HP Tru64 UNIX Technical Updates for the Version 5.
© Copyright 2002–2007 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents Technical Updates for the Version 5.1B and Higher Operating System and Patches.................................................................................................................................7 List of Most Recently Added Notes........................................................................................................7 Overview..........................................................................................................................................
Requirements for Installing System V and WLS from V5.1B-2 APCDs (Sept. 2004)......................32 LSM Merge Problem During Update Installation on a Standalone System with Mirrored Root File System (May 2004)....................................................................................................................32 Increasing PCI Box Support on GS1280 M32 to 16 (Aug. 2003)......................................................
sysman_menu(8) Correction (Nov. 2002)...................................................................................43 Corrections to Manuals...................................................................................................................43 Tuning Guide Table Lists Tools in Error (Sept. 2005).................................................................43 Information on Default Private Region Size Is Incorrect in LSM Manual (March 2005)...........
List of Figures 1 6 Tri-link Cable Configuration.........................................................................................................
Technical Updates for the Version 5.
• The patch kit you want to remove was installed before the NHD kit. For example, if you installed Patch Kit 2 and then installed NHD-7, you cannot remove that patch kit. However, if you later installed Patch Kit 4, you can remove that patch kit. • The patch kit was installed with NHD-7. Beginning with the release of Patch Kit 3, patch kits were incorporated into the NHD-7 kits. As a result, when you installed NHD-7, you automatically installed the current patch kit. These patch kits cannot be removed.
method.No-roll patch is designed to patch the cluster as a unit. As a result, the entire cluster will be brought to init state 2. After the patch operation is completed, the entire cluster will be rebooted. In order for the reboot operation to complete correctly, it is necessary that cluster quorum be configured to allow for members to be rebooted without losing quorum. Do you wish to continue? Please answer y or n ? [y/n]: y Tru64 UNIX Patch Utility (Rev.
2 2 2. 4 5 10 10 valid valid Clone the cluster common disk (cluster_root, cluster_usr and cluster_var). The following example assumes that the cloned disks are the exact same size as original. If they were not, you would use disklabel -e in place of disklabel -R to write customized partition table. The size of each partition uses for the alternative cluster common disk should be greater than or equal to the original cluster common disk.
# # # # mkfdmn -o -r /dev/disk/dsk100a alt_root1_domain mkfset alt_root1_domain root mount alt_root1_domain#root /clone/cluster/members/member1/boot_partition vdump -0f - /cluster/members/member1/boot_partition |vrestore -xf - -D \ /clone/cluster/members/member1/boot_partition # /usr/sbin/cluster/clu_partmgr -v dsk1 > /tmp/clu_bdmgr.conf.alt-m1 Modify the clu_bd_mgr.conf.alt-m1 file to reflect the new cluster_root disk (/dev/ disk/dsk102a). No other fields should be changed.
NOTE: You should disregard the line in the script that tells you not to edit a file. The following list shows the file as it appears and what you should change it to: • Original DO NOT EDIT THIS FILE ::TYP:m:CFS:/dev/disk/dsk2a:LSM:1:: • Make this revision DO NOT EDIT THIS FILE ::TYP:m:CFS:/dev/disk/dsk102a:LSM:1:: Enter the clu_partmgr command as follows: # /usr/sbin/cluster/clu_partmgr -m /tmp/clu_bdmgr.conf.alt-m2 dsk101 # Member2 5.
/dev/disk/dsk101h: block special (19/818) # file /dev/disk/dsk103h /dev/disk/dsk103h: <-- H parition of alternative qdisk block special (19/802) # file /dev/disk/dsk102a /dev/disk/dsk102a: <-- alternative cluster_root partition block special (19/723) NOTE: Write down major and minor numbers, you will need them to update the member specific sysconfigtab and update the cnx partition at boot time. • For member1: # cd /clone/cluster/members/member1/boot_partition/etc # cp sysconfigtab sysconfigtab.
Define the alternate/cloned boot member disk using wwidmgr console command for each member: >>> wwidmgr -show wwid >>> wwidmgr -quickset -item x -unit y >>> set bootdef_dev dga1.1001.0.1.2 <--- alternative member1 boot disk Boot each member: >>> boot Installing V5.1B-4 to an Alternate Root (Jan. 2007) To use the dupatch root option to install Version 5.1B-4 to an alternate root path, you must first install the latest patch tools. To do this: 1. Download the Version 5.1-4 kit. 2.
The problem may occur after the initial reboot of the lead cluster member or after the rolling upgrade is completed and the clu_upgrade switch procedure has been run. The following sections describe the steps you can take to prevent the problem or correct it after it occurs. Preventing the problem You can prevent this problem by performing the following steps before beginning the rolling upgrade: 1.
5. Check to see if the problem has been resolved. If it has been resolved, you are finished. If you still see the problem, observe the following warning and continue to step 6. Warning! Continue with the following steps only if the following conditions are met: • You encountered the described problem while doing a rolling upgrade of a cluster running Enhanced Security. • You performed all previous steps. • All user authentications (logins) still fail. 6.
14. Start the prpasswdd daemon on every node in the cluster: # /sbin/init.d/prpasswd start 15. Re-enable logins on the cluster by deleting the file /etc/nologin: # rm /etc/nologin 16. Check to see if the problem has been resolved. If it has not, contact HP support. New Response to Message Suggested (Feb. 2005) Section 2.1.3.6 in the Patch Summary and Release Notes for Patch Kit 4 document says that you can ignore an error message about a missing ladebug.cat file and the warning message that follows.
x sys_attrs_clua.5.gz, 1792 bytes, 4 tape blocks x clua_services.4.gz, 6561 bytes, 13 tape blocks 3. Copy the untarred files to the appropriate reference page directory. For example: # cp clua_services.4.gz /usr/share/man/man4 # cp sys_attrs_clua.5.gz /usr/share/man/man5 After moving the files to the reference page directory, they should be available to your system using the man command. You can then remove the sticky_manpage.tar file and its contents from the /tmp directory. Upgrades from pre-V5.
To download these reference pages, save the file pk4_manpages.tar to a directory of your choice; for example, /tmp. The pk4_manpages.tar file contains all ten reference pages in gzip format. To install them on your system, untar the file and move the gzip files to the appropriate reference page location. The default location on your Tru64 UNIX system is /usr/share/man, which contains subdirectories such as man1, man2, and so on to correspond to the volume of the reference pages.
occurs because the large number of patches, when concatenated on the command line, exceed the shell's arg limit. To work around this problem, temporarily change the sysconfigtab value by entering the following command: # sysconfig -r proc exec_disable_arg_limit=1 You can then continue the command-line patch installation. Multiple sys_check Utility Versions (Nov.
In a future patch kit, these tunable variables will be implemented as kernel subsystem configurable attributes, accessible through the sysconfig command. Patch Kit 2 The following notes pertain to Patch Kit 2. Installation Problem on Cluster Systems Running Patch Kit 1 (Aug. 2003) TruCluster Patch 7.00 will not be installed if you install Patch Kit 2 on a TruCluster system running Patch Kit 1.
You can now add the cluster members you removed and reinstall the hardware you removed, as long as the support for it existed in the pre-patched system. You can also reinstall the patch kit. Actions You Can Take The following list describes several actions you can take, followed by detailed steps for performing those actions: • The best workaround for this problem is to manually make backup copies of the /etc/ dfsc.dat and /etc/dfsl.
To work around this problem, install the software as follows: 1. Perform the upgrade by rolling Version 5.1B and NHD6. Complete the roll, including all clean up steps. 2. Roll NHD6 (again) and Patch Kit 2, making sure you roll NHD6 first. 3. After you invoke ./nhd_install, the following message and prompt will appear: Using kit at /mnt/540 NHD version 542 is already installed Do you really want to install it again (y or n) 4. Enter y followed by a carriage return.
Operating System and Associated Products Updates Netscape Browser No Longer Supported (May 2007) The Netscape Web browser is no longer supported on Tru64 UNIX and updates to it are no longer available on the Tru64 UNIX Web site. Because of potential security threats with the Netscape browser on Tru64 UNIX, HP recommends that you download the latest Firefox browser for Tru64 UNIX. You can find that browser at the following site: http://h30097.www3.hp.com/internet/download.
XEmacs Displays Confusing Message (Sept. 2004) The following message is displayed when starting XEmacs Version 21.4. % emacs Loading Loading Loading Loading xlib-math... xlib-math...done xwem-compat... xwem-compat...done You can ignore this message. Configuring IPsec (Feb.
f. g. 6. 7. 8. If you want to restrict the selector to a specific port number, Enter a port number to match. By default, all port numbers are selected. Select OK to accept the data and close the Add/Modify Selector dialog box. If you are finished adding remote and local addresses, go to step 7. Select Add to add a local IP address selector. Go to step 5a. Select an action to apply to the packets matching the selectors. The default is to apply IPsec protection.
a. b. c. d. e. f. Enter a certificate name, select a certificate encoding method, and enter the local path to the certificate file. If the certificate authenticates your system, select the encoding method and enter the local path to the private key file. If the certificate is trusted to sign other certificates, select CA Certificate. Otherwise, go to step f. If a Certificate Revocation List (CRL) is not available, select No Certificate Revocation List (CRL) Available. Go to step f.
Configuring a Secure Gateway Before configuring IPsec on a router or a gateway, make sure that the system is configured as an IP router. See the Network Administration: Connections manual for information on configuring the system as an IP router. To configure IPsec on a router or gateway, follow these steps: 1. From the SysMan Menu, select Networking→Additional Network Services→Set up IP Security (IPsec) to display the IPsec main window.
a. b. c. Enter the key name. Enter the Security Parameter Index (SPI). Enter keys for the algorithms that are required by the proposals you chose. Select OK to accept the data and close the Manual Keys: Add/Modify IPsec Key dialog box. 10. Select whether you want to apply the key(s) to inbound packets, outbound packets, or both. If you want to specify additional keys, go to step 9. If you are finished specifying manual keys, select Finish. Go to step 20. 11. Select an IKE proposal from the proposal list.
a. b. c. d. e. Select any optional parameters. Select an IKE group number for initial Diffie-Hellman exchanges, if it is different from the IKE proposals. If using Perfect Forward Secrecy (PFS), select a group number future for Diffie-Hellman exchanges. Select a default lifetime if the proposal does not specify a lifetime. Select Finish to accept the data and close the Add/Modify Connection: Optional IKE Parameters dialog box. 20.
The following example shows how to create a module, custom_filter, which filters out a packet if it matches the selected type of service (TOS) field of the IP header: #include #include #include #include #include "sys/errno.h" "net/if.h" "netinet/ip.h" "sys/mbuf.h" "sys/sysconfig.h" char custom_filter_tos = 255; static int debug=0; char custom_filter_version[] = "custom_filter: V1.
printf("custom_filter_configure: returning ESUCCESS\n"); return ESUCCESS; } The rcinet stop inet Command No Longer Stops IPv6 Communications (Jan. 2003) Section 5.4.5 of the Release Notes states that the /usr/sbin/rcinet stop inet command marks all network interfaces as down, and stops IPv6 communications. This problem has been corrected. Issuing this command no longer stops IPv6 communications.
# /sbin/volplex -o rm dis rootvol-02 swapvol-02 vol-dsk6g-02 c. Remove associated disks from LSM control. This is necessary if the root file system is to be mirrored again to this disk: # /sbin/voldg rmdisk root02 swap02 dsk5g-AdvFS dsk5e # /sbin/voldisk rm dsk5a dsk5b dsk5g dsk5e 2. Run the update installation. For example: # /sbin/installupdate /dev/disk/cdrom0c 3. When the installation is completed, do the following: a.
This is most likely to be noticeable when running applications that are sensitive to increased interrupt latencies. In these cases, envmond should be looked at closely as a possible source of performance degradation until further notice (it is possible that future versions of envmond will not use hwmgr). Additionally, users with root access should avoid manually querying the hardware sensors using the hwmgr -get attr command. The envmond daemon runs by default.
Hardware Configuration When operating on a shared bus, jumper J41 must be installed on the system board. This disables the on-board SCSI terminators for that SCSI bus. When not operating on a shared bus, J41 must be removed and all SCSI BIOS parameters must be reset to their default values otherwise unpredictable system behavior may result. See section 4.10.1 of the DS15 Owner's Guide for more information: http://h18002.www1.hp.com/ alphaserver/download/ek-ds150-og-a01-web.
Potential False Temperature Error Condition on AlphaServer DS10, DS10L, and TS10 Systems (Feb. 2004) A sensor error can potentially indicate a false over-temperature condition on AlphaServer DS10, DS10L, and TS10 systems. While the sensor accurately reports the temperature, it falsely reports the high temperature threshold.
To ensure that this time loss does not occur, do not use the following commands: # hwmgr -view devices # hwmgr -view hierarchy In addition, you must configure your system so that the Environmental Monitoring daemon does not start when the system boots. Follow these steps to reconfigure your system: • Edit the /rtc/rc.
Compact Disk Drive Errors Logged (Jan. 2003) The TEAC CDR-W 416E drive that is shipped with the AlphaServer system will log errors on reboot if the CD-ROM media is not present. These messages are only informational. Presence of Third-Party Devices May Cause System Panic (Jan. 2003) The ATM 3X-DAPBA-FA/UA driver may experience a panic on shutdown if third-party devices are installed. Repeated Reboots May Cause Panic (Jan.
device name is dsk5, use the /sbin/hwmgr command to delete the old database entries for each device. Specify the former HWID for a device as shown in the following example: # /sbin/hwmgr delete component -id 25 b. After the component is removed, you can delete the kernel's record of its device special files as follows: # /sbin/dsfmgr -R hwid 25 -dsk0a -dsk0b -dsk0c -dsk0d ... dsk0h c.
Do Not Edit .sme Files (Jan. 2007) The sms.sme(4) reference page description says that the base.sme and clu.sme files should be edited. In fact, you should not edit any .sme file. Maximum Block Size in vdump Is 64 KB (Jan. 2007) The vdump and vrestore commands were tuned to disallow block sizes greater than 64 KB blocks. Therefore the description of the -b option in the vdump(8) reference page should say “Specifies the number of 1024-byte blocks per record in the saveset.
This statement is true only for local file systems such as UFS or AdvFS. However, data corruption can occur when separate processes use fopen to access file systems that are NFS-mounted (or through any other form of remote mount). Stype Parameter Not Documented in ddr_config(8) (Oct. 2006) The ddr_config Stype parameter is not documented in the help text (using ddr_config h) or in the ddr_config(8) reference page.
disklabel(8) Correction (Feb. 2003) The following definition of the output from the disklabel command is missing from some versions of the disklabel(8) reference page: An asterisk (*) is sometimes shown in the output from the disklabel command, under the column headed cylinders grouped for a partition (cpg). This asterisk indicates that the start or the end of a cylinder does not fall exactly on a block boundary. dxshutdown(8) Correction (Feb. 2003 Since the release of Tru64 UNIX Version 5.
reserved component names. The following table lists the reserved component names used by EVM: Component Name Following Value Comments _catname Processor set category The name of the processor set managed category that was created or removed. _hostname System host name The system host name, referred to by the event, which may not be the posting host. _hwcomponent Hardware component The name of the hardware component that has undergone a state change.
import-id: 0.1 flags: copies: nconfig=default nlog=default config: seqno=0.1171 permlen=2993 free=2987 templen=4 loglen=453 config disk dsk2 copy 1 len=2993 state=clean online config disk dsk3 copy 1 len=2993 state=clean online log disk dsk2 copy 1 len=453 log disk dsk3 copy 1 len=453 The output from this example shows that the configuration database length is 2993. The private region size for the disks in this example is the default size of 4096.
For example, assume the AdvFS domain uses disk dsk25c, which is a single hardware RAID volume. To extend the capacity of the disk, create a concatset from it and another single hardware RAID volume, as shown in the following example: HSG80> show disks 1 Name Type Port Targ Lun Used by -----------------------------------------------------------------------------DISK10000 disk 1 0 0 DELI-5.1A DISK10100 disk 1 1 0 SPARESET 2 DISK10200 disk 1 2 0 D8 DISK20000 disk 2 0 0 DELI-5.
5. Write the edited disk label back to the hardware RAID volume: # disklabel -R dskN /tmp/label For example: # disklabel -R dsk25 /tmp/dsk25MOD 6. Optionally, display the size of the domain before extending it: # showfdmn domain For example, for a domain called clinical_trials, enter: # showfdmn clinical_trials Id 3e8ca76d.040d38c8 Vol 1L 7.
Correction to Configuration Cloning Restrictions (Nov. 2002) In Section 7.4 of the Installation Guide — Advanced Topics, the second bullet explains that software patches are not cloned. There are typographical errors in the procedure to use if your model system has already been patched; the -f option is incorrect and should be -force. The following is the corrected text: • Software patches are not cloned.
Book on Protecting Against Spoofing Attacks Available (Oct. 2002) Protecting Your System Against File Name Spoofing Attacks is an engineering practices document that describes how to address the problem of name space collisions (spoofing, or symlink attacks) by using system administration tools and safe coding practices in local scripts and programs. The engineering practices described in the document focus on writing safe, privileged code and scripts.
