Adding New Services in Solaris 10 –OpenSSH

In Solaris 10, Sun introduced the Service
Management Facility. SMF is a framework that handles system boot-up,
process management, and self-healing. It addresses the shortcomings of
startup scripts and creates an infrastructure to manage daemons after
the host has booted.
There are still legacy services that use RC scripts to start and shutdown, but most services in Solaris 10 are now handled by SMF.

Below are my notes on how to add a new service. In this instance I was replacing the current version of OpenSSH running on a Solaris10 box with an updated version. My process is not the best, but it works

First logged in on the console and removed the Current Version of OpenSSH.

pkginfo -l | grep -i ssh
PKGINST:  SMCossh421
NAME:  openssh
VENDOR:  The OpenSSH Group


pkgrm SMCossh421

The following package is currently installed:
   SMCossh421  openssh
               (sparc) 4.2p1


Then I used pkgadd to install the new version of OpenSSH. This package was did not install itself into the SMF, so I had to do it manually.

A little background…

SMF is designed to bring services up in the correct order, according to the
dependencies. These dependencies have to be explicitly declared.  For
each item that we want controlled there are two files which we create,
an XML manifest and a shell script method. The manifest defines the
dependencies and the method provides ways to start, refresh and stop
the service. The files are located :-

manifests 	/var/svc/manifest
methods /lib/svc/method

So here is what I had to do.
First create your shell start stop script and save it in /lib/svc/method. Then chmod it 755. Then create your xml file and save it in /var/svc/manifest/site/myservice.xml. From there you must import the script into the SMF using svccfg utility.

svccfg import /var/svc/manifest/site/myservice.xml

Then check to make sure that you new service was install correctly. You can see below my new service was imported, but not started. And you can also see that my old service still exits (the OpenSSH one)

svcs -a | grep -i ssh
disabled       17:50:12 svc:/network/ssh:default
offline        18:08:33 svc:/network/OpenSSH:default

So I had to remove the old service and start the new one

svccfg delete svc:/network/OpenSSH:default
svcadm enable svc:/network/ssh:default

At this point it failed again, so I used svcs -xv to troubleshoot.

svc:/network/ssh:default (?)
State: maintenance since Tue Apr 29 18:18:23 2008
Reason: Start method failed repeatedly, last exited with status 1.
   See: /var/svc/log/network-ssh:default.log
Impact: This service is not running.

I then checked the logfile listed above and saw that the new version of OpenSSH was configured to look for my host keys in a new location. After a quick copy I was up and running.

svcs -a | grep -i ssh
maintenance    18:18:23 svc:/network/ssh:default

svcadm clear svc:/network/ssh:default

# svcs -a | grep -i ssh
online         18:24:51 svc:/network/ssh:default

Directory containing services logs, /var/svc/log.

Before logging off the console check to make sure that everything is working fine by ssh’ing to localhost.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.