Home > Articles > Information Technology

How to Perform System Boot and Shutdown Procedures for Solaris 10

By Bill Calkins
Feb 3, 2006
Sample Chapter is provided courtesy of Que

Article Contents

< Back Page 9 of 17 Next >

Bill Calkins

Learn more…

Controlling Access and Configuring System Messaging in Solaris 10: May 22, 2009
Solaris 10 System Administration Exam Prep: Managing System Processes: Oct 7, 2008
How to Perform System Boot and Shutdown Procedures for Solaris 10: Feb 3, 2006
Solaris 9 System Startup and Shutdown: Oct 31, 2003
Solaris 9 System Monitoring and Tuning: Dec 27, 2002
Tuning File Systems in Solaris 8: Nov 2, 2001
Solaris Name Services: Jul 6, 2001

Sorry, this author hasn't posted any blogs.

This chapter is from the book
Solaris 10 System Administration Exam Prep 2

OpenBoot Security

Anyone who has access to a computer keyboard can access OpenBoot and modify parameters unless you set up the security variables. These variables are listed in Table 3.11.

Table 3.11 OpenBoot Security Variables

Variable	Description
`security-mode`	Restricts the set of operations that users are allowed to perform at the OpenBoot prompt.
`security-password`	Specifies the firmware security password. (It is never displayed.) You should not set this variable directly; you set it by using `password`.
`security-#badlogins`	Specifies the number of incorrect security password attempts.

To set the security password, you type the password at the ok prompt, as shown in the following:

New password (only first 8 chars are used): <enter password>
Retype new password: <enter password>

Earlier in this chapter you learned how to change the OpenBoot parameter security-password from the command line.

After you assign a password, you can set the security variables that best fit your environment.

You use security-mode to restrict the use of OpenBoot commands. When you assign one of the three values shown in Table 3.12, access to commands is protected by a password. The syntax for setting security-mode is as follows:

setenv security-mode <value>

Table 3.12 OpenBoot Security Values

Value	Description
`full`	Specifies that all OpenBoot commands except `go` require a password. This security mode is the most restrictive.
`command`	Specifies that all OpenBoot commands except `boot` and `go` require a password.
`none`	Specifies that no password is required. This is the default.

The following example sets the OpenBoot environment so that all commands except boot and go require a password:

setenv security-mode command

With security-mode set to command, a password is not required if you enter the boot command by itself or if you enter the go command. Any other command requires a password, including the boot command with an argument.

The following are examples of when a password might be required when security-mode is set to command:

Example	Description
`ok boot`	No password is required.
`ok go`	No password is required.
`ok reset-all`	You are prompted to enter a password.

Note that with Password, the password is not echoed as it is typed.

If you enter an incorrect security password, there is a delay of about 10 seconds before the next startup prompt appears. The number of times that an incorrect security password can be typed is stored in the security-#badlogins variable, but you should not change this variable.

< Back Page 9 of 17 Next >

Discussions

Make a New Comment

You must log in in order to post a comment.

Related Resources

OnNetworking (Audio + Video)

Recent Episodes

OnMicrosoft (Video + Audio)

Recent Episodes

See More Podcasts

Win FREE iPhone Developer Books and Videos- Introducing @InformIT Giveaways

By Jennifer Bortel on February 5, 2010 No Comments

Apples’s recent iPad announcement made our hearts flutter so we couldn’t resist making an announcement of our own!

Today marks the first ever @InformIT Giveaway!

We’ll regularly post a video like this one profiling spectacular prizes we’re giving away—from books and videos to T-shirts and other exciting stuff. Check out the video below to see the giveaways for today, and then scroll down for more prize details and instructions on how to win them!

So Far So Good: By John Traenkenschuh on February 2, 2010 No Comments; So far, Win 7 is making a thoroughbred of what has been a plough mule laptop

"Every OSX developer should have this book on their desk.": By Dustin Sullivan on February 1, 2010 No Comments; That was the sentence Mike Riley ended his recent Dr Dobb's CodeTalk review of Cocoa Programming Developer's Handbook with.