Bypass XSCF Login on Sun SPARC64-VI machines

From Docupedia

Written By: Steve Ayotte

Date: 6/15/2008

The Problem

Rather than the LOM, ALOM, or ILOM service processor built in to other Sun servers, the M4000 has shipped with a rather complete embedded Linux system which they're calling an XSCF (eXtended System Control Facility, what a bullshit acronym). The console can not, as far as I yet know, be accessed except by logging into the XSCF and attaching to it from there. If you're leasing / loaning / buying a previously used machine, you may find yourself without a valid login.

In that event, the undocumented method below (by Sun, you can of course love Alkaloid for this) may prove useful. Your other options are to book a time/materials call with Sun so they can send a field engineer to you to do exactly this, or to yell at them on the phone until they tell you this method.

The Workaround

1. Turn the key on the front of the chassis to the "Service" position. This is the position that doesn't have a little lock by it, pretty easy. If you don't have a key this won't work.
2. At the login prompt type "default"
3. You will be prompted to turn the key to the "Locked" position, and hit enter. Do so.
4. You will be told to leave the key in this position for at least 5 seconds, and then return it to the "Service" position and hit enter again.

You'll be dropped to an XSCF> prompt here.

1. Create a new user by typing "adduser <username>"
2. Set the password for this new user by typing "password <username>"
3. Give this user sufficient priveleges to do useful things by typing "setprivileges <username> platadm useradm mode auditadm"

You should now log back out of the XSCF, and log back in with your new username.

Disclaimer

I've only tried this on the Sun M4000, but I strongly suspect it works on the M5000 / M8000 / M9000.

I was given this information by a Sun Customer Service (not an Engineer, he was relaying the message) representative over the phone. We were testing this platform for viability so we could recommend it to a lot of our customers, so we were able to exert a fair amount of pressure when little things like this went wrong. This sort of thing is usually found in their Field Service manuals which aren't available to the public; he might have given it to me against Sun internal policy. If that is the case, he didn't tell me what I could or couldn't do with the information, and I find it DEEPLY ANNOYING that any company would sell you a system that you might be completely locked out of even given physical access so I am passing the information on. If Sun has just neglected to document this method, shame on them.