How to Modify a Service
The following procedure shows how to change the configuration of a service that is not managed by the inetd service.
Become superuser or assume a role that includes the Service Management
rights profile.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC in System Administration Guide: Security Services .
Make changes to the configuration files, as needed.
Many of the services have one or more configuration files that are used to define the startup or other configuration information. These files can be changed while the service is running. The contents of the files is only checked when the service is started.
Restart the service.
# svcadm restart FMRI
Example 15.11. Sharing an NFS File System
To share a file system using the NFS service, you must define the file
system in the /etc/dfs/dfstab
file and then restart the
NFS service. This example shows you what the dfstab
file
could look like, as well as how to restart the service.
#cat /etc/dfs/dfstab
. . share -F nfs -o rw /export/home #svcadm restart svc:/network/nfs/server
How to Change an Environment Variable for a Service
This procedure shows how to modify cron environment variables to help with debugging.
Become superuser or assume a role that includes the Service Management
rights profile.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC in System Administration Guide: Security Services .
Verify that the service is running.
# svcs system/cron
STATE STIME FMRI
online Dec_04 svc:/system/cron:default
Set environment variables.
In this example the UMEM_DEBUG
and LD_PRELOAD
environment variables are set.
For information about the setenv
subcommand refer to the
svccfg
(
1M
)
man page.
#svccfg -s system/cron:default setenv UMEM_DEBUG default
#svccfg -s system/cron:default setenv LD_PRELOAD libumem.so
Refresh and restart the service.
#svcadm refresh system/cron
#svcadm restart system/cron
Verify that the change has been made.
# pargs -e `pgrep -f /usr/sbin/cron`
100657: /usr/sbin/cron
envp[0]: LOGNAME=root
envp[1]: LD_PRELOAD=libumem.so
envp[2]: PATH=/usr/sbin:/usr/bin
envp[3]: SMF_FMRI=svc:/system/cron:default
envp[4]: SMF_METHOD=/lib/svc/method/svc-cron
envp[5]: SMF_RESTARTER=svc:/system/svc/restarter:default
envp[6]: TZ=GB
envp[7]: UMEM_DEBUG=default
#
How to Change a Property for an inetd Controlled Service
Become superuser or assume a role that includes the Service Management
rights profile.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC in System Administration Guide: Security Services .
List the properties for the specific service.
This command displays all of the properties for the service identified by the FMRI.
# inetadm -l FMRI
Change the property for the service.
Each property for an inetd controlled service is defined by a property name and an assigned value. Supplying the property name without a specified value resets the property to the default value. Specific information about the properties for a service should be covered in the man page associated with the service.
# inetadm -mFMRI
property-name=value
Verify that the property has changed.
List the properties again to make sure that the appropriate change has occurred.
# inetadm -l FMRI
Confirm that the change has taken effect.
Confirm the property change that the change has the desired effect.
Example 15.12. Changing the tcp_trace
Property for telnet
The following example shows how to set the tcp_trace
property
for telnet to true
. Checking the syslog output after running a telnet command shows
that the change has taken effect.
#inetadm -l svc:/network/telnet:default
SCOPE NAME=VALUE name="telnet" . . default inherit_env=TRUEdefault tcp_trace=FALSE
default tcp_wrappers=FALSE #inetadm -m svc:/network/telnet:default tcp_trace=TRUE
#inetadm -l svc:/network/telnet:default
SCOPE NAME=VALUE name="telnet" . . default inherit_env=TRUEtcp_trace=TRUE
default tcp_wrappers=FALSE #telnet localhost
Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. login:root
Password: Last login: Mon Jun 21 05:55:45 on console Sun Microsystems Inc. SunOS 5.10 s10_57 May 2004 #^D
Connection to localhost closed by foreign host. #tail -1 /var/adm/messages
Jun 21 06:04:57 yellow-19 inetd[100308]: [ID 317013 daemon.notice] telnet[100625] from 127.0.0.1 32802
How to Modify a Command-Line Argument for an inetd Controlled Service
Become superuser or assume a role that includes the Service Management
rights profile.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC in System Administration Guide: Security Services .
List the exec
property for the specific service.
This command displays all the properties for the service identified
by the FMRI. Adding the grep command restricts the output
to the exec
property for the service.
# inetadm -l FMRI
|grep exec
Change the exec
property for the service.
The command-syntax
set with the exec
property
defines the command string that is run when the service is started.
# inetadm -mFMRI
exec="command-syntax
"
Verify that the property has changed.
List the properties again to make sure that the appropriate change has occurred.
# inetadm -l FMRI
Example 15.13. Adding the Connection Logging (
l
) Option to the ftp Command
In this example, the
l
option is added to the ftp daemon when it is started. The effect of this change can be seen
by reviewing the syslog output after a ftp login
session has been completed.
#inetadm -l svc:/network/ftp:default | grep exec
exec="/usr/sbin/in.ftpd -a" #inetadm -m svc:/network/ftp:default exec="/usr/sbin/in.ftpd -a -l"
#inetadm -l svc:/network/ftp:default
SCOPE NAME=VALUE name="ftp" endpoint_type="stream" proto="tcp6" isrpc=FALSE wait=FALSEexec="/usr/sbin/in.ftpd -a -l"
. . #ftp localhost
Connected to localhost. 220 yellow-19 FTP server ready. Name (localhost:root):mylogin
331 Password required for mylogin. Password: 230 User mylogin logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp>quit
221-You have transferred 0 bytes in 0 files. 221-Total traffic for this session was 236 bytes in 0 transfers. 221-Thank you for using the FTP service on yellow-19. 221 Goodbye. #tail -2 /var/adm/message
s Jun 21 06:54:33 yellow-19 ftpd[100773]: [ID 124999 daemon.info] FTP LOGIN FROM localhost [127.0.0.1], mylogin Jun 21 06:54:38 yellow-19 ftpd[100773]: [ID 528697 daemon.info] FTP session closed
How to Convert inetd.conf
Entries
The following procedure converts inetd.conf
entries
into SMF service manifests. This procedure needs to be run anytime a third-party
application that depends on inetd is added to a system.
Also run this procedure, if you need to make configuration changes to the
entry in /etc/inetd.conf.
Become superuser or assume a role that includes the Service Management
rights profile.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC in System Administration Guide: Security Services .
Convert the inetd.conf
entries.
The inetconv command converts each entry in the selected file into service manifests.
# inetconv -i filename