Solaris 9: a mini review in an unknown number of parts

scrottie on 2007-09-30T05:36:50

Backstory: Linux and BSD crashing on me left and right is one of my recurring themes. So is pining for BSD/OS. Oogling BSD/OS's mindbending ability to get arbitrarily long uptimes each and every time it's installed on a machine, I noticed that Solaris and Windows 2000 also did pretty well. Windows 2000 would require me to retool very heavily. So I decided to try Solaris. Sun would release the free Solaris 10 later encouraging this.

Everyone seems to hate commercial Unixes in the same way they hate commercial database systems: they're buggy, overly complex, and just plain bizarre in the way that a software project becomes when ideas are inbreed repeatedly from a small group of developers closed off from meaningful feedback. Here are some commercial Unixes that have sucked and been hated over the years: AIX (various flavors). HP/UX (much hated), Ultrix, SCO. Well, enough of that. The story seems to be that the longer a vendor has to "refine" the OS, the more they screw it up. Ones hastily slapped together from SysV or BSD and released are fine, as are ones unmodified except for something bolted on: A/UX, AMIX, DomainOS, SCO (in the old days, before they turned it into some bastardization).

Solaris 10 drops support for 32 bit Sparcs, which are the old 32 bit Sparcs (including the original Sparcs). Sun was still numbering these things like they were with the '2' and '3' series (which ran 68k chips) with the '4' series, and then they did a few little "lunchbox" machines with the IPX and the IPC, and then moved back to the pizza box again with the sexy slim Sparc 10, slightly larger Sparc 5, and the the similar Sparc 20, all of which had different support for similar swappable CPU modules (including no support), different RAM, different drive caddies, etc, but were each individually extremely neat, well thought out machines. In the pizza box style, you open them up, and everything is layed out flat, nothing really being stacked on top of each other except maybe a CD drive on top of a floppy drive, or one HD on the other, or cards plugging in above the motherboard. The motherboard on the bottom of the unit is a signature of the pizza box style. Anyway, I have about 40 of these puppies and Solaris 10 doesn't run on them. So I had to order some UltraSparc gear.

Solaris 10 coming out GPL'd seems to have renewed interest in the newer 64 bit UltraSparc hardware. Ultra 5s that already had RAM and a HD were selling at $100 or more on eBay. A lot of the Ultra 5s were labeled as "untested" and they weren't selling for much at all, if they sold at all, which most didn't. Turns out people knew something I didn't: UltraSparc 5s are crap. Sun decided they needed to compete with PCs on price more so they designed them poorly, with random shaped metal fixtures overlapping randomly. The thing is made in China, like most computers now days. This one had typical problems: schitzophranically couldn't see many devices that were soldered onto the motherboard. OpenBIOS told me that it had only been booted 20 times. I tried a Sun made PCI SCSI controller to replace the non-working on-board IDE controller (which bizarrely doesn't has all of its pins wired, so no software fix will get the thing supporting drives larger than 300 meg) but it couldn't see that either. I found and went through the procedure in the Sun service manual and after running serveral diagnostic routines in firmware that I didn't know about, was told to replace the mainboard.

Okay, I'm on a budget here, and my Ultra 5 is no good. At this point, I get the bright idea to buy Solaris 9, the previous version, and put it on one of the affore mentioned non-Ultra Sparcs. I pay $10 for shipping and am annoyed at that, but I get a 10 pound box in the mail with an installation guide that has a quickstart guide which has a roadmap for it. There are license agreements, errata for the hardware support manual, a hardware support manual, and, all told, about 20 little booklets of various descriptions. There are two DVD cases and two vinyl CD books. Then there are other CDs in jewel cases just shrink wrapped and thrown in there. I feel like I've just returned from a Sun conference where the swag was flowly freely but for some reason don't remember being there. The manuals are printed on drool proof paper. The installation guide assumes that:

1. Everything goes off without a hitch 2. You're extremely stupid and need to be shown what accepting defaults all the way through looks like and assured that when it says everything is okay that it really is okay so you don't flip out and start crying like a baby

Everything did not go okay. The whole setup assumes that Sun sold you the harddrive. The installer is not capable of installing to a SCSI drive you bought new elsewhere, which will lack the special Sun disklabel written to the first few blocks. Argh! Beginning an OpenBSD install got the disklabel there. Other operating systems know how to write these but Solaris doesn't. Apparently you're just supposed to buy all of your SCSI discs from Sun.

Also, at the same time as I got Solaris 9, feeling sorry for the poor Ultra 1's, which aren't supported by Sparc 10 even though they're real, honest to get UltraSparcs, I bought one for 99 cents and got it shipped DHL for $15. Those and the Ultra 2's, which seem to be much more rare and much larger, run the UltraSparc I chip, which could be completely locked up by a malicious code sequence, so Sun decided to treat them as non-Ultra 32 bit Sparcs, which they would do in a backwards compat mode. When Sun dropped support for the 32 bit Sparcs, they ditched the Ultra 1 and 2 also. So I've got one of those here on OpenBSD 4.1, and I'm interested to see if OpenBSD is more stable on the UltraSparc than the Sparc. I think Ultras are more popular for this sort of thing now days so it might be better tested and maintained. Unlike the Ultra 5's, they're extremely well made (you'd have to see these big, solid, sturdy, intricatedly engineered machines with pretty, elaborate cables and connectors... the whole thing just screams that it cost thousands new).

Back to Solaris 9. The installer gave me little indication as to what it was really doing. It asked me the usual questions, about whether the machine was networked, whether to autoconfig from DHCP (no), the gateway, nameservers, IP, etc. Which timezone, which languages to install support for, which level of an install (minimal, end user, developer, server, or whole shebang), and then it had me swapping discs, putting in the software disc (replacing the boot disc), putting in the 2/2 software disc, butting in the boot disc again, putting in the supplamental (3/2) software disc, trying to get me to put in the even-more-software (4/2) disc (no, stop it!), rebooting a few times, and then finally letting me know it was done by giving me a login prompt. It felt more like installing Windows than Unix even though it was all done over a serial console. I'm used to Unixes just smearing themselves all over the HD as fast as the HD can write without coming up for a breath and then doing a quick reboot to the xdm login screen as if to show off how easy it was to clobber Windows into bit oblivion.

So now I'm in. It's funny that OpenBSD and Solaris both touched this same machine. OpenBSD is "secure by default" and runs little. This pigfucker has rpc running, for which an exploit comes out about three times a nanosecond and about a trillion exploits have come out for since Solaris 9 was released in 2002. This *was* more like installing Windows than Unix. Next step is to figure out how to get patches from Sun. But that's not it... there are the usual culprits, like sendmail, that I don't want running, but there are about a dozen things I've never heard of. So I fire up man on them to see what they are. And I get this:

"The DMI Service Provider, dmispd, is the core of the DMI solution. Management applications and Componetent instrumentations communicate with each other through the Service Provider. The Service Provider coordinates and arbitrates requests from the Management applications to the specified Component implementations. The Service Provider handles runtime management of the Component Interface (CI) and the Management Interface (MI), including component installation, registration at the MI and CI level, request serialization and syncronization, event handling for CI, and general flow control and housekeeping.". End paragraph.

Fuck the... what!? I'd say that was clear as mud, but it makes perfect sense. Here you have a business-speak explanation as if written by a guy in a suit who writes verbosely without meaning combined with humous levels of engineer-speak where some programmer picked comically generic terms, exactly those that every good programming style book tells you not to use in your programs, and then passed it off as documentation. A company has to be really big to generate garbage this putrid. Seriously. Fuckin' a. I bash on Linux and BSD on here, and the snot nosed brats with no concept of what "stable" actually means (hint: the Windows guys have little idea, but with Win2k compared to Linux, I can't really say that any more) that keep commiting code, but looking at this feculent dung, the underlaying forces driving people towards Linux and BSD over yet another commercial Unix become quite clear. You run this garbage because you're in a big company, life sucks, and someone tells you have to, not for any other reason, ever. Seeing this garbage bolted onto Unix, something that subverisvely pushed off the bonds of Big Company Serious System Think (tm) and did something small, elegant, direct, approachable, forward, sane, logical, and defensible, I'm enraged by this garbage. The fuckers at Sun have turned Unix into the MULTICS that Unix was laughting at. Fuck you, Sun!

I'm not done yet. I want to see if I can strip off some layers of garbage to get at a gem at the core. I guess I should ls -l / and see how big the kernel is before I get my hopes up. If I have to go wading through subdirectories, I'll be disheartened. If the init.d and /etc are more complex than Ubuntu's, I'll be disheartened.

So, here's what I've got. A Sparc 10 (flat little pizza box) on the floor, top of the case off, all 8 memory slots filled giving it 128 megs of RAM, a 4 gig Seagate ST3520N with 4.5 gigs on it connected over a SCSI-I interface, two 75mhz CPUs each with 2 megs of L2 cache, a home-made serial cable running out the back to a 486 laptop as console, and, finally, Solaris.

-scott


Solaris 9, Sparc 5

scrottie on 2007-09-30T18:01:46

Well, OpenBSD has no problem bringing le0 up with the same cord and hub and everything, but Solaris 9 thinks there is "no carrier" and can't ping the gateway. ifconfig le0 up doesn't help. Think I might be at a dead end here, already.

Oh, another mark of insanity to scare you away: insane version numbering. Solaris was SunOS. Solaris got added later, after they converted from BSD to SysV (wtf?!). Versions started at 1 again in Solaris so the thing had two different names and versions. But then they redid the numbering scheme mid-way through. To wit:

SunOS 5.5.1 = Solaris 2.5.1
SunOS 5.6 = Solaris 2.6
SunOS 5.7 = Solaris 7
SunOS 5.8 = Solaris 8
SunOS 5.9 = Solaris 9

Crackheads.

-scott

Patching

scrottie on 2007-10-03T08:10:15


I commented above that the thing installed by default to run software which I know to be vulnerable. I was able to get the network interface up though I'm not exactly sure how. Bringing the interface up from the console rather than letting the rc.d scripts and the installer's work do it was part of it. So, now it's time to patch. MacOSX, Windows, and various Linux distros have little daemons that run that check the vendor site for critical patches and either install them automatically or nag you to agree to install them. Let's see how Sun does it.

System is vulnerable; I know it's vulnerable; it doesn't seem to know that, however. No daemon is writing to any log that I can see giving me instructions. The man pages are beyond useless (actively depressing) as already discussed. So I head to sun.com, drill down to "products", then "software", then "operating systems" (I shit you not) wading through glorious banners of their deal with Microsoft (everyone seems to want to, no one survives... half the reason Sun is where they are today is they weren't falling all over themselves to deal with Microsoft when Microsoft announced NT and declared it would revolutionaize servers with its simple GUI interfaces and low price), and then off to the "solaris" area where I wade through a bunch more self-congradulating articles clogging up every page. There's a "support" tab that tries to sell me a subscript, then tries to sell a service plan, then (still scrolling down) tries to sell me developer expert assistance, then tries to sell me on "sun connection" which is reportedly "a Solaris life cycle management tool that allows customers to provision new systems, manager their updates and configuration changes, and eventually re-deploy systems for new purpose" -- thank God. I was afraid Sun was never going to write software to *allow* me to redeploy systems for new purposes. I've been sitting here like an asshole with 40 Sparc 5's 10's and 20's in the garage unable to repurpose them for lack of software. Oh, wait, the BSD dinks already did that for me. Right. Looking for software updates. I hate shrinkwrapped software for this. If I'd downloaded and installed Debian, it would be already ready already. Holy cow! Next item, about three screens down, under the heading of "Additional Programs & Reference Materials" is "Solaris 10 Patches" / "Access freely available Solaris 10 patches". By this point, looking at a subheading off a major heading a few pages down drilled half a dozen pages in, I'm really starting to get the feeling that Sun is far more interested in selling me stuff (namely service agreements, hardware, and bullshit) than helding anyone ever under any circumstances patch their system. Kudos to Microsoft for including a direct link to the patch utility from their homepage. At this rate, Sun is going to have to take lessons from Microsoft. I can't believe I'm writing this. Okay, so I click the tab, finally there. But wait. "SUNSOLVE LICENSE AGREEMENT". In order to even read about how to patch the system, I have to agree not to write any reviews of Solaris without permission. FUCK YOU, SUN! Too fucking late, for one. For another, FUCK YOU, SUN! Also, I have to agree not to ever save more than one copy for personal use only of documents in this section, and any software downloaded is licensed conditionally, not sold, so Sun can take their patches back at any time, without permission, if I do something like, say, write an unfavorable review about them. Suddenly I'm unsurprised Sun and Microsoft are signing deals. This sounds all too familiar. And after reading Solaris 10 marketing material on my way here, Sun wasted no time pillaging Linux for code, not that there's anything wrong with that, but now they have this super operating system with all this great GPL code in it and they're telling me that patches for it are licensed, not sold, and if the printer jams half way through printing a page and I clear it and it retries and 1.5 copies of a page come out, Sun will shut down my entire operation and make me wish I were never born -- "Sun may terminate this Agreement at any time, ... Upon termination, you must destroy all copies of Software and Information. That's in pretty stark contrast to Theo's "OpenBSD should be free for any purpose. You should be free to build a baby mulching machine with it if you choose". Suddenly the prospect of backporting security fixes to BSD/OS 4.1 sounds extremely compeling. So, for my next stunt, I'm going to open the firewall and put this pigfucker online and tell you how it goes. I'm expecting more Microsoft-wannabe results from that one. Stay tuned.

-scott

SCO “bastardization”

Aristotle on 2007-10-03T13:21:12

An off-topic dose of pedantry: SCO never actually turned into a bastardization. The SCO of now is not the same company as the SCO of old.

The SCO of old sold that brand and its assets. They changed their name to that of another product of theirs, Tarantella (a Citrix-like terminal server/client affair). They would eventually be bought by SUN in 2005.

The company that’s now called SCO is the dunderhead club that used to be called Caldera, who were all about bundling Linux with commercial software and selling the stew to businesses. All their attempts failed big style, although that was in part because they were ahead of their time, and Red Hat and Novell are now doing the same stuff, only with much less closed software in the mix. Caldera bought the SCO brand from Tarantella Inc and subsequently assumed it for themselves.

Whenever you hear “SCO vs IBM” or such, transliterate to “Caldera vs IBM” for a historically accurate picture. (Wikipedia has more on the various company and product histories, in case you care for a reminder.)

Re:SCO “bastardization”

scrottie on 2007-10-05T07:04:36

Aristotle, never go anywhere. I know, twice now (I think) I've told you to piss off (in far less uncertain terms) but I very much regret that... er, those. I love you, man. Thanks... thanks for keeping me company. I really need that =|

-scott

Re:SCO “bastardization”

Aristotle on 2007-10-05T08:15:22

No problem. :-)