Your Ad Here

AIX UNIX system administration

IBM AIX/UNIX system storage administration ksh/perl scripting

Monday, March 24, 2008

0516-070 : LVM system call found an unaccountable internal error.

On an IBM AIX 5.3 TL4 server,

# oslevel -s
/usr/bin/oslevel[601]: /tmp/sh158188.13: 0403-005 Cannot create the specified file.
# uname -a
AIX hostname 3 5 000EE4DC4C00

# # errpt -a
---------------------------------------------------------------------------
LABEL: DISK_ERR1
IDENTIFIER: 425BDD47

Date/Time: Mon Mar 24 10:40:07 EDT 2008
Sequence Number: 672
Machine Id: 000EE4DC4C00
Node Id: hostname
Class: H
Type: PERM
Resource Name: hdisk0
Resource Class: disk
Resource Type: scsd
Location: U0.1-P2/Z1-A8
VPD:
Manufacturer................IBM
Machine Type and Model......ST336607LC
FRU Number..................00P3068
ROS Level and ID............43353048
Serial Number...............000A91D5
EC Level....................H12094
Part Number.................00P2676
Device Specific.(Z0)........000003129F00013E
Device Specific.(Z1)........1217C511
Device Specific.(Z2)........0002
Device Specific.(Z3)........04132
Device Specific.(Z4)........0001
Device Specific.(Z5)........22
Device Specific.(Z6)........H12094

Description
DISK OPERATION ERROR

Probable Causes
MEDIA

User Causes
MEDIA DEFECTIVE

Recommended Actions
FOR REMOVABLE MEDIA, CHANGE MEDIA AND RETRY
PERFORM PROBLEM DETERMINATION PROCEDURES

Failure Causes
MEDIA
DISK DRIVE

Recommended Actions
FOR REMOVABLE MEDIA, CHANGE MEDIA AND RETRY
PERFORM PROBLEM DETERMINATION PROCEDURES

Detail Data
PATH ID
0
SENSE DATA
0608 0000 0800 0000 0800 0000 0000 0000 0102 0000 F000 0300 0000 020A 0000 0000
1600 D280 0086 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 A15F 0006
#

# lsvg
rootvg
# lsvg -o
rootvg
#
rootvg
# lspv
hdisk0 000ee4dcf07f0297 rootvg
hdisk1 000ee4dcb0242e5d rootvg
#
# lqueryvg -Atp hdisk0
Max LVs: 256
PP Size: 26
Free PPs: 56
LV count: 12
PV count: 2
Total VGDAs: 3
Conc Allowed: 0
MAX PPs per PV 1016
MAX PVs: 32
Conc Autovaryo 0
Varied on Conc 0
Logical: 000ee4dc00004c00000000ff7751ed2b.1 hd5 1
000ee4dc00004c00000000ff7751ed2b.2 hd6 1
000ee4dc00004c00000000ff7751ed2b.3 hd8 1
000ee4dc00004c00000000ff7751ed2b.4 hd4 1
000ee4dc00004c00000000ff7751ed2b.5 hd2 1
000ee4dc00004c00000000ff7751ed2b.6 hd9var 1
000ee4dc00004c00000000ff7751ed2b.7 hd3 1
000ee4dc00004c00000000ff7751ed2b.8 hd1 1
000ee4dc00004c00000000ff7751ed2b.9 hd10opt 1
000ee4dc00004c00000000ff7751ed2b.20 lv10 1
000ee4dc00004c00000000ff7751ed2b.21 lv11 1
000ee4dc00004c00000000ff7751ed2b.22 upgradelv 1
Physical: 000ee4dcf07f0297 2 0
000ee4dcb0242e5d 1 0
Total PPs: 1084
LTG size: 128
HOT SPARE: 0
AUTO SYNC: 0
VG PERMISSION: 0
SNAPSHOT VG: 0
IS_PRIMARY VG: 0
PSNFSTPP: 4352
VARYON MODE: ???????
VG Type: 0
Max PPs: 32512
# lqueryvg -Atp hdisk1
Max LVs: 256
PP Size: 26
Free PPs: 56
LV count: 12
PV count: 2
Total VGDAs: 3
Conc Allowed: 0
MAX PPs per PV 1016
MAX PVs: 32
Conc Autovaryo 0
Varied on Conc 0
Logical: 000ee4dc00004c00000000ff7751ed2b.1 hd5 1
000ee4dc00004c00000000ff7751ed2b.2 hd6 1
000ee4dc00004c00000000ff7751ed2b.3 hd8 1
000ee4dc00004c00000000ff7751ed2b.4 hd4 1
000ee4dc00004c00000000ff7751ed2b.5 hd2 1
000ee4dc00004c00000000ff7751ed2b.6 hd9var 1
000ee4dc00004c00000000ff7751ed2b.7 hd3 1
000ee4dc00004c00000000ff7751ed2b.8 hd1 1
000ee4dc00004c00000000ff7751ed2b.9 hd10opt 1
000ee4dc00004c00000000ff7751ed2b.20 lv10 1
000ee4dc00004c00000000ff7751ed2b.21 lv11 1
000ee4dc00004c00000000ff7751ed2b.22 upgradelv 1
Physical: 000ee4dcf07f0297 2 0
000ee4dcb0242e5d 1 0
Total PPs: 1084
LTG size: 128
HOT SPARE: 0
AUTO SYNC: 0
VG PERMISSION: 0
SNAPSHOT VG: 0
IS_PRIMARY VG: 0
PSNFSTPP: 4352
VARYON MODE: ???????
VG Type: 0
Max PPs: 32512
#

hdisk0 and hdisk1 have the same LVs.

# synclvodm -Pv rootvg
0516-070 : LVM system call found an unaccountable
internal error.
0516-544 synclvodm: Unable to access volume group rootvg.
#
# redefinevg -d hdisk1 rootvg
# redefinevg -d hdisk0 rootvg
#
# lspv hdisk1
0516-070 : LVM system call found an unaccountable
internal error.
PHYSICAL VOLUME: hdisk1 VOLUME GROUP: rootvg
PV IDENTIFIER: 000ee4dcb0242e5d VG IDENTIFIER 000ee4dc00004c00000000ff7751ed2b
PV STATE: ???????
STALE PARTITIONS: ??????? ALLOCATABLE: ???????
PP SIZE: ??????? LOGICAL VOLUMES: ???????
TOTAL PPs: ??????? VG DESCRIPTORS: ???????
FREE PPs: ??????? HOT SPARE: ???????
USED PPs: ??????? MAX REQUEST: 256 kilobytes
FREE DISTRIBUTION: ???????
USED DISTRIBUTION: ???????
# lspv -l hdisk1
0516-070 : LVM system call found an unaccountable
internal error.
# lspv -l hdisk0
0516-070 : LVM system call found an unaccountable
internal error.
# lspv hdisk0
0516-070 : LVM system call found an unaccountable
internal error.
PHYSICAL VOLUME: hdisk0 VOLUME GROUP: rootvg
PV IDENTIFIER: 000ee4dcf07f0297 VG IDENTIFIER 000ee4dc00004c00000000ff7751ed2b
PV STATE: ???????
STALE PARTITIONS: ??????? ALLOCATABLE: ???????
PP SIZE: ??????? LOGICAL VOLUMES: ???????
TOTAL PPs: ??????? VG DESCRIPTORS: ???????
FREE PPs: ??????? HOT SPARE: ???????
USED PPs: ??????? MAX REQUEST: 256 kilobytes
FREE DISTRIBUTION: ???????
USED DISTRIBUTION: ???????
#


# unmirrorvg rootvg hdisk0
/usr/sbin/unmirrorvg[467]: /tmp/sh161360.13: 0403-005 Cannot create the specified file.
#


I will be booting this server into maintenance mode via NIM, then run fsck's,
logform, type exit, then try redefinevg and synclvodm again.....if it
still fails I will have to restore it.

Stay tuned.

Posted by Sharing is caring at 8:27 AM 1 comments
Labels: ,

Tuesday, March 18, 2008

The ps command enhancement (5300-05)

From redbook "AIX 5L Differences Guide Version 5.3 Addendum".

The ps command has been enhanced in AIX 5L Version 5.3 5300-05. The command is used to show the current status of processes. Now it also providesprocess hierarchy information and a listing of descendant processes for givenPIDs. AIX 5L introduces three new options for the ps command, provided inTable 4-1.

Table 4-1 Flags of ps command

Flag Purpose
-Z Displays the page size settings of processes using three columns:DPGSZ indicates the data page size of a process.SPGSZ indicates the stack page size of a process.TPGSZ indicates the text page size of a process.

-L pidlist passed to it in the pidlist variable. The pidlist variable is a list ofcomma-separated process IDs. The list of descendants from all ofthe given PID is printed in the order in which they appear in theprocess table.

-T pid Displays the process hierarchy rooted at a given PID in a tree formatusing ASCII. This flag can be used in combination with the -f, -F, -o,and -l flags.

Example: The ps command new flags

# ps -efgrep [Ii]netd
root 282800 233670 0 Feb 16 - 0:00 /usr/sbin/inetd

# ps -L 282800
PID TTY TIME CMD
282800 - 0:00 inetd
512024 pts/3 0:00 dsmadmc
585896 pts/0 0:00 ksh
684180 pts/0 0:00 ksh
749668 - 0:00 telnetd
823476 pts/0 0:00 ksh
901212 pts/3 0:00 ksh
950364 pts/0 0:00 ksh
974978 - 0:00 telnetd

You can find all of he processes including their hierarchy in an ASCII tree formatby entering:

ps -T 0

The -T option is used to find all of the processes and sub-processes under aspecific user by providing the user’s Telnet IP address.

1. Find out the pts number of the user by giving the host name or the IP address:

# who
root pts/0 Nov 30 08:41 (kcyk04t.itsc.austin.ibm.com)
root pts/1 Nov 30 08:44 (proxy)
root pts/2 Nov 30 08:50 (kcbd0na.itsc.austin.ibm.com)

2. Find the shell for this user:

# ps -efgrep "pts/2"
root 254084 250022 0 08:50:49 pts/2 0:00 -ksh

3. Use ps -T options:

# ps -fT 254084

The -Z option of the ps command is added to support different page sizes. Formore information about Huge Page support and Large Page support in AIX 5LVersion 5.3, refer to 4.3, “Multiple page size support (5300-04)” on page 79.

Posted by Sharing is caring at 8:45 AM 0 comments
Labels: ,

Sunday, March 16, 2008

Firmware upgrade on IBM p-series 9111-520 without HMC

Today I did a OS upgrade on a 9111-520 standalone server, which means there is no LPAR configured on it. There is no HMC connection to it. We use the classic console.





The fimware level on it was 01SF222-075. I downloaded the latest firmware 01SF240_338_201 from IBM website and saved it to /tmp/fwupdate directory.




# rpm -Uvh --ignoreos /tmp/fwupdate/01SF240_338_201.rpm


# cd /tmp/fwupdate


# /usr/sbin/update_flash -f 01SF240_338_201





The image is valid and would update the temporary image to SF240_338.

The new firmware level for the permanent image would be SF222_075.
The current permanent system firmware image is SF222_075.The current temporary system firmware image is SF222_075.
***** WARNING: Continuing will reboot the system! *****
Do you wish to continue?Enter 1=Yes or 2=No

1





Server rebooted and show


"Rebooting"


on the console.





However, it hung there for about 40 minutes




The Service processor menu appear when I type "ENTER" . I go into 1. Power/Restart Control then select 1 to power on the server.


Welcome
Machine type-model: 9111-520
Serial number: 10XXXXX
Date: 2008-3-16
Time: 14:25:33
Service Processor: Primary
User ID: admin
Password: *****
Number of columns [80-255, Currently: 80]:
Number of lines [24-255, Currently: 24]:
System name: Server-9111-520-SN10XXXXX
Version: SF222_075
User: admin
Copyright ?2002-2004 IBM Corporation. All rights reserved.

1. Power/Restart Control
2. System Service Aids
3. System Information
4. System Configuration
5. Network Services
6. Performance Setup
7. On Demand Utilities
8. Concurrent Maintenance
9. Login Profile
99. Log out



S1> 1

Power/Restart Control

1. Power On/Off System
2. Auto Power Restart
3. Immediate Power Off
4. System Reboot
5. Wake On LAN
98. Return to previous menu
99. Log out


S1> 1

Power On/Off System
Current system power state: Off
Current firmware boot side: Permanent
Current system server firmware state: Not running

1. System boot speed
Currently: Fast
2. Firmware boot side for the next boot
Currently: Temporary
3. System operating mode
Currently: Normal
4. AIX/Linux partition mode boot
Currently: Continue to operating system
5. Boot to system server firmware
Currently: Running
6. i5/OS partition boot mode
Currently: D
7. Power on
98. Return to previous menu
99. Log out

S1> 7

The system is powering on.
PRESS ENTER TO CONTINUE:

S1>
You have logged out.
!!! LP10000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP10000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP11000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP11000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP11000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP11000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP11000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4












IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM
1 = SMS Menu 5 = Default Boot List 8 = Open Firmware Prompt 6 = Stored Boot List
memory keyboard network scsi speaker IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBMIBM IBM IBM IBM IBM IBM STARTING SOFTWARE IBM IBM IBM IBM IBM IBMIBM IBM IBM IBM IBM IBM PLEASE WAIT... IBM IBM IBM IBM IBM IBMIBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBMIBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM -\/-\/-\/-\/-Elapsed time since release of system processors: 2 mins 47 secs



------------------------------------------------------------------------------- Welcome to AIX. boot image timestamp: 04:31 03/16 The current time and date: 14:34:55 03/16/2008 number of processors: 2 size of memory: 3824Mbboot device: /pci@800000020000003/pci@2,4/pci1069,b166@1/scsi@0/sd@8:2closing stdin and stdout...

-------------------------------------------------------------------------------

I called IBM hardware support. The guy told me jumping from 01SF222_075 to 01SF240 will have 5% chance of failure. The solution is to reject the firmware in temporary side and apply a medium level firmware 01SF222_102,which is not available for download. He has to put it into testcase.boulder.ibm.com for me.

Rejecting the firmware will take about 5 minutes.

# /usr/lpp/diagnnostics/bin/update _flash -r

The reject operation is in progress. Please stand by.

The reject operation was successful.

Then I shut down the server.

# shutdown -F

When it is down "....Halt completed....". Wait for 3-4 minutes. Press ENTER, then the service processor menu appears. Go into Power/Restart Control and change firmware boot side from permenant to temporary. Power on the server.

Welcome
Machine type-model: 9111-520
Serial number: 10XXXXX
Date: 2008-3-16
Time: 15:04:39
Service Processor: Primary
User ID: admin
Password: *****
Number of columns [80-255, Currently: 80]:
Number of lines [24-255, Currently: 24]:
System name: Server-9111-520-SN10XXXXX
Version: SF222_075
User: admin
Copyright ?2002-2004 IBM Corporation. All rights reserved.
1. Power/Restart Control
2. System Service Aids
3. System Information
4. System Configuration
5. Network Services
6. Performance Setup
7. On Demand Utilities
8. Concurrent Maintenance
9. Login Profile
99. Log out

S1> 1
Power/Restart Control
1. Power On/Off System
2. Auto Power Restart
3. Immediate Power Off
4. System Reboot
5. Wake On LAN
98. Return to previous menu
99. Log out

S1> 1
Power On/Off System
Current system power state: Off
Current firmware boot side: Permanent
Current system server firmware state: Not running
1. System boot speed
Currently: Fast
2. Firmware boot side for the next boot
Currently: Permanent
3. System operating mode
Currently: Normal
4. AIX/Linux partition mode boot
Currently: Continue to operating system
5. Boot to system server firmware
Currently: Running
6. i5/OS partition boot mode
Currently: D
7. Power on
98. Return to previous menu
99. Log out

S1> 2
Firmware boot side for the next boot
Currently: Permanent
1. Permanent
2. Temporary
98. Return to previous menu without saving changes
99. Log out


S1> 2
Power On/Off System
Current system power state: Off
Current firmware boot side: Permanent
Current system server firmware state: Not running
1. System boot speed
Currently: Fast
2. Firmware boot side for the next boot
Currently: Temporary
3. System operating mode
Currently: Normal
4. AIX/Linux partition mode boot
Currently: Continue to operating system
5. Boot to system server firmware
Currently: Running
6. i5/OS partition boot mode
Currently: D
7. Power on
98. Return to previous menu
99. Log out

S1> 7
The system is powering on.
PRESS ENTER TO CONTINUE:
Power On/Off System
Current system power state: Off
Current firmware boot side: Permanent
Current system server firmware state: Unknown
1. System boot speed
Currently: Fast
2. Firmware boot side for the next boot
Currently: Temporary
3. System operating mode
Currently: Normal
4. AIX/Linux partition mode boot
Currently: Continue to operating system
5. Boot to system server firmware
Currently: Running
6. i5/OS partition boot mode
Currently: D
7. Power on
98. Return to previous menu
99. Log out

S1>
You have logged out.
!!! LP10000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP10000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4
!!! LP11000 Fcode, Copyright (c) 2005 Emulex !!! Version 1.50a4

Once the server is up, upgrade the firmware to 01SF222-102, then upgrade it to the latest 01SF240. Everything went well.

Posted by Sharing is caring at 12:33 PM 0 comments
Labels: ,

Friday, March 14, 2008

Tunable IPC/Shared Memory Kernel Parameters in AIX

The information in this document pertains to AIX 4.3 through AIX 5L.
--------------------------------------------------------------------------
In many UNIX systems, the following IPC Kernel variables need to be configured:
maxssiz
msgmax
msgseg
msgtql
msgmnb
msgmni
msgssz
In AIX, these values are fixed and cannot be changed by the user. However, this should not cause any problems as the desired values are well within the AIX limits as described in the AIX 5.3 manual, "General Programming Concepts: Writing and Debugging Programs".

On most UNIX systems you edit the /etc/master file to set limits for IPC mechanisms, such as semaphore, shared memory segments, and message queues. The only problem with this method is that the higher the limits are set, the bigger the kernel gets, which can affect performance. AIX uses a different method.

In AIX, upper limits are set for IPC mechanisms and the individual IPC types are dynamically allocated or deallocated up to these upper limits. Therefore, the kernel grows and shrinks as IPC types are allocated. Thus, any performance hit lasts only for the life of the IPC type.

This difference between UNIX and AIX methods sometimes confuses users who are installing or using databases. The important thing to remember is that in AIX, IPC limits are taken care of for you. The only limit that may cause a problem is the maximum number of shared memory segments per process, which is eleven (11) for a 32-bit program.

The structures containing IPC limits are defined in three include files:
/usr/include/sys/sem.h
/usr/include/sys/msg.h
/use/include/sys/shm.h
The structures themselves are called seminfo, msginfo, and shminfo, respectively. Only the structures are defined, not the contents.
To attach to more shared memory regions, create a shell script that sets up the environment for the application and export the following:

EXTSHM=on
This will permit a user process to attach to more than 11 Shared Memory Regions.

Use of Extended Shared Memory (environment variable EXTSHM=ON) should NOT be configured globally in the /etc/environment file, and caution should be used in setting this variable in a profile.

Processes that use shared memory segments in a conventional manner will fail if they run with in an environment with EXTSHM=ON.

Posted by Sharing is caring at 10:29 AM 0 comments
Labels: ,

Recovery from rm * from the Root (/) Directory in AIX 4 and 5

This document describes how to recover after running the rm command in the root directory and applies to AIX Versions 4 and 5.
----------------------------------------------------------------------------------


Summary of the recovery procedure

Deleting the files in the root directory will delete the following links:
bin -> /usr/bin
lib -> /usr/lib
u -> /home
unix -> /usr/lib/boot/unix_up ( or unix_mp )
In the root directory, removing the bin directory link disables the korn shell needed for login. The recovery will boot in service mode and rebuild the links.

NOTE: The following procedure describes how to boot the machine into maintenance mode, access the rootvg volume group and start a shell prior to mounting the file systems.
----------------------------------------------------------------------------------
Procedure
1. For booting the system into Service mode, please refer to Kernel fax, "Booting in Service Mode" for specific machine type.

2. With bootable media of the same version and level as the system, boot the system.
The bootable media can be any one of the following:
o Bootable CD-ROM
o NON_AUTOINSTALL mksysb
o Bootable Install Tape
Follow the prompts to the Welcome to Base OS menu.

3. Choose Start Maintenance Mode for System Recovery (Option 3).
The next screen prompts the Maintenance menu.
a. Choose Access a Root Volume Group (Option 1).
b. Choose 0 continue and Select Volume Group by number.
At this stage the console should display information about rootvg and also display a menu with two options.
c. Choose Access this volume group and start a shell before mounting the file systems (Option
2).
NOTE: If there are errors from the preceding option, do not continue with the rest of this procedure. Correct the problem causing the error. If you need assistance in correcting the problem causing the error, contact one of the following:
o local branch office
o your point of sale
o your AIX support center
If no errors occur, proceed with the following steps.

4. Mount the root file system. Enter:

5. fsck -y /dev/hd4
NOTE: When running the preceding command with -y, yes will be answered automatically.
mount /dev/hd4 /mnt

6. Rebuild the missing links. Enter:
cd /mntln -s /usr/bin binln -s /usr/lib/boot/unix_up unix OR ln -s /usr/lib/boot/unix_mp unixln -s /usr/lib libln -s /home u

7. Enter:
cd /
umount /dev/hd4
exit
sync;sync;sync
reboot the server
8. This should allow the machine to reboot in normal mode so logging in is possible. Depending on what else was in the root directory, files may have to be restored from a backup tape at this point.

Posted by Sharing is caring at 10:22 AM 0 comments
Labels:

How to mount ISO image file on AIX.

1. Create a new logical volume. Make sure the size of the logical volume is big enough to cover the image. Usually, this is at least 670 MB, the standard size of a CD.
ServerA:/tsmcode/5.3CDs# du -sk *
567496 C892HML.iso
502376 C892IML.iso
ServerA:/tsmcode/5.3CDs# mklv -y isolv rootvg 670M
isolv


This creates a logical volume "isolv" with at least 670 MB. The actual physical
partitions used is determined by the AIX OS.

2. Copy the ISO image to the device that contains the logical volume using command "dd".
ServerA:/tsmcode/5.3CDs# dd if=C892HML.iso of=/dev/isolv bs=2048

Note that the "dd" copying is a slow process. It may take about 40 minutes to copy a full CD (670 MB) in some LPAR machine.

3. Mount the logical volume as a CD-ROM file system to read the content.
# mount -v cdrfs -o ro /dev/isolv /mnt
# cd /mnt
# ls

Posted by Sharing is caring at 10:10 AM 0 comments
Labels: ,

Wednesday, March 05, 2008

Enhanced login privacy for AIX 5L Version 5.2.0

AIX 5L Version 5.2 now supports enhanced security options regarding the user’s interface. On the default AIX’s login screen, the user name is visible when entered and the password line also includes the user name. In some security environments, displaying the user name on the screen is considered a security exposure. In Version 5.2, the administrator has the option to change the login password prompt and to hide the user name from login and system messages. These settings can be configured as the system default or on a per port basis.

See the following example for the default behavior for logging in with telnet. The user is logging in as test9 and the user name test9 is displayed twice. The /usr/bin/su command also echoes the user name test8 in the password prompt.

telnet (server1)

AIX Version 5
(C) Copyrights by IBM and by others 1982, 2000.
login: test9
test9's Password:
...
$ su - test8
test8's Password:
$

The new attributes for login privacy are located in /etc/security/login.cfg. The pwdprompt attribute defines the password prompt message when asking for the password during login. The usernameecho attribute is a boolean value that determines whether the user name is displayed during login and security related messages. If usernameecho is false, the user name will be hidden during login and security related messages. If usernameecho is true (the default), user names are displayed as normal. To set these attributes on a per port basis, you must create a new stanza if necessary for that port (for example, /dev/lft0) and add the attributes to that port. If you want to make these attributes system-wide, add them to the default stanza. Attributes in the port-specific stanza will override attributes in the default stanza.

The following example shows the result of changing the system-wide password prompt to Password:.

# chsec -f /etc/security/login.cfg -s default -a pwdprompt="Password:"

telnet (server1)

AIX Version 5
(C) Copyrights by IBM and by others 1982, 2000.
login: root
Password:

In the following example, the password prompt is reset to default and usernameecho is set to false. The output for the telnet session is below. Notice that the user names displayed for the /usr/bin/su and /usr/bin/passwd commands are hidden.

# chsec -f /etc/security/login.cfg -s default -a pwdprompt=
# chsec -f /etc/security/login.cfg -s default -a usernameecho=false

telnet (server1)

AIX Version 5
(C) Copyrights by IBM and by others 1982, 2000.
login:
*****'s Password:
...
$ passwd
Changing password for "*****"
*****'s Old password:
*****'s New password:
Enter the new password again:

$ su - test8
3004-500 User "*****" does not exist.

$ su - test4
*****'s Password:

The following example shows how to specify the usernameecho attribute for a specific port (for example, /dev/lft0). Attributes specified in per port stanzas override the default stanza.

chsec -f /etc/security/login.cfg -s /dev/lft0 -a usernameecho=false

With the password prompt attribute pwdprompt set, the specified string is used by the su command when invoked by a non-root user, but the string will not be used by the passwd command to change the existing user password.

Posted by Sharing is caring at 2:25 PM 0 comments

Why Numbers from "du -s" and "df" Disagree
This document describes why numbers returned by du -s and df are inconsistent. The document applies to AIX Versions 4 and above.
About du -s and df
The problem
Why the numbers do not add up
The ls command

About du -s and df
Notice du and df report on only the blocks allocated for data actually written. The ls command reports slightly different results depending on the type of file. See the section in this document, "The ls command".
At AIX versions prior to 4.1, df reports its statistics in 1024-byte units and du reports in 512-byte units. At AIX 4.1 and later, both df and du default to 512-byte units. The following discussion addresses df and du; thus all units are in 512-byte blocks.

The problem
Sometimes du and df are used to get a free block value: df is used to report the total block count, and then the value returned by du -s /filesystem_path is subtracted from that total to calculate the free block value. However, this method of calculation yields a value that is greater than the free block value reported by df.
For example, sample output from executing du -s /tmp is as follows:
12920 /tmp
Sample output from executing df /tmp on the same system is as follows:
Filesystem 512-blocks Free %Used Iused %Iused Mounted on
/dev/hd3 57344 42208 26% 391 4% /tmp
Here, the - = : 57344 - 12920 = 44424.
44424 is greater than 42208. The reason for this discrepancy involves the implementation of du and df.
du -s
du -s traverses the file tree, adding up the number of blocks allocated to each directory, symlink, and file as reported by the stat() system call. This is how du arrives at its total value.
df
df looks at the file system disk block allocation maps to arrive at its total and free values.

Why the numbers do not add up
The file system allocates some of the disk blocks in the file system to record its data. This data is referred to as meta data. Meta data is not visible to most user-level programs. Examples of meta data are inodes, disk maps, indirect blocks, and super blocks.
1. du is an example of a user-level program that is not aware of file system meta data, while df looks at the file system disk allocation maps and is aware of file system meta data. df obtains the true file system statistics, whereas du sees only a partial picture. For example, an empty 4MB JFS file system created with frag=4096 and nbpi=4096 has the following meta data allocated:
2. 1 4k block for the LVM
3. 2 4k super blocks
4. 2 4k blocks for disk maps
5. 2 4k blocks for inode maps
6. 2 4k blocks for .indirect
7. 32 4k blocks for inodes
8. -------------------------
9. 41 4k blocks for meta data on an empty 4MB file system
Executing du /foo returns output like the following:
8 /foo/lost+found
16 /foo
The sixteen 512-byte blocks reported by du on this empty file system are the blocks used by the root directory.
To get the output from du to match that from df, we must add in the meta data. First, convert 41 4K blocks to 512-byte units:
41 * 8 = 328
328(meta data) + 16(from du) = 344
So there are 344 512-byte blocks allocated on this empty file system. For example:
8192(total blocks) - 344(used from du + meta data) = 7848
This value does match the output from the free column reported by df /foo.
Filesystem 512-blocks Free %Used Iused %Iused Mounted on
/dev/lv01 8192 7848 5% 16 2% /foo
This calculation was easy to perform on an empty file system. However, on a non-empty file system, the meta data for file indirect blocks comes into play and such calculations are tedious and impractical.
In conclusion, du -s produces a value that reflects the number of disk blocks that are allocated to files and directories. df reports on the actual allocation state of the file system. The true allocation state includes both user data (files and directories) plus meta data.
10. Another example that contributes to a difference between du and df is the following:
If someone is running an application with a file open in a directory and the open file is removed, the du output reflects a reduced size for this directory. However, df does not show a reduced size because all blocks in the file system remain allocated until the application that has the file open closes the file. After the file closure, df shows reduced usage for the file system.
11. One last example that can account for a difference between df and du is shown with the fuser command:
# fuser -dV /mntpt will give you information about files that have been deleted, but for whatever reason AIX still has a process holding onto the inode number. This space will be reclaimed after you kill the process still hanging onto the inode.
Ex: # fuser -dV /var
/var:
inode=880 size=2348561 fd=1 344238
# ps -ef grep 344238
root 344238 1 0 Feb 06 - 0:22 /usr/lpp/veritas
# kill 344238
# fuser -dV /var
/var:
So with the process killed off, the space should be allocated back and df should show up differently.

---------------------------------------------------------------
The ls command
The following compares ls output with that of du and df for sparse files.
• ls gives data on individual files based on the difference between the end-of-file (the largest offset where data is written) and the beginning-of-file, whether or not blocks were actually allocated to the file. A 32MB file (as reported by ls) may not have 32MB of data written to it if the data is not written sequentially.
• du shows the blocks actually allocated to an individual file.
• df shows the blocks allocated in the entire file system, including inodes and other meta data.
An example sparse file can be created fairly easily. To do so, open the file, seek to a large address, and write some data. This can be demonstrated with the dd command, as follows:
1. Create a regular file.
2. date > notsparse
3. ls -l
The output of the ls command will be similar to the following:
total 8
-rw-r--r-- 1 root sys 29 Dec 21 08:12 notsparse
4. Use the fileplace command to see how many allocated and unallocated blocks are included in the file notsparse.
NOTE: Performance Analysis and Control Commands (perfagent.tools) must be installed for AIX Version 4.x.
fileplace notsparse
The output for AIX Version 4.x will look similar to the following:
File: notsparse Size: 29 bytes Vol: /dev/lv03
Bkl Size: 4096 Frag size: 4096 Nfrags: 1 Compress: no
Logical Fragment
----------------
00716 1 frags 4096 bytes, 100.0%
5. The du command also reflects how many 512-byte blocks a file occupies.
6. du -rs *
Example output looks similar to the following:
8 notsparse
7. Now create a sparse file using the regular file notsparse as input, as shown in the following:
8. touch sparse.1
9. dd if=notsparse of=sparse.1 seek=100
Example output looks similar to the following:
dd: 0+1 records in.
dd: 0+1 records out.
The dd command takes the data from the regular file and places it, in 100 512-byte blocks, into the sparse.1 file. Nothing is written to the initial 99 512-byte blocks. The following steps show the characteristics of the resulting file.
10. The ls command reports the distance from block zero to the last block in the file:
11. ls -l
Example output looks similar to the following:
total 16
-rw-r--r-- 1 root sys 29 Dec 21 08:12 notsparse
-rw-r--r-- 1 root sys 51229 Dec 21 08:13 sparse.1
12. The fileplace command accurately reports what blocks are unallocated and allocated. For example:
13. fileplace sparse.1
Example output for AIX Version 4.1 looks similar to the following:
File: sparse.1 Size: 51229 bytes Vol: /dev/lv03
Blk Size: 4096 Frag Size: 4096 Nfrags: 1 Compress: no
Logical Fragment
----------------
unallocated 12 frags 49152 Bytes, 0.0%
0000769 1 frags 4096 Bytes, 100.0%
The du command reports the number of allocated blocks the file takes. For example:
du -rs *
The example output looks similar to the following:
8 notsparse
8 sparse.1
Each command correctly reports the data that is specific to its intended purpose. ls shows the range of offsets where data can be read from or written to a file. Reading from an offset where no data is written makes it appear to be zero-filled. du and df report only blocks allocated for data actually written.

Posted by Sharing is caring at 2:17 PM 0 comments
Labels: ,

Disabling undesired TCP/IP services in AIX

Abstract
With the increased interest in computing and network security, many AIX users are implementing ssh and ssl, and have interest in turning off several TCP/IP services that are on by default in AIX.

The script that follows is an example of how this was done in one customer implementation. Two comments: 1) a machine that will be a nim server must have bootps and tftpd services ON in /etc/inetd.conf. 2) If using the following script during a nim client install, it should not be used as a post-install script; instead, run it as a first boot script (fb_scripts run after the nim client process completes, and after the client reboots.). Now the script:

#!/bin/ksh
cp /etc/inetd.conf /etc/inetd.conf.original
cat /etc/inetd.conf.original | sed s/^ftp/#ftp/ | sed s/^telnet/#telnet/ \
| sed s/^shell/#shell/ | sed s/^kshell/#kshell/ \
| sed s/^login/#login/ | sed s/^klogin/#klogin/ \
| sed s/^exec/#exec/ | sed s/^bootps/#bootps/ \
| sed s/^ntalk/#ntalk/ | sed s/^tftp/#tftp/ >/etc/inetd.conf

cp /etc/rc.tcpip /etc/rc.tcpip.original
cat /etc/rc.tcpip.original | \
sed s/^qpi=30m/#qpi=30m/ | \
sed s/"^start \/usr\/lib\/sendmail"/"#start \/usr\/lib\/sendmail"/ | \
sed s/"^start \/usr\/sbin\/snmpd"/"#start \/usr\/sbin\/snmpd"/ | \
sed s/"^start \/usr\/sbin\/portmap"/"#start \/usr\/sbin\/portmap"/ | \
sed s/"^start \/usr\/sbin\/dpid2"/"#start \/usr\/sbin\/dpid2"/ >/etc/rc.tcpip

cp /etc/inittab /etc/inittab.original
cat /etc/inittab.original | sed s/^rcnfs/:rcnfs/ | \
sed s/^qdaemon/:qdaemon/ | \
sed s/^writesrv/:writesrv/ > /etc/inittab

/usr/bin/refresh -s inetd

Posted by Sharing is caring at 2:13 PM 0 comments
Labels: ,
Subscribe to: Posts (Atom)

Labels

BlogCatalog