-standard-4.0.12-sun-solaris2.8-sparc
• pango-1.2.5-sol8-sparc-local
• sed-4.0-sol8-sparc-local

• apache 1.3.29
• APC 2.0.2
• UW imap-2002e
• libmcrypt 2.5.7
• libtool 1.5.2
• mcrypt 2.6.4
• mhash 0.8.18
• mm 1.3.0
• mod_ssl 2.8.16-1.3.29
• pam_smb 1.1.7 (for samba authentication through PAM)
• php 4.3.2