JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Troubleshooting Typical Issues in Oracle Solaris 11.1     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

1.  Managing System Crash Information (Tasks)

2.  Managing Core Files (Tasks)

3.  Troubleshooting System and Software Problems (Tasks)

Troubleshooting a System Crash

What to Do If the System Crashes

Gathering Troubleshooting Data

Troubleshooting a System Crash Checklist

Managing System Messages

Viewing System Messages

How to View System Messages

System Log Rotation

Customizing System Message Logging

How to Customize System Message Logging

Enabling Remote Console Messaging

Using Auxiliary Console Messaging During Run Level Transitions

Guidelines for Using the consadm Command During an Interactive Login Session

How to Enable an Auxiliary (Remote) Console

How to Display a List of Auxiliary Consoles

How to Enable an Auxiliary (Remote) Console Across System Reboots

How to Disable an Auxiliary (Remote) Console

Troubleshooting File Access Problems

Solving Problems With Search Paths (Command not found)

How to Diagnose and Correct Search Path Problems

Changing File and Group Ownerships

Solving File Access Problems

Recognizing Problems With Network Access

4.  Troubleshooting Miscellaneous System and Software Problems (Tasks)

Index

Managing System Messages

The following sections describe system messaging features in Oracle Solaris.

Viewing System Messages

System messages display on the console device. The text of most system messages look like this:

[ID msgid facility.priority]

For example:

[ID 672855 kern.notice] syncing file systems...

If the message originated in the kernel, the kernel module name is displayed. For example:

Oct 1 14:07:24 mars ufs: [ID 845546 kern.notice] alloc: /: file system full 

When a system crashes, it might display a message on the system console like this:

panic: error message

Less frequently, this message might be displayed instead of the panic message:

Watchdog reset !

The error logging daemon, syslogd, automatically records various system warnings and errors in message files. By default, many of these system messages are displayed on the system console and are stored in the /var/adm directory. You can direct where these messages are stored by setting up system message logging. For more information, see Customizing System Message Logging. These messages can alert you to system problems, such as a device that is about to fail.

The /var/adm directory contains several message files. The most recent messages are in /var/adm/messages file (and in messages.*), and the oldest are in the messages.3 file. After a period of time (usually every ten days), a new messages file is created. The messages.0 file is renamed messages.1, messages.1 is renamed messages.2, and messages.2 is renamed messages.3. The current /var/adm/messages.3 file is deleted.

Because the /var/adm directory stores large files containing messages, crash dumps, and other data, this directory can consume lots of disk space. To keep the /var/adm directory from growing too large, and to ensure that future crash dumps can be saved, you should remove unneeded files periodically. You can automate this task by using the crontab file. For more information about automating this task, see How to Delete Crash Dump Files in Oracle Solaris 11.1 Administration: Devices and File Systems and Chapter 4, Scheduling System Tasks (Tasks), in Managing System Information, Processes, and Performance in Oracle Solaris 11.1.

How to View System Messages

Example 3-1 Viewing System Messages

The following example shows output from the dmesg command on an Oracle Solaris 10 system.

$ dmesg
Mon Sep 13 14:33:04 MDT 2010
Sep 13 11:06:16 sr1-ubrm-41 svc.startd[7]: [ID 122153 daemon.warning] ...
Sep 13 11:12:55 sr1-ubrm-41 last message repeated 398 times
Sep 13 11:12:56 sr1-ubrm-41 svc.startd[7]: [ID 122153 daemon.warning] ...
Sep 13 11:15:16 sr1-ubrm-41 last message repeated 139 times
Sep 13 11:15:16 sr1-ubrm-41 xscreensaver[25520]:  ,,,
Sep 13 11:15:16 sr1-ubrm-41 xscreensaver[25520]: ...
Sep 13 11:15:17 sr1-ubrm-41 svc.startd[7]: [ID 122153 daemon.warning]...
.
.
.

See Also

For more information, see the dmesg(1M) man page.

System Log Rotation

System log files are rotated by the logadm command from an entry in the root crontab file. The /usr/lib/newsyslog script is no longer used.

The system log rotation is defined in the /etc/logadm.conf file. This file includes log rotation entries for processes such as syslogd. For example, one entry in the /etc/logadm.conf file specifies that the /var/log/syslog file is rotated weekly unless the file is empty. The most recent syslog file becomes syslog.0, the next most recent becomes syslog.1, and so on. Eight previous syslog log files are kept.

The /etc/logadm.conf file also contains time stamps of when the last log rotation occurred.

You can use the logadm command to customize system logging and to add additional logging in the /etc/logadm.conf file as needed.

For example, to rotate the Apache access and error logs, use the following commands:

# logadm -w /var/apache/logs/access_log -s 100m
# logadm -w /var/apache/logs/error_log -s 10m

In this example, the Apache access_log file is rotated when it reaches 100 MB in size, with a .0, .1, (and so on) suffix, keeping 10 copies of the old access_log file. The error_log is rotated when it reaches 10 MB in size with the same suffixes and number of copies as the access_log file.

The /etc/logadm.conf entries for the preceding Apache log rotation examples look similar to the following:

# cat /etc/logadm.conf
.
.
.
/var/apache/logs/error_log -s 10m
/var/apache/logs/access_log -s 100m

For more information, see logadm(1M).

You can use the logadm command as superuser or by assuming an equivalent role (with Log Management rights). With RBAC, you can grant non-root users the privilege of maintaining log files by providing access to the logadm command.

For example, add the following entry to the /etc/user_attr file to grant user andy the ability to use the logadm command:

andy::::profiles=Log Management

Customizing System Message Logging

You can capture additional error messages that are generated by various system processes by modifying the /etc/syslog.conf file. By default, the /etc/syslog.conf file directs many system process messages to the /var/adm/messages files. Crash and boot messages are stored here as well. To view /var/adm messages, see How to View System Messages.

The /etc/syslog.conf file has two columns separated by tabs:

facility.level ... action
facility.level

A facility or system source of the message or condition. May be a comma-separated listed of facilities. Facility values are listed in Table 3-2. A level, indicates the severity or priority of the condition being logged. Priority levels are listed in Table 3-3.

Do not put two entries for the same facility on the same line, if the entries are for different priorities. Putting a priority in the syslog file indicates that all messages of that all messages of that priority or higher are logged, with the last message taking precedence. For a given facility and level, syslogd matches all messages for that level and all higher levels.

action

The action field indicates where the messages are forwarded.

The following example shows sample lines from a default /etc/syslog.conf file.

user.err                                        /dev/sysmsg
user.err                                        /var/adm/messages
user.alert                                      `root, operator'
user.emerg                                      *

This means the following user messages are automatically logged:


Note - Placing entries on separate lines might cause messages to be logged out of order if a log target is specified more than once in the /etc/syslog.conf file. Note that you can specify multiple selectors in a single line entry, each separated by a semicolon.


The most common error condition sources are shown in the following table. The most common priorities are shown in Table 3-3 in order of severity.

Table 3-2 Source Facilities for syslog.conf Messages

Source
Description
kern
The kernel
auth
Authentication
daemon
All daemons
mail
Mail system
lp
Spooling system
user
User processes

Note - The number of syslog facilities that can be activated in the /etc/syslog.conf file is unlimited.


Table 3-3 Priority Levels for syslog.conf Messages

Priority
Description
emerg
System emergencies
alert
Errors requiring immediate correction
crit
Critical errors
err
Other errors
info
Informational messages
debug
Output used for debugging
none
This setting doesn't log output

How to Customize System Message Logging

  1. Assume the root role or a role that has the solaris.admin.edit/etc/syslog.conf authorization assigned to it.

    See How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Use the pfedit command to edit the /etc/syslog.conf file, adding or changing message sources, priorities, and message locations according to the syntax described in syslog.conf(4).
    $ pfedit /etc/syslog.conf
  3. Save the changes.

Example 3-2 Customizing System Message Logging

This sample /etc/syslog.conf user.emerg facility sends user emergency messages to root and individual users.

user.emerg                                      `root, *'

Enabling Remote Console Messaging

The following new console features improve your ability to troubleshoot remote systems:

Using Auxiliary Console Messaging During Run Level Transitions

Keep the following in mind when using auxiliary console messaging during run level transitions:

Guidelines for Using the consadm Command During an Interactive Login Session

If you want to run an interactive login session by logging in to a system using a terminal that is connected to a serial port, and then using the consadm command to see the console messages from the terminal, note the following behavior:

How to Enable an Auxiliary (Remote) Console

The consadm daemon does not start monitoring the port until after you add the auxiliary console with the consadm command. As a security feature, console messages are only redirected until carrier drops, or the auxiliary console device is unselected. This means carrier must be established on the port before you can successfully use the consadm command.

For more information about enabling an auxiliary console, see the consadm(1m) man page.

  1. Log in to the system and assume the root role.

    See How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Enable the auxiliary console.
    # consadm -a devicename
  3. Verify that the current connection is the auxiliary console.
    # consadm

Example 3-3 Enabling an Auxiliary (Remote) Console

# consadm -a /dev/term/a
# consadm
 /dev/term/a

How to Display a List of Auxiliary Consoles

  1. Log in to the system and assume the root role.

    See How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Select one of the following steps:
    1. Display the list of auxiliary consoles.
      # consadm
      /dev/term/a
    2. Display the list of persistent auxiliary consoles.
      # consadm -p
      /dev/term/b

How to Enable an Auxiliary (Remote) Console Across System Reboots

  1. Log in to the system and assume the root role.

    See How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Enable the auxiliary console across system reboots.
    # consadm -a -p devicename     

    This adds the device to the list of persistent auxiliary consoles.

  3. Verify that the device has been added to the list of persistent auxiliary consoles.
    # consadm

Example 3-4 Enabling an Auxiliary (Remote) Console Across System Reboots

# consadm -a -p /dev/term/a 
# consadm
/dev/term/a

How to Disable an Auxiliary (Remote) Console

  1. Log in to the system and assume the root role.

    See How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Select one of the following steps:
    1. Disable the auxiliary console.
      # consadm -d devicename

      or

    2. Disable the auxiliary console and remove it from the list of persistent auxiliary consoles.
      # consadm -p -d devicename
  3. Verify that the auxiliary console has been disabled.
    # consadm

Example 3-5 Disabling an Auxiliary (Remote) Console

# consadm -d /dev/term/a
# consadm