shibboleth-dev - info on new solaris machine at AA
Subject: Shibboleth Developers
List archive
- From:
- To:
- Subject: info on new solaris machine at AA
- Date: Tue, 25 Feb 2003 09:15:53 -0500
I told Danno to just copy the keys from other machines......
lots of info on how he configured the machine; next note has some info about the iPlanet DS install.....
Date: Mon, 24 Feb 2003 18:48:46 -0500
From: Dan Pritts
<>
To:
Cc: Ij Kim
<>
Subject: Re: status ... shib/ solaris machine?
X-Virus-Scanned: by AMaViS 0.3.12pre8
X-Brown-MailScanner: Found to be clean
hi steve,
>(dan) Who all will need access? Since solaris 8 does not support the md5
>password crypt format i will have to distribute passwords somehow,
>or just install ssh keys.
the others will supply keys....... I'll probably need a password
should i just copy keys from, eg, marsalis or shib1 or shibprod0??
we'll probably need both sun's jdk 1.3.x and 1.4, with 1.4 being the
default (we're trying to move to 1.4 (pressure from campuses), but
we're currently measuring pushback from vendors who seem to still be
on 1.3)
# ls -ld /usr/java*
lrwxrwxrwx 1 root other 13 Feb 3 14:00 /usr/java -> j2sdk1.4.1_01
drwxrwxr-x 6 root bin 512 Jan 31 18:22 /usr/java1.1
drwxr-xr-x 7 root bin 512 Jan 31 18:22 /usr/java1.2
lrwxrwxrwx 1 root other 13 Feb 24 16:52 /usr/java1.3 -> j2sdk1_3_1_07
lrwxrwxrwx 1 root other 13 Feb 3 14:00 /usr/java1.4 -> j2sdk1.4.1_01
can you create a directory for tomcat, and we'll install it (we may
change the version frequently)
you should be in sudoers, see below for suggested installation locations
can you install openssl 0.97 (which is relatively new...)
done, with caveats....
FYI, here is the convention I have used for software installation on this
host.
1) packages from sunfreeware.com are by default installed directly to
/usr/local/bin|man|lib|etc. They are standard solaris packages,
pkgadd'd. You can see what is installed via:
# pkginfo -L | grep SMC
SMCcvs
SMCgcc
SMClibgcc
SMClynx
SMCncftp
SMCossh
SMCossl
SMCrcs
SMCrsync
SMCsudo
SMCtcpw6
SMCtop
SMCtracer
SMCwget
# pkginfo -l SMCossl
PKGINST: SMCossl
NAME: ossl
CATEGORY: application
ARCH: sparc
VERSION: 0.9.6g
BASEDIR: /usr/local/ssl
VENDOR: The OpenSSL Group
PSTAMP: Steve Christensen
INSTDATE: Feb 24 2003 18:39
EMAIL:
STATUS: completely installed
FILES: 664 installed pathnames
30 directories
42 executables
20096 blocks used (approx)
2) locally compiled packages live in /usr/local/pkg.
eg:
# ls -ld /usr/local/pkg/openssl-0.9.7a/
drwxrwxrwx 9 root other 512 Feb 24 14:49 /usr/local/pkg/openssl-0.9.7a/
# ls !$
ls /usr/local/pkg/openssl-0.9.7a/
bin include man openssl.cnf
certs lib misc private
additionally, the local packages are symlinked into
/usr/local/bin|lib|man|etc
So the aforementioned caveat is that openssl version 0.9.6 is installed
from sunfreeware.com and 0.9.7 is installed by hand in /usr/local/pkg.
Much of the sunfreeware.com stuff is linked with their 0.9.6 openssl
distribution so it would be somewhat painful to get rid of the 0.9.6.
If you look in /usr/local/ssl/lib, you will see the Sunfreeware.com
0.9.6 distribution's shared libs.
If you look in /usr/local/lib, or /usr/local/pkg/openssl-0.9.7a, you'll
see the ones i built.
Please be aware of this when you are doing your tests and let me know
if it is a problem, and i can get rid of the 0.9.6 one and recompile
the other necessary stuff (eg, ssh) to match.
re ldap, can we use the iPLanet server? we need this running
somewhere... I'm checking at brown, to see if they'll send you their
IJ Kim is working on installing iplanet and should be done soon.
danno
--
dan pritts
systems administrator 734/352-4953 office
internet2 734/546-4423 mobile
------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at
http://archives.internet2.edu/
------------------------------------------------------mace-shib-design--
- info on new solaris machine at AA, Steven_Carmody, 02/25/2003
- Re: info on new solaris machine at AA, Dan Pritts, 02/28/2003
Archive powered by MHonArc 2.6.16.