SMF Explained with Real Examples

     As part of an Automated Environment Management initiative, recently, I had to work with Solaris Service Management Facility (SMF) extensively. In order to make the implementation right, I had to look several different documentations, blogs, consult with colleagues, learn through error and trial methods. The main intention of this blog is - kind of 'give back to community', what I have learned.
Let's get started. Since, you are visiting this page, I assume, you are already familiar with the SMF concept and looking to resolve specific issue or digging some specific information in SMF domain. If you are new to SMF, you can learn the basic of SMF from Oracle site here.

Why SMF?
      In Unix world, traditionally we used to work with init script as a start-up mechanism. SMF may have been evolved from legacy init, but it is much more flexible, robust, and very well crafted. SMF helps to make environment management easier, uniform and align with security practices as well. 
     In this posts, I'll explain SMF through a working example. First, I have to warn you that some of the steps here possibly overdone to show the concept in detail or underdone to minimize the size of the blog.
     Anyway, here is what we are going to do. We have an environment as described below:

• Solaris 11 (64 bit VirtualBox guest VM running on 64 bit Windows 10 Host) and Oracle Directory Server 11g installed under /opt/ods/dsee7

And as part of this learning process, I'll show you the following:

1. Create no-login user 'dirservd', this user will own the Oracle Directory Server (ODS) instances to be created.
2. Create 'odsadm' user that will operate/manage SMF services for ODS instances to be created.
3. Create two Oracle Directory Server (ODS) instances 'odsInst1' and 'odsInst2', both listening on privileged ports (ports ranging from 1 to 1023)
4. Define SMF service by customizing 'svcbundle' generated service manifest file and adding required method credential privileges for 'dirservd' user and required SMF service management authorization for 'odsadm' user.
5. Define script file to be invoked by service method execution.
6. Show how to add and assign authorization.
7. Import service artifacts to create SMF service for ODS instances.

As we go through, I'll also highlight little bit on following topics:

1. Using product specific tool to create service vs. using standard SMF tool - any benefit? - provide specific example for ODS. 
2. Generating SMF manifest file vs re-using available template and modifying for particular use.
3. Solaris 10 vs Solaris 11 from SMF perspective - few notes related to examples.
4. Parameterizing the SMF manifest file.
5. Debugging SMF service.

Create user accounts and groups to be used

• Group 'dirservd' and user 'dirservd' will be created and for security reason, user account 'dirservd' will be converted to 'no-login'. 'dirservd' will be a daemon/application user.
• User 'odsadm' will be created as a member of default group 'staff'. 'odsadm' will be service operator/administrator's user account.

# Execute the following command as root $> groupadd dirservd $> useradd -c "Directory Server reserved UID" -d / -g dirservd dirservd # Check the password status of dirservd $> passwd -s dirservd dirservd  UP # In Solaris 11, if you look the password status of newly created user, you'll see 'UP', # which basically means not activated. # Next, we'll turn this account as 'no-login' account, meaning, this account can not be used to login into the system. $> passwd -N dirservd   passwd: password information changed for dirservd $> passwd -s dirservd dirservd  NL # Create user 'odsadm' useradd -c "ODS Admin" -m -s /bin/bash -d /export/home/odsadm -g staff odsadm # Assign password for 'odsadm' $> passwd odsadm New Password: Re-enter new Password: passwd: password successfully changed for odsadm

Note: If you like to know more about 'no-login' account, I suggest you to look Glenn Brunnet's blog, "Managing Non-Login and Locked Solaris Accounts"

Create Oracle Directory Server (ODS) Instances

As stated above, for this scenario, we will create two instances both listening on privileged ports (ports ranging from 1 to 1023). As you know by default only root user can start process listening on privileged ports.

• 1st instance will listen on default ports: 389 (non-secure) and 636 (secure)
• 2nd instance will listen on: 489 (non-secure) and 736 (secure)

Notes:

1. make sure above mentioned ports are not being used by another processes. You can check using netstat command: netstat -na and grep the above mentioned ports.
2. Now, in order to create instance(s) that listen on privileged ports, you need to execute 'dsadm' command as root user.

# Execute the following command as root $> cd /opt/ods/dsee7/bin # Create instance odsInst1 $> ./dsadm create -u dirservd -g dirservd -p 389 -P 636 /opt/ods/dsee7/instances/odsInst1 Choose the Directory Manager password: Confirm the Directory Manager password: Use command 'dsadm start '/opt/ods/dsee7/instances/odsInst1'' to start the instance # Create instance odsInst2 $> ./dsadm create -u dirservd -g dirservd -p 489 -P 736 /opt/ods/dsee7/instances/odsInst2 Choose the Directory Manager password: Confirm the Directory Manager password: Use command 'dsadm start '/opt/ods/dsee7/instances/odsInst2'' to start the instance

As seen above, two ODS instances have been created. Now, it's time to create SMF service. You can actually use ODS command 'dsadm' to create SMF service, but it's not flexible enough. When I say not flexible enough, I mean this command does not give you following options:

• no option to customize service name,
• no option to specify service model like 'transient' or 'daemon' etc.
• no option to specify execution 'privileges' in the service definition level
• no option to specify service management authorization in the service definition level.
• you can't view the manifest file.

Here, anyway, I quickly show you how to use 'dsadm' command to create SMF service, but we'll delete the service thus created and use generic SMF tool to recreate.

# Execute the following command as root $> cd /opt/ods/dsee7/bin # Creating SMF service for odsInst1 using dsadm command $> ./dsadm enable-service -T SMF /opt/ods/dsee7/instances/odsInst1 Registering '/opt/ods/dsee7/instances/odsInst1' as 'ds7-opt-ods-dsee7-instances-odsInst1' in SMF ... Instance /opt/ods/dsee7/instances/odsInst1 registered in SMF Use comamnd 'dsadm start '/opt/ods/dsee7/instances/odsInst1'' to activate the service # Let's activate the service $> ./dsadm start '/opt/ods/dsee7/instances/odsInst1' Directory Server instance '/opt/ods/dsee7/instances/odsInst1' started: pid=1826 # Now let's take a look of service definition $> svcs -l ds7-opt-ods-dsee7-instances-odsInst1 fmri         svc:/application/sun/ds7_-opt-ods-dsee7:ds7-opt-ods-dsee7-instances-odsInst1 name         Directory Server restarter    svc:/system/svc/restarter:default manifest     /opt/ods/dsee7/instances/dsInst1/tmp/smf.manifest dependency   require_all/none svc:/system/filesystem/local:default (online) dependency   require_all/none svc:/network/initial:default (online) # It's time to delete the service, let's first stop the service $> svcadm disable ds7-opt-ods-dsee7-instances-odsInst1 # Unregister the service using dsadm command $> ./dsadm disable-service -T SMF /opt/ods/dsee7/instances/odsInst1 Instance /opt/ods/dsee7/instances/odsInst1 is not registered in SMF #However, if you check the service, it is still listed in SMF service database. $> svcs -l ds7-opt-ods-dsee7-instances-odsInst1 fmri         svc:/application/sun/ds7_-opt-ods-dsee7:ds7-opt-ods-dsee7-instances-odsInst1 name         Directory Server enabled      false state        disabled next_state   none state_time   Tue May 10 07:00:15 2016 restarter    svc:/system/svc/restarter:default manifest     /opt/ods/dsee7/instances/dsInst1/tmp/smf.manifest dependency   require_all/none svc:/system/filesystem/local:default (online) dependency   require_all/none svc:/network/initial:default (online) # So, in order to permanently delete it from SMF database, use following command: # svccfg delete <full service name> $> svccfg delete svc:/application/sun/ds7_-opt-ods-dsee7:ds7-opt-ods-dsee7-instances-odsInst1

We explored 'dsadm' tool little bit, now let's move forward and explore generic SMF ways.

Create SMF Manifest file.

Service manifest file is one of the most important component of Service Management Framework. It defines basic service information as well as service dependencies, required privileges, and start, stop command along with other required information. Now the question is how to put together a SMF manifest file. There are few options here:

1. Copy one of the service manifest files for other service and customize it or create from scratch manually. You can find these files under /lib/svc/manifest or /var/svc/manifest in your Solaris server.
2. Generate one using 'svcbundle' and customize it.

If you go with option #1, there are a lot of documentations from Oracle or others available on the web. I found Oracle White Paper 'How to Create an Oracle® Solaris Service Management Facility Manifest' very informative.
However, as part of this exercise, we look into option #2. We'll use 'svcbundle' to generate our minimal SMF manifest file and customize it for our purpose. I found Glynn Foster's Oracle Technet article on using svcbundle very handy. However, the best way to learn how to use svcbundle is to run command with 'help' option and play with it:

$> svcbundle help Usage: svcbundle [-i | -o output_file] -s name=value ... [help [name]] ....

I also suggest you to look the XML schme file (service_bundle.dtd.1) that dictates the structure of each SMF Manifest file. It is available under '/usr/share/lib/xml/dtd/' in your Solaris box.

Here we will generate a simple SMF manifest file for a single ODS instance and modify it for our multi-instances service environment:

$> svcbundle -o /tmp/odstemp.xml -s bundle-type=manifest -s enabled=false \ -s service-name=application/ods \ -s service-property=ods:ODS_HOME:astring:/opt/ods/dsee7 \ -s service-property=ods:ODS_INSTANCES_HOME:astring:/opt/ods/dsee7/instances \ -s instance-name=odsInst1 \ -s instance-property=odsInst:EXEC_OPTIONS:astring:"" \ -s model=transient -s start-method="/lib/svc/method/manage_ods start" \ -s stop-method="/lib/svc/method/manage_ods stop" \ -s refresh-method="/lib/svc/method/manage_ods refresh"

Above, we are using '-o <outputfile>' option instead of '-i' install option, so that we can modify the generated file before installing it. As you can see, start-method, stop-method, and refresh-method, refers to custom script file '/lib/svc/method/manage_ods'. I'll show you how to put together that file below. We have also defined two common application properties at service level (service-property), which are common to both instances:
ODS_HOME
ODS_INSTANCES_HOME
And one property at instance level (instance-property), which can be unique to each instance.
EXEC_OPTIONS
Note: It is just to show how instance specific parameter can be used. In this example, we are assigning empty string for EXEC_OPTION
Here is the generated file:

<?xml version="1.0" ?> <!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> <!--     Manifest created by svcbundle (2016-May-08 21:06:50-0400) --> <service_bundle type="manifest" name="application/ods">     <service version="1" type="service" name="application/ods">         <!--             The following dependency keeps us from starting until the             multi-user milestone is reached.         -->         <dependency restart_on="none" type="service"             name="multi_user_dependency" grouping="require_all">             <service_fmri value="svc:/milestone/multi-user"/>         </dependency>         <exec_method timeout_seconds="60" type="method" name="start"             exec="/lib/svc/method/manage_ods start"/>         <exec_method timeout_seconds="60" type="method" name="stop"             exec="/lib/svc/method/manage_ods stop"/>         <exec_method timeout_seconds="60" type="method" name="refresh"             exec="/lib/svc/method/manage_ods refresh"/>         <property_group type="framework" name="startd">             <propval type="astring" name="duration" value="transient"/>         </property_group>         <property_group type="application" name="ods">             <propval type="astring" name="ODS_HOME" value="/opt/ods/dsee7"/>             <propval type="astring" name="ODS_INSTANCES_HOME"                 value="/opt/ods/dsee7/instances"/>         </property_group>         <instance enabled="false" name="odsInst1">             <property_group type="application" name="odsInst">                 <propval type="astring" name="EXEC_OPTIONS" value=""/>             </property_group>         </instance>         <template>             <common_name>                 <loctext xml:lang="C">                     <!--                         Replace this comment with a short name for the                         service.                     -->                 </loctext>             </common_name>             <description>                 <loctext xml:lang="C">                     <!--                         Replace this comment with a brief description of                         the service                     -->                 </loctext>             </description>         </template>     </service> </service_bundle>

Below is customized SMF Manifest file for our purpose. See the comments within the file for more information.

<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">   <!--   Service Manifest Template for Oracle Directory Service. --> <service_bundle type='manifest' name='application/ods'>     <service version='1' type='service' name='application/ods'>         <!--           The following dependency keeps us from starting until the           multi-user milestone is reached.         -->         <dependency restart_on="none" type="service"             name="multi_user_dependency" grouping="require_all">             <service_fmri value="svc:/milestone/multi-user"/>         </dependency>         <!--           Wait for network interfaces to be initialized.         -->         <dependency name='network' grouping='require_all' restart_on='none' type='service'>             <service_fmri value='svc:/milestone/network:default'/>         </dependency>         <!--             Wait for all local filesystems to be mounted.         -->         <dependency name='filesystem-local' grouping='require_all' restart_on='none' type='service'>             <service_fmri value='svc:/system/filesystem/local:default'/>         </dependency>                 <!-- execution credentials provided to non-root user 'oracleds'. This user has just enough privileges              to own the process even if it is listening on privilege ports.         -->         <exec_method timeout_seconds='60' type='method' name='start' exec='/lib/svc/method/manage_ods start'/>         <exec_method timeout_seconds='60' type='method' name='stop' exec='/lib/svc/method/manage_ods stop'/>         <exec_method timeout_seconds='120' type='method' name='refresh' exec='/lib/svc/method/manage_ods refresh'/>                 <property_group type='framework' name='startd'>             <!--             The duration property value transient ensures to execute the start method once and does not             execute it again if the method exits with $SMF_EXIT_OK. The svc.startd daemon does not try             to restart the script after its first execution.             -->             <propval type='astring' name='duration' value='transient'/>             <!-- sub-process core dumps shouldn't restart session -->             <propval type='astring' name='ignore_error' value='core,signal'/>         </property_group>         <!-- authorization: Any user assigned with the following authorizations will be able to manage service.              In our case 'odsadm' user will be assigned following two authorization.         -->         <property_group type='framework' name='general'>            <propval type='astring' name='action_authorization' value='solaris.smf.manage.ods'/>            <propval type='astring' name='value_authorization' value='solaris.smf.value.ods'/>         </property_group>         <!-- Define here all application specific parameters that are common to all instances             and to be passed to 'manage_ods' method -->         <property_group type='application' name='ods'>             <propval type='astring' name='ODS_HOME' value='/opt/ods/dsee7'/>             <propval type='astring' name='ODS_INSTANCES_HOME' value='/opt/ods/dsee7/instances'/>                                    </property_group>                    <!--           Define ODS instances         -->         <!--             odsInst1         -->         <instance enabled='false' name='odsInst1'>             <method_context>                 <!-- On Solaris systems, in order for a non-root user to use privileged ports,                      it needs net_privaddr privilege. The net_privaddr privilege allows a process to                      bind to a privileged port number (1-1023). -->                 <method_credential user='dirservd' group='dirservd'                 privileges='basic,proc_owner,net_privaddr,file_dac_read,file_dac_write,file_dac_search'/>             </method_context>             <!-- Define instance specific parameters (if any) to be passed to 'manage_ods' method. Example: -->             <property_group type='application' name='odsInst'>                 <propval type='astring' name='EXEC_OPTIONS' value=''/>                            </property_group>         </instance>                 <!--             odsInst2         -->         <instance enabled='false' name='odsInst2'>             <method_context>                 <method_credential user='dirservd' group='dirservd'                 privileges='basic,proc_owner,net_privaddr,file_dac_read,file_dac_write,file_dac_search'/>             </method_context>             <!-- Define instance specific parameters (if any) to be passed to 'manage_ods' method. Example: -->             <property_group type='application' name='odsInst'>                 <propval type='astring' name='EXEC_OPTIONS' value=''/>                            </property_group>         </instance>         <stability value='Evolving'/>         <template>             <common_name>                 <loctext xml:lang='C'>Oracle Directory Server</loctext>             </common_name>             <description>                 <loctext xml:lang="C">                     Refer to Oracle Directory Server Enterprise Edition 11g Release 1 Administration Guide                 </loctext>                            </description>         </template>            </service> </service_bundle>

In customized file above, added fragments of code is in green and modified fragment is in blue. Relevant comment has also been added so that it is easy to understand. As you can see new instance definition for 'odsInst2' has also been added along with privileges for 'dirservd' user and authorizations 'solaris.smf.manage.ods' and 'solaris.smf.value.ods' for service operator/administrator to administer the service. These two authorization will be assigned to 'odsadm' user.

Create custom script file to be invoked by service executable methods

  Below is script source for 'manage_ods' file. As shown, script retrieves parameter values supplied from SMF manifest for the service and instance and defines start, stop and refresh methods.

#!/sbin/sh # Common service method for ODS Administration. # . /lib/svc/share/smf_include.sh getsmfpropval(){     val=$(svcprop -p $1 $SMF_FMRI)     if [[ ! -z "$val" && -n "$val" && "$val" != '""' ]]; then         echo $val     fi } if [ -z $SMF_FMRI ]; then     echo "Service Management framework variables  not initialized."     exit $SMF_EXIT_ERR fi # Service instance name INST_NAME=${SMF_FMRI##*:} # Retrieve property values set in the service manifest file. ODS_HOME=$(getsmfpropval ods/ODS_HOME) ODS_INSTANCES_HOME=$(getsmfpropval ods/ODS_INSTANCES_HOME) EXEC_OPTIONS=$(getsmfpropval odsInst/EXEC_OPTIONS) INST_HOME=$ODS_INSTANCES_HOME/$INST_NAME if [[ -z $ODS_HOME || ! -d $ODS_HOME ]]; then     echo "ods/ODS_HOME property either not set, value empty or directory '$ODS_HOME' does not exist."     exit $SMF_EXIT_ERR_CONFIG fi if [[ -z $ODS_INSTANCES_HOME || ! -d $ODS_INSTANCES_HOME ]]; then     echo "ods/ODS_INSTANCES_HOME property either not set, empty or directory '$ODS_INSTANCES_HOME' does not exist."     exit $SMF_EXIT_ERR_CONFIG fi case "$1" in     'start')         action="start"         ;;     'refresh')         action="restart"         ;;     'stop')         action="stop"         ;;     *)         echo "Usage: $0 {start|stop|refresh}"         exit $SMF_EXIT_ERR_CONFIG         ;; esac if [[ ! -z $EXEC_OPTIONS && "$EXEC_OPTIONS" != "" ]]; then     ODS_CMD="$ODS_HOME/bin/dsadm ${EXEC_OPTIONS} ${action} ${INST_HOME}" else     ODS_CMD="$ODS_HOME/bin/dsadm ${action} ${INST_HOME}" fi echo "##### $SMF_FMRI ${action}ing ODS instance ${INST_NAME} with command: ${ODS_CMD} #####" ${ODS_CMD} 2>&1 if [ $? -ne 0 ]; then     echo "$SMF_FMRI failed to start ODS instance: ${INST_NAME}"     exit $SMF_EXIT_ERR_FATAL fi exit $SMF_EXIT_OK

Pink colored lines in the script above show how parameters (as property name and value) set in the SMF manifest file are retrieved here in the script and utilized, making it usable from one environment to another and one instances to multiple.
At this point we have everything we need in order to create SMF service. Let's upload/stage our SMF manifest file 'ods.xml' and script file 'manage_ods' into Solaris server somewhere in the /tmp directory. Below are some important steps, you need to carry out in order to create SMF service successfully:

1) Validate the SMF Manifest file as shown below and make sure no error.

$> svccfg validate /tmp/ods.xml

2) [Optional ] Make sure there is no existing SMF service with the same name. Below command queries the SMF service database. Here is an example:

svcs -a | grep ".*application/ods/odsInst.*" # If existing service with the same name is found and you decide to delete, use the following commands # 1. Stop the given service: # svcadm disable service-name svcadm disable odsInst1 svcadm disable odsInst2 # 2. if SMF manifest file exists, then remove the manifest file. # Usual locations for application specific Manifest files: /lib/svc/manifest/site or /var/svc/manifest/site rm -f /lib/svc/manifest/site/ods.xml # if manifest file does not exist, then delete the service using command below: # svccfg delete <full-service-name> svccfg delete svc:/application/ods:odsInst1 svccfg delete svc:/application/ods:odsInst2 # 3. Restart manifest-import service svcadm restart manifest-import

3) Copy files to target location

# Depending upon whether it is Solaris 10 or Solaris 11; the default location is: # Manifest file: /var/svc/manifest/site (Solaris 10); /lib/svc/manifest/site (Solaris 11) # Script file: /lib/svc/method # copy manifest to /lib[var]/svc/manifest/site. Example below is for Solaris 11: $> cp /tmp/ods.xml /lib/svc/manifest/site $> chown root:sys /lib/svc/manifest/site/ods.xml $> chmod 444 /lib/svc/manifest/site/ods.xml # Copy script file: $> cp /tmp/manage_ods /lib/svc/method    $> chown root:bin /lib/svc/method/manage_ods    $> chmod 555 /lib/svc/method/manage_ods

4) Add required authorization(s) defined in the SMF manifest file into /etc/security/auth_attr

# for Solaris 10: $> echo "solaris.smf.manage.ods:::Allows to manage smf service for ods::" >> /etc/security/auth_attr $> echo "solaris.smf.value.ods:::Allows to change smf service for ods::" >> /etc/security/auth_attr # for Solaris 11: $> auths add -t "Allows to manage smf service for ods" solaris.smf.manage.ods    $> auths add -t "Allows to change smf service for ods" solaris.smf.value.ods

5) Assign authorizations to service operator/administrator account.

In our case we'll assign these authorizations to 'odsadm' user.
Note: Before modifying the authorization for a given account, you may want to see what currently assigned values are and take a note just in case if you need to backout.

# As root run the following command and take a note of existing auths just in case if you mess things # auths <user> # or just run 'auths' command if you are logged in as a particular user. # Once existing auths are noted run following command # For Solaris 11: $> usermod -A +solaris.smf.manage.ods,solaris.smf.value.ods odsadm # For Solaris 10: $> usermod -A <existing authorizations>,solaris.smf.manage.ods,solaris.smf.value.ods odsadm

Note: the usermod command basically adds/updates /etc/user_attr file. If you are an advanced user, you may directly update /etc/user_attr file.

6) Register the service into SMF

# only for Solaris 10, import manifest $> svccfg -v import /var/svc/manifest/site/ods.xml # For both Solaris 10 and Solaris 11, restart the manifest-import service $> svcadm restart manifest-import

7) Verify the service

# Checking svc:/application/ods:odsInst1 $> svcs -l odsInst1 fmri         svc:/application/ods:odsInst1 name         Oracle Directory Server enabled      false state        disabled next_state   none state_time   Mon May 09 17:23:45 2016 restarter    svc:/system/svc/restarter:default manifest     /lib/svc/manifest/site/ods.xml dependency   require_all/none svc:/milestone/multi-user (online) dependency   require_all/none svc:/milestone/network:default (online) dependency   require_all/none svc:/system/filesystem/local:default (online) # Checking svc:/application/ods:odsInst2 $> svcs -l odsInst2 fmri         svc:/application/ods:odsInst2 name         Oracle Directory Server enabled      false state        disabled next_state   none state_time   Mon May 09 17:23:45 2016 restarter    svc:/system/svc/restarter:default manifest     /lib/svc/manifest/site/ods.xml dependency   require_all/none svc:/milestone/multi-user (online) dependency   require_all/none svc:/milestone/network:default (online) dependency   require_all/none svc:/system/filesystem/local:default (online)

Note: As you can see the currently service is in disabled state, it's because in the manifest file we defined initial state to be 'enabled=false' If you need service to be started automatically on system reboot make sure to have 'enabled=true'.

8) Now let's start the service as 'odsadm' user and make sure it is started

# change to 'odsadm' user $> su - odsadm # start the odsInst1 $> svcadm enable odsInst1 # Check the status $> svcs -l odsInst1 fmri         svc:/application/ods:odsInst1 name         Oracle Directory Server enabled      true state        online next_state   none state_time   Mon May 09 19:18:36 2016 logfile      /var/svc/log/application-ods:odsInst1.log restarter    svc:/system/svc/restarter:default manifest     /lib/svc/manifest/site/ods.xml dependency   require_all/none svc:/milestone/multi-user (online) dependency   require_all/none svc:/milestone/network:default (online) dependency   require_all/none svc:/system/filesystem/local:default (online) # start the odsInst2 $> svcadm enable odsInst2 # Check the status $> svcs -l odsInst2 fmri         svc:/application/ods:odsInst2 name         Oracle Directory Server enabled      true state        online next_state   none state_time   Mon May 09 19:23:27 2016 logfile      /var/svc/log/application-ods:odsInst2.log restarter    svc:/system/svc/restarter:default manifest     /lib/svc/manifest/site/ods.xml dependency   require_all/none svc:/milestone/multi-user (online) dependency   require_all/none svc:/milestone/network:default (online) dependency   require_all/none svc:/system/filesystem/local:default (online)

9) Troubleshooting (if any)

• Look the service log. You can find the location of service log by running command 'svcs -l <service-name>'
• Use svcs debugging using 'svcs -xv' which gives all services that are having issue(s) or 'svcs -xv <service-name>' for particular service.
• A lot of time it could be privilege related. You can debug it using 'ppriv' command. See ppriv details.

This concludes our SMF walkthrough. Hope, you find it useful. Now, you go ahead and use SMF in your own environment. Happy SMFing!