sshd doesn’t start in Solaris zone

This describes a quite silly problem I once had. Google had no useful search results, so I’m putting the solution here for the sake of all the lost souls not knowing why their pet sshd doesn’t want to run in a Solaris zone. Yes, you can solve it using truss and analyzing SMF startup methods. But I think there are better ways to spend your time.

The solution was found by me and my friend one warm Polish summer night. Here we go, then!

Solaris zone tutorials will tell you something along the lines of:

netra / $ zonecfg -z wibble
Sorry, I don't know anything about your "screen" terminal.
netra / $ export TERM=vt100
netra / $ zonecfg -z wibble
wibble: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:wibble> create
zonecfg:wibble> set autoboot=true
zonecfg:wibble> add net
zonecfg:wibble:net> set address=10.0.1.63
zonecfg:wibble:net> set physical=eri0
zonecfg:wibble:net> end
zonecfg:wibble> set zonepath=/zones/wibble
zonecfg:wibble> verify
zonecfg:wibble> commit
zonecfg:wibble> exit
netra / $ zoneadm -z wibble install
Preparing to install zone <wibble>.
Creating list of files to copy from the global zone.
Copying <8442> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <239> packages on the zone.
Initialized <239> packages on zone.
Zone <wibble> is initialized.
The file </zones/wibble/root/var/sadm/system/logs/install_log> contains a log of the zone installation.
netra / $ zoneadm -z wibble boot

At this point, I was pretty convinced I would already be able to log into the zone via ssh and IP address 10.0.1.63. But there was nothing listening on port 22 in the zone. I logged into it to find the problem.

netra / $ zlogin wibble
[Connected to zone 'wibble' pts/2]
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
# ▊

I spent a bit of time there, looking for reasons. Ssh service was offline.

bash-3.00# svcs -a | grep ssh
offline         1:48:51 svc:/network/ssh:default

Using svcs -x -v, I’ve found out that sshd was not running because of network/rpc/gss, which depends on network/inetd, which depends on system/sysidtool. And sysidtool is ‘starting’.

It turns out, after booting a zone, you need to zlogin to its console, that is you have to use ‘zlogin -C wibble’ command. You’ll then be presented with a text installer interface.

This means, that even though ‘zoneadm -z wibble install’ completes, your zone isn’t quite as installed as you would wish. It still doesn’t know its locale, terminal settings, it doesn’t have ssh public/private key pairs, hostname, DNS server (name service configuration), NFSv4 domain configuration, time zone and root password.

zlogin -C zonename

…is your friend!

Author: automatthias

You won't believe what a skeptic I am.

11 thoughts on “sshd doesn’t start in Solaris zone”

  1. You can automate this process by creating a sysidcfg file and putting it in //root/etc.

    You can find details regarding the sysidcfg from the docs.sun.com ( search for Jumpstart guides)

  2. Thanks much. I had exactly the same problem and waste several hours before I found your useful note.

  3. Yeah .. thanks heaps for that .. such a simple procedure .. but luckily I was impatient and found your information online instead of wasting hours!

    Good man!

  4. Thanks for posting this – sadily two zones had to die before I found this, but the third will live a much more productive live. I appreciate it!

    remember – clones are peopel two!

  5. Thank you so VERY MUCH for posting this! It likely saved us HOURS🙂
    Now we are truely “in the zone”🙂

  6. Hey Maciej, thanks a lot man. You saved my lot of time, I was looking for the solution for it but did not find it until I got your page. Thanks once again.

    Cheers!!!

  7. Dammit, I forgot about installing the zone and wondering why the heck sshd wouldn’t start. Thanks !🙂

  8. Wouldn’t have figured it out myself… Many thanks for that – saved me a lot of time !

  9. I was so frustrated … zone was looking fine but couldn’t log from net andunable to start sshd (I even started it manually).
    This “guide” helped me a lot … on all containers tutorial I followed on on net they all forgot to mention to login first time with -C 😦

Comments are closed.