Evaluating Oracle Solaris 11 from Inside Oracle VM VirtualBox

by Yuli Vasiliev

This article describes how to evaluate Oracle Solaris 11—without having to install it on the bare metal—by importing it into Oracle VM VirtualBox, configuring it, exploring basic administrative tasks, and connecting to the network.

Published January 2013

If your purpose is to evaluate Oracle Solaris 11, installing it inside a virtual machine (VM) on top of your existing operating system is probably the best option available. You won't need a dedicated machine for installing Oracle Solaris as a standalone operating system. Also, you won't need to install it along with existing operating systems in a multiboot scenario, which would limit you to running only a single operating system at a time.

If you'd like to download software, participate in forums, and get access to other technical how-to goodies in addition to content like this, become an OTN member. No spam!

Prerequisites

Before you can install the Oracle Solaris 11 image for Oracle VM VirtualBox discussed in this article, you need to download and install Oracle VM VirtualBox 4.2 or later on your host operating system. You can install Oracle VM VirtualBox on any of the following operating systems: Microsoft Windows, Mac OS X, Oracle Solaris, and Linux.

Also, you might need to install some additional packages before installing Oracle VM VirtualBox. For details, refer to the Oracle VM VirtualBox User Manual.

Another prerequisite is that you must have at least 2 GB of RAM for good performance and at least 7 GB of free disk space for initial installation of the Oracle Solaris 11 image. (A maximum of 64 GB is what the image's virtual disk can grow to.)

Importing the Oracle Solaris 11 VM to Oracle VM VirtualBox

First, download the Oracle Solaris 11.1 VM for Oracle VM VirtualBox archive available from Oracle Solaris 11 VM Downloads page, and then unpack it by running the following command:

tar xvf OracleSolaris11_1-VM.tgz

Then, import the OracleSolaris11_1.ova appliance file into Oracle VM VirtualBox using the following procedure:

Launch Oracle VM VirtualBox Manager from the Start menu of your operating system.
In Oracle VM VirtualBox Manager, choose File -> Import Appliance to launch the Appliance Import Wizard.
On the first screen of the wizard, click the Open appliance button, and navigate to the location where you unpacked the Oracle Solaris 11 VM archive. Then, select the OracleSolaris11_11-11.ovf file and click Open.
On the next wizard screen, change the appliance settings.

When setting the amount of RAM to be allocated for the appliance, you should specify at least 1024 MB. What is recommended, though, is up to half of the available RAM. Among other things, you can change the directory for the virtual disk image. Take into account that the image size can expand up to 64 GB. So, the directory you choose should allow for that growth.
Once you've changed the settings to suit your system, click the Import button to start the import process.

After the import process has been successfully completed, Oracle VM VirtualBox Manager should look like Figure 1:

Figure 1. Oracle VM VirtualBox Manager after the Oracle Solaris 11 VM appliance has been imported.

Most of the VM settings you specified during the import stage can be changed now in the right pane of the Oracle VM VirtualBox Manager window, provided you have selected the newly created Oracle Solaris VM in the left pane of the window.

Configuring Oracle Solaris 11 VM Settings

Now you're ready to launch the Oracle Solaris virtual machine. To do this, just double-click the virtual machine icon in the left pane of the Oracle VM VirtualBox Manager window. As a result, the Oracle Solaris GRUB menu should appear, in which you should see the only option: Oracle Solaris 11.1.

Press the Enter key to start booting. Upon the first boot of the Oracle Solaris operating system, the System Configuration Tool will run automatically, allowing you to enter some configuration information, including the root password, network configuration information, and the time zone. Figure 2 shows what the first screen of the System Configuration Tool looks like:

Figure 2. The Oracle Solaris 11 System Configuration Tool system running in Oracle VM VirtualBox.

Perform the following steps in the System Configuration Tool:

To leave the first screen, press F2.
On the Network screen, specify the computer name and select how you want to configure the network connection.

If you select Manually, you'll move on to the Manually Configure screen after pressing F2, in which case, you'll be asked to enter the IP address of the virtual machine, the netmask, and the IP address of the subnet's router. Then, you'll be able to configure a DNS name service or choose not to configure DNS.
On the "Time Zone: Regions" screen, choose the region that contains your time zone.
On the "Time Zone: Locations" screen, choose your location.
On the Time Zone screen, select your time zone.
On the Users screen, enter the system root password. Also, you'll be prompted to create a new user account on this same screen.
On the "Support — Registration" screen provide your e-mail address if you want to receive e-mails about security issues. Also, you'll be able to specify your My Oracle Support password if you want to receive security updates from My Oracle Support.
On the "Support — Network Configuration" screen, configure an internet connection.
On the System Configuration Summary screen, review the chosen settings, and if everything is OK, press F2 to apply them. Otherwise, you can go back to make changes.

After completing the steps above, the booting process will continue and you'll be prompted to log in. You can use the account you just created with the System Configuration Tool. Alternatively, you might log in as user oracle, which is available by default. It's interesting to note that you won't be able to log in as root, because root is defined as a role for security reasons. For more details on the role-based access control (RBAC) model used in Oracle Solaris 11, refer to Oracle Solaris 11.1 Administration: Security Services.

Shortly after a successful login, you should see the desktop of the Oracle Solaris 11 operating system running in Oracle VM VirtualBox, as shown in Figure 3.

Figure 3. The desktop of the Oracle Solaris 11 OS running in Oracle VM VirtualBox.

From now on, you have two operating systems running on your computer simultaneously. Thus, you can work with an instance of Oracle Solaris 11 running as a guest operating system, and your host operating system is still available, of course.

Playing with Oracle Solaris 11

You can now play with Oracle Solaris 11, which is installed inside a virtual machine. As with a conventional Oracle Solaris installation, both GUI tools and command-line interface (CLI) tools are available. Let's start with some simple administration tasks.

Suppose you want to add a new user while you are logged in as the user you created with the System Configuration Tool. You can do this using either the User Manager GUI or the CLI.

The following steps show how you might accomplish this task with the User Manager GUI.

To launch the User Manager GUI, select System -> Administration -> User Manager.
Before you can create a new user, though, you must assume the root role. To do this, click the Lock icon at the upper right corner of the User Manager window, and in the pop-up menu select the upper item, for example, root@solaris (yul).
In the Log In dialog box, enter the root password.
In the User Manager window, click the New button to invoke the New User dialog box, which is shown in Figure 4.

Figure 4. Creating a new user with the User Manager GUI.
Fill in the fields and click OK.

You should see the newly created user's icon in the Users pane of the User Manager window.

Alternatively, you could accomplish this same task of creating a new user through the CLI using the following steps:

Launch a terminal window.
Issue the following command to make sure that the root role is assigned to your account:
```
yul@solaris:~$ roles
root
```
If the output from the command above shows No roles, you have to log in again as a user that has the root role assigned.

Assume the root role by issuing the following command:

yul@solaris:~$ su - root
Password: 
root@solaris: #

Now, create a new user:

root@solaris: # useradd -d /export/home/tjoe -m tjoe

You can optionally assign the root role to the newly created user:
```
root@solaris: # usermod -R root tjoe
```

Finally, make sure you assign the newly created user a password:

root@solaris: # passwd tjoe
New password: 
Re-enter new password:
passwd: password successfully changed for tjoe

After completing the steps above, you will be able to log in as the tjoe user.

So far, you have looked at how the root role might be used to grant the privileges required for creating a new user. It's important to note, though, that Oracle Solaris 11 offers a more flexible and secure alternative for this same task. Thus, instead of assuming the root role to create a new user, you might assign the User Management rights profile to your account and then create a user.

The User Management rights profile enables you to manage users, including creating new ones. This approach of using only the rights profile required to perform a specified task or tasks—instead of assuming the root role with the full set of superuser privileges—adheres to the security principle of least privilege. The following procedure shows how to add a new user using this method:

Launch a terminal window.
First, check the rights profile that is already assigned to your account:
```
yul@solaris:~$ userattr profiles 
System Administrator
```
As you can see, your account is already assigned to System Administrator rights profile.
Now, add the User Management rights profile to your account, for example:
```
yul@solaris:~$ su root -c "usermod -K profiles='User Management','System Administrator' yul"
```
As you can see, you still need the root password to assign a rights profile to an account. Note, however, that this task might be accomplished by another user in advance, so all that's left for you to do is to add a new user.

Look at the list of assigned rights profiles; you should see the change:

yul@solaris:~$ userattr profiles 
User Management,System Administrator

Next, invoke a profile shell and add a new user as follows:

yul@solaris:~$ pfbash
yul@solaris: $ useradd -d /export/home/tjoe -m tjoe

Finally, assign a password to the newly created user. Since the User Management rights profile does not give you the right to change passwords, you'll need root privileges for that:
```
yul@solaris:~$ su root -c "passwd tjoe"
Password: [Enter root password]
New Password: [Enter password for tjoe]
Re-enter new Password: [Re-enter password for tjoe]
passwd: password successfully changed for tjoe
```
Once again, this step might be accomplished by another user, once the account has been created.

Interacting with the Outside World

In the old days—before virtualization—a network was a means of connecting computers (hosts). With the advent of virtualization, networking applicability was broadened beyond real machines to also include virtual machines. Today, you might have a number of virtual machines running on a single computer simultaneously, and each of those virtual machines has a unique IP address allowing it to act as if it were a physical machine on the network.

Oracle VM VirtualBox allows you to choose a networking mode for the network adapter to be used in the virtual machine. Below is the list of available options:

Not attached: In this mode, no network connection is available.
Network Address Translation (NAT): This is the default networking mode, which requires no configuration on either the host or the guest and means virtual machines cannot talk to each other.
Host-only: The virtual machines can interact with each other and the host. However, a physical network interface might not be present.
Bridged networking: This mode allows you to set up routing between the guest and the rest of the network, including the host, other virtual machines on the network, and the outside world. The latter allows you to run servers in a guest.
Internal networking: This mode is much like bridged networking, but it is more secure and does not allow you to communicate with an external network.

To learn more about the networking options that Oracle VM VirtualBox offers, check out the "Networking in VirtualBox" post. For a detailed discussion of how to configure your network in Oracle Solaris 11, see the Oracle Technology Network article "How to Get Started Configuring Your Network in Oracle Solaris 11."

Turning back to our example, suppose you chose Manual for the network configuration mode when you configured your system using the System Configuration Tool. That means you explicitly specified the networking parameters for the virtual machine. So, you know the virtual machine's IP address, and you now want it to be available for interaction in the network.

Let's say you want your Oracle Solaris 11 virtual machine to be able to communicate with the host and the other virtual machines on the network. To achieve this, choose the bridged networking mode, as described in the following steps:

Shut down your Oracle Solaris 11 virtual machine if it's running.
In the left pane of the Oracle VM VirtualBox Manager, select the virtual machine icon.
In the right pane of the Oracle VM VirtualBox Manager, click Network to open the Network dialog box shown in Figure 5.

Figure 5. The Network dialog box for setting the network adapters of a virtual machine.
In the Network dialog box, click the Adapter 1 tab.
In the Attached To list, select Bridged Adapter.
Then, select a network interface from the Name list.

Choose a physical network interface of the host. Bridged networking will use this interface, intercepting the data destined for a guest's virtual network interface from the physical network.
Click OK to close the dialog box.

After completing the steps above, you can start the virtual machine again and play with its network capabilities. Probably the first thing you'll want to do is to ping the host and the other virtual machines on the network. If the pings are OK, this suggests that the physical and virtual network interfaces are functionally working.

Let's now try to establish an SSH connection to the host or another virtual machine:

 oracle@solaris: ~$ ssh 192.168.100.10 -l yul
Password: [Enter password for user yul registered on 192.168.100.10]
Authenticity of host '192.168.100.10 (192.168.100.10)' can't be established.
RSA key fingerprint is 8c:a1:7f:4c:db:95:d3:40:c1:58:50:85:50:0f:44:79.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.100.10' (RSA) to the list of known hosts.
yul@solaris:~$

You can now move around the file system of the virtual machine you just connected to.

Managing Services Using the Service Management Facility

Suppose you now want to prevent any outgoing SSH connections from your virtual machine. This can be done using the IP Filter feature of Oracle Solaris managed by the Service Management Facility service svc:/network/ipfilter. The steps are the following:

First, check whether the IP Filter is enabled:

oracle@solaris: ~$ svcs -x ipfilter:default
svc:/network/ipfilter:default (IP Filter)
State: disabled since November 30 05:37:27 2012 AM
Reason: Disabled by an administrator.
See: http://oracle.com/msg/SMF-8000-05
See: ipfilter(5)
Impact: This service is not running.

As you can see, by default, it should not be enabled.

Create an IP Filter configuration file and add packet filtering rules to it. So, navigate to the /etc/ipf folder and the create myorg.ipf.conf file, adding the following rule to it:
```
block out log on net0 from any to any port = 22
```

Next, connect as root, and then set the policy firewall_config_default property to custom:

root@solaris: ~# svccfg -s ipfilter:default setprop firewall_config_default/policy = "custom"

Specify the location of the configuration file:

root@solaris: ~# svccfg -s ipfilter:default \
setprop firewall_config_default/custom_policy_file = "/etc/ipf/myorg.ipf.conf"

Now enable and refresh the IP Filter:

root@solaris: ~# svcadm enable network/ipfilter
root@solaris: ~# svcadm refresh network/ipfilter

After completing the steps above, you can try to establish an SSH connection from within your virtual machine. The attempt should fail. It's interesting to note that if you try to establish an SSH connection to your virtual machine from the outside, this will fail, too.

Using Oracle VM VirtualBox Guest Additions

Networking is not the only means of integration between an Oracle Solaris 11 VM and the outside world. For example, you might use the Oracle VM VirtualBox Guest Additions to share the clipboard between the guest and host. First, however, check whether you have Guest Additions installed, as shown in Listing 1. (It should be installed by default.)

oracle@solaris:~$ pkginfo -l SUNWvboxguest
   PKGINST:  SUNWvboxguest
      NAME:  Oracle VM VirtualBox Guest Additions
  CATEGORY:  application
      ARCH:  i386
   VERSION:  4.1.22,REV=r80657.2012.10.15.18.29
   BASEDIR:  /
    VENDOR:  Oracle Corporation
      DESC:  Oracle VM VirtualBox Guest Additions for Solaris guests
    PSTAMP:  vboxguest20121015182955_r80657
  INSTDATE:  Nov 03 2012 08:15
   HOTLINE:  Please contact your local service provider
     EMAIL:  info@virtualbox.org
    STATUS:  completely installed
     FILES:       79 installed pathnames
                   3 linked files
                   5 directories
                  18 executables
               42478 blocks used (approx)

Listing 1

Note the use of pkginfo rather than the new Oracle Solaris 11 Image Packaging System (IPS) commands. This is because Guest Additions is available only as a legacy SVR4 package.

Then, in the virtual machine, select Devices -> Shared Clipboard ->Bidirectional. After that, you can copy and paste text between the guest and host and vice versa.

Conclusion

Evaluating a new operating system without having to install it on bare metal was just a dream before the advent of tools such as Oracle VM VirtualBox, which can be installed on most popular operating systems, including Windows, Mac OS X, Linux, and Oracle Solaris.

Once Oracle VM VirtualBox has been installed, you can import an appliance containing an operating system guest, which provides a good opportunity to test that operating system in a virtualized environment. In fact, you can have multiple virtual machines—each in an isolated environment—running simultaneously on a single physical machine.

About the Author

Yuli Vasiliev is a software developer, freelance author, and consultant currently specializing in open source development, Java technologies, business intelligence (BI), databases, service-oriented architecture (SOA) and, more recently, virtualization. He is the author of a series of books on Oracle technology, the most recent one being Oracle Business Intelligence: An Introduction to Business Analysis and Reporting (Packt, 2010).