Home > Articles > Operating Systems, Server > Solaris

  • Print
  • + Share This
Like this article? We recommend

Using Scripts to Qualify a Solaris Configuration

The general strategy for producing a minimized configuration for an application requires examining all files that make up the application installation. The idea is to identify dependencies these files have in Solaris OE such that only the required parts of Solaris OE are kept. The reason for this is that applications do not uniformly specify the packages in Solaris OE that they have dependencies on, so these have to be determined manually. Even Solaris OE packages suffer from this deficiency.

This operation uses packages because they are the units by which an installed Solaris system is defined and controlled. Removing individual files from a Solaris OE package is not a supported method of minimization.

To reduce the burden of finding the needed Solaris OE packages, several Perl and Korn shell scripts were developed. This section describes these scripts. (See the "Related Resources" on page 39 for the Web address from which to obtain these scripts.)

These scripts use techniques for finding packages by identifying the dynamic dependencies an executable or dynamic library has. A dynamic library can have dependencies on other dynamic libraries. The scripts make use of these properties to provide a systematic way of identifying the packages that executables and dynamic libraries have dependencies on, and which packages these dynamic libraries are in.

This section contains the following topics:

  • "Find Dependent Files Using truss Command" on page 17

  • "Find Dynamic Library Dependencies Using ldd Command" on page 18

  • "Find Package Dependencies" on page 18

  • "Find Multiple Packages and Files" on page 19

Find Dependent Files Using truss Command

Run all executables in an application with truss to find all dynamic libraries, configuration files, and data files opened successfully. When an executable command from the application is run, various libraries are opened by the runtime linker at startup. Additionally, configuration and data files are opened as the process is in execution. An executable is made up of dynamic libraries that are members of Solaris OE packages. Configuration and data files are members of Solaris OE packages. These relationships are captured by using the truss command to track system calls.

The scan.pl script takes the output of running truss on an executable and analyzes the output to find which dynamic libraries, configuration files, and data files were successfully opened at runtime.

These files are then cross-referenced with the Solaris OE package management system to find which packages these files belong to.

The following is an example of running the truss command on an executable to produce output, and scan.pl processing the output to find required Solaris OE packages.

# truss -f -o /tmp/truss.out -topen,open64,stat,exec /bin/ls \
/tmp/truss.out
# scan.pl -p < /tmp/truss.out
Needed packages:
    SUNWcsl
    SUNWcsu
    SUNWkvm

NOTE

The truss command is used here instead of pldd because pldd can only provide a snapshot of the process in execution at a given time. Because the process must be running, processes that execute for short durations, such as /bin/ls, would not be guaranteed to return correct results. Additionally, there is an issue when the snapshot is taken pldd would not know that a dlopen and dlclose might have occurred. The truss command overcomes these limitations by logging the calls over the lifetime of the process from startup to termination.

Find Dynamic Library Dependencies Using ldd Command

Run ldd against all executables in the application to find dynamic library dependencies that the runtime linker links in when running the executable. Next, find the packages that the dynamic libraries are in. An application often has its own dynamic libraries. These libraries reference other dynamic libraries in Solaris OE. Normally, dynamic libraries are linked in at runtime when an application executable starts up. This process is not always guaranteed to happen because the application might dlopen the library instead, and only when it's required.

The ldd.ksh script takes one or more executables or libraries and finds which packages contain the dynamic libraries. It does this by cross-referencing the ldd command output with a call to pkgchk to identify the package a dynamic library is in.

The ldd.ksh script also finds libraries that might be missing from an installation by processing ldd output. The truss command has limited ability to achieve this task, and provides incomplete information.

The following is an example of running ldd.ksh on an executable. The -s flag suppresses detailed output.

# ldd.ksh -s /opt/SUNWsrspx/bin/srsproxy
Couldn't find package for
    libaio.so.1 =>  (file not found)
SUNWcsl SUNWlibC SUNWlibms

Find Package Dependencies

An executable (or dynamic library) typically requires multiple dynamic libraries to be able to execute. The chances of all the dynamic libraries being contained in the same package as the executable is small, which means there is a relationship (a dependency) between the packages containing the dynamic libraries and the package containing the executable. Solaris OE tracks this dependency relationship using dependency lists in the Solaris OE package management system.

Any package normally has a relationship back to mandatory core Solaris OE packages. The depend-tree.pl script constructs these dependencies from a starting package all the way back to the core Solaris OE packages.

It is always important to maintain dependencies among packages, because these are critical to Solaris OE. Also, it reduces the risk of packaging problems that might occur when patching a system.

Minimization has some requirements that do not fit well when following dependency links. The main ones are from following dependencies for SUNWnamos and SUNWdtdst. Issues arising from these are covered in the next section and in "Removing Unneeded Dependent Packages" on page 24.

The depend-tree.pl script works out the dependency tree that a package has. The depend-tree.pl script pulls details of dependencies all the way to the root packages. Root packages do not depend on anything else. This dependency information is kept in the Solaris OE package management system.

The following is an example of running depend-tree.pl to find package dependencies that it has on other Solaris OE packages.

# depend-tree.pl -HuN SUNWesu
SUNWcar SUNWkvm SUNWcsr SUNWcsu SUNWcsd SUNWcsl SUNWpl5u SUNWpl5v

The command line argument -HuN means suppress the header; display unique packages only (no duplicates); and ignore SUNWnamos package dependencies.

The -N option is supplied because some executables open locales in SUNWnamos, despite LANG_ALL being set to C. This action causes the dependencies for SUNWnamos to be included. This action is undesirable because a lot of these are X fonts packages and are simply not needed. Without the -N option, the output for SUNWnamos would be as follows.

# depend-tree.pl -Hu SUNWnamos
SUNWcar SUNWkvm SUNWcsr SUNWcsu SUNWcsd SUNWi15cs SUNWi15rf SUNWeurf 
SUNWi1cs SUNWxwplt SUNWesu SUNWcsl SUNWpl5u SUNWpl5v SUNWxwdv SUNWxwfnt 
SUNWxwice SUNWdtcor SUNWlibms SUNWcpp SUNWzlib

Find Multiple Packages and Files

The scripts described in previous sections all operate on a single executable, a dynamic library, or a package. To maximize the ability to operate at a more granular level, two wrapper functions, meta.ksh and pkg.ksh, are used to operate on multiple packages and files. This operation allows a list of packages or directories to be given to pkg.ksh.

meta.ksh

This script is a wrapper around scan.pl, ldd.ksh, and depend-tree.pl. It takes an executable or a shared library as an argument and executes the first two scripts to get the Solaris OE packages required. These are then passed into depend-tree.pl to get dependencies, and formatted for output.

The -q option tells the script to suppress detailed output. An example of running meta.ksh is as follows.

# meta.ksh -q /usr/openwin/bin/xterm
Package:    SUNWxwopt
truss: SUNWcsd SUNWcsl SUNWcsr SUNWcsu SUNWkvm SUNWlccom SUNWlibms SUNWxwice 
SUNWxwopt SUNWxwplt
ldd: SUNWcsl SUNWlibms SUNWxwice SUNWxwplt
depend: SUNWcar SUNWkvm SUNWcsr SUNWcsu SUNWcsd SUNWxwplt SUNWesu SUNWcsl 
SUNWpl5u SUNWpl5v SUNWxwdv SUNWxwfnt SUNWxwice SUNWdtcor SUNWlibms 
SUNWcpp SUNWzlib SUNWzlib

The meta.ksh script will kill -9 the executable within a few seconds after it has the information it requires, if the executable does not gracefully exit.

pkg.ksh

This script is the top-level script that operates on packages. If the -d option is specified, it operates on directories.

It takes a package or a directory and iterates over its contents to find all executables and shared libraries. When it finds one, it calls meta.ksh and processes the output. It produces a list of package dependencies as output.

Specifying the -t option takes a profile template, merges in application packages needed from Solaris OE, and writes the merged file to stdout. Adding the -o option writes the template to the specified file.

If the -s option is specified, pkg.ksh searches the directories specified by the -d option or the packages specified by the -s option for dynamic libraries and configures the system to point to their location temporarily.

See the Case Study in Part II of this article for examples of pkg.ksh in use.

At this time, the usage template for pkg.ksh is as follows.

# pkg.ksh
Usage: pkg.ksh [-s] [-t <profile template>] [-o <new profile>] [[-d <dir>...<dir>] [-p <pkg>...<pkg>] | [<pkg>...<pkg>]]
-s means search for *.so* dynamic libraries and set LD_LIBRARY_PATH
and LD_LIBRARY_PATH_64 as appropriate.
  • + Share This
  • 🔖 Save To Your Account

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020