Thursday, October 16, 2008

Solaris 10 - 5/08 Release: ZFS-Rooted Zones Getting Better!

Hey There,

Before anyone starts phoning in, I do realize this is not "brand new" :) It's just brand new to me and the place I work. Now that we're starting to pull in some of those Mx000 Series Boxes, we're finally up to date on Solaris 10! Plus, I'm sure it's patched to the gills ;)

Today's post is going to be almost like a press release, because the folks at Sun have released so much more information than I can process in a day that I felt it was best to let them figuratively speak for themselves ;) As you can tell by the headline today, Solaris 10 is finally starting to move in a few directions I've been hoping it would for a long long time!

Although there are a number of significant improvements in the OS, I think the home run on this release (5/08) is the ability to, at last, create zones that support zfs root filesystems without as many hassles and limitations as their previous releases! (For more whining about the headaches you may have become accustomed to already, and how to get around some of them, check out our older post on dealing with ZFS rooted zones on Solaris 10 ;) Strangely enough it's one of the things they tout the least. Another very interesting thing (for me, anyway ;) is that they've included the freeware 7-Zip utility that has long been a favorite of mine. It's, also, the last thing on the page. I'm starting to get the feeling Sun doesn't take me all that seriously...

Without further ado, check out the latest and greatest list of augmentations to Solaris 10. You can access the Official Sun 5/08 Release Notes Page if want to have easier access to past release notes and other relevant information.

Enjoy! I'm going to play around with this release a bit and see if I haven't been deluding myself ;)


Chapter 1 What's
New in the Solaris 10 5/08 Release

For a summary of features that were introduced in the Solaris 9, Solaris
8, or Solaris 7 releases, see What's New in the Solaris 9 Operating

System Administration Enhancements

The following system administration features and enhancements have been
added to the Solaris 10 5/08 release.

Solaris Trusted Extensions Administrator Procedures

Starting with this release, the SolarisTM Trusted
Extensions packages are installed when the Solaris OS is installed. The ExtraValue directory is no longer present. This directory previously
included the Solaris Trusted Extensions packages. The Solaris Trusted Extensions
functionality is managed by the service management facility (SMF) as the svc:/system/labeld:default service. This service must be enabled.
After the service is in the online state, reboot the system to activate Solaris
Trusted Extensions. Additional configuration is required after the reboot.
For more information, see Solaris
Trusted Extensions Configuration Guide

The Solaris 10 5/08 release also includes the following features:

For more information about Solaris Trusted Extensions, see Solaris Trusted Extensions
Administrator’s Procedures

Flash Update Tool

fwflash(1M) is a new Solaris command for the manipulation
of firmware for PCI-X, and PCI-Express HBA and HCA cards. Currently, the command
enables listing, reading, and writing the firmware for the InfiniBand HCA

For more information about this command, see the fwflash(1M) man page.

PPD File Management Utility

The PostScriptTM Printer Description (PPD) file
management utility, /usr/sbin/ppdmgr, manages PPD files
that are used with the Solaris print subsystem.

By using the ppdmgr utility, you can perform the
following tasks:

  • Add a PPD file to a PPD file repository on a system

  • Supply a label to group PPD files within a PPD file repository

  • Update the cache of the PPD file information that is used
    by the Solaris Print Manager (printmgr) GUI to display
    supported printer information

You can add a new PPD file by using the ppdmgr utility
or by using the lpadmin -n command. When
you add a new PPD file, you automatically update the cache of the PPD file
information that the printmgr GUI uses to display supported
printer information.

Note –

The delivery location of PPD files in the Solaris OS has changed.
During a software upgrade, any print servers with print queues that were defined
by using PPD files from the previous PPD file delivery location are automatically
updated to reflect the new PPD file delivery location.

In addition, a new SMF service, print/ppd-cache-update, has been introduced.
The print/ppd-cache-update service is enabled by default. This service runs
one time during system reboot to update the printer cache information with
changes from all the PPD file repositories on the system. The service might
take longer to transition to an online state during a system reboot after
a software installation or upgrade. Also, if any changes were made to the
PPD file repositories since the last PPD cache update, during system reboot,
the service might take longer to come online. Changes made to the PPD file
repositories on a system are not reflected in the PPD cache used by Solaris
Print Manager until the print/ppd-cache-update service is online.

For more information, see the following:

Internet Printing Protocol Client-Side Support

Client-side support for the Internet Printing Protocol (IPP) enables
Solaris client systems to communicate with IPP-based print services, such
as those on the Linux and Mac OS X operating systems, as well as other platforms.

Small improvements are also featured in the server-side support for
the IPP listening service. These improvements promote better interoperability,
including some minor changes that result in a more standard representation
of printer and job attribute data.

The IPP server and client implementation in the Solaris OS is one of
several OpenSolarisTM printing projects that are currently
under development. OpenSolaris printing provides a set of specifications and
implementations of software that enables you to create standardized, scalable
printing components for the Solaris and Linux software, or any operating system
that contains a set of POSIX interfaces.

For more information, see the System Administration Guide: Solaris Printing.

For more information about OpenSolaris Printing, see

Selectable Use of localhost for
Solaris Print Server Database Hostname

This printing feature enables the Solaris print system to recognize
and use localhost as the local host in the print system
databases. In prior releases, /bin/hostname was used
solely to generate the print hostname. The print system depended on this name
remaining constant. The ability to use localhost as the
name of the current system enables print servers to maintain the same print
hostname, independent of the system's host name.

Note –

The modification applies to the setup of local print queues exclusively.

To support this feature, the following modifications are effective for
the lpadmin command and the Solaris Print Manager graphical
user interface (GUI):

  • The lpadmin command uses the -s option
    when creating a local print queue.

    To use localhost as
    the host name that is specified within the print server, set the print hostname
    to localhost, as shown:

    # lpadmin -p <new-print-queue> -s localhost -v <device>

    For example:

    # lpadmin -p foo -s localhost -v /dev/term/a

    Note –

    The default behavior of the lpadmin command
    has not changed.

  • Solaris Print Manager now includes an added tool attribute
    check box, Use localhost for Printer Server. The localhost attribute is selected by default. To deselect the localhost attribute,
    uncheck the box. Unchecking the box selects the previously chosen behavior
    for this attribute.

For more information, see the following:

Fault Management for T5140/T5240 Platforms

The Solaris predictive self-healing technology is available on Sun SPARC
Enterprise T5140 and T5240 platforms. Predictive self-healing features include
the following:

  • Automated error handling

  • Automated diagnosis

  • Automated recovery for CPU, memory and I/O subsystems

  • Clear and concise error messages

For more information, see and

SunVTS 7.0

SunVTSTM is a comprehensive system validation and
test suite designed to support Sun hardware platforms and peripherals. SunVTS
7.0 is the next generation of SunVTS 6.0 and its compatible versions.

SunVTS 7.0 includes the following features:

  • Introduction of the concept of purpose-based testing

  • Improved diagnostics effectiveness

  • Web-based user interface

  • Simplified usage

  • New architecture framework

  • Enterprise View

SunVTS 7.0 follows a conventional three-tier architecture model. This
model is composed of a browser-based user interface, a Java based middle server,
and a diagnostic agent.

System Resource Enhancements

The following system resource features and enhancements have been added
to the Solaris 10 5/08 release.

CPU Caps

CPU caps provide absolute fine-grained limits on the amount of CPU resources
that can be consumed by a project or a zone. CPU caps are provided as a zonecfg resource, and as project and zone-wide resource controls.

  • The zonecfg capped-cpu resource provides
    an absolute limit on the amount of CPU that can be consumed by a project or
    a zone.

  • The following resource controls are available:


    Absolute limit on the amount of CPU resources that can be
    consumed by a non-global zone.


    Absolute limit on the amount of CPU resources that can be
    consumed by a project.

For more information, see the following:

projmod(1M) Option

Use the projmod command with the -A option
to apply the resource control values defined in the project database to the
active project. Existing values that do not match the values defined in the
project file, such as values set manually by prctl(1),
are removed.

Device Management Enhancements

The following device management features and enhancements have been
added to the Solaris 10 5/08 release.

Tape Self-Identification

The tape self-identification feature configures the tape automatically,
with the parameters provided by the tape drive. Previously, the configuration
data for a tape drive was statically supplied through user-editable configuration
files, built-in configuration tables, or default values. The tape-self identification
feature uses a few SCSI commands to directly query the required parameters
from the tape drive. When the st driver gets the parameters,
the tape drive uses them on the Solaris OS.

The advantages of tape-self identification over the traditional file-based
configuration are:

  • Simple and no user intervention is needed

  • Faster support for new tape drives

  • Easy to use, standard-based interface

x86: Enhanced Speedstep CPU Power Management

Starting with this release, Intel's Enhanced SpeedstepTM technology
is supported on the Solaris OS. Enhanced Speedstep support enables Solaris
platform users to manage the power consumption of their Intel processors by
lowering the processor frequency during idle periods.

For more information about how to enable Solaris CPU power management,
see the power.conf(4) man

x86: PowerNow! CPU Performance Management

Starting with this release, AMD's PowerNow! technology is supported
on the Solaris OS. PowerNow! support enables Solaris platform users to manage
the power consumption of their Opteron 10h family of processors by adjusting
the processor operating frequency and voltage according to the task being

For more information about how to enable Solaris CPU power management,
see the power.conf(4) man

iSNS Support in the Solaris iSCSI Target

This Solaris release provides support for the Internet Storage Name
Service (iSNS) protocol in the Solaris iSCSI target software.
The iSNS protocol enables automated discovery, management, and configuration
of iSCSI devices on a TCP/IP network.

The Solaris iSCSI target software does not include native iSNS server
support. However, in this Solaris 10 release, you can add access to an existing
iSNS server to automatically discover the iSCSI devices in your network.

The iscsitadm command is used to configure the Solaris
iSCSI target to discover the iSNS server and enable or disable the iSNS discovery.
Use the hostname or the IP address to specify the iSNS server.

For more information, see the iscsitadm(1M) man page and Chapter 14, Configuring
Solaris iSCSI Targets and Initiators (Tasks),
in System Administration Guide: Devices and File Systems

Security Enhancements

The following security features and enhancements have been added to
the Solaris 10 5/08 release.

Solaris Trusted Extensions Supports Mounting Labeled
File Systems With the NFSv3 Protocol

Starting with this release, the Solaris Trusted Extensions software
can mount labeled file systems by using NFS Version 3 (NFSv3) in addition
to NFS Version 4 (NFSv4). Solaris Trusted Extensions has no restrictions on
using TCP as an underlying transport protocol for NFS. However, users cannot
choose User Datagram Protocol (UDP) as the underlying protocol for read-down
NFS access for NFSv3. The use of UDP for the initial mount operation is supported,
but UDP is not supported for subsequent multilevel NFSv3 operations.

SPARC: Hardware -Accelerated Elliptical Curve
Cryptography (ECC) Support

The UltraSPARC T2 (Niagara 2) based platforms support hardware acceleration
of Elliptical Curve Cryptography (ECC) algorithms. The Solaris OS now supports
high performance ECDSA and ECDH on these platforms. These new ECC algorithms
are accessible to all users of the Solaris Cryptographic Framework including
Java technology and OpenSSL users.

Networking Enhancements

The following networking features and enhancements have been added to
the Solaris 10 5/08 release.

Sockets Direct Protocol

The Sockets Direct Protocol (SDP) is a transport protocol layered over
the Infiniband Transport Framework (IBTF). SDP is a standard implementation
based on Annex 4 of the Infiniband Architecture Specification Vol1. SDP provides
reliable byte-stream, flow controlled two-way data transmission that is very
similar to TCP.

For more information see sdp(7D) man

inetd Backlog Queue Size

Starting with this release, a tunable to set the backlog queue size
of the inetd managed services is introduced. This feature
adds an SMF property to inetd called connection_backlog that enables the queue size to be modified. The default value of
the connection_backlog queue size is 10. You can modify
the connection_backlog property by using the inetadm command.
For example:

  • To list the properties, type:

    #inetadm -l fmri/pattern

  • To change the value for a specific service, type:

    #inetadm -m fmri/pattern conection_backlog=new value

  • To change the value globally, type:

    #inetadm -M connection_backlog=newvalue

For more information, see the inetadm(1M) man page.

X11 Windowing Enhancements

The following X11 windowing features and enhancements have been added
to the Solaris 10 5/08 release.

Xvnc Server and Vncviewer Client

VNC provides a remote desktop session over the Remote Frame Buffer (RFB)
protocol. RFB clients, better known as VNC viewers, are available for most
platforms, in both open-source and commercial releases.

The Solaris 10 5/08 release now includes Xvnc. Xvnc is an X server that
is based on the open-source releases from the RealVNC project and X.Org Foundation.
Xvnc is displayed to an RFB protocol client over the network without requiring
an existing X server session display on the local video hardware. This release
also includes RealVNC's vncviewer RFB client to connect to remote VNC servers,
and several associated programs for managing these servers.

For more information, see System Administration
Guide: Virtualization Using the Solaris Operating System
. See
also the Xvnc(1) and vncviewer(1) man

Desktop Tools Enhancements

The following desktop tools features and enhancements have been added
to the Solaris 10 5/08 release.

StarOffice 8

Starting with this release, StarOffice has been enhanced to the latest
version, StarOffice 8.

For more information about StarOffice, see

Flash Player 9

Stating with this release, the Solaris OS includes the Adobe Flash Player
9. For more information about this Flash Player, see

Pidgin 2.0

Pidgin is a popular open-source instant messaging client. Pidgin 2.0
includes the following features:

  • Many improvements to the UI modules including status system,
    Buddy List, Conversation, and the chat window

  • New Yahoo features including Stealth Settings, Doodle, and
    the /list command

  • Improved AIM and ICQ file transfers

  • Improved Log Viewer module

  • Support for the new version of ICQ file transfer

  • New IRC features including SSL support, and the new commands /whowas, /nickserv, /memoserv, /chanserv, and /operserv

  • Jabber features including support for SRV lookups, buddy icons,
    and Jabber User Directory searching

PAPI Print Commands

The Free Standards Group (FSG) Open Printing API (PAPI) commands replace
several commonly used print commands, which include the following:

The implementations of the Open Printing API commands are layered on
top of the Free Standards Group Open Printing API in the Solaris OS. This
implementation enables the commands to run on top of multiple protocols or

Some advantages of the new print command implementations include the

  • Improved consistency between desktop applications and command-line

  • Multiple print protocols and service support from the command

  • Internet Print Protocol (IPP) client-side support for improved
    interoperability with Linux, Mac OS X, and other IPP-based print services

  • Enhanced remote capability and data when using IPP between
    print client and server

  • The capability to disable network services and retain access
    to local printers

For more information about the PAPI print commands, see the following:

System Performance Enhancements

The following system performance features and enhancements have been
added to the Solaris 10 5/08 release.

64-bit SPARC: Memory Placement Optimization
Support for sun4v Platforms

Memory Placement Optimization (MPO) enables operating systems to allocate
memory local to the core where the threads or processes are being executed.
The sun4v architecture runs on virtualized hardware environment. The MPO for
sun4v platforms feature provides the required standard accessors in the sun4v
layer to provide locality information for the generic MPO framework. This
feature is effective on platforms that have multiple sockets with differences
in memory access latency. The MPO feature enhances the performance of various
applications by enabling the OS to allocate memory local to the nodes.

SPARC: Shared Contexts Support

The context mechanism, which is used by the Memory Management Unit (MMU)
hardware to distinguish between the use of the same virtual address in different
process address spaces, introduces some inefficiencies when shared memory
is used. The inefficiencies in shared memory are because the data at a particular
shared memory and the address in different processes might really be identical,
but the context number associated with each process is different. Therefore,
the MMU hardware cannot recognize a match. This inability to recognize a match
results in mappings being unnecessarily evicted from the MMU translation cache
and the Translation Lookaside Buffer (TLB), only to be replaced by identical
mappings with a different context number.

The Niagara 2 system has an additional shared context, which is a hardware
feature that can be used to prevent the inefficiency in handling shared memory.
Searching the TLB for mapping a match on either the private or the shared
context results in a TLB hit. The current software support for shared context
activates the feature for processes that use the Dynamic Intimate Shared Memory
(DISM). In this case, the process text segment and DISM segments mapped at
the same virtual address with the same permissions for each process use the
shared context.

x86: CPUID-Based Cache Hierarchy Awareness

Modern Intel processors provide an interface for discovering information
about the cache hierarchy of the processor through the CPUID instruction.

Language Support Enhancements

The following language support features and enhancements have been added
to the Solaris 10 5/08 release.

Locale Creator

Locale Creator is a command line and graphical user interface tool that
enables users to create and install Solaris locales. Using locale creator
users can create installable Solaris packages containing customized locale
data of a specific locale. After the created package has been installed, the
user has a fully working locale on the system.

For more information, see the following:

libchewing 0.3.0

Chewing input method (IM) is based on libchewing, which is an open-source
library for Traditional Chinese input. libchewing has been upgraded to the
libchewing 0.3.0 version. Some of the features of the new version include
the following:

  • Incompatibility with API/ABI.

  • UTF-8 based language engine core for common Unicode environment.

  • Includes the libchewing-data subproject.

  • Zuin fixes and symbol improvements.

  • New binary form of user hash data to speed up loading and
    solving hash data corruption.

  • Improved calculation of internal tree and phone constants.

  • Revised tsi.src for richer phrases and avoiding crashes.

  • Merge phone and phrase from CNS11643.

  • Improved Han-Yu PinYin to use table-lookup implementation.

  • Experimental frequency evaluation that re-computes chewing

  • Implementation of the choice mechanism for symbol pairs.

  • Experimental, memory mapping-based, binary data handling to
    speed up data loading.

For further information, see the International
Language Environments Guide

File Encoding Examiner

The File Encoding Examiner (fsexam) enables you to convert the name
of a file, or the contents of a plain-text file, from a legacy character encoding
to UTF-8 encoding. New features in the fsexam utility include the following:

  • Encoding list customization

  • Encoding auto-detection

  • Support for dry runs, logs, batch conversion, file filtering,
    symbolic files, command line, and special file types like compress file

For more information, see the fsexam(1) and fsexam(4) man pages.

Kernel Functions Enhancements

The following kernel functions features and enhancements have been added
to theSolaris 10 5/08 release.

x86: MONITOR and MWAIT CPU Idle Loop

The Solaris OS uses the SSE3 MONITOR and MWAIT instructions in the x86
processor idle loop. Using the SSE3 instructions in the processor idle loop
eliminates the overhead of sending and receiving an interrupt to wake up a
halted processor. MONITOR is used to specify a memory range to monitor the
idle loop. MWAIT halts the processor until the address previously specified
with MONITOR is accessed. With the new idle loop, a processor has to write
to memory only to wake up a halted processor.

Driver Enhancements

The following driver features and enhancements have been added to the
Solaris 10 5/08 release.

x86: Support Sun Fire X4540 Disk Status Indicators

Starting with this release, the Sun Fire X4540 disk status indicators
are supported. The amber Fault status LED and blue Ready to Remove status
LEDs are enabled by this feature.

For more information, see the Sun Fire X4540
Server Diagnostics Guide

MPxIO Extension for Serial Attached SCSI Devices
on mpt(7D)

The mpt driver has been enhanced to support MPxIO
with supported storage devices. When MPxIO is enabled for Serial Attached
SCSI (SAS) and SATA devices, they are enumerated under scsi_vhci(7D)
just like fibre channel devices under fp(7D).

Starting with this release, stmsboot(1M) has also
been enhanced to support multipathed SAS devices. stmsboot(1D)
operates on all attached and multipath-capable controllers by default.

If you wish to only enable multipathing on fp or mpt controllers then you can use the new flag which has been added
to restrict operations. The command, /usr/sbin/stmsboot -D mpt -e, will enable MPxIO only on attached mpt controllers.
Replacing mpt with fp in this command
will make stmsboot enable MPxIO only on attached fp controllers.

x86: SATA ATAPI Support in AHCI Driver

The AHCI driver supports SATA ATAPI CD or DVD devices. Users can use
the SATA CD or DVD in AHCI mode instead of the compatible mode. The AHCI mode
has better error handling and hot-pluggable capabilities.

For more information, see the ahci(7D) man page.

x86: AMD–8111

The AMD-8111 HyperTransport I/O hub includes a 10/100 Mbps Ethernet
LAN controller. The driver is used by the Andretti platform.

SATA NCQ Support in AHCI Driver

The AHCI driver supports the SATA NCQ feature. NCQ support improves
performance of the driver.

For more information, see the ahci(7D) man page.

x86: bnx II Ethernet Driver

Starting with this release, support is provided for the Broadcom NetXtreme
(bnx) II Ethernet chipset, which includes BRCM5706C, BRCM5706S, BRCM5708C,
and BRCM5708S.

For more information, see the bnx(7D) man page.

USB-to-Serial Driver for Keyspan Adapters

Starting with this release, a new driver is provided for Keyspan USB-to-serial
adapters. This driver supports the USA-19HS model. This feature enables you
to choose between Edgeport adapters and Keyspan adapters.

For further information, see the usbsksp(7D) man page.

Freeware Enhancements

The following freeware features and enhancements have been added to
the Solaris 10 5/08 release.

32-bit: pgAdmin III

pgAdmin III is a popular and feature-rich, open-source administration
and development platform for PostgreSQL. The graphical interface supports
all PostgreSQL features and makes administration easy. This tool enables users
to write simple SQL queries and also to develop complex databases.

For more information, see


Starting with this release, the Solaris OS includes p7zip port. p7zip
is similar to the Windows compression and archiving utility, 7zip.

For more information, see

, Mike

Please note that this blog accepts comments via email only. See our Mission And Policy Statement for further details.