Skip to content

Instantly share code, notes, and snippets.

@alanc

alanc/SRU48-man-page-changes.diff

Last active August 16, 2022 23:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save alanc/f6724303a4107b03c5c0218634744e3b to your computer and use it in GitHub Desktop.
Save alanc/f6724303a4107b03c5c0218634744e3b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Solaris-11.4-SRU48-man-page-changes.txt
Man page changes between Solaris 11.4.45 & 11.4.48, including changes for:
28518573 Scheduled svc.periodicd service should honour current timezone
29466857 ZFS should allow the same zvol to be used for swap and dump
29478662 svc.startd(8) should tell refresh method is only invoked for running instances
30409942 Installation process failure reported when telemetry services are disabled
32444182 core_set_process_content should be a public interface and have a man page
32531482 live storage migration for Kernel Zones
32942190 problem in KERNEL/ARCH-X86
33047671 Memory reservation for OSM
33309732 More kerberos info needs to be removed from telnet and r-cmd man pages
33316597 Cannot control the security extensions of a solaris10-branded zone
33702568 svcs should use ISO standard date formats
33779249 mdb should be able to produce parsable output
33801021 want unsorted 'zfs list' / 'zfs get' output
33862127 zfs key -c -r does not change key when key is inherited
33881834 libproc's attempt to use values saved by preserve_args is defeated by functions that return structures and or have structures as arguments
33931695 netstat -P protocol option of ip not listed in man page
33932674 Request for the ability to exclude selected interfaces from SMB3 multichannel
33939811 mdb should expose the process id of the target via a variable
33986053 man page for zfs(8) has wrong synopsis for -d option of 'zfs list' and 'zfs get'
34005226 vmstat.8 man page lacks detailed requirements for historical data collection.
34059185 chmod(1) Example 20 doesn't work
34104632 Document certificate selection SMF properties
34170653 Document Y2036 limit and obsolesence of rdate(8) and in.timed(8)
34171692 Assorted fixes for legacy network utility man pages
34238533 Declare additional libc functions to be Async-Signal-Safe
34414460 link resolution failures in ON man pages for SRU 48
Copyright (c) 1983, 2022, Oracle and/or its affiliates.
Raw
SRU48-man-page-changes.diff
diff -NurbBw 11.4.45/man1/chmod.1 11.4.48/man1/chmod.1
--- 11.4.45/man1/chmod.1 2022-08-16 11:04:42.897819450 -0700
+++ 11.4.48/man1/chmod.1 2022-08-16 11:05:27.904394629 -0700
@@ -1595,9 +1595,9 @@
The following examples replace system attributes of a ZFS file:
- $ chmod S=v{archive,hidden,readonly,system,appendonly,\
+ $ chmod 'S=v{archive,hidden,readonly,system,appendonly,\
nonodump,immutable,noav_modified,noav_quarantined,\
- nounlink,nonsensitive} file1
+ nounlink,nosensitive}' file1
@@ -1606,7 +1606,7 @@
or
- $ chmod S=c{AHRSaiu} file1
+ $ chmod 'S=c{AHRSaiu}' file1
@@ -1614,7 +1614,7 @@
or
- $ chmod S=c{AHRSa-i--u-} file1
+ $ chmod 'S=c{AHRSa-i--u-}' file1
@@ -1753,7 +1753,7 @@
or
- $ chmod S+v{hidden,system} file1
+ $ chmod 'S+v{hidden,system}' file1
@@ -1761,7 +1761,7 @@
or
- $ chmod S+c{-HS--------} file1
+ $ chmod 'S+c{-HS--------}' file1
@@ -1769,7 +1769,7 @@
or
- $ chmod S-v{nohidden,nosystem} file1
+ $ chmod 'S-v{nohidden,nosystem}' file1
@@ -1777,7 +1777,7 @@
or
- $ chmod S-v{hidden,system},+v{hidden,system} file1
+ $ chmod 'S-v{hidden,system},+v{hidden,system}' file1
Example 27 Clearing All System Attributes of a ZFS File
@@ -1795,7 +1795,7 @@
or
- $ chmod S=v{} file1
+ $ chmod 'S=v{}' file1
@@ -1809,7 +1809,7 @@
system attributes for file1:
- $ chmod S+cHS,=v{} file1
+ $ chmod 'S+cHS,=v{}' file1
@@ -1909,4 +1909,4 @@
-Oracle Solaris 11.4 21 Mar 2022 chmod(1)
+Oracle Solaris 11.4 11 April 2022 chmod(1)
diff -NurbBw 11.4.45/man1/mdb.1 11.4.48/man1/mdb.1
--- 11.4.45/man1/mdb.1 2022-08-16 11:04:42.998143208 -0700
+++ 11.4.48/man1/mdb.1 2022-08-16 11:05:28.011624501 -0700
@@ -512,6 +512,11 @@
current target. See Thread Support, below.
+ MDB_PID
+
+ The process id of the target process or core file.
+
+
MDB_radix
The value of the current radix. Writing a value that is not a legal
@@ -3195,15 +3200,36 @@
- [ address ] ::stack [ count ]
- [ address ] $c [ count ]
+ [ address ] ::stack [-A][-r][-t][-v][-x] [ count ]
+ [ address ] $c [-A][-r][-t][-v][-x] [ count ]
Print a C stack backtrace. If the dcmd is preceded by an explicit
address, a backtrace beginning at this virtual memory address is
displayed. Otherwise the stack of the representative thread is dis-
- played. If an optional count value is given as an argument, no more
- than count arguments are displayed for each stack frame in the out-
- put.
+ played. If an optional count value is given as an argument and the
+ debugger can not determine how many arguments a function has the no
+ more than count arguments are displayed for each stack frame in the
+ output.
+
+
+ -A Do not print an annotations
+
+ -r Print registers when available
+
+ -t Print the types of arguments when available
+
+ -v Verbose, print the frame pointer
+
+ -x Always print arguments as in hex
+
+ If mdb can not confirm the validity of a function argument it will
+ append ? to the value. When structures or unions are passed as
+ arguments the values may be displayed as raw bit dumps surrounded
+ by < and > or prefixed with * and then the address of the value is
+ displayed. Which of the two formats is used depends on how the
+ arguments are passed to the function, if passed on the stack the
+ address format is used, if passed in registers the <value> form is
+ used.
@@ -3749,6 +3774,12 @@
at the terminal. The ::quit dcmd must be used to quit.
+ narg
+
+ The default maximum number of function arguments to display
+ when printing stacks when the validity can't be determined.
+
+
noalias
Does not auto load aliases at start up time or when the alias
@@ -3796,6 +3827,25 @@
+ output_format=format
+
+ Select the output format for mdb. The format should be one of
+ the following:
+
+ plain The output is unformatted.
+
+
+ xml The output is XML.
+
+
+
+ output_level=level
+
+ Select the output format for mdb. The level should be one of
+ the following: default, verbose and debug, where default gives
+ the least output and debug the most.
+
+
pager
Enables the output pager (default).
@@ -4249,4 +4299,4 @@
-Oracle Solaris 11.4 7 February 2022 mdb(1)
+Oracle Solaris 11.4 25 March 2022 mdb(1)
diff -NurbBw 11.4.45/man1/rcp.1 11.4.48/man1/rcp.1
--- 11.4.45/man1/rcp.1 2022-08-16 11:04:43.027067499 -0700
+++ 11.4.48/man1/rcp.1 2022-08-16 11:05:28.039692677 -0700
@@ -6,12 +6,26 @@
rcp - remote file copy
SYNOPSIS
- rcp [-p] [-a] [-K] [-x] [-PN | -PO] [-k realm] filename1 filename2
+ rcp [-p] filename1 filename2
- rcp [-pr] [-a] [-K] [-x] [-PN | -PO] [-k realm] filename... directory
+ rcp [-pr] filename... directory
DESCRIPTION
+ Caution -
+
+
+
+
+ All data exchanges over this protocol are performed without encryp-
+ tion, and have no protection against spoofing or snooping of traffic.
+ The in.rshd server is disabled by default on Oracle Solaris and most
+ other modern operating systems, and both the in.rshd server and the
+ rcp command may be removed in future versions of Oracle Solaris. Use
+ of the scp(1) or sftp(1) utilities is strongly recommended instead.
+
+
+
The rcp command copies files between machines. Each filename or direc-
tory argument is either a remote file name of the form:
@@ -36,29 +50,13 @@
If a filename is not a full path name, it is interpreted relative to
your home directory on hostname. A path on a remote host can be quoted
using \, ", or ', so that the metacharacters are interpreted remotely.
- Please notice that the kerberized versions of rcp are not IPv6-enabled.
- rcp does not prompt for passwords. It either uses Kerberos authentica-
- tion which is enabled through command-line options or your current
- local user name must exist on hostname and allow remote command execu-
+ rcp does not prompt for passwords. It uses your current local user
+ name, which must be accepted on hostname to allow remote command execu-
tion by rsh(1).
- The rcp session can be kerberized using any of the following Kerberos
- specific options : -a, -PN or -PO, -x, and -k realm. Some of these
- options (-a, -x and -PN or -PO) can also be specified in the [appde-
- faults] section of krb5.conf.5. The usage of these options and the
- expected behavior is discussed in the OPTIONS section below. If Ker-
- beros authentication is used, authorization to the account is con-
- trolled by rules in krb5_auth_rules(7). If this authorization fails,
- fallback to normal rcp using rhosts occurs only if the -PO option is
- used explicitly on the command line or is specified in krb5.conf.5. If
- authorization succeeds, remote copy succeeds without any prompting of
- password. Also notice that the -PN or -PO, -x, and -k realm options
- are just supersets of the -a option.
-
-
rcp handles third party copies, where neither source nor target files
are on the current machine. Hostnames can also take the form
@@ -67,17 +65,7 @@
to use username rather than your current local user name as the user
- name on the remote host. rcp also supports Internet domain addressing
- of the remote host, so that:
-
- username@host.domain:filename
-
-
-
-
-
- specifies the username to be used, the hostname, and the domain in
- which that host resides. File names that are not full path names are
+ name on the remote host. File names that are not full path names are
interpreted relative to the home directory of the user named username,
on the remote host.
@@ -105,21 +90,8 @@
-
See the NOTES section for caveats on the exit code.
-FILES
- $HOME/.profile
-
-
- $HOME/.k5login File containing Kerberos principals that are
- allowed access
-
-
- /etc/krb5/krb5.conf Kerberos configuration file
-
-
-
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -135,8 +107,8 @@
+-----------------------------+--------------------------------+
SEE ALSO
- cpio(1), ftp(1), rlogin(1), rsh(1), tar(1), tar(1), inet(4P),
- inet6(4P), ip6(4P), hosts.equiv(5), attributes(7), in.rshd(8)
+ cpio(1), ftp(1), rlogin(1), rsh(1), rsync(1), scp(1), sftp(1), tar(1),
+ inet(4P), inet6(4P), ip6(4P), hosts.equiv(5), attributes(7), in.rshd(8)
NOTES
rcp is meant to copy between different hosts. Attempting to rcp a file
@@ -154,16 +126,16 @@
rcp can become confused by output generated by commands in a
- $HOME/.profile on the remote host.
+ $HOME/.profile or other shell startup file on the remote host.
rcp requires that the source host have permission to execute commands
on the remote host when doing third-party copies.
- rcp does not properly handle symbolic links. Use tar or cpio piped to
- rsh to obtain remote copies of directories containing symbolic links or
- named pipes. See tar(1) and cpio(1).
+ rcp does not properly handle symbolic links. Use rsync(1), or tar(1) or
+ cpio(1) piped to ssh to obtain remote copies of directories containing
+ symbolic links or named pipes.
If you forget to quote metacharacters intended for the remote host, you
@@ -186,6 +158,19 @@
This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ Support for Kerberos, including the options -a, -k, -K, -PN, -PO, and
+ -x, was added in Solaris 10 3/05 and removed in Oracle Solaris 11.4.0.
+ Prior to Solaris 10, a kerberized version was available in the Sun
+ Enterprise Authentication Mechanism (SEAM) add-on package for Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
+
+ The rcp command, including support for the options -p and -r, has been
+ present since the initial release of Solaris.
+
-Oracle Solaris 11.4 30 Jul 2018 rcp(1)
+Oracle Solaris 11.4 12 May 2022 rcp(1)
diff -NurbBw 11.4.45/man1/rlogin.1 11.4.48/man1/rlogin.1
--- 11.4.45/man1/rlogin.1 2022-08-16 11:04:43.121208572 -0700
+++ 11.4.48/man1/rlogin.1 2022-08-16 11:05:28.132674735 -0700
@@ -6,37 +6,43 @@
rlogin - remote login
SYNOPSIS
- rlogin [-8EL] [-ec ] [-A] [-K] [-x] [-PN | -PO] [-f | -F] [-a]
- [-l username] [-k realm] hostname
+ rlogin [-8ELKa] [-e c] [-l username] hostname
+
+
+ hostname [-8ELKa] [-e c] [-l username]
DESCRIPTION
+ Caution -
+
+
+
+
+ All data exchanges over this protocol are performed without encryp-
+ tion, and have no protection against spoofing or snooping of traffic.
+ The in.rlogind server is disabled by default on Oracle Solaris and
+ most other modern operating systems, and both the in.rlogind server
+ and the rlogin command may be removed in future versions of Oracle
+ Solaris. Use of the ssh(1) utility is strongly recommended instead.
+
+
+
The rlogin utility establishes a remote login session from your termi-
- nal to the remote machine named hostname. The user can choose to ker-
- berize the rlogin session using Kerberos V5 and also protect the data
- being transferred.
-
-
- Hostnames are listed in the hosts database, which can be contained in
- the /etc/hosts file, the Network Information Service (NIS) hosts map,
- the Internet domain name server, or a combination of these. Each host
- has one official name (the first name in the database entry), and
- optionally one or more nicknames. Either official hostnames or nick-
- names can be specified in hostname.
-
-
- The user can opt for a secure rlogin session which uses Kerberos V5 for
- authentication. Encryption of the session data is also possible. The
- rlogin session can be kerberized using any of the following Kerberos
- specific options: -A, -PN or -PO, -x, -f or -F, and -k realm. Some of
- these options (-A, -x, -PN or -PO, and -f or -F) can also be specified
- in the [appdefaults] section of krb5.conf. The usage of these options
- and the expected behavior is discussed in the OPTIONS section below. If
- Kerberos authentication is used, authorization to the account is con-
- trolled through rules in krb5_auth_rules. If this authorization fails,
- fallback to normal rlogin using rhosts occurs only if the -PO option is
- used explicitly on the command line or is specified in krb5.conf. Also
- notice that the -PN or -PO, -x, -f or -F, and -k realm options are
- just supersets of the -A option.
+ nal to the remote machine named hostname.
+
+
+ Hostnames are provided by the hosts(5) name service. Each host has one
+ official name (the first name in the database entry), and optionally
+ one or more nicknames. Either official hostnames or nicknames can be
+ specified in hostname.
+
+
+ If the name of the file from which rlogin is executed is anything other
+ than rlogin, rlogin takes this name as its hostname argument. This
+ allows you to create a symbolic link to rlogin in the name of a host
+ which, when executed, invokes a remote shell on that host. By creating
+ a directory and populating it with symbolic links in the names of com-
+ monly used hosts, then including the directory in your shell's search
+ path, you can run rlogin by typing hostname to your shell.
The remote terminal type is the same as your local terminal type, as
@@ -54,7 +60,7 @@
bit data.
- -a Forces the remote machine to ask for a password by send-
+ -a, -K Forces the remote machine to ask for a password by send-
ing a null local username.
@@ -101,68 +107,37 @@
USAGE
- For the kerberized rlogin session, each user can have a private autho-
- rization list in a file, .k5login, in their home directory. Each line
- in this file should contain a Kerberos principal name of the form prin-
- cipal/instance@realm. If there is a ~/.k5login file, access is granted
- to the account if and only if the originating user is authenticated to
- one of the principals named in the ~/.k5login file. Otherwise, the
- originating user is granted access to the account if and only if the
- authenticated principal name of the user can be mapped to the local
- account name using the authenticated-principal-name -> local-user-name
- mapping rules. The .k5login file (for access control) comes into play
- only when Kerberos authentication is being done.
-
-
- For the non-secure rlogin session, each remote machine can have a file
- named /etc/hosts.equiv containing a list of trusted host names with
- which it shares user names. Users with the same user name on both the
- local and remote machine can rlogin from the machines listed in the
- remote machine's /etc/hosts.equiv file without supplying a password.
- Individual users can set up a similar private equivalence list with the
- file .rhosts in their home directories. Each line in this file contains
- two names, that is, a host name and a user name, separated by a space.
- An entry in a remote user's .rhosts file permits the user named user-
- name who is logged into hostname to log in to the remote machine as the
- remote user without supplying a password. If the name of the local host
- is not found in the /etc/hosts.equiv file on the remote machine, and
- the local user name and host name are not found in the remote user's
- .rhosts file, then the remote machine prompts for a password. Host
- names listed in the /etc/hosts.equiv and .rhosts files must be the
- official host names listed in the hosts database. Nicknames can not be
- used in either of these files.
+ Each remote machine can have a file named /etc/hosts.equiv containing a
+ list of trusted host names with which it shares user names. Users with
+ the same user name on both the local and remote machine can rlogin from
+ the machines listed in the remote machine's /etc/hosts.equiv file with-
+ out supplying a password. Individual users can set up a similar private
+ equivalence list with the file .rhosts in their home directories. Each
+ line in this file contains two names, that is, a host name and a user
+ name, separated by a space. An entry in a remote user's .rhosts file
+ permits the user named username who is logged into hostname to log in
+ to the remote machine as the remote user without supplying a password.
+ If the name of the local host is not found in the /etc/hosts.equiv file
+ on the remote machine, and the local user name and host name are not
+ found in the remote user's .rhosts file, then the remote machine
+ prompts for a password. Host names listed in the /etc/hosts.equiv and
+ .rhosts files must be the official host names listed in the hosts data-
+ base. Nicknames can not be used in either of these files.
For security reasons, the .rhosts file must be owned by either the
remote user or by root.
FILES
- /etc/passwd Contains information about users' accounts.
-
-
- /usr/hosts/* For hostname version of the command.
-
-
- /etc/hosts.equiv List of trusted hostnames with shared user
- names.
+ /etc/hosts.equiv List of trusted hostnames with shared user names.
- /etc/nologin Message displayed to users attempting to login
- during machine shutdown.
+ /etc/nologin Message displayed to users attempting to login dur-
+ ing system maintenance.
- $HOME/.rhosts Private list of trusted hostname/username combi-
- nations.
-
-
- $HOME/.k5login File containing Kerberos principals that are
- allowed access.
-
-
- /etc/krb5/krb5.conf Kerberos configuration file.
-
-
- /etc/hosts Hosts database.
+ $HOME/.rhosts Private list of trusted hostname/username combina-
+ tions.
ATTRIBUTES
@@ -178,7 +153,7 @@
+-----------------------------+--------------------------------+
SEE ALSO
- rsh(1), stty(1), tty(1), hosts(5), hosts.equiv(5), nologin(5),
+ rsh(1), ssh(1), stty(1), tty(1), hosts(5), hosts.equiv(5), nologin(5),
attributes(7), in.rlogind(8)
DIAGNOSTICS
@@ -194,16 +169,27 @@
mise the security of the entire system.
- The Network Information Service (NIS) was formerly known as Sun Yellow
- Pages (YP.) The functionality of the two remains the same. Only the
- name has changed.
-
-
This implementation can only use the TCP network service.
This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ Support for Kerberos, including the options -a, -f, -F, -k, -K, -x, and
+ -X, was added in Solaris 10 3/05 and removed in Oracle Solaris 11.4.0.
+ Prior to Solaris 10, a kerberized version was available in the Sun
+ Enterprise Authentication Mechanism (SEAM) add-on package for Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
+
+ Support for the -E option was added in Solaris 2.0.
+
+
+ The rlogin command, including support for the options -8, -e, -l, and
+ -L, has been present since the initial release of Solaris.
+
-Oracle Solaris 11.4 15 Apr 2019 rlogin(1)
+Oracle Solaris 11.4 12 May 2022 rlogin(1)
diff -NurbBw 11.4.45/man1/rsh.1 11.4.48/man1/rsh.1
--- 11.4.45/man1/rsh.1 2022-08-16 11:04:43.165004612 -0700
+++ 11.4.48/man1/rsh.1 2022-08-16 11:05:28.164101590 -0700
@@ -6,26 +6,35 @@
rsh, remsh, remote_shell - remote shell
SYNOPSIS
- rsh [-n] [-a] [-K] [-PN | -PO] [-x] [-f | -F] [-l username]
- [-k realm] hostname command
+ rsh [-n] [-l username] hostname command
- rsh hostname [-n] [-a] [-K] [-PN | -PO] [-x] [-f | -F]
- [-l username] [-k realm] command
+ rsh hostname [-n] [-l username] command
- remsh [-n] [-a] [-K] [-PN | -PO] [-x] [-f | -F] [-l username]
- [-k realm] hostname command
+ remsh [-n] [-l username] hostname command
- remsh hostname [-n] [-a] [-K] [-PN | -PO] [-x] [-f | -F]
- [-l username] [-k realm] command
+ remsh hostname [-n] [-l username] command
- hostname [-n] [-a] [-PN | -PO] [-x] [-f | -F]
- [-l username] [-k realm] command
+ hostname [-n] [-l username] command
DESCRIPTION
+ Caution -
+
+
+
+
+ All data exchanges over this protocol are performed without encryp-
+ tion, and have no protection against spoofing or snooping of traffic.
+ The in.rshd server is disabled by default on Oracle Solaris and most
+ other modern operating systems, and both the in.rshd server and the
+ rsh command may be removed in future versions of Oracle Solaris. Use
+ of the ssh(1) utility is strongly recommended instead.
+
+
+
The rsh utility connects to the specified hostname and executes the
specified command. rsh copies its standard input to the remote command,
the standard output of the remote command to its standard output, and
@@ -34,21 +43,6 @@
rsh normally terminates when the remote command does.
- The user can opt for a secure session of rsh which uses Kerberos V5 for
- authentication. Encryption of the network session traffic is also pos-
- sible. The rsh session can be kerberized using any of the following
- Kerberos specific options: -a, -PN or -PO, -x, -f or -F, and -k realm.
- Some of these options (-a, -x, -PN or -PO, and -f or -F) can also be
- specified in the [appdefaults] section of krb5.conf. The usage of these
- options and the expected behavior is discussed in the OPTIONS section
- below. If Kerberos authentication is used, authorization to the account
- is controlled by rules in krb5_auth_rules. If this authorization fails,
- fallback to normal rsh using rhosts occurs only if the -PO option is
- used explicitly on the command line or is specified in krb5.conf. Also,
- the -PN or -PO, -x, -f or -F, and -k realm options are just supersets
- of the -a option.
-
-
If you omit command, instead of executing a single command, rsh logs
you in on the remote host using rlogin(1).
@@ -62,13 +56,9 @@
If there is no locale setting in the initialization file of the login
- shell (.cshrc, . . .) for a particular user, rsh always executes the
- command in the "C" locale instead of using the default locale of the
- remote machine.
-
-
- The command is sent unencrypted to the remote system. All subsequent
- network session traffic is encrypted. See -x.
+ shell (.profile, .cshrc, etc.) for a particular user, rsh always exe-
+ cutes the command in the "C" locale instead of using the default locale
+ of the remote machine.
OPTIONS
The following options are supported:
@@ -88,8 +78,8 @@
- The type of remote shell (sh, rsh, or other) is determined by the
- user's entry in the file /etc/passwd on the remote system.
+ The type of remote shell (sh, csh, or other) is determined by the
+ user's entry in the passwd(5) database on the remote system.
OPERANDS
The following operand is supported:
@@ -98,15 +88,13 @@
USAGE
- The rsh and remsh commands are IPv6-enabled. See ip6(4P). IPv6 is not
- currently supported with Kerberos V5 authentication.
+ The rsh and remsh commands are IPv6-enabled. See ip6(4P).
- Hostnames are given in the hosts database, which can be contained in
- the /etc/hosts file, the Internet domain name database, or both. Each
- host has one official name (the first name in the database entry) and
- optionally one or more nicknames. Official hostnames or nicknames can
- be given as hostname.
+ Hostnames are provided by the hosts(5) name service. Each host has one
+ official name (the first name in the database entry), and optionally
+ one or more nicknames. Either official hostnames or nicknames can be
+ specified in hostname.
If the name of the file from which rsh is executed is anything other
@@ -124,19 +112,6 @@
behaves as if remsh is a host name.
- For the kerberized rsh session, each user can have a private authoriza-
- tion list in a file .k5login in their home directory. Each line in this
- file should contain a Kerberos principal name of the form princi-
- pal/instance@realm. If there is a ~/.k5login file, then access is
- granted to the account if and only if the originating user is authenti-
- cated to one of the principals named in the ~/.k5login file. Otherwise,
- the originating user is granted access to the account if and only if
- the authenticated principal name of the user can be mapped to the local
- account name using the authenticated-principal-name -> local-user-name
- mapping rules. The .k5login file (for access control) comes into play
- only when Kerberos authentication is being done.
-
-
For the non-secure rsh session, each remote machine can have a file
named /etc/hosts.equiv containing a list of trusted hostnames with
which it shares usernames. Users with the same username on both the
@@ -195,22 +169,9 @@
FILES
- /etc/hosts Internet host table
-
-
/etc/hosts.equiv Trusted remote hosts and users
- /etc/passwd System password file
-
-
- $HOME/.k5login File containing Kerberos principals that are
- allowed access
-
-
- /etc/krb5/krb5.conf Kerberos configuration file
-
-
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -222,9 +183,11 @@
+-----------------------------+--------------------------------+
|CSI |Enabled |
+-----------------------------+--------------------------------+
+ |Interface Stability |Obsolete |
+ +-----------------------------+--------------------------------+
SEE ALSO
- rlogin(1), ssh(1), telnet(1), vi(1), ip6(4P), hosts(5), hosts.equiv(5),
+ rlogin(1), ssh(1), telnet(1), ip6(4P), hosts(5), hosts.equiv(5),
attributes(7), in.rshd(8)
NOTES
@@ -233,8 +196,8 @@
mise the security of the entire system.
- You cannot run an interactive command (such as vi(1)). Use rlogin if
- you wish to do this.
+ You cannot run an interactive command, such as vi(1). Use ssh to start
+ a remote login session if you wish to do this.
Stop signals stop the local rsh process only. This is arguably wrong,
@@ -270,9 +233,20 @@
like this, rsh would incorrectly read from /dev/null instead of from
the pipe.
+HISTORY
+ Support for Kerberos, including the options -a, -f, -F, -k, -K, -PN,
+ -PO, and -x, was added in Solaris 10 3/05 and removed in Oracle Solaris
+ 11.4.0. Prior to Solaris 10, a kerberized version was available in the
+ Sun Enterprise Authentication Mechanism (SEAM) add-on package for
+ Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
- For most purposes, ssh(1) is preferred over rsh.
+ The rsh command, including support for the options -l and -n, has been
+ present since the initial release of Solaris.
-Oracle Solaris 11.4 23 Jul 2020 rsh(1)
+Oracle Solaris 11.4 12 May 2022 rsh(1)
diff -NurbBw 11.4.45/man1/rup.1 11.4.48/man1/rup.1
--- 11.4.45/man1/rup.1 2022-08-16 11:04:43.192536440 -0700
+++ 11.4.48/man1/rup.1 2022-08-16 11:05:28.194397400 -0700
@@ -6,14 +6,16 @@
rup - show host status of remote machines (RPC version)
SYNOPSIS
- rup [-hlt]
+ rup [-hlt] [host]...
+DESCRIPTION
+ rup gives a status similar to uptime(1) for remote machines. If no host
+ arguments are specified, it broadcasts on the local network, and dis-
+ plays the responses it receives.
- rup [host]...
-DESCRIPTION
- rup gives a status similar to uptime for remote machines. It broadcasts
- on the local network, and displays the responses it receives.
+ When host arguments are given, rather than broadcasting rup will only
+ query the list of specified hosts.
Normally, the listing is in the order that responses are received, but
@@ -21,16 +23,16 @@
below.
- When host arguments are given, rather than broadcasting rup will only
- query the list of specified hosts.
-
-
- A remote host will only respond if it is running the rstatd daemon,
- which is normally started up from inetd(8).
+ A remote host will only respond if it is running the rpc.rstatd(8) dae-
+ mon, which is normally started up from inetd(8) under the service iden-
+ tifier svc:/network/rpc/rstat:default. This service is disabled by
+ default on Solaris 10 systems with a secure by default configuration
+ and on all Solaris 11 systems, and must be enabled by an administrator
+ in order for a host to respond to rup queries.
- In the absence of a name service, such as LDAP or NIS, rup displays
- host names as numeric IP addresses.
+ If no name can be found for a host via the hosts(5) name service, rup
+ displays a numeric IP address for the host.
OPTIONS
-h Sort the display alphabetically by host name.
@@ -51,23 +53,19 @@
+-----------------------------+--------------------------------+
|Availability |network/legacy-remote-utilities |
+-----------------------------+--------------------------------+
+ |Interface Stability |Committed |
+ +-----------------------------+--------------------------------+
SEE ALSO
- ruptime(1), attributes(7), inetd(8)
-
-
- Automatically Installing Oracle Solaris 11.4 Systems
+ ruptime(1), attributes(7), inetd(8), rpc.rstatd(8)
NOTES
- For most purposes, ssh is preferred over this utility. For more infor-
- mation, see the ssh(1) man page.
-
-
- This technology may be removed in a future release of Oracle Solaris.
-
-BUGS
Broadcasting does not work through gateways.
+HISTORY
+ The rup command, including support for the options -h, -l, and -t, has
+ been present since the initial release of Solaris.
+
-Oracle Solaris 11.4 03 Feb 2017 rup(1)
+Oracle Solaris 11.4 12 May 2022 rup(1)
diff -NurbBw 11.4.45/man1/ruptime.1 11.4.48/man1/ruptime.1
--- 11.4.45/man1/ruptime.1 2022-08-16 11:04:43.222678750 -0700
+++ 11.4.48/man1/ruptime.1 2022-08-16 11:05:28.226112559 -0700
@@ -9,9 +9,10 @@
ruptime [-ar] [-l | -t | -u]
DESCRIPTION
- The ruptime utility gives a status line like uptime (see uptime(1)) for
- each machine on the local network; these are formed from packets broad-
- cast by each host on the network approximately every three minutes.
+ The ruptime utility gives a status line like uptime(1) for each machine
+ on the local network which is actively running the in.rwhod(8) service;
+ these are formed from packets broadcast by such hosts approximately
+ every three minutes.
Machines for which no status report has been received for 11 minutes
@@ -57,13 +58,27 @@
+-----------------------------+--------------------------------+
|Availability |network/legacy-remote-utilities |
+-----------------------------+--------------------------------+
+ |Interface Stability |Obsolete |
+ +-----------------------------+--------------------------------+
SEE ALSO
- rwho(1), uptime(1), attributes(7), in.rwhod(8)
+ rup(1), rwho(1), uptime(1), attributes(7), in.rwhod(8)
NOTES
This technology may be removed in a future release of Oracle Solaris.
+ For the ruptime command to be able to display data, the system it is
+ run on must also be running the in.rwhod(8) service to receive the
+ broadcast packets and store the data into the files in /var/spool/rwho/
+ that the ruptime command reads. This service is not run by default on
+ Oracle Solaris systems, but needs to be manually enabled by an admin-
+ strator.
+
+HISTORY
+ The ruptime command, including support for the options -a, -h, -l, -r,
+ and -t, has been present since the initial release of Solaris.
+
+
-Oracle Solaris 11.4 03 Feb 2017 ruptime(1)
+Oracle Solaris 11.4 12 May 2022 ruptime(1)
diff -NurbBw 11.4.45/man1/rusers.1 11.4.48/man1/rusers.1
--- 11.4.45/man1/rusers.1 2022-08-16 11:04:43.248980662 -0700
+++ 11.4.48/man1/rusers.1 2022-08-16 11:05:28.253605963 -0700
@@ -18,23 +18,25 @@
The default is to print out the names of the users logged in. When the
-l flag is given, additional information is printed for each user:
-
-
userid hostname:terminal login_date login_time idle_time login_host
- If hostname and login host are the same value, the login_host field is
+ If hostname and login_host are the same value, the login_host field is
not displayed. Likewise, if hostname is not idle, the idle_time is not
displayed.
- A remote host will only respond if it is running the rusersd daemon,
- which may be started up from inetd(8).
+ A remote host will only respond if it is running the rpc.rusersd(8)
+ daemon, which may be started up from inetd(8) under the service identi-
+ fier svc:/network/rpc/rusers:default. This service is disabled by
+ default on Solaris 10 systems with a secure by default configuration
+ and on all Solaris 11 systems, and must be enabled by an administrator
+ in order for a host to respond to rusers queries.
- In the absence of a name service, such as LDAP or NIS, rusers displays
- host names as numeric IP addresses.
+ If no name can be found for a host via the hosts(5) name service,
+ rusers displays a numeric IP address for the host.
OPTIONS
-a Give a report for a machine even if no users are logged on.
@@ -61,13 +63,16 @@
+-----------------------------+--------------------------------+
|Availability |network/legacy-remote-utilities |
+-----------------------------+--------------------------------+
+ |Interface Stability |Committed |
+ +-----------------------------+--------------------------------+
SEE ALSO
- who(1), attributes(7), inetd(8)
+ who(1), attributes(7), inetd(8), rpc.rusersd(8)
-NOTES
- This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ The rusers command, including support for the options -a, -h, and -i,
+ -l, and -u, has been present since the initial release of Solaris.
-Oracle Solaris 11.4 03 Feb 2017 rusers(1)
+Oracle Solaris 11.4 12 May 2022 rusers(1)
diff -NurbBw 11.4.45/man1/rwho.1 11.4.48/man1/rwho.1
--- 11.4.45/man1/rwho.1 2022-08-16 11:04:43.275750113 -0700
+++ 11.4.48/man1/rwho.1 2022-08-16 11:05:28.286758927 -0700
@@ -9,10 +9,11 @@
rwho [-a]
DESCRIPTION
- The rwho command produces output similar to who(1), but for all
- machines on your network. If no report has been received from a machine
- for 5 minutes, rwho assumes the machine is down, and does not report
- users last known to be logged into that machine.
+ The rwho command produces output similar to who(1), for each machine on
+ the local network which is actively running the in.rwhod(8) service. If
+ no report has been received from a machine for 5 minutes, rwho assumes
+ the machine is down, and does not report users last known to be logged
+ into that machine.
If a user has not typed to the system for a minute or more, rwho
@@ -42,7 +43,7 @@
+-----------------------------+--------------------------------+
SEE ALSO
- finger(1), ruptime(1), who(1), attributes(7), in.rwhod(8)
+ finger(1), ruptime(1), rusers(1), who(1), attributes(7), in.rwhod(8)
NOTES
rwho does not work through gateways.
@@ -63,6 +64,10 @@
This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ The rwho command, including support for the -a option, has been present
+ since the initial release of Solaris.
-Oracle Solaris 11.4 27 Nov 2017 rwho(1)
+
+Oracle Solaris 11.4 12 May 2022 rwho(1)
diff -NurbBw 11.4.45/man1/svcs.1 11.4.48/man1/svcs.1
--- 11.4.45/man1/svcs.1 2022-08-16 11:04:43.311852186 -0700
+++ 11.4.48/man1/svcs.1 2022-08-16 11:05:28.336950008 -0700
@@ -259,6 +259,12 @@
+ -i
+
+ Displays date/time in the legacy non-parsable format instead of ISO
+ 8601:22019.
+
+
OPERANDS
The following operands are supported:
@@ -308,16 +314,17 @@
The following is a typical example of a glob pattern:
- qexample% svcs \*keyserv\*
+ qexample% svcs \*ssh\*
STATE STIME FMRI
- disabled Aug_02 svc:/network/rpc/keyserv:default
+ online 2022-03-14T10:25:22 svc:/network/ssh:default
+
Note that changing the pattern to remove the leading glob results
in different behavior:
- qexample% svcs keyserv\*
- svcs: Pattern 'svc:/keyserv:*' doesn't match any instances
+ qexample% svcs ssh\*
+ svcs: Pattern 'svc:/ssh:*' doesn't match any instances
STATE STIME FMRI
@@ -436,10 +443,10 @@
STIME
- If the service instance entered the current state within the last
- 24 hours, this column indicates the time that it did so. Otherwise,
- this column indicates the date on which it did so, printed with
- underscores (_) in place of blanks.
+ The date and time (in ISO 8601-1:2019 format) the service entered
+ the state. The legacy, non-parsable, format is displayed when the
+ -i option is provided or when SMF_SVCS_DATA_FMT=legacy is set in
+ the environment.
ASTATE
@@ -451,18 +458,24 @@
LRUN
- The last time a periodic service instance has run. Service
- instances that are not periodic, and have no last execution, will
- display a '-' character in this column.
+ The last time (in ISO 8601-1:2019 format) a periodic service
+ instance has run. Service instances that are not periodic, and have
+ no last execution, will display a '-' character in this column. The
+ legacy, non-parsable, format is displayed when the -i option is
+ provided or when SMF_SVCS_DATA_FMT=legacy is set in the environ-
+ ment.
See svc.periodicd(8) for an explanation of periodic services.
NRUN
- The next time a periodic service instance is scheduled to run. Ser-
- vice instances that are not periodic do not have a next scheduled
- run and will display a '-' character in this column.
+ The next time (in ISO 8601-1:2019 format) a periodic service
+ instance is scheduled to run. Service instances that are not peri-
+ odic do not have a next scheduled run and will display a '-' char-
+ acter in this column. The legacy, non-parsable, format is displayed
+ when the -i option is provided or when SMF_SVCS_DATA_FMT=legacy is
+ set in the environment.
See svc.periodicd(8) for an explanation of periodic services.
@@ -477,14 +490,12 @@
example% svcs
STATE STIME FMRI
- ...
- legacy_run 13:25:04 lrc:/etc/rc3_d/S42myscript
- ...
- online 13:21:50 svc:/system/svc/restarter:default
- ...
- online 13:25:03 svc:/milestone/multi-user:default
- ...
- online 13:25:07 svc:/milestone/multi-user-server:default
+ legacy_run 2022-03-14T10:25:31 lrc:/etc/rc2_d/S89PRESERVE
+ disabled 2022-03-14T10:25:20 svc:/system/devices/ovn-virtual-io:default
+ disabled 2022-03-31T11:48:16 svc:/system/name-service/cache:default
+ online 2022-03-14T10:25:10 svc:/system/early-manifest-import:default
+ online 2022-03-14T10:25:10 svc:/system/svc/restarter:default
+ online 2022-03-14T10:25:11 svc:/milestone/immutable-setup:default
...
@@ -510,9 +521,10 @@
This example lists verbose information.
- example% svcs -v network/rpc/rstat:udp
+ example% svcs -v network/rpc/bind
STATE NSTATE STIME CTID FMRI
- online - Aug_09 - svc:/network/rpc/rstat:udp
+ online - 2022-03-14T10:25:25 128 svc:/network/rpc/bind:default
+
@@ -521,19 +533,37 @@
This example lists detailed information about all instances of sys-
- tem/service3 . Additional fields can be displayed, as appropriate to
- the managing restarter.
+ tem/rad. Additional fields can be displayed, as appropriate to the man-
+ aging restarter.
- example% svcs -l network/rpc/rstat:udp
+ example% svcs -l system/rad
+ fmri svc:/system/rad:local
+ name Remote Administration Daemon
+ enabled true
+ state online
+ next_state none
+ state_time 2022-03-18T11:59:06
+ logfile /var/svc/log/system-rad:local.log
+ restarter svc:/system/svc/restarter:default
+ contract_id 2006
+ manifest /lib/svc/manifest/system/rad.xml
+ dependency require_all/none svc:/system/filesystem/minimal:default (online)
- fmri svc:/network/rpc/rstat:udp
+ fmri svc:/system/rad:remote
+ name Remote Administration Daemon
enabled true
state online
next_state none
- restarter svc:/network/inetd:default
- contract_id
- dependency require_all/error svc:/network/rpc/bind (online)
+ state_time 2022-04-13T12:31:57
+ logfile /var/svc/log/system-rad:remote.log
+ restarter svc:/system/svc/restarter:default
+ contract_id 12333
+ manifest /lib/svc/manifest/system/rad.xml
+ dependency require_all/refresh svc:/system/identity:cert (online)
+ dependency require_all/none svc:/milestone/multi-user (online)
+ dependency require_all/none svc:/system/filesystem/minimal:default (online)
+
@@ -542,9 +572,9 @@
example% svcs -p sendmail
STATE STIME FMRI
- online 13:25:13 svc:/network/smtp:sendmail
- 13:25:15 100939 sendmail
- 13:25:15 100940 sendmail
+ online 2022-03-14T10:25:26 svc:/network/smtp:sendmail
+ 2022-03-14T10:25:46 1489 sendmail
+
@@ -552,30 +582,48 @@
- (a) In this example, svcs -x has identified that the print/server ser-
- vice being disabled is the root cause of two services which are enabled
- but not online. svcs -xv shows that those services are print/rfc1179
- and print/ipp-listener. This situation can be rectified by either
- enabling print/server or disabling rfc1179 and ipp-listener.
+ (a) In this example, svcs -x has identified that the identity:cert
+ service being in maintenance is the root cause of two services which
+ are enabled but not online. svcs -xv shows that those services are
+ system/rad:remote and system/webui. This situation can be rectified by
+ either clearing identity:cert or disabling system/rad:remote and sys-
+ tem/webui.
- example% svcs -x
- svc:/application/print/server:default (LP print server)
- State: disabled since Mon Feb 13 17:56:21 2006
- Reason: Disabled by an administrator.
- See: http://support.oracle.com/msg/SMF-8000-05
- See: lpsched(8)
+ example%
+ svc:/system/identity:cert (System identity (X.509 certificate))
+ State: maintenance since 2022-04-13T12:18:35
+ Reason: Maintenance requested by an administrator.
+ See: http://support.oracle.com/msg/SMF-8000-63
+ See: identity(7)
+ See: /var/svc/log/system-identity:cert.log
Impact: 2 dependent services are not running. (Use -v for list.)
+ example%
+ svc:/system/identity:cert (System identity (X.509 certificate))
+ State: maintenance since 2022-04-13T12:18:35
+ Reason: Maintenance requested by an administrator.
+ See: http://support.oracle.com/msg/SMF-8000-63
+ See: man -M /usr/share/man -s 7 identity
+ See: /var/svc/log/system-identity:cert.log
+ Impact: 2 dependent services are not running:
+ svc:/system/rad:remote
+ svc:/system/webui/server:default
+
+
+
+
+
(b) In this example, NFS is not working:
example$ svcs nfs/client
STATE STIME FMRI
- offline 16:03:23 svc:/network/nfs/client:default
+ offline 2022-03-14T10:25:12 svc:/network/nfs/client:default
+
@@ -587,7 +635,7 @@
example$ svcs -xv nfs/client
svc:/network/nfs/client:default (NFS client)
- State: offline since Mon Feb 27 16:03:23 2006
+ State: offline since 2022-03-14T10:25:12
Reason: Service svc:/network/nfs/status:default
is not running because a method failed repeatedly.
See: http://support.oracle.com/msg/SMF-8000-GE
@@ -600,6 +648,18 @@
+ENVIRONMENT VARIABLES
+ SMF_SVCS_DATE_FMT
+
+ When set to legacy the legacy, non-parsable, date/time format is
+ used instead of ISO 8601-1:2019. For the legacy format if the
+ date/time is with the last 24 hours only the time is displayed,
+ otherwise the month and day with underscores (_) in place of blanks
+ is displayed. The value of iso8601 can be set to explicitly request
+ ISO 8601-1:2019 format, though this is the default if the variable
+ is not set.
+
+
EXIT STATUS
The following exit values are returned:
@@ -637,6 +697,13 @@
ps(1), svcprop(1), stat(2), libscf(3LIB), attributes(7), fnmatch(7),
smf(7), svc.periodicd(8), svc.startd(8), svcadm(8), svccfg(8)
+HISTORY
+ Support for the -i option and variable SMF_SVCS_DATE_FMT, was added in
+ the Oracle Solaris 11.4.48 release.
+
+
+ The svcs command was added in Solaris 10.
+
-Oracle Solaris 11.4 28 Oct 2021 svcs(1)
+Oracle Solaris 11.4 12 April 2022 svcs(1)
diff -NurbBw 11.4.45/man1/telnet.1 11.4.48/man1/telnet.1
--- 11.4.45/man1/telnet.1 2022-08-16 11:04:43.369573899 -0700
+++ 11.4.48/man1/telnet.1 2022-08-16 11:05:28.374157026 -0700
@@ -6,11 +6,26 @@
telnet - user interface to a remote system using the TELNET protocol
SYNOPSIS
- telnet [-8EFKLacdfrx] [-X atype] [-e escape_char]
- [-k realm] [-l user] [-n file]
+ telnet [-8ELcdr] [-e escape_char] [-l user] [-n file]
[ [ [!] @hop1 [@hop2...] @] host [port]]
DESCRIPTION
+ Caution -
+
+
+
+
+ All data exchanges over this protocol are performed without encryp-
+ tion, and have no protection against spoofing or snooping of traffic.
+ The in.telnetd server is disabled by default on Oracle Solaris and
+ most other modern operating systems, and both the in.telnetd server
+ and the telnet command may be removed in future versions of Oracle
+ Solaris. For remote logins, ssh(1) is strongly recommended over tel-
+ net. For raw connections to network ports, nc(1) is recommended over
+ telnet.
+
+
+
The telnet utility communicates with another host using the TELNET pro-
tocol. If telnet is invoked without arguments, it enters command mode,
indicated by its prompt, telnet>. In this mode, it accepts and executes
@@ -77,15 +92,6 @@
is attempted for both input and output.
- -a
-
- Attempts automatic login. This sends the user name by means of the
- USER variable of the ENVIRON option, if supported by the remote
- system. The name used is that of the current user as returned by
- getlogin(3C) if it agrees with the current user ID. Otherwise, it
- is the name associated with the user ID.
-
-
-c
Disables the reading of the user's telnetrc file. (See the toggle
@@ -146,11 +152,6 @@
change in the future.
- -X atype
-
- Disables the atype type of authentication.
-
-
USAGE
telnet Commands
The commands described in this section are available with telnet. It is
@@ -205,72 +206,6 @@
close a session and exit.
- encrypt
-
- The encrypt command manipulates the information sent through the
- TELNET ENCRYPT option.
-
- Valid arguments for the encrypt command are as follows:
-
- disable type [input|output]
-
- Disables the specified type of encryption. If you omit the
- input and output, both input and output are disabled. To obtain
- a list of available types, use the encrypt disable ? command.
-
-
- enable type [input|output]
-
- Enables the specified type of encryption. If you omit input and
- output, both input and output are enabled. To obtain a list of
- available types, use the encrypt enable ? command.
-
-
- input
-
- This is the same as the encrypt start input command.
-
-
- -input
-
- This is the same as the encrypt stop input command.
-
-
- output
-
- This is the same as the encrypt start output command.
-
-
- -output
-
- This is the same as the encrypt stop output command.
-
-
- start [input|output]
-
- Attempts to start encryption. If you omit input and output,
- both input and output are enabled. To obtain a list of avail-
- able types, use the encrypt enable ? command.
-
-
- status
-
- Lists the current status of encryption.
-
-
- stop [input|output]
-
- Stops encryption. If you omit input and output, encryption is
- on both input and output.
-
-
- type type
-
- Sets the default type of encryption to be used with later
- encrypt start or encrypt stop commands.
-
-
-
quit
Same as close.
@@ -686,24 +621,6 @@
tication code.
- autodecrypt When the TELNET ENCRYPT option is negotiated,
- by default the actual encryption (decryption)
- of the data stream does not start automati-
- cally. The autoencrypt (autodecrypt) command
- states that encryption of the output (input)
- stream should be enabled as soon as possible.
-
-
- autologin If the remote side supports the TELNET AUTHEN-
- TICATION option, telnet attempts to use it to
- perform automatic authentication. If the
- AUTHENTICATION option is not supported, the
- user's login name is propagated through the
- TELNET ENVIRON option. This command is the
- same as specifying the -a option on the open
- command.
-
-
autoflush If autoflush and localchars are both TRUE, then
when the ao, intr, or quit characters are rec-
ognized (and transformed into TELNET sequences;
@@ -764,10 +681,6 @@
value for this toggle is FALSE.
- encdebug Turns on debugging information for the encryp-
- tion code.
-
-
localchars If this toggle is TRUE, then the flush, inter-
rupt, quit, erase, and kill characters (see
set) are recognized locally, and transformed
@@ -814,12 +727,6 @@
toggle is FALSE.
- verbose_encrypt When the verbose_encrypt flag is TRUE, TELNET
- prints out a message each time encryption is
- enabled or disabled. The initial value for this
- toggle is FALSE.
-
-
? Display the legal toggle commands.
@@ -895,10 +802,12 @@
+-----------------------------+-----------------------------+
|Availability |network/telnet |
+-----------------------------+-----------------------------+
+ |Interface Stability |Committed |
+ +-----------------------------+-----------------------------+
SEE ALSO
- rlogin(1), sh(1), stty(1), getlogin(3C), inet(4P), inet6(4P), hosts(5),
- nologin(5), telnetrc(5), attributes(7)
+ nc(1), rlogin(1), sh(1), ssh(1), stty(1), getlogin(3C), inet(4P),
+ inet6(4P), hosts(5), nologin(5), telnetrc(5), attributes(7)
DIAGNOSTICS
NO LOGINS: System going down in N minutes
@@ -916,13 +825,29 @@
is only recognized (and sent to the remote system) when it is the first
character on a line.
+HISTORY
+ Support for Kerberos, including the options -f, -F, -k, -K, -PN, -PO,
+ and -x, was added in Solaris 10 3/05 and removed in Oracle Solaris
+ 11.4.0. Prior to Solaris 10, a kerberized version was available in the
+ Sun Enterprise Authentication Mechanism (SEAM) add-on package for
+ Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
+
+ Enhancements from 4.4BSD were added in Solaris 2.5, including support
+ for the -8, -c, -d, -E, -e, -L, -l, and -r command line options; the
+ STATUS, LOGOUT, EOR, NAWS, TSPEED, LFLOW, XDISPLOC, OLD_ENVIRON,
+ NEW_ENVIRON, and LINEMODE protocol options; and the .telnetrc file.
+
+
+ Support for the -n option was added in Solaris 2.0.
+
- The telnet protocol only uses single DES for session protection--
- clients request service tickets with single DES session keys. The KDC
- must know that host service principals that offer the telnet service
- support single DES, which, in practice, means that such principals must
- have single DES keys in the KDC database.
+ The telnet command has been present since the initial release of
+ Solaris.
-Oracle Solaris 11.4 3 Nov 2021 telnet(1)
+Oracle Solaris 11.4 12 May 2022 telnet(1)
diff -NurbBw 11.4.45/man1c/rup.1c 11.4.48/man1c/rup.1c
--- 11.4.45/man1c/rup.1c 2022-08-16 11:04:43.400388461 -0700
+++ 11.4.48/man1c/rup.1c 1969-12-31 16:00:00.000000000 -0800
@@ -1,59 +0,0 @@
-rup(1C) Communication Commands rup(1C)
-
-
-
-NAME
- rup - show host status of remote machines (RPC version)
-
-SYNOPSIS
- rup [-hlt]
-
-
- rup [host]...
-
-DESCRIPTION
- rup gives a status similar to uptime for remote machines. It broadcasts
- on the local network, and displays the responses it receives.
-
-
- Normally, the listing is in the order that responses are received, but
- this order can be changed by specifying one of the options listed
- below.
-
-
- When host arguments are given, rather than broadcasting rup only
- queries the list of specified hosts.
-
-
- A remote host will only respond if it is running the rstatd daemon,
- which is normally started up from inetd(8).
-
-OPTIONS
- -h Sort the display alphabetically by host name.
-
-
- -l Sort the display by load average.
-
-
- -t Sort the display by up time.
-
-
-ATTRIBUTES
- See attributes(7) for descriptions of the following attributes:
-
-
- +-----------------------------+--------------------------------+
- | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
- +-----------------------------+--------------------------------+
- |Availability |network/legacy-remote-utilities |
- +-----------------------------+--------------------------------+
-
-SEE ALSO
- ruptime(1), attributes(7), inetd(8)
-
-BUGS
- Broadcasting does not work through gateways.
-
-
-
-Oracle Solaris 11.4 12 Sep 2014 rup(1C)
diff -NurbBw 11.4.45/man2/chown.2 11.4.48/man2/chown.2
--- 11.4.45/man2/chown.2 2022-08-16 11:04:43.430325329 -0700
+++ 11.4.48/man2/chown.2 2022-08-16 11:05:28.404200969 -0700
@@ -195,15 +195,12 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |See below. |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See below. |
+-----------------------------+-----------------------------+
- The chown() and fchownat() functions are Async-Signal-Safe.
-
-
See standards(7) for descriptions of the following standards:
@@ -241,4 +238,4 @@
-Oracle Solaris 11.4 21 Mar 2022 chown(2)
+Oracle Solaris 11.4 2 Jun 2022 chown(2)
diff -NurbBw 11.4.45/man2/setregid.2 11.4.48/man2/setregid.2
--- 11.4.45/man2/setregid.2 2022-08-16 11:04:43.583994060 -0700
+++ 11.4.48/man2/setregid.2 2022-08-16 11:05:28.560049130 -0700
@@ -67,6 +67,8 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
+ |MT-Level |Async-Signal-Safe |
+ +-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -76,4 +78,4 @@
-Oracle Solaris 11.4 22 Mar 2004 setregid(2)
+Oracle Solaris 11.4 2 Jun 2022 setregid(2)
diff -NurbBw 11.4.45/man2/setreuid.2 11.4.48/man2/setreuid.2
--- 11.4.45/man2/setreuid.2 2022-08-16 11:04:43.615222518 -0700
+++ 11.4.48/man2/setreuid.2 2022-08-16 11:05:28.598147306 -0700
@@ -70,6 +70,8 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
+ |MT-Level |Async-Signal-Safe |
+ +-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -79,4 +81,4 @@
-Oracle Solaris 11.4 14 May 2018 setreuid(2)
+Oracle Solaris 11.4 2 Jun 2022 setreuid(2)
diff -NurbBw 11.4.45/man2/utimes.2 11.4.48/man2/utimes.2
--- 11.4.45/man2/utimes.2 2022-08-16 11:04:43.649242345 -0700
+++ 11.4.48/man2/utimes.2 2022-08-16 11:05:28.634409301 -0700
@@ -133,6 +133,8 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
+ |MT-Level |Async-Signal-Safe |
+ +-----------------------------+-----------------------------+
|Standard |See below. |
+-----------------------------+-----------------------------+
@@ -145,4 +147,4 @@
-Oracle Solaris 11.4 21 Mar 2022 utimes(2)
+Oracle Solaris 11.4 2 Jun 2022 utimes(2)
diff -NurbBw 11.4.45/man3c/bstring.3c 11.4.48/man3c/bstring.3c
--- 11.4.45/man3c/bstring.3c 2022-08-16 11:04:43.735867981 -0700
+++ 11.4.48/man3c/bstring.3c 2022-08-16 11:05:28.738164894 -0700
@@ -64,7 +64,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See below |
+-----------------------------+-----------------------------+
@@ -100,4 +100,4 @@
-Oracle Solaris 11.4 28 Feb 2022 bstring(3C)
+Oracle Solaris 11.4 2 Jun 2022 bstring(3C)
diff -NurbBw 11.4.45/man3c/byteorder.3c 11.4.48/man3c/byteorder.3c
--- 11.4.45/man3c/byteorder.3c 2022-08-16 11:04:43.765869585 -0700
+++ 11.4.48/man3c/byteorder.3c 2022-08-16 11:05:28.771748657 -0700
@@ -49,7 +49,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
SEE ALSO
@@ -66,4 +66,4 @@
-Oracle Solaris 11.4 2 Feb 2021 byteorder(3C)
+Oracle Solaris 11.4 2 Jun 2022 byteorder(3C)
diff -NurbBw 11.4.45/man3c/core_set_process_content.3c 11.4.48/man3c/core_set_process_content.3c
--- 11.4.45/man3c/core_set_process_content.3c 1969-12-31 16:00:00.000000000 -0800
+++ 11.4.48/man3c/core_set_process_content.3c 2022-08-16 11:05:28.908132105 -0700
@@ -0,0 +1,259 @@
+Standard C Library Functions
+ core_set_process_content(3C)
+
+
+
+NAME
+ core_get_process_content, core_set_process_content
+ core_get_process_path, core_set_process_path - fine granined per
+ process core file control
+
+SYNOPSIS
+ #include <corectl.h>
+
+ int core_set_process_content(const core_content_t *content, pid_t pid);
+
+
+ int core_get_process_content(core_content_t *content, pid_t pid);
+
+
+ int core_set_process_path(const char *buf, size_t bufsize, pid_t pid);
+
+
+ int core_get_process_path(char *buf, size_t bufsize, pid_t pid);
+
+DESCRIPTION
+ These functions provide fine grained control of process core dump con-
+ tents. coreadm(8) should be used to set global options for core dump
+ content.
+
+
+ The core_get_process_content() function gets the current state of the
+ contents of the segments that would be contained in a core dump of this
+ process.
+
+
+ The core_set_process_content() function sets the contents of the seg-
+ ments what will be contained in a core dump of this process.
+
+
+ The core_get_process_path() function gets the current path which points
+ to the location that a process's core file will be written.
+
+
+ The core_set_process_path() function sets the current path which points
+ to the location that a process's core file will be written.
+
+
+ core_content_t may be one of the following
+
+ CC_CONTENT_STACK Dump process stack.
+
+
+ CC_CONTENT_HEAP Dump process HEAP.
+
+
+ CC_CONTENT_SHFILE Dump file-backed shared mappings.
+
+
+ CC_CONTENT_SHANON Dump anonymous shared mappings.
+
+
+ CC_CONTENT_TEXT Dump read/exec file mappings.
+
+
+ CC_CONTENT_DATA Dump writable mappings.
+
+
+ CC_CONTENT_RODATA Dump read-only mappings.
+
+
+ CC_CONTENT_ANON Dump anonymous mappings (MAP_ANON).
+
+
+ CC_CONTENT_SHM Dump System V shared memory.
+
+
+ CC_CONTENT_ISM Dump intimate shared memory.
+
+
+ CC_CONTENT_DISM Dump dynamic intimate shared memory.
+
+
+ CC_CONTENT_CTF Dump CTF data.
+
+
+ CC_CONTENT_SYMTAB Dump symbol table.
+
+
+ CC_CONTENT_OSM Dump optimized shared memory.
+
+
+ CC_CONTENT_PRUNE Prune enabled (memcntl).
+
+
+ CC_CONTENT_ALL Dump all.
+
+
+ CC_CONTENT_NONE Dump none.
+
+
+RETURN VALUES
+ Upon successful completion, core_set_process_content(),
+ core_set_process_content(), core_set_process_content() and
+ core_set_process_content() return 0 if successful. Otherwise, the func-
+ tions return a non-zero errno to indicate the error.
+
+ERRORS
+ core_set_process_content(), core_set_process_content(),
+ core_set_process_content(), core_set_process_content() functions will
+ fail if:
+
+
+ EINVAL Invalid path
+
+
+ ENOSUP Privileged user tries to enable writing core file in a set-id
+ process, but set-id core files global property is not
+ enabled. See coreadm(8).
+
+
+ ESRCH No such process
+
+
+ EPERM Insufficent permissions to inspect process
+
+
+
+ core_set_process_content() function will fail if:
+
+ ENAMETOOLONG Filename exeeds system limits.
+
+
+EXAMPLES
+ Example 1 Example of core_get_process_content() and
+ core_set_process_content().
+
+
+
+ The following example code shows the use o core_get_process_content()
+ to obtain a processes core file status information and
+ core_set_process_content() to specify core file content.
+
+
+
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <stdlib.h>
+ #include <errno.h>
+ #include <sys/ipc.h>
+ #include <sys/shm.h>
+ #include <sys/sysmacros.h>
+ #include <sys/corectl.h>
+
+ struct _cc_content {
+ int cc_type;
+ char *cc_str;
+ };
+
+ static struct _cc_content cc_types[] = {
+ { CC_CONTENT_STACK, "STACK"},
+ { CC_CONTENT_HEAP, "HEAP"},
+ { CC_CONTENT_SHFILE, "SHFILE"},
+ { CC_CONTENT_SHANON, "SHANON"},
+ { CC_CONTENT_TEXT, "TEXT"},
+ { CC_CONTENT_DATA, "DATA"},
+ { CC_CONTENT_RODATA, "RODATA"},
+ { CC_CONTENT_ANON, "ANON"},
+ { CC_CONTENT_SHM, "SHM"},
+ { CC_CONTENT_ISM, "ISM"},
+ { CC_CONTENT_DISM, "DISM"},
+ { CC_CONTENT_CTF, "CTF"},
+ { CC_CONTENT_SYMTAB, "SYMTAB"},
+ { CC_CONTENT_OSM, "OSM"},
+ { CC_CONTENT_PRUNE, "PRUNE"},
+ };
+
+ static void
+ show_dump_segments (pid_t pid)
+ {
+ core_content_t content;
+
+ if (core_get_process_content (&content, pid))
+ perror ("core_get_process_content failed");
+
+ if (content == CC_CONTENT_DEFAULT)
+ printf("Core file content to dump is the default\n\t");
+ else
+ printf("Core file contents to dump modified from default\n\t");
+
+ for (int i=0; i < ARRAYi++LEN(cc_types);i++) {
+ if (content & cc_types[i].cc_type)
+ printf("%s ", cc_types[i].cc_str);
+ }
+ printf("\n\n");
+ }
+ int
+ main (int argc, char **argv)
+ {
+ int shmid;
+ void *shm;
+ core_content_t core_content_mask = CC_CONTENT_DEFAULT;
+ pid_t me = getpid();
+
+ if (core_set_process_content (&core_content_mask, me))
+ perror ("core_set_process_content failed");
+
+ show_dump_segments(me);
+
+ /* Mask off unwanted sections */
+ core_content_mask &= ~(CC_CONTENT_SHM |CC_CONTENT_ISM | CC_CONTENT_DISM | CC_CONTENT_OSM );
+
+ if (core_set_process_content (&core_content_mask, me))
+ perror ("core_set_process_content failed");
+
+ show_dump_segments(me);
+
+ /* allocate ISM */
+ if ((shmid = shmget (5678, 1024 * 1024 * 64, IPC_CREAT | 0666)) < 0) {
+ perror ("shmget");
+ exit (1);
+ }
+
+ /* Attach the segment to our data space. */
+ if ((shm = shmat (shmid, NULL, SHM_SHARE_MMU)) == (char *) -1) {
+ perror ("shmat");
+ exit (1);
+ }
+
+ printf ("Force a SEGV to produce a corefile\n");
+ ((char *) shm)[-1] = 0;
+ }
+
+
+
+
+ATTRIBUTES
+ See attributes(7) for descriptions of the following attributes:
+
+
+ +-----------------------------+-----------------------------+
+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+ +-----------------------------+-----------------------------+
+ |Interface Stability |Committed |
+ +-----------------------------+-----------------------------+
+ |MT-Level |MT-Safe |
+ +-----------------------------+-----------------------------+
+
+SEE ALSO
+ coreadm(8), memcntl(2), memcntl(1)
+
+NOTES
+ When applicable, the use of the coreadm utility in preference to these
+ functions, is advised. These interfaces exist to allow per-process con-
+ trol over core file details..
+
+
+
+Oracle Solaris 11.4 4 April 2022
+ core_set_process_content(3C)
diff -NurbBw 11.4.45/man3c/ffs.3c 11.4.48/man3c/ffs.3c
--- 11.4.45/man3c/ffs.3c 2022-08-16 11:04:43.905123825 -0700
+++ 11.4.48/man3c/ffs.3c 2022-08-16 11:05:29.060937865 -0700
@@ -55,7 +55,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See below |
+-----------------------------+-----------------------------+
@@ -93,4 +93,4 @@
-Oracle Solaris 11.4 28 Feb 2022 ffs(3C)
+Oracle Solaris 11.4 2 Jun 2022 ffs(3C)
diff -NurbBw 11.4.45/man3c/index.3c 11.4.48/man3c/index.3c
--- 11.4.45/man3c/index.3c 2022-08-16 11:04:44.183363506 -0700
+++ 11.4.48/man3c/index.3c 2022-08-16 11:05:29.348634475 -0700
@@ -43,7 +43,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard | POSIX.1-2001, |
| | SUS through SUSv3, |
@@ -61,4 +61,4 @@
-Oracle Solaris 11.4 28 Feb 2022 index(3C)
+Oracle Solaris 11.4 2 Jun 2022 index(3C)
diff -NurbBw 11.4.45/man3c/memory.3c 11.4.48/man3c/memory.3c
--- 11.4.45/man3c/memory.3c 2022-08-16 11:04:44.532580230 -0700
+++ 11.4.48/man3c/memory.3c 2022-08-16 11:05:29.687417403 -0700
@@ -190,8 +190,7 @@
MT-Level
The memccpy(), memchr(), memcmp(), memcpy(), memmove(), memset(),
- explicit_memset(), and memmem() functions can be used safely in multi-
- threaded applications.
+ explicit_memset(), and memmem() functions are Async-Signal-Safe.
The memcpy_s(), memmove_s(), and memset_s() functions cannot be used
@@ -258,4 +257,4 @@
-Oracle Solaris 11.4 28 Feb 2022 memory(3C)
+Oracle Solaris 11.4 2 Jun 2022 memory(3C)
diff -NurbBw 11.4.45/man3c/pthread_kill.3c 11.4.48/man3c/pthread_kill.3c
--- 11.4.45/man3c/pthread_kill.3c 2022-08-16 11:04:44.725828092 -0700
+++ 11.4.48/man3c/pthread_kill.3c 2022-08-16 11:05:29.886000199 -0700
@@ -28,7 +28,7 @@
ESRCH will be returned for a zombie thread.
- Software compiled on Oracle Solaris 11.4 and later default to XPG7
+ Software compiled on Oracle Solaris 11.4 and later defaults to XPG7
behavior, unless an earlier standard is specified at compile time using
the feature test macros described in standards(7). Software compiled on
earlier releases of Oracle Solaris will continue to follow the non-XPG7
@@ -54,7 +54,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -65,4 +65,4 @@
-Oracle Solaris 11.4 23 Dec 2014 pthread_kill(3C)
+Oracle Solaris 11.4 2 Jun 2022 pthread_kill(3C)
diff -NurbBw 11.4.45/man3c/pthread_self.3c 11.4.48/man3c/pthread_self.3c
--- 11.4.45/man3c/pthread_self.3c 2022-08-16 11:04:44.752723945 -0700
+++ 11.4.48/man3c/pthread_self.3c 2022-08-16 11:05:29.913346426 -0700
@@ -26,7 +26,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -36,4 +36,4 @@
-Oracle Solaris 11.4 16 May 2014 pthread_self(3C)
+Oracle Solaris 11.4 2 Jun 2022 pthread_self(3C)
diff -NurbBw 11.4.45/man3c/timingsafe_memcmp.3c 11.4.48/man3c/timingsafe_memcmp.3c
--- 11.4.45/man3c/timingsafe_memcmp.3c 2022-08-16 11:04:44.844209367 -0700
+++ 11.4.48/man3c/timingsafe_memcmp.3c 2022-08-16 11:05:30.007647665 -0700
@@ -40,7 +40,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |None |
+-----------------------------+-----------------------------+
@@ -54,4 +54,4 @@
-Oracle Solaris 11.4 28 Feb 2022 timingsafe_memcmp(3C)
+Oracle Solaris 11.4 2 Jun 2022 timingsafe_memcmp(3C)
diff -NurbBw 11.4.45/man3c/wcsstr.3c 11.4.48/man3c/wcsstr.3c
--- 11.4.45/man3c/wcsstr.3c 2022-08-16 11:04:45.787237346 -0700
+++ 11.4.48/man3c/wcsstr.3c 2022-08-16 11:05:30.949391789 -0700
@@ -47,7 +47,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -57,4 +57,4 @@
-Oracle Solaris 11.4 14 Nov 2003 wcsstr(3C)
+Oracle Solaris 11.4 2 Jun 2022 wcsstr(3C)
diff -NurbBw 11.4.45/man3c/wcstring.3c 11.4.48/man3c/wcstring.3c
--- 11.4.45/man3c/wcstring.3c 2022-08-16 11:04:45.896863954 -0700
+++ 11.4.48/man3c/wcstring.3c 2022-08-16 11:05:31.061943385 -0700
@@ -477,19 +477,28 @@
|Standard |See below |
+-----------------------------+-----------------------------+
-
+ Standard
For wcscat(), wcsncat(), wcscmp(), wcsncmp(), wcscpy(), wcsncpy(),
wcslen(), wcschr(), wcsrchr(), wcspbrk(), wcswcs(), wcsspn(), wcsc-
spn(), and wcstok(), see standards(7).
-
- The wcstring(), wcscasecmp(), wcsncasecmp(), wcscat(), wscat(),
- wcsncat(), wsncat(), wcscmp(), wscmp(), wcsncmp(), wsncmp(), wcscpy(),
- wscpy(), wcsncpy(), wsncpy(), wcpcpy(), wcpncpy(), wcsdup(), wcslen(),
- wslen(), wcsnlen(), wcschr(), wschr(), wcsrchr(), wsrchr(), windex(),
- wrindex(), wcspbrk(), wspbrk(), wcswcs(), wcsspn(), wsspn(), wcscspn(),
- wscspn(), wcstok(), wstok() functions can be used safely in multi-
- threaded applications.
+ MT-Level
+ The wcscasecmp(), wcsncasecmp(), wcscat(), wscat(), wcsncat(),
+ wsncat(), wcscmp(), wscmp(), wcsncmp(), wsncmp(), wcscpy(), wscpy(),
+ wcsncpy(), wsncpy(), wcpcpy(), wcpncpy(), wcslen(), wslen(), wcsnlen(),
+ wcschr(), wschr(), wcsrchr(), wsrchr(), windex(), wrindex(), wcspbrk(),
+ wspbrk(), wcswcs(), wcsspn(), wsspn(), wcscspn(), and wscspn() func-
+ tions are Async-Signal-Safe.
+
+
+ The wcsdup() function is MT-Safe.
+
+
+ The version of wcstok() that takes three arguments is Async-Signal-
+ Safe, while the version that takes only two arguments is not. The
+ wstok() function and the two-argument form of wcstok() store state in
+ thread-specific data, so are safe to use in a multi-threaded program,
+ but calls from different threads will not share common state.
The wcscpy_s(), wcsncpy_s(), wmemcpy_s(), wmemmove_s(), wcscat_s(),
@@ -504,4 +513,4 @@
-Oracle Solaris 11.4 10 Jun 2018 wcstring(3C)
+Oracle Solaris 11.4 2 Jun 2022 wcstring(3C)
diff -NurbBw 11.4.45/man3c/wmemchr.3c 11.4.48/man3c/wmemchr.3c
--- 11.4.45/man3c/wmemchr.3c 2022-08-16 11:04:45.998461249 -0700
+++ 11.4.48/man3c/wmemchr.3c 2022-08-16 11:05:31.156924046 -0700
@@ -47,7 +47,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -58,4 +58,4 @@
-Oracle Solaris 11.4 14 Aug 2002 wmemchr(3C)
+Oracle Solaris 11.4 2 Jun 2022 wmemchr(3C)
diff -NurbBw 11.4.45/man3c/wmemcmp.3c 11.4.48/man3c/wmemcmp.3c
--- 11.4.45/man3c/wmemcmp.3c 2022-08-16 11:04:46.024263048 -0700
+++ 11.4.48/man3c/wmemcmp.3c 2022-08-16 11:05:31.182140996 -0700
@@ -39,7 +39,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -50,4 +50,4 @@
-Oracle Solaris 11.4 14 Aug 2002 wmemcmp(3C)
+Oracle Solaris 11.4 2 Jun 2022 wmemcmp(3C)
diff -NurbBw 11.4.45/man3c/wmemcpy.3c 11.4.48/man3c/wmemcpy.3c
--- 11.4.45/man3c/wmemcpy.3c 2022-08-16 11:04:46.091874088 -0700
+++ 11.4.48/man3c/wmemcpy.3c 2022-08-16 11:05:31.250366361 -0700
@@ -36,7 +36,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -47,4 +47,4 @@
-Oracle Solaris 11.4 14 Aug 2002 wmemcpy(3C)
+Oracle Solaris 11.4 2 Jun 2022 wmemcpy(3C)
diff -NurbBw 11.4.45/man3c/wmemset.3c 11.4.48/man3c/wmemset.3c
--- 11.4.45/man3c/wmemset.3c 2022-08-16 11:04:46.166225816 -0700
+++ 11.4.48/man3c/wmemset.3c 2022-08-16 11:05:31.331007101 -0700
@@ -36,7 +36,7 @@
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
- |MT-Level |MT-Safe |
+ |MT-Level |Async-Signal-Safe |
+-----------------------------+-----------------------------+
|Standard |See standards(7). |
+-----------------------------+-----------------------------+
@@ -47,4 +47,4 @@
-Oracle Solaris 11.4 14 Aug 2002 wmemset(3C)
+Oracle Solaris 11.4 2 Jun 2022 wmemset(3C)
diff -NurbBw 11.4.45/man5/smb.5 11.4.48/man5/smb.5
--- 11.4.45/man5/smb.5 2022-08-16 11:04:46.776143262 -0700
+++ 11.4.48/man5/smb.5 2022-08-16 11:05:31.892040016 -0700
@@ -269,6 +269,16 @@
the Oracle Solaris SMB server will accept multichannel sessions.
+ multichannel_exclude
+
+ Specifies that the interfaces in interface-list are not used for
+ SMB multichannel traffic. Interfaces are specified as a comma-sepa-
+ rated list of physical interfaces. An empty string may be used to
+ indicate that no interfaces should be excluded from multichannel
+ use. All private interfaces and those marked as DEPRECATED are
+ automatically excluded.
+
+
oplock_enable
Enables oplocks on the server. The valid values are true or false.
diff -NurbBw 11.4.45/man7/solaris-kz.7 11.4.48/man7/solaris-kz.7
--- 11.4.45/man7/solaris-kz.7 2022-08-16 11:04:46.831601565 -0700
+++ 11.4.48/man7/solaris-kz.7 2022-08-16 11:05:31.938750106 -0700
@@ -801,6 +801,10 @@
Only zones on shared storage may be migrated. Supported storage URI
types for migration are iscsi, lu, and nfs.
+ Live Storage Migration
+ Kernel zones support live storage migration of its root ZFS pool. See
+ zoneadm(8) move subcommand for more information.
+
Auxiliary State
The following auxiliary states (as shown by zoneadm list -is) are
defined for this brand:
@@ -1060,4 +1064,4 @@
-Oracle Solaris 11.4 5 Mar 2022 solaris-kz(7)
+Oracle Solaris 11.4 15 Mar 2022 solaris-kz(7)
diff -NurbBw 11.4.45/man7/solaris10.7 11.4.48/man7/solaris10.7
--- 11.4.45/man7/solaris10.7 2022-08-16 11:04:46.863265669 -0700
+++ 11.4.48/man7/solaris10.7 2022-08-16 11:05:31.970781429 -0700
@@ -227,6 +227,30 @@
missing. State of the zone is always incomplete.
+ Security Extensions
+ The default for most userland security extensions is "model=tagged-
+ files", and since Solaris 10 has no tagged files (and ignores tags on
+ files even if they have them) this doesn't create a problem for most
+ programs.
+
+
+ The exception is nxstack. The default for the nxstack sec extension is
+ "model=all", and that does create a problem for a Solaris 10 program
+ that generates executable code on the stack and then branches to it.
+
+
+ To allow legacy applications requiring exacutable stack to function the
+ same way as in the native Solaris 10 environment, a SMF service
+ svc:/system/security/executable-stack is provided.
+
+
+ To disable non-executable stack security extension for the zone it is
+ sufficient to enable the executable-stack.
+
+
+ Since majority of applications work fine with the non-executable stack
+ protection enabled, the service is disabled by default.
+
SUB-COMMANDS
For the list of solaris10 brand-specific subcommand options, see
zoneadm(8).
@@ -393,6 +417,19 @@
+ Example 8 Disable the non-executable stack in the branded zone at boot
+
+
+
+ To disable the NXSTACK security extension in given zone at boot it is
+ sufficient to enable the executable-stack service
+
+
+
+ # svcadm enable executable-stack
+
+
+
ATTRIBUTES
See attributes(7) for a description of the following attributes:
diff -NurbBw 11.4.45/man7/sysattr.7 11.4.48/man7/sysattr.7
--- 11.4.45/man7/sysattr.7 2022-08-16 11:04:46.913154234 -0700
+++ 11.4.48/man7/sysattr.7 2022-08-16 11:05:32.008214400 -0700
@@ -232,7 +232,7 @@
Boolean that if set marks a file as containing "sensitive" content.
Some utilities may take different actions if this is set. For exam-
- ple, pfedit(1) does not record the contents or content changes of
+ ple, pfedit(8) does not record the contents or content changes of
files with this attribute set.
The {PRIV_FILE_FLAG_SET} privilege is required to set this
@@ -372,12 +372,12 @@
attributes.
SEE ALSO
- chmod(1), compress(1), cp(1), cpio(1), ls(1), pax(1), pfedit(1),
- pkg(1), tar(1), touch(1), acl(2), chmod(2), chown(2), fcntl(2), futi-
- mens(2), mmap(2), open(2), pathconf(2), read(2), rename(2), rmdir(2),
- unlink(2), utime(2), utimensat(2), utimes(2), write(2), fgetattr(3C),
- fsetattr(3C), getattrat(3C), setattrat(3C), tmpfs(4FS), zfs(4FS),
- fsattr(7), pkg(7), nfsref(8), vscand(8), zfs(8)
+ chmod(1), compress(1), cp(1), cpio(1), ls(1), pax(1), pkg(1), tar(1),
+ touch(1), acl(2), chmod(2), chown(2), fcntl(2), futimens(2), mmap(2),
+ open(2), pathconf(2), read(2), rename(2), rmdir(2), unlink(2),
+ utime(2), utimensat(2), utimes(2), write(2), fgetattr(3C), fse-
+ tattr(3C), getattrat(3C), setattrat(3C), tmpfs(4FS), zfs(4FS),
+ fsattr(7), pfedit(8), pkg(7), nfsref(8), vscand(8), zfs(8)
HISTORY
System attributes were added in the Oracle Solaris 11.0.0 release,
diff -NurbBw 11.4.45/man8/dumpadm.8 11.4.48/man8/dumpadm.8
--- 11.4.45/man8/dumpadm.8 2022-08-16 11:04:46.947781508 -0700
+++ 11.4.48/man8/dumpadm.8 2022-08-16 11:05:32.042015174 -0700
@@ -158,10 +158,12 @@
Refer to the NOTES below for details of the algorithm used to
select an appropriate swap entry.
- A given ZFS volume cannot be configured for both the swap area
- and the dump device.
-
- Use of a swap device for a dump device is not recommended.
+ Use of a single swap device for a dump device is not recom-
+ mended for low memory systems. If the system has less than 8
+ gigabytes of RAM then it should have a dedicated swap device,
+ sufficient to allow the system to boot to the multi-user mile-
+ stone, and a separate dump device which may also be used as an
+ additional swap device.
none
@@ -423,16 +425,16 @@
message will be displayed.
Dump Device/Swap Device Interaction
- In the event that the dump device is also a swap device, and the swap
- device is deleted by the administrator using the swap -d command, the
- swap command will automatically invoke dumpadm -d swap in order to
- attempt to configure another appropriate swap device as the dump
- device. If no swap devices remain or none can be configured as the dump
- device, the crash dump will be disabled and a warning message will be
- displayed. Similarly, if the crash dump is disabled and the administra-
- tor adds a new swap device using the swap -a command, dumpadm -d
- swap will be invoked to re-enable the crash dump using the new swap
- device.
+ In the event that the dump device is also a swap device but not a ZFS
+ volume and the swap device is deleted by the administrator using the
+ swap -d command, the swap command will automatically invoke dumpadm
+ -d swap in order to attempt to configure another appropriate swap
+ device as the dump device. If no swap devices remain or none can be
+ configured as the dump device, the crash dump will be disabled and a
+ warning message will be displayed. Similarly, if the crash dump is dis-
+ abled and the administrator adds a new swap device using the swap -a
+ command, dumpadm -d swap will be invoked to re-enable the crash dump
+ using the new swap device.
Once dumpadm -d swap has been issued, the new dump device is stored
@@ -476,4 +478,4 @@
-Oracle Solaris 11.4 11 May 2021 dumpadm(8)
+Oracle Solaris 11.4 13 April 2022 dumpadm(8)
diff -NurbBw 11.4.45/man8/in.chargend.8 11.4.48/man8/in.chargend.8
--- 11.4.45/man8/in.chargend.8 2022-08-16 11:04:46.973761420 -0700
+++ 11.4.48/man8/in.chargend.8 2022-08-16 11:05:32.069338501 -0700
@@ -6,39 +6,36 @@
in.chargend - UDP or TCP character generator service daemon
SYNOPSIS
- in.chargend
+ /usr/lib/inet/in.chargend
-
- FMRI svc:/internet/chargen:default
+FMRI
+ svc:/internet/chargen:default
DESCRIPTION
- FMRI stands for Fault Management Resource Identifier. It is used to
- identify resources managed by the Fault Manager. See fmd(8) and smf(7).
-
-
The in.chargend service provides the server-side of the character-gen-
erator protocol. This protocol is used for debugging and bandwidth mea-
surement and is available on both TCP and UDP transports, through port
19.
- The in.chargend service is an inetd(8) smf(7) delegated service. The
+ The in.chargend service is an inetd(8) delegated smf(7) service. The
in.chargend detects which transport is requested by examining the
socket it is passed by the inetd daemon.
- TCP-based service Once a connection is established, the in.chargend
- generates a stream of data. Any data received is
- discarded. The server generates data until the
- client program terminates the connection. Note
- that the data flow is limited by TCP flow control
- mechanisms.
+ TCP-based service
+
+ Once a connection is established, the in.chargend generates a
+ stream of data. Any data received is discarded. The server gener-
+ ates data until the client program terminates the connection. Note
+ that the data flow is limited by TCP flow control mechanisms.
- UDP-based service The in.chargend listens for UDP datagrams. When a
- datagram is received, the server generates a UDP
- datagram in response containing a random number of
- ASCII characters (ranging from 0 to 512 charac-
- ters). Any received data is ignored.
+ UDP-based service
+
+ The in.chargend listens for UDP datagrams. When a datagram is
+ received, the server generates a UDP datagram in response contain-
+ ing a random number of ASCII characters (ranging from 0 to 512
+ characters). Any received data is ignored.
@@ -59,11 +56,41 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- attributes(7), smf(7), inetd(8)
+ attributes(7), smf(7), inetadm(8), inetd(8)
+
+
+ Postel, J. RFC 864, Character Generator Protocol. Network Working
+ Group. May 1983. https://tools.ietf.org/html/rfc864
+
+NOTES
+ The in.chargend service is managed by the service management facility,
+ smf(7), under the service identifier:
+
+ svc:/internet/chargen:default
+
+
+
+ Administrative actions on this service, such as enabling, disabling, or
+ requesting restart, can be performed using svcadm(8). Responsibility
+ for initiating and restarting this service is delegated to inetd(8).
+ Use inetadm(8) to make configuration changes and to view configuration
+ information for this service. The service's status can be queried using
+ the svcs(1) command.
+
+HISTORY
+ The in.chargend program and the svc:/internet/chargen:default service
+ were added in the Solaris 10 3/05 release. Prior to that, support for
+ the chargen service was provided as a builtin part of inetd(8) since
+ the initial release of Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
- RFC 864
+ The chargen service was enabled by default in releases up through
+ Solaris 9, but has been disabled by default since the Solaris 10 3/05
+ release.
-Oracle Solaris 11.4 16 Aug 2011 in.chargend(8)
+Oracle Solaris 11.4 12 May 2022 in.chargend(8)
diff -NurbBw 11.4.45/man8/in.daytimed.8 11.4.48/man8/in.daytimed.8
--- 11.4.45/man8/in.daytimed.8 2022-08-16 11:04:47.005313611 -0700
+++ 11.4.48/man8/in.daytimed.8 2022-08-16 11:05:32.097199362 -0700
@@ -6,39 +6,37 @@
in.daytimed - UDP or TCP daytime protocol service daemon
SYNOPSIS
- in.daytimed
+ /usr/lib/inet/in.daytimed
-
- FMRI svc:/internet/daytime:default
+FMRI
+ svc:/internet/daytime:default
DESCRIPTION
- FMRI stands for Fault Management Resource Identifier. It is used to
- identify resources managed by the Fault Manager. See fmd(8) and smf(7).
-
-
The in.daytimed service provides the server-side of the daytime proto-
- col. This protocol is used for debugging and bandwidth measurement and
- is available on both TCP and UDP transports, through port 13.
+ col. This protocol is used for debugging and is available on both TCP
+ and UDP transports, through port 13.
- The in.daytimed service is an inetd(8) smf(7) delegated service. The
+ The in.daytimed service is an inetd(8) delegated smf(7) service. The
in.daytimed detects which transport is requested by examining the
socket it is passed by the inetd daemon.
- TCP-based service Once a connection is established, the in.daytimed
- generates the current date and time in ctime(3C)
- format as 7-bit ASCII and sends it through the
- connection. The server then closes the connection.
- Any data received from the client side of the con-
- nection is discarded.
-
+ TCP-based service
- UDP-based service The in.daytimed listens for UDP datagrams. When a
- datagram is received, the server generates the
- current date and time in ctime(3C) format as 7-bit
- ASCII and inserts it in a UDP datagram sent in
- response to the client's request. Any received
- data is ignored.
+ Once a connection is established, the in.daytimed generates the
+ current date and time in ctime(3C) format as 7-bit ASCII and sends
+ it through the connection. The server then closes the connection.
+ Any data received from the client side of the connection is dis-
+ carded.
+
+
+ UDP-based service
+
+ The in.daytimed listens for UDP datagrams. When a datagram is
+ received, the server generates the current date and time in
+ ctime(3C) format as 7-bit ASCII and inserts it in a UDP datagram
+ sent in response to the client's request. Any received data is
+ ignored.
ATTRIBUTES
@@ -54,11 +52,41 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- attributes(7), smf(7), inetd(8)
+ attributes(7), smf(7), in.timed(8), inetadm(8), inetd(8)
+
+
+ Postel, J. RFC 867, Daytime Protocol. Network Working Group. May 1983.
+ https://tools.ietf.org/html/rfc867
+
+NOTES
+ The in.daytimed service is managed by the service management facility,
+ smf(7), under the service identifier:
+
+ svc:/internet/daytime:default
+
+
+
+ Administrative actions on this service, such as enabling, disabling, or
+ requesting restart, can be performed using svcadm(8). Responsibility
+ for initiating and restarting this service is delegated to inetd(8).
+ Use inetadm(8) to make configuration changes and to view configuration
+ information for this service. The service's status can be queried using
+ the svcs(1) command.
+
+HISTORY
+ The in.daytimed program and the svc:/internet/daytime:default service
+ were added in the Solaris 10 3/05 release. Prior to that, support for
+ the daytime service was provided as a builtin part of inetd(8) since
+ the initial release of Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
- RFC 867
+ The daytime service was enabled by default in releases up through
+ Solaris 9, but has been disabled by default since the Solaris 10 3/05
+ release.
-Oracle Solaris 11.4 16 Aug 2011 in.daytimed(8)
+Oracle Solaris 11.4 12 May 2022 in.daytimed(8)
diff -NurbBw 11.4.45/man8/in.discardd.8 11.4.48/man8/in.discardd.8
--- 11.4.45/man8/in.discardd.8 2022-08-16 11:04:47.033451611 -0700
+++ 11.4.48/man8/in.discardd.8 2022-08-16 11:05:32.126482138 -0700
@@ -6,22 +6,18 @@
in.discardd - UDP or TCP discard protocol service
SYNOPSIS
- in.discardd
+ /usr/lib/inet/in.discardd
-
- FMRI svc:/internet/discard:default
+FMRI
+ svc:/internet/discard:default
DESCRIPTION
- FMRI stands for Fault Management Resource Identifier. It is used to
- identify resources managed by the Fault Manager. See fmd(8) and smf(7).
-
-
The in.discardd service provides the server-side of the discard proto-
col. This protocol is used for debugging and bandwidth measurement and
is available on both TCP and UDP transports through port 9.
- The in.discardd service is an inetd(8) smf(7) delegated service. The
+ The in.discardd service is an inetd(8) delegated smf(7) service. The
in.discardd detects which transport is requested by examining the
socket it is passed by the inetd daemon.
@@ -29,15 +25,17 @@
The discard service simply throws away any data it receives from the
client.
- TCP-based service Once a connection is established, the in.discardd
- discards any data received. No response is gener-
- ated. The connection remains open until the client
- terminates it.
+ TCP-based service
+
+ Once a connection is established, the in.discardd discards any data
+ received. No response is generated. The connection remains open
+ until the client terminates it.
- UDP-based service The in.discardd listens for UDP datagrams. When a
- datagram is received, the server discards it. No
- response is sent.
+ UDP-based service
+
+ The in.discardd listens for UDP datagrams. When a datagram is
+ received, the server discards it. No response is sent.
ATTRIBUTES
@@ -53,11 +51,41 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- attributes(7), smf(7), inetd(8)
+ attributes(7), smf(7), inetadm(8), inetd(8)
+
+
+ Postel, J. RFC 863, Discard Protocol. Network Working Group. May 1983.
+ https://tools.ietf.org/html/rfc863
+
+NOTES
+ The in.discardd service is managed by the service management facility,
+ smf(7), under the service identifier:
+
+ svc:/internet/discard:default
+
+
+
+ Administrative actions on this service, such as enabling, disabling, or
+ requesting restart, can be performed using svcadm(8). Responsibility
+ for initiating and restarting this service is delegated to inetd(8).
+ Use inetadm(8) to make configuration changes and to view configuration
+ information for this service. The service's status can be queried using
+ the svcs(1) command.
+
+HISTORY
+ The in.discardd program and the svc:/internet/discard:default service
+ were added in the Solaris 10 3/05 release. Prior to that, support for
+ the discard service was provided as a builtin part of inetd(8) since
+ the initial release of Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
- RFC 863
+ The discard service was enabled by default in releases up through
+ Solaris 9, but has been disabled by default since the Solaris 10 3/05
+ release.
-Oracle Solaris 11.4 16 Aug 2011 in.discardd(8)
+Oracle Solaris 11.4 12 May 2022 in.discardd(8)
diff -NurbBw 11.4.45/man8/in.echod.8 11.4.48/man8/in.echod.8
--- 11.4.45/man8/in.echod.8 2022-08-16 11:04:47.066717653 -0700
+++ 11.4.48/man8/in.echod.8 2022-08-16 11:05:32.161003242 -0700
@@ -6,35 +6,33 @@
in.echod - UDP or TCP echo protocol service daemon
SYNOPSIS
- in.echod
+ /usr/lib/inet/in.echod
-
- FMRI svc:/internet/echo:default
+FMRI
+ svc:/internet/echo:default
DESCRIPTION
- FMRI stands for Fault Management Resource Identifier. It is used to
- identify resources managed by the Fault Manager. See fmd(8) and smf(7).
-
-
The in.echod service provides the server-side of the echo protocol.
This protocol is used for debugging and bandwidth measurement and is
available on both TCP and UDP transports, through port 7.
- The in.echod service is an inetd(8) smf(7) delegated service. The
+ The in.echod service is an inetd(8) delegated smf(7) service. The
in.echod detects which transport is requested by examining the socket
it is passed by the inetd daemon.
- TCP-based service Once a connection is established, the in.echod
- echoes any data received from the client back to
- the client. The server echoes data until the
- client program terminates the connection.
+ TCP-based service
+
+ Once a connection is established, the in.echod echoes any data
+ received from the client back to the client. The server echoes data
+ until the client program terminates the connection.
- UDP-based service The in.echod listens for UDP datagrams. When a
- datagram is received, the server creates a UDP
- datagram containing the data it received and sends
- it to the client.
+ UDP-based service
+
+ The in.echod listens for UDP datagrams. When a datagram is
+ received, the server creates a UDP datagram containing the data it
+ received and sends it to the client.
ATTRIBUTES
@@ -50,11 +48,40 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- attributes(7), smf(7), inetd(8)
+ attributes(7), smf(7), inetadm(8), inetd(8)
+
+
+ Postel, J. RFC 862, Echo Protocol. Network Working Group. May 1983.
+ https://tools.ietf.org/html/rfc862
+
+NOTES
+ The in.echod service is managed by the service management facility,
+ smf(7), under the service identifier:
+
+ svc:/internet/echo:default
+
+
+
+ Administrative actions on this service, such as enabling, disabling, or
+ requesting restart, can be performed using svcadm(8). Responsibility
+ for initiating and restarting this service is delegated to inetd(8).
+ Use inetadm(8) to make configuration changes and to view configuration
+ information for this service. The service's status can be queried using
+ the svcs(1) command.
+
+HISTORY
+ The in.echod program and the svc:/internet/echo:default service were
+ added in the Solaris 10 3/05 release. Prior to that, support for the
+ echo service was provided as a builtin part of inetd(8) since the ini-
+ tial release of Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
- RFC 862
+ The echo service was enabled by default in releases up through Solaris
+ 9, but has been disabled by default since the Solaris 10 3/05 release.
-Oracle Solaris 11.4 16 Aug 2011 in.echod(8)
+Oracle Solaris 11.4 12 May 2022 in.echod(8)
diff -NurbBw 11.4.45/man8/in.rexecd.8 11.4.48/man8/in.rexecd.8
--- 11.4.45/man8/in.rexecd.8 2022-08-16 11:04:47.101876856 -0700
+++ 11.4.48/man8/in.rexecd.8 2022-08-16 11:05:32.189669139 -0700
@@ -6,7 +6,10 @@
in.rexecd, rexecd - remote execution server
SYNOPSIS
- in.rexecd
+ /usr/sbin/in.rexecd
+
+FMRI
+ svc:/network/rexec:default
DESCRIPTION
in.rexecd is the server for the rexec(3C) routine. The server provides
@@ -39,23 +42,46 @@
argument list.
- 6. rexecd then validates the user as is done at login time and,
- if the authentication was successful, changes to the user's
- home directory, and establishes the user and group protec-
- tions of the user. If any of these steps fail the connection
- is aborted and a diagnostic message is returned.
+ 6. in.rexecd then validates the user via the pam(3PAM) authen-
+ tication process, as described under SECURITY below. If the
+ authentication was successful, in.rexecd changes to the
+ user's home directory, and establishes the user and group
+ privileges of the user. If any of these steps fail the con-
+ nection is aborted and a diagnostic message is returned.
7. A null byte is returned on the connection associated with
the stderr and the command line is passed to the normal
login shell of the user. The shell inherits the network con-
- nections established by rexecd.
+ nections established by in.rexecd.
USAGE
- in.rexecd and rexecd are IPv6-enabled. For more information, see the
- ip6(4P) man page.
+ in.rexecd is IPv6-enabled. For more information, see the ip6(4P) man
+ page.
+
+
+ The protocol underlying these functions uses weak authentication and
+ offers no protection against spoofing or snooping of traffic. The
+ in.rexecd server is disabled by default on Oracle Solaris and most
+ other modern operating systems, and may be removed in future versions
+ of Oracle Solaris. Use of the sshd(8) server is strongly recommended
+ instead.
+
+SECURITY
+ in.rexecd uses pam(3PAM) for authentication, account management, and
+ session management. The PAM configuration policy, configured in
+ /etc/pam.conf or per-service files in /etc/pam.d/, specifies the mod-
+ ules to be used for in.rexeced via the service name rexec. If there are
+ no entries for the rexec service, then the entries for the "other" ser-
+ vice will be used.
+
+
+ If the rexec configuration results in any PAM conversation prompts
+ other than for the UNIX password, the conversation will fail and
+ in.rexeced will report an authentication error and abort the connec-
+ tion.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -70,8 +96,8 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- svcs(1), rexec(3C), ip6(4P), smf(7), attributes(7), inetadm(8),
- inetd(8), svcadm(8)
+ svcs(1), rexec(3C), pam(3PAM), ip6(4P), smf(7), attributes(7),
+ inetadm(8), inetd(8), sshd(8), svcadm(8)
DIAGNOSTICS
All diagnostic messages are returned on the connection associated with
@@ -123,6 +147,18 @@
This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ The in.rexecd service has been present since the initial release of
+ Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
+
+ The in.rexecd service was enabled by default in releases up through
+ Solaris 9, but has been disabled by default since the Solaris 10 3/05
+ release.
+
-Oracle Solaris 11.4 22 Feb 2017 in.rexecd(8)
+Oracle Solaris 11.4 12 May 2022 in.rexecd(8)
diff -NurbBw 11.4.45/man8/in.rlogind.8 11.4.48/man8/in.rlogind.8
--- 11.4.45/man8/in.rlogind.8 2022-08-16 11:04:47.131677778 -0700
+++ 11.4.48/man8/in.rlogind.8 2022-08-16 11:05:32.219817229 -0700
@@ -8,6 +8,9 @@
SYNOPSIS
/usr/sbin/in.rlogind [-s tos]
+FMRI
+ svc:/network/login:rlogin
+
DESCRIPTION
in.rlogind is the server for the rlogin(1) program. The server provides
a remote login facility with authentication based on privileged port
@@ -134,11 +137,12 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- login(1), rlogin(1), svcs(1), pam(3PAM), hosts(5), hosts.equiv(5),
- pam.conf(5), attributes(7), environ(7), pam_authtok_check(7), pam_auth-
- tok_get(7), pam_authtok_store(7), pam_dhkeys(7), pam_passwd_auth(7),
- pam_unix_account(7), pam_unix_auth(7), pam_unix_session(7), smf(7),
- in.rshd(8), inetadm(8), inetd(8), svcadm(8)
+ login(1), rlogin(1), ssh(1), svcs(1), pam(3PAM), hosts(5),
+ hosts.equiv(5), pam.conf(5), attributes(7), environ(7), pam_auth-
+ tok_check(7), pam_authtok_get(7), pam_authtok_store(7), pam_dhkeys(7),
+ pam_passwd_auth(7), pam_unix_account(7), pam_unix_auth(7),
+ pam_unix_session(7), smf(7), in.rshd(8), inetadm(8), inetd(8), sshd(8),
+ svcadm(8)
DIAGNOSTICS
All diagnostic messages are returned on the connection associated with
@@ -168,16 +172,18 @@
security policy.
- A facility to allow all data exchanges to be encrypted should be
- present.
+ All data exchanges over this protocol are performed without encryption,
+ and have no protection against spoofing or snooping of traffic. The
+ in.rlogind server is disabled by default on Oracle Solaris and most
+ other modern operating systems, and may be removed in future versions
+ of Oracle Solaris. Use of the sshd(8) server is strongly recommended
+ instead.
The in.rlogind service is managed by the service management facility,
smf(7), under the service identifier:
-
- svc:/network/login:rlogin (rlogin)
-
+ svc:/network/login:rlogin
@@ -191,6 +197,26 @@
This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ The in.rlogind service has been present since the initial release of
+ Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
+
+ Support for Kerberos was added in Solaris 10 3/05 and removed in Oracle
+ Solaris 11.4.0. Prior to Solaris 10, a kerberized version was available
+ in the Sun Enterprise Authentication Mechanism (SEAM) add-on package
+ for Solaris.
+
+
+ The in.rlogind service was enabled by default in releases up through
+ Solaris 9. In the Solaris 10 through 11.3 releases, the service was
+ enabled under the generic_open.xml service profile, but disabled under
+ the generic_limited_net.xml service profile. In Oracle Solaris 11.4, it
+ is disabled by default.
+
-Oracle Solaris 11.4 24 Nov 2020 in.rlogind(8)
+Oracle Solaris 11.4 12 May 2022 in.rlogind(8)
diff -NurbBw 11.4.45/man8/in.rshd.8 11.4.48/man8/in.rshd.8
--- 11.4.45/man8/in.rshd.8 2022-08-16 11:04:47.168778392 -0700
+++ 11.4.48/man8/in.rshd.8 2022-08-16 11:05:32.251821211 -0700
@@ -6,52 +6,19 @@
in.rshd, rshd - remote shell server
SYNOPSIS
- in.rshd [-k5eciU] [-s tos] [-S keytab] [-M realm]
- [-L env_var] host.port
+ in.rshd [-U] [-s tos] [-L env_var] host.port
DESCRIPTION
in.rshd is the server for the rsh(1) program. The server provides
- remote execution facilities with authentication based on Kerberos V5 or
- privileged port numbers.
+ remote execution facilities with authentication based on privileged
+ port numbers.
in.rshd is invoked by inetd(8) each time a shell service is requested.
- When Kerberos V5 authentication is required (this can be set with Ker-
- beros-specific options listed below), the following protocol is initi-
- ated:
-
- 1. Check Kerberos V5 authentication.
-
-
- 2. Check the authorization rules.
-
-
- 3. A null byte is returned on the initial socket and the com-
- mand line is passed to the normal login shell of the user.
- (The PATH variable is set to /usr/bin.) The shell inherits
- the network connections established by in.rshd.
-
-
-
-
- In order for Kerberos authentication to work, a host/<FQDN> Kerberos
- principal must exist for each Fully Qualified Domain Name associated
- with the in.rshd server. Each of these host/<FQDN> principals must have
- a keytab entry in the /etc/krb5/krb5.keytab file on the in.rshd server.
- An example principal might be:
-
-
- host/bigmachine.eng.example.com
-
-
- See kadmin for instructions on adding a principal to a krb5.keytab
- file.
-
-
- If Kerberos V5 authentication is not enabled, then in.rshd executes the
- following protocol:
+ When a new connection is established, in.rshd executes the following
+ protocol:
1. The server checks the client's source port. If the port is
not in the range 512-1023, the server aborts the connection.
@@ -73,12 +40,12 @@
4. A null-terminated user name of at most 256 characters is
retrieved on the initial socket. This user name is inter-
- preted as the user identity on the client's machine.
+ preted as the user identity on the client machine.
5. A null terminated user name of at most 256 characters is
retrieved on the initial socket. This user name is inter-
- preted as a user identity to use on the server's machine.
+ preted as a user identity to use on the server machine.
6. A null terminated command to be passed to a shell is
@@ -89,11 +56,11 @@
7. in.rshd then validates the user according to the following
steps. The remote user name is looked up in the password
- file and a chdir is performed to the user's home directory.
- If the lookup fails, the connection is terminated. If the
- chdir fails, it does a chdir to / (root). If the user is not
- the superuser, (user ID 0), and if the pam_rhosts_auth PAM
- module is configured for authentication, the file
+ database and a chdir is performed to the user's home direc-
+ tory. If the lookup fails, the connection is terminated. If
+ the chdir fails, it does a chdir to / (root). If the user is
+ not the superuser, (user ID 0), and if the pam_rhosts_auth
+ PAM module is configured for authentication, the file
/etc/hosts.equiv is consulted for a list of hosts considered
"equivalent". If the client's host name is present in this
file, the authentication is considered successful. See the
@@ -129,17 +96,7 @@
USAGE
- rshd and in.rshd are IPv6-enabled. See ip6(4P). IPv6 is not currently
- supported with Kerberos V5 authentication.
-
-
- The Kerberized rshd service runs on port 544 (kshell). The correspond-
- ing FMRI entry is: :
-
-
-
- svc:/network/shell:kshell (rshd with kerberos (ipv4 only))
-
+ in.rshd is IPv6-enabled. See ip6(4P).
SECURITY
in.rshd uses pam(3PAM) for authentication, account management, and ses-
@@ -174,23 +131,13 @@
If there are no entries for the rsh service in /etc/pam.conf and
/etc/pam.d/rsh does not exist then the entries for the "other" service
in /etc/pam.conf are used. If there are not any entries in
- /etc/pam.conf for the "other", then the entries in /etc/pam.d/other
- will be used. To maintain the authentication requirement for in.rshd,
- the rsh entry must always be configured with the pam_rhosts_auth.so.1
- module.
-
-
- in.rshd can authenticate using Kerberos V5 authentication or pam(3PAM).
- For Kerberized rsh service, the appropriate PAM service name is krsh.
+ /etc/pam.conf for the "other" service, then the entries in
+ /etc/pam.d/other will be used. To maintain the authentication require-
+ ment for in.rshd, the rsh entry must always be configured with the
+ pam_rhosts_auth.so.1 module.
FILES
- /etc/hosts.equiv
-
- $HOME/.k5login File containing Kerberos principals that are
- allowed access.
-
-
- /etc/krb5/krb5.conf Kerberos configuration file.
+ /etc/hosts.equiv See hosts.equiv(5)
ATTRIBUTES
@@ -206,12 +153,12 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- rsh(1), svcs(1), getnameinfo(3C), pam(3PAM), ip6(4P), hosts(5),
- pam.conf(5), attributes(7), environ(7), krb5_auth_rules(7), pam_auth-
- tok_check(7), pam_authtok_get(7), pam_authtok_store(7), pam_dhkeys(7),
- pam_passwd_auth(7), pam_rhosts_auth(7), pam_unix_account(7),
- pam_unix_auth(7), pam_unix_session(7), smf(7), inetadm(8), inetd(8),
- svcadm(8)
+ rsh(1), ssh(1), svcs(1), getnameinfo(3C), rcmd(3C), pam(3PAM), ip6(4P),
+ hosts(5), hosts.equiv(5), pam.conf(5), attributes(7), environ(7),
+ pam_authtok_check(7), pam_authtok_get(7), pam_authtok_store(7),
+ pam_dhkeys(7), pam_passwd_auth(7), pam_rhosts_auth(7),
+ pam_unix_account(7), pam_unix_auth(7), pam_unix_session(7), smf(7),
+ inetadm(8), inetd(8), sshd(8), svcadm(8)
DIAGNOSTICS
The following diagnostic messages are returned on the connection asso-
@@ -266,12 +213,16 @@
NOTES
The authentication procedure used here assumes the integrity of each
- client machine and the connecting medium. This is insecure, but it is
- useful in an "open" environment.
+ client machine and the connecting medium. This is insecure, but can be
+ convenient in environments where it does not conflict with the local
+ security policy.
- A facility to allow all data exchanges to be encrypted should be
- present.
+ All data exchanges over this protocol are performed without encryption,
+ and have no protection against spoofing or snooping of traffic. The
+ in.rshd server is disabled by default on Oracle Solaris and most other
+ modern operating systems, and may be removed in future versions of Ora-
+ cle Solaris. Use of the sshd(8) server is strongly recommended instead.
The in.rshd service is managed by the service management facility,
@@ -293,6 +242,26 @@
This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ The in.rshd service has been present since the initial release of
+ Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
+
+ Support for Kerberos was added in Solaris 10 3/05 and removed in Oracle
+ Solaris 11.4.0. Prior to Solaris 10, a kerberized version was available
+ in the Sun Enterprise Authentication Mechanism (SEAM) add-on package
+ for Solaris.
+
+
+ The in.rshd service was enabled by default in releases up through
+ Solaris 9. In the Solaris 10 through 11.3 releases, the service was
+ enabled under the generic_open.xml service profile, but disabled under
+ the generic_limited_net.xml service profile. In Oracle Solaris 11.4, it
+ is disabled by default.
+
-Oracle Solaris 11.4 22 Feb 2017 in.rshd(8)
+Oracle Solaris 11.4 12 May 2022 in.rshd(8)
diff -NurbBw 11.4.45/man8/in.rwhod.8 11.4.48/man8/in.rwhod.8
--- 11.4.45/man8/in.rwhod.8 2022-08-16 11:04:47.196673875 -0700
+++ 11.4.48/man8/in.rwhod.8 2022-08-16 11:05:32.282316757 -0700
@@ -74,14 +75,14 @@
OPTIONS
The following options are supported:
- -m[ttl] Use the rwho IP multicast address (224.0.1.3) when transmit-
- ting. Receive announcements both on this multicast address
- and on the IP broadcast address. If ttl is not specified
- in.rwhod multicasts on all interfaces but with the IP Time-
- ToLive set to 1 (that is, packets are not forwarded by mul-
- ticast routers.) If ttl is specified in.rwhod only transmits
- packets on one interface and setting the IP TimeToLive to
- the specified ttl.
+ -m[ttl] Use the rwho IPv4 multicast address (224.0.1.3) when trans-
+ mitting. Receive announcements both on this multicast
+ address and on the IPv4 broadcast address. If ttl is not
+ specified, in.rwhod multicasts on all interfaces but with
+ the IP TimeToLive set to 1 (that is, packets are not for-
+ warded by multicast routers). If ttl is specified, in.rwhod
+ only transmits packets on one interface and sets the IP
+ TimeToLive to the specified ttl.
FILES
@@ -121,6 +122,20 @@
This technology may be removed in a future release of Oracle Solaris.
+BUGS
+ in.rwhod is not IPv6-enabled.
+
+
+ No service manifest is provided to allow managing in.rwhod by the ser-
+ vice management facility, smf(7).
+
+HISTORY
+ The in.rwhod service has been present since the initial release of
+ Solaris, but has never been enabled by default.
+
+
+ Support for multicast and the -m option was added in Solaris 2.0.
+
-Oracle Solaris 11.4 22 Feb 2017 in.rwhod(8)
+Oracle Solaris 11.4 12 May 2022 in.rwhod(8)
diff -NurbBw 11.4.45/man8/in.telnetd.8 11.4.48/man8/in.telnetd.8
--- 11.4.45/man8/in.telnetd.8 2022-08-16 11:04:47.226267704 -0700
+++ 11.4.48/man8/in.telnetd.8 2022-08-16 11:05:32.315618765 -0700
@@ -6,14 +6,16 @@
in.telnetd, telnetd - TELNET protocol server
SYNOPSIS
- /usr/sbin/in.telnetd [-a authmode] [-EXUh] [-s tos]
- [-S keytab] [-M realm]
+ /usr/sbin/in.telnetd [-a authmode] [-Uh] [-s tos]
+
+FMRI
+ svc:/network/telnet
DESCRIPTION
in.telnetd is a server that supports the IETF standard TELNET virtual
- terminal protocol. in.telnetd is normally invoked in the internet
- server (see inetd(8)), for requests to connect to the TELNET port as
- indicated by the /etc/services file (see services(5)).
+ terminal protocol. in.telnetd is normally invoked by inetd(8) for
+ requests to connect to the TELNET port as indicated by the services(5)
+ database.
in.telnetd operates by allocating a pseudo-terminal device for a
@@ -31,10 +33,9 @@
ONLCR enabled. See termio(4I).
- in.telnetd is willing to do: echo, binary, suppress go ahead, and
- timing mark. in.telnetd is willing to have the remote client do:
- binary, terminal type, terminal size, logout option, and suppress
- go ahead.
+ in.telnetd is willing to do: echo, binary, suppress go ahead, and tim-
+ ing mark. in.telnetd is willing to have the remote client do: binary,
+ terminal type, terminal size, logout option, and suppress go ahead.
in.telnetd also allows environment variables to be passed, provided
@@ -107,9 +108,6 @@
- -E Disables encryption support negotiation.
-
-
-h Disables displaying host specific information before
login has been completed.
@@ -121,46 +119,10 @@
through the getnameinfo(3C) function.
- -X Disables Kerberos V5 authentication support negotiation.
-
-
USAGE
- telnetd and in.telnetd are IPv6-enabled. See ip6(4P).
+ in.telnetd is IPv6-enabled. See ip6(4P).
SECURITY
- in.telnetd can authenticate using Kerberos V5 authentication,
- pam(3PAM), or both. By default, the telnet server will accept valid
- Kerberos V5 authentication credentials from a telnet client that sup-
- ports Kerberos. in.telnetd can also support an encrypted session from
- such a client if the client requests it.
-
-
- The telnet protocol only uses single DES for session protection--
- clients request service tickets with single DES session keys. The KDC
- must know that host service principals that offer the telnet service
- support single DES, which, in practice, means that such principals must
- have single DES keys in the KDC database.
-
-
- In order for Kerberos authentication to work, a host/<FQDN> Kerberos
- principal must exist for each Fully Qualified Domain Name associated
- with the telnetd server. Each of these host/<FQDN> principals must have
- a keytab entry in the /etc/krb5/krb5.keytab file on the telnetd server.
- An example principal might be:
-
-
- host/bigmachine.eng.example.com
-
-
- If Kerberized telnet(1) must be used, allow_weak_crypto = true must be
- set in krb5.conf on all systems involved (KDC, client, and server), as
- DES is hardcoded into the protocol.
-
-
- See kadmin for instructions on adding a principal to a krb5.keytab
- file.
-
-
in.telnetd uses pam(3PAM) for authentication, account management, ses-
sion management, and password management. The PAM configuration policy,
configured in /etc/pam.conf or per-service files in /etc/pam.d/, speci-
@@ -208,10 +170,6 @@
/etc/pam.d/other will be used. If multiple authentication modules are
listed, then the user may be prompted for multiple passwords.
-
- For a Kerberized telnet service, the correct PAM service name is ktel-
- net.
-
FILES
/etc/default/telnetd
@@ -226,62 +184,56 @@
+-----------------------------+-----------------------------+
SEE ALSO
- login(1), svcs(1), telnet(1), getnameinfo(3C), pam(3PAM), termio(4I),
- ip6(4P), issue(5), pam.conf(5), services(5), attributes(7), pam_auth-
- tok_check(7), pam_authtok_get(7), pam_authtok_store(7), pam_dhkeys(7),
- pam_passwd_auth(7), pam_unix_account(7), pam_unix_auth(7),
- pam_unix_session(7), smf(7), inetadm(8), inetd(8), svcadm(8)
+ login(1), ssh(1), svcs(1), telnet(1), getnameinfo(3C), pam(3PAM),
+ termio(4I), ip6(4P), issue(5), pam.conf(5), services(5), attributes(7),
+ pam_authtok_check(7), pam_authtok_get(7), pam_authtok_store(7),
+ pam_dhkeys(7), pam_passwd_auth(7), pam_unix_account(7),
+ pam_unix_auth(7), pam_unix_session(7), smf(7), sshd(8), inetadm(8),
+ inetd(8), svcadm(8)
- Alexander, S. RFC 1572, TELNET Environment Option. Network Information
- Center, SRI International, Menlo Park, Calif., January 1994.
+ Alexander, S. RFC 1572, TELNET Environment Option. Network Working
+ Group, January 1994. https://tools.ietf.org/html/rfc1572
- Borman, Dave. RFC 1408, TELNET Environment Option. Network Information
- Center, SRI International, Menlo Park, Calif., January 1993.
+ Borman, Dave. RFC 1408, TELNET Environment Option. Network Working
+ Group, January 1993. https://tools.ietf.org/html/rfc1408
Borman, Dave. RFC 1571, TELNET Environment Option Interoperability
- Issues. Network Information Center, SRI International, Menlo Park,
- Calif., January 1994.
+ Issues. Network Working Group, January 1994.
+ https://tools.ietf.org/html/rfc1571
- Crispin, Mark. RFC 727, TELNET Logout Option. Network Information Cen-
- ter, SRI International, Menlo Park, Calif., April 1977.
+ Crispin, Mark. RFC 727, TELNET Logout Option. Network Working Group,
+ April 1977. https://tools.ietf.org/html/rfc727
- Marcy, G. RFC 1096, TELNET X Display Location Option. Network Informa-
- tion Center, SRI International, Menlo Park, Calif., March 1989.
+ Marcy, G. RFC 1096, TELNET X Display Location Option. Network Working
+ Group, March 1989. https://tools.ietf.org/html/rfc1096
Postel, Jon, and Joyce Reynolds. RFC 854, TELNET Protocol Specifica-
- tion. Network Information Center, SRI International, Menlo Park,
- Calif., May 1983.
-
-
- Waitzman, D. RFC 1073, TELNET Window Size Option. Network Information
- Center, SRI International, Menlo Park, Calif., October 1988.
+ tion. Network Working Group, May 1983.
+ https://tools.ietf.org/html/rfc854
- Kohl, J., Neuman, C., The Kerberos Network Authentication Service (V5),
- RFC 1510. September 1993.
+ Waitzman, D. RFC 1073, TELNET Window Size Option. Network Working
+ Group, October 1988. https://tools.ietf.org/html/rfc1073
Ts'o, T. and J. Altman, Telnet Authentication Option, RFC 2941. Septem-
- ber 2000.
-
-
- Ts'o, T., Telnet Authentication: Kerberos Version 5, RFC 2942. Septem-
- ber 2000.
-
-
- Ts'o, T., Telnet Data Encryption Option, RFC 2946. September 2000.
+ ber 2000. https://tools.ietf.org/html/rfc2941
+NOTES
+ All data exchanges over this protocol are performed without encryption,
+ and have no protection against spoofing or snooping of traffic. The
+ in.telnetd server is disabled by default on Oracle Solaris and most
+ other modern operating systems, and may be removed in future versions
+ of Oracle Solaris. Use of the sshd(8) server is strongly recommended
+ instead.
- Ts'o, T., Telnet Encryption: DES 64 bit Cipher Feedback, RFC 2952. Sep-
- tember 2000.
-NOTES
Some TELNET commands are only partially implemented.
@@ -316,6 +266,38 @@
information for this service. The service's status can be queried using
the svcs(1) command.
+HISTORY
+ Support for Kerberos, including the options -E, -M, -S, -X, and -X, was
+ added in Solaris 10 3/05 and removed in Oracle Solaris 11.4.0. Prior to
+ Solaris 10, a kerberized version was available in the Sun Enterprise
+ Authentication Mechanism (SEAM) add-on package for Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
+
+
+ Support for the /etc/default/telnetd file, with the BANNER setting, was
+ added in Solaris 2.6.
+
+
+ Enhancements from 4.4BSD were added in Solaris 2.5, including support
+ for the LOGOUT, NAWS, XDISPLOC, OLD_ENVIRON, and NEW_ENVIRON protocol
+ options.
+
+
+ Support for the -n option was added in Solaris 2.0.
+
+
+ The telnet command has been present since the initial release of
+ Solaris.
+
+
+ The in.telnetd service was enabled by default in releases up through
+ Solaris 9. In the Solaris 10 through 11.3 releases, the service was
+ enabled under the generic_open.xml service profile, but disabled under
+ the generic_limited_net.xml service profile. In Oracle Solaris 11.4, it
+ is disabled by default.
+
-Oracle Solaris 11.4 11 May 2021 in.telnetd(8)
+Oracle Solaris 11.4 12 May 2022 in.telnetd(8)
diff -NurbBw 11.4.45/man8/in.timed.8 11.4.48/man8/in.timed.8
--- 11.4.45/man8/in.timed.8 2022-08-16 11:04:47.259090828 -0700
+++ 11.4.48/man8/in.timed.8 2022-08-16 11:05:32.342720220 -0700
@@ -6,39 +6,47 @@
in.timed - UDP or TCP time protocol service daemon
SYNOPSIS
- in.timed
+ /usr/lib/inet/in.timed
-
- FMRI svc:/internet/time:default
+FMRI
+ svc:/internet/time:default
DESCRIPTION
- FMRI stands for Fault Management Resource Identifier. It is used to
- identify resources managed by the Fault Manager. See fmd(8) and smf(7).
-
-
The in.timed service provides the server-side of the time protocol. The
time server sends to requestors the time in seconds since midnight,
January 1, 1900. The time protocol is available on both TCP and UDP
transports through port 37.
- The in.timed service is an inetd(8) smf(7) delegated service. The
+ The in.timed service is an inetd(8) delegated smf(7) service. The
in.timed detects which transport is requested by examining the socket
it is passed by the inetd daemon.
- TCP-based service Once a connection is established, the in.timed
- sends the time as a 32-bit binary number and
- closes the connection. Any received data is
- ignored.
+ TCP-based service
+
+ Once a connection is established, the in.timed sends the time as a
+ 32-bit binary number and closes the connection. Any received data
+ is ignored.
+
+ UDP-based service
- UDP-based service The in.timed listens for UDP datagrams. When a
- datagram is received, the server generates a UDP
- datagram containing the time as a 32-bit binary
- number and sends it to the client. Any received
+ The in.timed listens for UDP datagrams. When a datagram is
+ received, the server generates a UDP datagram containing the time
+ as a 32-bit binary number and sends it to the client. Any received
data is ignored.
+USAGE
+ The protocol used by in.timed represents time as an unsigned 32-bit
+ number of seconds ranging from January 1, 1900 to February 7, 2036.
+ Another method of time synchronization must be used for dates past the
+ end of this range.
+
+
+ For most purposes, NTP is strongly recommended over this service. For
+ more information, see the ntpd(8) man pages.
+
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -52,11 +60,40 @@
+-----------------------------+----------------------------------------+
SEE ALSO
- attributes(7), smf(7), inetd(8)
+ attributes(7), smf(7), in.daytimed(8), inetadm(8), inetd(8), ntpd(8)
+
+
+ Postel, J. and K. Harrenstien. RFC 868, Time Protocol. Network Working
+ Group. May 1983. https://tools.ietf.org/html/rfc868
+
+NOTES
+ The in.timed service is managed by the service management facility,
+ smf(7), under the service identifier:
+
+ svc:/internet/time:default
+
+
+
+ Administrative actions on this service, such as enabling, disabling, or
+ requesting restart, can be performed using svcadm(8). Responsibility
+ for initiating and restarting this service is delegated to inetd(8).
+ Use inetadm(8) to make configuration changes and to view configuration
+ information for this service. The service's status can be queried using
+ the svcs(1) command.
+
+HISTORY
+ The in.timed program and the svc:/internet/time:default service were
+ added in the Solaris 10 3/05 release. Prior to that, support for the
+ time service was provided as a builtin part of inetd(8) since the ini-
+ tial release of Solaris.
+
+
+ Support for IPv6 was added in Solaris 8.
- RFC 868
+ The time service was enabled by default in releases up through Solaris
+ 9, but has been disabled by default since the Solaris 10 3/05 release.
-Oracle Solaris 11.4 16 Aug 2011 in.timed(8)
+Oracle Solaris 11.4 12 May 2022 in.timed(8)
diff -NurbBw 11.4.45/man8/installadm.8 11.4.48/man8/installadm.8
--- 11.4.45/man8/installadm.8 2022-08-16 11:04:47.349002543 -0700
+++ 11.4.48/man8/installadm.8 2022-08-16 11:05:32.431661335 -0700
@@ -2257,7 +2257,8 @@
--telemetry-enable | --telemetry-disable
Turns on or off the sending of telemetry data to the AI server
- from the AI client.
+ from the AI client. The sstored(8) service, svc:/system/sstore,
+ must be enabled for telemetry to be sent.
--telemetry-frequency <number_of_seconds>
diff -NurbBw 11.4.45/man8/ldmd.8 11.4.48/man8/ldmd.8
--- 11.4.45/man8/ldmd.8 2022-08-16 11:04:47.380285421 -0700
+++ 11.4.48/man8/ldmd.8 2022-08-16 11:05:32.464910540 -0700
@@ -393,6 +393,27 @@
zero. The default value is 100 seconds.
+ ldmd/tls_certificate
+
+ Specifies the location of the TLS certificate ldmd uses for remote
+ XMPP and migration connections. The default is /var/opt/SUN-
+ Wldm/server.crt, which is automatically created as needed.
+
+
+ ldmd/tls_host_match
+
+ Specifies whether to perform full hostname matching when evaluating
+ a remote certificate's validity. The default is false.
+
+
+ ldmd/tls_privatekey
+
+ Specifies the location of the TLS certificate's private key ldmd
+ uses for remote XMPP and migration connections. The default is
+ /var/opt/SUNWldm/server.key, which is automatically created as
+ needed.
+
+
ldmd/xmpp_enabled
Enables the ldmd XMPP server to listen for configuration requests
@@ -439,4 +460,4 @@
-Oracle Solaris 11.4 07 Jan 2021 ldmd(8)
+Oracle Solaris 11.4 25 Apr 2022 ldmd(8)
diff -NurbBw 11.4.45/man8/netstat.8 11.4.48/man8/netstat.8
--- 11.4.45/man8/netstat.8 2022-08-16 11:04:47.479284430 -0700
+++ 11.4.48/man8/netstat.8 2022-08-16 11:05:32.550386083 -0700
@@ -336,9 +336,9 @@
-P protocol
Limit display of statistics or state of all sockets to those appli-
- cable to protocol. The protocol can be one of icmpv6, icmp, igmp,
- udp, tcp, sdp, rawip. rawip can also be specified as raw. The com-
- mand accepts protocol options only as all lowercase.
+ cable to protocol. The protocol can be one of icmpv6, icmp, ip,
+ ipv6, sctp, igmp, udp, tcp, sdp, rawip. rawip can also be specified
+ as raw. The command accepts protocol options only as all lowercase.
-L
diff -NurbBw 11.4.45/man8/quota.8 11.4.48/man8/quota.8
--- 11.4.45/man8/quota.8 2022-08-16 11:04:47.507241610 -0700
+++ 11.4.48/man8/quota.8 2022-08-16 11:05:32.587133615 -0700
@@ -46,8 +46,8 @@
+-----------------------------+-----------------------------+
SEE ALSO
- attributes(7), privileges(7), zones(7), edquota(8), quotacheck(8), quo-
- taon(8), repquota(8), rquotad(8), mount_nfs(8)
+ attributes(7), privileges(7), zones(7), edquota(8), mount_nfs(8), quo-
+ tacheck(8), quotaon(8), repquota(8), rquotad(8)
NOTES
quota displays quotas for NFS mounted UFS- or ZFS-based file systems if
diff -NurbBw 11.4.45/man8/rdate.8 11.4.48/man8/rdate.8
--- 11.4.45/man8/rdate.8 2022-08-16 11:04:47.534298326 -0700
+++ 11.4.48/man8/rdate.8 2022-08-16 11:05:32.621655031 -0700
@@ -25,6 +25,17 @@
The rdate command is IPv6-enabled. For more information, see the
ip6(4P) man page.
+
+ The protocol used by rdate represents time as an unsigned 32-bit number
+ of seconds ranging from January 1, 1900 to February 7, 2036. The rdate
+ command further restricts this range by not changing the system date to
+ dates prior to December 13, 1983. Another method of time synchroniza-
+ tion must be used for dates past the end of this range.
+
+
+ For most purposes, NTP is strongly recommended over this utility. For
+ more information, see the ntpdate(8) and ntpd(8) man pages.
+
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -38,11 +49,15 @@
+-----------------------------+--------------------------------+
SEE ALSO
- ip6(4P), inetd.conf(5), attributes(7), inetd(8)
+ ip6(4P), inetd.conf(5), attributes(7), in.timed(8), ntpd(8), ntpdate(8)
NOTES
This technology may be removed in a future release of Oracle Solaris.
+HISTORY
+ The rdate command has been present since the initial release of
+ Solaris.
+
-Oracle Solaris 11.4 03 Feb 2017 rdate(8)
+Oracle Solaris 11.4 12 May 2022 rdate(8)
diff -NurbBw 11.4.45/man8/rpc.rstatd.8 11.4.48/man8/rpc.rstatd.8
--- 11.4.45/man8/rpc.rstatd.8 2022-08-16 11:04:47.666645780 -0700
+++ 11.4.48/man8/rpc.rstatd.8 2022-08-16 11:05:32.710753720 -0700
@@ -8,13 +8,13 @@
SYNOPSIS
/usr/lib/netsvc/rstat/rpc.rstatd
-DESCRIPTION
- rpc.rstatd is a server which returns performance statistics obtained
- from the kernel. rup(1) uses rpc.rstatd to collect the uptime informa-
- tion that it displays.
-
+FMRI
+ svc:/network/rpc/rstat:default
- rpc.rstatd is an RPC service.
+DESCRIPTION
+ rpc.rstatd is an RPC service which returns performance statistics
+ obtained from the kernel. rup(1) uses rpc.rstatd to collect the uptime
+ information that it displays.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -25,6 +25,8 @@
+-----------------------------+----------------------------------------+
|Availability |service/network/legacy-remote-utilities |
+-----------------------------+----------------------------------------+
+ |Interface Stability |Committed |
+ +-----------------------------+----------------------------------------+
SEE ALSO
rup(1), svcs(1), services(5), attributes(7), smf(7), svcadm(8),
@@ -45,6 +47,22 @@
information for this service. The service's status can be queried using
the svcs(1) command.
+HISTORY
+ The rpc.rstatd service has been present since the initial release of
+ Solaris.
+
+
+ The rpc.rstatd service was enabled by default in releases up through
+ Solaris 9. In the Solaris 10 through 11.3 releases, the service was
+ enabled under the generic_open.xml service profile, but disabled under
+ the generic_limited_net.xml service profile. In Oracle Solaris 11.4, it
+ is disabled by default.
+
+
+ In releases of Solaris before Solaris 11, the rpc.rstatd service was
+ also used to provide load average data to the OpenWindows and CDE per-
+ formance meter tools.
+
-Oracle Solaris 11.4 13 Aug 2014 rpc.rstatd(8)
+Oracle Solaris 11.4 12 May 2022 rpc.rstatd(8)
diff -NurbBw 11.4.45/man8/rpc.rusersd.8 11.4.48/man8/rpc.rusersd.8
--- 11.4.45/man8/rpc.rusersd.8 2022-08-16 11:04:47.698572458 -0700
+++ 11.4.48/man8/rpc.rusersd.8 2022-08-16 11:05:32.737904515 -0700
@@ -8,9 +8,13 @@
SYNOPSIS
/usr/lib/netsvc/rusers/rpc.rusersd
+FMRI
+ svc:/network/rpc/rusers:default
+
DESCRIPTION
- rpc.rusersd is a server that returns a list of users on the host. The
- rpc.rusersd daemon may be started by inetd(8).
+ rpc.rusersd is an RPC service that returns a list of users currently
+ logged into the host. The rpc.rusersd daemon may be started by
+ inetd(8).
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -21,6 +25,8 @@
+-----------------------------+----------------------------------------+
|Availability |service/network/legacy-remote-utilities |
+-----------------------------+----------------------------------------+
+ |Interface Stability |Commmitted |
+ +-----------------------------+----------------------------------------+
SEE ALSO
svcs(1), attributes(7), smf(7), inetadm(8), inetd(8), svcadm(8)
@@ -40,6 +46,17 @@
information for this service. The service's status can be queried using
the svcs(1) command.
+HISTORY
+ The rpc.rusersd service has been present since the initial release of
+ Solaris.
+
+
+ The rpc.rusersd service was enabled by default in releases up through
+ Solaris 9. In the Solaris 10 through 11.3 releases, the service was
+ enabled under the generic_open.xml service profile, but disabled under
+ the generic_limited_net.xml service profile. In Oracle Solaris 11.4, it
+ is disabled by default.
+
-Oracle Solaris 11.4 13 Aug 2014 rpc.rusersd(8)
+Oracle Solaris 11.4 12 May 2022 rpc.rusersd(8)
diff -NurbBw 11.4.45/man8/rpc.rwalld.8 11.4.48/man8/rpc.rwalld.8
--- 11.4.45/man8/rpc.rwalld.8 2022-08-16 11:04:47.740742082 -0700
+++ 11.4.48/man8/rpc.rwalld.8 2022-08-16 11:05:32.765258784 -0700
@@ -8,9 +8,12 @@
SYNOPSIS
/usr/lib/netsvc/rwall/rpc.rwalld
+FMRI
+ svc:/network/rpc/wall:default
+
DESCRIPTION
- rpc.rwalld is a server that handles rwall(8) requests. It is imple-
- mented by calling wall(8) on all the appropriate network machines. The
+ rpc.rwalld is an RPC service that handles rwall(8) requests. It is
+ implemented by calling wall(8) with the text sent by rwall. The
rpc.rwalld daemon may be started by inetd(8).
ATTRIBUTES
@@ -22,6 +25,8 @@
+-----------------------------+----------------------------------------+
|Availability |service/network/legacy-remote-utilities |
+-----------------------------+----------------------------------------+
+ |Interface Stability |Committed |
+ +-----------------------------+----------------------------------------+
SEE ALSO
svcs(1), attributes(7), smf(7), inetadm(8), inetd(8), rwall(8),
@@ -44,6 +47,14 @@
information for this service. The service's status can be queried using
the svcs(1) command.
+HISTORY
+ The rpc.rwalld service has been present since the initial release of
+ Solaris.
+
+
+ The rpc.rwalld service was enabled by default in releases up through
+ Solaris 9. In Solaris 10 and later, it is disabled by default.
+
-Oracle Solaris 11.4 13 Aug 2014 rpc.rwalld(8)
+Oracle Solaris 11.4 12 May 2022 rpc.rwalld(8)
diff -NurbBw 11.4.45/man8/rwall.8 11.4.48/man8/rwall.8
--- 11.4.45/man8/rwall.8 2022-08-16 11:04:47.893120894 -0700
+++ 11.4.48/man8/rwall.8 2022-08-16 11:05:32.878989227 -0700
@@ -25,12 +25,22 @@
to all users logged in on the specified host machines. With the -n
option, it sends to the specified network groups.
+
+ A remote host will only receive the message if it is running the
+ rpc.rwalld(8) daemon, which may be started up from inetd(8) under the
+ service identifier svc:/network/rpc/wall:default. This service is dis-
+ abled by default on Solaris 10 and later systems, and must be enabled
+ by an administrator in order for a host to receive rwall messages.
+
OPTIONS
- -n netgroup Send the broadcast message to the specified network
- groups.
+ -n netgroup
+
+ Send the broadcast message to the specified network groups.
- -h hostname Specify the hostname, the name of the host machine.
+ -h hostname
+
+ Send the broadcast message to the specified host machine.
ATTRIBUTES
@@ -42,15 +52,21 @@
+-----------------------------+--------------------------------+
|Availability |network/legacy-remote-utilities |
+-----------------------------+--------------------------------+
+ |Interface Stability |Committed |
+ +-----------------------------+--------------------------------+
SEE ALSO
- attributes(7), inetd(8), wall(8)
+ attributes(7), inetd(8), rpc.rwalld(8), wall(8)
NOTES
The timeout is fairly short to allow transmission to a large group of
machines (some of which may be down) in a reasonable amount of time.
Thus the message may not get through to a heavily loaded machine.
+HISTORY
+ The rwall command has been present since the initial release of
+ Solaris.
+
-Oracle Solaris 11.4 16 Sep 2016 rwall(8)
+Oracle Solaris 11.4 12 May 2022 rwall(8)
diff -NurbBw 11.4.45/man8/svc.periodicd.8 11.4.48/man8/svc.periodicd.8
--- 11.4.45/man8/svc.periodicd.8 2022-08-16 11:04:47.996888865 -0700
+++ 11.4.48/man8/svc.periodicd.8 2022-08-16 11:05:32.969864512 -0700
@@ -262,6 +262,12 @@
the other constraints of 'day', 'hour', 'minute' and 'second' are not
specified they will be assigned random values by svc.periodicd.
+
+ If the service manifest of a periodic service does not explicitly spec-
+ ify a 'timezone', the service uses the system timezone. If the system
+ timezone changes, ensure that any periodic service that does not spec-
+ ify its timezone is refreshed to reflect the system timezone change.
+
Service States
Services managed by svc.periodicd can appear in any of the states
described in smf(7). The state definitions are unmodified by this
@@ -478,4 +484,4 @@
-Oracle Solaris 11.4 15 Jul 2021 svc.periodicd(8)
+Oracle Solaris 11.4 31 Mar 2022 svc.periodicd(8)
diff -NurbBw 11.4.45/man8/svc.startd.8 11.4.48/man8/svc.startd.8
--- 11.4.45/man8/svc.startd.8 2022-08-16 11:04:48.043277119 -0700
+++ 11.4.48/man8/svc.startd.8 2022-08-16 11:05:33.012679607 -0700
@@ -247,7 +247,8 @@
If the service is unable to recognize configuration changes
without a restart, no refresh method is provided.
- This method is optional.
+ This method is optional and is invoked only on running
+ (online or degraded) service instances.
start Start the service. Return success only after the application
@@ -557,4 +558,4 @@
-Oracle Solaris 11.4 03 Jan 2020 svc.startd(8)
+Oracle Solaris 11.4 25 Mar 2022 svc.startd(8)
diff -NurbBw 11.4.45/man8/sxadm.8 11.4.48/man8/sxadm.8
--- 11.4.45/man8/sxadm.8 2022-08-16 11:04:48.081807325 -0700
+++ 11.4.48/man8/sxadm.8 2022-08-16 11:05:33.052449851 -0700
@@ -351,6 +351,10 @@
executable with the ssbd elf tag (see ld(1)) or by executing the
process via the sxadm command and enabling the feature.
+ On affected Intel systems with the 2021.2 IPU or later microcode
+ updates, the SSBD extension also enables the Predictive Store For-
+ warding Disable (PSFD) mitigation for CVE-2021-0145.
+
TAA_NO - Intel TSX Asynchronous Abort (TAA) Hardware Avoidance Mitiga-
tion
@@ -823,4 +827,4 @@
-Oracle Solaris 11.4 9 Mar 2022 sxadm(8)
+Oracle Solaris 11.4 29 Apr 2022 sxadm(8)
diff -NurbBw 11.4.45/man8/vmstat.8 11.4.48/man8/vmstat.8
--- 11.4.45/man8/vmstat.8 2022-08-16 11:04:48.150753774 -0700
+++ 11.4.48/man8/vmstat.8 2022-08-16 11:05:33.116978248 -0700
@@ -376,5 +376,11 @@
stolen time.
+ In order to view historical data via vmstat, the sstore collection vm-
+ stats must have been enabled for the time period being observed. Refer
+ to sstoreadm(1) for more information about enabling a sstore collec-
+ tion.
-Oracle Solaris 11.4 14 Jul 2021 vmstat(8)
+
+
+Oracle Solaris 11.4 28 Apr 2022 vmstat(8)
diff -NurbBw 11.4.45/man8/zfs_encrypt.8 11.4.48/man8/zfs_encrypt.8
--- 11.4.45/man8/zfs_encrypt.8 2022-08-16 11:04:48.198963294 -0700
+++ 11.4.48/man8/zfs_encrypt.8 2022-08-16 11:05:33.155869387 -0700
@@ -476,8 +476,10 @@
-r
- Applies the operation recursively to all the datasets below the
- named file system or volume.
+ This option is no longer supported. Datasets that inherit the
+ keysource property automatically have their wrapping key
+ changed when zfs key -c is applied to the dataset keysource is
+ inherited from.
-t type
diff -NurbBw 11.4.45/man8/zfs.8 11.4.48/man8/zfs.8
--- 11.4.45/man8/zfs.8 2022-08-16 11:04:48.307111181 -0700
+++ 11.4.48/man8/zfs.8 2022-08-16 11:05:33.310534173 -0700
@@ -55,7 +55,7 @@
zfs diff -E [-FHqrt] [-o field] ... snapshot|filesystem
- zfs get [-rHpe|-d max] [-o all | field[,...]] [-s source[,...]]
+ zfs get [-rHpe] [-d max] [-o all | field[,...]] [-s source[,...]] [-u]
[-I state,...] all | property[,...]
filesystem|volume|snapshot|share ...
@@ -85,8 +85,8 @@
zfs key -K {-a | [-r] filesystem|volume}
- zfs list [-rH|-d max][-o property[,...]] [-t type[,...]] [-I state,..]
- [-s property] ... [-S property] ...
+ zfs list [-rH] [-d max][-o property[,...]] [-t type[,...]] [-I state,..]
+ [[-s property] ... [-S property] ... | [-u]]
[filesystem|volume|snapshot|share|path] ...
@@ -1879,8 +1879,9 @@
- zfs get [-rHpe|-d max] [-o all | field[,...]] [-s source[,...]] [-I
- state,...] all | property[,...] filesystem|volume|snapshot|share ...
+ zfs get [-rHpe] [-d max] [-o all | field[,...]] [-s source[,...]] [-u]
+ [-I state,...] all | property[,...] filesystem|volume|snapshot|share
+ ...
Displays properties for the given datasets. If no datasets are
specified, then the command displays properties for all datasets on
@@ -1970,6 +1971,14 @@
states.
+ -u
+
+ Do not sort datasets. Datasets are reported as they are encoun-
+ tered, so the maximum width of the columns is not yet known.
+ The maximum width of columns will grow as longer values are
+ discovered.
+
+
zfs groupspace [-hniHp] [-o field[,...]] [-sS field]... [-t type
[,...]] filesystem | snapshot
@@ -2046,9 +2055,9 @@
- zfs list [-rH|-d max] [-o property[,...]] [ -t type[,...]] [-I
- state,...][ -s property ] ... [ -S property ] ... [filesystem|vol-
- ume|snapshot|share|path] ...
+ zfs list [-rH] [-d max] [-o property[,...]] [ -t type[,...]] [-I
+ state,...] [[ -s property ] ... [ -S property ] ... | -u] [filesys-
+ tem|volume|snapshot|share|path] ...
Lists the property information for the given datasets in tabular
form. If specified, you can list property information by the abso-
@@ -2133,6 +2142,15 @@
order.
+ -u
+
+ Do not sort datasets. Datasets are reported as they are encoun-
+ tered, so the maximum width of the columns is not yet known.
+ The maximum width of columns will grow as longer values are
+ discovered. This option is incompatible with sorting options -s
+ and -S.
+
+
-t type
A comma-separated list of types to display, where type is one
diff -NurbBw 11.4.45/man8/zoneadm.8 11.4.48/man8/zoneadm.8
--- 11.4.45/man8/zoneadm.8 2022-08-16 11:04:48.367008172 -0700
+++ 11.4.48/man8/zoneadm.8 2022-08-16 11:05:33.369418820 -0700
@@ -651,81 +651,12 @@
- zoneadm move [-p URI ... -p URI] [-x extended-options] new-zonepath
-
- Move the zone installation to a new location in the local file sys-
- tem or a new ZFS storage pool and/or change current zonepath to
- new-zonepath.
-
- A zone installation in the local file system (no rootzpool
- resource) can be moved to a new ZFS storage pool built on device(s)
- specified by the storage URI(s). A new rootzpool resource is added
- to the zone configuration.
-
- A zone installation configured with a rootzpool resource may be
- moved to a new ZFS storage pool build on device(s) specified by the
- storage URI(s) or out of its containing ZFS storage pool into the
- local file system.
-
- The move subcommand may also be used to change just the zonepath
- without otherwise changing the zone installation itself.
-
- The zone must be halted before this subcommand can be used. The
- zonepath must be a valid pathname and normal restrictions for a
- zonepath apply.
-
- The move subcommand is not supported for solaris-kz brand.
-
- The following options are supported:
-
- -p URI
-
- Use the specified storage URI for the new rootzpool resource.
- Each storage URI must be specified with a separate -p option.
- If multiple storage URIs have been specified, a mirrored ZFS
- storage pool is created by default.
-
-
- -x remove-rootzpool
-
- Specify this option to move a zone out of its containing ZFS
- storage pool into the local file system specified by the new-
- zonepath.
-
-
- -x force-zpool-destroy=rpool
+ zoneadm move [-p URI ... -p URI] [brand-specific options]
- Specify this option to forcibly destroy the zpool associated
- with the original rootzpool resource after the zone installa-
- tion has been moved.
-
-
- -x force-zpool-import
-
- Specify this option to forcibly reuse the existing zpool as the
- rootzpool resource.
-
-
- -x force-zpool-create=rpool
-
- Specify this option to forcibly create the zpool for the
- rootzpool resource.
-
-
- -x create-size=storage-size
-
- Specify this option to create any missing storage device(s), if
- supported by the storage URI type. A positive number with
- appropriate scale suffix (K, M, G or T) is expected here to
- specify the size of an individual storage device.
-
-
- -x force-storage-destroy-all
-
- Specify this option to destroy storage associated with the
- original rootzpool resource after the zone has been moved, if
- supported by the storage URI type.
+ Move the zone installation to a new location.
+ For brand specific information for this subcommand, see Brand-Spe-
+ cific sections below.
zoneadm ready [-x extended-options]
@@ -1241,6 +1172,81 @@
+ zoneadm move [-p URI ... -p URI] [-x extended-options] new-zonepath
+
+ Move the zone installation to a new location in the local file sys-
+ tem or a new ZFS storage pool and/or change current zonepath to
+ new-zonepath.
+
+ A zone installation in the local file system (no rootzpool
+ resource) can be moved to a new ZFS storage pool built on device(s)
+ specified by the storage URI(s). A new rootzpool resource is added
+ to the zone configuration.
+
+ A zone installation configured with a rootzpool resource may be
+ moved to a new ZFS storage pool built on device(s) specified by the
+ storage URI(s) or out of its containing ZFS storage pool into the
+ local file system.
+
+ The move subcommand may also be used to change just the zonepath
+ without otherwise changing the zone installation itself.
+
+ The zone must be halted before this subcommand can be used. The
+ zonepath must be a valid pathname and normal restrictions for a
+ zonepath apply.
+
+ The following options are supported:
+
+ -p URI
+
+ Use the specified storage URI for the new rootzpool resource.
+ Each storage URI must be specified with a separate -p option.
+ If multiple storage URIs have been specified, a mirrored ZFS
+ storage pool is created by default.
+
+
+ -x remove-rootzpool
+
+ Specify this option to move a zone out of its containing ZFS
+ storage pool into the local file system specified by the new-
+ zonepath.
+
+
+ -x force-zpool-destroy=rpool
+
+ Specify this option to forcibly destroy the zpool associated
+ with the original rootzpool resource after the zone installa-
+ tion has been moved.
+
+
+ -x force-zpool-import
+
+ Specify this option to forcibly reuse the existing zpool as the
+ rootzpool resource.
+
+
+ -x force-zpool-create=rpool
+
+ Specify this option to forcibly create the zpool for the
+ rootzpool resource.
+
+
+ -x create-size=storage-size
+
+ Specify this option to create any missing storage device(s), if
+ supported by the storage URI type. A positive number with
+ appropriate scale suffix (K, M, G or T) is expected here to
+ specify the size of individual storage device(s).
+
+
+ -x force-storage-destroy-all
+
+ Specify this option to destroy storage associated with the
+ original rootzpool resource after the zone has been moved, if
+ supported by the storage URI type.
+
+
+
solaris-kz Brand-Specific Subcommands
The following solaris-kz brand-specific subcommand options are sup-
ported.
@@ -1463,6 +1469,62 @@
+ zoneadm move [-v] -p URI [-p URI ...] [-x force-zpool-attach]
+
+ The move subcommand enables you to migrate storage on a running
+ solaris-kz branded zone. The subcommand applies only to the root
+ ZFS pool. It supports all permissible URI types as the storage
+ property value of the device resource for the solaris-kz brand. See
+ suri(7).
+
+ Before you initiate the migration, ensure that the zone is booted.
+ In addition, you must be able to use the zlogin command to access
+ the kernel zone.
+
+ The subcommand replaces all the devices that form a kernel zone's
+ ZFS root pool with devices that you specify by using the -p
+ option(s). Each device is represented as a URI. Ensure that any
+ device you specify exists before you initiate the move operation.
+ The number of devices you specify might not match the number of
+ devices in the existing root pool. If you specify more than one
+ device, the subcommand forms a mirror unless a mirror already
+ exists. See solaris-kz(7).
+
+ The move operation first attaches all new devices to the zone root
+ zpool and then detaches all of the original devices. If you specify
+ a device that is part of another ZFS pool, use the -x force-zpool-
+ attach option to force that device to attach. While the newly
+ attached disks are being resilvered, the root zpool status is
+ DEGRADED. See zpool(8) for information about common restrictions
+ when replacing disks in a ZFS pool.
+
+ During the move operation, a failure or a SIGINT or SIGTERM signal
+ interruption triggers an attempt to restore the zone configuration
+ and storage to its initial state.
+
+ Verbose progress output is always produced to a unique log file.
+ The log file name is specified in the command output.
+
+ The move subcommand uses the following options:
+
+ -p URI
+
+ Specifies a URI that represents a device.
+
+ You must use at least one -p option.
+
+
+ -v
+
+ Writes verbose progress output to standard output as well.
+
+
+ -x force-zpool-attach
+
+ Forces the device to attach to the root zpool.
+
+
+
solaris10 Brand-Specific Subcommands
The following solaris10 brand-specific subcommand options are sup-
ported.
@@ -1602,6 +1664,13 @@
+ zoneadm move [-p URI ... -p URI] [-x extended-options] new-zonepath
+
+ The move subcommand for the solaris10 brand behaves identically as
+ for the solaris brand. See the solaris Brand-Specific section for
+ more information.
+
+
EXAMPLES
Example 1 Using the -m Option
@@ -1808,4 +1877,4 @@
-Oracle Solaris 11.4 15 Nov 2021 zoneadm(8)
+Oracle Solaris 11.4 15 Mar 2022 zoneadm(8)
diff -NurbBw 11.4.45/man8s/memory-reserve.8s 11.4.48/man8s/memory-reserve.8s
--- 11.4.45/man8s/memory-reserve.8s 2022-08-16 11:04:48.398478731 -0700
+++ 11.4.48/man8s/memory-reserve.8s 2022-08-16 11:05:33.407265315 -0700
@@ -10,10 +10,10 @@
DESCRIPTION
memory-reserve is an SMF service to configure and manage Memory Reser-
- vation Pools (MRPs) for Kernel Zones. A memory-reserve service instance
- can be configured with the desired properties of the MRP. The creation,
- destruction, and modification of the MRP can then be managed by
- enabling, disabling, and refreshing the service.
+ vation Pools (MRPs). A memory-reserve service instance can be config-
+ ured with the desired properties of the MRP. The creation, destruction,
+ and modification of the MRP can then be managed by enabling, disabling,
+ and refreshing the service.
SMF Configuration
Properties
@@ -28,33 +28,41 @@
config/pagesize-policy
- Allowed values are 'smallest-only,' 'largest-available' and
- 'largest-only'.
+ Allowed values are smallest-only, largest-available and
+ largest-only. Only used by the Kernel Zones instance, other
+ types ignore this value.
config/type
- Type of Memory Reservation Pool.
+ Read only. Type of Memory Reservation Pool.
config/lgrps
Locality group (LGRP) id(s) to use if desired. The default is
to use the root LGRP, spreading the reservation across avail-
- able LGRPs. See lgrpinfo(1).
+ able LGRPs. See lgrpinfo(1). Only used by the Kernel Zones
+ instance, other types ignore this value.
+
+
+ config/granule-size
+
+ Size of the OSM granules that are to allocate from the pool. A
+ scale (K, M, G, T) can be applied to the value. Only used by
+ the OSM instance, other types ignore this value.
Service Instances
- One instance of svc:/system/memory-reserve is defined by default:
svc:/system/memory-reserve:zones
Disabled by default, this service instance is configured for
direct use by Kernel Zones with a pre-set config/type property
- of 'solaris-kz'. Additional configuration by an administrator,
- at minimum setting the config/size property, is required before
+ of solaris-kz. Additional configuration by an administrator, at
+ minimum setting the config/size property, is required before
this instance can be enabled.
The config/pagesize-policy and config/size properties provide
@@ -62,14 +70,36 @@
types by the zonecfg(8) capped-memory:pagesize-policy and con-
fig/size properties.
+ The config/granule-size property is ignored for this instance
+ type.
+
For a worked example, see the solaris-kz(7) page.
+ svc:/system/memory-reserve:osm
+
+ Disabled by default, this service instance is configured for
+ direct use by Optimized Shared Memory (OSM) segments. OSM has a
+ pre-set config/type property of solaris-osm. Additional config-
+ uration by an administrator, consisting of setting the con-
+ fig/size and config/granule-size properties, is required before
+ this instance can be enabled. See Database Installation Guide
+ for Oracle Solaris (https://docs.oracle.com/en/database/ora-
+ cle/oracle-database/19/ssdbi/configuring-additional-shared-mem-
+ ory-identifiers-limit.html#GUID-
+ A655E968-61F2-441B-97B3-61BE6A6487C1) for recommended granule
+ size.
+
+ The config/pagesize-policy and config/lgrps properties are
+ ignored for this instance type.
+
+
+
SEE ALSO
lgrpinfo(1), smf(7), solaris-kz(7), mrpstat(8), svcadm(8), svccfg(8),
zonecfg(8)
-Oracle Solaris 11.4 23 Jun 2020 memory-reserve(8s)
+Oracle Solaris 11.4 1 Nov 2021 memory-reserve(8s)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment