RetroBSD Net
Title:
Running Solaris 11.4 CBE as a QEMU/NVMM guest
Authors:
Paolo Vincenzo Olivo
Date:
Topics:
NetBSD, Solaris
Id:
s2dwt9
■ About 
Following the recent release of of Solaris 11.4 CBE (Common Build
Environment) for open source developers and non-production personal
use, it is now possible -again- to run Solaris for free as a private
user and still get updates and bugfixes, rather than being being stuck
in prograssively more outdated and vulnerable 11.4.0, unusable in any 
practical setting. I say 'again' because this used to be the norm under
Sun. 


With the switch of Solaris release cycle to a semi-rolling model, 
characterized by the continous delivery of SRUs/micro releases, this
becomes all the more relevant, since a lot has been happening in the
Solaris land since the release of 11.4, as you may find out. 


Taking into account that last year SRU33 had introduced paravirtualized 
device support (VirtIO drivers) for Solaris guests, I decided to spin up
a QEMU/NVMM Solaris virtual machine on NetBSD/amd64.


■ Installing 
Oracle recommends to give at least 2 cores to QEMU/KVM Solaris 11.4 guests,
and use pc-i440fx-4.2 (or whatever matches latest QEMU release) as emulated
machine type, so I did the same for my nvmm guest.


Refer to `pkg_info -D qemu' and <https://www.netbsd.org/docs/guide/en/chap-virt.html>,
to see how to set up NVMM for use on NetBSD.


To start my Solaris machine I used the following first-boot configuration: 


$ qemu-img create -f qcow2 solaris.qcow2 64G
$ qemu-system-x86_64 \
	-boot d -accel nvmm -m 8G -M pc-i440fx-6.2 \
	-cpu Skylake-Client -smp cpus=4 \
	-display sdl,gl=on -vga std  \
	-netdev user,id=net0 -device e1000,netdev=net0 \
	-cdrom /zfs/data/iso/sol-11_4-text-x86.iso \
	-drive file=/zfs/data/vms/solaris.qcow2,if=none,cache=none,id=hd0


The classic text installer will guide you through the installation process. 


If NVMM throws warnings about 'Unexpected RDMSR/WMSR', this is likely
due to the guest having problems with your system's ACPI tables. 
On Solaris, ACPI can be disabled at boot time by passing the
`acpi-user-options=0x2' kernel parameter to grub. This can be set
permanently from a root shell with:


$ eeprom acpi-user-options=0x2


The first thing to do on a fresh installation is  `pkg update'. This
will pull the latest CBE build from the <http://pkg.oracle.com/solaris/>
IPS repo and create a new boot environment (BE) for it. Be ready to wait
a bit and have a coffee in the meantime.


Upon reboot, the current OS/Net consolidation fbuild can be displayed by
looking at /etc/os-release, or using pkg:


$ pkg info osnet-incorporation | grep -i branch | awk '{print $2}'


11.4.42.0.0.111.0


This indicates I'm running the 42nd CBE build (a.k.a SRU). 


■ Enabling VirtIO 
Paravirtualized devices can be enabled on any CBE/SRU above 33.


My QEMU command line for the Solaris guest becomes:


qemu-system-x86_64 \
    -boot c -accel nvmm -m 8G -M pc-i440fx-6.2 \
    -cpu Skylake-Client -smp cpus=4  \
    -display sdl,gl=on -vga vmware  \
    -netdev user,id=vioif0 -device virtio-net-pci,netdev=vioif0 \
    -object rng-random,filename=/dev/urandom,id=viornd0 -device virtio-rng-pci,rng=viornd0 \
    -audiodev oss,id=oss,out.dev=/dev/audio,in.dev=/dev/audio -device ac97,audiodev=oss \
    -device intel-hda -device hda-duplex \
    -usb -device usb-mouse,bus=usb-bus.0 -k it \
    -drive file=/zfs/data/vms/solaris.qcow2,if=none,cache=none,id=hd0 \
    -device virtio-blk-pci,drive=hd0


■ First steps on Solaris 
1. RBAC profiles


One thing I usually do on any Solaris/illumos system, is assigning 
RBAC profiles profiles to the standard user, in order to be able to
perform admin tasks as an unprivileged user with `pfexec' (+ password). 
Whilst Solaris now comes with sudo preinstalled, I think RBAC profiles
still allow for a more fine-grained and task-based privilege management.


To list all available profiles:


$ profiles -a


To see what they actually do:  


$ getent prof_attr | more


To assign a profile to a user:


$ usermod -p 'profile' username 


2. Xorg 


In order to install the GNOME desktop type:


$ pkg install solaris-desktop


After rebooting, you'll find out Solaris is automatically set to launch
the gdm display manager. If such behavior is not desiderable and you
wish to switch back to console login, you can do that with:


$ svcadm disable application/graphical-login/gdm:default


To only install X11 and related libraries:


$ pkg install */x11/*


After which, one can build themselves a window manager and add it to
their xinitrc.


X display resolution can be changed by creating an entry in xorg.conf.d with
a custom 'Screen' section, or using xrandr:


$ xrandr --output default --mode 1920x1080


3. Additional software 


The standard repository  contains a fair amount of common libraries and
development tools to install. I suggest having a look at:


$ pkg search -Hl /developer/*


The OpenCSW repository brings a number of common FOSS packages which are
not available in the official one. In order to enable it type:


$ pkg set-publisher -G '*' -g https://sfe.opencsw.org/localhosts12 localhosts12


I must say I'm amazed by the quantity of opensource software which builds
(almost) flawlessly on this version of Solaris. Provided that the required
dependencies are in place, `./configure` and `make' are not seldom the
only required steps to build third-party software.
Powered by NetBSD