For convenience, a finish script can reference /jumpstart/extras subdirectories:
# cd /jumpstart/extras
# ll -a
total ...
drwxr-xr-x 2 root root 12 Aug 31 14:38 .# ll -a
total ...
drwxr-xr-x 3 root root 8 Aug 31 12:47 ..
-rw-r--r-- 1 root other 49 Aug 29 14:36 .bashrc
-rw-r--r-- 1 root other 30 Aug 29 14:32 .inputrc
-rw-r--r-- 1 root other 411 Aug 31 11:10 .profile
-rw-r--r-- 1 root other 20 Aug 29 14:32 .screenrc
-rwxr-xr-x 1 root root 28M Aug 20 08:51 install_stb.sh
-rw-r--r-- 1 root sys 270 Aug 30 13:54 issue
-rw-r--r-- 1 root root 2.8K Aug 30 14:27 pam.conf
-rw-r--r-- 1 root root 1.1K Aug 30 13:50 syslog.conf
-r--r--r-- 1 root sys 1.2K Oct 10 08:39 site.xml
-rw-r----- 1 root sys 11 Aug 30 13:52 user.allow
It may be good to document the contents of some of these files in more detail.
# cat issue
␢
THIS IS ... INFORMATION SYSTEM.
ACCESS IS PROVIDED FOR AUTHORIZED USE ONLY.
YOU MUST COMPLY WITH THE POLICIES AND CONDITIONS.
COMMUNICATION CAN BE MONITORED AND DATA INSPECTED AND SEIZED.
␢
# cat .screenrc
defscrollback 10000
# cat .bashrc
if [ "$LOGNAME" = "root" ]
then
typeset +x PS1=
'\[\e[31m\]\h\[\e[0m\]'
else
typeset +x PS1=
'\[\e[0;36m\]\u\[\e[0;34m\]@\[\e[2;34m\]\h\[\e[0m\]'
fi
typeset +x PS1=$PS1':\[\e[0;34m\]\w\[\e[0m\] \$ '
alias ll='ls -lh'
# cat .inputrc
$if term=xterm
"\e[3~":delete-char
$endif
# cat .profile
PATH=/usr/bin:/usr/sbin
PATH=$PATH:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:/usr/sfw/bin
[ -d /opt/sfw ] && PATH=/opt/sfw/bin:/opt/sfw/sbin:$PATH
MANPATH=/usr/man
if [ -d /opt/SUNWexplo ]
then
PATH=$PATH:/opt/SUNWexplo/bin
MANPATH=$MANPATH:/opt/SUNWexplo/man
fi
if [ -d /opt/SUNWlwact ]
then
PATH=$PATH:/opt/SUNWlwact/bin
MANPATH=$MANPATH:/opt/SUNWlwact/man
fi
if [ -d /opt/SUNWsneep ]
then
PATH=$PATH:/opt/SUNWsneep/bin
MANPATH=$MANPATH:/opt/SUNWsneep/man
fi
if [ -d /opt/CTEact ]
then
PATH=$PATH:/opt/CTEact/bin
MANPATH=$MANPATH:/opt/CTEact/man
fi
if [ -d /opt/CTEactx ]
then
PATH=$PATH:/opt/CTEactx/bin
fi
if [ -d /opt/ocm ]
then
PATH=$PATH:/opt/ocm/ccr/bin:/opt/ocm/bin
MANPATH=$MANPATH:/opt/ocm/ccr/sysman
fi
if [ -d /opt/SUNWsasm ]
then
PATH=$PATH:/opt/SUNWsasm/bin
fi
if [ -d /opt/SUNWsftransport ]
then
PATH=$PATH:/opt/SUNWsftransport/bin
MANPATH=$MANPATH:/opt/SUNWsftransport/man
fi
case `uname -p` in
sparc)
if [ -d /usr/platform/`uname -i`/rsc ]
then
PATH=$PATH:/usr/platform/`uname -i`/rsc
fi
if [ -d /opt/SUNWconn/man ]
then
PATH=$PATH:/opt/SUNWconn/man
MANPATH=$MANPATH:/opt/SUNWconn/man:
/opt/SUNWconn/trunking/man
fi
if [ -d /opt/SUNWrtvc ]
then
PATH=$PATH:/opt/SUNWrtvc/bin
MANPATH=$MANPATH:/opt/SUNWrtvc/man
fi
if [ -d /opt/SUNWswasr ]
then
[ -d /opt/SUNWswasr/bin ] &&
PATH=$PATH:/opt/SUNWswasr/bin
PATH=$PATH:/opt/SUNWswasr/asrassetbundle
fi
;;
i386)
;;
esac
if [ -e /opt/sfw/bin/vim ]
then
EDITOR=/opt/sfw/bin/vim
else
EDITOR=/usr/bin/vi
fi
PAGER="/usr/bin/less -ins"
case ${SHELL} in
*bash)
source .bashrc
;;
esac
export PATH
export MANPATH
export EDITOR
export PAGER
# cat syslog.conf
*.err;kern.notice;auth.notice /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
*.alert;kern.err;daemon.err operator
*.alert root
*.emerg *
auth.notice /var/log/authlog
mail.debug /var/log/syslog
# cat user.allow
root
prime
...
# cat pam.conf
ppp auth requisite pam_deny.so.1
ppp account requisite pam_deny.so.1
ppp session requisite pam_deny.so.1
ppp password requisite pam_deny.so.1
krlogin auth required pam_unix_cred.so.1
krlogin auth required pam_krb5.so.1
rlogin auth requisite pam_deny.so.1
rlogin account requisite pam_deny.so.1
rlogin session requisite pam_deny.so.1
rlogin password requisite pam_deny.so.1
krsh auth required pam_unix_cred.so.1
krsh auth required pam_krb5.so.1
rsh auth requisite pam_deny.so.1
rsh account requisite pam_deny.so.1
rsh session requisite pam_deny.so.1
rsh password requisite pam_deny.so.1
ktelnet auth required pam_unix_cred.so.1
ktelnet auth required pam_krb5.so.1
telnet auth requisite pam_deny.so.1
telnet account requisite pam_deny.so.1
telnet session requisite pam_deny.so.1
telnet password requisite pam_deny.so.1
passwd auth required pam_passwd_auth.so.1
cron account required pam_unix_account.so.1
cups account required pam_unix_account.so.1
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_cred.so.1
#other auth sufficient pam_krb5.so.1
other auth required pam_unix_auth.so.1
other account requisite pam_roles.so.1
other account requisite pam_list.so.1 allow=/etc/user.allow
#other account sufficient pam_krb5.so.1
other account required pam_unix_account.so.1
other session required pam_unix_session.so.1
other password required pam_dhkeys.so.1
other password requisite pam_authtok_get.so.1
other password requisite pam_authtok_check.so.1 force_check
#other password sufficient pam_krb5.so.1
other password required pam_authtok_store.so.1
# cat site.xml
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
<!--
Copyright (c) 2012 ...
All rights reserved.
This file, /var/svc/profile/site.xml,
is a distinguished location for
a site-specific service profile,
treated otherwise equivalently to
generic_limited_net.xml file.
-->
<service_bundle type='profile' name='site'
xmlns:xi='http://www.w3.org/2003/XInclude' >
<!--
Disable otherwise enabled CDE services.
-->
<service name='application/cde-printinfo'
version='1' type='service'>
<instance name='default' enabled='false' />
</service>
<service name='network/rpc/cde-ttdbserver'
version='1' type='service'>
<instance name='tcp' enabled='false' />
</service>
<service name='application/graphical-login/cde-login'
version='1' type='service'>
<instance name='default' enabled='false' />
</service>
<service name='network/rpc/cde-calendar-manager'
version='1' type='service'>
<instance name='default' enabled='false'/>
</service>
<!--
Disable yet other services.
-->
<service name='system/webconsole'
version='0' type='service'>
<instance name='console' enabled='false'/>
</service>
</service_bundle>
