Arch inside an OpenSolaris branded zone

Hi,
Those of you who have OpenSolaris installed might be interested to learn that it turns out that Arch runs quite nicely inside it. (Open)Solaris has a facility called BrandZ which allows you to run Linux programs under Solaris, more or less analogously to the way you can run Windows programs under Linux using WINE. But judging from the OpenSolaris Web site, the people developing BrandZ are under the impression that support for distributions using the 2.6 kernel is not very good at this point. That's because the distributions they've tried are CentOS and Ubuntu (!), instead of a distribution that keeps it simple like Arch.
I've tried Arch under OpenSolaris, and it runs surprisingly well. (If you can call it Arch: Linux programs are run using the OpenSolaris kernel.) I've posted instructions on how to set things up on the OpenSolaris forums. You don't have to do a new install, since I've created a tarball with an already installed and configured Arch system.
Maybe someone here will want to try this out. If there's interest, I'll add a page about it to the Wiki.
One last note: most people here who have tried OpenSolaris have probably run it inside a virtual machine. That might work for this, but thinking about it makes my head spin a bit.
Last edited by herzen (2010-03-14 04:13:57)

Yes, I think you're right, if I understad you correctly. The FreeBSD facility for running Linux applications seems to be more like Wine in that both just run individual applications without creating a whole OS environment (excluding the kernel).
I don't understand the working of the Solaris Linux brand in any detail, but I do know that the Linux zone goes through its own boot and shutdown process (which is very quick). In Wine, you run Windows applications from a Linux shell. With BrandZ in contrast, from the Solaris global zone, you have to log into a shell in the Linux non-global zone, and run Linux applications in that shell. To run an X application, you use ssh with X11 forwarding. (I just tried running the Chromium browser but it doesn't work, because the Linux clone function hasn't been implemented in the lx26 brand.)
By the way, OpenSolaris is both a distribution and an OS, so it's a bit confusing. There's another distro of the OpenSolaris OS called Nexenta, which builds a Debian-based system on top of the OpenSolaris kernel. I haven't tried it, because I'm not fond of Debian and because I find OpenSolaris quite satisfactory, but Nexenta does seem to be under active development.
Someone could do with Arch what the Nexenta project is doing with Debian: now that would be what you call an Arch Solaris. But I don't really see what would be the point. I think you get just about all the functionality of Arch you need, that OpenSolaris doesn't give you yet, in the way I've described here, with BrandZ.
Still, I wish the lx26 brand were more actively developed and promoted. For example, sound works on the more fully implemented brand for Linux 2.4, but not on lx26. Also, apparently NFS doesn't work under lx26 (which Sun calls "experimental"), but it does under lx 2.4. I get the feeling that Sun is hoping that Linux hackers will pick up the slack when it comes to lx26 development.
Edit: I just tried the latest beta release of Nexenta, and it is totally broken, when it comes to a GUI, anyway. I don't see why Sun still even bothers linking to Nexenta's Web site on the OpenSolaris.org pages: it must be a personal or political thing. I also don't understand where Nexenta is getting the money that is keeping it afloat, since the project is obviously misconceived and doomed.
Last edited by herzen (2010-03-19 03:36:40)

Similar Messages

  • [Solved] Arch Linux in a Solaris branded Zone

    Hello,
    After having read this article at the Genunix WiKi, I 'd very much like to install Arch Linux (http://204.152.191.100/wiki/index.php/I … anded_zone) in a Solaris branded Zone.  However, the Arch Linux file to download is about two years old now, so I 'd like to roll one with a bit more recent kernel.
    I just wonder what might be the procedure to do so.
    a) Is it just unpacking the ISO inside the zone and let it enroll whilst booting?, or
    b) is it advisable to install the old package and upgrade from there?
    I am quite curious to learn how this works.
    TIA, Algey
    Last edited by algernonz (2011-11-28 18:42:31)

    Hi,
    it does indeed sound like an interesting little project. You should, however, revert to your procedure (a) and use one of the recent ISO images the Arch team has updated this year.
    Using that old tar will give you numerous headaches when trying to upgrade. Doing a simple upgrade from that old file will most probably break the system, thats why they took the effort to provide the new ones.
    Good luck.

  • Solaris 8 branded zone core dump on cssd

    Hi,
    Just migrated my first Sol8 machine to a solaris 8 branded zone. but on the console I get error messages:
    Nov 8 12:45:42 gent320b cssd: The process "ccv.sh" has been killed by sig#139, core dumped
    Nov 8 12:45:47 gent320b cssd: The process "kkcv.sh" has been killed by sig#139, core dumped
    the netstat -f unix
    Active UNIX domain sockets
    Address Type Vnode Conn Local Addr Remote Addr
    stream-ord 6000ebffad8 00000000 /tmp/jd_sockV6
    output doesn't list any /dev/ccv or /dev/kkcv sockets like to 'real' machine.
    Any ideas?

    This error messages are output by
    cssd which is a input method of Japanese.
    If you don't use Japanese input method cs00, you can stop it by following method.
    # /etc/init.d/loc.ja.cssd stop
    # mv /etc/rc2.d/S90loc.ja.cssd /etc/rc2.d/_S90loc.ja.cssd

  • Solaris 8 branded zone and privileges

    Hello,
    I've just installed a Solaris 8 Branded zone to migrate an old server. The migration worked like a charm, and everything seems ok excepted one thing. The zone must run a Lotus Domino server, so the process needs to bind ports 80, 443 and 389, but it can't.
    I've found things about the limitpriv directive for the zone configuration, and the net_privaddr privilege to allow a process to bind ports under 1024.
    So now, if I run the process in the non global zone as root, it can bind, but if it is launched as the user notes, it can't.
    If I use the ppriv command to see what are the privileges of the process, I see :
    1945:   /opt/lotus/notes/latest/sunspa/server
    flags = <none>
            E: file_link_any,proc_exec,proc_fork,proc_info,proc_session
            I: file_link_any,proc_exec,proc_fork,proc_info,proc_session
            P: file_link_any,proc_exec,proc_fork,proc_info,proc_session
            L: contract_event,contract_observer,file_chown,file_chown_self,file_dac_execute,file_dac_read,file_dac_search,
            file_dac_write,file_link_any,file_owner,file_setid,ipc_dac_read,ipc_dac_write,ipc_owner,net_bindmlp,net_icmpaccess,
            net_mac_aware,net_privaddr,net_rawaccess,proc_audit,proc_chroot,proc_exec,proc_fork,proc_info,proc_lock_memory,
            proc_owner,proc_session,proc_setid,proc_taskid,sys_acct,sys_admin,sys_audit,sys_mount,sys_nfs,sys_resourceSo, the net_privaddr appears in the limit, but it is not enabled. How can I make it enabled for that process?
    Thanks

    Thanks for the link, good explanations about privileges but they seem unusable in Solaris 8 branded zone. It suggests to create a role with the privileges my process needs, using the "rolemod -K" command, but this option does not exist for the rolemod command in my Solaris 8 zone, it just supports "classic" RBAC.
    Maybe the solution would be to create the good profile for the user running the process, but I'm a little bit lost with RBAC and I can't find an existing profile corresponding to what I want.
    Actually, the limitpriv for my zone is "default,net_rawaccess,net_privaddr,file_dac_read" and that's all. I added net_privaddr and file_dac_read because I saw that a "ppriv -D" on the Lotus server complained about the lack of these privileges, but in fact they are already included in default privileges.

  • Solaris 8 graphical logon (CDE) in branded zone

    How do I enable/configure a graphical interface (cde) for my Solaris 8 branded zone in solaris 10?

    1. check if dtlogin is running in S8 BZ:
    # ps -ef | grep dtlogin
    if it's not running start it:
    # /etc/init.d/dtlogin start
    2. from client initiate a XDMCP request using the IP of this S8 BZ.
    From Solaris 10 you can use "Options -> Remote Login".

  • Multithreading issue on Solaris 8 branded zone

    Hi,
    We are facing a multithreading problem in Solaris 8 container (branded zone) on Solaris 10.
    The core file shows 2 LWPs for a single thread.
    First LWP
    (dbx) lwp
    current LWP ($lwp) is l@1403
    (dbx) print this->m_ThreadId->m_IdImpl.m_PosixId
    this->m_ThreadId.m_IdImpl.m_PosixId = 1404U
    Second LWP
    (dbx) lwp
    current LWP ($lwp) is l@1404
    (dbx) print this->m_ThreadId->m_IdImpl.m_PosixId
    this->m_ThreadId.m_IdImpl.m_PosixId = 1404U
    Another point to note is that dbx returns 'MT support is disabled' for this program even though it has been built using the -mt option. The dbx version is Sun Dbx Debugger 7.5 2005/10/13.
    As far as I have read, the Solaris 8 branded zone uses the alternate T2 thread library. Note also that this program is linked with the alternate thread library @ /usr/lib/lwp.
    This alternate thread library is supposed to use the 1:1 thread model.
    Can someone explain why are we then seeing 2 LWPs for a single thread ?
    Thanks,
    Best regards,
    Raj Iyer

    This error messages are output by
    cssd which is a input method of Japanese.
    If you don't use Japanese input method cs00, you can stop it by following method.
    # /etc/init.d/loc.ja.cssd stop
    # mv /etc/rc2.d/S90loc.ja.cssd /etc/rc2.d/_S90loc.ja.cssd

  • Trouble w/installing Solaris 10 branded zone on solaris 11.

    Having issues creating a policy that works installing solaris 10 u10 branded nfs zone on sol11 in opscenter 12c u1. Maybe i'm just overlooking something basic or it isn't supported in opscenter. I'm able to create the policy but seem to get a very non-informative error message when deploying it.
    Error Message:
    "The DeploymentPlan execution job failed because the DeploymentProvider ZoneDeploymentProvider for Step Create Solaris Zones failed to generate tasks for the job: Cannot prepare zone tasks: java.lang.NullPointerException. Contact My Oracle Support if the problem persists. (10445)"
    Here is the OpsCenter Profile:
    Name Prefix:      hous
    Starting Number:      1
    Zone Description:      solaris 10 update 10
    ZoneType:      
    Branded Zone
    Branded Zone Image:      
    s10-update10-flar
    Automatic Recovery:      
    Yes
    Priority of Recovery:      0
    CPU Shares:      1
    CPU Cap:      0
    Physical Memory Cap:      0
    Locked Memory Cap:      0
    Virtual Memory Cap:      0
    Language:      en_US.ISO8859-15
    Time Zone:      US/Central
    Terminal Type:      xterm
    NFSv4 Domain Name:      dynamic
    Automatically boot zone when the global zone is booted:      
    Yes
    Automatically boot zone after creation:      
    Yes
    Storage for the metadata Library:      NAS, zone-prod1

    Problem found. To jumpstart last two HP Blades we used the copies of AI templates. When we did it from scratch and re-installed the Solaris 11.0 we have no more errors.

  • Solaris 10-Branded Zone

    Hi,
    I am trying to establish whether the following configuration is officially supported (and documented):
    "Non-Global zone running a release of Solaris 10 which is older than the release of Solaris 10 running in the Global Zone".
    I'm familiar with the idea of Branded Zones to support Solaris 8, 9 & some Linux kernels, and have seen some forum posts where people have created Solaris 10-branded zones, but haven't really seen anything that puts the official seal of approval on that configuration. Also I'm familiar with LDOMs and appreciate that I could get to where I want to be that way too.
    Any help welcome.
    Thanks,
    Paul.

    This will be supported in Solaris 10 Upate 9 to a degree, using p2v. Below is a reply I had to a request I'd put in. You might also want to read this
    http://blogs.sun.com/jerrysblog/entry/zones_p2v
    Hi Sean,
    I got information that p2v project is being backported for S10u9
    This means, that you will be able to install a native zone from a flar.
    I don't have detailed information at the moment, how this will work in terms of
    patching in combination with Global Zone and other sibling NGZ's.
    +According to Jerry Jelinek, Solaris10-branded zones will not being backported to Solaris 10,+
    Got this info yesterday evening from Jerry.
    I'll provide some more info about the p2v project for native zones in coming Solaris 10_U9,
    once I got more details.
    So, I'd suggest to check, whether the mentioned p2v project with flar on native zones might fit your requirements.
    Thanks,
    Alfred
    Edited by: ftoomsh on Sep 2, 2010 3:02 AM

  • How to unlock Root Account in non-global zone on Solaris 10 Branded Zone

    Hello All,
    I have a phsical x86 server running Solaris 11. On top of that, I have 3 Solaris 10 branded zones configured. Due to security policy the root account has been locked by 5 failed login attempts.
    Is there a way by which I can unlock root account in non-global zone.
    I have the root access of global zone.
    Pls help as these are production servers.
    Regards

    Hey,
    It worked. Actually i forgot to save the file.
    I changed the /<zonepath>/root/etc/shadow
    Removed *LK* & then from global zone did zlogin -l root zonename
    Thanks  lot.

  • Add zfs volume to Solaris 8 branded zone

    Hi,
    I need to add a zfs volume to a Solaris 8 branded zone.
    Basically ive created the zvol and added the following to the zone configuration.
    # zonecfg -z test
    zonecfg:test> add device
    zonecfg:test:device> set match=/dev/zvol/dsk/sol8/vol
    zonecfg:test:device> end
    When I boot the zone it comes up ok but I am unable to see the device, nothing in format, /dev/dsk etc etc
    Ive also tried to setmatch to the raw device as well to no avail.
    Basically I have numerous zvols to add and dont really want a load of mount points from the global zone then lofs back to the local zone
    Any ideas please??
    Thanks...

    Thanks but that's why I created zfs volumes and newfs'ed them to create UFS and presented those to the zone.
    In the end I just create a script in /etc/rc2.d and mounted the filesystems in there.

  • Creating a Solaris 8 branded zone

    I am in the process of configuring a Solaris 8 branded zone using the SUNWsolaris8 package and the instructions in the Solaris8 Container Guide. Solaris 10 08/07 is installed in the global zone. I have the following kernel patches installed as required: 127111-08 and 128548-08. I get the following error after configuring the zone when I try to verify the zone:
    -bash-3.00# zonecfg -z gfxc-qazone
    gfxc-qazone: No such zone configured
    Use 'create' to begin configuring a new zone.
    zonecfg:gfxc-qazone> create -t SUNWsolaris8
    zonecfg:gfxc-qazone> set autoboot=true
    zonecfg:gfxc-qazone> set zonepath=/export/zones/gfxc-qazone
    zonecfg:gfxc-qazone> add attr
    zonecfg:gfxc-qazone:attr> set name=machine
    zonecfg:gfxc-qazone:attr> set type=string
    zonecfg:gfxc-qazone:attr> set value=sun4u
    zonecfg:gfxc-qazone:attr> end
    zonecfg:gfxc-qazone> verify
    gfxc-qazone: unknown brand.
    gfxc-qazone: Invalid document
    I cannot find any other information anywhere on this error. I am hoping those that have successfully installed a Solaris 8 branded zone can help me out. Thanks.

    I have installed the SUNWs8brand packages before I started the configuration and I also installed the patch. I am not sure what you mean if the package installed in the correct order. I cannot find what I am missing. The original installation for the global zone was using the SUNCreq with other packages added during the installation. I realized after the O/S installation that I needed the zone packages as well as the live upgrade packages. After installing those packages I installed the SUNWs8brand packages. Let me know if there is something else that I am missing. I am thinking of re-installing the O/S with the End User software group.

  • CREATING SOLARIS 8 BRANDED ZONE

    Attempting to configure a Solaris8 branded zone on a SunFireV125 (running Sol10_10/09). Got to the "zoneadm -z s8-zone boot" step and configuring for NIS when I received the following error:
    "The following error occurred while trying to set the netmask 255.255.248.0 on the network interface bge0:1: ioctl: Not owner"
    Running ifconfig -a on the global zone, bge0:1 shows up but with only the IP address. Any ideas out there in Sun land? I've tried a few things (even google) but to no affect.
    Btw, it is created as a shared-ip zone.
    Thanks,

    I would suggest setting the interface's netmask in the zone configuration.
    As an example:
    address=192.168.0.5/22
    Cheers,

  • Build Solaris 8 branded zone with ufs /var  etc

    We have an ancient application which runs on Solaris 8 which we would like to move to a Branded zone. The issue we have is that the application does a fstyp (but within the binary) on any file system that its is writing to and barfs if it doesn't recognise the type. Unfortunately we are limited to basically ufs and vxfs.
    The problem is that I need to have /var configured as a UFS filesystem during the zone build ......
    Now I know all of the methods that can be used to mount a filesystem within a branded zone:
    1) Add FS within zonecfg ... fstype doesn't return UFS
    2) LOFS : Doesn't return UFS
    3) Mounting a file system after zone boot .... Great for non-system filesystems but not for /var
    4) "add device" ... might work BUT I need to build /var during zone configuration .,.....
    Any ideas?
    Edited by: user13012897 on Dec 8, 2010 5:41 AM

    It's not straightforward, but I'd consider writing an interposer library that gets loaded via LD_PRELOAD and gives a different answer than fstyp() would normally give.
    http://www.itworld.com/UIR000929interposers

  • Solaris 8 branded zone not booting after server reboot hangs at ready state

    Hi,
    For ipchange/hostname change we rebooted the physical server...once rebooting the Solaris brand 8 zone stucks at ready state.
    I have run the truss with zoneadm in the log process sleep and wait
    Will post the log soon..any help to troubleshoot the issue
    Both global zone and Ng zone having same hostid..
    dmesg::
    Apr 30 13:08:50 xyz zoneadmd[992]: [ID 702911 daemon.error] [zone 'abc'] WARNING: console /devices//pseudo/zconsnex@1/zcons@0 found, but it could not be removed.: I/O error
    bash-3.00# ps -ef|grep -i abc
    root 1441 1429 0 13:10:56 ? 0:00 /bin/ksh -p /usr/lib/brand/solaris8/s8_boot abc /abc
    root 1429 1 0 13:10:55 ? 0:00 zoneadmd -z abc
    root 1427 1397 0 13:10:54 pts/3 0:00 zoneadm -z abc boot -f -s
    root 1542 1441 0 13:10:56 ? 0:00 /bin/ksh -p /usr/lib/brand/solaris8/s8_boot abc /abc
    zoneadm list -cv
    2 abc ready /abc solaris8 shared
    Thanks
    Edited by: muvvas on Apr 30, 2012 2:25 PM

    moved the solaris 8 branded zone to other server.their its working fine.sorry for late reply.

  • Inetd services (telnet, rlogin ,rsh) in Solaris 9 Branded Zone

    Hi,
    I've got two Solaris 9 Branded Zones running on an M3000. They both use exclusive IP.
    When I try and telnet, rlogin or rsh to either of my Solaris 9 zones from the other I get an error. With the r* commands I get a "Protocol error" message, and telnet just reports a terminated connection. I've tried Mr. Google, the results I get make sense for a physical host - i.e Protocol Error would occur if the server executable (in.rlogind, etc) was somehow messed up.
    Just to complicate things slightly the exclusive IP NICs are on a physically separate switch from the other NICs.
    I'd forgotten that with the Branded Zones some native features are actually handled by the underlying global zone (i.e. Solaris 10).
    Anyway, has anybody else had this same problem and how did you resolve it?
    Thanks
    Tim Shaw.

    I found out that the services in the Global Zone had been disabled. Simply enabling them fixed the problem :)

Maybe you are looking for

  • , Trouble importing from text file into PDF Acrobat 9.0

    Hey all! I'm trying to use the JavaScript found on this Adobe page to insert text into my PDF: http://help.adobe.com/livedocs/acrobat_sdk/9.1/Acrobat9_1_HTMLHelp/wwhelp/wwhimpl/common/h tml/wwhelp.htm?context=Acrobat9_HTMLHelp&file=JS_API_AcroJS.88.5

  • Under performanc​e! :(

    MODEL: HP 2000-2120TU / Win7 (in warranty period) PROBLEM : Turns off automatically (hibernates) after an hour or so.. ..sometimes even just after half-an-hour of working!                       ..& "resumes" after 'restart'. MESSSAGE: "This was done

  • Quick strange beginners design question

    I have a non-crystal report whose format I need to duplicate EXACTLY or all heck will break loose. It contains a simple group with some detail records. I need the count of the detail records on the first line of the details as follows: GH1:         

  • How to get adobe downloaded on my iPad

    How do I get adobe on my iPad?

  • Aperture library copy vs vault

    Hi, sorry if this is redundant, but I couldn't locate the clear answer to this seemingly basic question: if using a referenced library, what is the major difference/advantage of creating a vault versus a simple drag & drop copy of the aperture librar