Questions and Answers

Amy Rich

Q I've just installed the new release of Solaris 10, and it looks really cool! One issue I'm having, however, is that I can't figure out how to button down security and turn off most of the services at boot time. It used to be that you'd just delete the necessary files in /etc/rc*.d/, but that doesn't seem to work for a lot of things in Solaris 10. How are you supposed to disable stuff under this new version of the OS, and why did it change?

A The new Solaris 10 model is called the Service Management Framework (SMF). The Service Manager controls stopping, starting, and restarting services on the fly and can identify dependencies on other services so that things always start in the right order. Each service is controlled by an XML configuration file, called a manifest. These manifests are stored in a repository and can be viewed and modified by the repository daemon, svc.configd(1M). The repository is read by the master restarter daemon, svc.startd(1M), which evaluates dependencies and initiates the services as needed. Traditional inetd services are now part of the service manager as well. Any of the inetd services can be enabled, disabled, or restarted via the same mechanism as any other service manager-enabled program.

If you want to see all of the services controlled by the service manager, run the command svcs -a. The command svcadm will allow you to, among other things, enable and disable each service. You can use the svcs -x command to list all of the services that are not running and the reason why they are down.

The service manager also allows you to apply batch changes with the command svccfg. Take a look in /var/svc/profile/ for a file called generic_limited_net.x