Previewing the Next Solaris OS

Eric Boutilier writes "Amy Rich has written an excellent Solaris Express (Solaris 10) how-to and general overview. It covers how the program works, using the community web site, and what's new in Solaris Express." Among many new features, the TCP/IP stack has been redesigned, IPv6 support improved, and both NFSv4 and USB 2.0 support added.

Solaris doesn't suck...

[Space+cowboy]

(In case the first post is modded down to hell, that's what it said :-)

The market for Solaris is very different from Linux, it's datacentre-land, not home user. I still don't see it lasting too long though... One of the microsoft lines that really is true is that Linux is a larger threat to Unix than to MS, at the moment (MS forgot the 'at the moment' bit :-)

Two wars: The desktop and the datacentre. Despite the cliche of fighting a war on two fronts, Linux is porbably uniquely positioned to fight a war on N fronts (where N is a positive, large integer). The way it's set up is to leverage groups of people whilst folding the advances back into the core.

SGI are turning to Linux, Sun will too. There'll be a few releases of both OS's first, though, IMHO.

Simon.

Re:Solaris doesn't suck...

[dbIII]

The market for Solaris is very different from Linux, it's datacentre-land, not home user.

Linux is still a long way behind Solaris with things like NFS - massive speed differences. A home user isn't going to care much about NFS, which is probably the main reason why NFS still sucks under linux (though not so much in 2.6). I'm sure there's other things as well.

One of the microsoft lines that really is true is that Linux is a larger threat to Unix than to MS

I disagree. Linux is a bigger threat in server space, you have to remember that even after a decade NT et al are the upstart operating systems that have steadily been getting commodity PC hardware into server space - linux challenges that head on by providing a solid multiuser OS that runs on PC hardware, and does it much better than the steadily improving NT operating systems. You only run a Microsoft operating system if you want to run the programs that come with that platform or if you want to use cheap PC hardware as a server. Linux does threaten Microsoft in that way, and I suspect that has contibuted to them improving their software (security patches when they didn't care about them before, and the numerous new features in longhorn).

Re:Solaris doesn't suck...

[__past__]

There are rumors that Sun might join forces with Fujitsu Siemens, i.e. closer collaboration of the UltraSparc and SPARC64 design teams. This would seem like a pretty smart move - if you make your processor arch publicly available, you might as well try to benefit from it. Two independent groups developing 64bit sparcs for servers is a little wastefull, and maintaining an alternative architecture is hard enough.

Re:Solaris doesn't suck...

[jadel]

Note the following is my opinion, I don't claim to have all the answers or any more insight than regularly reading IT news...
The biggest difference (IMNSHO) between the open source community (including what is commonly referred to as the Linux community) and Microsoft is cultural. MS is a marketing driven organisation - features are chosen and development is directed based on what will shift boxes - even the current security initiatives are aimed at minimizing the amount of damage the reputation of the company was incurring due to its repeated and high profile security problems.
OSS projects seem to come in a huge range of styles and with a similarly huge number of objectives, however there is a larger emphasis on technical merit. Linus has a reputation for being draconian in what he will allow into the kernel, he is entirely willing to throw patches away that don't meet his standards no matter how wonderful the functionality they provide may be.
The result of this is that although OSS is generally not as "shiny" as MS products tend to be, it seems to be built on a much more solid foundation. Whether that is enough of an advantage for it to take a sizeable bite out of MS' market share remains to be seen.
Of course MS also seem to be their own biggest enemy. The new licensing arrangements and product activation seem to be designed to make life difficult for businesses. Likewise the way they seem to alternate between smear campaigns against Linux and running scared any time a business talks about moving there desktops over to an OSS solution has been raising the profile of alternatives to people who would not have otherwise heard of them.
Truly we live in interesting times (in both senses of the phrase.)

Re:Solaris doesn't suck...

[chthon]

Anyone needing more than 8 CPU's ? Seriously, go to IBM/HP/Dell and then try to configure a system that has the same capacity as something from Sun. When you reach the same specs, you will most probably have the same price.

The only place where Sun is really threatened is in the real low-end, and for that space they also have now x86 based systems.

Is the Unisys/W2000 a contender with Sun in the 8-32 CPU space ? Not really, because all W2000 processes run in their own small protected space, whereas one application on Sun can take advantage of all CPU's on the system if necessary.

A happy Linux user, which happens to work with Solaris on his job.

Re:Solaris doesn't suck...

[4of12]

Linux is still a long way behind Solaris with things like NFS

Behind yes, but not a long way, and the gap has been closing over the past several years.

I'm really looking forward to performance and security of NFSv4, but am apprehensive that the setup appears to be more complicated than just editing a couple files in /etc.

BTW, given all the recent hoopla over Sun's commitment to free and open source software, they ought to be recognized for sponsoring the CITI group at UMich that had a lot to do with Linux NFSv4, and for sponsoring the Connectathon series of conferences that I'm hoping will make my Linux desktop NFS client interact better with my Sun NFS fileserver.

Re:Solaris doesn't suck...

[I_am_the_man]

Those companies willing to spend a few million do not care as much about speed as they do about their application being able to run on future versions of a vendor's processor with no recompile (and garanteed). They want to make sure that the OS they are buying with their million dollar setup is supported by the vendor for at least 10 years. They want to make sure that when the next version of the processor the vendor designs comes out that they can put it in their existing box; replacing the present processors or along side of them (without having to bring the box down). If raw throughput was Sun's only goal they could make Sparcs as fast as anybody else. But binary compatibility, open architecture, mix and match and endless support cycles for the OS is what makes million dollar companies say no to raw speed and yes to Sun. Oh and Sun's machines have incredible throughput and perform very well in real world scenarios.

Program?

[NicolaiBSD]

It covers how the program works

But can you run this program called Solaris 10 on Linux? Or do you need wine for that?

Re:Hopefully

[fr0dicus]

Yeah, apart from the much larger breadth of GNU tools, ssh and much higher performing threading model, 9 really sucked.

Hope they have Bash, OpenSSL

[justanyone]

I know this is a trivial thing, but it's a real pain in the butt to have to use ksh all the time because most Solaris boxen I've worked on don't have Bash installed by default.

The same goes for OpenSSL and a bunch of other tools that would be great to have but that I cannot count on being there.

On the other front, having Gnome as a gui readily available is definitely deserving of kudos. If only I had more than ssh access to most of the boxes I work with, I could actually use it. We have Hummingbird Exceed, but it's such a HUGE pain to set up. Neither myself, a reasonably good programmer, nor any of the sysadmins at the very large bank where I work know how to set it up.

Alas.

-- Kevin J. Rice

Re:Hope they have Bash, OpenSSL

[benwb]

Solaris 9 has ssh by default, so I can only assume that 10 will as well.

Re:Hope they have Bash, OpenSSL

[stephenbooth]

If you're not averse to free software then I suggest you try Cygwin (http://www.cygwin.com/). It's a lot easier to set up than Hummbingbird eXeed. It's also free. I've been using it for a few years now to get X access to remote *nix boxen, never had any problems cos it's easy to setup and use. And did I mention that, unliek Hummingbird eXeed, it's free?

Stephen

Re:Hope they have Bash, OpenSSL

[larien]

Hrm:

# pkginfo SUNWbash
system SUNWbash GNU Bourne-Again shell (bash)

Perhaps not always installed by default, but it is available. That's on Solaris 8, BTW. As for other stuff, check out www.sunfreeware.com

Re:Hope they have Bash, OpenSSL

[BrookHarty]

I know this is a trivial thing, but it's a real pain in the butt to have to use ksh all the time because most Solaris boxen I've worked on don't have Bash installed by default.

We keep a local sunfreeware mirror for new sunos installs. Bash, updated Perl with modules, wget, lynx, openssl, bzip, sudo, lsof, openssh, and ncftp. (no gcc) If it wasn't for sunfreeware, I'd go nuts using Solaris. Anyone that has to move/push/alter data, needs common tools on all platforms, thank god for Sunfreeware.

Re:Hope they have Bash, OpenSSL

[Gollum]

ssh access is all you really need to execute X11 commands. Install Cygwin and Xfree86 if Exceed is too complex. Then SSH in to the box, and check what your DISPLAY variable is set to (echo $DISPLAY). It should point back to your IP address (or hostname), followed by :0.0

if it is not, do "export DISPLAY=your.ip:0.0" and execute an xterm, or start gnome, or do whatever you want to.

Re:Hope they have Bash, OpenSSL

[4of12]

??

When I do

$ ssh -X solarisbox

my X network traffic is nicely hidden taken caer of by ssh; the Solaris box puts X traffic onto a fake local framebuffer DISPLAY like

solarisbox:10.0

before sending it back to my realbox:0.0.

It might be slower than what you suggest, but I think it's a lot more secure. Without ssh doing the job of making your X network traffic secure you'll have to worry about Xauthority. Too many people (and I was one once) get around Xauthority hassles with an

$ xhost +

and I can't begin to tell you just how Bad that is.

Re:Gnome ?

[zz99]

I'm using Solaris at work, and I'm no fan of Gnome, but compared with CDE I'll pick it any day. ...in reality I'm actually running KDE 3.2, installed in my home directory :)

god-awful GNOME?

[AmVidia+HQ]

Apart from the addition of the god-awful GNOME desktop

Don't know if your flaimbait was intentional or not, but you should have at least elaborated on why it's "god-awful". In my opinion, Gnome is far less awful than CDE. And although it is less feature-rich and configurable than KDE, its behaviour seems more consistent. That is what businesses and Solaris' market wants. Assuming that KDE is your awe inspiring desktop of course.

Sun's move from CDE to Gnome is a good move, if not from Solaris to Linux completely.

DTrace

DTrace definitely seems to be worth checking out. As the article indicates, more info is available here.
As the article does not indicate -- but it seems to be worth mentioning -- DTrace was introduced in a comp.unix.solaris post here. Seems pretty damn cool...

more power to them

[nuckin+futs]

Any OS that is out there that can take away from the 90%+ market share that Microsoft holds is a good thing.
Of course Microsoft's market share won't go down if this OS just replaces one *nix variant with another, but that's another story.

Sun/Solaris will survive

[Moderation+abuser]

In the datacenter for a good while yet. Several years, at least 3 and probably longer. Basically the hardware is better than Intel for the non sparcified PC clones anyway. Bigger caches, more I/O, more memory bandwidth etc. Linux isn't yet trusted on this stuff and it won't kill Solaris off until 3-5 years after it is trusted on the big iron.

I have no problem with Solaris and Linux side by side and neither do the management. We are actively and with prejudice trying to kill off HP-UX as soon as possible though.

Re:SunOS, anyone?

[chegosaurus]

> And when they finally got them here, one of
> the V100s did not boot.

> That's it, we almost ended up with a
> network-enabled FORTH compiler that cost us
> $1500.

My friend bought a new car, and the dealership accidentally gave him the wrong set of keys. That was it, he almost ended up with a sealed glass and metal box that cost him $35000.

One little tiny, easily rectified mistake does not mean the product sucks. If someone dismissed linux because they bought a preinstalled box which didn't boot because of a wrong jumper, would that mean linux was crappy? No. Of course not.

> I'm still glad we didn't wait for tech support
> to react (and I'm pretty sure it would take
> them several more weeks)

Have you ever *used* Sun support? To answer your later question, that's one of the reasons Sun are so expensive. They have great support. If you were on a decent support contract there could have been a guy with you inside an hour with a bag full of V100 parts. If you don't need support, go with linux/bsd or buy Sun kit off ebay.

Once more, FUD-ish Sun-bashing gets modded up as interesting/informative. Replies which dare to defend Sun are usually modded down. Flamebait, troll, whatever. (They should have a "-1 heresy" tag.)

Fire Engine

[zz99]

The register has an old story about the new TCP/IP stack in Solaris 10, that is good reading.

A quick summary of the story:

The new stack has:
- Efficient at handling multiple NICs
- Low CPU usage (30% lower than Linux)
- Build for targeting 10/100 Gbps in the future. Has a new construction where it is possible to offload the cpu by routing packet to dedicated packet processing processors.

The last part seems like a preparation for the Sun hardware of tomorrow.

cool feature i am using

i try with solaris express and I find a cool feature called "ppriv" like this:

gta3# ppriv $$
1124: bash
flags = 0x0
E: all
I: basic
P: all
L: all

Ok, so I am root I have all privileges I think

but now look at rpcbind, it is runnign as daemon but has less priviliges even than normal processes

gta3# ppriv 100182
100182: /usr/sbin/rpcbind
flags = 0x2
E: net_privaddr,proc_fork,sys_nfs
I: none
P: net_privaddr,proc_fork,sys_nfs
L: all

see, it does not have privilege to do 'exec'... there are 30 or more privileges and it has only 3. So i guess this means some stack attack will not work against it like exec shell

also i can run and see privileges like thids

gta3$ ppriv -D -e cat /etc/shadow
cat[100619]: missing privilege "file_dac_read" (euid = 77293, syscall = 225) needed at ufs_iaccess+0xd2
cat: cannot open /etc/shadow

not sure what this means?

Another intro to Solaris 10

[ChrisRijk]

Ace's Hardware had a post about Solaris 10 back in November.

There is an alternative introduction on the main Solaris 10 page too. Eg:

N1 Grid Containers is a breakthrough approach to virtualization with multiple software partitions per single instance of the OS. N1 Grid Containers make consolidation simple, safe and secure.

* Superior Resource Utilization. N1 Grid Containers dynamically adjust resources to business goals within and across the container. With little management overhead (less than 1%), it offers over 4,000 containers per system.
* Increased Uptime. With N1 Grid Containers, applications are isolated from each other and from system faults. Using Instant Restart, each Container can be restarted in just seconds. Boot time in large systems can be reduced by as much as 70%.
* Reduced Costs. N1 Grid Containers simplifies and accelerates consolidation. It also significantly reduces system, admin and maintenance overhead.

The containers (previous called Solaris Zones) can also each have their own root password and own IP address, as well as min/max/QoS resource settings.

DTrace probes

[haggar]

Dtrace probes was be the most important factor for our decision to upgrade all development servers to Solaris 10. We'll mostly skip Solaris 9, actually.

The fact is that we need as much insight in our processes as we can possibly get, as every little performance increase helps. Plus, we get to inspect possible sources of instability.

Typically our products interact with several third-party products, and the DTrace probes will be very useful in tracking down memory leaks and utilization details in such complex environments.

Re:SunOS, anyone?

[MidKnight]

Seems like most people are missing one of the major points of having a Solaris workstation: development and platform scalability.

You can design, write, compile, and test an application on your little one or two-processor workstation. Once you're satisfied that it'll correctly calculate the national debt to 100 significant figures, you can copy it over *completely unchanged* to a 108-CPU Sun E15K and it will run exactly the same. Exactly. Just a little faster.

Platform scalability of that sort is not available from any other vendor that I know of. It's also darn nice when you've got a 4-CPU server that is swamped and want to upgrade to a 32-CPU box. You don't have to change anything. I know a sys-admin who once upgraded their machine by literally swapping out the boot drive. Not exactly elegant (and he didn't tell his boss how he did it so quickly), but it worked for him.

So, you're right: if you're looking for a desktop machine that'll run web browsers and still give you all the CLI goodness of a UNIX or a work-alike, you can get it cheaper elsewhere, although the difference is less than most people think. Have you priced one out recently? Really? Oh yeah, and the support is simply awesome.

--Mid