HP-UX 11i Version 2 Release Notes HP Integrity Servers and HP Workstations Manufacturing Part Number: 5992-2854 October 2003, Edition 3 © Copyright 2003-2004 Hewlett-Packard Development Company L.P.
Legal Notices The information in this document is subject to change without notice. Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Hewlett-Packard shall not be held liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material.
Acknowledgements This product includes software developed by the Apache Software Foundation. This documentation is based on information from the Apache SoftwareFoundation (http://www.apache.org). This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes PHP, freely available from the PHP Group (http://www.php.net).
Publication History The manual’s publication date and part number indicate its current edition. The publication date changes when a new edition is released. The manual part number changes when extensive changes are made. To ensure that you receive the new editions, you should subscribe to the appropriate product support service. See your HP sales representative for details. • HP-UX 11i Version 2 Release Notes October 2003, Edition 3, 5992-2854 Instant Information DVD and Web at http://www.docs.hp.
Typographic Conventions We use the following typographical conventions. audit (5) An HP-UX manpage. audit is the name and 5 is the section in the HP-UX Reference. On the Web and on the Instant Information media, it may be a hot link to the manpage itself. From the HP-UX command line, enter “man audit” or “man 5 audit” to view the manpage. See man (1). Book Title The title of a book. On the Web and on the Instant Information media, it may be a hot link to the book itself.
Contents 1. Overview of the Release Notes What’s in This Chapter? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . What’s the Purpose of HP-UX Release Notes? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Where Should I Begin? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents MC/ServiceGuard NFS Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 MC/ServiceGuard Quorum Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 SAM - Nodal Network Communication (NNC) . . . . . . . .
Contents 7. Security What’s in This Chapter? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Boot Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . File Descriptor Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Micro Focus OO COBOL 4.2 Run-Time Libraries (Deprecation) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Object File Tools (elfdump) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Perl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Source Code Transition from HP-UX 11i v1.6 to HP-UX 11i v2 . . . . . . . . . . .
1 Overview of the Release Notes What’s in This Chapter? The purpose of this chapter is to help you use these release notes along with related HP-UX documentation effectively.
Overview of the Release Notes What’s the Purpose of HP-UX Release Notes? What’s the Purpose of HP-UX Release Notes? The HP-UX 11i Version 2 Release Notes document describes what is new, changed, or obsolete in this release (Release ID B.11.23) as compared to the HP-UX 11i v1.6 (B.11.22) release. These release notes apply only to features that are part of the HP-UX 11i v2 Operating Environments.
Overview of the Release Notes Where Should I Begin? Where Should I Begin? This document contains information about the initial (October 2003) HP-UX 11i v2 release. It describes what has been added, changed, and deleted in relation to the HP-UX 11i v1.6 release. It is recommended that you proceed to “What’s New in This Release” on page 19 to acquaint yourself with a general view of the HP-UX 11i v2 release.
Overview of the Release Notes Locating Release Notes for Previous Versions of HP-UX Locating Release Notes for Previous Versions of HP-UX Release notes are found in the following locations: • HP-UX Instant Information DVD. See “HP-UX 11i v2 Instant Information DVD” on page 16 for more information. • The /usr/share/doc/ directory of your HP-UX 11i v2 system. Please note, however, that the latest editions may not be contained in this directory and are instead located at http://www.docs.hp.com/.
Overview of the Release Notes Other Sources of Information about This Release Other Sources of Information about This Release In addition to the HP-UX 11i Version 2 Release Notes, you have many other sources of information related to the HP-UX 11i v2 release available to you on the Web at http://www.docs.hp.
Overview of the Release Notes Other Sources of Information about This Release HP-UX 11i v2 Instant Information DVD The Instant Information media provides HP-UX documentation on DVD. With this DVD, documentation supporting the release can be accessed before the software is installed. The Instant Information DVD provides improved online presentation, print quality and search capabilities.
Overview of the Release Notes What’s in the Remaining Chapters? What’s in the Remaining Chapters? The remaining chapters of these release notes: Chapter 1 • Chapter 2, “What’s New in This Release,” on page 19, provides a quick overview of the new and changed features of each of the five Operating Environments, along cross-references to other, more detailed sections of this book.
Overview of the Release Notes What’s in the Remaining Chapters? 18 Chapter 1
2 What’s New in This Release What’s in This Chapter? This chapter provides an overview of the new, changed, and deprecated/obsoleted features of each of the five Operating Environments, along with cross-references to other, more detailed sections of this book.
What’s New in This Release Welcome to HP-UX 11i Version 2 Welcome to HP-UX 11i Version 2 HP-UX 11i version 2 is the newest release of HP-UX 11i for the IntelItanium architecture. This enterprise release offers a full range of HP-UX Operating Environments, including systems management and high-availability software products.
What’s New in This Release HP-UX 11i Release Names and Release Identifiers HP-UX 11i Release Names and Release Identifiers Each HP-UX 11i release has an associated release name and release identifier. The uname (1) command with the -r option returns the release identifier. The following table shows the releases currently available for HP-UX 11i. Table 2-1 HP-UX 11i Releases Supported Processor Architecture Release Identifier Release Name B.11.11 HP-UX 11i v1 PA-RISC B.11.20 HP-UX 11i v1.
What’s New in This Release HP-UX 11i v2 Software and Driver Bundle Types HP-UX 11i v2 Software and Driver Bundle Types The HP-UX 11i v2 media contains all of the software and network driver bundles for your system to run the latest version of HP-UX 11i v2. Additional software and network driver bundles are included, which you may choose to either select or unselect prior to install or update.
What’s New in This Release HP-UX 11i v2 Operating Environments HP-UX 11i v2 Operating Environments Overview Operating Environments (OEs) are tested and integrated application bundles designed to work with the operating system and provide the functionality needed for your system’s purpose.
What’s New in This Release HP-UX 11i v2 Operating Environments HP-UX 11i v2 Foundation OE (FOE) The HP-UX 11i v2 Foundation Operating Environment is the standard OE from which the Enterprise OE and Mission Critical OE have been derived by adding appropriate applications. The HP-UX 11i v2 Foundation OE includes the base 64-bit HP-UX operating system, plus the following features. (“New/Changed Features at a Glance” on page 29 details which of these features are new or have changed.
What’s New in This Release HP-UX 11i v2 Operating Environments • • Security Patch Check Servicecontrol Manager Selectable Features • • • • • • • • • • • • • ATM-00 HP-UX Host Intrusion Detection System (HIDS) (servers only) HP-UX Install Utilities HyperFabric Ignite-UX Java (Out of Box) Tunable Pay Per Use PCI MUX Security Level 10 Security Level 20 Security Level 30 Software Package Builder Token Ring HP-UX 11i v2 Enterprise OE (EOE) The HP-UX 11i v2 Enterprise Operating Environment (EOE) is targeted e
What’s New in This Release HP-UX 11i v2 Operating Environments HP-UX 11i v2 Mission Critical OE (MCOE) The HP-UX 11i v2 Mission Critical Operating Environment (MCOE) is a high-availability Operating Environment for HP servers. In addition to the features found in the Foundation and Enterprise operating environments, the Mission Critical OE includes the following features. (“New/Changed Features at a Glance” on page 29 details which of these features are new or have changed.
What’s New in This Release HP-UX 11i v2 Operating Environments • • • • • • • • • • • • • • instant Capacity on Demand nPartition Provider ONC+ Online Diagnostics OpenGL Peripheral Device Tool SCSI U320-00 Software Distributor Technical System Configuration (TechSysConf) SWGETTOOLS Update-UX USB VERITAS File System (base VxVS/JFS) VERITAS Volume Manager (base) Default-Installed Features • See “HP-UX 11i v2 Foundation OE (FOE)” on page 24 Selectable Features • See “HP-UX 11i v2 Foundation OE (FOE)” on pa
What’s New in This Release HP-UX 11i v2 Operating Environments Selectable Features • 28 See “HP-UX 11i v2 Foundation OE (FOE)” on page 24 Chapter 2
What’s New in This Release New/Changed Features at a Glance New/Changed Features at a Glance The following table lists the features and applications that are new, have changed, or have been deprecated or obsoleted. For further information, consult the corresponding section in the remainder of this document. The table’s columns signify the following: Table 2-3 Feature An alphabetical listing of new, changed, or deprecated/obsoleted features and applications.
What’s New in This Release New/Changed Features at a Glance Table 2-3 New/Changed Operating Environment Features (Continued) Feature IMa FOE EOE MCOE MTOE TCOE C99 Support for HP-UX System C Library (libc) (see page 224) AI X X X X X ccNUMA (see page 246) AI X X X X X Common Desktop Environment (CDE) (see page 249) AI X X X X X Compressed Dump (see page 59) AI X X X X X Dynamic Host Configuration Protocol (DHCP) v6 (see page 136) AI X X X X X Diagnostics (see page
What’s New in This Release New/Changed Features at a Glance Table 2-3 New/Changed Operating Environment Features (Continued) Feature IMa FOE EOE MCOE MTOE TCOE HP CIFS Client (see page 113) AI X X X X HP CIFS Server (see page 114) AI X X X X HP Fortran (see page 218) AI X X X X X HP Kernel Debugger (KWDB) (see page 208) AI X X X X X HP Math Library (libm) (see page 219) AI X X X X X HP Message Passing Interface (MPI) (see page 220) AI X HP MLIB (see page 222) AI
What’s New in This Release New/Changed Features at a Glance Table 2-3 New/Changed Operating Environment Features (Continued) Feature IMa FOE X MCOE HP-UX Webmin-based Admin (see page 133) DI X HP-UX Workload Manager (see page 76) AI X HP-UX Workload Manager Toolkits (see page 78) AI X HP-UX XML Web Server Tools (see page 133) DI X X HyperFabric (see page 44) S X Instant Capacity on Demand (iCOD) (see page 52) AI Ignite-UX (see page 87) MTOE TCOE X X X X X X X X X X X X
What’s New in This Release New/Changed Features at a Glance Table 2-3 New/Changed Operating Environment Features (Continued) Feature IMa FOE EOE MCOE MTOE TCOE The linkloop Command (see page 162) AI X X X X X The lanadmin Command (see page 160) AI X X X X X Logical Volume Manager (see page 115) AI X X X X X Logging User Accounting Information (see page 140) AI X X X X X Mainframe iconv Converters for Japanese Characters (see page 237) AI X X X X X MAXSYMLINKS lite
What’s New in This Release New/Changed Features at a Glance Table 2-3 New/Changed Operating Environment Features (Continued) Feature IMa FOE EOE MCOE MTOE TCOE On-line Addition and Replacement (OLAR) of I/O Adapters (see page 45) S X X X X X Online Diagnostics (see page 62) AI X X X X X PAM Kerberos (see page 185) AI X X X Partition Manager (see page 79) DI X X X X X Pay Per Use (see page 53) S X X X X X PCI FDDI (FDDI-00) (see page 42) AI X X X X X PCI Multi
What’s New in This Release New/Changed Features at a Glance Table 2-3 New/Changed Operating Environment Features (Continued) Feature IMa FOE EOE MCOE MTOE TCOE ServiceGuard Manager (see page 100) AI The setboot Command (see page 194) AI X X X X X Shadow Passwords (see page 187) AI X X X X X Simplified Chinese Input Methods (see page 236) AI X X X X X SLP 0.
What’s New in This Release New/Changed Features at a Glance Table 2-3 New/Changed Operating Environment Features (Continued) Feature IMa FOE EOE MCOE MTOE TCOE VERITAS Volume Manager (VxVM) 3.5 (see page 119) AI X X X X X Virtual Memory Kernel Tunable physical_io_buffers (Deprecated) (see page 107) AI X X X X X WU-FTPD 2.6.1 (see page 148) AI X X X X X a. Installation Method: AI = Always Installed; DI = Default Installed; S = Selectable b. Supported only on workstations. c.
What’s New in This Release Software Transition Kit Software Transition Kit Software Transition Kit (STK) version 1.9 has been updated to support source code transition from HP-UX 11i v1.6 to HP-UX 11i v2. The changes include a set of new impact pages, updated file scanning tools, updated documentation, and new HP-UX 11i v2 HTML manpages. There have been thirty additional impacts added to the STK impact database to support the API transition from HP-UX 11i v1.6 to HP-UX 11i v2.
What’s New in This Release Software Transition Kit 38 Chapter 2
3 Workstation- and Server-Specific Information What’s in This Chapter? This chapter describes server and workstation specific platforms and configurations, including: • Supported Servers and Workstations (see page 40) • Unsupported Servers and Workstations (see page 40) • Always-Installed Network Drivers (see page 41) — 100Base-T (see page 41) — 1000Base-T (Gigabit Ethernet) (see page 41) — PCI FDDI (FDDI-00) (see page 42) • Selectable Network Drivers (see page 43) — ATM-00 (see page 43) — HyperFabr
Workstation- and Server-Specific Information Supported Servers and Workstations Supported Servers and Workstations HP-UX 11i v2 supports only a 64-bit version of the HP-UX kernel.
Workstation- and Server-Specific Information Always-Installed Network Drivers Always-Installed Network Drivers The following sections describe network drivers and devices that are automatically installed. 100Base-T The btlan driver supports 100BASE-T Ethernet adapters, like the PCI 100BASE-T single-port card A5230A and the 4-port PCI 100BASE-T cards A5506A/A5506B.
Workstation- and Server-Specific Information Always-Installed Network Drivers Summary of Change In the HP-UX 11i v2 release, the GigEther-01 product (which supports the Gigabit Ethernet adapters: A4926A, A4929A, A6794A, A6825A, A6847A, and A6865A) is supported and the IEther-00 product, supporting the zx2000 core, is introduced. The drivers, igelan and iether, are available in the GigEther-01 and IEther-00 software bundles respectively.
Workstation- and Server-Specific Information Selectable Network Drivers Impact You can now connect to FDDI networks from your Itanium-based system. Compatibility Earlier versions of the lanscan and lanadmin binaries do not work on HP-UX 11i v2 because they depend on the lanscan and lanadmin shared libraries. Performance There are no performance issues. Documentation For further information, see Installing and Administering HP9000 PCI FDDI (product number J3626-90032), available at http://www.docs.hp.
Workstation- and Server-Specific Information Selectable Network Drivers Performance No changes are necessary when compared to previous versions. Documentation For further information on HP-UX ATM networking connectivity, refer to http://docs.hp.com/hpux/netcom/index.html#ATM. Obsolescence Only the A5513A card is supported with HP-UX 11i v2. HyperFabric HyperFabric is a high-speed, packet-based interconnect for achieving node-to-node communication.
Workstation- and Server-Specific Information Selectable Network Drivers Obsolescence Not applicable. INTL100 INTL100 is a LAN driver for Intel 82559 ASIC-based LAN ports. This driver controls the management LAN ports of the HP Integrity rx5670 and rx2600 servers and the management port of the HP zx6000 workstation. Summary of Change INTL100 is required for the HP Integrity rx5670 and rx2600 servers and the HP zx6000 workstation. Impact There are no impacts.
Workstation- and Server-Specific Information Selectable Network Drivers Some systems support the use of Doorbells or Attention-Buttons on its slots that can be used to manually trigger an OLAR operation. This capability is provided by the new hotplugd (1M) daemon. The HP-UX Peripheral Device Tool provides a graphical user interface for performing OLAR operations. For more information, see “HP-UX Peripheral Devices (pdweb)” on page 85.
Workstation- and Server-Specific Information Selectable Network Drivers Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation Documentation regarding PCI Mux networking is found at: http://www.docs.hp.com/hpux/netcom/index.html#EISA/PCI%20Multiplexer Obsolescence Not applicable.
Workstation- and Server-Specific Information Mass Storage Drivers Documentation Documentation regarding PCI Token Ring networking is found at: http://www.docs.hp.com/hpux/netcom/#Token%20Ring/9000 Obsolescence The high-speed PCI Token Ring adapter, A5783A, is the replacement for A4930A, which was discontinued by IBM. The A4930A product, which was discontinued as of June 1, 1999, is supported on V-class machines only.
Workstation- and Server-Specific Information Mass Storage Drivers Obsolescence Not applicable. SCSI Drivers The Small Computer System Interface (SCSI) product is delivered as part of each HP-UX 11i v2 operating environment. The SCSI product activates the mass storage stack in HP-UX. It consists of services and a disk class driver that are common layers for all the storage stacks, including Fibre Channel and interface drivers for parallel SCSI cards.
Workstation- and Server-Specific Information ATI FireGL ServiceGuard Support It is not possible to use these cards in a ServiceGuard environment on HP Integrity servers. Multi-initiator Setups It is not possible to use these cards for multi-initiator setup on HP Integrity servers. The interrupt migration provides the capability to move individual interrupts allowing the balancing of the systems interrupt load, thereby improving performance.
Workstation- and Server-Specific Information ATI FireGL Xf86 driver /usr/lib/hpux32/X11/Xserver/modules/xf86/drivers/libfglrx. so.1 Impact The ATI FireGL X1 (A9653A) and ATI FireGL Z1 (A9654A) graphics cards provide improved raw performance over the ATI Fire GL4 card, which translates into better overall performance for your application.
Workstation- and Server-Specific Information Instant Capacity on Demand (iCOD) Instant Capacity on Demand (iCOD) Instant Capacity On Demand (iCOD) version 6.0 provides customers the ability to increase system capacity on specified HP servers. Summary of Change With version 6.0 of the iCOD product, customers can increase system capacity on iCOD servers by performing the following process: 1. Purchase the component (for example, cell, memory, or processor). 2.
Workstation- and Server-Specific Information Pay Per Use • • icod_notify (1M) icod_stat (1M) For further information, see the iCOD product Web page at http://www.hp.com/products1/unixservers/solutions/icod/index.html. The following documents are available at http://www.docs.hp.com/: • • Instant Capacity on Demand (iCOD) User's Guide for version B.06.00 Instant Capacity on Demand (iCOD) Release Notes for version B.06.00 Obsolescence Not applicable. Pay Per Use Pay Per Use (PPU) version 6.
Workstation- and Server-Specific Information Technical System Configuration Documentation The following PPU manpages have been changed: • • ppud (1M) ppuconfig (1M) For further information, see the PPU Web page at http://www.hp.com/hpfinancialservices/pay_per_use.html. The following documents can be found at http://docs.hp.com: • • Pay Per Use (PPU) User's Guide for version B.06.00 Pay Per Use (PPU) Release Notes for version B.06.00 Obsolescence Not applicable.
Workstation- and Server-Specific Information Technical System Configuration Installing the TC-SysSetup product changes kernel parameters, which results in a kernel build and system reboot. Since most of the kernel parameters are selected for the ability to improve performance in typical EDA and MDA application environments, a performance increase should be realized without further kernel tuning. Specific changes, unrelated to the kernel, include: • Configure the system as an NFS server in /etc/rc.config.
Workstation- and Server-Specific Information Technical System Configuration 56 Chapter 3
4 General System Administration What’s in This Chapter? This chapter presents information of particular interest to system administrators, including: • Compressed Dump (see page 59) • Diagnostics (see page 60) — Offline Diagnostic Environment (see page 60) — Online Diagnostics (see page 62) • Enterprise Cluster Master Toolkit (see page 64) • Event Monitoring Service (EMS) (see page 64) • File Systems Tunable Parameters (see page 66) • GlancePlus Pak (see page 68) • HP Caliper (see page 70) •
General System Administration What’s in This Chapter? 58 • ServiceGuard Extension for RAC (see page 99) • ServiceGuard Manager (see page 100) • Software Distributor (SD) (see page 101) • Software Package Builder (SPB) (see page 102) • System Administration Manager (SAM) (see page 104) • System Swap Space Adjustment (see page 105) • System-V IPC Kernel Tunable Parameter (semmap) (Obsolete) (see page 105) • System-V IPC Kernel Tunable Parameter (semmsl) (see page 106) • Update-UX (see page
General System Administration Compressed Dump Compressed Dump The goal of the Compressed Dump feature is to speed up the memory dump for HP-UX in the event of a system crash, so that dumps are taken faster and system availability is improved. This feature is primarily targeted for “large memory machines” running HP-UX 11i v1, 11i v2, or any later release.
General System Administration Diagnostics Performance Compressed dumps should speed-up the dump and save time by at least a factor of 3 for all dumps, excluding the UNUSED page class. For dumps including the UNUSED page class, system crash dumps will be at least as fast as uncompressed dump. Documentation The following manpages have been updated: • • • • crashconf (1M) crashutil (1M) savecrash (1M) crashconf (2) For further information, see the “Compressed Dump” white paper, available at http://www.
General System Administration Diagnostics Summary of Change The following new hardware platforms are now supported: • For hp Integrity Superdome, hp Integrity rx8620, and hp Integrity rx7620: — Processor Diagnostic – CPUDIAG — Memory Diagnostic – MEMDIAG — Core I/O Diagnostic – CIODIAG — Reo Diagnostic – REODIAG — Togo Diagnostic – TOGODIAG — ODE Platform — I /O Mapper – MAPPER — Peripheral Verifier – PERFVER — Disk FW Update Utility – DFDUTIL — Disk Copy Utility – COPYUTIL — I/O Diagnostic for FC – IODIAG
General System Administration Diagnostics Compatibility The Itanium-based ODE diagnostics are compatible with the following systems: • hp Integrity Superdome • hp Integrity rx8620 • hp Integrity rx7620 • hp Integrity rx4640 • hp Integrity rx5670 • hp Integrity rx2600 • hp workstation zx6000 • hp workstation zx2000 Performance There are no performance issues.
General System Administration Diagnostics • New Event Viewer. Allows viewing low level system log and field replacement unit information. See customer documentation at http://www.docs.hp.com/hpux/diag/. • CMC Monitor upgraded to monitor all current systems releasing on HP-UX 11i v2. • IA-64 core hardware monitor upgraded to monitor all current systems releasing on HP-UX 11i v2. • CPU expert and CPU exerciser tools upgraded to monitor all current systems releasing on HP-UX 11i v2.
General System Administration Enterprise Cluster Master Toolkit Obsolescence Not applicable. Enterprise Cluster Master Toolkit The Enterprise Cluster Master Toolkit is a set of scripts that enable the use of thirdparty applications to run as packages in a ServiceGuard cluster environment. Summary of Change In HP-UX 11i 2, the ECM Toolkit version B.01.08 contains tools for supporting the Oracle 9i database in MC/ServiceGuard clusters. Impact There are no impacts.
General System Administration Event Monitoring Service (EMS) Summary of Change EMS A.04.00.01 includes the following: • EMS A.04.00 framework and GUI are available as 32-bit native applications on Itanium platforms. High Availability (HA) Monitors are also available as 32-bit native binaries on Itanium platforms.
General System Administration File Systems Tunable Parameters File Systems Tunable Parameters Many of the HP-UX File Systems tunable parameters are now dynamic tunables (their value can be modified without the need to reboot the system). Several default values and allowed values for File Systems tunables have also been modified for performance, usability, and/or system availability reasons. Summary of Change HP-UX File Systems now has 13 dynamic tunable parameters available in HP-UX 11i v2.
General System Administration File Systems Tunable Parameters • ninode (5) • ncdnode (5) Tunable parameters related to the static buffer cache that existed in previous HP-UX releases are now considered obsolete. The recommended way to obtain a fixed size buffer caches is to set the value or tunable dbc_min_pct equal to the value of tunable dbc_max_pct.
General System Administration GlancePlus Pak • • • aio_req_per_thread (5) dnlc_hash_locks (5) ncsize (5) Tunables manpages (section 5) can be found at http://www.docs.hp.com. For general HP-UX Tunables Infrastructure documentation, see the HP-UX 11i v2.0 Driver Development Guide (DDG), available at http://h21007.www2.hp.com/dspp/tech/tech_TechSoftwareDetailPage_IDX/1,17 03,5441,00.html.
General System Administration GlancePlus Pak — GBL_THRESHOLD_PROCMEM — OVPA has been enhanced to select interesting processes based on memory use.
General System Administration HP Caliper HP Caliper HP Caliper is a general-purpose performance analysis tool for applications on Itanium-based HP-UX systems. HP Caliper allows you to understand the performance of your program and to identify ways to improve its run-time performance. HP Caliper works with any Itanium-based binary and does not require your applications to have any special preparation to enable performance measurement.
General System Administration HP Partitioning You will also see better Caliper startup and runtime performance in many cases and smaller memory footprint. The source correlation and inline information are more accurate in several cases, and reports include various usability improvements like an additional cumulative percentage column and more consistent address/offset information. Caliper 3.0 supports startup files where the user can specify common configuration, measurement and report formatting options.
General System Administration HP Partitioning • “HP-UX nPartition Configuration Commands” on page 73 • “HP-UX Processor Sets” on page 75 • “HP-UX Workload Manager” on page 76 • “nPartition Provider” on page 78 • “Partition Manager” on page 79 HP Process Resource Manager HP Process Resource Manager (PRM) version C.02.01.01 enables system administrators to guarantee CPU, real memory, and disk bandwidth resources to users and applications on a system.
General System Administration HP Partitioning Obsolescence Not applicable. HP-UX nPartition Configuration Commands The HP-UX nPartition Configuration Commands are a set of system administration commands to create/modify/remove partitions, control power to cells and I/O chassis, flash/turn off attention LEDs for cells, cabinets and I/O chassis, and display information about a hardware partitionable complex.
General System Administration HP Partitioning — The -u command option enables access to a remote partition using a Web-Based Enterprise Management (WBEM) LAN connection. — The -g command option enables access to a remote complex using an Intelligent Platform Management Interface (IPMI) over LAN connection. The -g option is valid only on those platforms which support IPMI (hp Integrity Superdome, hp Integrity rx8620, hp Integrity rx7650, hp 9000 rp8420, and hp 9000 rp7420).
General System Administration HP Partitioning — Modify any attributes of cells that are not assigned to the local partition. — Modify the name of the complex or of any partition other than the local partition. — Power on/off cells it does not own, including free resources. Compatibility There are no compatibility issues. Performance The nPartition configuration commands are not performance sensitive. Overall response time depends on WBEM stack elements and network bandwidth.
General System Administration HP Partitioning • The kernel now supports Real Time Extension to processor sets in HP-UX 11i v2, and psrset has been enhanced to manage the RTE processor set. The following new options have been added for RTE processor set: -l Lists all the processor sets that are configured as RTE processor set. -m pset_id Marks a processor set with the identification number, pset_id, as an RTE processor set.
General System Administration HP Partitioning • wlminfo utility for monitoring workloads and their SLOs • auditing and billing information • PSET-based workload groups can now have their number of CPUs adjusted based on SLOs • passive mode to allow you to see how WLM will approximately respond to a given WLM configuration • ability to easily capture the stderr of data collectors by using coll_stderr in your WLM configuration • ability to temporarily remove groups with no active SLOs by using the
General System Administration HP Partitioning HP-UX Workload Manager Toolkits HP-UX Workload Manager Toolkits (WLMTK) version A.01.04.01 consists of utilities and examples that make it easier to deploy Workload Manager (WLM)1 for the management of specific mission-critical software products. Summary of Change WLMTK now has a toolkit for BEA WebLogic Server. Impact With the toolkit for BEA WebLogic Server, you can now automatically optimize the CPU resources allocated to WebLogic instances.
General System Administration HP Partitioning Complete information is in the nPartition provider product data sheet, installed as /opt/nparprovider/doc/nParProviderDataSheet.html. Impact With nPartition Provider, you can configure and manage both local and remote HP systems that support nPartitions. Compatibility There are no compatibility issues.
General System Administration HP Partitioning Partition Manager version B.11.23.01.00 (aka parmgr) provides system administrators with a convenient graphical user interface for configuration and management of nPartitions on HP server systems. In addition, Partition Manager enhances the reliability and performance of HP partitioning products by providing automatic detection of several types of configuration problems.
General System Administration HP WBEM Services for HP-UX • When managing a remote partitionable complex, the performance degrades when the connection traverses long network distances, e.g. managing a partitionable complex in California from a system in New York. Furthermore, when managing a remote system, performance can be improved by connecting to an nPartition Provider on the remote system, rather than connecting directly to the system's service processor.
General System Administration HP WBEM Services for HP-UX HP WBEM Services for HP-UX, version A.01.05.01, supports HP-UX 11i v2 and is included as a component in the HP-UX 11i v2 OE. This product is based on The Open Group (TOG) Pegasus Open Source Software (OSS) project (http://www.opengroup.org/pegasus/). Summary of Change This release of HP WBEM Services for HP-UX supports the HP-UX 11i v2 IntelItanium processor family.
General System Administration HP-UX Kernel Configuration Obsolescence Not applicable. HP-UX Kernel Configuration HP-UX Kernel Configuration is a combination of a command set and a Web-based graphical user interface (GUI), kcweb, that allows the user to configure an HP-UX kernel and to monitor consumption of kernel resources controlled by parameters.
General System Administration HP-UX Kernel Configuration In HP-UX 11i v2, the Kernel Configuration (KC) commands have been replaced by a new set of commands. The config, kmadmin, kminstall, kmmodreg, kmsystem, and kmupdate commands have been removed. The kmtune, kmpath, and mk_kernel commands have only limited transitional support and will be removed in a future release. The new KC commands are kconfig, kcmodule, kctune, kclog, and kcpath.
General System Administration HP-UX Peripheral Devices (pdweb) Documentation Information is available in the white paper called “Managing Kernel Configurations in HP-UX 11i version 2,” available at http://www.hp.com/products1/unix/operating/infolibrary/whitepapers/7202_ _ManagingKernelConfig_WP__051403.pdf. Information is also available in the Managing Systems and Workgroups manual for this release, available at http://www.docs.hp.com.
General System Administration HP-UX Peripheral Devices (pdweb) Summary of Change In this release, the Peripheral Device tool allows you to perform the same peripheral configuration actions as SAM in HP-UX 11i v1, including: • viewing all available PCI/OLAR slots • adding, replacing, and/or removing a card • viewing devices and creating device files Additional capabilities include: • viewing detailed information about cards, slots, and devices • generating a Critical Resource Analysis report detail
General System Administration Ignite-UX Additionally, the Peripheral Device tool GUI contains an on-line help facility to further assist you. Also refer to the Interface Card OL* Support Guide, available at http://docs.hp.com. Obsolescence The Peripheral Device tool replaces the peripheral devices functionality in the SAM tool. For more information regarding the changes to SAM, see “System Administration Manager (SAM)” on page 104.
General System Administration Interrupt Migration The changes in VxVM 3.1 (delivered in HP-UX 11i v1.6) to 3.5 (delivered in this release), most notably the use of static versus dynamic major numbers, means that systems using VxVM 3.1 on HP-UX 11i v1.6 cannot be installed or recovered using Ignite-UX version B.5.0. If you are using VxVM on HP-UX 11i v1.6 you should not upgrade Ignite-UX past version B.4.4. For further information on VxVM, see “VERITAS Volume Manager (VxVM) 3.5” on page 119.
General System Administration Interrupt Migration For further information about Interrupt Migration, see the manpage intctl (1M). Summary of Change Interrupt Migration can be used to do the following: • View the interrupt configuration of the system. • Change the interrupt configuration of the system by migrating interrupts from one CPU to another. The system performance can be significantly improved by distributing the interrupt load across the CPUs through the Interrupt Migration command (intctl).
General System Administration MC/ServiceGuard MC/ServiceGuard MC/ServiceGuard (Multi-Computer/ServiceGuard) is a specialized facility for protecting mission critical applications from a wide variety of hardware and software failures. Summary of Change MC/ServiceGuard version A.11.15.00 includes the following features: • Support for new Itanium-based hardware • ServiceGuard A.11.15.00 on HP-UX 11i v2 Itanium-based platform • Supports all ServiceGuard 11.15.
General System Administration MC/ServiceGuard — ServiceGuard supports only one IPv6 address belonging to each scope type (site-local and global) on each network interface (that is, restricted multi-netting). Therefore, up to a maximum of two IPv6 STATIONARY_IPs can be mentioned in the cluster ascii file for a NETWORK_INTERFACE: one being the site-local IPv6, and the other being the global IPv6. — Quorum Server, if used, has to be configured on an IPv4 network. It is not IPv6-capable.
General System Administration MC/ServiceGuard Extension for SAP R/3 Obsolescence Not applicable. MC/ServiceGuard Extension for SAP R/3 MC/Serviceguard Extension for SAP R/3 (SGeSAP) Version B.03.09 provides high availability for R/3 using MC/ServiceGuard technology. This product is a toolkit that provides automated failover for SAP mySAP components based on SAP WAS, SAP LiveCache and SAP R/3 technology. Summary of Change On HP-UX 11i v2, the SGeSAP Toolkit version B.03.
General System Administration MC/ServiceGuard NFS Toolkit Obsolescence Not applicable. MC/ServiceGuard NFS Toolkit MC/ServiceGuard NFS is a toolkit that includes the configuration files and control scripts and allows you to use MC/ServiceGuard to set up highly available NFS servers. Highly available systems protect users from failure of a system processing unit (SPU) or local area network components.
General System Administration MC/ServiceGuard Quorum Server Impact This new version of MC/ServiceGuard NFS Toolkit has been re-architected to fit under the new MC/ServiceGuard framework and also provides an easier troubleshooting mechanism. Compatibility There is no compatibility impact on current environments using MC/ServiceGuard NFS Toolkit. Performance There are no known performance issues.
General System Administration MySQL Compatibility The earlier versions of Quorum Server (Version 1.0 and 1.1) are not compatible with ServiceGuard 11.14.02. For ServiceGuard 11.14.02 or later, use A.2.0 version of the Quorum Server. Performance There are no performance issues. Documentation For more details, see the MC/ServiceGuard Quorum Server Version A.2.0 Release Notes, available at http://www.docs.hp.com. Obsolescence Not applicable.
General System Administration SAM - Nodal Network Communication (NNC) Documentation MySQL information is available at www.mysql.com. MySQL information as it applies to SCM 3.0 is available at: • http://software.hp.com/products/SCMGR/ • http://www.docs.hp.com/hpux/netsys/index.html#Servicecontrol%20Manager Obsolescence Not applicable. SAM - Nodal Network Communication (NNC) SAM - NNC is a GUI tool that handles the configuration of network-related resources.
General System Administration Scalable Boot Scalable Boot The scalable boot project improves system boot/reboot times, having a positive effect on system availability. Scalable boot benefits mainly high-end systems with large I/O configurations. Summary of Change By performing parallel ioscans, boot time is reduced by 5-95%, depending on the I/O configuration. Impact When a system is booted or rebooted for any reason, it can be brought back on-line more quickly with scalable boot.
General System Administration Servicecontrol Manager (SCM) • Linux-based central management server • Certified HP ProLiant Linux agents • XML file format • Web-browser-based tools • Improved user interface and ease-of-use • Increased number of administration roles • Increased security through HTTP and SSL • MySQL database (for further information, see “MySQL” on page 95) Impact There are no impacts. Compatibility SCM 3.0 agents are only compatible with an SCM 3.
General System Administration ServiceGuard Extension for RAC Documentation Further information about Servicecontrol Manager can be found at the following Web sites: • http://software.hp.com/products/SCMGR/ • http://www.docs.hp.com/hpux/netsys/index.html#Servicecontrol%20Manager Obsolescence Not applicable.
General System Administration ServiceGuard Manager • Servers with different HPUX versions in the cluster • Servers with mixed 32/64 bit HP-UX in the cluster • Support of PA-RISC version of Oracle RAC through Aries • The rx9610 and rx4610 servers Impact If you want to use the new features of SGeRAC A.11.15.00, then you may need to edit the existing ASCII configuration files and control scripts, and you must reapply them to the cluster. Compatibility ServiceGuard Extension for RAC A.11.15.
General System Administration Software Distributor (SD) • The Alerts icon on the toolbar can show you the most critical problem among all the cluster objects on. Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation For more details, see the ServiceGuard Manager Version A.03.00 Release Notes, available at http://www.docs.hp.com. Obsolescence Not applicable.
General System Administration Software Package Builder (SPB) Performance Running SD in Itanium native improves performance. Documentation The Software Distributor Administration Guide has been updated to reflect all changes and can be found at http://www.docs.hp.com/. Obsolescence Not applicable. Software Package Builder (SPB) Software Package Builder (SPB) provides a visual method to create and edit software packages using the HP-UX Software Distributor (SD) package format.
General System Administration Software Package Builder (SPB) Summary of Change Software Package Builder is a new product. SPB will improve the customer's experience with software packaging by providing: • A graphical user interface (GUI) for creating product specification files (PSF) in SD format. • A command line interface (CLI) for automating nightly changes to packages. • A policy validator for verifying a package's use of legal SD syntax.
General System Administration System Administration Manager (SAM) System Administration Manager (SAM) The System Administration Manager (SAM) is an HP-UX System Administration tool that provides an easy-to-use user interface (UI) for performing various system administration tasks. Summary of Change • The new HP-UX Kernel Configuration tool (kcweb) is used to configure kernel tunables and modules. For more information regarding kcweb, refer to “HP-UX Kernel Configuration” on page 83 in this chapter.
General System Administration System Swap Space Adjustment System Swap Space Adjustment With HP-UX 11i v2, VxFs enables the creation of file system sizes up to 4 TB. Files can be a maximum of 2 TB. Because of this, you should be aware of adjustments that may be necessary when you configure system swap space. See “Swap Space Adjustment for Large Memory-Mapped Files” on page 116.
General System Administration System-V IPC Kernel Tunable Parameter (semmsl) System-V IPC Kernel Tunable Parameter (semmsl) The System-V IPC kernel tunable configuration parameter semmsl sets the maximum number of semaphores per ID which can be grouped within a single System-V IPC semaphore set. Summary of Change The minimum and default value of semmsl was 2048 on the HP-UX 11i v1 release. Its minimum value is now 1; its default value is 2048, while its upper limit remains 10240.
General System Administration Virtual Memory Kernel Tunable physical_io_buffers (Deprecated) Summary of Change The update-ux command is new with HP-UX 11i v2. For details about usage of update-ux, see the HP-UX 11i v2 Installation and Update Guide at http://www.docs.hp.com and the manpage update-ux (1M). Impact Update-UX allows you to update an HP-UX 11i v1.6 system to HP-UX 11i v2. Compatibility Update-ux itself does not affect compatibility for source files, scripts, makefiles, executables, data, etc.
General System Administration Virtual Memory Kernel Tunable physical_io_buffers (Deprecated) 108 Chapter 4
5 Disk and File Management What’s in This Chapter? This chapter describes other new and changed operating-system software functionality supported by the HP-UX 11i v2 release, including: • AutoFS (see page 110) — Changes to HP-UX libc Support of AutoFS (see page 111) Chapter 5 • Automounter (Obsolete) (see page 112) • HP CIFS Client (see page 113) • HP CIFS Server (see page 114) • Large File System Compatibility Issue (see page 115) • Logical Volume Manager (see page 115) • Swap Space Adjustm
Disk and File Management AutoFS AutoFS AutoFS is part of the ONC product known as NFS Services/800 or B1031A. AutoFS mounts directories automatically when users or processes request access to them, and it unmounts them automatically after they have been idle for a period of time. Summary of Change AutoFS has been upgraded to include the features of the SUN ONC AutoFS version 2.3 product in addition to other customer requests.
Disk and File Management AutoFS Documentation The following manpages have changed: • • automount (1M) automountd (1M) The “Configuring and Administering AutoFS” section of the Configuring and Administering NFS Service manual has changed. Please refer to the NFS product documentation in the Networking and Communications section of the HP documentation Web site at http://www.docs.hp.com/.
Disk and File Management Automounter (Obsolete) Performance Now that the device id of each mounted filesystem is available in the /etc/mnttab file, AutoFS can get the device id from the /etc/mnttab file instead from the filesystem server. This leads to performance improvements on systems with many AutoFS-managed filesystems and with slow or non-responding servers. Documentation The getmntent (3X) has been modified to reflect this change. Obsolescence Not applicable.
Disk and File Management HP CIFS Client Obsolescence AutoFS (see “AutoFS” on page 110) is the replacement for the Automounter, which has been obsoleted from HP-UX 11i v2 forward. All users of this facility will need to migrate to use AutoFS. If you were using the old Automounter previously, you should not see any difference when using AutoFS. Therefore, no migration tool is necessary.
Disk and File Management HP CIFS Server Performance The new version of HP CIFS Client A.01.09 does not degrade performance. Documentation The User Manual Installing and Administering the HP CIFS Client and Product Release Note HP CIFS Client Release Note can be found in the “Networking and Communications” section at http://www.docs.hp.com, and in the product directory /opt/cifsclient/Hp_docs. Obsolescence Not applicable.
Disk and File Management Large File System Compatibility Issue Documentation For a more detailed description of changes, please refer to the following documentation in the “networking and communications” section at http://www.docs.hp.com: • • • • HP CIFS Server 2.2b Release Note version A.01.08.01 HP CIFS Server 2.2c Release Note version A.01.09.01 HP CIFS Server 2.2d Release Note version A.01.09.02 HP CIFS Server 2.2e Release Note version A.01.09.04 (part number B8725-90046) Obsolescence Not applicable.
Disk and File Management Swap Space Adjustment for Large Memory-Mapped Files Impact The same SLVM functionality that is currently available to you has been extended to larger clusters. Compatibility These changes are fully backward-compatible. Performance For existing configurations, these changes will not have any effect on performance. Documentation Supported configurations are documented in MC/ServiceGuard Version A.11.15.00 Release Notes, available at http://www.docs.hp.com.
Disk and File Management VERITAS File System (VxFS) 3.5 VERITAS File System (VxFS) 3.5 The VERITAS File System 3.5 (HP OnlineJFS/JFS 3.5) product is an extent-based, intent-logging file system. This product is particularly geared toward UNIX environments that require high performance and availability, and that deal with large volumes of data. The VERITAS File System 3.5 (HP OnlineJFS/JFS 3.5) product is the next generation of the product known as HP OnlineJFS/JFS 3.3. The base VERITAS File System 3.
Disk and File Management VERITAS File System (VxFS) 3.5 • New VxFS Directory Name Lookup Cache (DNLC) - The new DNLC caches filenames less than or equal to 32 characters instead of 39 characters as in VxFS 3.3. • New VxFS Buffer Cache for Meta-data only - The new VxFS buffer cache can be tuned with vx_bc_bufhw global tunable. • VxFS supports file systems up to 4 terabytes in size. • Version 5 enables the creation of file system sizes up to 4 terabytes. Files can be a maximum of 2 TB.
Disk and File Management VERITAS Volume Manager (VxVM) 3.5 — vxfs_ra_per_disk — vx_max_ra_kbytes • The labelit (1M) command is obsolete starting this release. VERITAS Volume Manager (VxVM) 3.5 Volume Manager (VxVM) is a storage management subsystem that allows you to manage physical disks as logical devices called volumes. (A volume is a logical device that appears to data management systems as a physical disk.
Disk and File Management VERITAS Volume Manager (VxVM) 3.5 • Disk group import times are faster, due to improvements in object indexing and new code which improves I/O bandwidth usage while validating the on-disk configuration copies. All configurations notice faster import times, but large configurations experience the most dramatic improvements. If existing large disk groups are combined, the results are even more impressive.
Disk and File Management VERITAS Volume Manager (VxVM) 3.5 • VERITAS Volume Manager 3.5 User's Guide - VERITAS Enterprise Administrator for HP-UX Complete VxVM 3.5 manpages are delivered with the VRTSvmdoc package of the VxVM bundled product. Obsolescence Not applicable.
Disk and File Management VERITAS Volume Manager (VxVM) 3.
6 Internet and Networking What’s in This Chapter? This chapter describes new and changed Internet and networking functionality supported by the HP-UX 11i v2 release, including: • HP OSI Transport Services/9000 (see page 125) • HP-UX Data Link Provider Interface (DLPI) (see page 126) • HP-UX Web Server Suite (see page 128) — HP-UX Apache-based Web Server (see page 130) — HP-UX Tomcat-based Servlet Engine (see page 132) — HP-UX Webmin-based Admin (see page 133) — HP-UX XML Web Server Tools (see page 13
Internet and Networking What’s in This Chapter? • Kernel Logging (Deprecation) (see page 159) • LAN Commands (see page 160) — The lanadmin Command (see page 160) — The lanscan Command (see page 161) — The linkloop Command (see page 162) • Network Information Service Plus (Deprecated) (see page 162) • Network Tracing and Logging (NetTL) (see page 164) • Network Transport (ARPA) (see page 165) • Networking libc APIs getaddrinfo() and getnameinfo() (see page 167) • Networking libc APIs getipnodeby
Internet and Networking HP OSI Transport Services/9000 HP OSI Transport Services/9000 HP OSI Transport Services/9000 (OTS/9000) is the OSI networking stack of HP-UX. It provides functions of OSI Layers 3 (Network), 4 (Transport), 5 (Session), 6 (Presentation) and ACSE/ROSE over X.25, FDDI, and IEEE802.3 LAN interfaces. It also provides RFC1006 that allows users to run OSI Services over TCP connections.
Internet and Networking HP-UX Data Link Provider Interface (DLPI) Compatibility There are no known compatibility issues. Performance There are no performance issues. Documentation The OTS/9000 version C.12.00 product release notes is available online when the OTS/9000 product is installed. Please see /opt/ots/doc/README_C1200 for an ASCII version of the release notes. Obsolescence Not applicable.
Internet and Networking HP-UX Data Link Provider Interface (DLPI) — NOTE • Clarifications of subsys errors for primitives to provide more specific error status. • Obsolescence of the dump read capability of lanscan. • The Network Tracing and Logging (NetTL) facility logging for customers and internal tracing. VLAN functionality is not supported in HP-UX 11i v2. Impact • Enhancements to the Streams interface provide a richer feature set for network stack feature options.
Internet and Networking HP-UX Web Server Suite Documentation For further information, see the following documentation: • lanscan (1M) (the manpage for lanscan) • DLPI Programmers Guide, available at http://www.docs.hp.com • Driver Development Guide, available from the Developer and Solution Partner Program (DSPP) at http://h21007.www2.hp.com/dev/ Obsolescence • The dump read capability of lanscan has been obsoleted. • The following header files have been removed: — —
Internet and Networking HP-UX Web Server Suite Shared documentation, such as Migration Guides and FAQs, are located at /opt/hpws/hp_docs and are included in the HP-UX Webmin-based Admin product.
Internet and Networking HP-UX Web Server Suite • HP-UX Tomcat-based Servlet Engine and HP-UX XML Web Server Tools requires HP-UX Developer's Kit for Java 1.3 or later. If your Web application uses Java Server Pages (JSPs) then you will also need the Java Development Kit (JDK) so you can compile the JSPs. • HP-UX Webmin-based Admin depends on Perl 5 or later. Documentation Bundled documentation (Release Notes, Admin Guides, User Guides, Migration Guides and FAQs) now install into /opt/hpws/hp_docs.
Internet and Networking HP-UX Web Server Suite All users are urged to upgrade immediately to OpenSSL 0.9.6i, which is a cumulative release that addresses and fixes the security vulnerabilities described at http://cve.mitre.org/ (CAN-2003-0147, CAN-2003-013, CAN-2003-0078). • New features/enhancements: — Support for IPv6 — mod_auth_ldap and its caching module, mod_ldap, have been added to provide authentication to an LDAP directory. These are new modules from the Apache Software Foundation.
Internet and Networking HP-UX Web Server Suite Documentation See “Documentation” on page 130. Obsolescence Not applicable. HP-UX Tomcat-based Servlet Engine HP-UX Tomcat-based Servlet Engine provides customers with Java-based extensions for dynamic content generation via Servlets and JavaServer Pages (JSPs). Summary of Change HP-UX Tomcat-based Servlet Engine v.1.0.06.01 includes the following: • Tomcat 4.1.12 supports ajp13 protocol • mod_jk 1.2 • Support for IPv6 requires Java 1.4 JDK.
Internet and Networking HP-UX Web Server Suite HP-UX Webmin-based Admin HP-UX Webmin-based Admin is a configuration and administration GUI with extensive enhancements for the HP-UX Apache-based Web Server. Summary of Change HP-UX Webmin-based Admin v.1.0.06.01 includes the following: • Webmin upgraded to 1.070: All users are urged to upgrade immediately to Webmin 1.070 which addresses and fixes these security vulnerabilities described at http://cve.mitre.org/cgi-bin/cvename.
Internet and Networking Internet Services Complete documentation detailing changes can be found after installing, at /opt/hpws/hp_docs or at http://www.hp.com/go/webserver. Impact See “Installation” on page 128. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation See “Documentation” on page 130. Obsolescence Not applicable.
Internet and Networking Internet Services • “WU-FTPD 2.6.1” on page 148 BIND 9.2.0 The Domain Name System (DNS) is a mechanism that implements a machine name hierarchy for TCP/IP based networks. The Berkeley Internet Name Domain server (BIND) is a commonly used DNS implementation. Summary of Change BIND 9.2.
Internet and Networking Internet Services • BIND 9.2.0 supports Incremental Zone Transfer (IXFR), a feature which enables the slave server to transfer only the modified data to the master server instead of the entire zone. • BIND 9.2.0 supports all the DNS security features. Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation Refer to the manual HP-UX IP Address and Client Management Administrator’s Guide at http://www.
Internet and Networking Internet Services Performance There are no performance issues. Documentation Refer to the manual HP-UX IP Address and Client Management Administrator’s Guide at http://www.docs.hp.com. The manpages associated with DHCPv6 are as follows: • • • • dhcpv6d (1M) dhcpv6db2conf (1) dhcpv6client_ui (1) dhcpv6clientd (1M) Obsolescence Not applicable.
Internet and Networking Internet Services inetd The inetd daemon is the Internet superserver, which invokes Internet server processes as needed. It must be running before other hosts can connect to the local host through ftp, rcp, remsh, rlogin, and telnet. Summary of Change The following new command-line option has been added: -r count [interval] This option is used by inetd to identify a UDP service as broken or in-loop when it receives a count number of connections in interval seconds of time.
Internet and Networking Internet Services Summary of Change The following Internet Services products are IPv6 enabled: • BIND 9.2 (To enable IPv6 functionality in BIND 9.2.0, specify the listen-on-v6 option in the named.conf file.) • DHCPv6 • inetd • name and address resolution resolver routines • R-commands • telnet • WU-FTPD 2.6.1 • Secure Internet Services Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues.
Internet and Networking Internet Services • • • • • • • • • • • • • • • remshd (1M) rexecd (1M) remsh (1) rcp (1) rdist (1) rlogin (1M) rlogind (1M) dhcpv6d (1M) dhcpv6clientd (1M) dhcpv6client_ui (1) dhcpv6db2conf (1) ftp (1) ftpd (1M) telnetd (1M) sendmail (1M) For further information about IPv6 software in this Release Notes, see “IPv6 Support” on page 149. Obsolescence Not applicable.
Internet and Networking Internet Services Obsolescence Not applicable. named-xfer (Obsolete) The named-xfer ancillary program is executed by named (1M) to perform an inbound zone transfer. It is generally used to debug problems encountered during a zone transfer. Summary of Change The following changes are in effect due to the obsolescence of the named-xfer utility: • Starting from the HP-UX 11i v1.5 release, BIND 9.
Internet and Networking Internet Services Documentation Refer to dig (1M), the manpage for the dig utility that has replaced the named-xfer utility. Obsolescence Starting with the release HP-UX 11i v1.5, the named-xfer utility and its respective manpage have been obsoleted. rbootd (Obsolete) The remote boot server for RMP clients, rbootd services initial boot-up requests from RMP clients over a local area network. Summary of Change HP-UX 11i v 1.6 was the last operating system that included rbootd.
Internet and Networking Internet Services Summary of Change Added to rexecd is the new option, -S, which prevents a user from logging in as a superuser. Additionally, rexecd now uses the new scalable utmps/wtmps/btmps interfaces to log user accounting information. (For more information on these interfaces, see “IPv6 Support by HP-UX libc and HP-UX Commands” on page 154.) Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues.
Internet and Networking Internet Services • • • • btmps (4) utmpd (1M) getuts (3C) bwtmps (3C) Obsolescence Not applicable. Secure Internet Services Secure Internet Services (SIS) is an optionally enabled mechanism that incorporates Kerberos V5 authentication and authorization for remote access services: ftp, rcp, remsh, rlogin, and telnet.
Internet and Networking Internet Services Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation For a detailed description of Secure Internet Services, refer to the manual Using HP-UX Internet Services at http://www.docs.hp.com. Obsolescence Not applicable. Sendmail 8.11.1 Sendmail is an electronic mail transport agent that sends messages to one or more recipients, routing the message over whatever networks necessary.
Internet and Networking Internet Services The following manpages have been changed: • • killsm (1M) sendmail (1M) Obsolescence Not applicable. SLP 0.8 The Service Location Protocol (SLP) is an emerging Internet standard network protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. SLP implementation on HP-UX is based on OpenSLP version 0.8.0 developed by Caldera Systems, Inc. SLP 0.
Internet and Networking Internet Services • • • • • • • • • • • • • • • • • • • • SLPOpen (3N) SLPClose (3N) SLPReg (3N) SLPDereg (3N) SLPDelAttrs (3N) SLPFindSrvs (3N) SLPFindSrvTypes (3N) SLPFindAttrs (3N) SLPParseSrvURL (3N) SLPEscape (3N) SLPUnescape (3N) SLPFree (3N) SLPGetRefreshInterval (3N) SLPFindScopes (3N) SLPGetProperty (3N) SLPSetProperty (3N) SLPError (3N) slp.conf (4) slp.reg (4) slp_syntax (7) Obsolescence Not applicable. TCP Wrappers 7.
Internet and Networking Internet Services Documentation Refer to the manual HP-UX Internet Services Administrator's Guide at http://www.docs.hp.com. The following manpages are associated with TCP Wrappers 7.6: • • • • • • • • • tcpd (1M) tcpdmatch (1) tcpdchk (1) hosts_access (3) hosts_access (5) hosts_options (5) tcpd.conf (4) tryfrom (1) sffinger (1) Obsolescence Not applicable. WU-FTPD 2.6.
Internet and Networking IPv6 Support Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation Refer to the manual HP-UX Remote Access Services Administrator's Guide at http://www.docs.hp.com. The following manpages have been changed: • • • ftp (1) ftpd (1M) ftpusers (4) Obsolescence Not applicable. IPv6 Support IPv6 is the next generation Internet Protocol.
Internet and Networking IPv6 Support IPv6 Software Overview The following software offers IPv6 support: Transport, Internet Services, DCE, DLPI, FDDI, SAM-NNC, libc, HP-UX commands, Desktop (CDE), X11R6-based applications, C2 Audit, EMS, Online Diagnostics, SNMP, NetTL, IPSec, Kerberos Client, ServiceGuard, GlancePlus Pak, HP-UX Secure Shell, HP-UX Web Server Suite, and the Runtime Environment (RTE) for the Java 2 platform.
Internet and Networking IPv6 Support • IPv6 tunneling enables IPv6/IPv4 hosts and routers to connect with other IPv6/IPv4 hosts and routers over the existing IPv4 network. IPv6 tunneling encapsulates IPv6 datagrams within IPv4 packets. The encapsulated packets travel across an IPv4 network until they reach their destination host or router. The IPv6-aware host or router decapsulates the IPv6 datagrams, forwarding them as needed.
Internet and Networking IPv6 Support • • • • • • • • • • • • • • • • • • if_freenameindex (3N) if_indextoname (3N) if_nameindex (3N) if_nametoindex (3N) ip6 (7P) ndd (1M) ndp (1M) ndp (7P) netfmt (1M) netstat (1) nettladm (1M) ping (1M) recv (2) route (1M) send (2) socket (2) tcp (7P) udp (7P) The following IPv6 network transport documentation can be found at http://www.docs.hp.
Internet and Networking IPv6 Support • The audio subsystem has been enhanced to support IPv6. The audio subsystem includes the Audio server (Aserver), asecure, and Audio libraries (libAlib.2, libAlibkt.1 [32 and 64-bit], libAt.3). The libAlib.1 library does not support IPv6. For additional changes to CDE, see “Common Desktop Environment (CDE)” on page 249.
Internet and Networking IPv6 Support The HP Openview Emanate Agent, version 15.3, installs the Master Agent snmpdm, along with the subagents hp_unixagt, mib2agt, trapdestagt, and ipv6agt on the HP-UX 11i v2 machine. Summary of Change • Since HP-UX 11i v2 comes with an IPv6 protocol stack installed, the OS contains the relevant MIB support with the IPv6 subagent, ipv6agt. The installed files related to the IPv6 SNMP subagent are as follows: — /usr/sbin/ipv6agt — /sbin/init.d/SnmpIpv6 — /etc/rc.config.
Internet and Networking IPv6 Support The HP-UX commands discussed in this section are listed below. (For other changes to HP-UX commands, see “HP-UX Commands” on page 192.
Internet and Networking IPv6 Support login, and Common Desktop Environment applications) now log user-accounting information to the in-memory database maintained by utmpd. In addition, HP-UX commands that formerly had interaction with the old /etc/utmpx database have now been modified to use the new in-memory user-accounting database of the utmpd daemon.
Internet and Networking IPv6 Support • who (accepts new wtmps database if invoked with -W option) who (Reads in-memory utmps database) who (Reads utmp records from ) who -W (Reads wtmps database) • last (By default, last and lastb read the new wtmps and btmps databases. The last and lastb commands continue to read files containing old utmp-like records by using the -f option.
Internet and Networking IPv6 Support Any entries written to the /etc/utmpx file will not be updated in the daemon's database in real time. As a result, commands like who might not show the information instantly but will eventually show it after a time lag. This time lag could range from a few seconds on lightly loaded systems to a few minutes on heavily loaded systems.
Internet and Networking Kernel Logging (Deprecation) Documentation For detailed information the customer should refer to the following new manpages: • • • • • getuts (3C) bwtmps (3C) utmpd (1M) wtmps (4) btmps (4) The following manpages have been modified: • • • • • • • • • • • acct (1M) acctcon (1M) date (1) finger (1) fwtmp (1M) init (1M) last (1) users (1) uucpd (1M) who (1) write (1) The following APIs can be found in the manpage, getuts (3C): • • • • • • • setutsent() getutsent() getutsid() getuts
Internet and Networking LAN Commands Summary of Change HP-UX 11i v2 is the last release in which Kernel Logging is supported. Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation For more information, refer to the kl (1M) manpage. Obsolescence Kernel Logging will not be supported post-HP-UX 11i v2.
Internet and Networking LAN Commands Compatibility The lanadmin binary from earlier HP-UX releases will not work on HP-UX 11i v2. Performance There are no performance issues. Documentation The lanadmin manpage, lanadmin (1M), has been modified. For further information, see also the Driver Development Guide, available from the Developer and Solution Partner Program (DSPP) at http://h21007.www2.hp.com/dev/. Obsolescence Not applicable.
Internet and Networking Network Information Service Plus (Deprecated) The linkloop Command The linkloop command verifies LAN connectivity with link-level loopback. Summary of Change The linkloop command was not working correctly with the Ethernet interfaces set for an MTU size other than 1500. This has been fixed in HP-UX 11i v2. The linkloop command now supports third-party LAN drivers. Impact There are no impacts. Compatibility There are no compatibility issues.
Internet and Networking Network Information Service Plus (Deprecated) As a replacement for NIS+, the LDAP-UX product (J4269AA) offers: • A common repository for network-based account management in LDAP directories. • Integration (unified login) with other directory-enabled applications, including Windows. • Login and password policies as defined by the directory server. • Access control and other privacy features of the directory server. • Centralized and distributed enterprise management.
Internet and Networking Network Tracing and Logging (NetTL) Network Tracing and Logging (NetTL) The Network Tracing and Logging facility (NetTL) is a troubleshooting tool used to gather information on network activity and networking products, by logging product events and tracing inbound and outbound packets.
Internet and Networking Network Transport (ARPA) Performance NetTL's performance is improved, as the disk write is now done in the kernel and NetTL binds the disk write thread to a specific CPU. Documentation The nettl (1M) and netfmt (1M) manpages have been updated with IPv6 and new Tracing Framework related changes. For further information, see the Driver Development Guide, available from the Developer and Solution Partner Program (DSPP) at http://h21007.www2.hp.com/dev.
Internet and Networking Network Transport (ARPA) This change incorporates the DLPI OOP header to carry the type of checksum offload and the offloaded checksum itself. The Transport internal kernel header file, net/cko.h, has been modified to support this enhancement. Again, for more information, please see “HP-UX Data Link Provider Interface (DLPI)” on page 126. • Support for dump reading by netstat and arp has been permanently removed as of HP-UX 11i v2.
Internet and Networking Networking libc APIs getaddrinfo() and getnameinfo() The netstat and arp manpages, netstat (1) and arp (1M), have been changed to eliminate the syntax which allows references to crash dumps. Obsolescence Support for crash dump reading in arp and netstat is obsoleted as of HP-UX 11i v2. Networking libc APIs getaddrinfo() and getnameinfo() The C library, libc, provides the interface between the user program and the kernel.
Internet and Networking Networking libc APIs getipnodebyname() and getipnodebyaddr() Compatibility There are no compatibility issues. Performance A timeout delay can be noticed due to the additional lookup by the getaddrinfo() and getnameinfo() functions. Documentation The following manpages have been modified: • • • getaddrinfo (3N) getnameinfo (3N) gethostent (3N) Obsolescence Not applicable.
Internet and Networking The nslookup Program Performance There are no performance issues. Documentation The following manpages have been modified: • • getaddrinfo (3N) getnameinfo (3N) Obsolescence Not applicable. The nslookup Program The nslookup program is used to query the Internet domain name servers interactively. Summary of Change The nslookup program has been extended to follow the configured host name resolution algorithm and to query NIS, DNS, and host tables.
Internet and Networking Router Discovery Protocol Daemon (rdpd) (Obsolete) Obsolescence Not applicable. Router Discovery Protocol Daemon (rdpd) (Obsolete) The router discover protocol daemon, rdpd, implements the host portion of the router discovery protocol. Summary of Change The rdpd daemon is transitioning from an obsolescent state to obsolete. Any references to rdpd have been removed, and rdpd will no longer start at bootup. The functionality of rdpd has been subsumed in gated.
Internet and Networking Web Browsing Web Browsing HP-UX 11i v2 includes two Web browsers: Mozilla (the default) and Netscape 7. Mozilla Application Suite Mozilla 1.2.1 (product number B9005AA) is an Open Source Web browser, very similar to Netscape 7.0. Netscape 6/7 is actually based on the Mozilla code base. Summary of Change Mozilla 1.2.1 has been added as the default browser for HP-UX 11i v2. A Netscape browser is also still available. Additional information about Mozilla 1.2.1 can be found at www.hp.
Internet and Networking Web Browsing Summary of Change Netscape 7.0 has replaced Netscape Communicator 4.79 on HP-UX 11i v2. Mozilla is the default browser. Impact Netscape 7 and Netscape Communicator are very similar. Although you will notice some differences in the interface, the basic functionality is the same. Compatibility Multi-media plug-in support for these browsers is slightly different than for Netscape Communicator 4.7x. Please see www.hp.com/go/netscape_plugins for details.
7 Security What’s in This Chapter? This chapter covers changes and enhancements to security services, including: Chapter 7 • Boot Authentication (see page 174) • File Descriptor Allocation (see page 174) • Generic Security Service Application Programming Interface (GSS-API) (see page 175) • HP-UX Auditing System (see page 176) • HP-UX Bastille (see page 177) • HP-UX Host Intrusion Detection System (HIDS) (see page 179) • HP-UX IPFilter (see page 180) • HP-UX Secure Shell (see page 181) •
Security Boot Authentication Boot Authentication The Boot Authentication feature makes it possible to configure a system so that only authorized users are allowed to boot the machine into Single-user Mode. Summary of Change Formerly, the Boot Authentication feature was only available on systems that have been converted to Trusted Mode. Starting with HP-UX 11i v2, the feature is available on all Standard Systems.
Security Generic Security Service Application Programming Interface (GSS-API) Generic Security Service Application Programming Interface (GSS-API) The Generic Security Service Application Programming Interface (GSS-API) provides security services for applications independent of the various underlying security mechanisms. The services include authentication, integrity, and/or confidentiality services. Summary of Change The GSS-API product is now delivered as part of HP-UX 11i v2.
Security HP-UX Auditing System HP-UX Auditing System The purpose of the auditing system is to record instances of access by subjects to objects and to allow detection of any (repeated) attempts to bypass the protection mechanism and any misuses of privileges, thus acting as a deterrent against system abuses and exposing potential security weaknesses in the system. The audevent command changes the auditing status of the given events or system calls.
Security HP-UX Bastille Impact You should stop using the listed system call names as options to audevent and audisp. Although these system calls were obsoleted previously, the HP-UX Auditing System was not updated accordingly. With HP-UX 11i v2, these system calls are still treated as valid by the Auditing System, but they will not be in future releases. You should also stop using the listed to-be-obsoleted event type options with audevent and audisp.
Security HP-UX Bastille Summary of Change Previously available via the Web only, HP-UX Bastille 2.1 is now included in the HP-UX 11i v2 Operating Environments. The new version adds finer granularity of configuration, improved question flow, better input validation, and new lockdown features to include configuration of IPFilter and password shadowing. HP-UX Bastille may also be downloaded from http://www.hp.com/go/bastille.
Security HP-UX Host Intrusion Detection System (HIDS) • HP-UX 11i v2 Installation and Update Guide, online at http://www.docs.hp.com • Chapter 8 of Managing Systems and Workgroups, online at http://www.docs.hp.com • “Common Desktop Environment (CDE)” on page 249 • “MC/ServiceGuard” on page 90 • HP-UX 11i Security by Chris Wong (Prentice Hall PTR, ISBN 0-13-033062-0), see http://www.hp.com/hpbooks/prentice/ptr_0130330620.html Obsolescence Not applicable.
Security HP-UX IPFilter Updated and enhanced for version 2.2. • HP-UX Host Intrusion Detection System Version 2.2 Release Notes Product changes and installation. Obsolescence This maintenance release (v2.2) is the actively supported version. All older versions are discontinued. Customers using older versions of the product are strongly encouraged to update to this version. HP-UX IPFilter HP-UX IPFilter (B9901AA) version A.03.05.
Security HP-UX Secure Shell • HP-UX IPFilter version A.03.05.06 Release Note For FAQs and forums, go to the IT Resource Center at http://itrc.hp.com. Obsolescence Not applicable. HP-UX Secure Shell HP-UX Secure Shell A.03.10, based on OpenSSH 3.1p1, provides a secure channel for remote communication by transparently encrypting network traffic. HP-UX Secure Shell uses hashing to ensure data integrity and supports several authentication methods.
Security Install-Time Security Documentation For installation and quick configuration steps, see the HP-UX Secure Shell Release Notes for version A.03.10 at the following URL: http://www.docs.hp.com/hpux/internet/index.html#HP-UX%20Secure%20Shell There are several HP-UX Secure Shell manpages available. Use the ssh manpage to learn about HP-UX Secure Shell technology. Use the sshd manpage to learn about the HP-UX Secure Shell daemon.
Security Install-Time Security 3. Sec20MngDMZ - Lockdown + block most incoming traffic with IPFilter firewall 4. Sec30DMZ - DMZ-Appropriate, Host-Based and IPFilter Network Lockdown For precise configuration information, please refer to the README or Chapter 2 of the HP-UX 11i v2 Installation and Update Guide.
Security Kerberos Client (KRB5-Client) Kerberos Client (KRB5-Client) The KRB5-Client product helps to provide Kerberos authentication and strong cryptography for secure communication over the network. Summary of Change The KRB5-Client is now delivered as part of HP-UX 11i v2. The following changes have been made to the KRB5-Client: • Support for appdefaults section in the /etc/krb5.conf: Each tag in the [appdefaults] section of the /etc/krb5.conf defines a Kerberos V5 application.
Security PAM Kerberos Performance There are no performance issues. Documentation • The following manpages have been changed: — /usr/share/man/man3.Z/libkrb5.3 — /usr/share/man/man4.Z/krb5.conf.4 • Further information may be found in the Configuration Guide for Kerberos Client Products on HP-UX, available on the Web at http://www.docs.hp.com/hpux/onlinedocs/J5849-90007/J5849-90007.html. Obsolescence Not applicable. PAM Kerberos The Pluggable Authentication Modules (PAM) [OSF RFC 86.
Security Security Patch Check • In the /etc/pam.conf file, if the flag krb_prompt is added to either the login or password entry, the prompt explicitly specifies kerberos as shown below: $ old password <----- Previous output $ old kerberos password <----- Output if krb_prompt is specified Impact By preventing a user from changing another user’s password, systems now conform to standards and are now more secure. Compatibility There are no compatibility issues.
Security Shadow Passwords Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation • security_patch_check (1M) manpage (add /opt/sec_mgmt/share/man/ to MANPATH) • Managing Systems and Workgroups, Chapter 8 • “HP-UX Bastille” on page 177 Obsolescence Not applicable. Shadow Passwords The new Shadow Password feature enhances system security by hiding user-encrypted passwords in a shadow password file.
Security Strong Random Number Generator On a system which has been converted to use Shadow Passwords, the only applications that can be affected are those that either use the getpwent/getpwnam interfaces, or directly access the password field of the /etc/passwd file with the assumption that password and aging information resides there. Every password field is set to x, and the corresponding encrypted password is stored in the /etc/shadow file, which is accessible only by privileged users.
Security Strong Random Number Generator The /dev/random device interface provides random, unpredictable binary sequences through the standard read system call. This read blocks temporarily if the kernel-resident device buffer is too empty to guarantee the highest level of entropy. The /dev/urandom device interface has the advantage of a non-blocking read call, but the entropy may be much more dilute than that provided by /dev/random.
Security Strong Random Number Generator 190 Chapter 7
8 Commands and System Calls What’s in This Chapter? This chapter provides information about new and changed commands and system calls, including: • HP-UX Commands (see page 192) — The envd Environment Daemon (see page 192) — The groupadd, groupdel, groupmod, useradd, userdel, usermod Commands (see page 192) — The psrset Command (see page 193) — The setboot Command (see page 194) • I/O Commands (see page 195) — The insf, lssf, mksf Commands (see page 195) — The ioscan Command (see page 196) Chapter 8
Commands and System Calls HP-UX Commands HP-UX Commands The envd Environment Daemon The envd daemon is a system physical environment daemon which provides a means for the system to respond to environmental conditions, such as an over-temperature condition and chassis fan failure detected by the hardware. Summary of Change The envd daemon was not supported on the Itanium-based platform in the previous release. Now the Itanium Core Hardware Monitor (ia64_corehw) has been modified to support the envd daemon.
Commands and System Calls HP-UX Commands Summary of Change In trusted mode operation, the groupadd, groupdel, groupmod, useradd, userdel, usermod commands now write audit records into the audit subsystem’s audit trail. This is required for “Common Criteria.” (More information on “Common Criteria” can be found at http://www.commoncriteria.org.
Commands and System Calls HP-UX Commands -s pset_id Un-marks the processor set with the identification number, pset_id, as an RTE processor set. -R [processor_list] Creates a new RTE processor set and displays the processor set identification number (pset_id) for the new processor set. For other changes to psrset, see “HP-UX Processor Sets” on page 75. Impact Through the psrset command, you are now able to get information about RTE processor sets, as well as modify them.
Commands and System Calls I/O Commands Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation The manpage for the setboot command, setboot (1M), has been updated to document the -h option, as well as the SpeedyBoot-related options supported by setboot. Obsolescence Not applicable. I/O Commands The insf, lssf, mksf Commands The insf command installs special files in the devices directory, normally /dev.
Commands and System Calls I/O Commands Impact Apart from the presence of the messages described in the previous section, there are no other known impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation For further information, see the Driver Development Guide, available from the Developer and Solution Partner Program (DSPP) at http://h21007.www2.hp.com/dev/. Obsolescence Not applicable.
Commands and System Calls The mmap() Function • Benefits of the -e option: You will be able to visually map the firmware representation of the device (EFI path) to its HP-UX representation. This should aid in a multi-OS environment where the other OSes understand the EFI but don't understand the HP-UX path. Compatibility There are no compatibility issues. Performance The new options will not affect performance of the ioscan command.
Commands and System Calls The pstat_getfile() Interface (Obsolete) Performance This change has no impact on system performance. User programs who previously had to use kernel driver ioctl() functions to memory map I/O or configure DMAs will be able to perform these tasks more quickly. Documentation The mmap() function’s manpage, mmap (2), now documents the MAP_IO flag along with the expected calling format. Obsolescence Not applicable.
Commands and System Calls Usage of Capacity-related ioctls: DIOC_CAPACITY, DIOC_DESCRIBE, and SIOC_CAPACITY Usage of Capacity-related ioctls: DIOC_CAPACITY, DIOC_DESCRIBE, and SIOC_CAPACITY The DIOC_CAPACITY ioctl can be used to obtain the capacity of a disk device in DEV_BSIZE units. The DIOC_DESCRIBE ioctl can be used to obtain device specific identification information. The information returned includes the disk's logical block size. The SIOC_CAPACITY ioctl indicates the current device size.
Commands and System Calls Usage of ustat(), statfs(), and statvfs() 200 Chapter 8
9 Libraries and Programming What’s in This Chapter? This chapter covers a wide variety of changes of particular interest to programmers, such as changes to compilers, editors, and libraries, including: • 400K File Descriptors (see page 202) • Adaptive Address Space (AAS) (see page 205) • Aries Binary Translator (see page 206) • Debugging (see page 207) — Absolute Debugger (adb) (see page 207) — HP Kernel Debugger (KWDB) (see page 208) — HP Wildebeest Debugger (WDB) (see page 209) • Dynamic Loader
Libraries and Programming 400K File Descriptors 400K File Descriptors The “maximum supported number of file descriptors” refers to the maximum number of simultaneous open files allowed per process. MAXFUPLIM specifies the absolute maximum number of files a process can have open at one time. Summary of Change The maximum supported number of file descriptors per process has been raised from 60000 (60K) to 400,000 (400K). The semantics of USE_BIG_FDS has changed. In the 10.
Libraries and Programming 400K File Descriptors RLIMIT_NOFILE defaults can be changed (as in previous releases) by modifying the kernel tunables maxfiles (5) and maxfiles_lim (5). See the kctune (1M) and kcweb (1M) manpages and the SAM online kernel configuration help for more information. Any system running an application that uses a large amount of file descriptors might need to be reconfigured with a larger value for the kernel tunable nfile.
Libraries and Programming 400K File Descriptors • The value for FD_SETSIZE will default to 60,000 if _USE_BIG_FDS is defined but not assigned a value. • The value for FD_SETSIZE will default to (1024 * 1024) if _USE_BIG_FDS=400000 is defined. The default size of FD_SETSIZE will be set to (1024 * 1024) when _USE_BIG_FDS=400000 is defined. This is for compatibility with existing applications which may have assumed that _MAXFUPLIM and FD_SETSIZE were equivalent and used them interchangeable.
Libraries and Programming Adaptive Address Space (AAS) Adaptive Address Space (AAS) Version 1.0 of Adaptive Address Space (AAS) allows you to create binaries that provide you with a large address space and more control over it. AAS is available only on HP-UX for Itanium-based servers. Summary of Change The AAS product is used to create a new type of binary, MPAS, by using the chatr command.
Libraries and Programming Aries Binary Translator Documentation The following manpages have changed: • • • • chatr (1M) mmap (2) shmget (2) shmat (2) Obsolescence Not applicable. Aries Binary Translator Aries is the HP-UX PA-RISC to HP-UX Itanium binary emulator. Aries transparently emulates both 32-bit and 64-bit HP-UX PA-RISC applications on HP-UX 11i v2. The Aries distribution on HP-UX Itanium-based systems consists of four shared libraries: /usr/lib/hpux32/aries32.so /usr/lib/hpux32/pa_boot32.
Libraries and Programming Debugging Compatibility There are no compatibility issues. (Note that Aries itself is a key product in binary compatibility between PA-RISC and Itanium-based.) Performance The experimental dynamic translator significantly improves the performance of the emulated application. From the initial measurements it has been observed that the overall Aries performance, with the experimental dynamic translator turned on, increases by 20% on an average.
Libraries and Programming Debugging • Support for debugging INIT and MCA crash dumps • Support for debugging a shared library for an attached process Impact • By using adb, you can debug HP-UX kernel and crash dumps with Lazyfp support. • You can debug HP-UX kernel and crash dumps with Dual pdir support. • You can debug an executable, a running process, and the core with MxN threads. • You can debug crash dumps for INIT and MCA events.
Libraries and Programming Debugging • Source code interspersed with disassembly listing • Ability to attach and detach from a running kernel • Ability to debug multiple targets on any subnet simultaneously • Support for crash dump analysis • Support for remote crash dump analysis • Support for live memory analysis • Support for Perl scripts Impact There are no impacts. Compatibility KWDB supports debugging of any PA-RISC system running HP-UX 11.0 or later or any Itanium-based system.
Libraries and Programming Debugging HP WDB provides several commands that help expose the memory related problems. The commands will allow you to: — Report memory leaks — Report heap profile — Stop at the free of unallocated or a deallocated block — Stop when freeing a block if bad writes occur outside block boundary. — Scramble previous memory contents during allocation and free. A detailed list of commands and their usage can be found in the Debugging with GDB manual at www.hp.com/go/wdb.
Libraries and Programming Dynamic Loader (dld.so) • You can use the dumpcore command to generate a core image file of a process running under the debugger in the middle of execution. • You will be able to unwind through a corrupt pc. • You will see different info threads command output Machines Affected WDB 4.0 does not support the following: • Itanium 1 machines • HP-UX 11i v1.
Libraries and Programming Dynamic Loader (dld.so) Summary of Change Changes to Dynamic Loader version B.12.20 include the following: • Support for applications built with +[no]lazyload and -B [direct|lazydirect|nodirect] • Lazy loading of shared library - Shared libraries marked with lazy loading during link time will not be loaded during program startup. Instead, the shared library will be loaded on the first reference during execution.
Libraries and Programming File Descriptor Allocation File Descriptor Allocation A file descriptor is a positive integer that is generated by the system when a process opens a file. Operations which perform I/O on the file would use this descriptor to refer to the file. Summary of Change The behavior of the file descriptor allocation in HP-UX 11i v2 has been changed to prevent security problems such as unauthorized modification of root-owned files.
Libraries and Programming GTK+ Libraries GTK+ Libraries The GTK+ Libraries are the open source GNU toolkit for X windows development. The copy provided in HP-UX 11i v2 is only supported for use with the Mozilla browser, which depends on it. Summary of Change The GTK+ libraries have been added because they are required for Netscape 7 and Mozilla. The GTK+ Libraries, version 1.2.10.
Libraries and Programming HP aC++ Compiler Standard for Information Systems - Programming language C, ANS X3.159-1989 (the ANSI C 89 standard). It has partial support for C99 language features when used in C mode. Summary of Change Included with HP-UX 11i v2 is the librwtool_v2 library which corresponds to Rogue Wave's Tools.h++ version 7.1.1. To use this library with -AA, link with -lrwtool_v2. Impact With the librwtool_v2 library, you can use the functionality of Tools.
Libraries and Programming HP C Compiler HP C Compiler The HP C Compiler for Itanium-based systems, version A.05.50, supports the American National Standard for Information Systems - Programming language C, ISO 9899:1990 (the ANSI C 89 standard), and it also supports the majority of the extensions introduced in ISO/IEC 9899:1999(E) (commonly referred to as “C99”). Summary of Change The legacy_hpc/ subdirectory is no longer provided.
Libraries and Programming HP C Compiler • support for +L (listing) option and the related listing control #pragmas (LINES, WIDTH, TITLE, SUBTITLE, PAGE, LIST and AUTOPAGE) • support for the standalone C tools: — cpp, lint, cb, cflow, cxref, endif, protogen Performance There are no performance issues.
Libraries and Programming HP Fortran HP Fortran HP Fortran is a modern, powerful mathematical and scientific language that supports array-handling, data abstraction, and data hiding. HP Fortran is now available on both PA-RISC and Itanium platforms, and includes the following features: • Full Fortran 95 compiler, based on International ANSI/ISO standards • Full OpenMP v2.
Libraries and Programming HP Math Library (libm) • The product Web page, located at http://h21007.www2.hp.com/dspp/tech/tech_TechSoftwareDetailPage_IDX/1 ,1703,1844,00.html Obsolescence Not applicable. HP Math Library (libm) The HP Math Library, libm, provides mathematical functions for C, C++, and Fortran90. The math.h, complex.h, tgmath.h, and fenv.h headers provide C interface, and the headers cmath and complex provide C++ interface for the libm library.
Libraries and Programming HP Message Passing Interface (MPI) Compatibility The names of the new functions will expand the HP-UX namespace: • sincos() sincosf() sincosl() (math.h) • cis() cisf() cisl() (complex.h) and additionally with the -fpwidetypes option: • sincosw() sincosq() (math.h) • cisw() cisq() (complex.h) Customers who have used these names for other purposes may need to change their code.
Libraries and Programming HP Message Passing Interface (MPI) Summary of Change HP MPI 1.8.3 adds the following new features to those of HP MPI 1.8: • Additional launch utility mpirun.all • HyperFabric/HyperMessaging Protocol (HMP) functionality for Itanium-based platforms • stdio is not processed by default • Argument error checking is turned off by default For more information on HP MPI and HMP, refer to the documents available at http://www.docs.hp.com. Impact • The new launch utility mpirun.
Libraries and Programming HP MLIB Refer to www.hp.com/go/mpi for information about the HP MPI product. Obsolescence Not applicable. HP MLIB HP MLIB Version 8.4 contains robust callable subprograms, including all BLAS 1, 2, and 3 subroutines, sparse BLAS subroutines, a collection of commonly used dense and sparse linear system solvers, including LAPACK, ScaLAPACK, and SuperLU_DIST; Fast Fourier Transforms (FFTs), and convolutions.
Libraries and Programming HP-UX C Library (libc) • HP MLIB User's Guide VECLIB, LAPACK, ScaLAPACK, and Distributed SuperLU describes the MLIB software library and shows how to use it. For more information on HP MLIB documentation, refer to http://www.hp.com/go/mlib. • LAPACK Users' Guide - This Society for Industrial and Applied Mathematics (SIAM) publication provides an introduction to the design of LAPACK as well as complete specifications for all the driver and computational routines.
Libraries and Programming HP-UX C Library (libc) C99 Support for HP-UX System C Library (libc) The System C Library, libc, contains a set of commonly used Application Programming Interfaces (APIs) and also is the entry point for most system calls. Summary of Change As part of an effort to make HP-UX C99 standard compliant, a set of 8 new APIs have been introduced in libc.
Libraries and Programming Itanium Unwind Library (libunwind.so) Itanium Unwind Library (libunwind.so) The Itanium Unwind Library, libunwind.so, supports stack unwind and C++ exception handling on HP-UX 11i v2. Summary of Change Changes to the Itanium Unwind Library for HP-UX 11i v2 include the following: • Added a new set of “Unwind Express” APIs that perform stack unwinding considerably faster. • New header files and
Libraries and Programming Java 2 Platform • “HP 3D Technology for the Java 2 Platform” on page 226 • “Runtime Environment (RTE) for the Java 2 Platform” on page 227 • “Runtime Plug-in (JPI) for Netscape/Mozilla for the Java 2 Platform” on page 228 HP 3D Technology for the Java 2 Platform HP 3D Technology for the Java Platform version 1.3 contains the classes for creating 3D applications on systems with Java 1.3 and 1.4 and the HP-UX 700 OpenGL 3D Graphics Runtime Environment.
Libraries and Programming Java 2 Platform Runtime Environment (RTE) for the Java 2 Platform The Runtime Environment (RTE) for the Java 2 Platform allows you to deploy Java version 1.3 or 1.4 technology with the best performance on Itanium-based and PA-RISC systems running HP-UX 11i v1 and 11i v2. It is redistributable. Summary of Change Previously, only RTE for Java version 1.3 was offered. The Runtime Environment for Java 2 version 1.4 has now been added, giving customers the latest Java technology.
Libraries and Programming Java 2 Platform Runtime Plug-in (JPI) for Netscape/Mozilla for the Java 2 Platform The Runtime Plug-in (JPI) for Netscape/Mozilla for the Java 2 Platform allows you to use a version of the HP-UX Runtime Environment for the Java 2 platform different from the HP-UX Runtime Environment for Java embedded with Netscape 4.x. Mozilla and Netscape 6/7 do not have an embedded Java runtime. They must use the Java Plug-in to enable Java within the browser.
Libraries and Programming Link Editor (ld) Link Editor (ld) The Link Editor, ld, takes one or more object files or libraries as input and combines them to produce a single (usually executable) file. Summary of Change New functionality introduced to ld in HP-UX 11i v2 includes lazy loading of shared libraries and direct binding support: • Lazy loading of shared library (option: +[no]lazyload) – This option will enable [disable] lazy loading of shared libraries.
Libraries and Programming Micro Focus OO COBOL 4.2 Run-Time Libraries (Deprecation) Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance issues. Documentation The ld manpage, ld (1), has been updated to include the new options. Obsolescence Not applicable. Micro Focus OO COBOL 4.
Libraries and Programming Perl Impact There are no impacts. Compatibility There are no compatibility issues. Performance There are no performance changes. Documentation The elfdump manpage, elfdump (1), has been updated to include the new option. Obsolescence Not applicable. Perl Perl is a high-level programming language created and enhanced by the Open Source community.
Libraries and Programming Source Code Transition from HP-UX 11i v1.6 to HP-UX 11i v2 Compatibility Perl 5.8 is not binary compatible with earlier releases of Perl. XS modules have to recompiled. (Pure Perl modules should continue to work.) The major reason for the discontinuity is the new IO architecture called PerlIO. PerlIO is the default configuration because without it many new features of Perl 5.8 cannot be used. In other words, you will just have to recompile your modules containing XS code.
Libraries and Programming Thread Context Summary of Change The code responsible for saving and restoring register state on entry to the kernel via interruption (bubbleup) or syscall (syscallinit) and at context switch time (save/resume, setjmp/longjmp) has been revised to improve performance and support minor changes to the runtime architecture.
Libraries and Programming Thread Context Documentation The manpage for uc_access, uc_access (3) has been updated to list ar.csd/ar.ssd under the __uc_get_ar() and __uc_set_ar() interfaces. Obsolescence Not applicable.
10 Internationalization What’s in This Chapter? This chapter describes internationalization functionality, including: Chapter 10 • Simplified Chinese Input Methods (see page 236) • Mainframe iconv Converters for Japanese Characters (see page 237) • Printing Using Asian TrueType Fonts for HP PCL5 Printers (see page 238) • System Support for Latin and South American Locales (see page 239) • Unicode 3.
Internationalization Simplified Chinese Input Methods Simplified Chinese Input Methods System level support is provided in HP-UX 11i v2 for the GB18030 character set. GB18030 is officially referred to as “Chinese National Standard GB18030-2000: Information Technology - Chinese Ideograms Coded Character Set for Information Interchange - Extension for the Basic Set.” It is a government-mandated conformance requirement for all products sold in China, effective as of September 1, 2001.
Internationalization Mainframe iconv Converters for Japanese Characters Obsolescence T-C and T-C Rapid input methods of XSIM have been removed. Mainframe iconv Converters for Japanese Characters Mainframe iconv converters between ShiftJIS/eucJP/UCS2 and NEC-JIPS/Hitachi-KEIS/Fujitsu-JEF were introduced at HP-UX 11i v1. This release includes several fixes of mapping errors for JIS standard characters.
Internationalization Printing Using Asian TrueType Fonts for HP PCL5 Printers Documentation Refer to the Japanese System Environment User’s Manual and to the iconv (3C) manpage. Obsolescence Not applicable. Printing Using Asian TrueType Fonts for HP PCL5 Printers A text file including Asian characters can be printed on an HP PCL5 printer using Asian TrueType fonts which are installed by default in HP-UX. Summary of Change The PCL5.
Internationalization System Support for Latin and South American Locales Performance Accessing host-installed TrueType fonts may require time to rasterize and download characters to the printer. Documentation The option -ooptions to the lp command will show the list of available print options for the PCL5.asian model. Obsolescence Not applicable. System Support for Latin and South American Locales System level support is provided for numerous Latin/South American countries in HP-UX 11i v2.
Internationalization System Support for Latin and South American Locales Table 10-1 Latin/South American Locale Binaries (Continued) Locale ISO-88591 based ISO-885915 based Bolivia es_BO.iso88591 es_BO.iso885915 Ecuador es_EC.iso88591 es_EC.iso885915 Paraguay es_PY.iso88591 es_PY.iso885915 Costa Rica es_CR.iso88591 es_CR.iso885915 Guatemala es_GT.iso88591 es_GT.iso885915 Nicaragua es_NI.iso88591 es_NI.iso885915 Panama es_PA.iso88591 es_PA.iso885915 El Salvador es_SV.
Internationalization System Support for Latin and South American Locales • • • paintjetXL300 PCL4 PCL5 To specify printing in either of the ISO-885915 or UTF-8 locales, use the lp option -ocs9N (or -oscs9N) to select the correct character set as the primary (or secondary) character set.1 For example: lp -d -ocs9N -o For ISO-88591 locales, no codeset (-cs) option is required.
Internationalization Unicode 3.0 Support Unicode 3.0 Support Unicode 3.0 is aligned with the revised ISO 10646-1:2000 standard and includes an additional 10,194 characters from the previous version of the standard. Most notable of these additional characters are 6,582 new CJK characters (Han Extension A) for use in various Asian countries. Summary of Change HP-UX 11i v2 includes Unicode 3.0 support, which is an extension to the previously supported Unicode 2.1 standard.
Internationalization Deprecated Functionality Changes are forthcoming within the HP-UX Internationalization architecture which will disallow this intermixing for both PA-RISC 1.1 32-bit and PA-RISC 2.0 64-bit environments. (Note: the archived versions of libc are not supported on IA platforms.) Deprecated Functionality Several commands, library routines and lp model files that implement internationalization functionality are being deprecated as of this release.
Internationalization Deprecated Functionality Table 10-2 Deprecated Internationalization Functionality Name Fileset Replacement Remarks ccdcudfgen TTK-TCH-RUN xudced (1) ccdcudfdown TTK-TCH-RUN udcload (1) hpc1208a PRT-LP-RUN None lp model file PCL4.nloo PRT-LP-RUN PCL5.nloo lp model file PS.nlio PRT-LP-JPN-RUN PS2.
11 Other Functionality What’s in This Chapter? This chapter describes other new and changed operating-system software functionality, including: Chapter 11 • ccNUMA (see page 246) • Common Desktop Environment (CDE) (see page 249) • Distributed Computing Environment (DCE) (see page 253) 245
Other Functionality ccNUMA ccNUMA HP's new cell-based platforms use a ccNUMA (Cache Coherent Non-Uniform Memory) Architecture. This means that memory latencies and bandwidths are not uniform across the whole system. The latency and bandwidth of a same-cell memory access is better than accessing memory on a different cell. This may have significant performance implications for some workloads.
Other Functionality ccNUMA • shmget() These new memory locality flags have been added to shmget(): IPC_MEM_INTERLEAVED, IPC_MEM_LOCAL, IPC_MEM_FIRST_TOUCH. • pstat_getlocality(), pstat_getproclocality() These are two new pstat functions which return information about aspects of a ccNUMA system.
Other Functionality ccNUMA The pthread_launch_policy_np(3t) provides a way to set launch policy for a thread. Two new launch policy requests, PTHREAD_POLICY_RR_TREE_NP and PTHREAD_POLICY_FILL_TREE_NP, are now supported. • parcreate The existing option -c has been enhanced to take an additional argument to specify cell local memory (CLM) configuration for individual cells. A new option -L has been added to allow users to specify the CLM configuration for every cell in the partition.
Other Functionality Common Desktop Environment (CDE) Documentation For further information, see the following manpages: • • • • • • • • • • • • • • • • • • • mmap (2) mpctl (2) mpsched (1) parcreate (1M) parmodify (1M) parstatus (1) pset_assign (2) pset_ctl (2) pset_destroy (2) psrset (1M) pstat_getlocality (2) pstat_getproclocality (2) pstat_getpset (2) pthread_ldom_bind_np (3T) pthread_ldom_id-np (3T) pthread_num_ldoms_np (3T) pthread_num_ldomprocs_np (3T) shmget (2) sysconf (2) Also see HP System Part
Other Functionality Common Desktop Environment (CDE) • CDE now has features to provide more accessibility to the desktop for physically challenged users. These additional features are as follows: — A single-point of GUI control through dtstyle for enabling or disabling accessibility features. — AccessX, a client for changing keyboard and mouse settings that allows a user to navigate easily. AccessX can be invoked from the Desktop Style Manager.
Other Functionality Common Desktop Environment (CDE) • Itanium-based CDE shared libraries are not available to customers who want to port their applications to Itanium. This means that applications that directly or indirectly link against libDtSvc, libDtTerm, libDtWidget, libtt, libcsa, libDtPrint, libDtHelp, and libDtMrm will not be able to compile and link on Itanium-based platforms.
Other Functionality Common Desktop Environment (CDE) Table 11-1 Impacts on CDE System Services (Continued) Service Impact if Disabled Appointments / To Do / Compare calenders and Menu Editors options available in Calendar Manager will not work. rpc.cmsd a To Re-enable Service 1. a.Uncomment the entry for rpc.cmsd in /etc/inetd.conf b.Reread the newly modified /etc/inetd.conf by executing /usr/sbin/inetd -c. 2. Change the value of SecureInetd.
Other Functionality Distributed Computing Environment (DCE) • For further information about CDE’s added accessibility features, see the following: — The manpage and online help for dtstyle — Online help for AccessX — The manpage for xzoom • For further information about the dtlogin change, see the dtlogin manpage. • For further information about the dtterm escape sequences change, see the dtterm manpage.
Other Functionality Distributed Computing Environment (DCE) • DTS client (Itanium Version) • CMA Threads: POSIX 1003.1c, a user-space implementation (PA-RISC) only • DCE runtime library, CMA version, 32 and 64 bit version of Kernel Threaded version, 32 and 64 bit version of KT runtime library are available in native Itanium • DCE-CoreTools as in HP-UX 11i v1 (PA-RISC version) Summary of Change The following products are available on HP-UX 11i v2 as part of HP DCE version 1.
Other Functionality Distributed Computing Environment (DCE) The header files /opt/dce/include/dce/pthread_exc_wrap.h and /opt/dce/include/dce/exc_handling_wrap.h are not delivered. Applications using these files should use /usr/include/pthread_exc.h and /usr/include/exc_handling.h respectively. Performance Applications might experience some performance degradation while running PA-RISC applications on Itanium systems.
Other Functionality Distributed Computing Environment (DCE) 256 Chapter 11
