Preconfiguring With the sysidcfg File

You can specify a set of keywords in the sysidcfg file to preconfigure a system. The keywords are described in sysidcfg File Keywords.

Note - The name_service keyword in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services previously set up for site.xml. Therefore, you might need to reset your name service after installation.

You must create a unique sysidcfg file for every system that requires different configuration information. You can use the same sysidcfg file to preconfigure the time zone on a set of systems if you want all the systems to be assigned the same time zone. However, if you want to preconfigure a different root (superuser) password for each of those systems, you need to create a unique sysidcfg file for each system.

You can place the sysidcfg file in one of the following.

Table 2-2 sysidcfg Locations

You can use the naming service or DHCP to preconfigure your system. For information, see Chapter 3, Preconfiguring With a Naming Service or DHCP.

To Create a sysidcfg Configuration File

1. Create a file called sysidcfg in a text editor with the keywords you want.
2. Make the sysidcfg file available to clients by using one of the locations described at Table 2-2.

The following is an example of a sysidcfg file for a SPARC based system. The host name, IP address, and netmask of this system have been preconfigured by editing the naming service. Because all of the system configuration information is preconfigured in this file, you can use a custom JumpStart profile to perform a custom JumpStart installation. In this example, the NFSv4 domain name is automatically derived from the naming service. Because the service_profile keyword is not included in this example, configuration is not altered for the network services during installation.

keyboard=US-English
system_locale=en_US
timezone=US/Central
terminal=sun-cmd
timeserver=localhost
name_service=NIS {domain_name=marquee.central.example.com
                  name_server=nmsvr2(172.31.112.3)}
nfs4_domain=dynamicroot_password=m4QPOWNY
network_interface=hme0 {hostname=host1 
                       default_route=172.31.88.1 
                       ip_address=172.31.88.210 
                       netmask=255.255.0.0 
                       protocol_ipv6=no}
security_policy=kerberos {default_realm=example.com 
                          admin_server=krbadmin.example.com 
                          kdc=kdc1.example.com, 
                          kdc2.example.com}

The following sample sysidcfg file is for a group of x86 based systems. In this example, the NFSv4 domain name is specified to be example.com. This custom name overrides the default domain name. Also in this example, the network services are disabled or restricted to local connections only.

keyboard=US-English
timezone=US/Central
timeserver=timehost1
terminal=ibm-pc
service_profile=limited_net

name_service=NIS {domain_name=marquee.central.example.com
                  name_server=nmsvr2(172.25.112.3)}
nfs4_domain=example.comroot_password=URFUni9

In the following sample sysidcfg file, configuration information is specified for both the eri0 and eri1 network interfaces. The eri0 interface is configured as the primary network interface, and eri1 is configured as a secondary network interface. In this example, the NFSv4 domain name is automatically derived from the naming service.

timezone=US/Pacific
system_locale=C
terminal=xterms
timeserver=localhost
network_interface=eri0 {primary
                        hostname=host1
                        ip_address=192.168.2.7
                        netmask=255.255.255.0
                        protocol_ipv6=no
                        default_route=192.168.2.1}

network_interface=eri1 {hostname=host1-b
                        ip_address=192.168.3.8
                        netmask=255.255.255.0
                        protocol_ipv6=no
                        default_route=NONE}
root_password=JE2C35JGZi4B2
security_policy=none
name_service=NIS {domain_name=domain.example.com
                  name_server=nis-server(192.168.2.200)}
nfs4_domain=dynamic

More Information

If you plan to use the sysidcfg file in an installation over the network, you need to set up an installation server and add the system as an installation client. For more information, see Chapter 4, Installing From the Network (Overview).

If you plan to use the sysidcfg file in a WAN boot installation, you need to perform additional tasks. For more information, see Chapter 9, WAN Boot (Overview).

If you plan to use the sysidcfg file in a custom JumpStart installation, you need to create a profile and a rules.ok file. For more information, see Chapter 2, Custom JumpStart (Overview), in Solaris Express Installation Guide: Custom JumpStart and Advanced Installations.

See Also

For more information about the sysidcfg file, see the man page sysidcfg(4).

Syntax Rules for the sysidcfg File

You can use two types of keywords in the sysidcfg file: independent and dependent. Dependent keywords are guaranteed to be unique only within independent keywords. A dependent keyword exists only when it is identified with its associated independent keyword.

In this example, name_service is the independent keyword, while domain_name and name_server are the dependent keywords:

name_service=NIS {domain_name=marquee.central.example.com
name_server=connor(192.168.112.3)}

pointer=MS-S
display=ati {size=15-inch}

TIMEZONE=US/Central
terminal=sun-cmd

name_service=NIS 
       {domain_name=marquee.central.example.com
        name_server=connor(192.168.112.3)}

network_interface='none'

name_service=NIS
name_service=DNS

sysidcfg File Keywords

Table 2-3 lists the keywords you can use to configure system information in the sysidcfg file.

Table 2-3 Keywords to Use in sysidcfg

The following sections describe the keywords that you can use in the sysidcfg file.

keyboard Keyword

The sysidkdb tool configures your USB language and its corresponding keyboard layout.

SPARC: This change is effective starting with the Solaris Express 10/06 release.

x86: This change is effective starting with the Solaris Express 2/07 release.

The following procedure occurs:

• If the keyboard is self-identifying, the keyboard language and layout automatically configures during installation.

• If the keyboard is not self-identifying, the sysidkdb tool provides you with a list of supported keyboard layouts during installation, so that you can select a layout for keyboard configuration.

  ---

  Note - PS/2 keyboards are not self-identifying. You will be asked to select the keyboard layout during the installation.

  ---

You can configure the keyboard language and its corresponding keyboard layout information by using the keyboard keyword. Each language has its own keyboard layout. Use the following syntax to select a language and its corresponding layout.

keyboard=keyboard_layout

For example, this entry sets the keyboard language and its corresponding keyboard layout for the German language:

keyboard=German

The value provided for keyboard_layout must be a valid value. Otherwise, an interactive response is required during installation. The valid keyboard_layout strings are defined in the /usr/share/lib/keytables/type_6/kbd_layouts file.

SPARC only - Previously, the USB keyboard assumed a self-identifying value of 1 during the installation. Therefore, all of the keyboards that were not self-identifying always configured for a U.S. English keyboard layout during installation.

If the keyboard is not self-identifying and you want to prevent being prompted during your JumpStart installation, select the keyboard language in your sysidcfg file. For JumpStart installations, the default is for the U.S. English language. To select another language and its corresponding keyboard layout, set the keyboard entry in your sysidcfg file as in the example provided above.

For further information, see the sysidcfg(4) and sysidtool(1M) man pages.

name_service Keyword

You can use the name_service keyword to configure the naming service, the domain name, and the name server for the system. The following sample shows the general syntax for the name_service keyword.

name_service=name-service {domain_name=domain-name 
                                 name_server=name-server
                                 optional-keyword=value}

Choose only one value for name_service. Include all or none of the domain_name, name_server, or optional keywords, as needed. If no keywords are used, omit the curly braces {}.

Note - The name_service option in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services that were previously set up for site.xml. Therefore, you might need to reset your name service after installation.

The following sections describe the keyword syntax to configure the system to use a specific naming service.

NIS Syntax for name_service Keyword

Use the following syntax to configure the system to use the NIS naming service.

name_service=NIS {domain_name=domain-name 
                   name_server=hostname(ip-address)}

domain-name

Specifies the domain name

hostname

Specifies the host name of the name server

ip-address

Specifies the IP address of the name server

The following example specifies a NIS server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.

name_service=NIS {domain_name=west.example.com 
                  name_server=timber(192.168.2.1)}

For more information about the NIS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

NIS+ Syntax for name_service Keyword

Use the following syntax to configure the system to use the NIS name service.

name_service=NIS+ {domain_name=domain-name 
                   name_server=hostname(ip-address)}

domain-name

Specifies the domain name

hostname

Specifies the host name of the name server

ip-address

Specifies the IP address of the name server

The following example specifies a NIS+ server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.

name_service=NIS+ {domain_name=west.example.com 
                   name_server=timber(192.168.2.1)}

For more information about the NIS+ name service, see System Administration Guide: Naming and Directory Services (NIS+).

DNS Syntax for name_service Keyword

Use the following syntax to configure the system to use DNS.

name_service=DNS {domain_name=domain-name 
                  name_server=ip-address,ip-address,ip-address
                  search=domain-name,domain-name,domain-name,
                  domain-name,domain-name,domain-name} 

domain_name=domain-name

Specifies the domain name.

name_server=ip-address

Specifies the IP address of the DNS server. You can specify up to three IP addresses as values for the name_server keyword.

search=domain-name

(Optional) Specifies additional domains to search for naming service information. You can specify up to six domain names to search. The total length of each search entry cannot exceed 250 characters.

The following example specifies a DNS server with the domain name west.example.com. The server IP addresses are 10.0.1.10 and 10.0.1.20. example.com and east.example.com are listed as additional domains to search for naming service information.

name_service=DNS {domain_name=west.example.com 
                  name_server=10.0.1.10,10.0.1.20 
                  search=example.com,east.example.com}

For more information about the DNS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

LDAP Syntax for name_service Keyword

Use the following syntax to configure the system to use LDAP.

name_service=LDAP {domain_name=domain_name
                   profile=profile_name profile_server=ip_address 
                   proxy_dn="proxy_bind_dn" proxy_password=password}

domain_name

Specifies the domain name of the LDAP server.

profile_name

Specifies the name of the LDAP profile you want to use to configure the system.

ip_address

Specifies the IP address of the LDAP profile server.

proxy_bind_dn

(Optional) Specifies the proxy bind distinguished name. You must enclose the proxy_bind_dn value in double quotes.

password

(Optional) Specifies the client proxy password.

The following example specifies an LDAP server with the following configuration information.

• The domain name is west.example.com.

• The installation program uses the LDAP profile that is named default to configure the system.

• The IP address of the LDAP server is 172.31.2.1.

• The proxy bind distinguished name includes the following information.

  • The common name for the entry is proxyagent.

  • The organizational unit is profile.

  • The proxy domain includes the west, example, and com domain components.

• The proxy password is password.

name_service=LDAP {domain_name=west.example.com 
                   profile=default 
                   profile_server=172.31.2.1 
                   proxy_dn="cn=proxyagent,ou=profile,
                   dc=west,dc=example,dc=com" 
                   proxy_password=password}

For more information about how to use LDAP, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

network_interface Keyword

Use the network_interface keyword to perform the following tasks.

• Specify a host name

• Specify an IP address

• Specify the default router address

• Specify a netmask value

• Use DHCP to configure the network interface

• Enable IPv6 on the network interface

The following sections describe how to use the network_interface keyword to configure the system interfaces.

Syntax for Nonnetworked Systems

To turn off networking for the system, set the network_interface value to none. For example:

network_interface=none

Syntax for Configuring a Single Interface

You can use the network_interface keyword to configure a single interface in the following ways.

• With DHCP – You can use a DHCP server on your network to configure the network interface. For more information on how to use a DHCP server during your installation, see Preconfiguring System Configuration Information With the DHCP Service (Tasks).

  To use the DHCP server to configure a single interface on the system, use the following syntax for the network_interface keyword.

  network_interface=PRIMARY or value 
                    {dhcp protocol_ipv6=yes-or-no}

  PRIMARY

  Instructs the installation program to configure the first up, non-loopback interface that is found on the system. The order is the same as the order that is displayed with the ifconfig command. If no interfaces are up, then the first non-loopback interface is used. If no non-loopback interfaces are found, then the system is nonnetworked.

  value

  Instructs the installation program to configure a specific interface, such as hme0 or eri1.

  protocol_ipv6=yes-or-no

  Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

  For WAN boot installations, you must set the value of protocol_ipv6=no.

• Without DHCP – If you do not want to use DHCP to configure the network interface, you can specify the configuration information in the sysidcfg file. To instruct the installation program to configure a single interface on the system without using DHCP, use the following syntax.

  network_interface=PRIMARY or value 
                    {hostname=host_name 
                     default_route=ip_address
                     ip_address=ip_address 
                     netmask=netmask 
                     protocol_ipv6=yes_or_no}

  PRIMARY

  Instructs the installation program to configure the first up, non-loopback interface that is found on the system. The order is the same as the order that is displayed with the ifconfig command. If no interfaces are up, then the first non-loopback interface is used. If no non-loopback interfaces are found, then the system is not networked.

  ---

  Note - Do not use the PRIMARY keyword value if you want to configure multiple interfaces.

  ---

  value

  Instructs the installation program to configure a specific interface, such as hme0 or eri1.

  hostname=host_name

  (Optional) Specifies the host name of the system.

  default_route=ip_address or NONE

  (Optional) Specifies the IP address of the default router. If you want the installation program to detect the router by using the ICMP router discovery protocol, omit this keyword.

  ---

  Note - If the installation program cannot detect the router, you are prompted for the router information during the installation.

  ---

  ip_address=ip_address

  (Optional) Specifies the IP address of the system.

  netmask=netmask

  (Optional) Specifies the netmask value for the system.

  protocol_ipv6=yes_or_no

  (Optional) Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

  ---

  Note - To perform an unattended custom JumpStart installation, you must specify a value for the protocol_ipv6 keyword.

  For WAN boot installations, you must set the value of protocol_ipv6=no.

  ---

  Include any combination or none of the hostname, ip_address, and netmask keywords, as needed. If you do not use any of these keywords, omit the curly braces ({}).

The following example instructs the installation program to use DHCP to configure the eri0 network interface. IPv6 support is not enabled.

network_interface=eri0 {dhcp protocol_ipv6=no}

The following example configures the interface eri0 with the following settings.

• The host name is set to host1.

• The IP address is set to 172.31.88.100.

• The netmask is set to 255.255.255.0.

• IPv6 support is not enabled on the interface.

network_interface=eri0 {hostname=host1 ip_address=172.31.88.100
                        netmask=255.255.255.0 protocol_ipv6=no}

Syntax for Configuring Multiple Interfaces

You can configure multiple network interfaces in your sysidcfg file. For each interface that you want to configure, include a network_interface entry in the sysidcfg file.

You can use the network_interface keyword to configure multiple interfaces in the following ways.

• With DHCP – You can use a DHCP server on your network to configure a network interface. For more information on how to use a DHCP server during your installation, see Preconfiguring System Configuration Information With the DHCP Service (Tasks).

  To use the DHCP server to configure a network interface on the system, use the following syntax for the network_interface keyword.

  network_interface=value {primary 
                            dhcp protocol_ipv6=yes-or-no}

  value

  Instructs the installation program to configure a specific interface, such as hme0 or eri1.

  primary

  (Optional) Specifies value as the primary interface.

  protocol_ipv6=yes-or-no

  Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

  ---

  Note - For WAN boot installations, you must set the value of protocol_ipv6=no.

  ---

• Without DHCP – If you do not want to use DHCP to configure the network interface, you can specify the configuration information in the sysidcfg file. To instruct the installation program to configure multiple interfaces without using DHCP, use the following syntax.

  network_interface=value {primary hostname=host_name 
                            default_route=ip_address or NONE
                            ip_address=ip_address 
                            netmask=netmask 
                            protocol_ipv6=yes_or_no}

  value

  Instructs the installation program to configure a specific interface, such as hme0 or eri1.

  primary

  (Optional) Specifies value as the primary interface.

  hostname=host_name

  (Optional) Specifies the host name of the system.

  default_route=ip_address or NONE

  (Optional) Specifies the IP address of the default router. If you want the installation program to detect the router by using the ICMP router discovery protocol, omit this keyword.

  If you configure multiple interfaces in the sysidcfg file, set default_route=NONE for each secondary interface that does not use a static default route.

  ---

  Note - If the installation program cannot detect the router, you are prompted for the router information during the installation.

  ---

  ip_address=ip_address

  (Optional) Specifies the IP address of the system.

  netmask=netmask

  (Optional) Specifies the netmask value for the system.

  protocol_ipv6=yes_or_no

  (Optional) Instructs the installation program to configure the system to either use IPv6 or to not use IPv6.

  ---

  Note - To perform an unattended custom JumpStart installation, you must specify a value for the protocol_ipv6 keyword.

  For WAN boot installations, you must set the value of protocol_ipv6=no.

  ---

  Include any combination or none of the hostname, ip_address, and netmask keywords, as needed. If you do not use any of these keywords, omit the curly braces ({}).

In the same sysidcfg file, you can use DHCP to configure certain interfaces, while also specifying the configuration information for other interfaces in the sysidcfg file.

In the following example, the network interfaces eri0 and eri1 are configured in the following way.

• eri0 is configured by using the DHCP server. IPv6 support is not enabled on eri0.

• eri1 is the primary network interface. The host name is set to host1, and the IP address is set to 172.31.88.100. The netmask is set to 255.255.255.0. IPv6 support is not enabled on eri1.

network_interface=eri0 {dhcp protocol_ipv6=no}
network_interface=eri1 {primary hostname=host1 
                        ip_address=172.146.88.100
                        netmask=255.255.255.0 
                        protocol_ipv6=no}

nfs4_domain Keyword

To prevent being asked to specify an NFSv4 domain name during installation, use the nfs4_domain keyword in the sysidcfg file. This keyword suppresses selection of a domain name during the installation process. Use the following syntax:

nfs4_domain=dynamic or custom_domain_name

dynamic

This reserved keyword dynamically derives the NFSv4 domain name based on naming services configuration. For example:

nfs4_domain=dynamic

This example enables the domain name to be derived by the naming service.

The reserved keyword, dynamic, is not case sensitive.

---

Note - By default, NFSv4 uses a domain name that is automatically derived from the system's naming services. This domain name is sufficient for most configurations. In a few cases, mount points that cross domain boundaries can cause files to appear to be owned by “nobody” because no common domain name exists. To prevent this situation, you can override the default domain name and select a custom domain name.

---

custom_domain_name

This value overrides the default domain name.

This value must be a valid custom domain name. A valid domain name is composed of a combination of alphanumeric characters, dots, underscores, and dashes only. The first character must be an alpha character. For example:

nfs4_domain=example.com

This example sets the value that is used by the nfsmapid daemon to be example.com. This selection overrides the default domain name.

Note - In prior releases, the /etc/.NFS4inst_state.domain file was created by the sysidnfs4 program. This file would suppress the prompt for an NFSv4 domain name during installation. This file is no longer created. Use the sysidcfg keyword, nfs4_domain, instead.

root_password Keyword

You can specify the root password to the system in the sysidcfg file. To specify the root password, use the root_password keyword with the following syntax.

root_password=encrypted-password

encrypted-password is the encrypted password as it appears in the /etc/shadow file.

security_policy Keyword

You can use the security_policy keyword in your sysidcfg file to configure your system to use the Kerberos network authentication protocol. If you want to configure the system to use Kerberos, use the following syntax.

security_policy=kerberos {default_realm=FQDN 
                          admin_server=FQDN kdc=FQDN1, FQDN2, FQDN3}

FQDN specifies the fully qualified domain name of the Kerberos default realm, the administration server, or key distribution center (KDC). You must specify at least one, but no more than three, key distribution centers.

If you do not want to set the security policy for the system, set security_policy=NONE.

For more information about the Kerberos network authentication protocol, see System Administration Guide: Security Services.

The following example configures the system to use Kerberos with the following information.

• The Kerberos default realm is example.com.

• The Kerberos administration server is krbadmin.example.com.

• The two key distribution centers are kdc1.example.com and kdc2.example.com.

security_policy=kerberos 
                {default_realm=example.COM 
                 admin_server=krbadmin.example.com 
                 kdc=kdc1.example.com, 
                 kdc2.example.com}

service_profile Keyword

You can use the service_profile keyword to install a more secure system by restricting network services. This security option is only available for initial installations. An upgrade maintains all previously set services.

Use one of the following syntaxes to set this keyword.

service_profile=limited_net

service_profile=open

limited_net specifies that all network services, except for Secure Shell, are either disabled or constrained to respond to local requests only. After installation, any individual network service can be enabled by using the svcadm and svccfg commands.

open specifies that no network service changes are made during installation.

If the service_profile keyword is not present in the sysidcfg file, no changes are made to the status of the network services during installation.

The network services can be enabled after installation by using the netservices open command or by enabling individual services by using SMF commands. See Revising Security Settings After Installation in Solaris Express Installation Guide: Planning for Installation and Upgrade.

For further information about limiting network security during installation, see Planning Network Security in Solaris Express Installation Guide: Planning for Installation and Upgrade. See also the following man pages.

• netservices(1M)

• svcadm(1M)

• svccfg(1M) commands

system_locale Keyword

You can use the system_locale keyword to specify the language in which to display the install program and desktop. Use the following syntax to specify a locale.

system_locale=locale

locale specifies the language that you want the system to use to display the installation panels and screens. For a list of valid locale values, see the /usr/lib/locale directory or International Language Environments Guide.

terminal Keyword

You can use the terminal keyword to specify the terminal type for the system. Use the following syntax to specify the terminal type.

terminal=terminal_type

terminal_type specifies the terminal type for the system. For a list of valid terminal values, see the subdirectories in the /usr/share/lib/terminfo directory.

timezone Keyword

You can set the time zone for the system with the timezone keyword. Use the following syntax.

timezone=timezone

In the previous example, timezone specifies the time zone value for the system. The directories and files in the /usr/share/lib/zoneinfo directory provide the valid time zone values. The timezone value is the name of the path relative to the /usr/share/lib/zoneinfo directory. You can also specify any valid Olson time zone.

In the following example, the system time zone is set to mountain standard time in the United States.

timezone=US/Mountain

The installation program configures the system to use the time zone information in /usr/share/lib/zoneinfo/US/Mountain.

timeserver Keyword

You can use the timeserver keyword to specify the system that sets the date and time on the system you want to install.

Choose one of the following methods to set the timeserver keyword.

• To configure the system to serve as its own time server, set timeserver=localhost. If you specify localhost as the time server, the system's time is assumed to be correct.

• To specify another system as the time server, specify either the host name or the IP address of the time server with the timeserver keyword. Use the following syntax.

  timeserver=hostname or ip-address

  hostname is the host name of the time server system. ip-address specifies the IP address of the time server.