Points to remember :
1. Patch names always start with the characters PH.
2. Next 2 characters show the patch type.
Here are the types ...
a. Command Patches - CO
b. Kernel Patches - KL
c. Network Patches - NE
d. Subsystem Patches - SS
3. After this, there is an underscore and a 4 or 5 digit patch number
4. You have to reboot the system after the kernel patch installation.
Few Examples,
PHSS_14526
PHCO_16253
PHKL_16542
How to download the patches ?
1. You can download the patches from the the below ftp server
ftp://us-ffs.external.hp.com/hp-ux_patches
Or you can order a patch cd-rom from HP
2. HP-UX patches are distributed as shar files. So after thhe download, you have to use 'sh' command to unshar it to get 2 files with extensions .text and .depot.
3. The .text file is the patch description file which contains
a. Patch name, description
b. Date of creation and general availalibity
c. Hardware Platforms
d. Automatic Reboot : To findout whether the system will be reooted after the patch installation
e. Status : Shows whether it is a general or special release
f. a lot more
4. The .depot file the actual patch file.
How to list the applied patches ?
To show all the applied patches :
#swlist -l patch
To show all categories of available patches that includes category objects in their definition :
# swlist -l category
How to copy the patches to the software depot ?
To copy the patches to the software depot :
# swcopy -a PHKL_14235.depot PHKL_14235 @ /var/spool/sw
How to install the patches ?
You can install patches using swinstall command using the same way like we isntall the regular softwares.
How to remove the patches ?
To remove the applied patches :
# swremove -d PHCO_45879
To remove the patches located in a software depot in a remote machine :
# swremove -d PHKL_45879 @ server1:/depots/
Software Depot Management :
To register a software depot :
# swreg -l depot /depot/hp-ux11i-v3/
To unregister a software depot :
# swreg -u -l depot /depot/hp-ux11i-v3/
Friday, December 18, 2009
Software & Patch Management in HP-UX - Part 1
Software and patch management in HP-UX is done using HP Software Distributor called SD-UX. This is a set of commads, utilities, also the definitions of software packages, bundles. It got a several set of commands for the installation, removal, listing and the verification of softwares and patches. You can even setup a server as a central software server so that client HP-UX machines can do software installtion thru the network.
Few Common Terms in SD-UX :
Fileset:
It is the smalled installable software unit. It consists of files and control scripts. It can belong to only 1 product, but can be included multiple subproducts and bundles.
Here is an example: Keyshell.KEYS-END-A-MAN B.11.30
where
1st field is the fileset name
2nd field is the fileset version
Sub-Product:
Subproduct is nothing but the logically related filesets.
Here is an example:
X11.MessagesByLang X11 Localized Messages
This subproduct contains the filesets for X11 messages in several languages.
Product:
It is nothing but a set of filesets. In another words, it is a superset of filesets / subproducts.
Here is an example ,
X11 B.11.30 HP-UX X Windows Software
where
X11 is the product name
B.11.30 is the product version
third field is the product description
Bundle:
It contains filesets that may belong to different products. Bundles are usually packaged by HP for the software distribution.
Here is an example,
OnlineDiag B.11.20.06 HP-UX 11.0 Support Tools Bundle
Software Depot:
It is the place where filesets, products and bundles are kept. It can be a directory or cd-rom or tape. By default, the software depot is /var/spool/sw. You can also maintain software depot on a central server for the installtion over the network. You can have multiple software depots in a server for different purposes or applications. You can add new softwares to the depot and install them whenever required.
Points to remember:
1. SD-UX keeps stores all the information about the installed software and catalog files for software in depots in a database called Installed Product Database (IPD).
2. SD-UX commands create, modify the IPD and cataog files.
3. IPD is located in /var/adm/sw/products.
What is Protected Software and How to install it ?
HP provides certain software in protected mode. HP will provide you the codeword and your customer id for installing that software. codeword is based on the customer id, product id and the part number of the software storage medium.
You need to mention the customer id and codeword for the firsttime you install the software. At that time, the codeword gets stored in /var/adm/sw/.codewords file. After this, you dont have to mention the codeword for installing that software (from that particular cd-rom media) in that machine.
Software Agent Daemon :
Software installtion is controlled by the daemon called "swagentd". You need to have this daemon running for the installation of the software in HP-UX.
Whenever you execute swinstall command, it contacts the swagentd daemon which starts a software agent called swagent. If the installation over the network, the local swagentd daemon contacts the daemon running on the other machine.
This daemon gets started at runlevel 2. Hence its not possible to install the software in single-user or maintenance mode. If you need to install software in single-user mde, first you have to manually start this daemon.
To start swagentd :
# /sbin/init.d/swagentd start
To stop swagentd :
# /sbin/init.d/swagentd stop
How to list the softwares ?
To list the installed bundles :
# swlist -l bundle
To list the installed products :
# swlist -l product
To list the installed subproducts :
# swlist -l subproduct
To list the installed filesets alone :
# swlist -l fileset
To list the softwares in depot /var/spool/sw :
# swlist -d @ /var/spool/sw
To list the softwares in depot /var/spool/sw located in a remote server :
# swlist -d @ server1:/var/spool/sw
To list all the files belonging to the product X11 :
# swlist -l file X11
To list softwares in a tape drive :
# swlist -d @ /dev/rmt/0m
To list softwares available in a cd-rom drive :
# swlist -d @ /SD_CDROM
To open swlist in GUI mode :
# swlist -i
To open swlist in GUI mode for software depot :
# swlist -i -d
To view the readme file for a product :
# swlist -a readme OS-Core
To show whether software available on cd-rom requrie a codeword or not :
# swlist -d -a is_protected @ /SD_CDROM
How to install software ?
You can use swinstall command to install the softwares available in the cd-rom, tape, local software depot or software depot on a remote server. All the activities of swinstall command are logged in the /var/adm/sw/swinstall.log file.
To install software from a local tape drive :
# swinstall -s /dev/rmt/0m
To install software from a local cd-rom drive :
# swinstall -s /SD_CDROM
Note: If you're using HP-UX 11.2 and earlier versions, you have to mount the cd-rom on /SD_CDROM before using the above command.
How to remove the installed softwares ?
You can use swremove command to remove the installed softwares. All the activities of swremove command are logged in the /var/adm/sw/swremove.log file.
How to verify the installed softwares ?
You can use swverify command to verify the consistency of the software installed in the system or in the software depot. All the activities of swremove command are logged in the /var/adm/sw/swremove.log file.
How to manage softwares in the software depot ?
To copy softwares from a tape to the default depot :
# swcopy -s /dev/rmt/0m @ /var/spool/sw
To copy softwares from a cd-rom drive to the default depot :
# swcopy -s /SD_CDROM @ /var/spool/sw
To remove softwares from a depot :
# swremove -d * @ /var/spool/sw
To list softwares in a depot :
# swlist -d @ /var/spool/sw
We will look at the patch management in the next part.
Few Common Terms in SD-UX :
Fileset:
It is the smalled installable software unit. It consists of files and control scripts. It can belong to only 1 product, but can be included multiple subproducts and bundles.
Here is an example: Keyshell.KEYS-END-A-MAN B.11.30
where
1st field is the fileset name
2nd field is the fileset version
Sub-Product:
Subproduct is nothing but the logically related filesets.
Here is an example:
X11.MessagesByLang X11 Localized Messages
This subproduct contains the filesets for X11 messages in several languages.
Product:
It is nothing but a set of filesets. In another words, it is a superset of filesets / subproducts.
Here is an example ,
X11 B.11.30 HP-UX X Windows Software
where
X11 is the product name
B.11.30 is the product version
third field is the product description
Bundle:
It contains filesets that may belong to different products. Bundles are usually packaged by HP for the software distribution.
Here is an example,
OnlineDiag B.11.20.06 HP-UX 11.0 Support Tools Bundle
Software Depot:
It is the place where filesets, products and bundles are kept. It can be a directory or cd-rom or tape. By default, the software depot is /var/spool/sw. You can also maintain software depot on a central server for the installtion over the network. You can have multiple software depots in a server for different purposes or applications. You can add new softwares to the depot and install them whenever required.
Points to remember:
1. SD-UX keeps stores all the information about the installed software and catalog files for software in depots in a database called Installed Product Database (IPD).
2. SD-UX commands create, modify the IPD and cataog files.
3. IPD is located in /var/adm/sw/products.
What is Protected Software and How to install it ?
HP provides certain software in protected mode. HP will provide you the codeword and your customer id for installing that software. codeword is based on the customer id, product id and the part number of the software storage medium.
You need to mention the customer id and codeword for the firsttime you install the software. At that time, the codeword gets stored in /var/adm/sw/.codewords file. After this, you dont have to mention the codeword for installing that software (from that particular cd-rom media) in that machine.
Software Agent Daemon :
Software installtion is controlled by the daemon called "swagentd". You need to have this daemon running for the installation of the software in HP-UX.
Whenever you execute swinstall command, it contacts the swagentd daemon which starts a software agent called swagent. If the installation over the network, the local swagentd daemon contacts the daemon running on the other machine.
This daemon gets started at runlevel 2. Hence its not possible to install the software in single-user or maintenance mode. If you need to install software in single-user mde, first you have to manually start this daemon.
To start swagentd :
# /sbin/init.d/swagentd start
To stop swagentd :
# /sbin/init.d/swagentd stop
How to list the softwares ?
To list the installed bundles :
# swlist -l bundle
To list the installed products :
# swlist -l product
To list the installed subproducts :
# swlist -l subproduct
To list the installed filesets alone :
# swlist -l fileset
To list the softwares in depot /var/spool/sw :
# swlist -d @ /var/spool/sw
To list the softwares in depot /var/spool/sw located in a remote server :
# swlist -d @ server1:/var/spool/sw
To list all the files belonging to the product X11 :
# swlist -l file X11
To list softwares in a tape drive :
# swlist -d @ /dev/rmt/0m
To list softwares available in a cd-rom drive :
# swlist -d @ /SD_CDROM
To open swlist in GUI mode :
# swlist -i
To open swlist in GUI mode for software depot :
# swlist -i -d
To view the readme file for a product :
# swlist -a readme OS-Core
To show whether software available on cd-rom requrie a codeword or not :
# swlist -d -a is_protected @ /SD_CDROM
How to install software ?
You can use swinstall command to install the softwares available in the cd-rom, tape, local software depot or software depot on a remote server. All the activities of swinstall command are logged in the /var/adm/sw/swinstall.log file.
To install software from a local tape drive :
# swinstall -s /dev/rmt/0m
To install software from a local cd-rom drive :
# swinstall -s /SD_CDROM
Note: If you're using HP-UX 11.2 and earlier versions, you have to mount the cd-rom on /SD_CDROM before using the above command.
How to remove the installed softwares ?
You can use swremove command to remove the installed softwares. All the activities of swremove command are logged in the /var/adm/sw/swremove.log file.
How to verify the installed softwares ?
You can use swverify command to verify the consistency of the software installed in the system or in the software depot. All the activities of swremove command are logged in the /var/adm/sw/swremove.log file.
How to manage softwares in the software depot ?
To copy softwares from a tape to the default depot :
# swcopy -s /dev/rmt/0m @ /var/spool/sw
To copy softwares from a cd-rom drive to the default depot :
# swcopy -s /SD_CDROM @ /var/spool/sw
To remove softwares from a depot :
# swremove -d * @ /var/spool/sw
To list softwares in a depot :
# swlist -d @ /var/spool/sw
We will look at the patch management in the next part.
Thursday, December 17, 2009
Startup and Shutdown of HP-UX
Here we are going to take a look at the boot sequence of HP-UX.
It is basically divided into 2 main parts,
a. Boot PROM Startup - Same like other systems
b. HP-UX Startup - Included ISL, SSL (hpux), kernel (/stand/vmunix), swapper, init and /etc/inittab
Here is the boot sequence given in steps ,
1. Power On the system or Reboot the System
2. Processor Dependent Code
- PDC gets executed and it performs the initial self-test include processor, memory and also detects
peripherals attached to the system.
- If auto boot is disabled, it displays a menu list, something like smsin aix, bios in your pc.
3. PDC initializes the console to display boot messages and any errors. Then it looks for the primary boot path.
Note: boot path is nothing but the hardware path to the bood disk
4. Initial System Loader from the boot dick gets loaded into the memory and executed by PDC
5. Secondary System Loader 'hpux' gets loaded into the memory by the ISL. "hpux" is stored in the boot sector of the boot disk.
6. SSL hpux loads the kernel "/stand/vmunix" into the memory and from here kernel takes over the control.
7. Kernel then loads the device drivers and starts the process "swapper"
8. Swapper process (PID = 0) then intiates a shell process to execute commands from /sbin/pre_init_rc
9. Finally kernel loads the system's first process called "init". Hence init pid is always 1.
10. The init process processes the /etc/inittab file and runs the startup scripts to start other daemons and processes based on the default run level set. This will take the system to the default run level and from now on users can login to the system.
Few Points:
Stable Storage:
Primary / alternate boot paths, console, autoboot mode, autosearch values are stored in the stable storage. This information is used by the PDC. To change any of these values, you can use "configure" command.
Few PDC commands:
1. To boot in single-user mode for maintenance purpose :
> boot pri -is
Few ISL Commands:
1. To boot in single-user mode :
ISL > hpux -is
2. To boot from alternate kernel :
ISL > hpux /stand/vmunix.old
3. To boot in single-user mode using an alternate kernel :
ISL > hpux -is /stand/vmunix.old
4. To display the version of hpux utility :
ISL > hpux -v
5. To display the files in the /stand directory (mostly used to find the alternate kernel file name) :
ISL > hpux ll /stand
Contents of Boot Area:
Boot disk contains a boot area and a root partition plus swap space and other file systems.
Boot area contains the below stuff :
a. An LIF volume header that indentifies the LIF volume
b. A file containing a HP-UX volume name
c. A directory that contains a list of files contained in this area
d. Initial System Loader (ISL)
e. A secondary System Loader (hpux)
f. A file named AUTO - Contains the hpux utility name and any arguments to be passed onto hpux.
To list the contents of the boot area:
# lifls -l /dev/dsk/c0t0d0
where cotod0 is the boot disk ie., controller 0, target 0, disk 0
Few Boot list commands :
1. To view the current primary, alternate bootpaths, autoboot and autosearch :
# setboot
2. What is the command to install files in the LIF area :
# mkboot
3. What is the command to delete files in the LIF area :
# rmboot
Available Run Levels:
0 - Terminates all the processes by going to the lower run levels and finally shuts down the system
s - Single User Mode. Only one physical console can be used. Only the root file system is mounted. Only the processes (daemons) those having keyword sysinit in the /etc/inittab are started and any other daemon started by the kernel.
S - It is functionally same as ‘s’ with the exception that the current terminal will be considered as console (virtual).
1 - It is above run level ‘s’. The system is dedicated to one user but all the file systems are mounted, with a process known as ‘syncer’ running.
2 - Multiuser run level with no NFS
3 - Functionally same as “2”, with Network daemons, NFS, Web-base administration, graphical presentation managers running.
4 - Currently not available. You can customize this as per your environment.
5 - Currently not available. You can customize this as per your environment.
6 - Currently not available. You can customize this as per your environment.
You can use 'init' command to change the run level.
For Ex., to goto run level 3 from single-user mode
# init 3
Few Commands:
1. To display the current run level :
# who -r
2. To immediately shutdown a system with no interactive response :
# shutdown -h -y 0
Note: You can use "reboot" command if you're running in a single user mode. It normally kills all the daemons instead of gracefull terminating them. So its not recommended in multi-user mode.
3. To shutdown a system with no interative response after 60 seconds :
# shutdown -h -y 60
4. To shutdown a system immediately and to reboot :
# shutdown -r -y 0
5. How to view the shutdown and reboot times for the system :
# cat /etc/shutdown.log
6. How to allow an user called joe from a remote machine (workstation1) to shutdown the system server1 :
Just add the below lines to /etc/shuwdown.allow
workstation joe
For Ex., # echo "workstation joe" >> /etc/shutdown.allow
7. To shutdown a server to a single user mode :
# shutdown
Last but not least, you must obtain approval from the business before shutting down a server. If not, just get ready to face the music.
It is basically divided into 2 main parts,
a. Boot PROM Startup - Same like other systems
b. HP-UX Startup - Included ISL, SSL (hpux), kernel (/stand/vmunix), swapper, init and /etc/inittab
Here is the boot sequence given in steps ,
1. Power On the system or Reboot the System
2. Processor Dependent Code
- PDC gets executed and it performs the initial self-test include processor, memory and also detects
peripherals attached to the system.
- If auto boot is disabled, it displays a menu list, something like smsin aix, bios in your pc.
3. PDC initializes the console to display boot messages and any errors. Then it looks for the primary boot path.
Note: boot path is nothing but the hardware path to the bood disk
4. Initial System Loader from the boot dick gets loaded into the memory and executed by PDC
5. Secondary System Loader 'hpux' gets loaded into the memory by the ISL. "hpux" is stored in the boot sector of the boot disk.
6. SSL hpux loads the kernel "/stand/vmunix" into the memory and from here kernel takes over the control.
7. Kernel then loads the device drivers and starts the process "swapper"
8. Swapper process (PID = 0) then intiates a shell process to execute commands from /sbin/pre_init_rc
9. Finally kernel loads the system's first process called "init". Hence init pid is always 1.
10. The init process processes the /etc/inittab file and runs the startup scripts to start other daemons and processes based on the default run level set. This will take the system to the default run level and from now on users can login to the system.
Few Points:
Stable Storage:
Primary / alternate boot paths, console, autoboot mode, autosearch values are stored in the stable storage. This information is used by the PDC. To change any of these values, you can use "configure" command.
Few PDC commands:
1. To boot in single-user mode for maintenance purpose :
> boot pri -is
Few ISL Commands:
1. To boot in single-user mode :
ISL > hpux -is
2. To boot from alternate kernel :
ISL > hpux /stand/vmunix.old
3. To boot in single-user mode using an alternate kernel :
ISL > hpux -is /stand/vmunix.old
4. To display the version of hpux utility :
ISL > hpux -v
5. To display the files in the /stand directory (mostly used to find the alternate kernel file name) :
ISL > hpux ll /stand
Contents of Boot Area:
Boot disk contains a boot area and a root partition plus swap space and other file systems.
Boot area contains the below stuff :
a. An LIF volume header that indentifies the LIF volume
b. A file containing a HP-UX volume name
c. A directory that contains a list of files contained in this area
d. Initial System Loader (ISL)
e. A secondary System Loader (hpux)
f. A file named AUTO - Contains the hpux utility name and any arguments to be passed onto hpux.
To list the contents of the boot area:
# lifls -l /dev/dsk/c0t0d0
where cotod0 is the boot disk ie., controller 0, target 0, disk 0
Few Boot list commands :
1. To view the current primary, alternate bootpaths, autoboot and autosearch :
# setboot
2. What is the command to install files in the LIF area :
# mkboot
3. What is the command to delete files in the LIF area :
# rmboot
Available Run Levels:
0 - Terminates all the processes by going to the lower run levels and finally shuts down the system
s - Single User Mode. Only one physical console can be used. Only the root file system is mounted. Only the processes (daemons) those having keyword sysinit in the /etc/inittab are started and any other daemon started by the kernel.
S - It is functionally same as ‘s’ with the exception that the current terminal will be considered as console (virtual).
1 - It is above run level ‘s’. The system is dedicated to one user but all the file systems are mounted, with a process known as ‘syncer’ running.
2 - Multiuser run level with no NFS
3 - Functionally same as “2”, with Network daemons, NFS, Web-base administration, graphical presentation managers running.
4 - Currently not available. You can customize this as per your environment.
5 - Currently not available. You can customize this as per your environment.
6 - Currently not available. You can customize this as per your environment.
You can use 'init' command to change the run level.
For Ex., to goto run level 3 from single-user mode
# init 3
Few Commands:
1. To display the current run level :
# who -r
2. To immediately shutdown a system with no interactive response :
# shutdown -h -y 0
Note: You can use "reboot" command if you're running in a single user mode. It normally kills all the daemons instead of gracefull terminating them. So its not recommended in multi-user mode.
3. To shutdown a system with no interative response after 60 seconds :
# shutdown -h -y 60
4. To shutdown a system immediately and to reboot :
# shutdown -r -y 0
5. How to view the shutdown and reboot times for the system :
# cat /etc/shutdown.log
6. How to allow an user called joe from a remote machine (workstation1) to shutdown the system server1 :
Just add the below lines to /etc/shuwdown.allow
workstation joe
For Ex., # echo "workstation joe" >> /etc/shutdown.allow
7. To shutdown a server to a single user mode :
# shutdown
Last but not least, you must obtain approval from the business before shutting down a server. If not, just get ready to face the music.
Swap Space Management
Types of Swap Space :
1. Device Swap Space :
An entire disk or a partition in a disk or a logical volume in a volume group can be used as swap space. This type is called as device swap.
2. File System Swap Space:
You can allocate a specific amount of space in an existing file system. This will create a directory called paging on that file system. This type of swap space can coexist with the files in the file system. This type is called as file system swap space.
Daemon used to manage memory and swap :
a. swapper
b. vhand
Swap Space Priority:
a. There are priority levels from number 0 to 10.
b. Number 0 is the highest and 10 is the lowest level of priority.
c. When the highest priority swap space is full, then the next level swap will be used.
d. If 2 or more swap spaces have the same priority, then the round robin mechanism will be used.
e. If the disk and file system swaps have the same priority, then the disk swap will get the preference.
Let us now look the way to create the swap space,
To create swap space in an entire disk :
# swapon /dev/dsk/c1t2d4
To create swap space in a logical volume :
# swapon /dev/vg01/lvol1
To create swap space in an entire disk with a priority of 2 :
# swapon -p 2 /dev/dsk/c1t2d4
To create a file system swap of size 300MB :
# swapon -l 300M /swapdir
This will create a directory called paging on that file system and puts a maximum limit of 300MB on that swap area.
How to activte all the swap spaces on every reboot ?
For automatic activation of swap spaces, you have to put the entry for each and every swap space in /etc/fstab file. When you reboot the system, /sbin/init.d/swap_start script gets executed in run level 1. This script will execute the below command to activate all the swap spaces.
# swapon -a
Sample /etc/fstab entry for disk based swap space,
/dev/dsk/c0t1d0 . swap defaults 0 0
Sample /etc/fstab entry for file system based swap space,
. /swapdir swapfs lim=300M 0 0
How to monitor the swap space ?
"swapinfo" command will show the statistics on device, LV and file system swaps.
To show only the device swap areas,
# swapinfo -d
To show only the file system swap areas,
# swapinfo -f
To show all the device and file system swaps in megabytes instead of kilebytes :
# swapinfo -m
To show all the device and file system swaps with a total details at the last line :
# swapinfo -t
1. Device Swap Space :
An entire disk or a partition in a disk or a logical volume in a volume group can be used as swap space. This type is called as device swap.
2. File System Swap Space:
You can allocate a specific amount of space in an existing file system. This will create a directory called paging on that file system. This type of swap space can coexist with the files in the file system. This type is called as file system swap space.
Daemon used to manage memory and swap :
a. swapper
b. vhand
Swap Space Priority:
a. There are priority levels from number 0 to 10.
b. Number 0 is the highest and 10 is the lowest level of priority.
c. When the highest priority swap space is full, then the next level swap will be used.
d. If 2 or more swap spaces have the same priority, then the round robin mechanism will be used.
e. If the disk and file system swaps have the same priority, then the disk swap will get the preference.
Let us now look the way to create the swap space,
To create swap space in an entire disk :
# swapon /dev/dsk/c1t2d4
To create swap space in a logical volume :
# swapon /dev/vg01/lvol1
To create swap space in an entire disk with a priority of 2 :
# swapon -p 2 /dev/dsk/c1t2d4
To create a file system swap of size 300MB :
# swapon -l 300M /swapdir
This will create a directory called paging on that file system and puts a maximum limit of 300MB on that swap area.
How to activte all the swap spaces on every reboot ?
For automatic activation of swap spaces, you have to put the entry for each and every swap space in /etc/fstab file. When you reboot the system, /sbin/init.d/swap_start script gets executed in run level 1. This script will execute the below command to activate all the swap spaces.
# swapon -a
Sample /etc/fstab entry for disk based swap space,
/dev/dsk/c0t1d0 . swap defaults 0 0
Sample /etc/fstab entry for file system based swap space,
. /swapdir swapfs lim=300M 0 0
How to monitor the swap space ?
"swapinfo" command will show the statistics on device, LV and file system swaps.
To show only the device swap areas,
# swapinfo -d
To show only the file system swap areas,
# swapinfo -f
To show all the device and file system swaps in megabytes instead of kilebytes :
# swapinfo -m
To show all the device and file system swaps with a total details at the last line :
# swapinfo -t
Wednesday, December 16, 2009
User and Group Administration
Few Points:
# Starting from HP-UX 11i v3, user and group names can be 255 chars long
Related Files:
/etc/passwd - Contains the basic user configuration information
/etc/shadow - Password shadow file. Contains the encrypted password
/etc/ptmp - Lock file when updating the password file
/etc/group - Contains the group configuration information
/etc/default/security - Security defaults configuration
/etc/security.dsc - Security attributes description file
/var/adm/btmp - Keeps track of failed logins
/var/adm/wtmp - Keeps track of successful logins
/etc/utmp - Keeps track of currently logged in users
Related Directories:
/etc/skel - Skeleton directory where the templates of profiles are kept
Password Related Attributes for /etc/default/security :
INACTIVITY_MAXDAYS - No. of days before expiring an account for inactivity
PASSWORD_MINDAYS - Minimum no. of days before a password can be changed
PASSWORD_MAXDAYS - Maximum no. of days that passwords are valid
PASSWORD_WARNDAYS - No. of days before warning users of password expiration
Commands:
1. To create an user with default settings :
# useradd user1
2. To create an user with the specific uid, primary group, secondary groups, home directory, shell, comment and also creates the home directory if it doesn’t exist, also allows the uid to be non-unique :
# useradd –u uid –o –g group_name –G group1,group2 –d home_dir –s shell –c comment –m user_name
3. To list the defaults for primary group, base directory, inactivity timeout and skeleton directory :
# useradd –D
4. To change the default primary group to dba :
# useradd –D –g dba
5. To change the primary group to dba for the user jack :
# usermod –g dba jack
6. To delete an user but not his/her home directory :
# userdel user1
7. To delete an user along with the home directory :
# userdel –r user1
8. To reset the password for an user :
# passwd user1
9. To force a password change at next login :
# passwd –f user1
10. To view password aging status for an user :
# passwd –s user1
11. To lock or disable a user :
# passwd –l user1
12. To create a group called dba and add the respective entries to /etc/group :
# groupadd dba
13. To create a group called dba with gid as 231 :
# groupadd –g 231 dba
14. To modify the gid for an existing group :
# groupmod –g 214 dba
15. To delete the group dba :
# groupdel dba
16. To delete the group only if its not the primary group for any user :
# groupdel –s dba
17. To list the failed logins ( to display the contents of /var/adm/btmp ) :
# lastb
18. To list the successful logins ( to display the contents of /var/adm/wtmp )
# last
19. To list the currently logged in users ( to display the contents of /etc/utmp )
# who –u
20. To create the password shadow file and to move the encrypted password from /etc/passwd to /etc/shadow :
# pwconv
21. To check the /etc/passwd and /etc/shadow files for consistencies :
# pwck
22. To copy the encrypted passwd and aging information from /etc/shadow to /etc/passwd and then delete the /etc/shadow file :
# pwunconv
23. To display all the attributes for the user jack :
# userdbget –u jack
# Starting from HP-UX 11i v3, user and group names can be 255 chars long
Related Files:
/etc/passwd - Contains the basic user configuration information
/etc/shadow - Password shadow file. Contains the encrypted password
/etc/ptmp - Lock file when updating the password file
/etc/group - Contains the group configuration information
/etc/default/security - Security defaults configuration
/etc/security.dsc - Security attributes description file
/var/adm/btmp - Keeps track of failed logins
/var/adm/wtmp - Keeps track of successful logins
/etc/utmp - Keeps track of currently logged in users
Related Directories:
/etc/skel - Skeleton directory where the templates of profiles are kept
Password Related Attributes for /etc/default/security :
INACTIVITY_MAXDAYS - No. of days before expiring an account for inactivity
PASSWORD_MINDAYS - Minimum no. of days before a password can be changed
PASSWORD_MAXDAYS - Maximum no. of days that passwords are valid
PASSWORD_WARNDAYS - No. of days before warning users of password expiration
Commands:
1. To create an user with default settings :
# useradd user1
2. To create an user with the specific uid, primary group, secondary groups, home directory, shell, comment and also creates the home directory if it doesn’t exist, also allows the uid to be non-unique :
# useradd –u uid –o –g group_name –G group1,group2 –d home_dir –s shell –c comment –m user_name
3. To list the defaults for primary group, base directory, inactivity timeout and skeleton directory :
# useradd –D
4. To change the default primary group to dba :
# useradd –D –g dba
5. To change the primary group to dba for the user jack :
# usermod –g dba jack
6. To delete an user but not his/her home directory :
# userdel user1
7. To delete an user along with the home directory :
# userdel –r user1
8. To reset the password for an user :
# passwd user1
9. To force a password change at next login :
# passwd –f user1
10. To view password aging status for an user :
# passwd –s user1
11. To lock or disable a user :
# passwd –l user1
12. To create a group called dba and add the respective entries to /etc/group :
# groupadd dba
13. To create a group called dba with gid as 231 :
# groupadd –g 231 dba
14. To modify the gid for an existing group :
# groupmod –g 214 dba
15. To delete the group dba :
# groupdel dba
16. To delete the group only if its not the primary group for any user :
# groupdel –s dba
17. To list the failed logins ( to display the contents of /var/adm/btmp ) :
# lastb
18. To list the successful logins ( to display the contents of /var/adm/wtmp )
# last
19. To list the currently logged in users ( to display the contents of /etc/utmp )
# who –u
20. To create the password shadow file and to move the encrypted password from /etc/passwd to /etc/shadow :
# pwconv
21. To check the /etc/passwd and /etc/shadow files for consistencies :
# pwck
22. To copy the encrypted passwd and aging information from /etc/shadow to /etc/passwd and then delete the /etc/shadow file :
# pwunconv
23. To display all the attributes for the user jack :
# userdbget –u jack
System Information
Commands to gather system information :
1. To view OS Version:
# uname –r
2. To find the memory details :
# glance
Look for the physical memory size in the output.
3. To list the processors :
# ioscan -C processor
4. To display the system architecture :
# uname –m
5. To display machine model :
# model
# getconf MACHINE_MODEL
6. To display Operating Environment and OS Version.Update :
# swlist HPUX*OE*
6. To show Hw(CPU) bit :
# getconf HW_CPU_SUPP_BITS
7. To show Kernel bit:
# getconf KERNEL_BITS
8. To get the serial number: (Use any of the below):
# echo "sc product system;info;wait;il" | cstm | grep -i "system serial"
# echo "sel path system\ninfolog\nexit"|cstm|grep "System Serial"
# getconf MACHINE_SERIAL
# machinfo | grep "machine serial"
9. To see the system information:
# print_manifest
Commands to modify system information :
1. To set hostname, ip addres , date/time, dns/nis server details, default gateway after the OS installation :
This command will run automatically after the OS installation.
# set_parms initial
2. To change the date and time :
# set_parms date_time
3. To change the timezone :
# set_parms timezone
1. To view OS Version:
# uname –r
2. To find the memory details :
# glance
Look for the physical memory size in the output.
3. To list the processors :
# ioscan -C processor
4. To display the system architecture :
# uname –m
5. To display machine model :
# model
# getconf MACHINE_MODEL
6. To display Operating Environment and OS Version.Update :
# swlist HPUX*OE*
6. To show Hw(CPU) bit :
# getconf HW_CPU_SUPP_BITS
7. To show Kernel bit:
# getconf KERNEL_BITS
8. To get the serial number: (Use any of the below):
# echo "sc product system;info;wait;il" | cstm | grep -i "system serial"
# echo "sel path system\ninfolog\nexit"|cstm|grep "System Serial"
# getconf MACHINE_SERIAL
# machinfo | grep "machine serial"
9. To see the system information:
# print_manifest
Commands to modify system information :
1. To set hostname, ip addres , date/time, dns/nis server details, default gateway after the OS installation :
This command will run automatically after the OS installation.
# set_parms initial
2. To change the date and time :
# set_parms date_time
3. To change the timezone :
# set_parms timezone
Subscribe to:
Posts (Atom)