Pub. Date:
Prentice Hall
Sun Certified System Administrator for Solaris 8 Study Guide / Edition 1

Sun Certified System Administrator for Solaris 8 Study Guide / Edition 1


Current price is , Original price is $39.99. You

Temporarily Out of Stock Online

Please check back later for updated availability.

This item is available online through Marketplace sellers.

2 New & Used Starting at $1.99


Sun Certified System Administrator for Solaris 8 Study Guide is the only Solaris 8 administration exam prep guide endorsed by Sun Educational Services - and the only book with assessment questions approved by the exam's creators. More than a study guide, it's an outstanding reference - covering files, filesystems, disks, backup, installation, initialization, shutdown, commands, shells, security, processes, GUIs, user administration, troubleshooting, and much more.

Product Details

ISBN-13: 9780130409331
Publisher: Prentice Hall
Publication date: 10/26/2001
Edition description: Study Guide
Pages: 448
Product dimensions: 7.00(w) x 9.30(h) x 1.10(d)

About the Author

PETER H. GREGORY is manager of Security Strategy at AT&T Wireless in Redmond, Washington. He has served as computing systems and security architect, system administrator, network engineer, webmaster, and network software engineer for AT&T Wireless. Previously, he was lead software development engineer for a UNIX-based casino management product. His previous books include Solaris Security (Prentice Hall PTR/Sun Microsystems Press).

Read an Excerpt

5: User Accounts and Environments

This chapter describes the basic workings of user accounts on Solaris systems.

What's in this chapter

  • What the userid root is and why it needs extra protection
  • Ways to respond when a user asks for root privileges
  • How the password, shadow, and group files work
  • Methods for strengthening account and user environment security
  • Auditing tools
Why this is important

User accounts lie at the very heart of UNIX system security. They are the first layer of defense against misuse and attack. It is therefore necessary for a UNIX systems administrator to thoroughly understand what user accounts are and how they work.


People identify themselves to a computer via a userid (also known as UID). The computer systems we interact with grant or deny access to information based upon our userids.

Computers grant you access to information based upon who they think you are, not upon who you actually are. Take, for example, a financial clerk who has access to bank account information. The clerk is logged into the computer system—that is, the clerk has identified himself by providing a userid and password. The computer then allows the clerk to access and change financial records for its customers.

Now let's say that the clerk gets up to take a five-minute stretch—he just walks away from his terminal. Anyone could sit down at that terminal and enter transactions as though they were the clerk. The computer does not know the difference—it doesn't know whether the person entering transac-tions is the original clerk who signed on earlier.

User Account Security

The hacker who seeks information from a computer system needs only to find a way to trick either a person or the computer itself about his or her identity. Hackers are interested in the operating system software bugs that permit them to easily assume the identity of a person who is allowed to access or modify the information they seek.

The Root Account

The userid root is the ultimate prize to computer hackers. This account, used by UNIX system administrators, has unlimited access to virtually all pro-grams, files, and resources a computer has to offer. If a hacker can change his identity from that of a normal user to any other user, root is frequently the account of choice because of its unrestricted access.

The root user not only has read access to everything on the computer, but has write access as well. Thus, not only can skilled hackers access any infor-mation on a computer, but they can alter it as well. Frequently hackers break into computer systems, get the information (or inflict the damage) they want, and then erase their tracks by removing entries in logs that recorded their presence. All too frequently hackers break into a system, do their dirty deeds, remove traces of their activities on all log files, and quietly sneak away.

The root account is omnipotent not because of its name, but because of its userid, which is 0. The first line from the /etc/passwd file is shown in Figure 5.1 to illustrate.

Other accounts can be created with a userid of 0; those other accounts have all the power and privilege that root has. Further, the root account's name could be changed, but as long as its userid number is 0, it is still root.

Other Administrative Accounts and Groups

Several administrative accounts exist on a Solaris system. While these accounts do not have root privileges, they should be protected as though they did. System processes using these accounts control basic system functions such as electronic mail, relational database access, and printing. A compro-mise of any of these accounts can result in wholesale exposure and damage to files in its respective subsystem. For example, a compromise in the lp account can result in an intruder's having complete control over the printing sub-system and, hence, the hacker may be able to alter at will the contents of any printout.

Which Administrative Accounts Should Be Locked
Several administrative accounts should be locked so that no one can log in and cause trouble. These accounts include daemon, bin, sys, adm, lp, uucp, nuucp, listen, nobody, and noaccess. The procedure for locking an account is explained in the shadow file section later in this chapter.

Sysadmin Group
Such vulnerabilities are not limited to user accounts; the sysadmin group (groupid 14) must be similarly protected because members of this group can perform system administration tasks with Admintool.

Sys Group
The sys group (groupid 3) must be similarly protected, as it is allowed to run the ufsdump command. ufsdump is the system backup program; it is possible, then, for a nonroot user to read every file on a system and be able to restore any or all of these files on a system where the user did have root privileges. Such a user would, for example, be able to read the /etc/shadow file and crack account passwords (/etc/shadow is discussed later in the shadow file section; cracking account passwords is discussed in the section on the Crack tool near the end of the chapter).

User Accounts

Except for a few lucky UNIX administrators who get to build the right kind of environment from the ground up, UNIX admins should consider any UNIX account as potentially having root privileges. It can be difficult to irrefutably prove that a given account does not (or will not) have access to a "back door."

When Users Need Root Privileges

Users may legitimately require root privileges if they need to do the following:
  • Mount diskettes or CD-ROMs where manual mount and umount commands are required (the mount and umount commands can be run only as root) and where Volume Management1 is not running

  • Kill or restart specific processes not belonging to the user; for example, in a software development environment, a user may need to kill and restart a database instance or application (nonroot users can kill only their own processes)


The PATH and LD_LIBRARY_PATH environment variables must be safe, particularly for privileged users such as root. By safe I mean that the referenced directories must have tight permissions (no group or other write access) and known entities therein. PATH or LD_LIBRARY_PATH must not contain directories whose contents are questionable or purposes unknown.

Set root's path—defined in /.profile—as follows:


No user's PATH or LD_LIBRARY_PATH should ever contain "." (search the shell's current working directory for executables or libraries). Otherwise, a user could plant a Trojan horse2 in a directory that he can write to and just sit back and wait until root stumbles into that directory and accidentally exe-cutes that program....

1. Volume Management is used to facilitate the automatic mounting and unmount-ing of diskettes and CD-ROMs on the user's behalf without the user needing root privileges.

2. See "Glossary of Attacks" in appendices for a definition and example of the Tro-jan horse and LD_LIBRARY_PATH attacks.

Table of Contents

(NOTE: Each chapter concludes with a Summary and Test Yourself section.)


1. System Concepts.

Operating System. Programs and Processes. The ps Command. The prstat Command. Signals. Terminating an Active Process. The pkill Command. Daemon Processes. The File System. Getting Help. Man Pages.

2. Installation.

Installation Planning. Memory. Disk Space. Software Clusters. Network Information. Release Media .Software Installation on a New System. Installing from CD-ROM31. Software Installation on an Existing System: Solaris Upgrade. Preparing for an Upgrade. Upgrade Procedure. Installing Software Packages. pkgadd Command. pkginfo Command. pkgrm Command. Noninteractive Package Installation and Removal. pkgchk Command. Installing Patches. Where to Obtain Patches. Patch Installation. Decisions about Patches. Installing a Patch. Listing Which Patches Are Currently Installed. Removing a Patch.

3. The Boot PROM.

Overview of the Boot PROM. Accessing the Boot PROM. Entering Boot PROM with Stop A or BREAK. Entering Boot PROM at Powerup. Boot PROM Commands. Boot PROM Configuration Variables. Accessing Boot PROM Configuration Variables. Accessing Boot PROM Configuration Variables from UNIX. Boot PROM Security Levels.Devices and Device Aliases. The devalias Command. The nvalias and nvunalias Commands. Troubleshooting. System Boots from Wrong Device. System Boots from a Disk Instead of from the Network. System Boots from the Wrong Disk. System Will Not Boot from Disk. Nonresponsive System. Chapter Summary. Test Yourself.

4. Initialization and Shutdown.

System Run Levels. Show System Run Level. Sync File Systems. Change System Run Level. Change Run Level with init. Change Run Level with shutdown. Change Run Level with reboot. Change Run Level with halt. Change Run Level with poweroff. The OpenBoot boot Command. System Initialization. System Shutdown.

5. User Administration.

Account Configuration Files. The Password File. The Shadow File. The Group File. Primary and Secondary Groupids. The Root Account. Admintool. Add User Account. Modify User Account. Lock User Account. Delete User Account. Add Group. Modify Group. Delete Group. User Administration Shell Commands. useradd Command. usermod Command. userdel Command. groupadd Command. groupmod*Command. groupdel *Command. Shells. Bourne Shell. Initialization Files. Environment Variables. Aliases. C-Shell. Initialization Files. Environment Variables. Aliases. Command History. Filename Completion. Korn Shell. Initialization Files. Environment Variables. Aliases. Command-Line Editing. Command History. Restricted Shells. User Account Commands. Finding Files by Username or Group. What Users Are Logged In? who Command. rwho Command. rusers Command. finger Command. Change Password. Password Complexity. Root and Password Changes.

6. Files and Directories.

Paths. Path Metacharacters. Exploring the File System. File System Navigation. Listing the Contents of Directories. Determining File Size, Type, Owner, and Modification Date. The file Command. Working with Files. Creating Files Using the touch Command. Creating Files Using Output Redirection. Creating Files Using Copy. Moving Files. Renaming Files. Removing Files. Displaying the Contents of Text Files. Searching for Text within Files. Working with Directories. Creating Subdirectories. Renaming and Moving Directories. Removing Directories.

7. vi Editor.

Starting the vi Editor. vi Modes. Command Mode. Input Mode. Last Line Mode. Exiting vi. Moving around the File. Advanced Moving around the File. Text Editing. Inserting Text. Commands While Inserting Text. Deleting Text. Changing Text. Copying, Inserting, Searching, and Replacing. Copying Text into Buffers. Inserting Text from Buffers. Search and Replace. Reading and Writing Files. Miscellaneous Commands. Numerals Before vi Commands. Mapping New Commands. vi Configuration Commands. vi Configuration File.

8. Disks.

Adding Disks to a System. Adding a Device Dynamically Using the devfsadm Command. Disk Devices. Raw and Block Device Interfaces. Device Interfaces File Names. Tools and Disk Interfaces Used. Formatting Disks. Partition Submenu. Formatting a Disk. Changing the Partition Table. Creating, Tuning, and Checking File Systems. Creating File Systems with newfs. Tuning File Systems with tunefs. Checking File Systems with fsck. Lost Files in lost+found.

9. File Systems.

File System Types. UFS File System. S5FS File System. HSFS File System. PCFS File System. UDFS File System. NFS File System. CacheFS File System. TMPFS File System. LOFS File System. PROCFS File System. Mnttab File System. XMEMFS File System. Solaris File Systems. File Systems and Their Function. Directories. File Types. Inodes. Creating Hard and Symbolic Links with the ln Command. Mounting Fixed File Systems. The mount and umount Commands220 Automatic File System Mounting at Boot Time. The /etc/vfstab File and the mount Command. The /etc/mnttab File. The mountall and umountall Commands. Working with Removable File Systems. Mounting and Unmounting Removable Media without Volume Management. Creating UFS File Systems on a Diskette. Ejecting Media. Volume Management. Volume Management Daemon. Mounting CD-ROMs with Volume Management. Mounting Diskettes with Volume Management. Volume Management Configuration.

10. Backup and Recovery.

Compressing Files. compress and uncompress. zcat. pack, unpack, and pcat. gzip, gunzip, and gzcat. Creating Archive Files. tar. Cpio. zip and unzip. Jar. Backing Up a System to Tape. Tape Devices. The mt Command. ufsdump and ufsrestore. ufsrestore Interactive Mode. tar and cpio. Recovering a System from a Backup Tape.

11. Security.

File and Directory Permissions. Working with File Permissions. Files with SetUID and SetGID Permissions. Working with Directory Permissions. Directories with Sticky Bit Permissions. Directories with SetUID and SetGID Permissions. Displaying File and Directory Permissions. Changing File and Directory Permissions. The chown Command. The chgrp Command. The chmod Command. The umask Command. umask and Directories. File and Directory Access Control Lists. Setting Access Control Lists. Displaying Access Control Lists. Working with Access Control Lists. Finding Files and Directories with Permission Attributes.

12. Remote Administration.

Remote Sessions. telnet Command. rlogin Command. Remote Commands. Remote File Copy. rcp Command. ftp Command. Remote Login Access Control. /etc/default/login File. /etc/nologin File. Remote Administration Access Control. /etc/hosts.equiv File. .rhosts File. Format of /etc/hosts.equiv and .rhosts. /etc/hosts.equiv and .rhosts Search Order.


Answers. Examination Objectives. Sample Pre-Test Agreement. Sun Certification Program Policy on Candidate Misconduct. Supplemental Information. Additional Resources.



Why Certification?

What is all the commotion about technical certifications? Is it just hype? Is it just 21st Century snake oil? Or is there really something to it? What is the true value of a certification? In the quest for competitive advantage among IT professionals, certification is rapidly becoming key to distinguishing between potential job candidates. Here is what industry analysts are saying:

  • Certification in leading technologies (such as Solaris) is a key to higher pay. This reflects a trend where companies are paying more for knowledge, rather than just experience.
  • Certification is becoming the new standard for professionalism in business. Although the college degree is still very important, the technical certification is evidence of proficiency with a particular technology or product. Certification is an independent, objective verification of knowledge.
  • Having a certification may be the difference in getting invited to the interview. Technologists need differentiators-not just accomplishments, but objective measures of technical proficiency-to stay competitive and stand out from the crowd of wannabe's.
  • Managers value certification because it increases quality and productivity of work.
  • Solaris is the market leader in the UNIX space. UNIX is the leader in the server OS space. Solaris does the heavy lifting on Wall Street, in compute-intensive engineering and biotechnology, and in E-commerce.

You need a certification if you want to stay ahead of the competition. This book will guide you to Solaris certification.

Intended Audience

This study guide is intended for experienced UNIX administrators who wish to prepare for the Sun Certified System Administrator for the Solaris 8 Operating Environment, Part I exam.

This book does not teach system administration, nor is it a substitute for systems administration classes taught by Sun Microsystems or its affiliates. Although this book may be a little "teachy" here and there, its purpose is to provide review material to help candidates prepare for the exam.

If you wish to take the exam but feel that you need to learn more, contact Sun Education at There you can find out about training materials and classes in your area. You can also contact Sun Education at:

Sun Education
500 Eldorado Blvd.
Broomfield, CO 80021
Phone: (800) 422-8020, or (303) 464-4097
Fax: (303) 464-4490

Registering for the Exam

Follow these steps to register for the exam:

1. Purchase a Certification Voucher by calling Sun Education at 1-800-422-8020. Outside the U.S., contact your local Sun Education office. If you do not know the location of your local Sun Education office, you can find it at:

The exam costs U.S. $150.00.

You will be given a voucher number, which will be the letters "SE" followed by eight digits; for example, SE01470053. Save this number—you will need it to schedule the examination.

2. Schedule your examination by visiting the Prometric Services Web site at

a. Select Information Technology Certifications. You'll then be taken to a login page; you must log in to continue (you will have an opportunity to create a login if this is your first visit to the site).
b. After logging in, you will see the Certification Program page; select Sun Education from the pull-down menu.
c. Select the country where you will take your exam.
d. Select 310-011 SUN CERTIFIED SYSTEM ADMINISTRATOR FOR SOLARIS 8 PART I from the pull-down menu. Select the state or province if this appears on your screen.
e. The exam is available only in English.
f. Select the exam location and the schedule most suitable for you.
g. You'll be given a confirmation, which includes more numbers that you will need in order to take the exam. For U.S. locations, you can also print a map showing the exam location.
Be sure to understand the policy for changing your exam date and time in case you need to reschedule your exam. Also be sure you understand any time limitations regarding the starting time for your exam. If you are late, you may not be able to take your exam. Restrictions and penalties for cancellations and/or late arrivals may apply. Carefully read all of the terms and conditions printed on your exam confirmation.

Taking the Exam

Allow plenty of time to travel to the exam site, including finding a parking space and the location of the exam building and room. It may be advisable to call in advance if you are not familiar with the exam site.

No food or beverages are allowed in the exam room. You must check in any computer, laptop, PDA, calculator, recorder, or cell phone you bring in with you. The exam center will supply pencils and one sheet of paper for you to make calculations, draw diagrams, and so on, and you will have to surrender that piece of paper at the end of the exam. You are not allowed to take any written notes with you out of the exam.

You will probably be monitored on a closed-circuit television while you take the exam. An exam center I recently visited had a TV monitor out in the lobby. You will be taking the exam on a GUI-type workstation. You will need to log in, and you will need to furnish information from your exam confirmation in order to do so.

First you will be shown the Pre-Test Agreement. You must read and understand the agreement, and state whether you agree or disagree. If you disagree with the first question in the Pre-Test Agreement, you will not be allowed to take the exam (you will receive a refund). A sample Pre-Test Agreement appears in Appendix C.

Next, you will be presented with instructions and a sample exam question. This ensures that you are familiar with the exam format and the method for marking answers. You may skip the sample exam question if you wish and proceed to the exam itself.

You will have 90 minutes to take the exam. That's about one and a half minutes per question. The 90-minute time limit will begin once you start taking the exam. The amount of time remaining is always visible on the screen.

You may take a restroom break if you wish (according to rules at the testing center), but the time clock will continue counting.

Exam Questions

The exam contains 57 questions, which are a combination of multiple choice, free answer, and drag-and-drop. There is more than one version of this exam. Each version has questions that were carefully selected from a much larger pool of questions, so that each version of the exam covers the same subject area and has an equivalent degree of difficulty.

The process for developing the exam questions is not trivial. Exam questions are carefully written according to a strict set of guidelines and then tested. There is a whole field of study called psychometrics that is used to measure and evaluate each question. Only after passing careful scrutiny will an exam question ultimately find its way onto the exam.

Questions will appear on the screen one at a time. You will see each question and, in the case of multiple-choice questions, you will see all of the possible answers. In some longer questions, you can scroll down to see these.

If you are not sure of the answer, you may skip the question and return to it later. You can also "mark" any exam question that you wish to review later.

Multiple-Choice Questions

The exam contains two types of multiple-choice questions: some with one correct answer, and some with two or more correct answers. Multiple-choice questions with one correct answer will present radio buttons for selecting your answer, allowing you to select only one answer. If two answers appear to be similar, be very careful since only one answer is correct.

Multiple-choice questions with more than one correct answer will specify the number of correct answers. You must select all of the correct answers in order to get credit for the question. These questions present checkboxes that allow you to select more than one answer.

Free-Answer Questions

Free-answer questions require that you type the correct answer into a blank text field. You must be very careful that you get the answer exactly right. But what about the order of options in a command? The exam is smart enough to figure this out—the exam knows about all possible variations. For instance, chmod -F -r and chmod -r -F; if both are correct answers, both will be accepted.

Drag-and-Drop Questions

Drag-and-drop questions require that you match corresponding items together. The commands on the left are displayed in a movable icon that could be dropped on the descriptions on the right, or vice versa. When you are satisfied that you have matched everything correctly, press "Done" to proceed to the next question on the exam.

Reviewing Test Answers

After you have answered all of the questions, you will see a list of all the exam questions and the answers you selected (or filled in). Each question will have a special marking if you marked it for later review.

You may start at the beginning and review each question, you may review questions you marked earlier, or you may just skip around and check questions in any order you wish. You may unmark questions you marked, and you may mark other questions. You are free to review questions, change answers, and mark and unmark questions until time runs out or you finish the exam early.

Scoring the Exam

Once you have finished the exam, it will be scored immediately. You must answer at least 66% of the questions correctly, which is at least 38 of the 57 questions.

You will receive a temporary certificate showing whether you passed or failed the exam. The certificate will include your name and the number of questions you answered correctly. A chart on the lower half of the certificate will indicate how you scored on each subject area. You will not know how you did on any individual question.

Retaking the Exam

If you failed the exam, you may take it again in as little as two weeks, but you cannot take the exam more than three times in a calendar year. You must register and pay for another examination. You can be assured that the version of the exam will not be the same one you took previously.


You may not discuss the details of the exam with any other individual. You may not offer or accept help of any kind. A full explanation of conduct may be found in Appendix D.

How This Book Is Organized

Each chapter begins with a list of exam objectives. These objectives were developed by Sun Microsystems; they define the subject matter covered by the certification exam and this book. Here is an example exam objective:

  • Using absolute or relative pathnames, select valid command strings to move between specified points within a given directory tree.

All of the certification objectives appear in Appendix B, along with the chapter number associated with each objective. This will allow you to quickly find the technical information behind each objective.

You will be challenged to ponder real-life scenarios that apply concepts that are discussed. For instance,

Think About It . . .

Help! I just renamed a directory with important contents to the name of another directory that already exists. I meant to rename the directory, but because the target existed, my original directory is gone. Where did my original directory go?
Here is what happened. You meant to change the name of a directory to a new name, but unexpectedly the new name was the name of a directory that exists. You moved your directory underneath the existing directory.

Each chapter ends with a Chapter Summary and a Test Yourself section where there are ten multiple-choice and two free-answer questions. Because the exam contains few drag-and-drop questions, no sample drag-and-drop questions appear in this book.

The answers for test questions from all of the book's chapters are found in Appendix A.


Despite the presence of reviews and controls at every level, from executive direction to copy editing, some mistakes are bound to slip through. That, or an unannounced change in behavior or functionality in Solaris itself, is bound to create a discrepancy between this book, the exam, and reality.

If a mistake is found in this book, all is not lost. Changes in the way books are published these days lead to the fact that this book will undergo several printing runs, each of which represents an opportunity to fix a mistake here and there.

Please send us feedback about any mistakes you find in this book, or about any ideas or comments you may have for future editions of this book.

Prentice Hall PTR
Attn.: Editor, Sun Microsystems Press
One Lake Street
Upper Saddle River, NJ 07458

We also publish an errata list online. Please visit us at


This is a book about Solaris 8. Every reasonable effort has been made to ensure that this book is as complete and accurate as possible. This book is offered as-is, and no warranty is implied. Neither the author nor Prentice Hall PTR should be held liable or responsible to any person or entity regarding any loss or damages that may arise as a result of the information contained in this book.

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews