Boot-ROM
[ESC] # bricht Boot-Vorgang ab
search [ISL] # listet alle möglichen Boot-Devices (mit ISL) auf
path [pri|alt|<#>|<path>] # bootet vom angegebenen Device
help
ISL
hpux /stand/vmunix # bootet normal mit Kernel /stand/vmunix (default)
hpux -is # bootet im Single-User-Modus
hpux -lq # bootet ohne LVM-Quorum
hpux -lm # bootet im LVM Maintenance Mode (falls Boot-Disk korrupt)
hpux show autofile # zeigt Inhalt des LIF AUTO Files
hpux set autofile "hpux -lq" # ändert Inhalt des LIF AUTO Files
hpux ls -l # listet Inhalt von /stand
# mkboot <char dev file> # kopiert ISL- und HP-UX-Utilities in Boot-Area
# lifls <char dev file> # listet Dateiname in Boot-Area
# licp <char dev file>:AUTO - # listet Inhalt des Autofile aud stdout
System Startup
/sbin/rc<run level>.d/<type><sequence #><service name>
# mit type: S|K, Bsp: /sbin/rc2.d/S730cron, symbolisch verlinkt mit:
/sbin/init.d/<service script> start|stop # controlled by:
/etc/rc.config.d/<service configuration file>
CDE-Login (Default im Run-Level 3)
/etc/dt/config/Xstartup (ggf. kopieren aus /usr/dt/config/Xstartup)
# CDE-Login-Script
/etc/profile
~/.dtprofile # persönliches CDE-Login-Script
falls DTSOURCEFILE=true -> ~/.profile # persönliches Login-Script
falls ENV=~/.shrc; export ENV -> ~/.shrc # persönliches Shell-Startup-Script
mit:
HISTFILE=~/.sh_history
HISTSIZE=500
PS1="$(hostname):"'$PWD# '
Terminal-Login (via lokaler Konsole,
telnet oder remsh)
/etc/profile
~/.profile # persönliches Login-Script
falls ENV=~/.shrc; export ENV -> ~/.shrc # persönliches Shell-Startup-Script
mit:
HISTFILE=~/.sh_history
HISTSIZE=500
PS1="$(hostname):"'$PWD# '
SAM
sam [-r] # (Restricted SAM Builder for administrating users)
Remote Administration
xhost +<remote>
telnet <remote>
export <local>:0.0
sam
User Accounts
sam
useradd [-m] <username> # (mit Erzeugung eines Home-Directories)
usermod ... # Ändern eines User Accounts
userdel ...
Editor=vi; vipw # mit Write-Lock auf /etc/passwd
pwck # /etc/passwd
Trusted System
Verbesserte Passwort-Vorgaben und -Alterungen, Benutzer- und Terminal-Überwachung
sam -> Auditing and Security -> System Security Policies # Einrichten
aber nur bei Bedarf!
sam -> Auditing and Security -> Audited Users -> Actions -> Unconvert
... # Aufheben
Configuring Peripherals
ioscan [-f] [-C disk|ext_bus|lan|tape] [-u] [-n] # I/O-System-Informationen
model # Hardware Modell-Informationen
lanscan # LAN Device-Konfiguration
Device Files
lsdev [-C class] # Device-Treiber-spezifische Informationen
lssf <dev file> # Device File-spezifische Informationen
insf [-e] # ggf. erst nach ioscan
mksf
mknod
Logical Volume Manager
pvcreate [-f] [-B] <char dev file> # -B ... reserviert Boot-Area
auf Boot-Disk
mkdir /dev/<vg#>
mknod /dev/<vg#>/group c 64 0x0<#>0000
vgcreate [-e <max PE>] [-s <PE size/MB>] /dev/<vg#> <block
dev files>
lvcreate [-L <size/MB>] [-n <name>] <vg#>
lvextend # zur gezielten Zuweisung von LV -> Disks
pvdisplay [-v] <block dev file>
vgdisplay [-v] <vg#>
lvdisplay [-v] /dev/<vg#>/<lv>
Veritas Volume Manager
vxinstall
vmsa_server &
vmsa &
File Systeme
newfs -F hfs [-s <size/blocks>] <char dev file|char lv>
newfs -F vxfs [-s <size/MB>M] <char dev file|char lv>
mkdir <mount dir>
mount <block dev file|block lv> <mount dir>
mount [-v] [-p] # mit /etc/fstab-kompatibler Ausgabe
Swap
/etc/dmesg # Aufteilung des physischen Speichers (RAM)
swapon [-e] <block dev file|block lv>
swapon [-p <prio>] <device>
# dauerhaft in /etc/fstab eintragen
swapinfo -tm
LVM (Advanced)
bdf [-i] # Disk-Auslastungsübersicht
du -k # Bsp.: du -k / | sort -n > /tmp/du.sort
sam -> Routine Tasks -> ...
pvcreate [-f] /dev/rdsk/<char dev file> # LVM-Strukturen auf neuer
Disk anlegen
vgextend <vg#> /dev/dsk/<block dev file> # Erweitern der vorhandenen
VG um neue Disk
lvextend -L <target size/MB> /dev/<vg#>/<block lv> /dev/dsk/<block
dev file>
umount <mount dir>; extendfs -F <hfs|vxfs> /dev/<vg#>/<char
lv>; mount <mount dir> # Erweitern eines File Systems
oder
fsadm -F vxfs -b <target size/MB> <mount dir>
tar -c <mount dir>; umount <mount dir>; newfs -F <hfs|vxfs>
-s <target size/MB>M /dev/<vg#>/<char lv>; mount <mount dir>;
tar -x <mount dir> # Reduzieren eines File Systems
oder
fsadm -F vxfs -de <mount dir>; fsadm -F vxfs -b <target size/kB>
<mount dir>
lvreduce -L <target size/MB> /dev/<vg#>/<block lv>
umount <mount dir>; lvremove [-f] /dev/<vg#>/<block lv>; vi
/etc/fstab # Entfernen eines LV
pvmove /dev/dsk/<block dev file (to be removed)> /dev/dsk/<block
dev file>; vgreduce <vg#> /dev/dsk/<block dev file (to be removed)>
# Reduzieren einer VG
vgreduce <vg#> /dev/dsk/<block dev file (all but last to be removed)>;
vgremove <vg#>; rm -ir /dev/<vg#> # Entfernen einer VG
oder
vgchange -a n <vg#>; vgexport <vg#>
Mirror
lvextend -m <1|2> /dev/<vg#>/<block lv>
lvreduce -m <0|1> /dev/<vg#>/<block lv>
Datensicherung mit minimaler Downtime:
lvsplit /dev/<vg#>/<block lv>
fsck -F hfs /dev/<vg#>/<char lv>b
mkdir <mount dir>
mount -o ro /dev/<vg#>/<block lv>b <mount dir>
# jetzt <mount dir> sichern, anschliessend resync mit:
umount <mount dir>
lvmerge /dev/<vg#>/<block lv>b /dev/<vg#>/<block lv> #
stale lv -> running lv
Backup / Disaster Recovery
fbackup -f <char dev file (target)> -i <included file> -e <excluded
file> [-v] -I <index file>
fbackup -f <char dev file (target)> -u <backup level>g <graph
file>
frecover -f <char dev file (source)> -r [-x] [-N] -v
frecover -f <char dev file (source)> -g <graph file>
frecover -f <char dev file (source)> -x [-i <included file>]
[-e <excluded file>]
frecover -f <char dev file (source)> -I <file>|-
fsck -F <hfs|vxfs> [-o full,nolog] /dev/<vg#>/<char lv>
Recherche-Tipps: ll /<mount dir>/lost+found; file; strings; cat
-v; what; ident
vgcfgbackup <vg#> # save LVM structural information into /etc/lvmconf/<vg#>.conf[.old]
vgcfgrecover -n <vg#> /dev/rdsk/<char dev file> # recover LVM
structural information
make_recovery [-ACi] # create a system recovery tape (component of Ignite-UX)
check_recovery # check currency of most recent recovery tape
make_medialif
print_manifest # output complete system configuration
Networking-Konfiguration
/etc/rc.config.d/netconf # Network Configuration File
/sbin/init.d/net start # Aktivieren der Einträge im Network Configuration
File
ifconfig lan<#> inet [<IP address>] [netmask <netmask|255.255.255.0>]
[up|down] # Setzen einer IP-Adresse / LAN-I/F
ifconfig lan<#1>:<#2> inet [<IP address(<#2)>] [netmask
<netmask|255.255.255.0>] up # Setzen von multiplexten IP-Adressen /
LAN I/F
route add | delete default | net <net address> [netmask <netmask>]
<IP address of gateway> # Konfigurieren eines Routings
netstat -rn # Routing-Tabellen-Informationen
Networking-Troubleshooting
ioscan -funC lan # LAN-I/F-Status
lanscan # LAN-I/F-Informationen auf Layer 1-2
lanadmin # LAN-I/F-Administration auf Layer 2-4
linkloop [-i <LAN I/F #>] <MAC address> # Überprüfen
der Connectivity auf Layer 2
arp [-a] [<hostname>] # Informationen aus dem Address Resolution
Cache
ping <hostname> [<packet size>] [-n <count>] # Überprüfen
der Connectivity auf Layer 3
netstat -i[n] # Information über Konfiguration der lokalen LAN-I/F
nslookup <hostname> # Überprüfen der Adress-Auflösung
nsquery hosts <hostname> # Überprüfung der Adress-Auflösung
(detailliert)
/usr/contrib/bin/traceroute <hostname> # Routing-Statistik zwischen
lokalem und Remote-Host
Domain Name Services (DNS)
# at least 2 name servers in every domain: with master server, slave
server(, cache-only server), resolver (DNS) clients
# Master Server (also to be configured as DNS client):
vi /etc/hosts # enter full qualified hostnames, i.e. extend hostnames
by domain name
mkdir /etc/named.data; cd /etc/named.data
hosts_to_named -d <domain> -n <subnet address> -z <ip address
of master server> -b /etc/named.conf
ftp://ftp.rs.internic.net/domain/root.zone -> get [/etc/named.data/]db.cache
# get root level name servers
vi /etc/rc.config/namesvrs -> NAMED=1
/sbin/init.d/named start
# Slave Server (also to be configured as DNS client):
mkdir /etc/named.data; cd /etc/named.data; chmod 755 .
ftp <ip address of master server> -> mget /etc/named.data/db.*
ftp <ip address of master server> get /etc/named.data/conf.sec.save;
quit; mv conf.sec.save ../named.conf
vi /etc/rc.config/namesvrs -> NAMED=1
/sbin/init.d/named start
# Resolver (DNS) Clients
vi /etc/resolv.conf -> "search <domain name[s]>"
vi /etc/nsswitch.conf -> "hosts: dns nis files" # configure search
order
vi /etc/hosts # keep only "127.0.0.1 localhost\n<ip address of local
client> <full qualified hostname>"
vi ~/.rhosts /etc/hosts.equiv /var/adm/inetd.sec # extend by full qualified
hostname
nsquery hosts <hostname> # testing DNS
HP-UX Network Services
#inetd (telnet, ftp, remsh, rlogin, rcp, bootp, tftp)
ftp -d <hostname> # Debugging Mode
ftp> passive # Wechseln in den Passive Mode, d.h. auch die Data Port Connection wird vom Client initiiert
vi /etc/rc.config.d/netdaemons
/sbin/init.d/inetd start
vi /etc/inetd.conf
vi /etc/services
vi /var/adm/inetd.sec /etc/hosts.equiv ~/.rhosts # falls erforderlich
# Network File System (NFS)
# NFS-Server
vi /etc/rc.config.d/nfsconf
/sbin/init.d/nfs.server start
vi /etc/exports # zu exportierende FS spezifizieren
showmount -e; exportfs(; rpcinfo -p; nfsstat) # testing NFS
# NFS-Client
vi /etc/rc.config.d/nfsconf
/sbin/init.d/nfs.client start
mount <hostname of NFS server>:<remote path> <local mount
dir>
vi /etc/fstab
showmount -e svr; rpcinfo -p [svr] # testing NFS
# Network Time Protocol (NTP)
vi /etc/rc.netconfig.d/netdaemons
vi /etc/ntp.conf # nur NTP-Server: define pseudo-ip address(, peer
ip address(es))(, broadcast ip address)
vi /etc/ntp.conf # nurNTP-Client: define server ip address(es)(, driftfile
location)(, broadcastclient yes)
/sbin/init.d/xntpd start
ntpq -p # testing NTP
Kernel-Konfiguration
sam
cd /stand # ggf.
for file in vmunix dlkm system; do; cp ${file} ${file}.prev; cp ${file}_test
(resp. dlkm.vmunix_test und system.sam) $file; done # ggf.
Software-Installation (SD-UX)
# Software depot -> Bundle -> Product -> Subproduct -> Filesets ->
Files and Control scripts
swlist -l <depot>|<product[.[subproduct.]fileset]> [-s [<remote
host>:]<depot source path>]
swinstall [-s <depot source path>] # starts graphical user interface
(GUI) for interactive installation
swremove # starts graphical user interface (GUI) for interactive
removal
/sbin/init.d/swagentd start # nur auf SD-UX servern
swreg; swcopy; swremove # Depot-Verwaltung auf SD-UX-Servern
swverify; swconfig; swmodify # Software-Verwaltung auf SD-UX-Clients
Patch-Installation (SD-UX)
# Namenskonventionen: PH<CO|KL|NE|SS>[0-9]\{4\}
# mit: CO...allg. HP-UX-Kommandos, KL...Kernel Patches, NE...Netzwerk-spezifisches,
SS...sonstiges
# http://europe-support.external.hp.com ... Zugriff auf HP IT Resource
Center Patch Database
# http://software.hp.com -> Enhancement Releases ... Zugriff auf (required)
Patch Bundles
# weitere Patch-Quellen: HP-IT Resource Center Custom Patch Manager
(CPM), HP Support Plus CD-ROM, HP Response Center Patch Tapes
# Komplette Datensicherung
# Patch laden nach /tmp # nur bei Patch-Installation vom Web
cd /tmp; sh PH<patch identifier>; more PH<patch identifier>.text
# nur bei Patch-Installation vom Web
mkdir <mount dir>; mount /dev/dsk/<block dev file CD-ROM> <mount
dir> # nur bei Patch-Installation von CD-ROM
ls <mount dir>; more <mount dir>/GOLDBASE<release>.readme
# nur bei Patch-Installation von CD-ROM
swinstall -s /tmp/PH<patch identifier>.depot [-x autoreboot=true]
-x patch_match_target=true
swremove PH<patch identifier> # Patch-Löschung mit Rekonstruktion
aus /var/adm/sw/save
swlist -l patch; swlist -l product 'PH*' # listen bereits installierter
Patches
Betriebssystem-Installation
mit Ignite-UX
# HP-UX 11.11 Operating Environments (s.a. http://docs.hp.com -> HP-UX11i
Operating Environments (* 2!)):
# Base Operating System (BOS: Core Kernel, I/O Subsystems, Memory Mgmt
Subsystem, LVM, etc.)
# Technical Computing Operating Environment (TCOE: BOS + 3D Graphics
Libs, MLIB Math Lib, etc.)
# Internet Operating Environment (IOE: BOS + Apache Webserver, CIFS
File Server, Ignite/UX, SW Distributor/UX, Perl, etc.)
# Enterprise Operating Environment (EOE: IOE + MirrorDisk/UX, Online
JFS, GlancePlus, PRM Performance Tools, etc.)
# Mission Critical Operating Environment (MCOE: EOE + MC/ServiceGuard,
HP-UX Workload Mgr, Enterprise Cluster Mgmt Toolkit, etc.)
# Planung:
# HW-Pfad der Boot Disk? HW-Pfad der CD-ROM? IP-Adresse und Hostname?
LVM? JFS? Disk Space/FS? Swap Space? Zu installierende SW?
# Booten von Installationsmedium:
> search ipl; > boot p<Pfad Nummer> # lokales Installationsmedium
> search lan install; > boot lan.<ip address> install # remote Ignite-UX-Server
via LAN
set_parms initial # initiale Systemkonfiguration, wiederholbar
dd if=/dev/rdsk/<char dev file source> of=/dev/rdsk/<char dev file dest> bs=4096k # Duplizieren einer installierten Disk (Klonen)
Performance-Tools
# Tool-Typen: Real Time Monitoring, Data Collection Performance, Performance
Administration, Network Monitoring
# Real Time Monitoring Tools
# Unix allgemein:
sar [-ud] <interval/secs> [count] # System Activity Reports, -u
... CPU utilization, -d ... Disk Report
top [-s <interval/secs>] [-d <count>] [-n <Anzahl der angezeigten
Prozesse>] [-q] # CPU-belastende Prozesse, -q ... quick
vmstat [-nS] [<interval/secs> [count]] # Virtual Memory Statistics,
-n ... 80-Spalten-Ausgabe, -S ... mit Swapping-Infos
iostat [<interval/secs> [count]] # I/O-Statistik
time <command> ; timex <command> # Ausführungszeiten des
Prozesses
uptime [-lsuw] [user] # aktuelle System-Infos, -l ... long listing,
-s ... short listing, -u ... keine User-Infos, -w ... nur Benutzer-Infos
# HP-UX-spezifisch:
glance [-j <interval/secs>] [...]
gpm
# Data Collection Performance Tools
# Unix allgemein:
# acct-Tools-Suite: acctdisk, acctdusg, accton, acctwtmp, closewtmp,
utmp2wtmp # System Accounting
sar
# HP-UX-spezifisch:
MeasureWare # optionales Produkt
PerfView # optionales Produkt
# Performance Administration Tools
# Unix allgemein:
ipcs [-mqs] # Interprocess Communication Statistics, -m ... Shared
Memory Segmente, -q ... Message Queues, -s ... Semaphoren
ipcrm [...] # Löschen von Interprocess Communication Facilities
nice [-n <nice-Wert-Delta von 20>] command # Prozess-Aufruf mit
Nice-Wert
renice [-n <nice-Wert-Delta vom aktuellen Wert>] <Process ID>
# Nice-Wert-Änderung eines laufenden Prozesses
# HP-UX-spezifisch:
rtprio <priorität> [<command> | -<Process ID>] # Prozess-Aufruf
mit Real Time Priorität oder Prioritätsänderung eines laufenden
Prozesses
serialize |<command> | -p <Process ID>] # serielle Prozess-Bearbeitung
mit anderen "serialisierten" (Langlauf-)Prozessen
# Process Ressource Manager (PRM) # Feste Resourcen-Zuteilung für
hochperformante Prozesse
# Network Monitoring Tools
# Unix allgemein:
netstat [-inr] [...] # allgemeine Netzwerkstatistik
nfsstat [...] # Network File System (NFS) Statistik
ping [-ov] [-i <ip address>] <remote hostname> [-n <count>]
# sendet ICMP Echo Request-Pakete, -o ... IP-Route wird angezeigt
# HP-UX-spezifisch:
ndd [-get | -set] # Netzwerk-Parameter-Tuning
nettune # Netzwerk-Parameter-Tuning
# NetMetrics