HP UX Cheatsheet
Hardware Types:
9000 Series = PA-RISC based architecture
Integrity Series = Intel Itanium
Mounting CDROMs:
Get the device-file-name for
the cd rom.
> ioscan -fnC disk
Use this device-file-name to
mount the cd.
> mount device-file-name /mnt/local
Partitioning (Virtualization)
Creating Node
Partitions (nPars) – hardware partitioning
1)
Create Genesis
Partition – go to MP -> CM -> CC and choose option G
2)
Choose Cell that
has IO board and core I/O card
3)
Once created, type
BO to boot the nPar and insert the HP DVD to start the install
4)
After
installation, check with the: parstatus command
parstatus
–w
parstatus
–Vp0
Now you must create the nPar:
1)
Check for an
available cell board with: parstatus –AC
2)
Find an available
I/O chassis with: parstatus –AI
3)
parcreate –P
test_npar –c1::: ###Create the
test_npar
4)
Define the boot
and alt boot disk with: parmodify –p1 –b 1/0/0/2/0.6.0 –t 1/0/0/3/0.6.0
5)
parstatus –Vp1 and
parstatus –P ###Check
partition status
To add a cell to an nPar do:
parmodify –p1 –a2::y: -B
shutdown –Ry now
parstatus –P
To remove an nPar: parremove –Fp1
shutdown –Ry now
Note: they can also be managed
through SMH
Creating Virtual
Partitions (vPars) – software partitioning
1)
You must have the
following installed: swlist | grep
T1335CC
2)
vparcreate –p
test_vpar0 –a cpu::2 –a cpu:::1:2 –a cpu:41 –a mem::8192 –a io:1/0/0/2 –a
io:1/0/0/3 –a io:1/0/0/2/0.6.0:BOOT –B search –B auto ### creates 1 bound and unbound CPU processor for the vpar with 8GB
of memory and searches for bootable devices
3)
Load vpmon on each
reboot: (9000 series) mkboot –a
“hpux/stand/vpmon –a“/dev/rdsk/c0t6d0
(Integrity) mkboot –a “boot vpmon –a” /dev/rdsk/c0t6d0
4)
Boot the vPar either from: a)
cntrl-a and at MON>vparload –p test_vpar0 b) ISL>hpux /stand/vpmon vparload –p
test_vpar0
5)
vparstatus;vparstatus
–vp test_vpar0 ####Get
status information
To add a bound CPU to vPar:
shutdown –hy now
vparmodify –p test_vpar0 –m
cpu:::1:3 ###Increase
max CPU limit to 3
vparmodify –p test_vpar0 –a
cpu:141 ###Adds
new CPU path
vparboot –p test_vpar0
vparstatus –vp
To add an unbound:
vparmodify –p test_vpar0 –m
cpu:::1:4
vparmodify –p test_vpar0 –a
cpu::1
To delete bound CPU:
shutdown –hy now
vparmodify –p test_vpar0 –d
cpu:141
vparboot –p test_vpar0
To delete unbound CPU:
vparmodify –p test_vpar0 –m
cpu::2
vparmodify –p test_vpar0 –d
cpu::1
To add an LBA to a vPar:
vparmodify –p test_vpar0 –a
io:3.0.0.3
vparboot –p test_vpar0
vparstatus –vp
To remove an LBA from vPar:
vparmodify –p test_vpar0 –d
io:3.0.0.3
vparboot –p test_vpar0
To add memory to vPar:
vparmodify –p test_vpar0 –a
mem::4096
vparboot –p test_vpar0
To reset a vPar:
vparreset –p test_vpar0
To remove vPar:
vparremove –p test_vpar0
To reboot VPMON:
Sut down all vPars
Go to MON> and verify all
are down
Power off server
Interact with BCH or EFI as
needed
Execute BO from BCH
ISL>hpux /stand/vpmon
Press Cntrl-A and at MON>
vparload –all
Console Access LOM
Configuration
Console - RS232 port with a
Null Modem connection
TO configure the REMOTE ILO:
1) CNTRL-B to access from the RS-232 console to ILO Prompt
Main Menu and CO takes you to the system console
2) Type CM -> from here you can type PC to power off/on
the system if you need to
3) Type LC to change the LAN config
4) If needed, type D to disable DHCP or the option beside
the parameter you want to change i.e. I for IP Address
5) When done, type XD -R to reset the ILO
Note: CL will access the
console logs
Ethernet Interface
Configuration
To check interfaces: lanscan OR nwmgr then ifconfig
interface_name
Menu Driven
Configuration (Smitty)
sam or smh Kind of like
smitty AND you can see the commands it is buildings with a tab to [preview] OR
show SAM log
Initial Configuration
Parameters
set_parms initial #can change paramters like
date/time and console/network - DOES INITIAL SETUP
Basic System Info and Healthchecking
top OR glance
vmstat OR vmstat -n Checks
for page ins and outs
netstat -in
sar 5 5
df -k and df -b or bdf (shows
disk usage and disk free)
tail
/var/adm/syslog/syslog.log Like
/var/adm/messages
/usr/sbin/swapinfo Gives Swap
information
osinfo Gives OS
versions and 64 bit/32 bit capability
machinfo Gives
Machine serial number and such
model OR getconf Get machine
model info
dmesg | grep -i phys Gives physical
memory count
dmesg Displays kernel
ring buffer messages
Device Scanning
ioscan Show devices and probe for new ones OR:
insf -e Scans for new hardware (devfsadm) - use with ioscan
Disks
ioscan -fnk -C disk Show Disks (without the k
allows detection of new disks)
also diskinfo -v path_to_disk Gives disk size info
Conversion from
major/minor number to CTD(S) format for LUNs:
0x1F170100 is major/minor number
1F = Disk Major Number that points to device
driver (31 dec – block device for sdisk)
17 = Bus Number (23 dec)
0 = SCSI target (0 dec)
1 = LUN number (1 dec)
00 = Slice/partition (00 dec)
All of this = c23t0d1
View Legacy Hardware Path ioscan -f
View Lunpath Hardware Path ioscan –fnNk |
grep lunpath
ioscan –fnkCdisk Show
SCSI disk DSF naming
ll /dev/dsk OR ll /dev/rdsk View Major
and Minor disk numbers
lsdev | grep sdisk Show
major numbers for character/block device
ll /dev/disk OR ll /dev/rdisk Show Agile
DSF’s
ioscan –fNnk Show
disk devices in agile view
ioscan –m dsf Map
legacy DSF to persistent DSF
ioscan –m hwpath Map
lun hardware path, lunpath and legacy path
ioscan –m lun Map
lun hardware to lun path for all storage
ioscan –B List
deferred bindings
scsimgr get_info –H
lunpath_hardware_path Show stats
on particular LUN
scsimgr get_stat –D
/dev/rdisk/disk22 Get
stats on persistent lun path
scsimgr get_attr –D
/dev/rdisk/disk22 –a wwid –a serial_number Get
attributes from disk (wwn, SN)
scsimgr lun_map –D
/dev/rdisk/disk22 Display
lunpaths of a LUN /dev/disk/disk22
insf –e Create
disk special files for all new/existing devices
To create DSF using mknod:
cd /dev
mknod test c 64 0x010000 Make
special file major number 64 and minor 0x010000
ll test
lssf –s Show
stale DSF’s for removed devices
lssf /dev/disk/disk22 Show
disk characteristics
rmsf –H hardware_path Remove
DSF for a hardware path
Users
/etc/skel Kind of like the default user
.profile and .login and such
export PS1='$PWD $'
useradd, usermod, and userdel
work much like they do in Solaris/Linux
groupadd, groupmod, groupdel,
newgrp work much like they do in Solaris/Linux
usertat –u username Check lock
status of a user
Creating templates to add
multiple users:
smh -> Accounts for Users
and Groups ->Templates
last Display
user logons
lastb Display unsuccessful
logons
ulimit –a Display
process resource limits
ulimit –f 1 Set
maximum file size for user to 1 KB
/opt/hpsmh/lbin/hpsmh start Starts the Web Management
Daemon
Logs can be viewed with
/usr/sam/bin/samlog_viewer
smh –r Can restrict
users to run smh
Extending Logical
Volumes
Man extendfs (how to extend a
logical volume with filesystem)
umount /dev/vg00/lvol1
lvextend -L larger_size
/dev/vg00/lvol1
extendfs -F hfs /dev/vg00/rlvol1
mount /dev/vg00/lvol1
mount_directory
EX:
# bdf
Filesystem kbytes used
avail %used Mounted on
/dev/vg00/lvol3 1048576
163120 878576 16% /
/dev/vg00/lvol1 1835008
170688 1651416 9% /stand
/dev/vg00/lvol8 8912896
876648 7973504 10% /var
/dev/vg00/lvol7 5373952 2840728 2513512 53% /usr
/dev/vg00/lvol4 524288
21328 499040 4% /tmp
/dev/vg00/lvol6 8241152 4632080 3580912 56% /opt
/dev/vg00/lvol5 114688
5840 108000 5% /home
# lvextend -l 100
/dev/vg00/lvol6
Starting / Stopping
Services
/sbin/init.d/ directory where services are -
pass the service you want with a start/stop
i.e. /sbin/init.d/sendmail
start
NETWORKING FILES SOLARIS
EQUIVALENT:
/etc/defaultrouter
/etc/rc.config.d/netconf
/etc/inet/netmasks
/etc/rc.config.d/netconf
/etc/hostname.hme0
/etc/rc.config.d/netconf
Shell Scripting
strings filename Prints out any text possible from binary
file
set –o vi Enables command line editing
stty erase [bsp] Set tty backspace character
awk ‘{print $1 “ “}’ filename Print 1rst field of file with a tab after
set and env Print variables (set = user and
env = environment)
WBEM
swinstall –s
/var/tmp/WBEMSvcs_A.02.07_HP-UX_B.11.31_IA_PA.depot Install WBEM
swverify WBEMServices WBEMSvcs Verify
Install
cimserver;/sbin/init.d/cim_server
start (stop) Start
/ Stop WBEM
osinfo Check
WBEM
Software Maintenance
/usr/sbin/swagentd –k OR
/sbin/init.d/swagentd start|stop Start/Stop
swagentd
swagentd –r Restart
swagentd
swlist Show
installed software
swlist –l product Display
installed software products
swlist –l subproduct Display
installed subproduct
swlist –l fileset Display
all installed filesets
swlist –I Run
swlist in GUI/TUI
swinstall Install
software
swinstall –s /var/depot Install
software in location with all defaults
swinstall –s hp02:/var/depot Install
software residing on remote machine
swinstall –s /var/depot IGNITE Install ignite
software without graphical/text interface
swverify –v IGNITE Verify
installed software
swremove Start
software removal process
swremove IGNITE Removes
ignite software
Software Depots
swopy –s /dvdrom IGNITE @
/var/depot Copy Ignite
software from DVD to local depot
swcopy –s /dvdrom ‘*’ @ /
var/depot Copy all
software from DVD to local depot
swreg –l depot /var/depot Register
a depot (-ul unregisters)
swlist –l depot List
depot
swlist –l product –d @
/var/depot List
depot contents
swverify –d \* @ /var/depot Verify
software in /var/depot
swremove –d IGNITE @
/var/depot Remove
IGNITE from software depot
swremove –d \* @ /var/depot Remove a
software depot
Patches
swlist –l patch –x
show_superceded_patches=true Show patches
that are overrided
show_patches Show
patch listing
swlist –l fileset –a
patch_state *,c=patch Show
patch state
swlist –l fileset –a
category_tag *,c=patch Show
patch category
swlist –l fileset –a ancestor
*,c=patch Show
the ancestry of a patch
swlist –l patch Show
all patches
Install individual patch:
mkdir /var/depot/patches
mv hpux_11.31_04150209.tar
/var/depot/patches
cd /var/depot/patches
tar –xvf
hpux_11.31_04150209.tar
./create_depot_hpux.11.31
swinstall –s
/depot/patches/depot
OR
mkdir /depot/patch_depot
mv hpux_800_11.31.depot
/depot/patch_depot
cd /depot/patch_depot
swreg –l depot
/depot/patch_depot/hpux_800_11.31.depot
swinstall –s
/depot/patch_depot/hpux_800_11.31.depot
To install from DVD:
swreg –l depot /dvdrom
swinstall –s /dvdrom
Verifying Patches
swverify PHCO_36032 Verify individual
patch
swverify BUNDLE Verify a bundle
(cluster) patch
OR
check_patches
Roll back a patch
swremove PHCO_360250
Committing Patches
swmodify –x pathc_commit=true
PHCO_36569 Commits the
patch
cleanup –c 1 Commits
superceded patches and removes files
cleanup –d /depot/patch_depot Removes
superceded patches from a depot
Patch Assessment Tool – can be
downloaded from http://itrc.hp.com via the
swainv script. Execute this on the
system.
Checking against most current
patches on internet - /opt/sec_mgmt/spc/bin/security_patch_check –d –r
Or if you download and gunzip
the security catalog from HP, run:
/opt/sec_mgmt/spc/bin/security_patch_check
–d –c /tmp/security_catalog2
Software Assistant
Download and install
with: swinstall –s
/var/tmp/SwAssistant_C.01.04_HP-UX_11iv2+v3_IA_PA.depot
swa report Works
if you are connected to the Internet
If not connected to Internet:
Download the catalog file
and: gunzip /tmp/swa_catalog.xml.gz
swa report –x
catalog=/tmp/swa_catalog.xml
If it finds any identified
patches run: swa get –t /var/depot
Logical Volume
Management
lvdisplay /dev/vg00/lvol1 Display
logical volume info
ioscan –fNnkCdisk Display
available disks
setboot Shows
bootable disks and which one is boot disk
diskinfo –b /dev/rdisk/disk5 Show size of
disk5
Creating physical
volumes
mediainit /dev/rdisk/disk22
pvcreate –f /dev/rdisk/disk22
pvdisplay –v /dev/disk/disk22 #Show physical volume
information
Creating Volume Groups
mkdir /dev/vg01
cd /dev/vg01
mknod group c 64 0x010000 #Creates group
file as character with major number64 and minor number 0x10000
vgcreate vg01 /dev/disk/disk22
vgdisplay –v vg01 #Show
volume group characteristics
Create Logical Volumes
lvcreate vg01
vgdisplay –v vg01 #Show
the volume groups/logical volumes/physical volumes
OR:
lvcreate –L 3150 –n lvdata1
vg01 #Create
3150MB lvdata1 logical volume in vg01
lvdisplay /dev/vg01/lvdata1 #Display
logical volume characteristics
Extending Logical
Volumes
lvextend –L 1000
/dev/vg01/lvol1 Extends
the logical volume by 1000MB
lvextend –l 250
/dev/vg01/lvol1 Extends
the logical volume by 250 logical extents
Extending a Volume Group
pvcreate /dev/rdisk/disk23
vgextend vg01 /dev/disk/disk23
Changing the size of a
Physical Volume (i.e. a SAN LUN)
vgmodify –v vg01
/dev/disk/disk23 ##Expands
physical volume size
Reduce Logical Volume
lvreduce –L 500
/dev/vg01/lvol1 ##Reduces
logical volume by 500MB
Remove Logical Volume
lvremove /dev/vg01/lvol1 ##Remove
logical volume
Reduce Volume Group
vgreduce vg01 /dev/disk/disk23 ##Reduce a volume
group
Backup/Restore Volume
Group Config
ls -l /etc/lvmconf
vgcfgbackup vg01
vgcfgrestore –n vg01
/dev/rdisk/disk22
Rescan / Recover Lost Volume
Groups
vgscan
vgdsf ###Convert
Legacy DSF to persistent
Rename Volume Group
vgchange –a n vg01
vgexport –sv –m /tmp/vg01.map
vg01
mkdir /dev/vg01ora
cd /dev/vg01ora
mknod group c 64 0x020000
vgimport –sv –m /tmp/vg01.map
vg01ora
Remove a Volume Group
vgremove vg01ora
MIRRORING LVM
9000 (PA-RISC)
1. pvcreate –fB /dev/rdisk/disk5
2. vgextend vg00 /dev/disk/disk5
3. mkboot /dev/rdisk/disk5
4. mkboot –a “hpux –lq(;0)/stand/vmunix” /dev/rdisk/disk5
5. lvextend –m 1 /dev/vg00/lvol1 /dev/disk/disk5
6. lvextend –m 1 /dev/vg00/lvol2 /dev/disk/disk5 ….. all
the way to lvol8
7. vgdisplay –v vg00
8. lvdisplay –v /dev/vg00/lvol1
9 lvlnboot –b /dev/vg00/lvol1
lvlnboot –r /dev/vg00/lvol3
lvlnboot –s /dev/vg00/lvol2
lvlnboot –d /dev/vg00/lvol2
lvlnboot –R
10. cat /stand/bootconf
11. lvdisplay /dev/vg00/lvol2
shutdown –ry now
12. ISL>hpux –lm
13. vgchange –a y –s vg00
14. lvchange –M n –c n /dev/vg00/lvol2
lvdisplay /dev/vg00/lvol2
15. reboot
16. setboot –a 0/0/4/0/0.0x0.0x0
lvlnboot –v
setboot
17. mkboot –a “hpux –lq(;0)/stand/vmunix” /dev/rdisk/disk2
lifcp /dev/rdisk/disk2:AUTO –
Integrity (Itanium)
1. vi /tmp/part_desc
3
EFI 500MB
HPUX 100%
HPSP 400MB
2. idisk –wf /tmp/part_desc/dev/rdisk/disk5
3. idisk /dev/rdisk/disk5
4. insf –e
ls –l /dev/rdisk | grep disk5
ls –l /dev/disk | grep disk5
5. pvcreate –fB /dev/rdisk/disk5
6. mkboot –e –l /dev/rdisk/disk5
7. efi_cp –d /dev/rdisk/disk2_p1 –u /efi/hpux/auto
/tmp/auto_file
efi_cp –d /dev/rdisk/disk5_p1
/tmp/auto_file/efi/hpux/auto
8. vgextend vg00 /dev/disk/disk5_p2
Now run through steps 5-11 on the 9000 instructions
above
10. HPUX> boot –lm vmunix
11. Follow steps 12 – 16 in 9000 instructions above
12. vi /tmp/auto_file
efi_cp –d /dev/disk/disk2_p1 /tmp/auto_file
/efi/hpux/auto
efi_cp –d /dev/disk/disk5_p1 /tmp/auto_file
/efi/hpux/auto
Mirroring Non-Boot VG
1. pvcreate –f /dev/rdisk/disk23
2. vgextend vg01 /dev/disk/disk23
3. lvextend –m 1 /dev/vg01/lvol1/dev/disk/disk23
lvextend –m 1 /dev/vg01/lvol2 /dev/disk/disk23
4. Use vgdisplay and lvdisplay to see results
Strict allocation policy By default turned
on when the logical volume is created to make certain that a mirror of a
logical volume is not occupying the same disk.
Can be turned off with –s n switch in lvcreate command.
Physcial Volume Groups (PVG) –
created by creating the /etc/lvmpvg file:
VG /dev/vgweb
PVG PVG0
/dev/disk/disk10
/dev/disk/disk11
/dev/disk/disk12
PVG PVG1
/dev/disk/disk30
/dev/disk/disk31
/dev/disk/disk32
Then: vgdisplay –v vgweb
If at this point you: lvcreate –L 2000 –m 1 –s g vgweb ### -s g is Strict
Allocation to put data on different disks in different PVG’s
lvcreate –L 2000 –m 1 –D y –s
g vgweb ####Round robin
distributed allocation (the –D y) of Physical Extents within the PVG that are
then mirrored in the second PVG
Managing Mirrors
lvextend –L 4000
/dev/vgweb/lvol1 ####Extend
mirrored LV to
4000 MB
lvreduce –L 1000
/dev/vgweb/lvol1 ####Reduce
mirrored LV by
1000 MB
lvsplit /dev/vgweb/lvol1 ####Split mirror (detatch)
lvmerge /dev/vgweb/lvol1b
/dev/vgweb/lvol1 ####Merge
(attach) submirror
lvsync /dev/vgweb/lvol1 ####Sync
a stale mirror
vgsync vgweb ####Sync
all logical volumes in mirror
Filesystems
fstyp –l ####List
supported filesystem types
newfs –F hfs /dev/vg01/rlvol1 ####Create HFS
filesystem with defaults
newfs –F vxfs /dev/vg01/rlvol2 ####Create JFS filesystem with
defaults
newfs –F hfs –o largefiles –m
15 /dev/vg01/rvol1 ###Create filessytem
with largefiles and maintain 15% minimum free space
NOTE: there are specific versions of newfs in
/sbin/fs/(hfs/vxfs)/ that can create new filesystems
Mount a filesystem
mkdir /data1
mount –F hfs /dev/vg01/lvol1
/data1
mkdir /data2
mount –F vxfs /dev/vg01/lvol2
/data2
cat /etc/mnttab
bdf OR bdf -i ####Kind of like df –k – views mounted
filesystems
bdf –t hfs ####Specify filsystem type
utilization
quot /var ####Gives user fielsystem
utilization info
mount –v ####Also views mounted
filesystems
Extending a filesystem
lvextend –L 1000
/dev/vg01/lvol1
umount /data1
extendfs –F hfs
/dev/vg01/rlvol1
Also you can use this command
instead of extendfs if this is vxfs:
fsadm –F vxfs –b 2560000
/data2 ####The
–b is 2056 X 1024
Reducing filesystem then
the Logical Volume
HFS cannot be reduced
dynamically, but JFS (vxfs):
fsadm –F vxfs –b 2048000
/data2
lvreduce –L 2000
/dev/vg01/lvol2
lvremove /dev/vg01/lvol1 ###Removes a filesystem
vxtunefs /home ###Display filesystem
tuning parameters
fsadm –F vxfs –ed /var ###Defragments a JFS filesystem
fuser –cu /var ###Find out what
user/process is holding filesystem
fuser –ck /var ###Kill user/process
holding filesystem
umount –a OR umountall ###unmount all noncritical filesystems
mount –a OR mountall ####mount all filesystems
/etc/fstab File that
holds the system filesystem mount definitions
fsck –F hfs –f
/dev/vg01/rlvol1 ###Repair a
filesystem
fsck –o full /dev/vg01/rlvol2 ###Force filesystem check
without intent log replay
Replace/repair
superblock
Look for an alternate
superblock in /var/adm/sdtab then:
fsck –F hfs –b 16
/dev/vg01/rlvol1
Mount DVD/CD
ioscan –fNnkCdisk | DVD
mkdir /dvdrom
mount –F cdfs –o ro
/dev/disk/disk3 /dvdrom
OR to keep filename case:
mount –F cdfs –o cdcase –o ro
/dev/disk/disk3 /dvdrom
to unmount:
umount /dvdrom
LOFS filesystems –
virtual filesystem to point existing directory or filesystem to a different
path
mkdir /lofs
mount –F lofs /usr /lofs
Ex. makes all files and
subdirectories under /usr accessible via /usr and /lofs
Swap
swapinfo View
swap areas
swapinfo –atm Gives
totals with swap info
Creating a swap device
lvcreate –L 500 –n swapvol
vg01
swapon /dev/vg01/swaplvol
swapinfo | grep swaplvol
Create a filesystem swap
swapon –l 100m /data2
swapinfo | grep data2
Note: swap spaces must be
added to /etc/fstab to be available at boot
ISL Commands
ISL>display Show boot values for
autoboot and autosearch
ISL>hpux –is Boot
to single user
ISL>hpux –lm Boot to
LVM maintenance
ISL>hpux –lq Boot
without mirror quorum checking
ISL>hpux set autofile “hpux
–lq(;0)/stand/vmunix” Set
boot string at ISL
ISL>lsautofl View/verify
auto file’s contents
ISL>hpux
(0/0/4/0/0.0;0)/stand/backup/vmunix
Boot from a non-default kernel
ISL>hpux
/stand/backup/vmunix Boot from kernel on primary boot disk
ISL>hpux ll /stand List contents
of /stand directory
FROM OS SHELL:
setboot Shows same at the shell
setboot –b on/off enables / disables autoboot
setboot –s on/off enables / disables
autosearch
setboot –p device sets primary boot device
setboot –h device sets HA alt boot device
setboot –a device sets alt device
mkboot –a “hpux
–lq(;0)/stand/vmunix” /dev/rdisk/disk2 Sett
boot string at shell
lfcp /dev/rdisk/disk2:AUTO - View/verify auto file’s
contents at prompt
BCH commands
sea searches for devices to
boot from
Boot Integrity Server
Manually
1) Highlight EFI shell from boot manager and press ENTER to
get into EFI shell
2) Use map command to list known mapped filesystems
Shell>map
Select filesystem by entering its mapped named i.e.
fs1:
3) fs1:>hpux
4) To manually boot the system i.e. to single user or LVM
main mode, interrupt the boot process during timeout period
Modify Boot Delay
Shell>autoboot on/off Turn on and off
autoboot
OR shell:
# setboot –b on/off
From boot manager:
Boot config -> Autoboot
Config ->Set Autoboot Timeout ->specify a number
OR from EFI shell
Shell> autoboot 20 Changes to 20
sec
Booting from Alternate
Device
1) Highlight EFI shell from boot manager and press ENTER to
get into EFI shell
2) Enter map command to list boot devices
3) Select desired entry then press enter
4) Enter hpux to run the boot loader
Boot to Single User
1) Highlight EFI shell from boot manager and press ENTER to
get into EFI shell
2) Use map command to list known mapped filesystems
Shell>map
3) Select desired entry then hit enter
4) Run hpux command to invoke the \EFI\HPUX\HPUX.EFI loader
5) Boot to the HPUX> prompt by hitting any key within 10
sec
6) At the hpux.efi interface, enter the following to boot
the /stand/vmunix kernel to single-user state:
HPUX> boot –is
OR for LVM: HPUX> boot –lm OR
for alt kernel: HPUX>boot /stand/backup/vmunix
View Auto File
1) Follow steps 1 -3 in single user
2) cd \EFI\HPUX
3) ls
4) cat AUTO
5) edit AUTO
OR from secondary boot loader:
HPUX> showauto
To modify:
HPUX>setauto –d Delete auto file
HPUX>setauto “boot vmunix
–lq” Modifies auto file
OR from command prompt:
1) efi_cp –d /dev/rdisk/disk2s1 –u /EFI/HPUX/AUTO AUTO
2) vi the file
3) copy the file back to EFI partition with:
efi_cp –d /dev/rdisk/disk2s1 AUTO /EFI/HPUX/AUTO
Security
In /etc/default/security, edit
the lines:
BOOT_AUTH=1 and
BOOT_USERS=root to allow others to access single suer
Hardware Scanning:
Run ioscan and insf
cat /etc/rc.log Check boot log
Kernel Management
kcweb Kernel configuration tool
Other tools include kconfig,
kcmodule, kctune
kclog View
kernel logs
HPUX>boot shmmni=1000 Override boot kernel tunables
OR: ISL>hpux shmmni=1000
HPUX>boot SC_2 shmmni=1000 Override boot tunables with saved
kernel
ISL>hpux SC_2/vmunix
shmmni=1000
HPUX>boot –tm OR
ISL>hpux –tm Boot
to Tunable Maint Mode
Backup and Restore
pax –vwf /dev/rtape/tape1_BEST
/etc Write /etc/ to
tape
pax –vf /dev/rtape/tape1_BEST List contents of
tape device
pax –vrf /dev/rtape/tape1_BEST Restore from tape
pax –vrw /etc/ /var/tmp/etc Copy /etc
into /var/tmp
fbackup –f /dev/rtape/tape1_BEST
–i /home –I /tmp/index.home Level
0 backup of /home
frecover –rv Restore
all files from tape
dump 0u /data1 Level
0 backup of .data1
restore r Restore
from above
FOR JFS ONLY:
vxdump 0uf
/dev/rtape/tape2_BEST /home Level
0 backup to tape
vxrestore r
/dev/rtape/tape2_BEST Restore
from tape
find . | cpio –ocv >
/dev/rtape/tape2_BEST Archive
current directory and copy to tape
find . –mtime 7 | cpio –ocv
>/tmp/mod.cpio Archive only
those that changed in last week
cpio –ivc < /tmp/mod.cpio Restore
from archive
FOR TAPES ONLY:
find . | ftio –ocv >
/dev/rtape/tape2_BEST Backup
current dir to tape
cpio –itvc <
/dev/rtape/tape2_BEST List
backup
cpio –ivc <
/dev/rtape/tape2_BEST restore
from backup
Printing
lpshut OR /sbin/init.d/lp stop Stop scheduler
lpadmin –pprn1 –v /dev/lp –m
laserjet Configure
local printer with laserjet model
lpadmin –p prn3 –v /dev/lp
–c prn_class –m laserjet Create printer class prn_class and
add it to prn3
lpadmin –p prn1 –c prn_class Add prn1 to
prn_class
lpadmin –p prn1 –v /dev/null
–mrmodel –ocmrcmodel –osmrsmodel –ormhp01 –orpprn1 –v /dev/null Add
access to prn1 on hp01 ALSO you must
edit inetd.conf and uncomment the printer stream line
/opt/hpnp/bin/hppi Configure
HP Deskjet printer
lpadmin –dprn1 Make
prn1 default printer
lpadmin –d Show
default printer
enable/disable prn1 Enable
or Disable a printer
accept prn1 OR accept
prn_class Accept
printer requests to printer/class – change accept to reject to cancel
lpstat –t Check
printer status
lpadmin –pprn1 –g5 Change
printer priority
lpfence prn1 5 Change
printer fence level
Remove a printer:
reject prn1
disable prn1
lpadmin –xprn1
lp /etc/passwd Send
print job to print /etc/passwd
lpstat –o List
print requests on all printer queues
lpalt prn2 –o –p6 Change
print priority
lpmove prn1 prn2 Move
print job
cancel prn2-0 Cancel
a print request
Cron and Scheduling
Most of the cron facilities
mirror that of AIX, Solaris, and Linux.
Logs: cat /var/adm/cron/log
crontab fields:
Minute,Hour,Date of month,Month of year,Day of week, command
at 11pm find / -name core –exec rm {} \; Delete core
files at 11 PM
Note: cntrl-D submits the job
To check the jobs: ls –l
/var/spool/cron/atjobs
Syslog
Controlled through
/etc/syslog.conf
Start/Stop with
/sbin/init.d/syslog stop/start
Logged with: cat /var/adm/syslog/syslog.log
Healthchecking/Performance
Monitoring
uptime
sar
top
glance (or gpm)
swapinfo
vmstat
iostat
ps
ipcs
time or timex
nwmgr/netstat/lanadmin
Networking
nwmgr or lanscan Report
interfaces on the system
nwmgr –v –c lan4 Display
interface characteristics
ndd –h supported Displays
available TCP tunable parameters
/sbin/init.d/nettle start/stop Turn on/off TCP tracing
ioscan –fnkC lan Displays
network cards on system
linkloop 0x00306E469D5C Check link between you and
MAC address shown
lanadmin Menu
driven interface tool
lanadmin –a 1 Show
MAC of interface at PPA 1
lanadmin –s 1 Displays
NIC speed
lanadmin –x 1 Displays
NIC duplex
lanadmin –X 100fd 1 Sets speed/duplex
ifconfig lanx Report
ifconfig on interface shown in lanscan
ifconfig lan1:1 192.168.1.2 Add an alias interface to
lan1
To configure interfaces to start
at boot: vi
/etc/rc.config.d/netconf then run:
/sbin/init.d/net start
/etc/hosts Add
hostnames to IP’s
route add net 192.168.2.0
netmask 255.255.255.0 192.168.1.1 Add
a static route
route add default 192.168.1.1 Add
default route
route –f Flush
route tables
To add a route permanently,
add a route stanza to /etc/rc.config.d/netconf
OR use smh
Format:
ROUTE_DESTINATION[2]=default
ROUTE_GATEWAY[2]=192.168.1.1
ROUTE_COUNT[2]=1
DHCP
vi /etc/rc.config.d/netconf
DHCP_ENABLE[4]=1
Then:
/sbin/init.d/net start
Also IP addressing can be set
with set_parms initial
SERVICES
cat /etc/inetd.conf Can turn
off and on telnet and ftp by commenting out
It can be controlled by
entering in stanzas in /var/adm/inetd.sec at user and system level:
Ex. telnet allow 192.11.211.*
inetd –l Enabled
inetd connection logs – can be made permanent with: vi
/etc/rc.config.d/netdaemons and set INETD_ARGS to 1
inetd –c Reload
configuration
cat /etc/services Maps
service names to port and protocol
cat /etc/rpc Shows
RPC services and ports
/etc/hosts.equiv Can
allow passwordless connection with rcp, rlogin, and remsh
If + is in file allows all
users/all hosts. If – disallows all
users/all hosts.
SENDMAIL
To configure:
1. Add user accounts
2. vi /etc/rc.config.d/nfsconf and set NFS_SERVER to 1
3. Add this to /etc/dfs/dfstab:
/var/mail
4. vi /etc/rc.config.d/mailservs and set SENDMAIL_SERVER to
1
5. vi /etc/mail/sendmail.cw and add all client hostnames to
bottom of file
6. vi /etc/mail.sendmail.cf and add:
Fw/etc/mail/sendmail.cw
7. /sbin/init.d/nfs.server start
/sbin/init.d/sendmail start
Then on clients:
1. vi /etc/rc.config.d/mailservs and set:
SENDMAIL_SERVER=0
SENDMAIL_SERVER_NAME=hp02
2. vi /etc/rc.config.d/nfsconf and set NFS_CLIENT to 1
3. vi /etc/fstab:
hp02:/var/mail /var/mail nfs defaults 0 0
4. /sbin/init.d/sendmail start
/sbin/init.d/nfs.client start
Check sendmail:
mailq –v ####show mail queues
Aliases
To add a new alias to a user
account database, vi /etc/mail/aliases.
Then run newaliases
NTP
Configure Server (can be
done from smh too):
1. Select a time source (i.e. the example below local system at reserved
address 127.127.1.1 with stratum keyword fudge)
2. vi /etc/ntp.conf
server 127.127.1.1
fudge 127.127.1.1 stratum 9
If you use an internet time
system: server 11.59.99.3
For a peer: peer hp03
3. vi /etc/rc.config.d/netdaemons
NTPDATE_SERVER=11.59.99.3
XNTPD=1
4. /sbin/init.d/xntpd start
Client:
1. vi /etc/ntp.conf
server hp01
driftfile /etc/ntp/drift
2. vi /etc/rc.config.d/netdaemons
NTPDATE_SERVER=hp01
XNTPD=1
3. /sbin/init.d/xntpd start
ntpq –p Query NTP systems
ntptrace hp01 Find out where a
system is getting their time source
NFS
To configure an NFS server:
1. vi /etc/dfs/dfstab
share –F nfs –o ro /usr/share/man
share –F nfs –o anon=104 –d “Sendmail Binaries”
/opt/samba
2. vi /etc/rc.config.d/nfsconf
NFS_CORE=1
NFS_SERVER=1
START_MOUNTD=1
3. /sbin/init.d/nfs.server start
shareall
To configure NFS client:
1. showmount –e OR share
2. vi /etc/rc.config.d/nfsconf
NFS_CLIENT=1
3. /sbin/init.d/nfs.client start
4. vi /etc/fstab and add:
hp02:/usr/share/man /usr/share/man nfs ro 0 0
hp02:/opt/samba /opt/samba nfs defaults 0 0
5. create the mount points if they don’t exist with mkdir
6. mountall OR mount –aF nfs
showmount –e OR cat
/etc/dfs/sharetab Find
out what resources are shared
mount –v or bdf –t nfs See
what resources are mounted
fuser –cu /mount See
what PID/user is using a resource
fuser –ck /mount Kill
PID/user on a resource
umount /mount Unmount
share
unshared /usr/share/man Stop
NFS share
unshareall Stop
all NFS shares
nfsstat Check
NFS functionality
rpcinfo –p hp02 Ensure client is running all NFS
processes
rpcinfo –u hp02 mountd Checks
for mountd to be running
AUTOFS
To configure:
1. vi /etc/rc.config.d/nfsconf
NFS_CLIENT=1
AUTOFS=1
AUTOMOUNT_OPTIONS=””
AUTOMOUNTD_OPTIONS=””
AUTOMOUNT_TIMEOUT=600
2. /sbin/init.d/autofs.start
OR:
automountd
automount –v
Maps:
cat /etc/auto_master Show default master file with
entries below:
/net –hosts
–nosuid,soft,nobrowse
SAMBA/CIFS
Note: in inet.conf, uncomment
the swat line to allow access to SWAT vi: http://server:901
Configuration:
1. swlist –l product | grep CIFS
2. vi /etc/rc.config.d/samba
RUN_SAMBA=1
3. vi /etc/opt/samba/smb.conf
4. Make the following entries in smb.conf:
[global]
netbios name =hp02
workgroup =localwg
server string =CIFS server
hosts allow =192.168.1
security =user
[mail]
comment =Mail directory
path =/var/mail
writeable =yes
browseable =no
5. /opt/samba/bin/testparm
6. touch /var/opt/samba/private/smbpasswd
chmod 600 /var/opt/samba/private/smbpasswd
chmod 500 /var/opt/samba/private
/opt/samba/bin/smbpasswd –a username
7. /sbin/init.d/samba start
/opt/samba/bin/startsmb
8. /opt/samba/bin/smbstatus
To connect from a client:
1. swlist –l product | grep CIFS
2. vi /etc/rc.config.d/cifsclient
RUN_CIFSCLIENT=1
3. vi /etc/opt/cifsclient/cifsclient.cfg
domain = “LOCALWG”
4. /sbin/init.d/cifsclient start
/opt/cifsclient/bin/cifsclient
5. mkdir /mntdata
6. vi /etc/fstab:
win-serv01:/data /mntdata cifs defaults 0 0
7. vi /etc/hosts
192.168.1.220 win-serv01
8. mount –aF cifs
9. cifslogin win-serv01 testuser –P test!123 –s
10. cifslist
Note: cifsmount
//win-serv01/data/data –U testuser Mounts
a CIFS share hot
NIS
Configure Master Server
1) Make sure all passwd entries on all systems are part of
/etc/passwd or /etc/shadow and make sure there are no duplicates
2) domainname coppock ###Define
unique domain name
3) vi /etc/rc.config.d/namesvrs
NIS_DOMAIN=coppock
NIS_MASTER_SERVER=1
NIS_CLIENT=1
4) ypinit –m
When on the slave servers end the entry with Cntrl+d
5) /sbin/init.d/nis.server start
/sbin/init.d/nis.client start
Configure Slave Server
1) domainname coppock
2) vi /etc/rc.config.d/namesvrs
NIS_DOMAIN=coppock
NIS_SLAVE_SERVER=1
NIS_CLIENT=1
3) ypinit –s master_server_name ###Transfers maps from master server
4) /sbin/init.d/nis.server start
/sbin/init.d/nis.client start
Configure NIS Client
1) domainname coppock
2) vi /etc/rc.config.d/namesvrs
NIS_DOMAIN=coppock
NIS_CLIENT=1
3) /sbin/init.d/nis.client start
4) vi /etc/nsswitch.nis
edit all hosts and passwd and group files to include nis
Ex. passwd: nis[NOTFOUND=return]
files
To test: run ypwhich or
ypwhich –m
nsquery passwd user5 ###Find password
policy for user5
ypcat passwd ###Display
passwd ,map contents
ypmatch users group ###Kind of like
grep for NIS
yppoll passwd.build ####Displays
timestamp of map file
yppasswd user1 OR passwd –r nis ####Change NIS user passwd
yppush OR ypnmake ####Push
map updates to slave servers
ypset hostname ####Sets
the client NIS
binding
Secure NIS
1) Create /var/yp/securenets
2) Specify IP and mask of system or network not allowed
access
3) /sbin/init.d/nis.server stop
/sbin/init.d/nis.server start
DNS
what /usr/sbin/named Check BIND Version
Configuration is beyond the
scope of a cheatsheet and can be found on page 579 of the book
Ignite UX
GUI Configuration
1) edit /etc/inetd.conf and uncomment tftp
2) inetd –c
3) vi /etc/passwd
tftp:*:510:1:Trivial FTP
user:/home/tftpdir:/usr/bin/false
4) /opt/ignite/bin/ignite
5) Click Server setup
6) Enter Ip and MAC addresses – if this is an Integrity
client vi /etc/bootptab and insert the stanza on page 609
7) Skip DHCP
8) Select Copy CD
9) Exit
Boot a Client from
Ignite:
1) On client BCH menu
Main Menu: Enter Command> boot lan.192.168.1.2
install
This will boot the client and pull from HPUX server
192.168.1.2
Cloning to Network
1) mkdir –p /var/opt/ignite/recovery/archives/hp05
chown bin:bin /var/opt/ignite/recovery/archives/hp05
vi /etc/dfstab
/var/opt/ignite/recovery/archives/hp05
anon=2,access=hp01
shareall
2) make_net_recovery –v –s hp01 –a
hp01:/var/opt/ignite/recovery/archives/hp05
Create Client from Clone
1) Power on system
2) Interrupt boot with ESC to go to BCH
3) Main menu: Enter Command> boot lan install
4) DO not interact with IPL
5) Interrupt boot process within 10 sec and follow screens
to set hostname and Ip and such
If this is Integrity:
1) Power on system
2) Interrupt boot with ESC to go to EFI, go to Boot Option
Maintenace, Add a Boot Option
3) Select a network interface. At message prompt enter interface name:
LAN1. Go back to main menu.
4) Select new boot option and boot the system
5) Interrupt boot process within 10 sec and follow screens
to set hostname and Ip and such
Security
passwd –f –n 7 –x 28 ccoppock Sets password
expiration
passwd –s ccoppock Checks
for Password and expiration properties
pwconv Implements
shadow password
/etc/tsconvert Implements
“trusted mode” security (-r reverts back)
/usr/lbin/modprpw –lk username Unlocks a trusted
account user
PAM
/etc/pam.conf Controls
system-wide auth
/etc/pam_user.conf Controls
user-wide auth
cat /etc/pam.conf
Has entries such as:
login auth required /usr/lib/security/libpam.unix.1