HP-UX Learning, copied from the web, credit and References Below to the original authors/webistes/wikipedia.

HP-UX networking related tools and commands

Use getconf KERNEL_BITS

getconf KERNEL_BITS will return whether it is a 32 bit HP Unix or 64 bit HP Unix as shown below.

# getconf KERNEL_BITS
32

# getconf KERNEL_BITS
64

Method 2: Use file /stand/vmunix

By Checking the vmunix’s filetype you can tell whether the kernel bits in HP-UX operating system is a 32 or 64 bit.

For 32bit HP-UX kernel:

# file /stand/vmunix
/stand/vmunix:  PA-RISC1.1 executable

For 64bit HP-UX kernel:

# file /stand/vmunix
/stand/vmunix:  ELF-64 executable

Method 3: Use print_manifest OS mode

In HP Unix HP-UX, the print_manifest provides manifest information such as hardwares connected to the system, storage devices, softwares installed, disk layout, file system layout, swap configuration, kernel fonfiguration s, etc.,

The following example is used to find out only the operating system mode from the manifest details of the system.

# print_manifest | grep  "OS mode"
OS mode:            64 bit

You can see the memory usage in HP-UX using swapinfo try swapinfo -tam

FILES

SCRIPTS

HPUX Commands
(a) Display lan interface info:
# lanscan

(b) All in one lan configuration utility (lan0 is first Ethernet interface) to configure and view the system IP address:
# ifconfig lan0 - Display IP info such as IP address netmask etc.
# ifconfig lan0 up - Up network interface (allow traffic)
# ifconfig lan0 down - Down network interactive (deny traffc)
# ifconfig lan0 192.168.1.1 netmask 255.255.255.0 up - Setup/change IP adddress

(c) Displaying host name
# hostname

(d) Arp administration (cache)
# arp -a

(e) Display routing table/info:
# netstat -nr

(f) Define new route:
# route add default 192.168.1.254 1

(g) HP's LAN diagnostic tool
# lanadmin

(h) Test a remote host connectivity
ping host.mycorp.com

(i) Setup various lan properties, dns client, NIS client configuration etc using GUI tool:
# sam
# set_parms

(j) Check dns connectivity:
$ nslookup www.google.co.uk

HP-UX: How Do I configure the new Lan card configuration?

kill HP-UX desktop (CDE) with following command (login as root and open terminal) :

# /sbin/init.d/dtlogin.rc stop

Next open the /etc/rc.config.d/netconf file and make changes to HOSTNAME and IP address. Save the file.

# vi /etc/rc.config.d/netconf

HOSTNAME=myhpux INTERFACE_NAME[0]=lan0
IP_ADDRESS[0]=202.54.10.20 SUBNET_MASK[0]=255.255.255.0 BROADCAST_ADDRESS[0]=""
DHCP_ENABLE[0]="0"

Finally, you need to update the /etc/hosts file with correct IP and hostname:

# vi /etc/hosts

Reboot the system

# shutdown -ry 0

HP-UX Overview and Command Summary

Bootup/Shutdown

shutdown -r 0 --> reboot
shutdown -h now  --> shutdown and halt
shutdown 0 --> shutdown to single user mode
reboot 0 --> reboot
init 1 - single user mode
hpux -is  boots single user mode

Interupting the boot process:
GSP Mode

To reboot to single user mode:
  1. shutdown -r 0
  2. hit <space> during 10 sec window to interrupt reboot
  3. enter: <b><o>
  4. interact with ipl? yes
  5. hpux -is  (i=init, s=single user)

To reboot manually to init 3 level
  1. shutdown -r 0
  2. <space> during 10 sec window
  3. bo
  4. interact with ipl  --> yes
  5. hpux -is   (i=init, s=single user mode)
  6. mount -a
  7. init 3
Startup/Shutdown Scripts

/sbin/init.d
/sbin/rc0.d                                These are all linked to actual scripts in /sbin/init.d
/sbin/rc1.d
/sbin/rc2.d                                scripts with k are kill scripts and scripts with s are start scritps.
/sbin/rc3.d
/sbin/rc4.d

/etc/rc.config.d    --> Scripts

CIFS (Samba)

/opt/etc/samba/smb.conf

Device Management

HP-UX is a hardware path based operating system.  When it boots up it does a hardware detection.  It then compares the hardware that it detects with the hardware that is listed in /etc/ioconfig.  If new hardware is detected, it is assigned the next available configuration information in the proper hardware path.

rmsf - remove special files
insf - install special files

insf -C disk -e   <-- This command will re-install all of the device files for the class "disk"

lsdev   <-- Lists devices and drivers in the system

ioscan   <-- searches for all devices and displays their hardware path
ioscan -fnC disk  <-- searches for all devices of  class (C) disk
ioscan -fnH <LUN>  <-- searches for a LUN

last 2 digits of hardware path in the LUN in octal  (1/12/0/0.1.23)

Disk Devices

A disk device will have a name in the following format:  c#t#d#

c# is the card number
t# is the target number
d# is the LUN - this is normally 0 unless RAID is being utilized


scsictl -a /dev/rdsk/c?t?d?  <-- display control parameter information about the disk device
scsictl -a -m queue_depth=4 -m queue_depth /dev/rdsk/c?t?d?      <-- sets the queue depth

CD-ROM Devices

nohup /usr/sbin/pfs_mountd &  - starts process
nohup /usr/sbin/pfds &  - starts process

pfs_mount -o xlat=unix /dev/dsk/c0t1d0 /cdrom        - mounts cdrom

Cdrom won't eject:
  1. pfs_umount -c OR
  2. kill -9 pfs_mountd and kill -9 mountd
Cdrom won't mount using:  pfs_mount -o xlat=unix /dev/dsk/c0t1d0 /cdrom
  1. nohup /usr/sbin/pfs_mountd &
  2. nohup /usr/sbin/pfsd
  3. /usr/sbin/pfs_mount /cdrom    <-- this uses mounting information in /etc/pfs_fstab
7400 Disk Array

armdsp -a va7400   <-- real time display of the disk array
armmgr -D va7400 HPA6189A00SG218H0024
armdiscover  /opt/sanmgr/commandview/client/sbin    -->  Tells us the serial number
armhost -d <Array Worldwide Name> <Serial #>
armhost -d 50060b000014e313 00SG218J0024
ioscan -fnc disk | more

cvui - creates luns
Process to export disk configuration to a file:
Fibre Channel Devices

ioscan -fknC fc  <-- Lists fibre channel adapters.

To identify the devices:

ls -l /dev/fc*

fcmsutil - utility for fibre channel operations
fcmsutil /dev/<device>

Procedure to run fcmsutil on a fibre channel:
ioscan -fnC disk|more   --> Identify hw path of fibre channel adapter
ioscan -fnH 1/0/0/0  -->  Identify device of fibre channel adapter
or ls /dev/fc* on older adapters (arbitrated loop)
fcmsutil /dev/fcms2 stat  -->  fcmsutil that shows status of fibre channel adapter

Logs


/etc/rc.log Startup Log
/var/adm/sw/swagent.log Software package installation log
/var/adm/syslog/syslog.log System Error Log
/etc/shutdownlog
Shutdown Log
/var/tombstones/ts99
Crash log

Login Environment

/etc/profile - main profile for all users

/etc/profile.env

export TMPDIR=/tmpsort
export TEMPDIR=/tmpsort

source a profile:    ". ./profile"

Changing prompt:

export PS1=$(hostname):'$PWD # '

This gives a prompt that has the hostname followed by the current directory, ending in the # (useful for root logins).

Networking

netstat -a   <--ports
netstat -i  <--interfaces
netstat -r  <--routing table
netstat -rv  <--routing table and subnet mask

lanscan - provides hardware information about the nics in the server
lanadmin - menu driven interface to administer lan nics
lanadmin -x 0  bypass menu and show lan driver specific options for nic with id 0
lanadmin -X 100FD 0  - bypass menu and set nic at id 0 to 100 MBS, Full Duplex

ioscan -fnkC lan   - shows ioscan information for device type "lan"

lanscan -i|awk '{print $1}'|xargs -i ifconfig {}   -> does an ifconfig on all defined interfaces on that server

Changing the IP Address and Subnet mask:
Changing the Default Gateway

Network Time Protocol (NTP)

ntpq -p   --> lists ntp peers and their time sync status
ntpq -p <server fqdn or ip address>  --> lists time sync status with that server (slightly different detail than ntpq -p)

/etc/ntp.conf  --> configuration file
Changes to the configuration require ntp daemon (xntpd) be stopped and restarted (restart is not recognized):

Printing

Command
Description
cancel
deletes print jobs from queue
hppi
jet admin
ls -d<destination> -o<optioni> file
prints a file
lpadmin

lpsched -v

lpstat
lists jobs in queue. -s  -t
pr .profile | lp -n3
prints
pr -o10 -l64 -F -h <HEADER> <file> | lp prints using margins of 10, page length of 64, header on each page

/etc/lp

/usr/lib/lp
/var/adm/lp
/var/spool/lp

/etc/lp/interface - interface scripts

/var/sam/lp/lpinfo

Migrating the printer configuration from one server to another server using SAM:

On the source server:
On the destination server:

Performance Monitoring

top
     j  moves forward pages in the display
     k moves backwared pages in the display
glance (if installed)

sar -q
sar -u
sar -d

vmstat

vminfo

Process Management


Command
Description
inetd -c
Causes inet to reload /etc/inetd.conf
inetd -l
starts logging in /var/adm/syslog/syslog.log
ps -ef | grep PROD
list all processes, but only show those processes that have "PROD" in them
/sbin/init.d/<script> [start|stop]
If the script exists, this will stop and start the associated processes. 


/etc/services   -->  Lists the services and their configuration
/etc/inetd.conf  --> Lists the services and their configuration
/var/adm/inetd.sec   -->  This file contains security information on who may request a particular process

Remote Access

rcp <source> remote_machine:<path>

remsh <host>

rlogin <host>

.rhosts file needs to be configured or else you will be prompted for username and password (located in home directory)

last -R  - gives address information of last remote login, useful for troubleshooting

Software Installation and Management

To install patches and software use:

swinstall  -->  This will lauch the gui or
swinstall
-x <option> -x <option> -s <path to depot>  -->  This will still lauch the gui, but the parameters will be preselected.  This is use to allow selection of additional parameters that may not be selectable from the gui itself (such as the logging levels below)

For example some popular options are:
Note: 

Location of  logfiles:
/var/adm/sw/swagent.log
/var/adm/sw/swinstall.log

Listing all Software

swlist -l product | more

Checking for Specific Software

swlist -l product | grep <SEARCH STRING>

Checking for Specific Patches

swlist -l product| grep PH | more

then search for a specific patch (ie PHNE_XXXXX)

Manually applying patches

Patches can be applied using swinstall, just as depots are installed
swcopy -s /tmp/*.depot -\*@/var/spool/sw

Cleaning up after applying patches:

cleanup
cleanup -c n  <--  commits patches that have been superseded n number of times.  Useful to free up disk space in /var/adm/sw/save.
cleanup -p  <-- previews the actual cleanup tasks but does not actually perform the cleanup

check_patches
show_patches

Creating a single patch depot out of multiple individual depots:

From the directory that has all of the individual depots run this command line script:
for i in PH*.depot
do
        swcopy -x enforce_dependencies=false -s ${PWD}/$i \* @ /tmp/patch_depot         <-- /tmp/patch_depot is the destination directory
done

System Information

Note:  See section on STM, detailed system information is available with this utility
           Also SAM -->Performance Monitors --> System Properties

OS Information

uname -a - display general information e.g. OS release, node name, machine ID number, etc

print $(uname -i)16op|dc  hex system id
/opt/itor/bin/i4target -v     spu

file /stand/vmunix   <-- shows whether 64 bit or 32 bit kernel
getconf KERNEL_BITS  <--shows whether 64 bit or 32 bit kernel

Memory Information
dmesg|grep Phy  <-- List amount of physical ram in server
cat syslog|grep Phy <-- List amount of physical ram in server
echo phys_mem_pages/D|adb -k /stand/vmunix /dev/kmem   <-- Lists amount of  4K Memory pages in HPUX 11.x
echo "memory_installed_in_machine/D" | adb -k /stand/vmunix /dev/mem |tail -1 | awk '$2 > 0 { print $2 / 256 }'  <--  Lists memory in MB.
echo "physmem/D" | adb /stand/vmunix /dev/kmem  <-- Lists amount of 4K Memory pages in HPUX 10.x

model   <-- information about the model of the workstation/server

sam --> Performance Monitors --> System Properties  --> Memory Tab

CPU Information

ioscan -fnC processor   <-- shows information about each processor found

echo "itick_per_usec/D" | adb -k /stand/vmunix /dev/mem | tail -1  <-- Shows CPU Speed in MHZ

sam --> Performance Monitors --> System Properties  -->Processor Tab

echo itick_per_tick/D | adb /stand/vmunix /dev/kmem - gives processor speed

grep model /usr/lib/sched.models - gives type of processor for 10.X systems

grep model /opt/langtools/lib/sched.models - gives processor type for 11.X systems



Changing the Server Name and the IP Address

System Tuning

Extract Current System File

kmtune - displays the tunable parameters
kmtune -l  <-- This displays a detailed report of the parameters (current, planned, default, minimum, etc)
sam allows you to tune the kernel
Manual Kernel Build (not using sam)  -->  /usr/sbin/mk_kernel -s /stand /build/system

STM

diaglogd

/var/opt/resmon/log

Procedure to use STM to determine memory configuration

Command Script to print useful information to a file called info
echo "sel path system; info; wait; infolog
>view
>done
>"lcstm>info
#cat info

print_manifest  (located in /var/opt/ignite/local/manifest/manifestinfo ??)

Command Script to print useful information
cstm
cstm>Map
cstm>SelAll
cstm>Information
cstm>Infolog
cstm>exit

Command Script to print useful information  (not sure this is complete/correct)
cstm
cstm>SelClass type "Disk" qualifier "All"
cstm>info;wait
cstm>il
cstm>create /tmp/disk.stm
cstm>done
cstm>quit
cstm>ok

cstm -f /tmp/disk.stm

Terminal Environment

TERM - environmental variable indicating type of terminal
stty
termio

/usr/share/lib/terminfo

setup string for xterm:  /usr/bin/X11 -ls -d @D

$DISPLAY=192.168.70.80:0.0

$TERM = xterm

stty
stty -all

Running Exceed  --> xstart
Starting an X-Window application from telnet

start an X-Window server on the PC, such as exceed
export DISPLAY=W.X.Y.Z:0.0     <---W.X.Y.Z is the IP Address of the PC
/opt/ignite/bin/ignite                          <---Now just run the program


Configuring an HP 700/96 Terminal for a server connection:

Users Administration

Creating Users
Creating Groups
sam --> user and group accounts
groupadd Groupname

Useful Commands

Command
Description
<esc><esc> or <esc>\
autocompletion
file * Show file types, such as "ascii".
find <path> -name <name> -print
Finds a file in the OS at the starting path on down
grep

groups <username>
Shows groups for a user
kmtune
Displays kernel tunable parameters
listusers -g <group>
Lists the users in a group
ln -s <file or directory> <symbolic link>
Creates a symbolic link to a file or a directory
pr -o10 -l64 -F -h <HEADER> <file> | lp
prints using margins of 10, page length of 64, header on each page
rcp <source> remote_machine:<path>
remote copy
remsh <host>
opens a remote command shell on the host machine
rlogin <host>
remote login to host machine
sar

set_parms
Change host name (/etc/set_parms)
tail -f <file>
Looks at end of file and keeps it open to watch changes
top
realtime display of processes
uname -a
information about the system
print $(uname -i)16op|dc
prints hex system id
who -u, who -Rm
who is using the system

Process to recover from a lost/forgotten root password

  1. Power off the server
  2. Power on the server
  3. Interupt the boot process during the 10 second interval (display will indicate this on the screen)
  4. bo pri
  5. Answer yes to interact with the ipl
  6. At the prompt "hpux -is" for single user mode
  7. cd /sbin
  8. passwd root  and  follow prompts to put in new password
  9. shutdown -r 0  to reboot to multiuser mode

 HP-UX Cheat Sheet

This is a document that can be used for revision purposes for HP-UX.

Kernel
Kernel parms and Hardware. /usr/sbin/sysdef or ioscan –fn
Major numbers (devices) lsdev
Unix device messages dmesg
Configuration files /etc/rc.config.d
Unix Kernel /stand/vmunix
All crash files. /var/adm/crash

display loaded modules kmadmin
kmadmin -s
load modules kmadmin -L
unload modules kmadmin -U
set kernel parameters kctune (11i)
rebuild kernel
display kernel parameters kctune (11i)
sysdef
kmtune
kmsystem
usr/sam/lbin/getkinfo -f /stand/vmunix -o /tmp/kernel.data
re/build kernel cd /stand/build
/usr/lbin/sysadm/system_prep -s system
edit system file
/usr/sbin/mk_kernel -s ./system
mv /stand/system /stand/system.old
mv /stand/vmunix /stand/vmunix.old
mv /stand/build/system /stand
mv /stand/build/vmunix_test /stand/vmunix
shutdown -r 0

System Information
amount of memory dmesg |grep -I physical
/usr/sam/lbin/getmem
/opt/ignite/bin/print_manifest
cpu (type, number, etc)
/opt/ignite/bin/print_manifest
sam > performance monitors > system properties (detailed)
model
uname -m
disk drives
pvdisplay -v
disk info serial numbers
diskinfo -v /dev/rdsk/c0t4d0 (detailed but no serial number)
/opt/ignite/bin/print_manifest
ioscan -fn -C disk
Kernel 32 or 64
getconf KERNEL_BITS (11.0)
(HPUX < 11.00 all 32 bit)

Note: determine if system supports 32/64 bits
getconf HW_CPU_SUPP_BITS
Display firmware

< 10.20:
1. At the system prompt, enter "sysdiag"
2. At the DUI prompt, enter "sysmap"
3. At the ENTER MAP prompt, enter "cpumap"
4. Note the PDC Firmware value
5. At the ENTER MAP prompt, enter "exit"
6. At the DUI prompt, enter "exit"

10.20 >: use mstm (tools manger)

trace system calls
 

Daemons
NFS daemons server: rpc.mountd, nfsd
client:rpc.statd, lockd

/etc/exports
Time daemons netdaemons

/etc/rc.config.d/netdaemons
/etc/ntp.conf

Software
adding packages/patch swinstall -s /var/spool/sw
removing packages/patch swremove
Listing installed packages/patches swlist -l product PH* (HPUX 10.x)
swlist -l patch (HPUX 11)
verify package/patches swlist -l -a state
swverify
Adding packages to depot swlist -d @ /dev/rmt/0m
Removing packages to depot swremove -d * @ /var/spool/sw
listing packages from depot swlist -d @ /dev/rmt/0
swlist -d @ /var/spool/sw
copy software from one depot to another swcopy -s /dev/rmt/0 @ /var/spool/sw
register software swreg
List all files in package swlist -l <file>
configure software swconfig

Log Files
messages n/a
syslog /var/adm/syslog/syslog.log
mail /var/adm/syslog/mail.log
cron /var/adm/cron/log
boot /var/adm/syslog/syslog.log
sam log /var/sam/log/samlog

Accounts
displaying users cat /etc/passwd
logins
adding a user useradd
sam
removing a user userdel
sam
modifying a user usermod
sam
password files /etc/passwd
/tcb/files/auth/r/root (trusted system)

Network
displaying NIC speeds ndd -get
setting NIC speeds ndd -set
lanadmin
display routing table netstat -rn
displaying network interfaces lanscan (all)
ifconfig lan0 (individual)
Lan device config (interface name, state, mjr number, Hardware path, mac address) lanscan
Lan Diag tool (like a netstat –I and –s and more) Landiag or lanadmin
setup dns /etc/resolv.conf
name service switch file /etc/nsswitch.conf

NFS Configuration
display nfs shares showmount -e localhost
cat /etc/xtab
create nfs share /etc/rc.config.d/nfsconf (edit)
/etc/exports (edit file & add share)
exportfs -a
uncreate nfs share /etc/rc.config.d/nfsconf (edit)
exportfs -au (unshare all)
exportfs -u /home/vallep
/etc/exports (edit file & remove file)
nfs start /sbin/init.d/nfs.core start
/sbin/init.d/nfs.server start
/sbin/init.d/nfs.client start
nfs stop /sbin/init.d/nfs.client stop
/sbin/init.d/nfs.server stop
/sbin/init.d/nfs.core stop
nfs status ps -ef|grep
nfs reload exportfs -a
nfs performance nfsstat

Sam
Sam Log file location /usr/local/log/samlog

Console
Root only on console /etc/securetty

Boot (ISL)
Boot a particular kernel (standalone) Hpux –is /stand/vmunix
Boot in stanalone Hpux –is boot
Boot multi-user Hpux –lm boot

Build a new kernel
  cd /stand/build
/usr/lbin/sysadm/system_prem -s system
edit system file
/usr/sbin/mk_kernel -s ./system
mv /stand/system /stand/system.old
mv /stand/vmunix /stand/vmunix.old
mv /stand/build/system /stand
mv /stand/build/vmunix_test /stand/vmunix
reboot

Disk
setting the boot device setboot -p
setboot -a
format floppy drive n/a
mount/unmount floppy n/a
mount/unmount CDROM mount -rF cdfs /dev/mnt
create boot disk or
recovery tape
recovery tape (preview):
make_tape_recovery -v -I -x inc_entire=vg00
boot cdrom/diskette
(single user)
>boot pri
Interact with IPL? Y
ISL>hpux -is
boot into maintenace
mode
>boot pri
Interact with IPL? Y
ISL>hpux -lm
Display the LIF area (Logical Interchange Format) lifls -l /dev/dsk/c0t6d0
Display characteristics of a tape drive lssf /dev/rmt/c4t1d0DESTn


Logical Volume Manager

see hpux logical volume manager for lvm commands

mountable drives /etc/fstab
lvm drives /etc/lvmtab
exported drives /etc/exports
mounted exported drives /etc/xtab

create a filesystem newfs –F <filesystem type>
create a exported filesystem exportfs-a
block devices mkfs –v –C <class> -m <minor #> <device>
raw devices mkfs –v –r –C <class> -m <minor#> <device>

info on disk drives diskinfo
df –k bdf
change interleave factor mediainit
A number of disk that have to be running in order for a VG to mount quorum

Swap
Display swap information swapinfo (display in Kb)
swapinfo -m (display in Mb)
swapinfo -tm (total and Mb)
Adding swap Create logical volume or filesystem

swapon <device>|<logical device>
swapon -p 3 <device>|<logical device>

update /etc/fstab

Note: -p = priority swap number

Removing swap edit /etc/fstab
reboot

Misc
startup  
shutdown shutdown -h -g0 -y (halt)
shutdown -r -g0 -y (reboot)
init status
0
1
2
3
4
5
6
 
determine the runlevel who -r
obtain default run level  
start xwindows  
ntp setup  
force a fsck  
page size (memory) 4Kb
initialize system set_parms initial
Timezone /etc/TIMEZONE
update /dev directory Class:
insf -C tape
Recreate deleted link:
insf -H 0.1.0 -e
remove device rmsf
list device drivers lsdev
console login (allow/deny) /etc/securetty

 

HP Logical Volume Manager (LVM)

Logical Volume Manager is a disk management subsystem that allows you to manage physical disks as logical volumes.

The following terms are used when working with LVM:

Volume A volume is a device used for a filesystem, swap or raw data. Without LVM a volume would be a disk partition or the whole disk
Physical Volume A physical volume is the disk itself. An entire disk must be initialised if it is to be used by LVM.
Volume Group A volume Group is a collection of volumes that are managaed by LVM. Each disk must only belong to one group however a volume group many contain many disks.
Logical Volume This is the space that is defined within a volume group. The volume group is divided into smaller logical volumes which in turn become the filesystems. A volume group may contain one or many logical volumes. Logical volumes can be grown or shrunk. A logical volume is a set of logical extents
Physical Extent A physical extent is a set of contiguous disk blocks on a physical volume. The default size of an extent is 4MB but this can be adjusted when initialising the disk. Normally a physical extent will have a one to one relationship with logical extents.
Logical Extent A logical volume is a set of logical extents. Logical extents and pyhsical extents are the same size in a volume. A logical extent is a direct mapping to a pyhsical extent.
/etc/lvmtab This file has in it the device file associated with each disk in a volume group. /sbin/lvmrc starts each volume group by reading the contents of this file at boot time.This file can be rebuilt using the command vgscan. The file is a binary file and can be read using Strings.
PV Links Physical Volume Links (PV Links) provide dual SCSI or FL links to the same disk. This basically means multipathing to a disk.

Boot Disk Components

LIF Directory* Contains a list of other disks in the volume group and whether or not they are bootable
PVRA

Contains imports PV-related information such as:

  • PV ID number
  • VG ID number
  • PE Size
  • PV size
  • bad block directory
This is created when pcreate is run
BDRA* Specifies where the root filesystem is found
LIF* Contains ISL, HPUX, AUTO, LABEL that are LIF files. These are put there when the mkboot and lvlnboot commands are run.
VGRA Contain volume group description area (VGDA) and volume group status area (VGSA)
Physical Extents Physical extents for the file system, swap, etc
Bad Block Pool Provides alternate locations for bad blocks

* Boot disk Only

Disk Mirroring

Disk Mirroring is preformed by the sftware package MirrorDisk/UK, the product requires a license from HP. Logical volumes can be mirror one or more times, in other words the logical extent is mapped to one or more physical extents. There is a mirror policy called strict which can be set to one of the following:

n when set means that mirrored copies of a logical extent can share the same physical volume. This means that your original and mirrored data may be on the same physical disk
y when set means that mirrored copies of a logical extent cannot share the same physical volume. This means that your original and mirrored data will not share the physical disk
g Mirrored data will not be on the same physical volume group (PVG) as the original data. This policay is called a PVG-strict allocation policy.

Physical Volume Commands

pvchange Allows you to change a physical volume is some way. for an example you can allow or disallow adding extents to this physical volume.
pvcreate Is used to create a physical volume that will be part of a volume group.
pvdisplay shows information about a physical volumes you specify
pvmove you can move extents from one physical volume to other physical volumes.
mknod this command is used to create th major/minors numbers of a volume group

Volume Group Commands

vgcfgbackup used to save the configuration of a volume group.
vgcfgrestore used to restore the configuration of a volume group.
vgchange makes a volume active or in-active
vgcreate you can create a volume group and specify all of its parameters.
vgdisplay display information related to a volume group
vgexport remove a volume group from the system, but does not modify the logical volume information on the physical volumes. You can then import the volume group onto another system i.e in a cluster environment.
vgextend Physical volumes can be added to a volume group by specifying the physical volume to be added to the volume group.
vgimport used to import a volume group from another system
vgreduce reduce the volume group by removing th specified physical volume.
vgremove remove the volume group completely from the system
vgscan rebuild the /etc/lvmtab file
vgsync when a volume group become stale you can resync that volume which resync's all the physical extents in each mirrored logical volume in the volume group.

Logical Volume Commands

lvcreate create a new logical volume.
lvchange change the logical volume in some way
lvdisplay display information on a specified logical volume
lvextend increase the number of physical extents to a logical volume. You will need to use the extendfs after extending a logical volume.
extendfs expands the filesystem within the logical volume. You would use fsadm if you have OnlineJFS installed.
mkboot places boot utilities in boot area
lvlnboot use this to sepup a logical volume to be a root, boot, primary swap or dump volume. This can be undo with lvrmboot.
lvsplit or lvmerge are used to split or merge a logical volume that is mirrored
lvmmigrate prepares a root filesystem in a disk partition for migration to a logical volume. You would use this if you had a partition to convert to a logical volume
lvreduce decrease the number of physical extents allocated to a logical volume
lvremove remove a logical volume from the volume group
lvrmboot if you don't want a logical volume to be root, boot, primary swap or a dump device.
lvsync when a logical volume becomes stale you can resync the logical volume
newfs place a new flesystem on a logical volume

JFS and OnlineJFS Commands

fsck check/repair the integrity of a filesystem
fsadm peforms a number of tasks when using a OnlineJFS sch as dfragmentation, resizing, online backup, etc

Commonly used LVM procedures

Create a new volume group, logical volume and filesystem

pvcreate /dev/rdsk/c0t1d0
mkdir /dev/vg01
mknod /dev/vg01/group c 64 0x010000
vgcreate /dev/vg01 /dev/dsk/c0t1d0
lvcreate -L 2000 /dev/vg01
newfs -F vxfs -o largefiles /dev/vg01/rlvol1
mkdir /ora_data01
mount /dev/vg01/lvol1 /ora_data01

Create a stripped filesystem

lvcreate -i 3 -I 32 -L 24 -n lvol1 /dev/vg01

-i number of stripes
-I stripe size of 32KB
-L size of the volume

Mirror root and swap disk

pvcreate -B /dev/rdsk/c0t6d0
vgextend /dev/vg00 /dev/dsk/c0t6d0
mkboot /dev/rdsk/c0t6d0
mkboot -a "hpux -lq" /dev/rdsk/c0t6d0
mkboot -a "hpux -lq" /dev/rdsk/<primary disk>
lvextend -m 1 /dev/vg00/lvol1 /dev/dsk/c0t6d0
lvextend -m 1 /dev/vg00/lvol2 /dev/dsk/c0t6d0
lvextend -m 1 /dev/vg00/lvol3 /dev/dsk/c0t6d0
lvextend ........all other volumes on primary disk

setboot -a 8/8.6.0

replace a non-mirrored disk

lvreduce -m 0 -A n /dev/vg01/lvol1 /dev/dsk/cxtxdx
vgreduce vg01 /de/dsk/cxtxdx
or
pvchange -a N /dev/dsk/cxtxdx (if you have online replacement disks)

vgcfgrestore -n /dev/vgXX /dev/rdsk/cxtxdx
vgchange -a y /dev/vgXX
newfs -F <fstype> /dev/vgXX/rlvolx
mount <mountpoint>

Notes:
Make sure you have /etc/lvmconf/vgXX.conf
vgcfgbackup is run automatically
Defective disk was not mirrored before it failed

replace a mirrored disk

vgcfgrestore -n /dev/vgXX /dev/rdsk/cxtxdx
vgchange -a y /dev/vgXX
vgsync /dev/vgXX

Notes:
Defective disk was mirrored before it failed

replace mirrored boot disk

vgcfgrestore -n /dev/vg00 /dev/rdsk/cxtxdx
vgchange -a y /dev/vg00
vgsync /dev/vg00
mkboot /dev/rdsk/cxtxdx
mkboot -a "hpux -lq" /dev/rdsk/cxtxdx
shutdown -r -y 0

Notes:
Confirm that you have /etc/lvmconf/vg00.conf
Defective disk was mirrored before it failed

export and import a volume group

System One:
vgchange -a n /dev/vg01
vgexport -v -m /tmp/mapfile -s /dev/vg01
rcp /tmp/mapfile <system 2>:/tmp/mapfile

System two:
mkdir /dev/vg01
mknod /dev/vg01/group c 64 0xyy0000
vgimport -v -m /tmp/mapfile -s /dev/vg01
vgchange -a y /dev/vg01
mkdir /ora_data01
mount /dev/vg01/ora_data01 /ora_data01

extend VxFS file ssytem using onlineJFS lvextend -L 800 /dev/vg01/lvol1
fsadm -F vxfs -b 800M /ora_data01
change a logical volume to support largefiles fsadm -F vxfs -o largefiles /dev/vg01/rlvol1
display the boot area lifls -Clv /dev/dsk/c0t6d0
display boot information lvlnboot -v /dev/vg00
display all disks in the system ioscan -funC disk
make a dump device lvchange -C y /dev/vg00/dump (makes it contiguous)
lvlnboot -d /dev/vg00/dump
display dump devices lvlnboot -v

HPUX Boot Process

The boot process on a HP server is reduce to three steps

PDC HPUX system come with firmware installed called Processor Dependent Code (PDC) The PDC run self-test operations and initialises the processor. The interface to the PDC commands is called the Boot Console Handler (BCH)
ISL The Initial System Loader is run after the PDC, there are a number of commands that can be run from the ISL
hpux utility that manages loading the HP-UX kernel and gives control to the kernel. Commands can be gven to the kernel. Sometimes this is called the Secondary System Loader (SSL)

PDC

The PDC can be used to obtain hardware information regarding the server i.e firmware, etc. using the BCH interface a number of commands can be used:

all Display the collection of all information provided by other display commands typically resident in information menu
auto used to display or set status autoboot, autosearch or autostart flags
boot initiate boot sequence
bootid display of modify boot id for the present processors
bootinfo display the PDC-level info about configured parameters used for system boot
boottimer sets a delay value in the system to wait for external mass storage device to come online
cache display the information about the acahe memory portion of all installed processors
chassiscodes display a queue of the most recent chassis codes
chiprevisions used to display the revisions of major very large scale integration (VLSI) in the system
clearpim used to clear (zero) the contents of the processor internal memory (PIM)
configuration used to enter the configuration submenu
coprocessor display information about all coprocessors
cpuconfig all the user to configure or deconfigure processors in the system
default et the system to pre-defined settings
fan display or set the speed of the fan
fastboot display or set the fastboot flag
fwrversion displat the revision of the currently installed firmware
help returns help info for the command given
information used to access the information menu
io display I/O interface on all I/O modules in the system
lanaddress allows the user to display the station address
lanconfig configure the lan card
main user interface for PDC
memory display memory info for total amount of physical memory as well as configured memory in system
memread used to read memory locations
monitor allows the user to view and change the monitor type for graphics card
path used to set/display the system paths from stable storage
pdt display/clear the page deallocation table (PDT)
pim displays processor internal memory (PIM) info
processor displays info about the processor in the system
reset resets the machibe state
search search for boot devices in the system
secure display/set the secure node flag
service allows the user to go to the service menu
time read/set the real time clock in GMT
warnings display any warning messages that may have resulted from the previous PDC self test execution

ISL

There are a number of commands that you can use with the ISL:

help help facility
ls list ISL utilites
autoboot set/clear autoboot flag in stable storage
autosearch set/clear autosearch flag in stable storage
primpath modify primary boot path
altpath modify alternate boot path
conspath modify system console path
display display boot and console paths
lsautofl list contents of autoboot file
fastsize set/display fastsize
800support boots the s800 support kernel from the boot device
700support boots the s700 support kernel from the boot device
readnvm display contents of one word of nvm
readss display contents of one word of stable storage
lsbatch list contents of batch file
batch execute commands in batch file
lsest list contents of extended self test (EST) file
est execute commands extended self test (EST) file

Secondary System Loader (hpux)

hpux can have a number of arguements:

automatic boot No interaction - autoboot sequence
hpux -is bring up system in single user
hpux default boot sequence
hpux vmunix.test boot object file vmunix.test
hpux (52.5.0.0)/stand/vmunix boot from /stand/vmunix on the disk at path 52.5.0.0
hpux lan(32)/stand/vmunix boot from the network
hpux -v get hp-ux version numbers
hpux ll /stand list contents of /stand on root disk

The part of the boot that takes place after the hpux command is issued is in the four following parts

  1. hp-ux initialises the system hardware and devices
  2. hp-ux kernel data structures are created and initialised
  3. hp-ux searches for thr root filesystem
  4. hp-ux starts the init process called by /sbin/init - The init processes reads /etc/initab for direction

The following components are included in the startup/shutdown of hpux:

execution scripts these scripts are located in /etc/init.d
configuration variable scripts these files are located in /etc/rc.config.d
link files these files are located in the directory for the appropriate run level, sch as /sbin/rc0.d for run level 0 and /sbin/rc1.d for run level 1, etc
sequencer scripts this script invokes execution scripts based on run-level transition. This script is located in /sbin/rc

 

sysinfo

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
Server Release info cat /etc/release cat /etc/enterprise-release
cat /etc/redhat-release

lsb_release -a

cat /proc/version

cat /etc/lsb-release

lsb_release -a
/stand/kernrel

 

oslevel -r

Server Release info
Server type /usr/platform/`uname -i`/sbin/prtdiag -v dmidecode dmidecode

model
uname -a

prtconf | grep -i 'System Model' Server type
Hardware Info prtdiag -v
prtpicl -v [-c <class>]
prtconf -D

lspci
lsusb
lshal

Note: hal = hardware abstraction layer

lspci
lsusb
lshal

ioscan
ioscan -fun [disk|tape|lan]

/opt/ignite/bin/print_manifest
cat /var/opt/ignite/local/manifest/manifest.info

lscfg -v
lscfg -l ent0
lscfg -vl fcs0 (find the WWN of HBA adapter)

lsdev
lsdev -Cc disk
lsdev -Cc disk -p scsi0

lsslot -c [pci|phb|port]
lsslot -c pci -l ent0

lspath -l hdisk0

diag

Hardware Info
Operating System uname -a uname -a uname -a uname -a oslevel [-r|-s] Operating System
Memory /usr/platform/`uname -i`/sbin/prtdiag -v
prtconf | grep -i mem

cat /proc/meminfo (detailed)
free -om

cat /proc/slabinfo

cat /proc/meminfo (detailed)
free -om

cat /proc/slabinfo

dmesg | grep -i physical
/usr/sam/lbin/getmem
/opt/ignite/bin/print_manifest

cat /var/opt/ignite/local/manifest/manifest.info

prtconf -m
prtconf |grep -i memory
lsattr -El sys0 -a realmem
bootinfo -r
Memory
CPU (type, number, etc)

/usr/platform/`uname -i`/sbin/prtdiag -v

## display,offline,online
psrinfo
psradm -f 0 (offline)
psradm -n 0 (online)

cat /proc/cpuinfo (detailed) cat /proc/cpuinfo (detailed)

/opt/ignite/bin/print_manifest
sam -> performance monitors -> system properties

cat /var/opt/ignite/local/manifest/manifest.info

prtconf |grep -i processor CPU (type, number, etc)
Disk Drives

format
prtvtoc <device>

format -e (to convert EFI (zfs) to SMI)

Note:
EFI - Extensible Firmware Interface
SMI - Sun Microsystems Inc

fdisk -l
sfdisk -l (advanced server)
parted <device> print
partprobe -s <device>
fdisk -l
sfdisk -l (advanced server)
parted <device> print
partprobe <device>
ioscan -funC disk lsdev -Cc disk
lsdev -Cc disk -p scsi0 (specific controller)
lsdev -Cc disk -S [a|d|s] (available, defined, stopped)

lscfg -v -l hdisk0
Disk Drives
Kernel File and associated directories

/kernel/genunix

/platform/sparc/kernel
/platform/i86pc/kernel
/kernel
/usr/kernel

/boot/initrd.?????.img
/boot/vmlinuz
/boot/initrd.img-?????-server
/boot/vmlinuz-????-server
/stand/vmunix /unix

/usr/lib/boot
/usr/lib/drivers

Note: /unix - symbolic link to kernel file i.e /usr/lib/boot/unix_64
Kernel File
Kernel 32 or 64 isainfo -kv (solaris 9+)
isalist (sparc v9 will be listed first)
isainfo -b
uname -a
uname -m
getconf -a |grep -i 'long_bit'
uname -a
uname -m
getconf -a |grep -i 'long_bit'

getconf KERNEL_BITS ( version 11)
/opt/ignite/bin/print_manifest |grep -i 'os mode'

HPUX < version 11 all 32 bit

Note: determine if system supports 64 bit
getconf HW_CPU_SUPP_BITS
/opt/ignite/bin/print_manifest |grep -i 'hw capability'

 

prtconf -k
bootinfo -K
Kernel 32 or 64
Display Firmware At the OK prompt type banner boot into the BIOS (normally F2 or F12) boot into the BIOS (normally F2 or F12)

workstations:
reboot
enter PDC
type: IN (information menu)
type: FV (Firmware Version)

prtconf |grep -i firmware
lscfg -pv
invscout
Display Firmware
Display IRQ, IO ports and DMA n/a /proc/interrupts
/proc/ioports
/proc/dma
/proc/interrupts
/proc/ioports
/proc/dma
n/a prtconf Display IRQ, IO ports and DMA
GUI admin tool admintool linuxconf linuxconf sam smit
smitty
GUI admin tool


Memory and Swap

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
Memory /usr/platform/`uname -i`/sbin/prtdiag -v
prtconf | grep -i mem
cat /proc/meminfo (detailed)
free -om
cat /proc/meminfo (detailed)
free -om

dmesg | grep -i physical
/usr/sam/lbin/getmem
/opt/ignite/bin/print_manifest

cat /var/opt/ignite/local/manifest/manifest.info

prtconf -m
prtconf |grep -i memory
lsattr -El sys0 -a realmem
bootinfo -r
Memory
page size (memory) /usr/bin/pagesize /usr/bin/getconf -a| egrep -i 'pagesize|page_size' /usr/bin/getconf -a| egrep -i 'pagesize|page_size' dmesg |grep -i physical pagesize
pagesize -a (display all supported pagesizes)
page size (memory)
display swap swap -l
swap -s
cat /proc/swaps (detailed)
swapon -s
cat /proc/swaps (detailed)
swapon -s
swapinfo (displayed in KB)
swapinfo -m (display in Mb)
swapinfo -tm (total / Mb)
lsps -a (detailed)
lsps -s
display swap
adding swap

mkfile 5m /var/swapfile
swap -a /var/swapfile

update /etc/vfstab

device:
create partition with fdisk (type 82)
file(create 50MB swap file):
dd if=/dev/zero of=/var/swapfile bs=1024 count=50000

mkswap <device>|<file>
swapon <device>|<file>

update /etc/fstab

device:
create partition with fdisk (type 82)
file(create 50MB swap file):
dd if=/dev/zero of=/var/swapfile bs=1024 count=50000

mkswap <device>|<file>
swapon <device>|<file>

update /etc/fstab
Create logical volume or filesystem

swapon <device> | -f <logical device>
swapon -p 3 <device> | -f <logical device>

update /etc/fstab

Note: -p = priority swap number . The nswapdev tunable system parameter controls the maximum number of swap devices.
mkps -a -s 4 -n <volume group>

# change the attributes
chps -a n paging00 (don't use after restart)

# change the logical volume attributes (name in this case)
chlv -n <new name> <old old> (chang page space name)

Note:

-a reconfigure paging space after restart
-s size of the page space (logical partitions)
-n activiates the paging space (use swapoff to deactivate)

also see /etc/swapspaces file
adding swap
removing swap update /etc/vfstab
swap -d
swapoff <device>|<file>

Remove device or file as normal
swapoff <device>|<file>

Remove device or file as normal
remove entry from /etc/fstab
reboot
swapoff /dev/paging00
rmps paging00

Note: paging space must be deactiviated before removing
removing swap

Disks, Filesystems and Devices

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
Disk Drives

format
prtvtoc <device>

format -e (to convert EFI (zfs) to SMI)

Note:
EFI - Extensible Firmware Interface
SMI - Sun Microsystems Inc

fdisk -l
sfdisk -l (advanced server)
parted <device> print
partprobe <device>
fdisk -l
sfdisk -l (advanced server)
parted <device> print
partprobe <device>
ioscan -funC disk lsdev -Cc disk
lsdev -Cc disk -p scsi0 (specific controller)
lsdev -Cc disk -S [a|d|s] (available, defined,stopped)

lscfg -v -l hdisk0
Disk Drives
Disk serial Number, type, etc format
iostat -En
luxadm inq <disk> (A5x00 disk arrays)
hdparm -i /dev/hda
hdparm -I /dev/hda (detailed)

hdparm -Tt /dev/hda (speed test)

sdparm -i /dev/sdb

cat /proc/ide/ide0/hda/model
cat /proc/scsi/scsi
hdparm -i /dev/hda
hdparm -I /dev/hda (detailed)

haparm -Tt /dev/hda (speed test)

sdparm -i /dev/sdb

cat /proc/ide/ide0/hda/model
cat /proc/scsi/scsi

diskinfo -v /dev/rdsk/c0t4d0 (detailed but no serial number)
/opt/ignite/bin/print_manifest (no serial number)

## Insure that the online diagnostic support tools have been installed
swlist -l bundle | grep 'Support Tools'

## Command-Line Support Tools Manager (cstm)
## The run cstm
cstm
cstm> map
cstm> sel dev 4       (select the disk of you choice)
cstm> info
cstm> il                  (obtain the serial number)
cstm> quit

lscfg -vl hdisk0
lscfg -vl hdisk*
Disk serial Number, type, etc
Disk disk partitions prtvtoc <device>

cat /etc/vfstab

fdisk -l
sfdisk -l (advanced server)

cat /proc/partitions (very high level)
cat /etc/fstab

 

fdisk -l
sfdisk -l (advanced server)

cat /proc/partitions (very high level)
cat /etc/fstab

lvlnboot -v /dev/vg00
lifls -Clv <device>

# Display the LIF contents
lifcp /dev/dsk/c0t6d0:AUTO -

cat /etc/fstab

Note: Boot programs are stored in the boot area in Logical Interchange Format (LIF), which is similar to a file system. For a device to be bootable, the LIF volume on that device must contain at least the ISL
(the initial system loader) and HPUX (the HP-UX bootstrap utility) LIF files. ISL is like GRUB.

lsvg -l rootvg
lchangelv

cat /etc/filesystems

Disk disk partitions
List Raw Partitions use format to partition the disk then just use the slice as a raw partition, remember to use the character device

## Old way
/etc/sysconfig/rawdevices
service rawdevices start
chkconfig rawdevices on

## New way, Edit below file
/etc/udev/rules.d/60-raw.rules
udevinfo -d or udevadm

## Display raw partitions
raw -qa

mknod /dev/rawctl c 162 0
mknod /dev/raw/raw0 c 162 1
mknod /dev/raw/raw1 c 162 2
ln -s /dev/rawctl /dev/raw/rawctl

## map raw devices to the disk
raw /dev/raw/raw1 /dev/sdb1

## display raw devices
raw -qa
Just create a new LVOL without a filesystem - that's it.

Just create a new LVOL without a filesystem

# create a raw volume
mklv -y rawVolume vg01 10

 

List Raw Partitions
Filesystem commands df -k
df -h
df -k
df -h
df -k
df -h
bdf
df [-egiklnvfb]
df -k
lsfs [<filesystem>]
lsfs -q <filesystem> (detailed)
Filesystem commands
Filesystem (create|remove) newfs -v <raw device>

# Display how the filesystem was created
newfs -Nv <filesystem>
mkfs -t ext3 /dev/sdb1 mkfs -t ext3 /dev/sdb1 newfs -F vxfs -o largefiles /dev/vg01/rlvol1

mkfs -F vxfs -o largefiles /dev/vg01/rlvol1

Note: mkfs and newfs are a pointer to /sbin/fs_wrapper

crfs -v jfs2 -d data02lv -m /data02 -A yes

-v filesystem type
-d device or logical volume
-m mountpoint
-A mount after restart [yes|no]

rmfs -ri /data02

-r remove the mountpoint
-i display warning before removing

chfs -a size=+1G /var (grow by additional 1GB)
chfs -a size=1G /var (grow to 1GB in size)

Filesystem (create|remove|resize)
Tune Filesystems tunefs
fstyp -v <device> |grep -i minfree

tune2fs
tune2fs -l /dev/sda1

# change reserved blocks percentage to 1%
tune2fs -m 1 /dev/sda1

tune2fs
tune2fs -l /dev/sda1

# change reserved blocks percentage to 1%
tune2fs -m 1 /dev/sda1

tunefs -v <filesystem>
vxtunefs -v <filesystem>
fstyp -v <filesystem>

# Disk fragmentation
fsadm -F vxfs -E / (report)
fsadm -F vxfs -e / (defrag)
chfs

Note: you can perform the following
resize
freeze
change mountpoint
permissions
lots more..............................
Tune Filesystems
Force fsck



# Check to see filesystem needs checking
fstyp -v <filesystem> | grep fsclean
touch /forcefsck
shutdown -Fr now


tune2fs -l /dev/sdb<?> |grep -i 'filesystem state'
touch /forcefsck
shutdown -r now


tune2fs -l /dev/sdb<?> |grep -i 'filesystem state'

# edit /etc/default/rcS change below so
# you dont have to hang around
FSCKFIX=yes

 

 

# Look at the second line to see if a filesystem
# needs checking
tunefs -v <filesystem>

n/a Force fsck
backup filesystem ufsdump|ufsrestore
tar
dd
cpio
dump/restore
tar
dd
cpio
dump/restore
tar
dd
cpio
fbackup/frecover
dump/restore
ftio
tar
dd
cpio
backup|restore
tar
dd
cpio
backup filesystem
Display the boot device eeprom |grep boot-device
prtconf -pv |grep bootpath
prtpicl -v|grep ':bootpath'

cat /boot/grub/grub.conf
cat /etc/lilo.conf

grub = grand unified boot loader
lilo = linux loader

cat /boot/grub/menu.lst setboot bootinfo -b (display last boot device)
bootlist -m [normal|service] -o (display bootable devices)
Display the boot device
Setting the boot device setenv boot-device [<device>|<alias>]
eeprom boot-device [<device>|<alias>]

/boot/grub/grub.conf
/etc/lilo.conf

 

/boot/grub/menu.lst setboot -p <primary path>
setboot -a <alternate path>

# autoboot sequnce
setboot -b [on|off]
bootlist -m normal hdisk0 hdisk1 Setting the boot device
Creating boot device (MBR) installboot /usr/platform/`uname -i`/lib/fs/ufs/bootblk <raw-device> grub-install <raw-device>
lilo -v
grub-install <raw-device> mkboot -l <device>

Note: we are treating the disk as a LVM device
bosboot -a (uses default device)
bosboot -ad hdisk1
Creating boot device (MBR)
Format floppy drive fdformat -v -U
volcheck -v
newfs -v /vol/disk/aliases/floppy0
floppy --probe (use device obtained below )
floppy --createrc > /etc/fd0
floppy --format /dev/fd0
mkfs /dev/fd0
n/a n/a format -d /dev/rfd0
format -d /dev/fd0.18 (high format)
Format floppy drive
mount/unmount floppy volrmmount -l floppy0
eject floppy
mount /dev/fd0 /mnt/floppy
umount /mnt/floppy
n/a n/a mount /dev/rfd0 /floppy mount/unmount floppy
mount/unmount CDROM mount -F hsfs -o ro <device path> /cdrom/cdrom0
umount /cdrom/cdrom0

/etc/init.d/volmgr start
eject cdrom

mount -rt iso9660 /dev/cdrom /mnt/cdrom
umount /mnt/cdrom
eject cdrom

mount -rt iso9660 /dev/cdrom /mnt/cdrom
umount /mnt/cdrom
eject cdrom

mount -rF cdfs /dev/dsk/c1t6d0 /cdrom

start: /usr/sbin/pps_mountd
pps_mount

mount -v cdrfs -r /dev/cd0 /cdrom
umount /cdrom
mount/unmount CDROM
remount a filesystem n/a mount -o remount,rw / mount -o remount,rw / mount_vxfs -o remount,ro <filesystem>

mount -o remount,rw <filesystem>

Note:I did find a note that it should be possible to remount a jfs2 filesystem, but it did not work on my system

remount a filesystem
create boot disk or recovery tape n/a mkbootdisk `uname -r` (boot diskette) n/a recovery tape (preview)
make_tape_recovery -v -l -x inc_entire=vg00
/opt/ignite/bin/make_recovery -ACv
mksysb create boot disk or recovery tape
boot cdrom/diskette (single user) ok> boot cdrom -s using the grub window append the word single to the kernel line using the grub window append the word single to the kernel line enter PDC
> search
>boot p1 (cdrom)
interact with IPL? Y
ISL> hpux -is
based on a 9114-275 workstation
  1. Restart the machine.
  2. Wait the the AIX splash screen to come up. Devices begin to initialize here.
  3. When you see the [keyboard] word on screen hit the F5 button or the 5 key depending on your console.
  4. Choose “default boot list ” when the maintenance screen comes up.
boot cdrom/diskette (single user)
boot into maintenace mode ok> boot -as f10 or f12 f10 or f12 >boot pri
interact with IPL? Y
ISL> hpux -lm
based on a 9114-275 workstation
  1. Restart the machine.
  2. Wait the the AIX splash screen to come up. Devices begin to initialize here.
  3. When you see the [keyboard] word on screen hit the F5 button or the 5 key depending on your console.
  4. Choose “select boot options ” when the maintenance screen comes up, then option 1, then option 1 for scsi, then option 3 service mode boot
boot into maintenace mode
Device paths floppy:

disk:
/dev/dsk/c0t0d0s0

tape:
/dev/rmt/0ucb

cdrom:
/dev/dsk/c0t6d0s0
/dev/scd0 (external usb cd)

floppy:
/dev/fd0

disk:
/dev/hda or /dev/sda
/dev/hdb or /dev/sdb

tape:

cdrom:
/dev/hda (depends on number of IDE disks)

floppy:
/dev/fd0

disk:
/dev/hda or /dev/sda
/dev/hdb or /dev/sdb

tape:

cdrom:
/dev/hda (depends on number of IDE disks)

floppy:
n/a

disk:
/dev/dsk/c0t6d0

tape:
/dev/dsk/rmt/0

cdrom:
/dev/dsk/c1t6d0

floppy:
/dev/fd0
/dev/rfd0

disk:
/dev/hdisk0

tape:

cdrom:
/dev/cd0

Device paths
update /dev directory drvconfig
devlinks
disks|tapes|ports

devfsadm ( solaris 8, 9, 10)
/dev/MAKEDEV <device> /dev/MAKEDEV <device>

insf -C tape (Class)

insf -H 0.1.0 -e (recreate deleted link)

cfgmgr
cfgmgr -l scsi0

mkdev

update /dev directory
remove or change a device rem_drv     # remove all devices from a hardward path
rmsf -k -H 52.6.0
rmdev
rmdev -l cd0

chdev
chdev -l rmt0 -a ret=no
remove or change a device
list device drivers prtconf -D
sysdef
cat /proc/devices cat /proc/devices lsdev

lsdev
lsdev -Cc disk
lsdev -Cc disk -p scsi0

lsslot -c pci -l ent0

lscfg
lscfg -l ent0
lscfg -vl fcs0 (find the WWN of HBA adapter)

lspath -l hdisk0

getconf DISK_SIZE hdisk1 (detailed)

list device drivers

Networking

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
Basic network information
  (hostname, ip address)
/etc/hostname.hme0 /etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/network/interfaces /etc/rc.config.d/netconf stores information in the ODM (Object Database Manager) Basic network information
  (hostname, ip address)
displaying network interfaces prtdiag -v
ifconfig -a

kstat hme:0
kstat e1000g:0
ifconfig
system-config-network (GUI)
ifconfig ioscan -funC lan (list hardware)
lanscan -v (list configured)
ifconfig lan0 (individual)
ifconfig -a

entstat -d <interface>

lsdev -Cc if
lsdev -Cc tcpip

odmget -q "name=en0" CuAt

lsattr -EHl en0
displaying network interfaces
Configure network interface ifconfig ifconfig ifconfig ifconfig <interface>

mktcpip (completely setup a network interface)
rmtcpip (remove all network interfaces)

# configure an interface
mktcpip -h aix1 -a 192.168.1.200 -m 255.255.255.0 -i en1 -g 192.168.0.10

-h - hostname assigned to interface
-a - ip address
-m - netmask
-i - interface name
-g - gateway ip address

# remove an interface
ifconfig en1 detach

ifconfig (configures IP address)

chdev (add aliases to network interface)

Configure network interface
Starting and stopping a network interface ifconfig qfe0 up
ifconfig qfe0 down
/sbin/ifup eth0
/sbin/ifdown eth0
/sbin/ifup eth0
/sbin/ifdown eth0

ifconfig lan0 up
ifconfig lan0 down

note: there is no "ifconfig -a" in hpux use lanscan then "ifconfig <interface>"

ifconfig en0 up
ifconfig en0 down
ifconfig en0 detach (remove)

Starting and stopping a network interface
Setting NIC speed ndd -set <device> <parm> <value> (dynamically)
/etc/system (edit and update then reboot - permanent)
mii-tool -F 100baseTx-FD eth0
ethtool -s eth1 speed 100 duplex full
ethtool -s eth1 speed 100 duplex full ndd -set <device> <parm> <value>
lanadmin -X <option> lan0
chdev -l ent0 -a media_speed=1000_Full_Duplex -P
chdev -l ent0 -a media_speed=Auto_Negotiation -P

Note:
entX - physical device
enX - frame type run on entX
Setting NIC speed
Change NIC parameters

ndd -get <device> <parm>

# List parameters
ndd -get /dev/hme \?
ndd -get /dev/e1000g0 \?
ndd -get /dev/ip \?
ndd -get /dev/tcp \?

mii-tool -v
ethtool eth1
ethtool -t eth0 online

sysctl -a | grep net*

ethtool eth0

sysctl -a |grep net*

lanadmin -> lan -> display

## options supported
ndd -get /dev/ip ?
ndd -get /dev/tcp ?
ndd -get /dev/arp ?
ndd -get /dev/udp ?

netstat -v
entstat -d <interface>

no -a
no -o "ipforwarding=1"

NIC speeds or Parameters
Display NIC statistics       netstat -i [-I interface]
netstat -s
netstat -i [-f inet]
netstat -s
entstat -d <interface>
Display network statistics
display MAC address ifconfig -a (as user root) ifconfig
system-config-network (GUI)
ifconfig lanscan netstat -ia display MAC address
Displaying network packets snoop -d <interface>

tcpdump -i <interface>

ethereal (needs to be installed)

tcpdump -i <interface>

ethereal (needs to be installed)

nettl -start
nettl -status all
nettl -tn pduin pduout -e ns_ls_driver -file /var/adm/LAN
nettl -stop

use netfmt to display the trace file

tcpdump -i <interface>
iptrace -i <interface> <output file>
ipreport (used with iptrace to view reports)

Note: you must stop the iptrace by using "kill -15"

Displaying network packets
default router /etc/defaultrouter

route add default <gteway>

edit /etc/sysconfig/network

add: GATEWAY=<IP address>

edit /etc/network/interfaces

add: gateway <IP address>
/etc/rc.config.d/netconf route add 0 <gateway IP address>

Note: there is no file that holds the default router
default router
display routing table netstat -rn netstat -rn
route -n
netstat -rn
route -n
netstat -rn netstat -rn
netstat -r -f inet
lsattr -EHl inet0 -a route
display routing table
Test IPMP, Bonding

if_mpadm -d           (detach)
if_mpadm -r           (reattach)

tail /var/adm/messages

ifenslave -d bond0 eth1   (detach)
ifenslave bond0 eth1       (reattach)

cat /proc/net/bonding/bond0

ifenslave -d bond0 eth1   (detach)
ifenslave bond0 eth1       (reattach)

cat /proc/net/bonding/bond0

You buy an optional product called Auto-Port Aggragation. smitty etherchannel (creates, deletes and tests)

entstat -d ent0
Test IPMP, Bonding
change the hostname

change the following files:

/etc/nodename
/etc/hostname.<interface>
/etc/inet/hosts
/etc/inet/ipnodes
/etc/net - few files in here as well

/etc/sysconfig/network
/etc/hosts

sysctl -a |grep hostname
/etc/hostname
/etc/hosts

sysctl -a |grep hostname
set_parms hostname (requires reboot) hostname <new hostname>
chdev -l inet0 -a hostname=<hostname>
change the hostname
setup DNS /etc/resolv.conf /etc/resolv.conf /etc/resolv.conf /etc/resolv.conf /etc/resolv.conf setup DNS
Name service switch file (DNS client)

/etc/nsswitch.conf
/etc/resolv.conf

/etc/nsswitch.conf
/etc/host.conf
/etc/resolv.conf
/etc/nsswitch.conf
/etc/host.conf
/etc/resolv.conf
/etc/nsswitch.conf
/etc/resolv.conf
/etc/netsvc.conf
/etc/resolv.conf
/etc/irs.conf (may not be there)

chnamsv     (change name service)
rmnamsv     (remove a name service)
lsnamsv -C   (list name services)
Name service switch file (DNS client)
Flush DNS cache svcadm restart system/name-service-cache:default ## if installed
service nscd restart
  n/a netcdctrl -t dns -e hosts -f Flush DNS cache
Domain Name /etc/defaultdomain /etc/sysconfig/network  (HOSTNAME option)
/etc/resolv.conf

Note: for NIS use the NISDOMAIN option
/etc/host
/etc/resolv.conf
/etc/rc.config.d/netconf domainname <domainname> Domain Name
Obtain IP Address routing route -n get <hostname>
traceroute
ip route get <IP address>
traceroute
ip route get <IP address>
traceroute
n/a route -n get <hostname> Obtain IP Address routing
Find Services on the network

Boot (jumpstart) servers:
rpcinfo -b bootparam 1

NFS servers:
rpcinfo -b mountd 1

NIS servers/slaves:
rpcinfo -b ypserv 1

Boot (jumpstart) servers:
rpcinfo -b bootparam 1

NFS servers:
rpcinfo -b mountd 1

NIS servers/slaves:
rpcinfo -u <yp server> ypserv

Boot (jumpstart) servers:
rpcinfo -b bootparam 1

NFS servers:
rpcinfo -b mountd 1

NIS servers/slaves:
rpcinfo -u <yp server> ypserv

Boot (jumpstart) servers:
rpcinfo -b bootparam 1

NFS servers:
rpcinfo -b mountd 1

NIS servers/slaves:
rpcinfo -b ypserv 1

Boot (jumpstart) servers:
rpcinfo -b bootparam 1

NFS servers:
rpcinfo -b mountd 1

NIS servers/slaves:
rpcinfo -b ypserv 1

Find Services on the network

Crash Dump

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
Crash Dump

dumpadm -d <device>

crash (used to analyse crash dumps)
adb (used to analyse crash dumps)

diskdump
netdump
kdump (part of kexec rpm)

/etc/kdump.conf (select where you want the dump to go)
service kdump start
chkconfig kdump on

## to crash the system
echo "c" > /proc/sysrq-trigger

crash (used to analyse crash dumps)

diskdump
netdump
kdump (part of kexec rpm)

/etc/kdump.conf (select where you want the dump to go)
service kdump start
chkconfig kdump on

## to crash the system
echo "c" > /proc/sysrq-trigger

crash (used to analyse crash dumps)

edit /stand/system

add either:
dump 2/0/1.5.0
dump lvol
dump none

# crash config file
/etc/rc.config.d/savecrash

 

sysdumpdev -l (list dump destination)
sysdumpdev -e (estimates dumpsize)
sysdumpdev -L (info)

sysdumpstart -p (start dump primary)
sysdumpstart -s (start dump secondary)

# set the dump device permanently
sysdumpdev -p <dump device> -P

# analyse dump file
echo "stat\n status\n t -m" | crash /var/adm/ras/vmcore.0

Crash Dump

Performance Monitoring and Diagnostics

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
CPU top (sunfreeware)
prstat
sar
mpstat
w          (load average)
uptime   (load average)
ps
vmstat
top
sar
mpstat
w          (load average)
uptime   (load average)
ps
vmstat
procinfo
oprofile
cat /proc/cpuinfo
top
sar
mpstat
w          (load average)
uptime   (load average)
ps
vmstat
procinfo
cat /proc/cpuinfo
top
sar
w          (load average)
uptime   (load average)
ps
vmstat
glance
sam

topas -P
topas -L  (logical partitions)
mpstat
sar -c
w          (load average)
uptime   (load average)
lparstat
ps
iostat -tT 1
tprof
curt

CPU
Memory prstat
vmstat
top
sar
free
vmstat
top
procinfo
slabtop
sar
cat /proc/meminfo
free
vmstat
top
procinfo
slabtop
sar
cat /proc/meminfo
top
vmstat
sar
sam
glance
topas
vmstat
sar -b
svmon
ps
ipcs -a
lockstat (version 4)
rmss
Memory
Network I/O ndd
netstat
lsof
snoop
route
ethtool
mii-tool
netstat
lsof
tcpdump
ip
iptraf
ethtool
mii-tool
netstat
lsof
tcpdump
ip
iptraf
netstat
lanadmin
sam
glance
[ent|tok|fddi|atm]stat
netstat
netpmon (trcstop to stop trace)
Network I/O
Disk I/O sar -d
iostat
vmstat
lsof
sar -d
iostat
vmstat
lsof
sar -d
iostat
vmstat
lsof
iostat
sar
sam
glance
topas -D   (disk)
topas -F   (filesystem)
iostat
sar -D
fcstat (fibre)
lvmstat
filemon (trcstop to stop)
fileplace

# disk stat history
chdev -l sys0 -a iostat=true
lsattr -HEl sys0 -a iostat
Disk I/O
Application truss -p <pid> strace -p <pid> strace -p <pid> download and install tusc

tusc -p <pid>

topas
truss
sar
probevue
tprof
svmon -P <pid>

Application
NFS nfsstat nfsstat nfsstat nfsstat nfsstat
NFS

Kernel Modules and Parameters

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
display loaded modules modinfo cat /proc/modules (more detailed)
lsmod

Location:
/lib/modules/`uname -r`/kernel/drivers

Config:
/etc/modprobe.conf
/etc/modprobe.d

cat /proc/modules (more detailed)
lsmod

Location:
/lib/modules/`uname -r`/kernel/drivers

Config:
/etc/modprobe.d/options
/etc/modprobe.d

kmadmin -k
genkex display loaded modules
load modules modload -p drv/<module name>
modprobe <module>
insmod
modprobe <module>
insmod
kmadmin -L <module name> n/a load modules
unload modules modunload -i <module number> modprobe -r <module>
rmmod
modprobe -r <module>
rmmod

kmadmin -U <module name>
kmadmin -u <module id>

n/a unload modules
set kernel parameters (tuning) /etc/system (edit and reboot) /etc/sysctl.conf (edit and update then reboot)
sysctl -p <filename>

sysctl -w param=value

No reboot (dynamically):
echo "250 32000 100 28" > /proc/sys/kernel/sem
echo "536870912" > /proc/sys/kernel/shmmax
echo "4096" > /proc/sys/kernel/shmmni
echo "2097152" > /proc/sys/kernel/shmall
etc.............................................

/etc/sysctl.conf (edit and update then reboot)
sysctl -p <filename>

sysctl -w param=value

No reboot (dynamically):
echo "250 32000 100 28" > /proc/sys/kernel/sem
echo "536870912" > /proc/sys/kernel/shmmax
echo "4096" > /proc/sys/kernel/shmmni
echo "2097152" > /proc/sys/kernel/shmall
etc.............................................

kcweb (11i)
kctune (11i only)
rebuild kernel (< 11i see below)

chdev -l sys0 -a <parameter>=<value>
no -a          (network)
vmo -a        (virtual memory)
nfso -a        (NFS)
ioo -a         (Input/Ouput) 
raso -a        (reliability, availability, serviceability)
schedo -a   (processor scheduler)

vi /etc/security/limits
cd /etc/tunables

tunchange, tundefault, tunsave, tunrestore, tuncheck

Note: most parameters are dynamically changed in AIX , for example memory segments are dynamically adjusted

set kernel parameters
display kernel parameters cat /etc/system
sysdef -i
sysctl -a
cat /etc/sysctl.conf

cat /proc/sys/kernel/sem
cat /proc/sys/kernel/shmmax
etc...................................
sysctl -a
cat /etc/sysctl.conf

cat /proc/sys/kernel/sem
cat /proc/sys/kernel/shmmax
etc...................................
kctune (11i only)
sysdef
kmtune
kmsystem
/usr/sam/lbin/getkinfo -f /stand/vmunix -o /tmp/kernel.data
lsattr -EHl sys0

Note: only a few kernel parameters can be changed
display kernel parameters
build kernel

edit and update file then reboot:
/etc/system

cd /usr/src/linux-2.5
edit Makefile (change EXTRAVERSION)
make mrproper
backup .config
make xconfig
make dep
make bzImage
make modules
move new kernel
make modules_install
change lilo/grub config file
reboot
 

cd /stand/build
/usr/lbin/sysadm/system_prep -v -s system
edit system file
/usr/sbin/mk_kernel -s ./system
mv /stand/system /stand/system.old
mv /stand/vmunix /stand/vmunix.old
mv /stand/build/system /stand
mv /stand/build/vmunix_test /stand/vmunix
reboot

chdev -l sys0 -a <parameter>=<value>

Note: most parameters are dynamically changed in AIX , for example memory segments are dynamically adjusted
build kernel
interprocess communication ipcs -a ipcs -a ipcs -a ipcs -a ipcs -a interprocess communication

Services

 
Solaris 10
Red Hat
Ubuntu/Debian
HP
AIX
 
display services

svcs -a
inetadm -l

service --status-all There is no services or chkconfig command use the old fashioned way /etc/init.d/<service> There is no services or chkconfig command
use the old fashioned way /sbin/init.d/<service>
lssrc -a display services
start services svcadm enable nfs service nfs start startsrc -s <subsystem>
startsrc -g <group>
start services
stop services svcadm disable nfs service nfs stop stopsrc -s <subsystem>
stopsrc -g <group>
stop services
reload service svcadm refresh nfs service nfs reload refresh -s <subsystem> reload service
restart service svcadm restart nfs service nfs restart stopsrc -s <subsystem>
startsrc -s <subsystem>
restart service
service status svcs nfs service nfs staus lssrc -a service status
service dependencies svcs -d network n/a n/a service dependencies
service dependants svcs -D network n/a n/a service dependants
service logging, etc /var/svc/log
/var/svc/manifest
/lib/svc/method
n/a /var/adm/ras
/etc/syslog.conf
/etc/rc.tcpip
service logging, etc
change service startup n/a chkconfig --levels 2345 nfs on n/a change service startup
Add a new service n/a

# Create your stop/start
# script in /etc/init.d

chkconfig --add <script>

   

Patching / Software

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
display installed patches showrev -p
patchadd -p
    swlist -l bundle
swlist -l product
swlist -l patch
instfix -ia display installed patches
adding patch patchadd
patchadd -M <dir> (multiple patches)
patch -p1 <patch>

zcat patch46.gz | patch -p1

Note: -p = # of path stripping
 


swcopy (install patch into depot)
swinstall (install patch from depot)

Note: the swagentd daemon must be running

instfix -k adding patch
removing patch patchrm patch -R -p1 <patch>   swremove installp -r removing patch
display installed packages pkginfo (all packages)
pkginfo -l (single package)
pkgchk -l -p <file> (file belongs)
rpm -qa (all packages)
rpm -q (single package)
rpm -qf (file belongs)
rpm -qi <package> (very detailed)
dpkg -l
dpkg -S <search string> (search)
dpkg -S <filename> (file belongs)
dpkg -s <package> (status)
dpkg -p <package> (detailed)
swlist -l bundle <bundle>
swlist -l product <product>

## check a package
swlist -s <full_path/software>

lslpp -L all (all filesets)
lslpp -L <package> (single fileset)
lslpp -w <file> (file belongs)
lslpp -ha (history of filesets)

rpm -qa (all packages)
rpm -q (single package)
rpm -qf (file belongs)
rpm -qi <package> (very detailed)

oslevel -g (install packkages above os level)

whereis <filename>
which_fileset <filename>

display installed packages
adding package pkgadd rpm -Uhv (updates/installs if not already)
rpm -ihv (install)
dpkg -i <package> swinstall
swinstall -s <full_path/software>

installp -a
installp -c (cleanup after failed install)

rpm -i

geninstall (generic installer: installp, RPM, etc)

adding package
removing packages pkgrm rpm -e <package> dpkg -r <package> (do not remove config files)
dpkg -P <package> (remove config files)
swremove

installp -u (commited packages)
installp -r (applied packages)

rpm -e <package>

geninstall -u <package>

removing packages
verify package

pkginfo -l
pkginfo -p

rpm -V <package> n/a swverity <fileset> (see /var/adm/sw/swagent.log) lppchk -v

rpm -V <package>
verify package
List files in package pkgchk -l <package> | grep -i pathname rpm -ql <package> dpkg -L <package> (list files) swlist -l file <product>

lslpp -f <fileset>

rpm -ql <package>

List files in package
Package directory /var/sadm /var/lib/rpm /var/lib/dpkg/info /var/adm/sw

/usr/lpp

/var/lib/rpm

Package directory
List libraries required for binary program ldd <file> ldd <file> ldd <file> chatr <file> ldd <file> List libraries required for binary program

Accounts

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
display users cat /etc/passwd

logins -x
cat /etc/passwd
system-config-users (GUI)
cat /etc/passwd cat /etc/passwd
logins -x
cat /etc/passwd

lsuser -f ALL   (detailed)
display users
create a user useradd useradd
system-config-users (GUI)
useradd useradd
sam
mkuser
useradd
create a user
remove a user userdel userdel
system-config-users (GUI)
userdel userdel
sam
rmuser
userdel
remove a user
modify a user usermod usermod
system-config-users (GUI)
usermod usermod
sam
chuser -a
usermod
passwd -f
passwd -s
chfn <username>
chfn <username><shell>
modify a user
change user password passwd passwd passwd passwd passwd
pwdadm
pwdck -t ALL
change user password
create a group groupadd groupadd groupadd groupadd mkgroup <group name> create a group
remove a group groupdel groupdel groupdel groupdel rmgroup <group name> remove a group
modify a goup groupmod groupmod groupmod groupmod chgroup <attribute><group name> modify a goup
password files /etc/passwd
/etc/shadow
/etc/passwd
/etc/shadow
/etc/passwd
/etc/shadow
/etc/passwd
/tcb/files/auth/r/root (trusted system)
/etc/security/passwd password files
useful user commands id -a
whoami
who
w
finger
id -a
whoami
who
w
finger
id -a
whoami
who
w
finger
id
whoami
who
w
uptime (displays # of users logged in)
finger
id
whoami
who
w
uptime (displays # of users logged in)
finger

# License information
lslicense
chlicense

# Maximum number of processes for a user
lsattr -D -l sys0 -a maxuproc
chdev -l sys0 -a maxuproc=<number>
useful user commands
useful group commands groups
setpgrp
newgrp
groups groups groups
setprivgrp
groups
setgroups
lsgroup ALL
useful group commands

NFS

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
NFS Daemons server: mountd, nfsd
client: statd, lockd
server: rpc.mountd,nfsd
client: rpc.statd, lockd

server: rpc.mountd,nfsd
client: rpc.statd, lockd

server: rpc.mountd, nfsd
client: rpc.statd, lockd

server: rpc.mountd, nfsd
client: rpc.statd, rpc.lockd

NFS Daemons
NFS files /etc/dfs/dfstab
/etc/dfs/sharetab
/etc/rmtab
/etc/exports
/var/lib/nfs/etab
/var/lib/nfs/xtab
/etc/exports
/var/lib/nfs/etab
/var/lib/nfs/xtab
/etc/exports
/etc/xtab
/etc/exports
/etc/xtab
NFS files
List nfs clients that have a remote mount /etc/rmtab /var/lib/nfs/rmtab /var/lib/nfs/rmtab /etc/rmtab /etc/xtab List nfs clients that have a remote mount
display nfs shares dfshares
showmount -e localhost
showmount -e localhost showmount -e localhost showmount -e localhost exportfs
showmount -e localhost
display nfs shares
create nfs share /etc/dfs/dfstab (edit and add share)
share <path>

## dfstab example
share -F nfs -d "jumpstart" /export/jumpstart
redhat-config-nfs (GUI)

/etc/exports (edit and add share)
/sbin/service nfs reload

## /etc/exports example
/export *(rw,fsid=0,insecure,no_root_squash,sync)
/etc/exports (edit and add share, see below example)
exportfs -rav (export the shares)

/etc/init.d/portmap restart
/etc/init.d/nfs-kernel-server restart

## /etc/exports example
/export *(rw,fsid=0,insecure,no_root_squash,sync)

/etc/rc.config.d/nfsconf (edit)
/etc/exports (edit and add share)
exportfs -a

mknfsexp -d <directory>
mknfsmnt

shareall
create nfs share
uncreate nfs share unshare <path>
/etc/dfs/dfstab (edit and remove share)
/etc/exports (edit and remove share)
/sbin/service nfs reload
/etc/exports (edit and remove share)
exportfs -rav (export the shares)
/etc/rc.config.d/nfsconf (edit)
exportfs -au (unshare all)
exportfs -u /home/vallep
/etc/exports (edit and remove share)
rmnfsexp  -d <directory> (unshares and removes from file)

exportfs -u <filesystem>
unshareall

uncreate nfs share
start/change nfs daemons

/etc/init.d/nfs.server start
/etc/init.d/nfs.client start

svcadm enable nfs/server
svcadm disable nfs/server

/sbin/service nfs start /etc/init.d/portmap start
/etc/init.d/nfs-kernel-server start
/sbin/init.d/nfs.core start
/sbin/init.d/nfs.server start
/sbin/init.d/nfs.client start
mknfs
chnfs

startsrc -s nfsd
startsrc -s rpc.mountd
start/change nfs daemons
stop nfs daemons /etc/init.d/nfs.server stop
/etc/init.d/nfs.client stop
/sbin/service nfs stop /etc/init.d/portmap stop
/etc/init.d/nfs-kernel-server stop
/sbin/init.d/nfs.client stop
/sbin/init.d/nfs.server stop
/sbin/init.d/nfs.core stop
rmnfs

stopsrc -s nfsd
stopsrc -s rpc.mountd
stop nfs daemons
nfs status ps -ef|grep < nfs daemons> /sbin/service nfs status /etc/init.d/nfs-kernel-server status ps -ef | grep <nfs daemons> lssrc -a |grep -i nfs nfs status
nfs reload shareall /sbin/service nfs reload exportfs -rav (export the shares) exportfs -a exportfs -av nfs reload
nfs performanace nfsstat nfsstat nfsstat nfsstat nfsstat nfs performanace
nfs Options n/a cat /var/lib/nfs/etab cat /var/lib/nfs/etab n/a nfso -a
nfso -o <option>=<value>

exportfs (display options)
nfs Options
solaris/redhat mount problems (nfs v3 to v4) ## Make sure you use NFS version 3
mount -F nfs -o vers=3 <mount> <mountpoint>
n/a n/a n/a n/a solaris/redhat mount problems (nfs v3 to v4)

NTP

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
Time daemons

xntpd

ntpd

ntpd xntpd xntpd Time daemons
ntp setup

# Solaris 8
/etc/ntp.conf
/etc/ntp.server
/etc/ntp.client

/etc/rc2.d/xntpd [start|stop]

# Solaris 10
/etc/inet/ntp.server
/etc/inet/ntp.client

svcadm enable ntpd

/etc/ntp.conf (edit with ntp servers)
dateconfig (GUI)

chkconfig --list ntpd
chkconfig --level 2345 ntpd on
/sbin/service ntpd start

/etc/default/ntp
/etc/ntp.conf

/etc/init.d/ntp [start|stop|restart]

/etc/rc.config.d/netdaemons (set XNTPD to 1)
/etc/ntp.conf

/etc/ntp.conf

startsrc -s xntpd
stopsrc -s xntpd

lslpp -L all|grep xntpd

ntp setup
ntp daemon options /lib/svc/method/xntp /etc/sysconfig/ntpd /etc/default/ntp /etc/rc.config.d/netdaemons

startsrc -s xntpd -a "-x"

/etc/rc.tcpip

ntp daemon options
NTP Trace commands ntpq -p
ntptrace
ntpq -p
ntptrace
ntpq -p
ntptrace
ntpq -p
ntpdate (set the date)
ntpq -p
ntptrace
ntpdate
NTP Trace commands

Log Files

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
messages /var/adm/messages /var/log/messages /var/log/messages /var/adm/syslog/syslog.log /var/adm/ras
messages
syslog /var/log/syslog /var/log/syslog /var/log/syslog /var/adm/syslog/syslog.log /var/adm/ras
syslog
mail   /var/log/mail /var/log/mail.* /var/adm/syslog/mail.log /usr/spool/mqueue/syslog
mail
cron /var/cron/log /var/log/cron /var/log/cron.log /var/adm/cron/log /var/adm/cron/log
cron
boot /var/adm/messages
dmesg
/var/log/boot
dmesg
/var/log/boot
dmesg
/var/adm/syslog/syslog.log
dmesg
/var/adm/ras

alog -o -t boot
alog -o -t console
alog -L  (list all the logs available)
boot
Error logging logger logger logger logger

/usr/lib/errdemon -l (display attributes)
/usr/lib/errdemon (start error logging)
/usr/lib/errstop (stop error logging)

# use with above errorlog file
errpt (summary errorlog report)
errpt -a (detailed errorlog report)
errpt -j <identifier> (single errorlog report)

errclear (clears errorlog)
errclear -d <class><days> (clears class errors)

errlogger "message upto 230 chars"

Error logging

Security

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
Checking the passwd file pwck pwck pwck pwck
pwdck -t ALL
usrck -t ALL
Checking the passwd file
checking the group file grpck grpck grpck grpck grpck checking the group file
console login (allow/deny) # No reboot required
/etc/default/login
# No reboot required
/etc/securetty
# No reboot required
/etc/securetty
# No reboot required
/etc/securetty

Note: you may need to create this file if it does not exist
# No reboot required
/etc/security/user

chsec -f /etc/security/user -s root
console login (allow/deny)

Misc

 
Solaris
Red Hat
Ubuntu/Debian
HP
AIX
 
startup

eeprom

setenv boot-device

grub (GUI)
lilo (text based)
grub (GUI) setboot -p <primary path>
setboot -a <alternate path>

# autoboot sequnce
setboot -b [on|off]
bootlist -m normal hdisk0 hdisk1 startup
shutdown

shutdown -i5 -g0 -y (power down)
shutdown -i6 -g0 -y (reboot)
shutdown -i0 -g0 -y (OK prompt)

reboot -- -r (reboot/reconfigure)

touch /reconfigure

shutdown -h (halt)
shutdown -r (reboot)
shutdown -f (fast reboot no fsck)
shutdown -F (force fsck)

shutdown -h (halt)
shutdown -r (reboot)
shutdown -P (power off)

touch /forcefsck

# edit /etc/default/rcS change below so
# you dont have to hang around
FSCKFIX=yes

shutdown -h now (halt)
shutdown -r now(reboot)
shutdown -F (fast shutdown)
shutdown -Fr (fast shutdown and reboot)
shutdown
Change run level halt
init
poweroff
reboot
shutdown
telinit
uadmin
halt
init
poweroff
reboot
shutdown
telinit
halt
init
poweroff
reboot
shutdown
telinit
init
reboot
shutdown
init
shutdown
reboot
telinit
halt
Change run level
init status
0
1
2
3
4
5
6


0 - shutdown
1 - single user
2 - n/a
3 - Multi-user
4 - n/a
5 - power off
6 - reboot

 

# change default
vi /etc/inittab


0 - halt
1 - single user
2 - multiuser (no networking)
3 - multiuser (networking)
4 - unused
5 - GUI
6 - reboot

 

# change default
vi /etc/inittab


0 - halt
1 - single user
2 - multiuser (default)
3 - same as 2
4 - same as 2
5 - same as 2
6 - reboot



# change default - change all the telinit
vi /etc/event.d/rc-default


0 - halt
1 - single users
2 - multiuser (networking)
3 - multiuser (networking, NFS, and CDE GUI) (default)
4 - multiuser (netwrking, NFS, and VUE GUI)
5 - n/a
6 - n/a

 

# change default - change the initdefault line
vi /etc/inittab


0 - reserved
1 - reserved
2 - multiuser mode with NFS
3 - user defined
4 - user defined
5 - user defined
6 - user defined
7-9 - user defined

# change default - change the initdefault line
vi /etc/inittab

init status
0
1
2
3
4
5
6
Startup options -s single user
-a interactive
-x no device drivers (used in clustering)
-r reconfigure devices
-m milestone

single  - use grub to edit kernel line
emergency - use grub to edit kernel line
linux rescue - use at the boot prompt

single: runlevel1, local fs mounted, no network
emergency: root fs read-only, no init files run
rescue: use cd-rom/network, root mounted as /mnt/sysimage

single  - use grub to edit kernel line
emergency - use grub to edit kernel line
linux rescue - use at the boot prompt

single: runlevel1, local fs mounted, no network
emergency: root fs read-only, no init files run
rescue: use cd-rom/network, root mounted as /mnt/sysimage

interact with IPL? Y

# single user
ISL> hpux -is

# Logical volume maintanence mode
ISL> hpux -lm

# No quroum check
ISL> hpux -lq

Based on 9114-275 workstation

1. switch off the machine

2. power on and enter the SMS menu

Note: to enter the SMS menu press numeric 1 after the word keyboard but before the word speaker


Startup options
startup scripts /etc/init.d

/etc/rc0.d - /etc/rc6.d
/etc/init.d

/etc/rc0.d - /etc/rc6.d
/etc/init.d

/etc/rc0.d - /etc/rc6.d
/sbin/init.d
/etc/rc.config.d (startup config files)

/sbin/rc0.d - /sbin/rc6.d

/etc/rc.d
/etc/rc.d/init.d

/etc/rc.d/rc2.d - rc9.d

/etc/rc.* (config files for auto-starting)

also uses the System Resource Controller

startup scripts
boot prompt commands

boot
printenv
setenv
banner
devalias
show-devs
show-pci-devs-all
probe-scsi-all
probe-fcal-all
probe-pci
watch-net-all
reset-all

F10 or F12 F10 or F12 interact with IPL? Y

Based on a 9114-275 workstation

1. switch off the machine

2. power on and enter the SMS menu

Note: to enter the SMS menu press numeric 1 after the word keyboard but before the word speaker

boot prompt commands
Boot process

Phases:

  • Boot PROM: displays system information, run POST, load bootblk, locate ufsboot
  • Boot Programs: bootblk loads and executes the ufsboot
  • Kernel Initialization: ufsboot loads and executes the core kernel, initializes core kernel data structures, loads other kernel modules based on the /etc/system file, starts /sbin/init program
  • init: starts other processes based on the /etc/inittab file

Boot sequence

  1. BIOS
  2. POST
  3. Master Boot Record (MBR) - point to the bootloader GRUB or LILO
  4. GRUB (stage 1) - point to GRUB stage 1_5
  5. GRUB (stage 1_5) - deals with specific filesystem types look at /boot/grub/*1_5 files
  6. GRUB (stage 2) – reads /etc/grub.conf and displays the grub menu, it specifies the kernel and the initrd files
  7. KERNEL - control given to the kernel
  8. INIT - reads /etc/inittab and runs /etc/rc.d/rc.sysinit script

Boot sequence

  1. BIOS
  2. POST
  3. Master Boot Record (MBR) - point to the bootloader GRUB or LILO
  4. GRUB (stage 1) - point to GRUB stage 1_5
  5. GRUB (stage 1_5) - deals with specific filesystem types look at /boot/grub/*1_5 files
  6. GRUB (stage 2) – reads /boot/grub/menu.lst and displays the grub menu, it specifies the kernel and the initrd files
  7. KERNEL - control given to the kernel
  8. INIT - runs the /etc/event.d/rc-default script

Phases:

  1. PDC - processor-dependent code; executes and performs self-tests
  2. ISL - initial system loader; loads the secondary system loader hpux
  3. HPUX - is the secondary system loader and loads the kernel /stand/vmunix, then hands over to the kernel
  4. KERNEL - swapper processes are started by the kernel then starts the init process
  5. INIT - reads /etc/inittab

Phases:

  • Read Only Storage (ROS): check the system board, perform POST, locate and load boot image, begin system initialization and execute phase 1 of the /etc/rc.boot script
  • Base Device Configuration: start configuration manager to configue base devices
  • System Boot: start init process phase 2, switch to hard-disk root filesystem, start other processes defined by /etc/inittab and execute phase 3 of the /etc/rc.boot script
Boot process
determine the run level who -r runlevel
who -r
runlevel
who -r
who -r who -r determine the run level
obtain default run level cat /etc/inittab cat /etc/inittab /etc/event.d/rc-default /etc/inittab /etc/inittab obtain default run level
list locale locale -a locale -a locale -a locale -a locale -a list locale
start xwindows n/a startx (shorthand of below)
initx (lots of parms)
  n/a n/a start xwindows
initialize system sys-unconfig     set_parms [initial|hostname|ip_address|timezone]

Note: set_parms is in /sbin
install_assist initialize system
Timezone /etc/TIMEZONE
/etc/default/init
/etc/sysconfig/clock
/usr/share/zoneinfo/zone.tab
/etc/timezone
/usr/share/zoneinfo/zone.tab
/etc/TIMEZONE /etc/environment
/etc/profile
Timezone

 

HOW-TO

HP-UX 101

The default setup of HP-UX often "messes up" ^C and '@' symbol.
Default HP-UX /etc/profile map interrupt to "DEL" and kill to @.
This cause lot of confusion.  So, I recommend that you update your keyboard
mapping once you get to a shell prompt:
	stty intr
	stty kill
	stty -a	# check your settings.

sam
Text User Interface (TUI) for sys config (GUI version avail if DISPLAY set to working X server).				
in /usr/sbin
SAM is your friend.  It should be the first place to try if you are admin from another OS :)
Not as good as aix smitty, but better than solaris that have nothing!
Use TAB key to move around, space key for select.  Arrow key works.

--0--

some of the major files location:
/etc/hosts
/etc/nsswitch.conf
/etc/fstab
/etc/lvmconf/vgNN   (binary files, but see all volume grp here)
/sbin/rc.config.d/
/sbin/rc.d/

System Setup

***** Initial system install checklist:   *****


Ensure that / and /usr are fairly big, as these are not not expandable
unless in single user mode (or maybe onlineJFS).
Most other volumes still need to be unmounted before fs can grow,
so estimating correct size is pretty important.
OnlineJFS should allow fs expansion w/o unmount like AIX, but more money.




Get latest of all 4 of BUNDLE11i, HWEnable11i, GoldApp and GoldBase and install them.
Factory OS install included the latest release of all the above 4 patch bundles.

After bundles, java patches may still be needed.  See:
http://www.hp.com/products1/unix/java/patches/index.html

Upgrading OS.
Default CD media allow for both initial setup and upgrade.
Upgrade has special procedure to install lot of depot first when system still
running.  riptide was upgraded from 11.00 to 11.11, seems to run fine.


--------------

Update HP-UX from 10x and 11.0 to 11i:
install update-ux software from CD, then run
/usr/sbin/update-ux -s /cdrom HPUX11i-OE.

Refer to Install and update guide in "Instant Documentation" CD.

--
HP-UX versions
PA-RISC: 10.20 (EOL), 11.00 (11), 11.11 (11i),               11.23 (ca 2005/05)
Itanium:                                       11.20, 11.22, 11.23


Boot Time Troubleshooting

Recovery of unbootable system. Default setup CD has option to do this. It may help when VxFS has crashed some critical OS partitions. booting HP-UX machine into single user mode. http://www.unixhub.com/docs/hpux/hpux_boot.html (Connect dumb terminal to serial console) Press and hold ESC at the beginning of the boot process (it should prompt, but if not, just hit ESC like crazy). In the PDC (firmware processor dependent code), enter BO to boot. (or BO P0 isl), where P0 is the boot device to use, whohwn by SEArch. When it ask whether to use interactive ISL (initial system load), say yes. a the ISL prompt, enter : hpux -is [ thre is a 'hpux -lm' for maintenance mode also it probably doesn't mount the / fs using normal method and thus VxFS stuff will not work -lm = lvm maint mode, sometime -is won't work when lvm is corrupted. -lq = lvm, ignore failed mirror drive allow booting of machine when one of the mirrored drive have failed. ll = list content of /stand, thus see filename of alternate kernel usable via eg -lm /stand/vmunix.alternate ] After this, should see these messages and the login prompt: Boot : disk(scsi.6;0)/stand/vmunix 966616+397312+409688 start 0x6c50 Kernel Startup Messages Omitted INIT: Overriding default level with level 's' INIT: SINGLE USER MODE WARNING: YOU ARE SUPERUSER!! # NOTE: The VGA monitor + pc keyboard may show some optinos. Hit F4 to toggle remote management on (with * on it). This makes serial console usable. When booted in single user mode with corrupted fs, vgchange can be used to tell Veritas Vol Mgrt which device to use. This is sometime needed even in non-mirrored disk.
vgchange -a y /dev/vg00		
lvlnboot -v /dev/vg00

fsck -F vxfs -o full,nolog /dev/vg00/rvol8
		# fsck for drives that have lot of errors, this method
		# may give more instructions to cmd of how to do the cleaning.
		# by specifying -F vxfs, allow use of intent log (journaling) 			
		# feature of JFS and thus completes much quicker.



************************************************************
clear out attention light in front panel

thru serial console session:

^B , enter 2x
get into gsp mode (Guardian Service Processor cli)
	give access to bios level control of the machine,
	view vfp (virtual front panel), clear hw err log, etc.

sl	# sys log
e	# errors
n	# no filter
q	# quit
	
co	# exit back to console
************************************************************

---------- PDC commands ----------

PDC - Processor Dependent Code
Accessed at boot up time by the hardware to boostrap the
system.  Step 1 of booting.
Only accessible during boot time.
Need to hit any key when prompted in a 10 seconds windows
during boot process to enter the PDC interaction session.
The window is after all hardware has been checked and before
OS bootstrab process begins.

SEA	Search and display bootable device.
	Booting from CDROM may need to use this to find
	device path to use for booting.

BO		boot, use default dev
BO PRI		boot, using primary (default) dev
BO SEC		boot, using secondary disk.  Simple to do dual boot.
BO 0/0/2/1.15	boot via specific path, see SEA.

IN	enter info menu
  ALL	display all info, there will be machine model strings
	to determin what class of machine it is.
	eg  9000/800/A500-5X System Name: riptide
	is A-class.  some software like compiler bound to the 800 designation.
	Class info usually not shown in tag/model info in front os system :(

  ME	memory info, tell which bank has what kind of DIMM, vacancy.


---------- ISL commands ----------

ISL - Initial System Loader
Invoked by PDC so that it can load the kernel off /stand
from the hard drive.

Interactions in here allow boot into single user mode, etc.
See HOWTO section and hpux command is in ISL.

hpux -is			# single user mode.  No password req!!
hpux -lm			# LVM maintenance boot mode.
hpux -lm /stand/vmunix.prev	# boot via specific kernel
hpux ll				# list kernels avai in /stand

-0-
ISL> ?

    HELP          Help Facility
    LS            List ISL utilities
    AUTOBOOT      Set or clear autoboot flag in stable storage
    AUTOSEARCH    Set or clear autosearch flag in stable storage
    PRIMPATH      Modify primary boot path in stable storage
    ALTPATH       Modify alternate boot path in stable storage
    CONSPATH      Modify system console path in stable storage
    DISPLAY       Display boot and console paths in stable storage
    LSAUTOFL      List contents of autoboot file
    FASTSIZE      Sets or displays FASTSIZE
    800SUPPORT    Boots the s800 Support Kernel from the boot device
    700SUPPORT    Boot the s700 Support Kernel from the boot device
    READNVM       Displays contents of one word of NVM
    READSS        Displays contents of one word of stable storage
    LSBATCH       List contents of batch file
    BATCH         Execute commands in batch file
    LSEST         List contents of EST (Extended Self Test) file
    EST           Execute commands in EST (Extended Self Test) file

Enter 'LS' to see a list of the ISL utilities.

---------- GSP commands ----------

GSP - Guardian Service Processor.
BIOS level command, accessible even when machine is
in Power Off state.

Use serial console or LAN console,
hit ^B
default is unsecured so just press enter for username and
password to gain GSP> prompt access.
Accessible all the time, it will not cause any interruption of running system.
If machine gets into boot process, user session to GSP will end.

HE = help, LI in there list commands:

==== GSP Help ============================================(Administrator)===
AC  : Alert display Configuration       PC  : Remote Power Control
AR  : Automatic System Restart config.  PG  : PaGing parameter setup
CA  : Configure asynch/serial ports     PS  : Power management module Status
CL  : Console Log- view console history RS  : Reset System through RST signal
CO  : COnsole- return to console mode   SDM : Set Display Mode (hex or text)
CSP : Connect to remote Service Proc.   SE  : SEssion- log into the system
DC  : Default Configuration             SL  : Show Logs (chassis code buffer)
DI  : DIsconnect remote or LAN console  SO  : Security options & access control
EL  : Enable/disable LAN access         SS  : System Status of proc. modules
ER  : Enable/disable Remote/modem       TC  : Reset via Transfer of Control
HE  : Display HElp for menu or command  TE  : TEll- send a msg. to other users
IT  : Inactivity Timeout settings       VFP : Virtual Front Panel display
LC  : LAN configuration                 WHO : Display connected GSP users
LS  : LAN Status                        XD  : Diagnostics and/or Reset of GSP
MR  : Modem Reset                       XU  : Upgrade the GSP Firmware
MS  : Modem Status

-0-

CO	return to console mode, exit GSP.
	contrast to exit, which will logoff a telnet to the LAN console session.
LS, LC	Show and configure LAN console settings (IP, hostname, etc),
  	extremely useful, make sure to configure it!
TC	Send signal to OS, force it to do a core dump and reboot.
	Probably similar to Sun OBP sync cmd.
RS	Harshes restart of system, no OS interaction, no core.
	SUN OBM reset.
PC	allow turning machine on/off.  Can perform power cycle.
	GSP and LAN console will remain usable after power off.
	Contrast to SUN LOM and AIX serial access,
	just need to have power fed into machine.
PS	Monitor status of power supply, fan, etc.

SL	Show log, GSP level logging, with timestamp in UTC/GMT.
	Use this command to clear attention light.
CL	Show text message that has been displayed to the console.

VFP	display a virtual front panel, a mirror of the LED in front of machine.

Random Daily Tasks


changing hostname of a machine

/etc/rc.config.d/netconf	# top, see HOSTNAME="name"
/etc/hosts
/var/adm/inetd.sec		# may not be needed.

hostname NEWNAME (use this instead of reboot)

don't use set_parm
sam okay, but check files above.



move machine to new subnet, maybe use sam instead of config file changes for IP/NIC settings or else
need to edit multiple places.



creating /dev/zero

cd /dev
mknod zero c 3 0x000004
chown bin:sys zero
chmod 666 zero


Change system default timezone:
edit /etc/TIMEZONE to be:
TZ=PST8PDT
export TZ



Setting up NIS with predefinied list of servers.

/etc/rc.config.d/nameserver ::
NIS_DOMAIN-"titaniumleg.com"
(verify with domainname, immediate activation via domainname titaniumleg.com)

/var/yp/secureservers ::
10.215.10.255 10.215.10.17
10.215.20.255 10.215.20.21
10.215.30.255 10.215.30.6
10.215.40.255 10.215.40.199

/usr/lib/netsvc/yp/ypbind

Note that ypinit can only be used to setup master or slave server
not to init client config.







Storage

Disk

swap/paging

swapinfo
swapon /dev/vg01/lvol2		# activate swap partition

/etc/fstab entry:
/dev/vg01/lvol2	/	swap	defaults 0 0 # swap device


/usr/sbin/sam goto
Performance Monitors -> System Properties
	there are tabs for cpu and memory info

Volume Management

creating root and swap volumes (using LVM)

[Adapted from Unix Sys Admin Handbook (USAH) p146.]
ioscan -fnC disk		# scan for disk dev path
pvcreate -B /dev/rdsk/c3t15d0	# mark disk for use as PV in LVM
dd if=/dev/zero of=/dev/rdsk/c3t15d0 bs=64k count=10
				# wipe out obsolete LVM marking on disk so that
				# pvcreate will not complain, re run pvcreate cmd

mkdir /dev/vg01			
mknod /dev/vg01/group c 64 0xNN0000	# c 64 is disk major number
					# 0xNN0000 is uniq minor number hex, try 01, 02, ...
					# eg, chk against ls -l /dev/vg*/group

vgcreate -s8 /dev/vg01 /dev/dsk/c3t15d0	# create a new vol grp. w/ Phy Extend = 8 mb

mkboot /dev/rdsk/c3t15d0		# make it bootable disk

lvcreate -C y -r n -L 1024 /dev/vg01	# create contiguous dev lvol1 size 1024 MB
lvcreate -C y -r n -L 1024 /dev/vg01	# ditto, will be named lvol2 automatically

lvlnboot -r /dev/vg01/lvol1		# make lvol1 a boot partition
lvlnboot -s /dev/vg01/lvol2		# make lvol2 a swap dev


newfs -F vxfs /dev/vg01/rlvol1		# create the fs as veritas fs
swapon /dev/vg01/lvol2			# activate swap
vi /etc/fstab...

# swap addition like this req disk to have a boot partition, even on 2nd disk.
# sam may provide easier alternative.
# also, may need to set kernel param maxswapchunk which limit max swap size in byte
# calc as swchunk * DEV_BSIZE, whose def are 2048 and 1024, resp.



non "system" volumes can be created as, eg /usr/local:
lvcreate /dev/vg00	
lvextend -L 2000 /dev/vg00/lvol11 	# allocate 2 GB for the Log Vol.
newfs -F vxfs /dev/vg00/rlvol11		# lvol11 assigned dyn from above

Clean up procedure, reverse of create...
lvrmboot -r /dev/vg01			# remove root vol req for the LV.
					# undo lvlnboot -r and -s
lvremove /dev/vg01/lvol2		# remove the logic vol lvol2 from vg01
lvremove /dev/vg01/lvol1
vgremove vg				# remove the whole vol grp

bdf					# df, berkeley version

growfing the fs:
lvdisplay /dev/vg00/lvolX
# find out LE value
umount /fsmount
lvextend -l le_number /dev/vg00/lvolX	# where le_number is new LE value
					# or -L sizeInMB (final size)
extendfs  /dev/vg00/lvolX		# will fill up all allocated LE, JFS
fsadm -F vxfs size /fsmount		# increase fs for onlineJFS.
mount /fsmount

unless have onlineJFS, need unmount before extend.  /var, /usr need boot into
single user mode (ISL hpux -is, -lm main mode won't work!)
lvextend, extendfs, then reboot to increase such fs.
Not sure how to do / !!
NOTE
/, /stand and swap require special policy of 'contiguous', and thus cannot be extended! (They usually correspond to lvol1 to lvol3). Wizar can do it by migrating to another disk and if onlineJFS is used.

Setup boot disk mirroring

Boot disk mirroring.

Adapted from HP-UX 11i system administration handbook and toolkit, 2nd Ed, by Poniatowski. p140
Here is the procedure to mirror root disk, which uses HPUX native LVM, and not the Veritas Volume Manager that the OS also ships with.
Warning
While this mirroring software is native to the HP-UX OS, it is an option that requires more money.
lvextend -m is the mirroring option that need license to be activated.
###
### ++ TODO: find out how to determine if machine has license for mirroring.
###


# eg, existing vg00 is in /dev/dsk/c1t2d0 (0/0/1/1.2.0)
# new drive for mirror is /dev/dsk/c2t2d0 (0/0/2/0.2.0)


The /etc/fstab before mirroring is:
/dev/vg00/lvol3   /        vxfs delaylog 0 1
/dev/vg00/lvol1   /stand   hfs  defaults 0 1
/dev/vg00/lvol4   /tmp     vxfs delaylog 0 2
/dev/vg00/lvol5   /lhome   vxfs delaylog 0 2
/dev/vg00/lvol6   /opt     vxfs delaylog 0 2
/dev/vg00/lvol7   /usr     vxfs delaylog 0 2
/dev/vg00/lvol8   /var     vxfs delaylog 0 2
ioscan -funC disk
pvdisplay /dev/dsk/c1t2d0		# get lvm info of existing disk.
pvdisplay /dev/dsk/c2t2d0		# get err, no lvm def on it, raw disk.

pvcreate -B /dev/rdsk/c2t2d0		# add physical disk to be used by LVM
vgextend /dev/vg00 /dev/dsk/c2t2d0	# incorporate new disk to existing vg00

# do some checking
strings /etc/lvmtab			# see new disk used by lvm
lifls /dev/rdsk/c1t2d0			# see lot of boot util
lifls /dev/rdsk/c2t2d0			# no boot util, add next...

mkboot /dev/rdsk/c2t2d0			#
mkboot -a "hpux -lq" /dev/rdsk/c2t2d0	# SECONDARY disk, add AUTO, low quorum
mkboot -a "hpux -lq" /dev/rdsk/c1t2d0	# PRIMARY disk, low quorum (??)

lifls /dev/rdsk/c2t2d0			# see boot util, but not as extensive
					# as primary disk.  It is ok.
					
###
###  The next steps will actually perform the mirror,
###  and it will fail if -m mirroring option is not activated with valid license
###					

lvextend -m 1 /dev/vg00/lvol1 /dev/dsk/c2t2d0	# add mirror for lvol1=/stand
lvextend -m 1 /dev/vg00/lvol2 /dev/dsk/c2t2d0	# add mirror for lvol2=/ (root)
lvextend -m 1 /dev/vg00/lvol3 /dev/dsk/c2t2d0	# add mirror for lvol3=(swap)
# Repeat for all lvolX...
lvextend -m 1 /dev/vg00/lvol8 /dev/dsk/c2t2d0   # add mirror for lvol8=(/var)
lvextend -m 1 /dev/vg00/lvol7 /dev/dsk/c2t2d0   # add mirror for lvol7=(/usr)
lvextend -m 1 /dev/vg00/lvol6 /dev/dsk/c2t2d0   # add mirror for lvol6=(/opt)
lvextend -m 1 /dev/vg00/lvol5 /dev/dsk/c2t2d0   # add mirror for lvol5=(/lhome)
lvextend -m 1 /dev/vg00/lvol4 /dev/dsk/c2t2d0   # add mirror for lvol4=(/tmp)

setboot					# check current PDC bootpath
setboot -a 0/0/2/0.2.0			# set PDC> BO SEC (if needed)

###
### To undo the mirroring prep work:
###

vgreduce /dev/vg00 /dev/dsk/c2t2d0
pvremove /dev/rdsk/c2t2d0

###
###  Replacing a mirror disk  149
###

vgcfgrestore -n /dev/vgXX /dev/rdsk/c...                # vol grp conf restore
vgchange -a y /dev/vgXX                                 # change vol grp to avai
lable (-a y)
vgsync /dev/vgXX                                        # resync logical vol in
vol grp.

###
### Replace mirrored disk boot disk
### In addition to normal mirror disk replacements steps above,
### add:
###

mkboot /dev/rdsk/c.t...
mkboot -a "hpux lq" /dev/rdsk/c...

reboot	# vgcfgbackup is run automatically on reboot

Other Volume Management Commands

HP-UX >= 11 default boot disk is under control of LVM - Logical Volume Manager.
Note
HP-UX shipws with TWO LVM. An native version for core OS partitions, and Veritas Volume Manager for use with data partitions. Filesystem created by LVM can be hfs (/stand, boot stuff) and vxfs (root, /var, /usr, etc). Further note that in addition to vxfs, HP talks about JFS and onlineJFS, see fsck.
To some extend, this is akin to Solaris, whereby some admin use the Sun Volume Manager (Disk Suite) for OS disks, and Veritas for data disks. HP-UX just happen to ship both pre-installed.
LVM  devices are /dev/vg00/lvolN
VxVm devices are /dev/vx/dsk/rootdg/volNN

LVM  cmds are lv... pv... vg...
VxVm cmds are vx...

---

LV = logical volume, similar to partition/slide of solaris.

ioscan -fnC disk		# scan for all hard drives (+ cd/dvd).

diskinfo

pvcreate -B /dev/rdsk/c3t15d0	# init a raw disk dev as dev for LVM -- ie make a PV.
pvremove /dev/rdsk/cXtXd0	# reverse/undo of pvcreate
pvdisplay /dev/dsk/c1t15d0	# display physical vol info (disk to vol grp info)
				# dev path from ioscan output

vgdisplay -v vg00		# display (verbose) vol grp info
				# vg00 = root vol grp (system files)
				# /etc/lvmconf list all vol grp in system

lvdisplay -v /dev/vg00/lvol8	# show logical to phy extents map for logical vol

# a few more commands. some sample eg in LVM mirroring section.

vgextend	# vol grp, add disk to
vgreduce	# vol grp, remove disk from
vgremove	# vol grp, remove it completely (all log vol in it will be gone)

lvcreate	# logi vol, create (initial setup)
lvextend	# logi vol, add space (physical extents) or mirror config
lvreduce	# logi vol, reduce space or remove mirror
lvchange	# logi vol, change allocation policy (congtiguous, etc)
lvremove	# logi vol, remove it completely (fs will be gone)
lvlnboot	# make lv bootable.

newfs, extendfs etc are applied to LV to make usable filesystem.



Filesystem

mounting cdrom:

mount -o ro -F cdfs /dev/dsk/c2t1d0 /mnt/cdrom

alternate approach (diff format? iona cd):
pfs_mountd &
pfsd &
pfs_mount /dev/rdsk/c2t1d0 /mnt/cdrom
pfs_umount /mnt/cdrom


Connectivity (Network)

NFS

automount typical auto startup (from ps):
/usr/lib/netsvc/fs/automount/automount -f /etc/auto_master -D ARCH=SC_HPUX	# old automount
/usr/lib/netsvc/fs/autofs/automountd -D ARCH=SC_HPUX				# newer autofs, /net may need some OS path in PARISC

/etc/rc.config.d/nfsconf				# set both to be sure!	
	AUTO_OPTIONS="-f $AUTO_MASTER -D ARCH=SC_HPUX"	#older automount
	AUTOMOUNTD_OPTIONS="-D ARCH=SC_HPUX"		#newer autofs
	see sambple config in hpux/nfsconf

/sbin/init.d/nfs.client	start 		# automount/autofs, can read the std out from this script

startup file is in /sbin/init.d/nfs.client

Note that if NIS map auto.master use undescore like auto_home,
hpux won't be able to translate that to auto.home
As such, a slew of files need to be added in /etc/auto_home with conent of
+auto.home

/etc/auto.products		:: 	+auto.products
/etc/auto.automnt		::	+auto.automnt

Converting NIS server to have map with '.' should work.
But afraid break other OS platform, not well tested yet.
But Ohio NIS use that and it works fine!
Ass hole before created the SNAFU for me.

For compatibility issues, it is probably best to avoid both . and _ in the filename
There should not be reason why one can't use auto_master to have entries like:
/products 	autoproducts	# ie, no . or _

Not sure of the effect on auto_home and auto_direct

NFS

/etc/fstab

/dev/vg00/lvol8            /usr    vxfs   delaylog      0 2
netapp:/vol/vol1/users/sa  /mnt/sa nfs    rw,intr,hard  0 0


/etc/exports

/opt	-ro
/var	-ro

exportfs -a


NIC

lanscan  		# list all NIC, ifconfig -a doesn't work.
        -v		# verbose, show nic and driver, etc
ifconfig lan0		# almost all NIC are lanX
lanadmin -x 0		# tell what is current NIC config, eg duplex
				# 0 is NMID from lanscan.
lanadmin -X 100FD 0	# force settings, for this session only.
			
ioscan -fnC lan		# id card type and driver.
lsdev -C lan		# list all devices of Class lan

/etc/rc.config.d/hp*conf 	
eg 	hpbtlanconf	= btlan			# a-class build-in NIC
	hpgsc100conf	= btlan4 hsc j3515a	# some old box add on nic
	hpbasetconf	= btlan1
	hpbase100conf 	= btlan3 Internal (core) LAN card
	hppci100conf	= btlan5 "external" pci card A5230A
	hpsppci100conf	= btlan6 V-class pci lan card
	# Update this file to
	# hard coded NIC settings (speed and duplex, eg 100 FD)
	# remember to add the card interface eg lan0 in the name
	# section, or it will have no effect!
	# can also change settings via lanadmin -X 100fd
	# but it will not live thru reboot.

Determining / setting nic duplex and speed
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=684614


network driver patch for some old (a-class?) machine  btlan
PHNE_22727	patch for btlan for hpux 11.11, older, stable, safe patch
PHNE_23465	latest btlan patch, have some warnings.  if work, autoneg will work better.

Network Config

change DNS servers
/etc/resolv.conf		# same as solaris/aix.
sam, networking and communications, DNS (BIND), DNS Resolver
use Menu, Actions, Set Default Domain...  to add "search" for other dns domains.
config file edit is easier, only 1 file.

change ip/netmask:
sam, networking and communications, network interface cards
# this even allow for speed duplex settings!!  Advance has mac address and mtu.
/etc/rc.config.d/netconf 	# IP_ADDRESS[0]="10.10.10.123" SUBNET_MASK[0]
				# BROADCAST_ADDRESS[0]="" (blank seems to work, auto calc?)
/etc/hosts 			# enter new IP of machine.

change routing:
sam, networking and communications, routes
/etc/rc.config.d/netconf	# ROUTE_DESTINATION[0]="default"
				# ROUTE_MASK[0]=""
				# ROUTE_GATEWAY[0]="10.10.10.1"	
				# ROUTE_COUNT[0]="1"		(aix consider it as 0)

Adding default router in command line:
route add default netmask 255.255.255.0 172.27.188.1 1




Serial/console port

Printing

To add a network printer, use sam,
printers and plotters,
LP Spooler,
Printers and Plotters,

go to Actions menu, Add Remote Printer

Name of Queue to add                      --> Use printer name maching windows
Hostname of remote server                 -->  windows print server name
Name of queue on remote server            --> Windows printer name.
Type of print spooler on remote server    --> System V     (ie, don't check remote is BSD)


Sys Config

Package/Software management

swlist -l product 	
	list all product/patches in system
swlist | grep -e QPK -e GOLD
	determine if any Quality Pack or Gold Base patch has been installed
	(service pack equiv).
	Apperently, all 4 of BUNDLE11i, HWEnable11i, GoldApp and GoldBase should be installed on the system.
	Factory OS install included the latest release of all the above 4 patch bundles.
swlist -l product | grep PH
	look for installed patches.  -l product seems to be needed for 11i


swinstall -f mysoft -s /mnt/cd
	supposed to install software listed in file mysoft from cdrom

swinstall -s /home/sa/share/software-in-cd/hpux_aC++/aC++Compiler.800.depot
	needed to fully specify the depot file before the damn thing will recognize the file.  It is really just a tar file.

swinstall -s /export/tmp/bash.depot \*
	install everything in the depot (in this case, sure there is bash only).
	
	see email about where gnu tools are downloaded
	[http://hpux.cs.utah.edu, depot format, some ins to /usr/local/bin,
	other to /opt, into product specific subdirs!]


Patch

patch install eg:
(patch is obtained in a "depot" file format, which is really a tar.
Instruction presented in here is also in a text file inside the tar.)

http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=PHSS_20055&context=hpux:800:11:00

	1. Back up your system before installing a patch.

	2. Login as root.

	3. Copy the patch to the /tmp directory.

	4. Move to the /tmp directory and unshar the patch:

		cd /tmp
		sh PHSS_20055

	5. Run swinstall to install the patch:

[ to check that depot has been downloaded correctly:
  swlist -d @ /full/absolute/path/PHSS_20055.depot
]

		swinstall -x autoreboot=true -x patch_match_target=true \
			  -s /tmp/PHSS_20055.depot

	By default swinstall will archive the original software in
	/var/adm/sw/save/PHSS_20055.  If you do not wish to retain a
	copy of the original software, use the patch_save_files option:

		swinstall -x autoreboot=true -x patch_match_target=true \
			  -x patch_save_files=false -s /tmp/PHSS_20055.depot

	WARNING: If patch_save_files is false when a patch is installed,
		 the patch cannot be deinstalled.  Please be careful
		 when using this feature.

	For future reference, the contents of the PHSS_20055.text file is
	available in the product readme:

		swlist -l product -a readme -d @ /tmp/PHSS_20055.depot

	To put this patch on a magnetic tape and install from the
	tape drive, use the command:

		dd if=/tmp/PHSS_20055.depot of=/dev/rmt/0m bs=2k



Kernel/System Tuning

sysdef			# show many (but not all) kernel parameters
kmtune -l		# list all kernel parameters, -l for long list (in /usr/sbin)

ulimit -a	# display all limits, below are probably defaults.

core file size        (blocks, -c) 2097151
data seg size         (kbytes, -d) 1048576
file size             (blocks, -f) unlimited
max memory size       (kbytes, -m) unlimited
open files                    (-n) 2048
pipe size          (512 bytes, -p) 16
stack size            (kbytes, -s) 8192
cpu time             (seconds, -t) unlimited
max user processes            (-u) 76
virtual memory        (kbytes, -v) unlimited


ulimit -s 	# define stack size.
	governed by kernel static params and def vals
	maxsiz			         8388608 (8k)
	maxsiz_64bit		         8388608
	suggested val for small server 401604608 (max allowed, 383K)

ulimit -n 	# define max open files, def kernel values:
	maxfiles	2048	static		4096	# soft
	maxfiles_lim	2048	dynamic		8192	# hard



maxusers	# num of users, base param as multiplier by other params
		# does not actually govern logins.

npty		# pty for user login sessions.
nstrpty		# can set them to 1000
nstrtel

nproc		# max processes that can exist on system, 11i = static
		# def 20 + 8 * MAXUSERS (5988?)

use sam to define new params and build new kernel.
restart is needed.

Kernel parameters in default os is not very good for large server, For large java app servers, get HP tool Java2 Out-of-box and it will plug in all desireble parameters. Probably good for all server. http://www.hp.com/products1/unix/java/java2/outofbox/
download .depot, swinstal -s /full/path/to/joob_203_1100.depot -x autoreboot=true \*
Req reboot.
/usr/sbin/kmtune will display the kernel params.  It should modify:
maxusers 512
nproc 2048
max_thread_proc 3000
nkthread 6000
nfile 3000
maxfiles 2048
maxfiles_lim 2048
ncallout 6000
maxdsiz 2063835136
tcp_conn_request_max 2048

Adding International Language/Locale support

By default, all the basic support for international language are
installed.  Check with "locale -a".

The CDE language may need to be installed manually:
Insert CD2 of HP-UX 11i Foundation Operating Environment, then
run SAM Software Install and add the CDE bundle of the desired language.

Hardware commands

model - give machine model info

Diagnostic tools

diagnostics tools:

netfmt -(lot of options) /var/adm/nettl.LOGnnn > /tmp/nettl.txt
	convert the network problem log from binary to text
	options may have been -l -N -n -f


stm, cstm xstm		
	hardware diagnostic program.  text menu, cli and X based.
	probably not well known, support people use only?

tusk
	some sort of network troubleshooting util.

Random Stuff

For those from Solaris background:
Env variables:
SHLIB_PATH			is used instead of Solaris LD_LIBRARY_PATH
LD_LIBRARY_PATH		for 64 bit version libs.  Solaris LD_LIBRARY_PATH64
LIB		There maybe something about the env var also.  Not sure.


dos2unix	
	Couldn't find such command tool, only found charconv.

charconv
	convert input file to desired output format
	-u = unix  LF
	-d = dos   CRLF
	-m = mac   CR
	-i inputfile,  default is std in
	-o outputfile, default to std out
	--help more conversion info, including EBCDIC
	eg: cat dostext.txt | charconv -u > unixoutput.txt


Compiler:
	The bundled cc compiler in /usr/ccs/bin/cc_bundled only takes K&R function prototype syntax, not Ansi C.
	Moneyware aCC is Ansi C compliant and installs to /opt/aCC.


HP-UX Freeware

Info about installing hpux gnu freeware from hpux.cs.utah.edu. into NFS server central location.
No real need to use SAM to install the package and xfer to NFS server.
Can just do tar trick, see note below.  Warning: Some admin may see this as kludge as
it bypass the software management tool.  Your choice :)

/import/hpux1100/usr/local$ cat dir.info

This dir is automounted as /import/hpux1100/usr/local
Various link would exist pointing to the parent dir of /import/hpux1100, such as /titaniumlegit.
It could also be a symlink from slightly diff version of HP-UX 11.x


These files are gnu freeware depot files for HP-UX 11.00 from hpux.cs.utah.edu

The source is netapp:/vol/vol1/depot/hpux1100/usr/local

The source depot files are hacked via untar and set of cp commands to put them into the desired
usr/local/bin etc tree structure:

gunzip *.tar
mkdir untared
cd untared
for item in `ls ../*.depot`; do
        tar xf $item
done

mkdir -p cleaned/usr
cp -pR  */*/usr/* cleaned/usr

and finally the cleanred/usr/local dir is moved here.


---

the opt dir is extracted in similar manner:

mkdir -p cleaned/opt
cp -pR */*/opt/*/* cleaned/opt/

---

http://hpux.cs.utah.edu/
Software Porting and Archive Center for HP-UX
Freeware for HP-UX

====

© 2000 UNIXguide.net, All Rights Reserved. Hermelito Go  (Last Update:  Wednesday, 07-Dec-2005 14:11:32 EST )

Directory Mappings 
AIX
FreeBSD
HP-UX
LINUX(RedHat)
SOLARIS
Tru64
Root filesystem /              {/dev/hd4} /       {/dev/ad0s1a} /          {/dev/vg00/lvol1} /                  {/dev/sda1} /  {/dev/vx/dsk/rootvol} /     {/dev/rz0a}
Home Directory /home          {/dev/hd1}   /home      {/dev/vg00/lvol4}   /export/home
       /dev/vx/dsk/home}
 
  /tmp           {/dev/hd3}   /tmp       {/dev/vg00/lvol6}   /tmp 
    /dev/vx/dsk/swapvol}
 
  /usr           {/dev/hd2} /usr    {/dev/ad0s1f} /usr       {/dev/vg00/lvol7}   /usr  /usr    {/dev/rz0g}
  /var        {/dev/hd9var} /var    {/dev/ad0s1e} /var       {/dev/vg00/lvol8}   /var  
Sample configuration files -   /usr/newconfig      
User Accounts
AIX
FreeBSD
HP-UX
LINUX(RedHat)
Solaris
Tru64
Password files /etc/passwd
/etc/security/passwd
/etc/passwd
/etc/master.passwd
/etc/passwd
/tcb/files/auth/r/root
/etc/passwd
/etc/shadow
/etc/passwd 
/etc/shadow
/etc/passwd 
Groups file /etc/group
/etc/security/group
/etc/group /etc/group
/etc/logingroup
/etc/group /etc/group /etc/group
Maximum # of user ID 4294967295 65535 2147483647 65535 2147483647 65535
Allow/Deny remote login /etc/security/user
{rlogin=true}
/etc/ttys 
{secure}
/etc/securetty
{console}
/etc/securetty
{ttyp1}
/etc/default/login
{CONSOLE=/dev/console}
/etc/securettys
{ttyp1}
User nobody's id # 4294967294 65534 -2 99 60001 & 65534(nobody4) 65534
Group nobody's id # 4294967294 65534 -2(nogroup) 99 60002 & 65534(nogroup) 65534
Recover root password boot from CD/Tape
Installation/Maintenance
Start Limited Shell
getrootfs hdisk0
vi /etc/security/passwd
ok boot -s
passwd root
>boot
Interact with IPL ? Y
ISL>hpux -iS

passwd root
{lilo}
control-x
linux S
passwd root

{grub}
c
kernel vmlinuz-2.4.9-13 single   ro root=/dev/hda8
initrd /initrd-2.4.9-13.img
boot
passwd root
boot cdrom -s
mkdir /tmp/a
mount /dev/c0t0d0s0 /tmp/a
vi /tmp/a/etc/shadow
press the HALT Button or (Control-P)
>>>boot -fl s
lsmbstartup
/sbin/bcheckrc
passwd root
Create new user mkuser adduser useradd useradd useradd useradd
Delete user rmuser rmuser userdel userdel userdel userdel
List users lsuser -f ALL   logins   logins  
Modify user account chuser -a   usermod usermod usermod usermod
General Commands
AIX
FreeBSD
HP-UX
LINUX(RedHat)
Solaris
Tru64
Unique host ID hostid   uname -i hostid hostid hostid
Administrator smit   sam linuxconf admintool sysman
Performance monitor top
monitor
top top
glance
top top top
System activity reporter sar sa sar sar {sysstat} sar /usr/opt/svr4/bin/sar
Virtual Memory statistics vmstat vmstat vmstat vmstat vmstat vmstat
I/O statistics iostat iostat iostat iostat {sysstat} iostat iostat
Error logs alog -o -t boot
errpt
dmesg dmesg dmesg  dmesg uerf -R -o full
Physical RAM 1TB   4TB 64 GB {>2.3.24} 16TB 4TB
Shared Memory 2.75GB   8TB sysctl kernel.shmmax    
Process Data Space 2GB   4GB 900 MB    
Swap device /dev/hd6 /dev/ad0s1b /dev/vg00/lvol2 /dev/sda2 /dev/vx/dsk/swapvol /dev/rz0b
Swap file type /etc/swapspaces swap swap partition type 82  swap raw
Display swap size lsps -a swapinfo swapinfo -a free swap -l swapon -s
Activate Swap swapon -a swapon -a swapon -a swapon -a swap -a swapon -a
Printers
AIX
FreeBSD
HP-UX
LINUX
Solaris
Tru64
Printer Queues /etc/qconfig /var/spool/print /etc/lp/interface/* /var/spool/lpd/lp/* /etc/lp/interfaces/* /usr/spool/lpd
Stop LP  stopsrc -s lpd   lpshut /etc/init.d/lpd stop /usr/lib/lp/lpshut /sbin/init.d/lpd stop
Start LP startsrc -s lpd lpd lpsched /etc/init.d/lpd start /usr/lib/lp/lpsched /sbin/init.d/lpd start
Submit print jobs enq
lp
lpr
qprt
lp lp lpr lp
lpr
lp
lpr
LP statistics enq -A
lpq
lpstat
qchk
lpq lpstat lpq lpstat lpstat
Remove print jobs cancel
lprm
qcan
enq -x
cancel
lprm
cancel lprm cancel
lprm
cancel
lprm
Add printer queue smit mkpq   lpadmin -p pq printtool lpadmin -p pq lprsetup
Remove Printer queue smit rmpq   lpadmin -x pq   lpadmin -x pq lprsetup
Make default printer export LPDEST="pq"   lpadmin -d pq   lpadmin -d pq export PRINTER="lp"
TCP/IP
AIX
 
HP-UX
LINUX(RedHat)
Solaris
Tru64
Network IP configuration lsattr -E -l inet0 /etc/rc.conf /etc/rc.config.d/netconf /etc/sysconfig/network-scripts/  /etc/hostname.*
/etc/inet/*
/etc/defaultrouter
/etc/rc.config
Hosts IP addresses /etc/hosts /etc/hosts /etc/hosts /etc/hosts /etc/inet/hosts /etc/hosts
Name service switch /etc/netsvc.conf /etc/host.conf /etc/nsswitch.conf /etc/nsswitch.conf /etc/nsswitch.conf /etc/svc.conf
Network parameters no -a sysctl ndd -h sysctl -a | grep net ndd /dev/[tcp|ip] ?  
Routing daemon gated routed gated routed in.routed routed
NIC Configurations ifconfig -a ifconfig -a lanscan -v ifconfig -a ifconfig -a ifconfig -a
Secondary IP Address ifconfig en0 alias IP  ifconfig xl0 alias IP ifconfig lan0:1 IP  modprobe ip_alias
ifconfig eth0:1 IP
ifconfig hme0:1 IP up ifconfig ln0 alias
Login prompt HERALD @
/etc/security/login.cfg 
  telnetd -b /etc/issue  /etc/issue BANNER @
/etc/default/telnetd
/etc/issue
Increase the # of pseudo-terminals odmget -q "attribute=num and uniquetype=pty/pty/pty" PdAt | sed "s/0-64/0-512/" |
odmchange -q "attribute=num and uniquetype=pty/pty/pty" -o PdAt

chdev -l pty0 -anum=256 -P
reboot

  rebuild your kernel with these new values NPTY=# 
NSTRPY=#

reboot

insf -d ptys -n #
insf -d ptym -n #
insf -d pts -s # -e -v
 

cd /dev
./MAKEDEV -v pty
{/etc/system}
set pt_cnt = #   {SYSV}
set npty = #      {BSD}

{/etc/iu.ap}
ptsl 0 # ldterm ttcompat

halt
boot -r

cd /dev
./MAKEDEV PTY_1
Maximum # of ptys 512   {MAXUSERS} 256 176                {BSD}
3000              {SYSV}
8192
Remote Shell remsh
rsh
rsh remsh rsh rsh rsh
YP/NIS service binder /usr/lib/netsvc/yp/ypbind  /usr/sbin/ypbind /usr/lib/netsvc/yp/ypbind  /sbin/ypbind /usr/lib/netsvc/yp/ypbind /usr/sbin/ypbind
System Files
AIX
FreeBSD
HP-UX
LINUX(RedHat)
Solaris
Tru64
NFS exported /etc/exports /etc/exports /etc/exports /etc/exports /etc/dfs/dfstab
/etc/dfs/sharetab
/etc/exports
NFS Client mounted directories /etc/xtab   /etc/xtab /var/lib/nfs/xtab /etc/rmtab /var/adm/mountdtab
Max File System 128 GB   128 GB 2 TB  1 TB
8000 TB {vxfs}
128 GB {<= 3.2G}
512 GB {>= 4.0}
16 TB {advfs}
Max File Size 64 GB   128 GB 2 GB     {512B block size} 
8192 GB  {8KB block size} 
1 TB
2 GB {=<2.5.1}
128 GB {<= 3.2G}
512 GB {>= 4.0}
16 TB {advfs}
Max # File Descriptors 64 K   60~ K sysctl fs.file-max 64 K 64 K
DISK/LVM Commands
AIX
FreeBSD
HP-UX:Disk &Filesystem
LINUX(RedHat)
SOLARIS
Tru64
Filesystem table /etc/filesystems /etc/fstab /etc/fstab /etc/fstab /etc/vfstab /etc/fstab
Free disk blocks df -k df -k bdf df -k df -k df -k
Device listing lsdev -C   /sbin/ioscan cat /proc/devices sysdef  
Disk information bootinfo -s hdisk#  fdisk -v ad0 diskinfo /dev/rdsk/c#t#d# cat /proc/scsi/scsi0/sda/model format -d c#t#d#
format>current
format>inquiry
file /dev/rrz0c
Disk Label lspv -l hdisk# disklabel ad0 pvdisplay -v /dev/dsk/C#t#d# fdisk -l prtvtoc disklabel -p rz0
LVM Concepts Partition  sub disk logical extents logical extents sub disk sub disk
  Volume Volume logical volume logical volume Volume Volume
    Plex     Plex Plex
  Volume group   volume group volume group disk group disk group
Journal Filesystem type jfs   vxfs ext3
reiserfs
vxfs advfs
Default volume group /dev/rootvg   /dev/vg00   /dev/vx/dsk/rootdg /dev/vol/rootdg
Display volume group lsvg -l rootvg   vgdisplay -v vg00 vgdisplay -v vxprint -l -g rootdg volprint -l -g rootdg
Modify physical volume chpv   pvchange pvchange    
Prepare physical disk mkdev -c disk -l hdisk#   pvcreate pvcreate vxdiskadd voldiskadd
List physical volume lspv vinum ld pvdisplay pvdisplay vxprint -dl volprint -dl
Remove disk from volume group reducevg   vgreduce vgreduce vxdg rmdisk voldg rmdisk
Move logical volumes to another physical volumes migratepv vinum move -f drive object pvmove pvmove vxassist move volassist move
Create volume group mkvg   vgcreate vgcreate vxdg init voldg init
Remove volume group     vgremove vgremove    
Volume group availability chvg
varyonvg
varyoffvg
  vgchange vgchange    
Restore volume group     vgcfgrestore vgcfgrestore    
Exports volume group exportvg   vgexport vgexport vxdg deport voldg deport
Imports volume group importvg   vgimport vgimport vxdg import voldg import
Volume group listing lsvg   vgscan vgscan    
Change logical volume characteristics  chlv   lvchange lvchange  vxedit set voledit set
List logical volume lslv vinum lv lvdisplay lvdisplay vxprint -vl volprint -vl
Make logical volume mklv   lvcreate lvcreate vxassist make volassist make
Extend logical volume extendlv   lvextend lvextend vxassist growto volassist growto
Reduce logical volume AIX reduce LV   lvreduce lvreduce vxassist shrinkto volassist shrinkto
Remove logical volume rmlv vinum rm vol lvremove lvremove vxedit rm voledit -g rootdg -rf rm vol1
Prepare boot volumes bootlist -m normal   lvlnboot lilo vxbootsetup  
Remove boot volumes     lvrmboot      
Extend File system chfs -a size=# /mt   extendfs /dev/vg00/lvol8
fsadm -F vxfs -b {LE * 1024} /mt
resize2fs
resize_reiserfs
vxva
mkfs -M
 
Reduce/Split mirrors rmlvcopy   lvsplit lvsplit    
Merge mirrors     lvmerge lvmerge    
Create mirrors mklv -c 2 vinum mirror drive lvcreate -m 1   vxassist mirror volassist make vol 100mb mirror=true
Add mirrors mklvcopy lv 2    lvextend -m 1      
Create striped volumes mklv -u 3 -S 64K vinum stripe drive lvcreate -i 3 -I 64 lvcreate -i 3 -I 64 vxassist make vol 100mb layout=raid5 volassist make vol 100mb layout=stripe
System recovery tape mksysb -i /dev/rmt0   /opt/ignite/bin/make_recovery     /usr/sys/bin/btcreate
Backup savevg -i rootvg vinum saveconfig fbackup tar cvf /dev/rst0 / ufsdump vdump
Restore restvg    frecover tar xvf /dev/rst0  ufsrestore vrestore
MISC
AIX
FreeBSD
HP-UX
LINUX(RedHat)
SOLARIS
Tru64
Startup script /etc/rc /etc/rc /sbin/rc /etc/rc.d/rc /etc/init.d /sbin/init.d
Kernel /usr/lib/boot/unix_up /kernel /stand/vmunix /boot/vmlinuz /kernel/genunix /vmunix
Kernel Parameters lsattr -E -l sys0 sysctl -a sysdef
kmtune
kmsystem
sysctl -a sysdef -i sysconfig
dxkerneltuner
Reconfigure the kernel
chdev -l sys0 -a 
cd /sys/i386/conf
vi KERNEL
config KERNEL
cd ../../compile/KERNEL
make depend
make
make install
cd /stand/build
/usr/lbin/sysadm/system_prep -v -s system
vi system
mk_kernel -s system
cd /stand
mv system system.prev
mv vmunix vmunix.prev
mv dlkm dlkm.prev
mv /stand/build/system system
kmupdate /stand/build/vmunix_test
cd /usr/src/linux 
make mrproper 
make menuconfig 
make dep 
make clean 
make bzImage
make install
make modules
make modules_install

cp arch/i386/boot/bzImage /boot/vmlinuz-2.2.16
mkinitrd /boot/initrd-2.2.16.img 2.2.16
vi /etc/lilo.conf
lilo

vi /etc/system
reboot
doconfig
List modules genkex kldstat kmadmin -s lsmod modinfo  
Load module   kldload kmadmin -L insmod modload  
Unload module   kldunload kmadmin -U rmmod modunload  
Initialize system install_assist /stand/sysinstall set_parms initial netconf sys-unconfig netsetup
Physical RAM bootinfo -r sysctl hw.physmem grep -i Physical /var/adm/syslog/syslog.log free prtconf uerf | grep memory
Kernel Bits bootinfo -K   getconf KERNEL_BITS getconf LONG_BIT isainfo -kv 64
Crash utility crash crash adb lcrash crash kdbx
Trace System Calls syscalls truss tusc strace truss trace
Machine model uname -m
bootinfo -m
uname -m model
uname -m
uname -m uname -imp uname -p
OS Level oslevel uname -r uname -r uname -r uname -r sizer -v
Run Level who -r   who -r runlevel who -r who -r
Core dump files /var/adm/ras   /var/adm/crash   /var/crash/`uname -n`  
Boot single user Key on service mode/F4
Boot from CD/Tape
Select Maintenance
Limited function Shell
ok boot -s >boot
Interact with IPL ? Y
ISL>hpux -iS
{lilo}
control-x
linux S

{grub}
c
kernel vmlinuz-2.4.9-13 single   ro root=/dev/hda8
initrd /initrd-2.4.9-13.img
boot
ok boot -s >>> boot -fl s
Maintenance mode   ok boot -as >boot
Interact with IPL ? Y
ISL>hpux -lm
  ok boot -as  
Interrupt Key     control-B   Stop-A control-P
Return to console     co   ok go  
Timezone Management /etc/environment
/etc/profile
/etc/localtime /etc/TIMEZONE /etc/sysconfig/clock /etc/TIMEZONE
/etc/default/init
/etc/svid3_tz
timezone
NTP Daemon /etc/ntp.conf
startsrc -s xntpd
/etc/rc.conf {xntpd_enable="YES"}
/etc/rc.network
/etc/rc.config.d/netdaemons
/sbin/init.d/xntpd
/etc/ntp.conf
/etc/rc.d/init.d/xntpd
/etc/inet/ntp.conf
/etc/init.d/xntpd
rcmgr set XNTPD_CONF YES
/sbin/init.d/xntpd
Software
AIX
 
HP-UX
LINUX(RedHat)
SOLARIS
Tru64
Install Software installp -a pkg_add swinstall rpm -i package pkgadd setld -l
Uninstall software installp -u pkg_delete swremove rpm -e package pkgrm setld -d
List installed software lslpp -L all pkg_info -a swlist rpm -qa pkginfo setld -i
Verify installed software lppchk -v   swlist -l fileset -a state rpm -V package pkginfo -i
pkginfo -p
setld -v
List all files lslpp -f fileset pkg_info -L package swlist -l file fileset rpm -ql package pkgchk -l package setld -i package
List installed patches instfix -i   swlist -l patch
what /stand/vmunix
  patchadd -p dupatch -track -type patch
Package owner lslpp -w path   swlist -l file | grep path rpm -qf file pkgchk -l -p path  
SW Directory /usr/lpp /var/db/pkg /var/adm/sw/ /var/lib/rpm /var/sadm /var/adm/smlogs
Devices
AIX
FreeBSD
HP-UX
LINUX(RedHat)
SOLARIS
Tru64
Devices /dev /dev /dev /dev /devices /dev
Install devices for attached peripherals cfgmgr -v /dev/MAKEDEV insf -e /dev/MAKEDEV drvconfig
devlinks
disks
tapes
ports
scu scan edt
scsimgr -scan_all
Remove device rmdev -l   rmsf   rem_drv  
Device drivers lscfg   lsdev   prtconf -D  
CPU lsdev -Cc processor sysctl hw.model ioscan -fnC processor cat /proc/cpuinfo psrinfo -v psrinfo -v
List Terminal lsdev -Cc tty   ioscan -fnC tty   pmadm -l  
Diagnostics diag pciconf -l stm lspci
pnpdump
/usr/platform/`uname -m`/
sbin/prtdiag
ok test-all
/opt/SUNWvts/bin/sunvts
 
Whole Disk /dev/hdisk# /dev/ad0s1c /dev/dsk/c#t#d0 /dev/sda /dev/c#t#d0s2 /dev/rz0c
CDROM /dev/cd0 /dev/acd0c /dev/dsk/c#t2d0 /dev/cdrom /dev/dsk/c#t6d0s2 /dev/rz3c
CDROM file type cdrfs cd9660 cdfs iso9660 hsfs cdfs
Rewinding tape drive /dev/rmt0 /dev/rwt0d /dev/rmt/0m /dev/rst0               { c 9 0} /dev/rmt/0 /dev/rmt0
Non-rewinding tape drive /dev/rmt0.1 /dev/nrwt0d /dev/rmt/0mn /dev/nrst0           { c 9 128 } /dev/rmt/0n /dev/nrmt0
Floppy drive /dev/rfd0 /dev/fd0 - /dev/fd0 /dev/diskette /dev/fd0c
Links
AIX
FreeBSD
HP-UX
LINUX(RedHat)
SOLARIS
Tru64
FAQ AIX-FAQ FreeBSD FAQ HP-UX FAQ LINUX FAQ Solaris 2 FAQ Tru64 FAQ
Online Manual AIX 5.3 Docs FreeBSD Hand Book HP-UX Reference Manual Linux Documentation Project Solaris 10 Documentation Tru64 Documents
Technical Support p5 TechSupport   IT Resource Center Red Hat support SunSolve Alpha Systems Support
Phone Number 1-800-CALL-AIX   1-800-633-3600 1-888-REDHAT1 1-800-USA-4SUN 1-800-474-6836
Free Software Public Domain Software Library FreeBSD Primary Site HP-UX Ports Linux Software Map Sun Freeware Tru64 Demos, Shareware & Freeware
Certification www.ibm.com   education.hp.com RHCE suned.sun.com ASE Information

====

 1. Is there a "defrag" on UNIX?

For HFS filesystem:
HP-UX experts say that HFS filesystem was designed for optimum performance. It's sort of auto-defragmenting filesystem.
But, if you still insist on defragmentation, you have some possibilities:

    Backup entire filesystem
    Erase all files from that filesystem
    Restore entire filesystem (it's rather funny, but works good & requires a lot of time)
    Use standard HP-UX decompression utility (unfortunatelly, dcopy assumes you have a spare, identically sized filesystem available :( )
    Buy product called DISK_PAK (from EagleSoft, http://www.eaglesoft.com)

For VxFS (JFS) filesystem:
You need to buy additional AdvancedJFS (Online JFS) product from Hewlett-Packard. According to some people it is really worth the money; it allows you to get the full functionality of JFS (VXFS) - files/dirs stats, on-line backup, on-line extend/shrink file system (make sure you install the patches !), online (background) defrag.
If you already have this product check man page for 'fsadm' command.



2. Starting/Sping DTC's / DDFA in HP-UX 10
FILE     CHANGE
/etc/rc.config.d/dtcmgr     START_DTCMGR=1
/etc/rc.config.d/netdaemons     START_RBOOTD=1
      RBOOTD_DEVICES="/dev/lan0"
      DDFA=1

To check that the correct daemons are running when the system comes up, you can check the end of the following log files:

    tail /var/adm/rbootd.log
    tail /var/adm/dtcnmd.log
    tail /var/adm/dtcnmp.log

...which should say "INITIALIZATION COMPLETE".

The following daemons should be running when DTC's are up:

    rbootd
    dtcnmd
    dtcnmp

To disable DTC's, simply flag /etc/rc.config.d/dtcmgr:

    START_DTCMGR=0


...This ss them from coming up when you reboot. Simply change it back to 1 then reboot to restart the DTC daemon.You can also s the daemons while the system is up (instead of booting) by running:

    /sbin/init.d/dtcmgr s



3. HP-UX 10.x System Info Script

Here is a script to gather system information on HP-UX 10.x systems: dumpsys.hp10



4. Setting up routing

These are the steps for setting up routing on HP-UX.
I will give the IP address 192.9.200.2 to the router for this example.

Run the command: route add default 192.9.200.2 1 to initially add the router for all systems.

To keep this information after a reboot edit the file /etc/rc.config.d/netconf

    add the IP address to ROUTE_GATEWAY
    change ROUTE_COUNT to 1



5. Patch Cleanup
From HP

There is a utility under /usr/sbin and it is called 'cleanup'. It provides the following functionality for 10.X patch management:

/usr/sbin/cleanup
Remove superseded patches from the system to reclaim space in /var. Queries the user re trimming SD logfiles as well.

/usr/sbin/cleanup -F
Forces the removal of ALL Patch backups to reclaim space in /var (you cannot back out a patch out after this).

/usr/sbin/cleanup -t
Trim SD logfiles /var/adm/sw*.log to the most recent 5 entries.

/usr/sbin/cleanup -i
Remove overwritten patch entries from the SDUX IPD.

/usr/sbin/cleanup -d [absolute path to software depot]
Removes superseded patches from a software depot.



6. Patch Frequently Asked Questions
From HP

    Q: Instead of following this procedure, can I use swremove(1M) to remove all patches prior to performing the software update?

    A: Yes.
    You can do this but it is not recommended. First of all, patches that have been applied may deal with sensitive issues like data corruption, security, and system panics. By removing the patches prior to performing the update you may be exposed to the problems addressed by the patches. It is best to leave the patches installed.

    Second, removing patches with swremove(1M) can be a labor-intensive process. Not only do many systems have over a hundred patches installed, you must remember that when a patch is removed with swremove(1M), a patch that was superseded by the patch *may* be automatically reinstalled. So, several iterations of invoking swremove(1M) may be required to completely remove all patches from the system.

    Q: Can I use swremove(1M) to remove the inappropriate patches after the software update process?

    A: NO!
    It is critical to remember that removing a patch with swremove(1M) will reinstall software that was present prior to the installation of the patch. So, removing a patch with swremove(1M) after a software update could lead to an undesired mixture of new and old software.

    Let's use an example of an HP-UX 10.01 to HP-UX 10.20 update to clarify this situation. Assume you were running HP-UX 10.01 and updated to HP-UX 10.20 without following the procedure listed above.

    After the update, the swlist(1M) command will show that HP-UX 10.01 patches are still installed.

    What happens if these 10.01 patches are removed via swremove(1M)? The 10.01 files that were resident on the system prior to the installation of the 10.01 patches will be restored. The end result is that the HP-UX 10.20 system will now have HP-UX 10.01 files mixed with the HP-UX 10.20 files. The behavior of such a system is unknown, and most likely, a complete cold install will be required to recover the system.

    Q: Can I simply remove all patch references from the IPD prior to performing the software update?

    A: Not really.
    The problem with this solution is that all software products might not be affected by the software update. If patches for all software are removed from the IPD and some software is not reloaded during the update process, then information will be lost about some patches that are still present after the update.

    An example of where this may cause a problem is if an operating system update was performed, but some application software products were not updated. This situation arises when the same version of an application runs on multiple versions of the operating system.

    If patches had been applied to these application products and the patches removed from the IPD but the products not updated, then there would be no record that the patches were installed. This could lead to problems with the application software.



7. Fbackup/Frecover

To backup use: /usr/sbin/fbackup -0v -f /dev/rmt/0m -i /

Recover command (absolute): /usr/sbin/frecover -xv -f /dev/rmt/0m -i /path[/file]
To do a relative restore using frecover you need BOTH -x and -X, ie -xvX



8. HP-UX telnet / pty users

To increase the number of telnet users a system can have, the npty kernel parameter needs to be altered. However, HP-UX requires "slave" and "master" pty devices for each telnet user. These devices are used logically as two ends of a pipe - they need to be there so HP-UX can allocate a tty device to a new telnet user.

To create the required master and slave device files, executed the command:
     insf -d pty -n 120



9. HP-UX 11.x info

This is intended as a quick summary of the new features and functions incorporated into HP-UX 11.
64bit VS 32bit
HP-UX 11.x is 64bit.
A 32 bit version can also be installed for hardware that doesn't support 64 bit.
Currently some D, K and T class servers support 64bit.
The new V class server is designed with HP-UX 11.x specifically in mind and doesn't support HP-UX 10.x / 32bit.
HP-UX11.x 64bit will still run 32 bit applications, but obviously vice versa does not apply.
Upgrading to HP-UX 11
HP-UX can be upgraded to release 11.x from 10.20 or 10.30.
You can also upgrade to HP-UX 11.x from 10.01/10.10, but this restricts you to the 32bit version of HP-UX 11.
STK
Software Transition Kit is a new tool designed to help you move C/C++/script code over to 64bit.
Networking
NIS+, a new version of the Networking Information Service (yellow pages), has been added. This has enhancements to security, administration and ability to scale larger networks.
lanconfig and ifalias no longer exist - ifconfig, lanadmin, lanscan and netstat have been enhanced.
DLKM (Dynamically Loadable Kernel Modules)
HP-UX has a new method for updating the kernel in order to facilitate dynamic changes for kernel modules.
SD-UX
Software update and maintenance has been signifcantly enhanced.
Commands such as swlist now have a GUI-like interface.
Patch management has been significantly improved:
Ability to rollback O/S patches
Ability to apply patches based on software installed already

Ignite/UX - An enhanced program to install HP-UX, replacing the previous method for HP-UX installation (cold install).
System Recovery
A new make_recovery command creates bootable system images (similar to the AIX mksysb command).
check_recovery lets you know if make_recovery needs to be executed again.
Dump devices can be dynamicaly configured.



10. Setting up a remote console

This is intended to describe the procedure for setting up a remote console for the S800.

The remote console allows Hewlett-Packard to perform remote support for your machine by enabling a remote or parallel console.

In order to configure a remote console, you will need an HP support modem that is connected on port 7 of the MUX or MDP. Alternatively, the modem can be connected to the back of the box on the Access Port.

In addition, please ensure that a 40233A cable is being used.
Enabling the Remote Console
Make sure that you are using the system console, and then follow this procedure:

    Issue a <CTRL-B> from the console:
    This should return the:
        CM>
    prompt, as well as a line on the bottom of the screen similar to this:
        RUN F01F REMOTE : disabled inactive multiple ACCESS FAULT : 00

    Check the access configuration, by entering the following command at the CM> prompt:
        CA
    This will return the following:
        current terminal mode identification : HP mode terminal do you wish to change it ? (Y/[N]) : _

    If you choose N, you will see the following information:
      current remote support modem port configuration :
          Bit rate : 9600 bits/sec
          Protocol : Bell
          System Identification : 'hostname'
      do you wish to change configuration ? (Y/[N]) : _

    Make sure that your settings accurately reflect:
        the same speed as your modem (eg. 9600)
        that the protocol is set to Bell
        that the system name refers to the hostname of the system that you're working on
    If these settings are not correct, modify them

    To enable remote access, enter the following command from the CM> prompt:
        ER
    This will return the following information:
      current remote console access configuration :
          remote CS : Enabled
          Mode : Multiple
          Password : test
          Password Faults : 03
      do you wish to change configuration ? (Y/[N]) : _

    The password option allows you to set passwords to provide additional security by prompting a user for a password prior to gaining access.

    If all these fields are appropriately set, do not change the configuration.

    You will now see the following message displayed :
      Remote console is now enabled.

    The status bar at the bottom of the screen should now indicate that remote access is enabled but still inactive:
      RUN F01F REMOTE : enabled inactive multiple ACCESS FAULT : 00

    Once you connect to the console via modem, it will change to ACTIVE.

    Issue a break signal to toggle between the remote and local console.
        On the local console hit the key (it is located in the  left hand corner of the keyboard)
        At the remote end of the connection, use this cu command:
          ~%break : actually type the word "break"
    This will now allow the remote connection to gain control of the console.

    Return to console mode be entering this command at the CM> prompt:
        CO
    Note that you must hit the key twice.

There are a variety of other useful commands that can be executed from the CM > prompt. In order to display the different commands that are available, type HELP at the CM> prompt.



11. Using HP-UX 10.20 as DCHP server for Win95 clients

How do you get the DHCP server to pass the default gateway and DNS information to its clients?

The solution is to use the sample file, located in /usr/newconfig/etc/dhcptab, copy it to /etc/dhcptab, and edit it according to your wants and needs.



12. Extending the root partition

How do I extend (enlarge) the root partition which is located on a logical volume, the problem being that you can't umount the root partition.

Here are 3 solutions to this commonly asked problem.

Solution 1:
One can purchase HP IgniteUX which will also do the job, alas after paying money for this product.

Solution 2:
Remove all things that are not needed on the root partition so you create additional space, e.g. clean up /tmp, symlink various files and/or directories, etc and create the space you need in this way.

Solution 3:
If you are using LVM there is a work around to extend the root LV.

Boot the system in single user mode and extend the root using the lvextend command and it will extend the root logical volume.

Make sure that the space to extend the root LV is available in the same disk as continuous physical extents because the root volume allocation poicy must be contigous.

If the adjacent physical extents are occupied by any other LV move that logical volume to some other disk using pvmove command.
#pvmove -n /dev/vg00/lvolx /dev/dsk/c0txd0 /dev/dsk/c0txd0

Shutdown the machine and interrupt the normal boot process by pressing any key if it is a S800 system and if it is S700 use "esc" key.

From the boot admin prompt type boot pri isl you will get the isl prompt
ISL> hpux -lm

This will take you to the logical volume maintanence mode. Don't try to mount any logical volume and don't switch to multiuser mode or a different runlevel.

The root LV will now be mounted on /dev/root instead of /dev/vg00/lvolx

Now you can execute the extendfs command on the root logical volume:
# extendfs -F hfs /dev/vg00/rlvolx

Note down the alternate superblock locations and reboot the macine using
#reboot -n -------------- DONT MISS THIS STEP.
This will cause the system to not sync the old superblock back to the filesystem and damage it.

When you boot the system normally now you will get all the allocated space for the root filesystem.

Now you will notice that the root volume is still mounted on /dev/root rather than /dev/vg00/lvolx. To correct this you remove the /etc/mnttab and you will find bdf now displays the correct logical volume.



13. Retreiving data from an old root disk

Assumption:
Original root disk: 4 Gb LVM/HFS SCSI ID 6
New root disk, 4Gb LVM/HFS SCSI ID 6 with a freshly installed HP-UX.

We want the system to run with (only) the new disk, but there is data on the first disk that have to be transferred from the original.

Solution:
Boot from disk one with ID 6. Break the boot process and interact with IPL. Enter the boot string
hpux -lm stand/vmunix -is
Issue the commands: pvck -y /dev/dsk/c0t6d0 and vgchange -a n vg00 to prepare the original disk
Halt the system
Change SCSI ID of the original disk from 6 to any free ID, say 5
Connect both disks then power on
Boot from the new disk with ID 6. Break the boot process and interact with IPL. Enter the boot string
hpux -lm /stand/vmunix -is
mkdir /dev/vg0x
mknod /dev/vg0x/group c 64 0x010000
vgimport -v vg0x /dev/dsk/c0t5d0
vgchange -a y vg0x
mount /<mountpoint> /dev/vg0x/lvolx

Breakdown:
What this does is allow you to change the volume group of the original root disk from vg00 to vg0x. You can then vgimport this and mount the old file systems to get the data you need.

A much simpler method is to back up the data you want saved before you replace the old disk!



14. HP Certification help

Here are some tips on studying for HP-UX Certification:

    Get the sample questionnaire from the HP web site and work it out. Only very few questions will come from that.
    Take online seminar from HP ( 2 hours ) vist the following site http://192.151.11.38/pw/pod/hp-pa5-r02-slides/cert_aniekan1/set.html
    Read HP-UX system administration manual page to page (HFS,JFS,Startup,Shutdown, boot lv preparation,etc.) It will of great help.
    Read HP-UX install & configuring Internet services ( DNS,NTP, Subnet, patch)
    Visit docs.hp.com for the ics not covered in these two books.
    Fundamentals of unix ( shell scripts, Vi ) ,, general unix knowledge if enough.

Prepare answers to the following questions:

    Default packet size for ping
    How many servers (maximum) can be specified in /etc/resolv.conf ?
    When you create a file in unix, by default what permissions will be applied to it? How do you change this setup?
    Can a non-root user influence the job priority?
    How to display all the lines in a file not matching with a string
    How does jfs filesystem write into log file, i.e before updating on the disk or after updating?
    How do you supply a cron job
    Significance of at.allow, at.deny and their priority
    What will linkloop command do?
    Which command will show socket status?
    How much time does a client wait if none of the servers specified in /etc/resolv.conf are responding for name query?
    How do you disable or enable ARPA/BSD services
    Significance of /var/adm/inetd.sec
    For a given subnet mask ,how may hosts can be incorporated in a subnet.
    What subnet mask should be assigned to a network to get a required number of hosts in a subnet?
    What is fsck -o full,nolog used for?
    NFS export options
    How do you setup secondary DNS server
    What daemon will run only on primary NIS server?
    How do you update maps on secondary NIS?
    What is stale file handle error in NFS?
    What is command line argument in shell scripting?
    What is syntax of adding a new route?
    Can NIS work with out NFS ?. Vice versa?
    IS TCP/IP needed for NFS, NIS
    What does zz and wq mean in vi
    How do you combine results of two commands, ( e.g.. date + id ) using shell script.
    What is the effect of /etc./hosts.equiv on root user
    How do you do a full fsck on vxfs ( fsck -o )
    Can fsck be used for hfs & vxfs ( yes )
    How do you find available size for creating lvm ( vgdisplay)
    What can NOT be done using SAM.
    Run level for NFS (3)
    What is the FS type for /stand ( hfs )
    What command for listing pathces installed.
    Steps involved in building new kernal.
    Steps involved in extending online jfs ( no umount required)
    Default hp-ux shell ( posix)
    How do you list & create special files ( mksf, lssf)
    TFTP, bootp



15. IPD Contains Duplicate Definitions for Products

cleanup or cleanup -i work great if you have an IPD that is not corrupt. However you will have to do the following for a corrupt IPD:

    cd /var/adm/sw/products directory and look for duplicate product directories. These have .2 at the end of the directory name. Also look at the pfiles/INDEX files in both directories to verify they really were the same. Don't always assume that a .2 directory is a duplicate, however. You'll have to verify that the directories are incorrect by looking at the contents of them.
    Assuming that all of the .2's were incorrect entries in the IPD, move these directories to a temporary location.
    mv INDEX INDEX.OLD - this is the real IPD, built from the directories
    vi void.psf - create a package specification file with the following in it.
    product
    tag void
    fileset
    tag void
    swpackage -s void.psf - create a void package
    swinstall void - install the void package. This command actually senses the fact that the INDEX file no longer exists, and rebuilds the IPD from the directories in /var/adm/sw/products. Obviously, it will only be as accurate as what is in that directory structure, so great care must be taken to ensure you remove the right stuff.
    After swinstall completes, do a 'swlist -a state -l files | more' to verify all the file sets are configured. Also, do 'swlist -l product' and/or 'swlist -l fileset' to verify all your products and fileset are installed properly. If you really want to feel safe, I would suggest these commands be performed prior doing anything and that way you have hard copy of what the IPD looked like before it was touched.



16. Determine block size of logical volume

To determine the block size of a logical volume's read/write buffers run:
fstyp -v {disk/lvol}



17. Replacing a boot disk and keeping the old info

The easy way is to use Ignite/UX, but if you don't have that:

Manual procedure:

    Find an available Volume Group number:
    # ll /dev/*/group

    crw-r----- ... 64 0x000000 Oct 8 1996 /dev/vg00/group
    crw-rw-rw- ... 64 0x010000 Oct 30 1996 /dev/vg01/group
    crw-r--r-- ... 64 0x020000 Oct 30 1996 /dev/vg02/group
    crw-r--r-- ... 64 0x020000 Oct 30 1996 /dev/vgtest/group
    the two hex digits after the "0x" are the VG number, 00,01,02 in the above listing from my system, so "03" would be the logical choice.
    Create a new VG
        mkdir /dev/vgboot
        mknod /dev/vgboot/group c 64 0x030000
        Note the new VG number!
        pvcreate -B /dev/rdsk/cItTd0
        Make LVM disk and reserve boot area
        vgcreate vgboot /dev/dsk/cItTd0
    Put LIF boot stuff and AUTO boot string on it.
        mkboot /dev/rdsk/cItTd0
        copy any other LIF stuff for f in `lifls /dev/rdsk/c0t6d0` ;
        do lifcp /dev/rdsk/c0t6d0:$f /dev/rdsk/cItTd0:$f ;
        done
        (assuming that your current boot disk is /dev/rdsk/c0t6d0)
        mkboot -a "hpux (;0)/stand/vmunix" /dev/rdsk/cItTd0
    Create your logical volumes on the new disk that correspond to the LVs on the current root disk: lvcreate -l 40 -n stand -r n -C y /dev/vgboot
    lvcreate -l 300 -n swap -r n -C y /dev/vgboot
    lvcreate -l 48 -n root -r n -C y /dev/vgboot
    (note the contiguous allocation and no BAD-block-relocate)
    lvcreate -l 400 -n usr /dev/vgboot
    lvcreate -l 100 -n tmp /dev/vgboot
    lvcreate -l 200 -n opt /dev/vgboot
    etc.....
    You can take this opportunity to adjust the sizes as you wish.
    Create filesystems on the new LVs created in 3., above newfs -F hfs /dev/vgboot/rstand
    newfs -F vxfs /dev/vgboot/rroot
    newfs -F vxfs /dev/vgboot/rusr
    newfs -F vxfs /dev/vgboot/rtmp
    etc....
    Note: here, that you have the opportunity to make root and the other "system" filesystems JFS (Journaled FS), which is highly recommended. /stand must remain HFS
    mount the new filesystems into temporary directories
        mkdir /tmp_mnt
        mkdir /tmp_mnt/root
        mkdir /tmp_mnt/usr
        mkdir /tmp_mnt/tmp
        ...
        mount /dev/vgboot/root /tmp_mnt/root
        mount /dev/vgboot/usr /tmp_mnt/usr
        mount /dev/vgboot/usr /tmp_mnt/tmp
        ...
        Set permissions on the root directory of each filesystem the same as is currently set: chmod 755 /tmp_mnt/root ( or whatever
        chmod 555 /tmp_mnt/usr you currently have)
        *** chmod 777 /tmp_mnt/tmp
        ...
        ******************************************
        NOTE : You probably will not be copying /tmp,
        BUT BE SURE TO MAKE IT WORLD WRITABLE :
        # chmod 777 /tmp_mnt/tmp
        ******************************************
    now copy the filesystems:
        use 'cpio' on root filesystem:
        cd / ; find . -xdev -hidden | cpio -pdmux /tmp_mnt/root
        I prefer fbackup for the others (it gets ACLs):
        (cd /; fbackup -i stand -f -) | (cd /tmp_mnt; frecover -r -f -)
        (cd /; fbackup -i var -f -) | (cd /tmp_mnt; frecover -r -f -)
        etc.....
    update BDRA for vgboot PVs:
        lvlnboot -r /dev/vgboot/root /dev/vgboot
        lvlnboot -b /dev/vgboot/stand /dev/vgboot
        lvlnboot -s /dev/vgboot/swap /dev/vgboot
        Check config:
        lvlnboot -v vgboot
        Boot Definitions for Volume Group /dev/vgboot:
        Physical Volumes belonging in Root Volume Group:
        /dev/dsk/cItTd0 -- Boot Disk
        Root: root on: /dev/dsk/cItTd0
        Swap: swap on: /dev/dsk/cItTd0
        No Dump Logical Volume configured
    Update the fstab file on the new root filesystem to reflect the new logical volume names, particularly the VG portion thereof:
    vi /tmp_mnt/root/etc/fstab
    /dev/vgboot/stand /stand hfs defaults 0 1
    /dev/vgboot/swap ... swap pri=1 0 2
    /dev/vgboot/root / vxfs rw,suid,delaylog,datainlog 0 2
    /dev/vgboot/usr /usr vxfs rw,suid,delaylog,datainlog 0 2
    ...
    Boot off the new disk to see if it works !!!!
    You'll have to interrupt the boot process and specify the path to the new disk as the boot device.



18. Altering the baud rate of a serial interface

PROBLEM:
How can I permanently set the baud rate of a serial port? Every time I set it and then check it, it is set at 300 baud.

SOLUTION:
Execute the following two commands:

    nohup sleep n < tty_port &
    stty baud_rate < tty_port

where

    n is a large number, for example, 999999999. This sleep command holds the port open for n seconds.
    tty_port is a serial device file, such as /dev/tty01.
    baud_rate is the speed at which data will be transmitted over the line, such as 1200, 2400, 9600 or 19200



19. HP-UX Mailing List

The HP-UX mailing list can be found at: [email protected]
Place one of the following in the body of the message:
   subscribe hpux-admin email-address
   subscribe hpux-admin-digest email-address



20. swinstall not finding target

swinstall needs to be able to do a reverse lookup of the hostname. If DNS is not resolving properly try to rename /etc/resolv.conf and ensure that /etc/hosts has a fully qualified domain name. If this still does not work try to restart swagentd:
   # /sbin/init.d/swagentd s
   # /sbin/init.d/swagentd start

If you have had to break the install part way through you may need to remove the file in /var/adm/sw/products/swlock.



21. Using both DNS and /etc/hosts

To run both DNS and /etc/hosts you need to set up the /etc/nsswitch.conf file. The easiest way is through SAM, but it can be done by adding the line:
hosts: files [NOTFOUND=continue UNAVAIL=continue TRYAGIAN=continue] dns
to nsswitch.conf.



22. Patch install hangs

If trying to install a patch on HP-UX 10.20 and the system just hangs, check to see if MeasureWare is running.
The MeasureWare Agent often hangs the swinstall process at the Analysis stage.

First you will need to kill the swinstall.
Remember to remove the lock file: /var/adm/sw/products/swlock.
Next disable MeasureWare via "mwa s".

You should now be able to install the patch.
Finally, restart MeasureWare with "mwa start" to restart.

You may also find that the



23. Adding new devices

When adding new devices, remember to check the kernel subsystem (using SAM) and ensure there is kernel support for the device.



24. swinstall not finding target

swinstall uses an IP lookup to determine the hostname.
For swinstall to work correctly you need to be able to do an nslookup of the IP address.
If you are using /etc/hosts, fix the problem.
If you are using DNS you can either fix the DNS entry or temporarily disable DNS by renaming /etc/resolv.conf.
After the nslookup has been resolved do an /sbin/init.d/swagentd s/start.



25. Limiting the size of core dumps

To completely suppress core dumps:

Bourne-style shells: "ulimit -c 0"
C-style shells: "limit coredumpsize 0"

If you want to limit dumps to a specific size, specify a number instead of 0, in blocks for Bourne-style shells, or kilobytes for C-style shells.



26. Adding additional interfaces to a LAN

First you need to install patch PHNE_12492 to get a command called ifalias. Once you have that patch installed, do the following to add an additional IP:
    ifalias lan0 add <ip address>

However, this doesn't stick after a reboot. There is a script to fix this posted in the HP-UX mailling list archive at:
http://www.dutchworks.nl/htbin/hpsysadmin?h=3&dn=45061&q=ifalias&fh



27. S logging of messages in syslog

I had a problem trying to s ftp messages being logged to /var/adm/syslog/syslog.log. Initially I tried playing with /etc/syslog.conf but was pointed in the right direction by the list. The actual file to edit was /etc/inetd.conf. Check for a -l option. Removing the -l should s the logging. Use inetd -c to re-read the config file.



28. Finding ports not listed in /etc/services

To find open ports that are not listed in /etc/services try using lsof to find out exactly what it is.
You can get lsof from the HP porting and archive centre at http://hpux.cae.wisc.edu/.

Try this:
lsof -i TCP|grep ":<port number>"
...to get the image name and PID of the offending process, then just use ps to find out what the heck it is.

Here's a (real) example:
------
root@box> nmap -sT box
...
911 open tcp unknown
...
What the heck is running on port 911?

root@box> ./lsof -i TCP|grep ":911 "
SLSd_daem 1156 root 4u inet 0x02ca2900 0t0 TCP *:911 (LISTEN)

Aha! SLSd_daem, PID 1156 is listen()ing on port 911.

root@box> ps -AHo user,tty,ppid,pid,args|grep 1156
root pts/0 3065 3100 grep 1156
root ? 1 1156 /usr/bin/X11/SLSd_daemon
root@box> I know where you live, SLSd_daemon.
------

Check out the following URL for an authoritative list of port numbers
http://www.isi.edu/in-notes/iana/assignments/port-numbers



29. How to add a jetadmin printer from command line

This is simply done with the command:
/usr/hpnp/bin/addqueue -i TYPE -q QUEUE_NAME -h HOST_ADDRESS
The TYPE option comes from the list of printer types given by jetadmin but is not needed.
To remove a printer you use the related: removequeue



30. Converting /usr to vxfs

    Create a new partition
    "newfs -F vxfs" it
    Mount it (anywhere - say /mnt)
    Use your favourite backup/restore tool to copy /usr into it
    Modify /etc/fstab to mount this new usr onto /usr
    Reboot

The rest of the process is a gimme - newfs the old /usr, mount & copy stuff back, put /etc/fstab how it was then reboot.

General consensus on the HP-UX list is that this will work - and several people have done it.
You can also use Ignite do achieve the same thing.



31. Wiping a hard disk

On HP-UX the best way to wipe a disk is to use: mediainit
Check the man page for details.



32. FTP: Access Denied

This is a little FTP "gotcha". If you are getting the message: FTP: Access Denied, check your /etc/shells. If there is no entry ofr a user's shell in this file they will not be able to remote login.



33. Finding the MAC address

arp -a will tell you



34. Getting rid of stale nfs file handles

Run the command:
#fuser -uck /<filesystem>



35. FTP umask setting

The ftp daemon (ftpd) uses an internal umask setting, the default being 027.
This may be changed by editing the ftpd entry int the /etc/inetd.conf file. For example to change ftpd umask to, say, 022 in /etc/inetd.conf:
    ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -u 22
Restart inetd (inetd -c)



36. Copying printers between servers

To keep consistancy between servers/workstations here is a method to have all servers with the same printer config:

    On the source server/workstation where you have printer configured make sure that the print queue is empty.
    Shutdown the spooler
    tar/cpio "/etc/lp" and "/var/spool/lp" on the source server and startup the spooler.
    Restore the tar/cpio of /etc/lp and /var/spool/lp from source on to the destination workstations after shutting down the spooler.
    startup the spooler



37. Entering username and passwd with CAPS LOCK

This gettydef allows a user to log into a unix user account with caps lock on (password must also be entered with caps lock on), and receive the password prompt as normal: "Password:", not as "\PASSWORD:".
The unix account name and password MUST be truely entered in lower case (in the /etc/passwd file) originally. The key was to eliminate OPOST output processing. This, combined with the user name and password in /etc/passwd in lowcase, and a mod to the .profile file handles it all beautifully!

UCgoofy #B38400 CS8 CLOCAL HUPCL IGNPAR ICRNL IXON OPOST ONLCR CREAD
            ISIG ICANON ECHO ECHOK ISTRIP IXANY TAB3
     #B38400 CS8 CLOCAL HUPCL IGNPAR BRKINT ICRNL IXON IXOFF CREAD
            ISIG ICANON ECHO ECHOK TAB3
     #login: # UCgoofy

In order for the user to use the system as a non-caps-locked terminal, they will have to have the following entries in their profile:
stty sane
stty opost onlcr
stty erase "^H" intr "^C"



38. Is a system in trusted mode?

How do you tell if a system is in trusted mode or not? Try looking at these two:
man iscomsec
/usr/lbin/getprdef -r



39. Mounting a filesystem in a recovery shell

You need to use loadfile and get /sbin/fs/hfs/* and /sbin/fs/vxfs/* to be able to mount filesystems in a recovery shell.



40. Clearing the /var/opt/hparray logs

I have had the situation with a Model 12 AutoRAID on a K-class running HP-UX 10.20. /var was getting a little to full for my liking and I have found that /var/opt/harray/log is taking up the most space. There are tools in /opt/bin/hparray, namely logprint and arraylog that are supposed to clear this. What I eneded up doing, however, was to delete all files in that directory and then touch LOGCATLG to recreate it. If you don't do the touch, ARMServer supposedly won't restart correctly. I did the delete and touch and had no problems.

====

HP-UX CHECKLIST

Reference :www.auditnet.org/docs/HPUX.doc

DEFINITIONS:

kernel Is the piece of software that controls the computer and is often called the operating system

shell Is a command interpreter and a program such as sh, csh, ksh, rsh, and tsh

driver Is a program that enables the kernel to communicate with a given type of peripheral

/dev/kmem Is a special device file that allows access to the ram locations occupied by the kernel

/ The root directory

/dev The /dev directory contains the devices attached to UNIX

/bin The /bin directory contains a small subset of HP-UX commands

/etc The /etc directory contains many files including the passwd file

/tmp The /tmp directory is used for temporary file storage

/etc/inittab Contains information about system run levels and also has a entry for each terminal

Example: 04:2:respawn:/etc/getty tty10

04 = id

2 = operating system level

respawn = action

/etc/getty = program to execute

/etc/rc Defines actions taken during startup

/etc/passwd Determines who can log into your system

root:r832uq8io3rt6:0:1:Root System Owner:/:/bin/sh

/etc/group Identifies the users that form a group

audit:*:25:frank,anne,katie,michaella

/etc/ttytype A database of terminal types

.exrc Maps terminal characteristics and sets up key definitions

/etc/motd Contains the message of the day

/etc/profile Execute automatically during the login process

&

/etc/csh.login

APPENDIX C HP-UX CHECKLIST

DEFINITIONS:

.profile Executes each time the user successfully logs in using the Bourne(sh), Korn(ksh), or rsh

.kshrc Korn shell script that supplements actions taken by the .profile file

.cshrc Executes when a new C shell (csh) starts

.login Executes when a C shell user logs in, after .cshrc

newgrp Command that allows the user to attach to a new group. If the user is listed in the group

then they can attach. Otherwise they may supply a group password (be careful with this

option as someone may try to break the password on a group).

permissions Everything in UNIX is treated like a file. That is a data file is a file, so is a directory, so is

a terminal, so is a modem, and etc. Each of these is identified by the file type. The file types

are:

d = directory

- = a data or program file

c = a character file

b = a block file

l = a symbolic link

p = a pipe or FIFO

You can obtain this information by running the ls -l command

$ ls -l memos

-rwxrwxrwx 1 frank audit 456 Jan 7 12:45 memos

The first digit is the file type

The second through the 10 digit are the permission

rwx for owner which is frank

rwx for group which is audit

rwx for other which is not shown but represents authorities for all other

chmod Command to change the permissions on a file

chown Command to change the ownership of a file

umask Default permission levels for all new files created

crontab Automate job processing. Each entry contains the following information:

minute 0-59

hour 0-23

dates 1-31

months 1-12

days 0-6 0=Sunday

runstring specifies the command line or script file to execute

An entry of ‘*’ means all values for that entry

APPENDIX C HP-UX CHECKLIST

I. Preliminary Steps

A. Obtain an organizational chart of the group responsible for the operating environment.

B. Obtain any existing security and control procedures

C. Obtain a description of the network configuration

D. Obtain a listing of the various systems (applications) supported by the operating system

E. Obtain a job description of the System Administrator

II. Installation Audit Steps

A. Review any design criteria for system security.

B. Determine whether the user access is controlled through the operating system, the database

management system, or the application front-end menu system.

C. Determine what documentation standards exist and whether they are being followed.

D. Determine who acts as the Security Administrator for the operating environment.

E. Determine the standards for password management and construction.

F. Review any existing security guidelines for users, groups, and functions.

III. Physical Security

A. Review the network configuration to ensure that all network components are physically secured.

These include File Servers, Bridges, Routers, Hubs/Concentrators, Gateways, Terminal Servers, andModems.

B. Determine who is responsible and what documentation is required for configuration changes to thephysical network.

Are these procedures effective?

Are the changes to the network documented?

Are users and other impacted parties properly notified?

C. Ensure that only the System Administrator or other authorized personnel have physical access to the file server console as the system can be rebooted from the ‘A’ drive and a new root passwordcan be supplied.

APPENDIX C HP-UX CHECKLIST

IV. System Administration

A. Identify all the System Administrators.

$grep :0: /etc/passwd

B. Determine that each administrator requires this level of authority.

C. Determine the change control procedures over changes to users, programs, menus, authorities,user scripts, hardware and system software.

D. Determine that the proper person or group is responsible for monitoring the network that support thefile server.

E. Determine that the proper person or group is responsible for system shutdown and backups.

F. Determine if the System Administrator is supported by a backup or at a minimum their userid/password are kept in a secured location in case of an emergency.

G. Determine who is responsible for maintaining license agreements and if all agreements are being met.

V. System Security

The System Administrator’s interface for the HP-UX system is System Administrator Manager (SAM). You can invoke SAM by keying /usr/bin/sam

A. During the initial installation did the System Administrator create Product Description Files (pdfs)for each product fileset installed on your system? These pdfs will be used to certify that onlyauthorized changes have occurred to the system.

The pdf files contain a single-line entry for each file having the following information:

field comments

pathname Absolute pathname

owner Ether symbolic or numeric ID

group Either symbolic or numeric ID

mode Symbolic representation as displayed by the ls -l command

size Size of the file in bytes. Major and minor numbers are listed for devices

links Number of hard links to pathname

version Numeric value, reported by what(1).

checksum File contents computed by a checksum algorithm. This field reflects the

slightest change to a file, even a single character.

linked_to Indicates whether the file has symbolic or hard links

Producing pdf files is a simple task involving the use of the mkpdf command. The resulting pdfs will reside in files named /system/$fileset/pdf where $fileset is the name of the original file.

To run a consistency check use the pdfck command. The pdfck does not produce any output unless it finds a discrepancies.

APPENDIX C HP-UX CHECKLIST

B. Determine if the system is running in a secured (trusted) mode. To run a trusted system the System Administrator must run the conversion program which creates the following files:

/.secure/etc/passwd For the password file

A trusted environment converts the primary password file’s encrypted password /etc/passwd to the /.secure/etc/passwd file and replaces the password field in the /etc/passwd with an ‘*’.

In addition, it forces all user to use passwords, creates an audit ID number for each user, sets the audit flag on for all existing users, and converts the at, batch, and crontab files to use the submitter’s audit ID.

C. Determine if auditing has been enabled. Use SAM by selecting the “Auditing and Security” window to review the audit status of users, events, or system calls. By default the audit status of all users is set on. Review the audit status list to determine if it is proper set for your environment.

Auditing data is collected in the /.secure/etc/auditlog_1 file.

Determine if minimal set of auditable events is turned on for Login, Moddac, and Admin.

Login pertains to the following system calls.........................login, init

moddac pertains to the following system calls......................chmod, chown,umask, setacl

admin pertains to the following system calls.........................stime, cluster, swapon, settimeofday sethostid, privgrp, setevent, setaudproc, audswitch, setaudid, setdomainname, reboot

D. Review the audit logs to determine if any unauthorized event has occurred.

E. Review the inittabs to ensure that only authorized entries are present and that access is properly restricted.

$cat /etc/inittab

F. Review all the rc. scripts to ensure that only valid programs are executed within these scripts.

G. Review the sulog to look for suspicious activity

H. Ensure that the system backup is done on a regular basis and that the backup files are properly stored.

APPENDIX C HP-UX CHECKLIST

VI. Account Security

In traditional HP-UX systems you can use the ls -l command to list off the permissions for a directory or a file. On a secure(trusted) system you can use the lsacl command to see what permissions are associated with a given file, and the chacl command to change the access control lists of the file. ACLs are attached to files or directories to allow the Security Administrator to assign discrete authority to individuals or groups.

A. Review the access control permission on the critical system directories and files. In addition, reviewthe access control permissions on the application’s directories and files.

Example:

$ lsacl memos

(frank.adm,rw-) (anne.%.r--) (%.acct, r--) (%.%,---) memos

The user frank while in the group adm has read and write permissions on memos.

The user anne while in any group(%) has read permission on memos

Any user (%) in the group acct has read permission on memos

No other user (%) from any other group (%) has read , write, or execute permissions on memos

The chmod command can still be used to change the permissions for owner and primary group. But to protect the ACL list you must use the chmod -A option to retain the additional ACLs. The lsacl command will list all of the owners, primary groups, and other users that have access to the file in

question.

If you execute a command such as

$ll -d payables

drwx------+ 1 frank adm 345 Jan 7 7:47 payables

The plus sign (+) after the permission modes indicates that ACLs are set on the directory.

B. Review the users or groups who have write authority into a directory or file.

C. Review the umask value for a 027. This is located in the /etc/profile and the user’s .profile.

The /etc/profile is a file that is executed each time a user login to the system. The umask

variable is only one entry in this file. The PATH variable may also be listed. The PATH

variable should also be review to ensure that the path search is proper.

D. Review the system for setuid and setgid programs. Compare the list against a certification list of

authorized programs. Use the find command to look for these type of programs especially root owned setuid or setgid programs.

$ find / -user root -perm -4000 -exec ls -l {} \;

This find command will list root owned setuid programs

$ find / -user root -perm -2000 -exec ls -l {} \;

This find command will list root owned setgid programs

APPENDIX C HP-UX CHECKLIST

E. Password Security

Check to ensure that all users have a password.

Check to ensure that all users are using the shadow password system.

Check to ensure that no user ID are duplicated.

Review all accounts with a UID of ‘0’

Determine if all users listed in the /etc/passwd are still valid.

Determine if the password aging criteria is adequate

Password aging is enabled by placing the necessary information in the password field

Determine if all passwords are at least six characters long

Determine if all passwords are run against a ‘hacker dictionary’ before being accepted initially or whenchanged.

F. Pseudo-Accounts

Most UNIX systems have pseudo accounts that are not associated with an individual user and do not need to have an interact login shell. Be sure that the password field is properly protected by not allowing anyone to signon to these accounts. By placing an ‘NP’ for no password within the password field, these accounts cannot be signed onto. Determine if accounts such as the following have been removed from the /etc/passwd file:

date

who

sync

tty

Other entries must remain as pseudo users such as:

bin

daemon

adm

uucp

lp

hpdb

APPENDIX C HP-UX CHECKLIST

G. Home Directories

Ensure that the user’s home directories and files are not writable by anyone except the owner or root Ensure that the .profile .cshrc, and .login files are not writable by anyone other than the owner

Investigate and remove if possible the use of any .rhost files within the user’s home directory

Ensure that .netrc file is not used as the it allows for the user to bypass the .login authentication for remote login and even contains the user’s unencrypted password. If it is used and is required it should not be read or writable by anyone other than it’s owner.

Ensure that root’s .profile has a proper PATH variable with no ‘dot’ as the first entry.

A good PATH A bad PATH

PATH=/bin:/usr/bin:/etc PATH=.:/bin:/usr/bin:/etc

VII. Network Security

A. Review the /etc/exports file to see which files can be mounted by another machine.

The /etc/exports file lists entries that consist of the path name of a file system followed by a series of names of computers and names of groups of computers. To identify the groups of computers list off the contents of the /etc/netgroup file.

Each one line entry should have two fields. The first is the name of the file system being exported.

The second and subsequent name the system to which the file system can be exported. If fewer than two fields are present, the file system can be shipped anywhere in the world.

B. List the /etc/hosts.equiv file to verify the names of other computers that can allow their users to signon to this host without providing a password.

Verify that each of these other hosts do not extend unauthorized privileges to another user or node.

C. Determine if an administrative domain has been set up.

If so, verify that root is controlled on each local host otherwise someone can obtain root

authorities on any machine within the domain.

Verify that consistency is maintained for user name, uid, and gid among password files in the domain.

Verify that consistency is maintained for group files on all machines within the domain.

 

APPENDIX C HP-UX CHECKLIST

D. Verify permission settings on network control files

The following files should never be writable by public:

networks Network names and their addresses

hosts Network hosts and their addresses

hosts.equiv Remote hosts allowed access equivalent to the local host

services Services name database

exports List of files systems being exported to NFS clients

protocols Protocol name database

inetd.conf Internet configuration file

netgroup List of network-wide groups

E. Review the use of UUCP

F. Review the use of anonymous ftp

G. Review the use of tftp

H. Modem security

Use of a smart card or some type of secured dial-back

Use of an additional password

Kept access list current

VIII. Device File Security

A. Check the /dev directory for special devices that do not have the proper permission settings.

B. Ensure that all devices only reside within the /dev directory.

C. Ensure that access to device such as mem, kmem, and swap are properly protected.

D. Terminal ports on UNIX systems may be writable by anyone, so you can allow users to

communicate by using the write or talk programs. Only the owner should have read permissions.

E. Ensure that an individual user does not own any device except for their terminal device or local printer.

IX. Batch Jobs Security

A. Scheduled jobs within the UNIX environment are setup in a file called the crontabs. This file has aone line entry for each job to be executed at a given time. This file, especially the one owned by root, should be reviewed to ensure that only valid entries and jobs are run.

B. Other jobs can be run with the at command. Determine if the at command is restricted by reviewing a file called at.allow and at.deny

 

APPENDIX C HP-UX CHECKLIST

X. Log File

A. Using the last command you can review the last login attempts on the system

B. Use the /etc/wtmp to review connection session

$ fwtmp < /etc/wtmp

C. Review the /usr/adm/messages for “BAD” login attempts

D. Check to see if accounting is turned on

The accton turns on accounting

E. Displaying process accounting records

The acctcom will allow you to display records from any file containing process accounting records

 


 

Reference:

#http://www.datadisk.co.uk/html_docs/hp/hpux_cs.htm

#http://networktechnologist.com/tips-hpux.html

#http://www.cyberciti.biz/

#http://hpux.ch/index.php/Main_Page

#http://users.cis.fiu.edu/~tho01/psg/hpux.html

#http://www.unixguide.net/unixguide.shtml

#http://www.pimpworks.org/hp/hpuxtips.html

#http://www.thegeekstuff.com/2010/06/install-remove-depot-packages/