23 February 2024

New Features in Solaris 11.4 SRU66 (Feb 2024)

Another quarterly Solaris SRU including new features

dns/client: usevc/use-vc options
ptree -z zone -g
fractional seconds in log messages (messages, syslog)

FOSS: Apache Tomcat 9
EOF: PHP 8.0, GCC 10
Removed: ipf2pf, MySQL 5.7

 

Find details on the Oracle Solaris SRU66 blog 

https://blogs.oracle.com/solaris/post/whats-new-in-oracle-solaris-114-sru-66

30 January 2024

Oracle offers Extended Support for Solaris 11.4 now till at least 2037

In 2023 Oracle has changed the Extended Support for Solaris 10 and Solaris 11.3
from January 2025 to January 2027.

Now Oracle adds another 3 years to Solaris 11.4 to November 2037.
This is a long term commitment I'm not aware of any other OS vendor.
New features are delivered every quarter using SRUs.

You can find all the Support dates in

http://www.oracle.com/us/support/library/lifetime-support-hardware-301321.pdf


28 December 2023

zfs help properties

Solaris zfs has many properties. to see the possible values you can use zfs help -l properties.

-bash-5.2$ zfs help -l properties | wc -l
167


The "DELEG" column was added in Solaris 11.4 SRU63 (November 2023)

-bash-5.2$ zfs help -l properties
PROPERTY                            EDIT  INHERIT  DELEG  VALUES
aclinherit                           YES      YES    YES  discard | noallow | restricted | passthrough | passthrough-x | passthrough-mode-preserve
aclmode                              YES      YES    YES  discard | mask | passthrough
atime                                YES      YES    YES  on | off
available                             NO       NO     NO  <size>
canmount                             YES       NO    YES  on | off | noauto
casesensitivity                       NO      YES    YES  sensitive | insensitive | mixed
checksum                             YES      YES    YES  on | off | fletcher2 | fletcher4 | sha256
compression                          YES      YES    YES  on | off | lzjb | gzip | gzip-[1-9] | zle | lz4
[...]


18 November 2023

New Features in Solaris 11.4 SRU63 (Nov 2023)

Another quarterly Solaris SRU including new features

LDAP setup for Active Directory domain
ldap commands: -h / -p have been deprecated
Strict Mode for Live Memory Reconfig for Kernel Zones
ZFS File Retention Autodelete and Hold
prstat -s usr/sys (sort key)
sysadm maintain noreboot


FOSS: GCC 13
EOF: GCC 10
Removed: SMF svc:/system/auto-update:ehc


16 October 2023

SPARC Firmware Live Update

The newest SPARC Firmware 9.10.6 can be updated live, without
downtime of the server, if you are already on 9.10.3 or newer.
This applies to SPARC M8,M7,T8,T7 and S7 servers.

Live Update of the ILOM is done since serveral years,
but now even the Hypervisor is updated live ...

Befor the update

-bash-5.1$ ldm -V

Logical Domains Manager (v 3.6.2.0.54)
        Hypervisor control protocol v 1.16
        Using Hypervisor MD v 1.4

System PROM:
        Hostconfig      v. 1.11.9       @(#)Hostconfig 1.11.9 2022/10/20 00:54
        Hypervisor      ROM v. 1.20.6.b @(#)Hypervisor 1.20.6.b 2022/10/20 00:40
        OpenBoot        v. 4.43.9       @(#)OpenBoot 4.43.9 2022/10/20 00:32


# fwupdate update all -x /var/firmware/system/S7-2/sysfw9-10/p35402495_9106/Firmware/Sun_System_Firmware/metadata.xml

The following actions will be taken:
==========================================================
ID        Priority Action      Status      Old Firmware Ver.   Proposed Ver.       New Firmware Ver.   System Reboot
-------------------------------------------------------------------------------------------------------------------------
sp        1        Check FW    Success     9.10.5              9.10.6              N/A                 N/A
During SP FIRMWARE update SP may not be available for 400 seconds
Do you wish to process the above actions? [y/n]? y
Update sp: Updating sp: Success
Waiting for service processor to reset and recover
Sleeping for 60 seconds.
Checking whether the service processor has finished booting.
Service processor has not finished booting yet.
Sleeping for 60 seconds.
Checking whether the service processor has finished booting.
Service processor has not finished booting yet.
Sleeping for 60 seconds.
Checking whether the service processor has finished booting.
Service processor has not finished booting yet.
Sleeping for 60 seconds.
Checking whether the service processor has finished booting.
Service processor finished booting.

Verifying all priority 1 updates

Execution Summary
==========================================================
ID        Priority Action      Status      Old Firmware Ver.   Proposed Ver.       New Firmware Ver.   System Reboot
-------------------------------------------------------------------------------------------------------------------------
sp        1        Validate    Success     9.10.5              9.10.6              9.10.6              N/A


after the update


-bash-5.1$ ldm -V

Logical Domains Manager (v 3.6.2.0.54)
        Hypervisor control protocol v 1.16
        Using Hypervisor MD v 1.4

System PROM:
        Hostconfig      v. 1.11.9       @(#)Hostconfig 1.11.9 2022/10/20 00:54
        Hypervisor      ROM v. 1.20.6.b @(#)Hypervisor 1.20.6.c 2023/03/09 00:20
        OpenBoot        v. 4.43.9       @(#)OpenBoot 4.43.9 2022/10/20 00:32



-> show /HOST hostfw_status

 /HOST
    Properties:
        hostfw_status = Host firmware update pending; HV live-patch applied




29 September 2023

25 September 2023

Impact of new openssh 9.3p1 on Solaris 11.4.60

When connecting to an old server you may see

-bash-5.2$ ssh g0083
Unable to negotiate with 192.168.100.83 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss

or if you try to connect from an old system to Solaris 11.4.60 or newer

-bash-4.4$ ssh g0049
no hostkey alg

This is because the new openssh version on Solaris 11.4.60 has sha-1 hash disabled by default.
It is recommended to update your old systems to newer versions.

On Solaris 11.3 you need to:
pkg install openssh
pkg set-mediator -I openssh ssh



If this is not possible as a workaround you can enable sha-1 on the new Solaris server
for the target systems in /etc/ssh/ssh_config and/or sshd_config

Host g0083
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa