Boot-ROM
[ESC] # bricht Boot-Vorgang ab
search [ISL] # listet alle m&glichen Boot-Devices (mit ISL) auf
path [pri|alt|<#>;|<path>;] # bootet vom angegebenen Device
help
ISL
hpux /stand/vmunix # bootet normal mit Kernel /stand/vmunix (default)
hpux -is # bootet im Single-User-Modus
hpux -lq # bootet ohne LVM-Quorum
hpux -lm # bootet im LVM Maintenance Mode (falls Boot-Disk korrupt)
hpux show autofile # zeigt Inhalt des LIF AUTO Files
hpux set autofile "hpux -lq" # &ndert Inhalt des LIF AUTO Files
hpux ls -l # listet Inhalt von /stand
# mkboot <char dev file>; # kopiert ISL- und HP-UX-Utilities in Boot-Area
# lifls <char dev file>; # listet Dateiname in Boot-Area
# licp <char dev file>;:AUTO - # listet Inhalt des Autofile aud stdout
System Startup
/sbin/rc<run level>;.d/<type>;<sequence #>;<service name>; # mit type: S|K, Bsp: /sbin/rc2.d/S730cron, symbolisch verlinkt mit:
/sbin/init.d/<service script>; start|stop # controlled by:
/etc/rc.config.d/<service configuration file>;
CDE-Login (Default im Run-Level 3)
/etc/dt/config/Xstartup (ggf. kopieren aus /usr/dt/config/Xstartup) # CDE-Login-Script
/etc/profile
~/.dtprofile # pers&nliches CDE-Login-Script
falls DTSOURCEFILE=true ->; ~/.profile # pers&nliches Login-Script
falls ENV=~/.shrc; export ENV ->; ~/.shrc # pers&nliches Shell-Startup-Script
mit:
HISTFILE=~/.sh_history
HISTSIZE=500
PS1="$(hostname):"'$PWD# '
Terminal-Login (via lokaler Konsole, telnet oder remsh)
/etc/profile
~/.profile # pers&nliches Login-Script
falls ENV=~/.shrc; export ENV ->; ~/.shrc # pers&nliches Shell-Startup-Script
mit:
HISTFILE=~/.sh_history
HISTSIZE=500
PS1="$(hostname):"'$PWD# '
SAM
sam [-r] # (Restricted SAM Builder for administrating users)
Remote Administration
xhost +<remote>;
telnet <remote>;
export <local>;:0.0
sam
User Accounts
sam
useradd [-m] <username>; # (mit Erzeugung eines Home-Directories)
usermod ... # Ändern eines User Accounts
userdel ...
Editor=vi; vipw # mit Write-Lock auf /etc/passwd
pwck # /etc/passwd
Trusted System
Verbesserte Passwort-Vorgaben und -Alterungen, Benutzer- und Terminal-Überwachung
sam ->; Auditing and Security ->; System Security Policies # Einrichten aber nur bei Bedarf!
sam ->; Auditing and Security ->; Audited Users ->; Actions ->; Unconvert ... # Aufheben
Configuring Peripherals
ioscan [-f] [-C disk|ext_bus|lan|tape] [-u] [-n] # I/O-System-Informationen
model # Hardware Modell-Informationen
lanscan # LAN Device-Konfiguration
Device Files
lsdev [-C class] # Device-Treiber-spezifische Informationen
lssf <dev file>; # Device File-spezifische Informationen
insf [-e] # ggf. erst nach ioscan
mksf
mknod
Logical Volume Manager
pvcreate [-f] [-B] <char dev file>; # -B ... reserviert Boot-Area auf Boot-Disk
mkdir /dev/<vg#>;
mknod /dev/<vg#>;/group c 64 0x0<#>;0000
vgcreate [-e <max PE>;] [-s <PE size/MB>;] /dev/<vg#>; <block dev files>;
lvcreate [-L <size/MB>;] [-n <name>;] <vg#>;
lvextend # zur gezielten Zuweisung von LV ->; Disks
pvdisplay [-v] <block dev file>;
vgdisplay [-v] <vg#>;
lvdisplay [-v] /dev/<vg#>;/<lv>;
Veritas Volume Manager
vxinstall
vmsa_server &
vmsa &
File Systeme
newfs -F hfs [-s <size/blocks>;] <char dev file|char lv>;
newfs -F vxfs [-s <size/MB>;M] <char dev file|char lv>;
mkdir <mount dir>;
mount <block dev file|block lv>; <mount dir>;
mount [-v] [-p] # mit /etc/fstab-kompatibler Ausgabe
Swap
/etc/dmesg # Aufteilung des physischen Speichers (RAM)
swapon [-e] <block dev file|block lv>;
swapon [-p <prio>;] <device>;
# dauerhaft in /etc/fstab eintragen
swapinfo -tm
LVM (Advanced)
bdf [-i] # Disk-Auslastungsübersicht
du -k # Bsp.: du -k / | sort -n >; /tmp/du.sort
sam ->; Routine Tasks ->; ...
pvcreate [-f] /dev/rdsk/<char dev file>; # LVM-Strukturen auf neuer Disk anlegen
vgextend <vg#>; /dev/dsk/<block dev file>; # Erweitern der vorhandenen VG um neue Disk
lvextend -L <target size/MB>; /dev/<vg#>;/<block lv>; /dev/dsk/<block dev file>;
umount <mount dir>;; extendfs -F <hfs|vxfs>; /dev/<vg#>;/<char lv>;; mount <mount dir>; # Erweitern eines File Systems
oder
fsadm -F vxfs -b <target size/MB>; <mount dir>;
tar -c <mount dir>;; umount <mount dir>;; newfs -F <hfs|vxfs>; -s <target size/MB>;M /dev/<vg#>;/<char lv>;; mount <mount dir>;; tar -x <mount dir>; # Reduzieren eines File Systems
oder
fsadm -F vxfs -de <mount dir>;; fsadm -F vxfs -b <target size/kB>; <mount dir>;
lvreduce -L <target size/MB>; /dev/<vg#>;/<block lv>;
umount <mount dir>;; lvremove [-f] /dev/<vg#>;/<block lv>;; vi /etc/fstab # Entfernen eines LV
pvmove /dev/dsk/<block dev file (to be removed)>; /dev/dsk/<block dev file>;; vgreduce <vg#>; /dev/dsk/<block dev file (to be removed)>; # Reduzieren einer VG
vgreduce <vg#>; /dev/dsk/<block dev file (all but last to be removed)>;; vgremove <vg#>;; rm -ir /dev/<vg#>; # Entfernen einer VG
oder
vgchange -a n <vg#>;; vgexport <vg#>;
Mirror
lvextend -m <1|2>; /dev/<vg#>;/<block lv>;
lvreduce -m <0|1>; /dev/<vg#>;/<block lv>;
Datensicherung mit minimaler Downtime:
lvsplit /dev/<vg#>;/<block lv>;
fsck -F hfs /dev/<vg#>;/<char lv>;b
mkdir <mount dir>;
mount -o ro /dev/<vg#>;/<block lv>;b <mount dir>;
# jetzt <mount dir>; sichern, anschliessend resync mit:
umount <mount dir>;
lvmerge /dev/<vg#>;/<block lv>;b /dev/<vg#>;/<block lv>; # stale lv ->; running lv
Backup / Disaster Recovery
fbackup -f <char dev file (target)>; -i <included file>; -e <excluded file>; [-v] -I <index file>;
fbackup -f <char dev file (target)>; -u <backup level>;g <graph file>;
frecover -f <char dev file (source)>; -r [-x] [-N] -v
frecover -f <char dev file (source)>; -g <graph file>;
frecover -f <char dev file (source)>; -x [-i <included file>;] [-e <excluded file>;]
frecover -f <char dev file (source)>; -I <file>;|-
fsck -F <hfs|vxfs>; [-o full,nolog] /dev/<vg#>;/<char lv>;
Recherche-Tipps: ll /<mount dir>;/lost+found; file; strings; cat -v; what; ident
vgcfgbackup <vg#>; # save LVM structural information into /etc/lvmconf/<vg#>;.conf[.old]
vgcfgrecover -n <vg#>; /dev/rdsk/<char dev file>; # recover LVM structural information
make_recovery [-ACi] # create a system recovery tape (component of Ignite-UX)
check_recovery # check currency of most recent recovery tape
make_medialif
print_manifest # output complete system configuration
Networking-Konfiguration
/etc/rc.config.d/netconf # Network Configuration File
/sbin/init.d/net start # Aktivieren der Eintr&ge im Network Configuration File
ifconfig lan<#>; inet [<IP address>;] [netmask <netmask|255.255.255.0>;] [up|down] # Setzen einer IP-Adresse / LAN-I/F
ifconfig lan<#1>;:<#2>; inet [<IP address(<#2)>;] [netmask <netmask|255.255.255.0>;] up # Setzen von multiplexten IP-Adressen / LAN I/F
route add | delete default | net <net address>; [netmask <netmask>;] <IP address of gateway>; # Konfigurieren eines Routings
netstat -rn # Routing-Tabellen-Informationen
Networking-Troubleshooting
ioscan -funC lan # LAN-I/F-Status
lanscan # LAN-I/F-Informationen auf Layer 1-2
lanadmin # LAN-I/F-Administration auf Layer 2-4
linkloop [-i <LAN I/F #>;] <MAC address>; # Überprüfen der Connectivity auf Layer 2
arp [-a] [<hostname>;] # Informationen aus dem Address Resolution Cache
ping <hostname>; [<packet size>;] [-n <count>;] # Überprüfen der Connectivity auf Layer 3
netstat -i[n] # Information über Konfiguration der lokalen LAN-I/F
nslookup <hostname>; # Überprüfen der Adress-Aufl&sung
nsquery hosts <hostname>; # Überprüfung der Adress-Aufl&sung (detailliert)
/usr/contrib/bin/traceroute <hostname>; # Routing-Statistik zwischen lokalem und Remote-Host
Domain Name Services (DNS)
# at least 2 name servers in every domain: with master server, slave server(, cache-only server), resolver (DNS) clients
# Master Server (also to be configured as DNS client):
vi /etc/hosts # enter full qualified hostnames, i.e. extend hostnames by domain name
mkdir /etc/named.data; cd /etc/named.data
hosts_to_named -d <domain>; -n <subnet address>; -z <ip address of master server>; -b /etc/named.conf
[url]ftp://ftp.rs.internic.net/domain/root.zone ->; get [/url][/etc/named.data/]db.cache # get root level name servers
vi /etc/rc.config/namesvrs ->; NAMED=1
/sbin/init.d/named start
# Slave Server (also to be configured as DNS client):
mkdir /etc/named.data; cd /etc/named.data; chmod 755 .
ftp <ip address of master server>; ->; mget /etc/named.data/db.*
ftp <ip address of master server>; get /etc/named.data/conf.sec.save; quit; mv conf.sec.save ../named.conf
vi /etc/rc.config/namesvrs ->; NAMED=1
/sbin/init.d/named start
# Resolver (DNS) Clients
vi /etc/resolv.conf ->; "search <domain name[s]>;"
vi /etc/nsswitch.conf ->; "hosts: dns nis files" # configure search order
vi /etc/hosts # keep only "127.0.0.1 localhost\n<ip address of local client>; <full qualified hostname>;"
vi ~/.rhosts /etc/hosts.equiv /var/adm/inetd.sec # extend by full qualified hostname
nsquery hosts <hostname>; # testing DNS
HP-UX Network Services
#inetd (telnet, ftp, remsh, rlogin, rcp, bootp, tftp)
ftp -d <hostname>; # Debugging Mode
ftp>; passive # Wechseln in den Passive Mode, d.h. auch die Data Port Connection wird vom Client initiiert
vi /etc/rc.config.d/netdaemons
/sbin/init.d/inetd start
vi /etc/inetd.conf
vi /etc/services
vi /var/adm/inetd.sec /etc/hosts.equiv ~/.rhosts # falls erforderlich
# Network File System (NFS)
# NFS-Server
vi /etc/rc.config.d/nfsconf
/sbin/init.d/nfs.server start
vi /etc/exports # zu exportierende FS spezifizieren
showmount -e; exportfs(; rpcinfo -p; nfsstat) # testing NFS
# NFS-Client
vi /etc/rc.config.d/nfsconf
/sbin/init.d/nfs.client start
mount <hostname of NFS server>;:<remote path>; <local mount dir>;
vi /etc/fstab
showmount -e svr; rpcinfo -p [svr] # testing NFS
# Network Time Protocol (NTP)
vi /etc/rc.netconfig.d/netdaemons
vi /etc/ntp.conf # nur NTP-Server: define pseudo-ip address(, peer ip address(es))(, broadcast ip address)
vi /etc/ntp.conf # nurNTP-Client: define server ip address(es)(, driftfile location)(, broadcastclient yes)
/sbin/init.d/xntpd start
ntpq -p # testing NTP
Kernel-Konfiguration
sam
cd /stand # ggf.
for file in vmunix dlkm system; do; cp ${file} ${file}.prev; cp ${file}_test (resp. dlkm.vmunix_test und system.sam) $file; done # ggf.
Software-Installation (SD-UX)
# Software depot ->; Bundle ->; Product ->; Subproduct ->; Filesets ->; Files and Control scripts
swlist -l <depot>;|<product[.[subproduct.]fileset]>; [-s [<remote host>;:]<depot source path>;]
swinstall [-s <depot source path>;] # starts graphical user interface (GUI) for interactive installation
swremove # starts graphical user interface (GUI) for interactive removal
/sbin/init.d/swagentd start # nur auf SD-UX servern
swreg; swcopy; swremove # Depot-Verwaltung auf SD-UX-Servern
swverify; swconfig; swmodify # Software-Verwaltung auf SD-UX-Clients
Patch-Installation (SD-UX)
# Namenskonventionen: PH<CO|KL|NE|SS>;[0-9]\{4\}
# mit: CO...allg. HP-UX-Kommandos, KL...Kernel Patches, NE...Netzwerk-spezifisches, SS...sonstiges
# [url]http://europe-support.external.hp.com ... Zugriff auf HP IT Resource Center Patch Database [/url]
# [url]http://software.hp.com ->; Enhancement Releases ... Zugriff auf [/url](required) Patch Bundles
# weitere Patch-Quellen: HP-IT Resource Center Custom Patch Manager (CPM), HP Support Plus CD-ROM, HP Response Center Patch Tapes
# Komplette Datensicherung
# Patch laden nach /tmp # nur bei Patch-Installation vom Web
cd /tmp; sh PH<patch identifier>;; more PH<patch identifier>;.text # nur bei Patch-Installation vom Web
mkdir <mount dir>;; mount /dev/dsk/<block dev file CD-ROM>; <mount dir>; # nur bei Patch-Installation von CD-ROM
ls <mount dir>;; more <mount dir>;/GOLDBASE<release>;.readme # nur bei Patch-Installation von CD-ROM
swinstall -s /tmp/PH<patch identifier>;.depot [-x autoreboot=true] -x patch_match_target=true
swremove PH<patch identifier>; # Patch-L&schung mit Rekonstruktion aus /var/adm/sw/save
swlist -l patch; swlist -l product 'PH*' # listen bereits installierter Patches
Betriebssystem-Installation mit Ignite-UX
# HP-UX 11.11 Operating Environments (s.a. [url]http://docs.hp.com ->; HP-UX11i Operating Environments [/url](* 2!)):
# Base Operating System (BOS: Core Kernel, I/O Subsystems, Memory Mgmt Subsystem, LVM, etc.)
# Technical Computing Operating Environment (TCOE: BOS + 3D Graphics Libs, MLIB Math Lib, etc.)
# Internet Operating Environment (IOE: BOS + Apache Webserver, CIFS File Server, Ignite/UX, SW Distributor/UX, Perl, etc.)
# Enterprise Operating Environment (EOE: IOE + MirrorDisk/UX, Online JFS, GlancePlus, PRM Performance Tools, etc.)
# Mission Critical Operating Environment (MCOE: EOE + MC/ServiceGuard, HP-UX Workload Mgr, Enterprise Cluster Mgmt Toolkit, etc.)
# Planung:
# HW-Pfad der Boot Disk? HW-Pfad der CD-ROM? IP-Adresse und Hostname? LVM? JFS? Disk Space/FS? Swap Space? Zu installierende SW?
# Booten von Installationsmedium:
>; search ipl; >; boot p<Pfad Nummer>; # lokales Installationsmedium
>; search lan install; >; boot lan.<ip address>; install # remote Ignite-UX-Server via LAN
set_parms initial # initiale Systemkonfiguration, wiederholbar
dd if=/dev/rdsk/<char dev file source>; of=/dev/rdsk/<char dev file dest>; bs=4096k # Duplizieren einer installierten Disk (Klonen)
Performance-Tools
# Tool-Typen: Real Time Monitoring, Data Collection Performance, Performance Administration, Network Monitoring
# Real Time Monitoring Tools
# Unix allgemein:
sar [-ud] <interval/secs>; [count] # System Activity Reports, -u ... CPU utilization, -d ... Disk Report
top [-s <interval/secs>;] [-d <count>;] [-n <Anzahl der angezeigten Prozesse>;] [-q] # CPU-belastende Prozesse, -q ... quick
vmstat [-nS] [<interval/secs>; [count]] # Virtual Memory Statistics, -n ... 80-Spalten-Ausgabe, -S ... mit Swapping-Infos
iostat [<interval/secs>; [count]] # I/O-Statistik
time <command>; ; timex <command>; # Ausführungszeiten des Prozesses
uptime [-lsuw] [user] # aktuelle System-Infos, -l ... long listing, -s ... short listing, -u ... keine User-Infos, -w ... nur Benutzer-Infos
# HP-UX-spezifisch:
glance [-j <interval/secs>;] [...]
gpm
# Data Collection Performance Tools
# Unix allgemein:
# acct-Tools-Suite: acctdisk, acctdusg, accton, acctwtmp, closewtmp, utmp2wtmp # System Accounting
sar
# HP-UX-spezifisch:
MeasureWare # optionales Produkt
PerfView # optionales Produkt
# Performance Administration Tools
# Unix allgemein:
ipcs [-mqs] # Interprocess Communication Statistics, -m ... Shared Memory Segmente, -q ... Message Queues, -s ... Semaphoren
ipcrm [...] # L&schen von Interprocess Communication Facilities
nice [-n <nice-Wert-Delta von 20>;] command # Prozess-Aufruf mit Nice-Wert
renice [-n <nice-Wert-Delta vom aktuellen Wert>;] <Process ID>; # Nice-Wert-Änderung eines laufenden Prozesses
# HP-UX-spezifisch:
rtprio <priorit&t>; [<command>; | -<Process ID>;] # Prozess-Aufruf mit Real Time Priorit&t oder Priorit&ts&nderung eines laufenden Prozesses
serialize |<command>; | -p <Process ID>;] # serielle Prozess-Bearbeitung mit anderen "serialisierten" (Langlauf-)Prozessen
# Process Ressource Manager (PRM) # Feste Resourcen-Zuteilung für hochperformante Prozesse
# Network Monitoring Tools
# Unix allgemein:
netstat [-inr] [...] # allgemeine Netzwerkstatistik
nfsstat [...] # Network File System (NFS) Statistik
ping [-ov] [-i <ip address>;] <remote hostname>; [-n <count>;] # sendet ICMP Echo Request-Pakete, -o ... IP-Route wird angezeigt
# HP-UX-spezifisch:
ndd [-get | -set] # Netzwerk-Parameter-Tuning
nettune # Netzwerk-Parameter-Tuning
# NetMetrics