Getting Started With the OpenSolaris OS

By Brian Leonard and Janice J. Heiss, October 2009



Trying OpenSolaris
Installation Options
Users, Roles, and Profiles
Service Management Facility (SMF)
Administering the Network With Network Auto-Magic
Where Is Everything on OpenSolaris?
Image Packaging System (IPS)
A Final Message
For More Information

Trying OpenSolaris

OpenSolaris is distributed as a Live CD, which means that it can be booted into RAM, causing zero impact on your existing operating system. Once it is loaded, experiment with OpenSolaris to determine whether it is something that you would like to install.

You can obtain the OpenSolaris Live CD by downloading the roughly 700 MB image file and using a CD burner to create the disk. If downloading the file to burn the CD is not an option, you can order the CD to be delivered to you for free.

The Live CD is not intended for long-term use. For example, any changes that you make to the system will be lost when the system is shut down. Therefore, the next logical step is to install OpenSolaris on the system, which the Live CD makes easy by placing an Install OpenSolaris icon right on the desktop. But before we head down that road, let's step back a bit and consider the installation options.

Installation Options

You have several alternatives on where to install OpenSolaris: inside a virtual machine on top of your existing operating system, on the bare metal alongside your existing operating system(s), or on the bare metal as a stand-alone operating system.

Virtual Machine

The easiest way to start using OpenSolaris is to install it into a virtual machine on top of your existing operating system. Figure 1 shows OpenSolaris installed on Windows Vista.


You are guaranteed that OpenSolaris will recognize the virtualized devices that the virtual machine provides. If you run OpenSolaris in full-screen mode, you may actually forget that there's another operating system underneath. The one drawback to this approach is that you need enough memory to run two operating systems simultaneously -- a minimum of 2 GB is recommended.

VirtualBox is a free and open-source hypervisor that supports Windows, OS X, Linux, and Solaris as host platforms, and, of course, OpenSolaris, as one of its many guests. If you decide to take this approach, watch this screencast, which covers all the details.

Stand-Alone System

If you have a machine to dedicate to OpenSolaris, the installation process is straightforward. The biggest question mark with this approach is whether OpenSolaris has the proper drivers for your hardware devices. If you've run the Live CD, you may already have an indicator of how well your devices are supported. On the desktop of the Live CD is an icon for the Device Driver Utility, as shown in Figure 2. Double-click on the desktop icon and wait for the scan to complete.


Note: It is possible to test your hardware devices even before downloading or ordering the Live CD. You can launch the Sun Device Detection Tool, as shown in Figure 3, from any browser on your existing operating system. The application is written in the Java programming language and starts with Java Web Start, which is included in the Java Runtime Environment (JRE) as part of Java SE 6. As long as you have the JRE, the application will run on any system.


If drivers are missing, both tools will provide pointers on where to look for help. Google is also your friend here, but if you truly hit a dead end, VirtualBox may be a better solution until the driver you need becomes available or until you buy a new machine.

Assuming that you have no driver issues, simply boot the Live CD and click the InstallOpenSolaris icon on the desktop to launch the installer, as shown in Figure 4.


As you can see from Figure 4, the installation process is simple and asks the user some basic questions before laying down the bits.


In a multiboot scenario, you install OpenSolaris on the bare metal alongside your existing operating system(s). This scenario is the most complicated and requires some preparation. For starters, OpenSolaris does not yet include a partitioning tool, so it's up to you to create a partition in which to install OpenSolaris.

You should create the partition as a primary partition of the type Linux swap, which the OpenSolaris installer will recognize. As of this writing, it is not possible to install OpenSolaris into an extended partition, but that issue is also being addressed.

Although you can use any partitioning tool, the GNOME Partition Editor, known as GParted, is a great open-source option. If Windows is your existing OS, the OpenSolaris boot loader will recognize it without difficulty. If Linux is your existing OS, be sure to back up your GRUB configuration file, because you will need to add its entries to the OpenSolaris GRUB menu. Consult the excellent documentation available for these scenarios, as well as for many others, such as triple boot and OS X.

Users, Roles, and Profiles

Now that you have OpenSolaris installed in some form, let's discuss how the privileges assigned to the user ID that you created during installation allow you to administer your system.

If you recall, during installation you assigned a root password and created a user account, as shown in Figure 5.


If you look at the /etc/passwd file in Figure 6, you will see root defined.


However, you will be frustrated if you try to log in as root. For security reasons, OpenSolaris does not define root as a user account. If you look at the /etc/user_attr file in Figure 7, you can see that root is defined as a role.


You can also see in Figure 7 that the user ID created by the installer was assigned the root role by default. So, although you cannot log in as root, you can switch to the root role, which will prompt you for the root password:

bleonard@opensolaris:~$ su root

By using this approach, you're guaranteed to have an audit trail of who did what on the system as root.

OpenSolaris also includes a collection of rights profiles. One of the rights profiles is named Primary Administrator. The etc_attr file shown in Figure 8 contains the execution attributes associated with rights profiles.


Notice that the Primary Administrator profile has an asterisk ( *) for the command, which means all commands, and that it has a user ID ( uid) of 0. This means that all commands run with a user ID of 0, which is the user ID for root.

The Primary Administrator profile is then assigned to the user who was defined during installation. This association can be seen in the user_attr file, which contains extended attributes for each user or role, as shown in Figure 9.


To run commands against your rights profile, use the pfexec command. As Figure 10 shows, this command searches through the rights profiles assigned to the user ID and applies the first one that works with the specified command. In this case, recall Figure 8, where the Primary Administrator had an asterisk for the command, and recall that all commands run with a uid of 0.


For example, if you try to remove the root role from a user with the usermod command, this is what happens:

bleonard@opensolaris:~$ usermod -R "" bleonard
UX: usermod: ERROR: Permission denied.

However, if you prefix that same command with pfexec, you succeed:

bleonard@opensolaris:~$ pfexec usermod -R "" bleonard
UX: usermod: bleonard is currently logged in, some changes may not take effect until next login.

Note, the GUI shown in Figure 11 is available to administer these configuration files. Go to the System > Administration > Users and Groups menu.


The bottom line here is that everything is set up for you "out of the box" with the default installation of OpenSolaris. The user ID you created at install time is able to fully administer the system.

With the right privileges, you can properly administer your system, such as managing system services, which we address in the next section.

Service Management Facility (SMF)

OpenSolaris manages system services through the Service Management Facility (SMF). Although a GUI is available, the more common and powerful way to manage the services is to use these command-line commands: svcs to report service status and svcadm to manipulate service instances. For example, run svcs to get a list of the currently running services:

bleonard@opensolaris:~$ svcs
STATE          STIME    FMRI
legacy_run     Aug_28   lrc:/etc/rcS_d/S99punchclean
legacy_run     Aug_28   lrc:/etc/rc2_d/S20sysetup
online         13:43:30 svc:/network/ntp:default
online         17:17:22 svc:/system/avahi-bridge-dsd:default

SMF has many advantages relative to the old way of using Unix services through startup scripts. The key advantage is the specification of metadata about each service in a manifest file. This allows users to specify dependencies between services, which then enables independent services to be started in parallel, which speeds up the system boot. Also, when services fail, they can be restarted in the correct order relative to each other. For example, take a look at the sendmail service, using the -l option to display all available information:

bleonard@opensolaris:~$ svcs -l sendmail
fmri         svc:/network/smtp:sendmail
name         sendmail SMTP mail transfer agent
enabled      true
state        online
next_state   none
state_time   Mon Aug 31 13:43:25 2009
logfile      /var/svc/log/network-smtp:sendmail.log
restarter    svc:/system/svc/restarter:default
contract_id  92
dependency   require_all/refresh file://localhost/etc/mail/ (online)
dependency   require_all/refresh file://localhost/etc/nsswitch.conf (online)
dependency   optional_all/none svc:/system/filesystem/autofs (online)
dependency   require_all/none svc:/system/filesystem/local (online)
dependency   require_all/none svc:/network/service (online)
dependency   require_all/refresh svc:/milestone/name-services (online)
dependency   optional_all/refresh svc:/system/identity:domain (online)
dependency   optional_all/none svc:/system/system-log (online)

At the bottom of this listing, you can see the services on which sendmail depends. If one of sendmail's dependent services fails to start for some reason, sendmail will not even attempt to start.

You can also easily disable, enable, and restart services by using the svcadm command. For example, use this command to disable the sendmail service:

svadm disable sendmail

Using the -x option for the svcs command will give you an explanation of the service state:

bleonard@opensolaris:~$ svcs -x sendmail
svc:/network/smtp:sendmail (sendmail SMTP mail transfer agent)
 State: disabled since Tue Sept 01 10:57:34 2009
                     Disabled by an administrator.
   See: sendmail(1M)
   See: /var/svc/log/network-smtp:sendmail.log
Impact: This service is not running.

Note that this output also provides links to further information about the service state ( ) and the services log file ( /var/svc/log/network-smtp:sendmail.log), both of which can be very useful in tracking down service failures.

Administering the Network With Network Auto-Magic

One of the first services that users need to administer is the network. OpenSolaris uses a service known as Network Auto-Magic (NWAM) to manage the network. The service works with both wired and wireless network connections and provides all the features that you expect from a network manager, such as the ability to identify and manage wireless networks. The service prefers a wired network by default, as shown in Figure 12, but you can easily change this preference.


You can disable NWAM either from the connection properties dialog box, as shown in Figure 13, or from the command line with the svcadm disable nwam command. This command gives you full manual control over the network configuration.

Where Is Everything on OpenSolaris?

So where is everything on OpenSolaris? The root directory is not hard to understand for those accustomed to Windows operating systems. It's like the top-level directory on a drive ( C:\). The key difference is that OpenSolaris provides a single directory hierarchy that starts at /. So, unlike Windows, there's no need to specify a device ( C:\ or D:\, and so on) in the file name.

Table 1 shows directories available on OpenSolaris through the default PATH. Note the use of forward slashes and colons instead of the semicolons found on Windows.

Table 1. OpenSolaris Directories on the Default Path
Sharable files: docs, executables, and so on
The GNU versions of user command-line tools
GNU is a recursive acronym for "GNU's Not Unix." Due to the popularity of GNU, you can now find the GNU software in Unix.
The Solaris versions of user command-line tools
The /usr/bin directory has some overlap with /usr/gnu/bin versions, so change the PATH if you want the Solaris version. This order was set to make OpenSolaris more familiar to Linux users.
System administration tools
The s stands for "system."
Essential executables (used at boot time)
The s stands for "system."
X11 utilities

Table 2 shows three additional directories of note on OpenSolaris.

Table 2: Additional Directories on OpenSolaris
Third-party software such as VirtualBox and
For configuration files
For log files

No matter what operating system you use, you already understand the concept of a home directory. OpenSolaris uses /export/home instead of /home to avoid name collisions with the automounter. Solaris has a heritage as a network file system. Some users find this a bit confusing, and the development team plans to address it in the next release.

Image Packaging System (IPS)

Because OpenSolaris is designed to fit on a CD, you'll discover very quickly the need to get additional software. A key differentiator from the Solaris OS is the new Image Packaging System (IPS) in OpenSolaris. One of the main goals of the IPS is to provide a network repository-based delivery mechanism. OpenSolaris comes with one repository preregistered, and you can easily add more.

Finding and Installing Packages

You can use either the Package Manager GUI, as shown in Figure 14, or the command line to manage the packages.


From the command line, the main command is pkg. The pkg command is always intended to be run with a subcommand such as list, search, info, or install. For example, use the pkg list command to see the list of packages currently installed on your system:

bleonard@os200906:~$ pkg list
NAME (PUBLISHER)                              VERSION         STATE      UFIX
BRCMbnx                                       0.5.11-0.111    installed  ----
FSWxorg-fonts-core                            0.5.11-0.111    installed  ----
NVDAgraphics                                  0.180.44-0.111  installed  ----
SUNW1394                                      0.5.11-0.111    installed  ----
SUNWDTraceToolkit                             0.5.11-0.111    installed  ----
SUNWPython                                    2.4.4-0.111     installed  ----

To find a package, use the search subcommand. For example, if you are looking for GlassFish, use pkg search:

bleonard@os200906:~$ pkg search glassfish
INDEX      ACTION     VALUE                     PACKAGE
description set       GlassFish                 pkg:/glassfishv2@0.5.11-0.86
description set       GlassFish                 pkg:/glassfishv2@0.5.11-0.86
description set       GlassFish                 pkg:/glassfishv2@0.5.11-0.86
description set       GlassFish                 pkg:/web/glassfish-2@2.1-0.111

And then to get more information on a particular package, use pkg info:

bleonard@os200906:~$ pkg info -r glassfishv2
          Name: glassfishv2
         State: Not installed
       Version: 0.5.11
 Build Release: 5.11
        Branch: 0.111
Packaging Date: Mon May 18 20:20:21 2009
          Size: 0.00 B
          FMRI: pkg:/glassfishv2@0.5.11,5.11-0.111:20090518T202021Z

To see the contents of the GlassFish package, use the pkg contents command:

bleonard@os200906:~$ pkg contents -rm glassfishv2
set name=publisher
set value=global value=nonglobal
set name=variant.arch value=sparc value=i386
depend fmri=web/glassfish-2@2.1-0.111 type=require

Here you can see that glassfishv2 is actually a metapackage, which has a dependency on the glassfish-2 package. Run pkg contents again, this time on glassfish-2, to see the actual files installed by the package.

bleonard@os200906:~$ pkg contents -r glassfish-2

To see other dependencies that a package may have, you can use the -m or metadata option, along with grep:

bleonard@os200906:~$ pkg contents -rm glassfish-2 | grep depend
depend fmri=SUNWcsl@0.5.11-0.111 type=require
depend fmri=SUNWcs@0.5.11-0.111 type=require
depend fmri=SUNWj6dmo@0.5.11-0.111 type=require
depend fmri=SUNWj6rt@0.5.11-0.111 type=require
depend fmri=SUNWj6cfg@0.5.11-0.111 type=require
depend fmri=SUNWpr@0.5.11-0.111 type=require
depend fmri=SUNWlibms@0.5.11-0.111 type=require
depend fmri=SUNWjavadb@ type=require
depend fmri=SUNWj6man@0.5.11-0.111 type=require
depend fmri=SUNWant@1.7.1-0.111 type=require
depend fmri=SUNWj6dvx@0.5.11-0.111 type=require
depend fmri=SUNWj6dmx@0.5.11-0.111 type=require
depend fmri=SUNWj6dev@0.5.11-0.111 type=require
depend fmri=SUNWj6rtx@0.5.11-0.111 type=require
depend fmri=service/network/message-queue-41 type=require
depend fmri=SUNWlibC@0.5.11-0.111 type=require
depend fmri=SUNWj6jmp@0.5.11-0.111 type=require

What this means is that IPS will identify the packages on which GlassFish depends and install them if they are not already installed.

Finally, when you are ready to install the package, use the pkg install command:

bleonard@os200906:~$ pfexec pkg install glassfishv2
DOWNLOAD                                    PKGS       FILES     XFER (MB)
Completed                                  12/12   6416/6416 114.35/114.35

PHASE                                        ACTIONS
Install Phase                              7474/7474

Note: Only authorized users can install packages to the system, which is why you must prefix the previous command with pfexec. See the Users, Roles, and Profiles section to review.


Besides the default release repository at, several additional repositories exist:

  • Extra includes free software that is not freely redistributable, such as Adobe Flash and VirtualBox. It requires registration and the installation of a certificate to set up. Follow the instructions to obtain the keys and certificates. To view the contents of the repository in your browser, follow the instructions to add the certificate to Firefox.
  • Support contains the latest bug fixes and updates for those with a support contract, which we highly recommend if you decide to get serious with OpenSolaris.
  • Pending is for developers who contribute packages to OpenSolaris through the Source Juicer web service. Open to all, this is a staging ground for reviewing and testing packages before they are promoted to the Contrib repository. The packages are not qualified and generally not recommended for installation by users because they could contain bugs, viruses, or objectionable content.
  • Contrib is for packages that have been promoted from the pending repository. The packages have gone through some screening by the community, but you still use the content in this repository at your own risk.
  • Dev is where you'll find the development branch of OpenSolaris. A new build of OpenSolaris is released approximately every two weeks. The dev repository replaces the release repository, and unless your interest in OpenSolaris is in developing OpenSolaris, we highly recommend that you stick with the release repository.

You can install additional repositories by using the pkg set-publisher command or the Package Manager GUI, as shown in Figure 15. If you rarely install repositories, using the Package Manager may be the better way to go. It's especially useful when the repository you want to add requires a key and certificate, as the command line can get quite long and prone to error.

One-Click Install

You may have noticed the Install link when you were browsing the repositories. Figure 16 shows the Package Catalog.


Clicking the Install link will launch the Package Manager and start the installation. It will also install the repository first if necessary. This is a nice feature, as anyone can promote a package. For example, here's a link to install GlassFish (note: Unless you're reading this from OpenSolaris, your operating system will not know what do to with this link).

Boot Environments

A boot environment is a snapshot of the files that are critical to the operation of OpenSolaris. After installation, there is only a single boot environment, but over time, new boot environments will be created, either manually by you or automatically by the Update Manager (discussed next). A boot environment essentially allows you to roll back to an earlier snapshot of OpenSolaris in case something goes wrong in your current boot environment.

Before you do anything risky on your system, such as installing a package from the pending repository, consider creating a new boot environment to protect yourself. You can create a boot environment from either the Package Manager or the command line. Figure 17 shows the Manage Boot Environments dialog box.

Update Manager

When updates to IPS packages are available, OpenSolaris will notify you by way of an icon in your top panel, as shown in Figure 18. The Update Manager will then create a new boot environment and install the updates, which will be active on the next boot. If an update corrupts your system, you can safely boot into the environment prior to the update.

Solaris Legacy Package Manager

For many years, the Solaris OS has used the SVR4 packaging system, so named because it was part of the System V, Release 4 version of Unix.

OpenSolaris supports SVR4 packages and includes the commands needed to install and remove those packages. But no coordination exists between the IPS packages and the SVR4 packages. Conflicts may occur during package installation when you mix SVR4 and IPS packages that contain identical files, so don't install SVR4 packages unless absolutely necessary. If you run into this situation, cancel the installation and attempt to resolve the conflict before you continue.

A Final Message

Moving to OpenSolaris can be exciting. However, it can also be frustrating as you begin to learn your way around. Hopefully, this article has given you enough of an introduction to make the move.

Once up and running, you will surely come up with additional questions. A great benefit of open-source software is that the engineers who build OpenSolaris communicate in public forums. In most cases, your question has already been answered, so begin by searching the forum that most closely matches your question. For example, if you have a question about printing, start by searching the printing discussion forum, and post the question only if you cannot find the answer. Generally, you will receive a response within hours.

Also, as a user of OpenSolaris, you've just joined the OpenSolaris community. Simply asking a question in a forum makes you a contributor to the community. If you find a bug in OpenSolaris, please notify the developers.

Enjoy your journey with OpenSolaris.

For More Information

The Observatory: OpenSolaris Tips and Tricks
Learn OpenSolaris
Download OpenSolaris

Rate This Article