==== Configure ACLs using File Manager GUI ====
My Solaris 10 notes

Components of Sun OS

Three components of Sun OS

  • Kernel - the core of Sun OS and manages all physical resources of the computer
  • Shell - a command interpreter and interfaces between user and kernel
  • Directory Hierarchy

Default shells

Sun OS default primary shells:

  • Bourne shell - original unix system shell and default for root user. regular user prompt is $ and root is #
  • C shell - command line history, aliasing, and job control. default regular user is hostname% and root is hostname#
  • Korn Shell - superset of Bourne shell plus C shell like features and enhancements. command line history, aliasing, job control, and command line editing default regular prompt is $ and root is #

Sun OS contains three alternative shells:

  • Bash shell - GNU project Bourne Again SHell is bourne compatible shell that contains handy features from Korn and C shell.
  • Z shell - resembles Korn shell plus enhancements
  • TC shell - C compatible shell plus enhancements

Logging into Sun OS

All users must log into system

Desktop login

Use direct login or options

password requirements 6-8 characters, contain at least two alpha characters and one numerical or special character. cannot be same as user login name, different than last password by at least three characters, reverse of user login name password requirements don't apply to root user or regular user password set by root user

Desktop Environment

Solaris 10 includes Common Desktop Environment (CDE) and Java Desktop System (JDS) desktop environments.

Command Line

Run command line in a terminal window

Use Unix system commands to instruct the computing system to perform specific tasks

Commands can be executed with or without options or arguments

Unix command syntax is the order and structure of command line components.

Unix command line syntax = [command] [options] [arguments]

  • command determines what system will execute
  • option determines how command will run and always begins with - and are case sensitive, can use multiple options, combine options into one - or use a - for each option
  • argument determines what command will affect

Multiple commands can be entered on one command line by using semi-colon(;) between each command.

Basic Solaris 10 commands


man pages

display man page by typing man command


  • $ man command
  • $ man option command
  • $ man option filename

Navigating man page

  • Space bar = page forward
  • Return = line forward
  • b = page backward
  • /pattern = to perform a forward pattern search
  • n = to move to next pattern match, must be proceeded with /pattern search
  • h = provides navigation help
  • q = quit man page

Searching man pages

This searches all man pages. To search while inside a man page see Navigating a man page pattern search.

Search by section syntax:

  • man -s number [command|filename]

Search by keyword syntax:

  • man -k keyword


A directory is a list of references to objects

Objects include files, sub-directories, and symbolic links

Each reference consists of a name and number

The name of object is used to identify & access object

The number specifies the inode. inode stores information about the object

pwd command shows current directory path

ls commands displays contents of current directory


  • ls
  • ls -options
  • ls -options filename
  • ls -options path_2_different_directory

Use file command to determine certain file types


  • file filename

Navigating directories

Initial login is set to home directory

Navigate using cd command


  • cd directory

Using cd without options or arguments moves to home directory (some shells use cd ~)

path name abbreviations . = current or working directory .. = parent directory

cd .. moves to parent directory

cd ../.. moves up two parent directories, you can use /.. to move up more parent directories

use absolute or relative path names to navigate directories

cd absolute_path_name

cd relative_path_name


Commands to view file in read-only format:

  • cat (displays one or more text files without pausing)
  • more (displays text files one page at a time, to navigate use man navigation keys)
  • tail (displays last 10 lines of a text file,use -n or +n to change number of lines, replace n with an integer, -n displays n lines from end of file while +n displays file contents from line n to end of file)
  • head (displays first 10 lines of a text file, use -n to change number of lines, replace n with an integer)
  • wc (-l line count, -w word count, -c byte count, -m character count)

Printing files

Print using lp command


  • lp options filename


  • -d destination (use while not printing to default printer)
  • -o nobanner (no banner is printed)
  • -n number (number of copies)
  • -m (sends mail message to owner after print job is complete)

Display status of all user print requests


  • lpstat -options printername


  • -p (status of all printers)
  • -o (status of all output requests)
  • -d (status of default printer)
  • -t (extended status of all printers)
  • -s (status summary of all printers)
  • -a (identifies which printers are accepting print requests)

Status response from lpstat command:

  • request-ID = name of the printer and job number
  • user-ID = name of user accessing the printer
  • file size = output size in bytes
  • date/time = current date and time
  • status = status of print request

Cancel print requests


  • cancel request-ID
  • cancel -u username

Modifying Directory Contents

Copy Files & Directories

Copy Files

Use cp command to copy the contents of a file to another file.


  • cp -option source_file target_file_or_directory

Common options:

  • -i (prevents accidental overwrite of file or directory, prompts user when an overwrite might occur)
  • -r (recursive, includes the contents of directory and all sub-directories when copying a directory)


Copy file within a directory:

cp source_file target_file

Copy multiple files to a different directory (relative path example):

cp source_file1 source_file2 target_directory

Copy Directories

Use cp -r command & option to copy the contents of a directory recursively to another directory


  • cp -options source_directory target_directory


  • If target_directory does not exist one will be created with source_directory name.
  • If target_directory exists a new sub-directory below target_directory will be created with source_directory name.

Copying multiple directories


  • cp -options source_directory1 source_directory2 target_directory

Moving Files & Directories

The mv command moves & can rename files & directories within the directory hierarchy


  • mv -option source_file_or_directory target_file_or_directory


Rename file1 in same directory to file2:

mv file1 file2

Move file1 to another directory:

mv file1 ../

Move & rename file1 to file2 in another directory:

mv file1 ../file2

Move & rename directory1 to directory2 in same directory:

mv directory1 directory2

Creating Files & Directories

Creating Files

You can use touch command to create an empty file or a text editor program


  • touch filename

Creating Directories

Use mkdir command to create directories


  • mkdir directory_name
  • mkdir -p directory_names (-p creates all the parent directories that do not exist)

Removing files & directories

Remove file using rm command.


  • rm -option filename

rm options:

  • -i (prompts before deleting each file)

Remove empty directories. If directories are not empty an error message will result.


  • rmdir directories

Remove directories that are not empty


  • rm -options directories

rm options:

  • -i (prompts before deleting each file or directory)
  • -r (recursive, includes all contents of directory and sub-directories)

Using Symbolic links

A symbolic link is a pointer that contains the path name to another file or directory. Use ln -s command to create a symbolic link file. The file name for the symbolic link appears in the directory in which it is created.


  • ln -s source_file target_file

Where source_file variable refers to the file in which you create a symbolic link. The target_file variable refers to the name of symbolic link. If source file does not exist a symbolic link to a non-existing file is created.

You remove symbolic link files the same way you would any other file using rm command.

vi text editor

vi editor modes:

  • command (delete, change, copy, move, position cursor, search, exit)
  • edit (enter text)
  • last line (advanced options)

Switching between modes:

  • default mode when creating or opening file is command
  • i (insert text, switches to edit mode)
  • Esc (returns to command mode)
  • : (last line mode)

vi syntax:

  • vi -options filename

vi options:

  • -R (opens in read-only mode) view command does same thing, syntax = view filename
  • -r (recovers specified file, if no file specified lists all files that can be recovered)(use if system crashes)

Inserting & appending text:

  • a (appends text after cursor)
  • A (appends text at end of line)
  • i (inserts text before cursor)
  • I (inserts text at beginning of line)
  • o (opens a new line below the cursor)
  • O (opens a new line above the cursor)
  • :r filename (inserts text from another file)

Moving cursor in vi:

  • h, left arrow, Backspace (left one character)
  • j, down arrow (down one line)
  • k, up arrow (up one line)
  • l, right arrow, space bar (right one character)
  • b (back one word)
  • w (forward one word)
  • e (end of current word)
  • $ (end of the current line)
  • 0 (beginning of the current line)
  • ^ (to first non-white space character on the line)
  • Return (to beginning of next line)
  • G (goes to last line of file)
  • nG (goes to n line of file)
  • :n (goes to n line of file)
  • Ctrl+F (pages forward one screen)
  • Ctrl+B (pages back one screen)
  • Ctrl+U (scrolls up 1/2 screen)
  • Ctrl+D (scrolls down 1/2 screen)
  • Ctrl+L (refreshes screen)
  • Ctrl+G (displays current buffer)

Delete text in vi:

  • r (overwrite one character on cursor)
  • R (overwrites all characters from cursor and to the right until Esc is pressed)
  • C (overwrites characters from cursor to end of line)
  • s (substitutes a string for a character at cursor)
  • x (deletes the character at cursor)
  • dw (deletes a word or part of word to the right of character)
  • dd (deletes line containing the cursor
  • D (deletes the line from the cursor to right end of line
  • :n,nd (deletes lines n-n)
  • CW (overwrites characters at cursor location)
  • J (joins current line & the line below)
  • xp (transposes the character at the cursor and to right of cursor)
  • ~ (changes the case of the letter at cursor)
  • u (undo previous command)
  • U (undo all changes to current line)
  • . (repeats previous command)

Search & replace text in vi

To search & replace text in vi use these commands:

  • /string (searches forward for string)
  • ?string (searches backward for string)
  • n (searches for next occurrence of string, after searching for a string)
  • N (searches for previous occurrence of string, after searching for a string)
  • :%s/string1/string2/g (search for string1, replace with string2 globally)

Copy & paste in vi

To copy & paste in vi use these commands:

  • yy (yanks a copy of a line)
  • p (puts yanked or deleted text under the line with cursor)
  • P (puts yanked or deleted text before the line with cursor)
  • :n,n co n (copies lines n-n and puts after line n)
  • :n,n m n (moves lines n-n to line n)

Save & quit commands

To save & quit in vi use these commands:

  • :w (writes contents of buffer to disk in existing file)
  • :w filename (writes contents of buffer to filename)
  • :wq (writes contents of buffer to disk in existing file and quits vi editor)
  • :x (same as wq)
  • ZZ (same as wq)
  • q! (quits without saving changes)

Customizing vi session

Use set command to set or unset variables in current vi session:

  • :set nu (show line numbers)
  • :set nonu (hides line numbers)
  • :set ic (instructs searches to ignore case)
  • :set noic (instructs searches to be case sensitive)
  • :set list (displays invisible characters)
  • :set nolist (invisible characters are invisible)
  • :set showmode (displays current mode)
  • :set noshowmode (disables showing current mode)
  • :set (displays all vi variables that are set)
  • :set all (displays all set vi variables and their current value)

Pre-load vi with customizations:

  1. Create .exrc file in home directory
  2. Enter one set variable per line in .exrc file without colon

vi editor reads the .exrc file each time vi is executed.

Korn shell

Metacharacters are specific characters having special meaning to Korn shell

Three types of metacharacters:

  • path name metacharacters
  • file name substitution metacharacters
  • quoting metacharacters

Path name metacharacters:

  • ~ (home directory of current user)
  • ~username (home directory of username)
  • - (stores previous working directory)

File name substitution metacharacters:

  • * (wildcard character, represents zero or more characters, except leading period of hidden file)
  • ? (wildcard character, represents any single character except leading period of hidden file)
  • [ ] (square bracket characters represent a set or range of characters for a single character position)

Quoting metacharacters:

  • ' ' (instructs shell to ignore all enclosed metacharacters)
  • ` (instructs shell to execute and display the output for a Unix system command)
  • " " (instructs shell to ignore all enclosed metacharacters except `, \, and $)
  • \ (instructs shell to ignore the next character as a metacharacter)
  • $ (instructs shell that the following text is the name of a shell variable)
  • $(command)(instructs shell to execute & display the output for the command identified)

Korn shell variables

A shell variable refers to temporary storage area in memory. Variables contain information needed for customizing the shell or other processes to function correctly

set,unset, view variables

To set, unset, & view variables:

command action
VAR = value, export VAR=value set a variable
unset VAR unset a variable
set, env, or export display all variables
echo $VAR or print display values stored in variables

Using history command

By default history command displays the last 16 commands to the standard output


  • history option

History options:

  • -n (displays the command history without line numbers)
  • -r (display the history list in reverse order)

History examples: $ history ls dir would display the most recent ls command to the most recent dir command

r command is an alias built into Korn shell that enables the reuse of a command.

Examples using r command:

$ history
609  mkdir test
610  cd test
611  pwd
612  cd space
613  ls -l
$ r 613

Rerun the most recent occurrence of a command that begins with "c":

$ r c
cd space

Rerun the most recent occurrence of a command that begins with "c", replace space with water, and perform the modified command:

$ history
609  mkdir test
610  cd test
611  pwd
612  cd space
613  ls -l
$ r c
cd space
$ r space=water
cd water

Use a shell in-line editor to edit previously executed commands & rerun edited commands

Use the vi editor to turn on & enable the shell history editing feature. Each example sets vi for in-line editor:

  • $ set -o vi
  • $ export EDIT=/bin/vi
  • $ export VISUAL=/bin/vi

Confirmation that built-in editor vi is enabled by running this command: set -o | grep -w vi

Edit and execute previously executed command:

  1. use history command
  2. Press Esc key to access command history
  3. use vi commands to edit previously executed command
  4. Press Enter to execute modified command

File name completion within vi mode of command-line editing:


  1. command -options arguments
  2. Press Esc and backslash (\)

Command redirection

  • each process that korn shell creates works with file descriptors
  • file descriptors determine where the input to the command originates and where the output and error messages are sent

file descriptor number file descriptor abbreviation definition
0 stdin standard command input
1 stdout standard command output
2 stderr standard command error

standard input

Less-than sign (<) forces a command to read input from file


  • command < filename

standard output

Greater-than sign (>) sends output from a command to a file


  • command > filename

standard error

File descriptor number 2 and greater-than (>) redirects standard error to file. Redirection of standard error will suppress error messages from going to display device


  • command 2> filename

Pipe character

Use pipe character (|) to redirect standard output to standard input another command


  • command | command

Shell as command-line interpreter

Korn shell interprets commands entered by:

  1. parsing the line
  2. processing metacharacters & redirection
  3. controlling execution of commands

Then the shell searches for the command & once found executes command

Command-line interpretation example:

  • ps -ef | sort +1 | more
  • breaks command line into tokens: ps, -ef, |, sort, +1, |, & more
  • identifies ps, sort, & more as commands
  • identifies -ef & +1 as options
  • identifies | as an i/o operation
  • sets up stdout from ps to be stdin to sort and stdout from sort to be stdin to more
  • locates ps, sort, & more & executes them in order

User initialization files

Use system-wide or user-specific initialization files to customize working environments

shell system-wide primary user user initialization files when a new shell started shell path name
Bourne /etc/profile $HOME/.profile /bin/sh
Korn /etc/profile $HOME/.profile & $HOME/.kshrc /$HOME/.kshrc /bin/ksh
C /etc/.login $HOME/.cshrh & $HOME/.login $HOME/.cshrc /bin/csh

.profile file


  • kshrc file is executed very time when you login or when ksh sub-shell is started
  • defines Korn shell specific settings such as aliases, shell functions, history variables, & all shell options

.cshrc file

.cshrc file is a C shell initialization file that you define in your home directory

  • .cshrc file is executed very time when you login
  • use to customize environment variables and terminal settings
  • instruct the system to initiate applications

~/.dtprofile file

  • file that resides in your home directory
  • determines generic & customized settings for desktop environment
  • settings overwrite desktop default settings
  • shell reads the .dtprofile first, .profile second, & .kshrc last
  • shell reads .profile & .kshrc when a new terminal session is opened

~/.profile file

  • define ENV variable in ~/.profile file
  • instructs login process to execute the file referenced by ENV variable
  • re-run file or logout & login the terminal session to verify change

~/.kshrc file

  • configure PS1 Korn shell variable by editing ~/.kshrc file
  • re-run file or logout & login the terminal session to verify change

Basic file & directory permissions

view permissions by using ls -l command

types of users

field description
owner permissions for the assigned owner of file or directory
group permissions for the members assigned to group that owns the file or directory
other permissions for all users that are not the owner or members of group

Permission sets

  • each type of user has three permissions called a permission set
  • each permission set consists of read, write, and execute permissions
  • each file and directory has three permission sets for each type of user
  • owner, group, & other users
  • r = read only, w = write, x = execute
  • file or directory show r,w, or x that means permission is given, a dash (-) means permission denied

permission character file access directory access
read r view file contents & copying of file view listing of directory with ls command
write w change file contents change directory contents (delete requires w+e)
execute e execute file (execute shell script requires r+e) change to directory by using cd command, can use ls only if you specify filename as argument

determining file & directory access

  • files and directories have a user ID (UID) and group ID (GID)
  • UID is owner of file & directory
  • GID is group of users who own file & directory
  • only one UID & GID are assigned at a time

ls -n command

Use ls -n command to view UIDs & GIDs of files & directories

Solaris OS compares the user, group, then other permissions when accessing a file or directory. When a match is found those permissions are applied.

changing permissions

  • Use chmod command to change permission sets on files & directories
  • owner or root can use chmod command
  • chmod command can change permissions using symoblic (r,w,e,-,+) or octal (0-7) mode

Syntax examples:

  • symbolic mode is chmod symbolic_mode filename where symbolic_mode includes user affected (owner,group,other), function performed (-/+), permission (r,w,e)
  • u = owner, g = group, o = other, a = all permissions
  • + = add permission set, - = removes permission set, = = assign permission absolutely
  • r = read, w = write, x = execute

Syntax examples:

  • octal mode is chmod octal_mode filename where octal_mode includes three octal numbers
  • octal numbers for permission sets are 4 = read, 2 = write, 1 = execute

octal digits for various permission sets:

octal value permission sets binary
7 rwx 111 (4+2+1)
6 rw- 110
5 r-w 101
4 r-- 100
3 -wx 011
2 -w- 010
1 --x 001
0 --- 000

Combine octal values to change permission sets.

changing default permissions

  • at creation every file & directory has default permissions
  • user mask affects default file permissions assigned to file & directory
  • use umask command to apply user mask value & modify default permissions
  • umask is a three-digit octal value for read, write, execute
  • default user mask for Solaris 10 is 022
user mask octal value file permissions directory permissions
0 rw- rwx
1 rw- rw-
2 r-- r-x
3 r-- r--
4 -w- -wx
5 -w- -w-
6 --- --x
7 --- ---

Apply umask value for files

Determine default permissions for new files by applying user mask value to initial permission value in octal mode

permission field symoblic mode permission field octal mode description
rw-rw-rw- 666 initial permissions specified by system for file creation
----w--w- 022 default Solaris 10 user mask to be removed
rw-r--r-- 644 default permissions assigned to created files

Apply umask value for directories

Determine default permissions for new directories by applying user mask value to initial permission value in octal mode

permission field symoblic mode permission field octal mode description
rwxrwxrwx 777 initial permissions specified by system for directory creation
----w--w- 022 default Solaris 10 user mask to be removed
rwxr-xr-x 755 default permissions assigned to created directories

changing umask value

  • use umask command to change at user initialization or command line (existing session only)
  • syntax:
    • to show umask <ocde>umask
    • to set umask at command line umask octal_mode

Access Control Lists (ACL)

ACL allows owner of file or directory to grant or deny specific user access using owner, group, & other

ACL commands & descriptions

ACL command examples description
getfacl -a filename_or_directoryname shows name, owner, group, & ACL entries for file & directory
setfacl -m acl_entries filename_or_directoryname modifies ACL entries on file & directory
setfacl -s acl_entries filename_or_directoryname substitutes new ACL entries on file & directory
setfacl -d acl_entries filename_or_directoryname
  • deletes one or more ACL entries on file & directory
  • unable to delete file owner, group owner, or ACL mask)
setfacl -r [-m,-s] filename_or_directoryname recalculates ACL mask based on ACL entries, when used with -m or -s option

Viewing ACL entries

ACL entry syntax:

  • entry-type:[UID or GID]:permission
    • entry-type specifies the scope of the file or directory permissions to owner, owner's group, specific users, additional groups, or ACL mask
    • UID or GID specifies the UID or GID
    • permissions specifies permissions for entry-type using r,w,x,-, or octal values 0-7
entry type description
u::permission permissions for file owner
g::permission permission for owner's group
o:permission permissions for users other than owner or member of owner's group
  • u:UID:permission or
  • u:username:permission
permissions for specific user that must exist in /etc/passwd file
  • g:GID:permission or
  • g:groupname:permission
permissions for specific group that must exist in /etc/group file
  • ACL mask that sets maximum effective permissions allowed for all specified users & groups
  • does not impact owner or other

Determining Non-trivial ACL entries

Use ls -l command to determine if a file or directory has a non-trivial ACL entry

The presence of a plus sign (+) at end of permission field indicates that file or directory has an ACL entry

Determining trivial ACL entries

Use getfacl command to display list of trivial ACL entries for file or directory

Configure ACLs using File Manager GUI

