UNIX Administration A Comprehensive Sourcebook for Effective Systems and Network Management © 2002 by CRC Press LLC INTERNET and COMMUNICATIONS This new book series presents the latest research and technological developments in the field of internet and multimedia systems and applications We remain committed to publishing high-quality reference and technical books written by experts in the field If you are interested in writing, editing, or contributing to a volume in this series, or if you have suggestions for needed books, please contact Dr Borko Furht at the following address: Dr Borko Furht, Director Multimedia Laboratory Department of Computer Science and Engineering Florida Atlantic University 777 Glades Road Boca Raton, FL 33431 U.S.A E-mail: borko@cse.fau.edu © 2002 by CRC Press LLC UNIX Administration A Comprehensive Sourcebook for Effective Systems and Network Management Bozidar Levi CRC PR E S S Boca Raton London New York Washington, D.C © 2002 by CRC Press LLC 1351disclaimer Page Thursday, April 18, 2002 1:56 PM Library of Congress Cataloging-in-Publication Data Levi, Bozidar UNIX administration : a comprehensive sourcebook for effective systems and network management / by Bozidar Levi p cm (Internet and data comunications series Includes bibliographical references and index ISBN 0-8493-1351-1 (alk paper) Operating systems (Computers) 2.UNIX System V (Computer file) I Title II Series QA76.76.O63 L4853 2002 005.4’82—dc21 2002017438 CIP This book contains information obtained from authentic and highly regarded sources Reprinted material is quoted with permission, and sources are indicated A wide variety of references are listed Reasonable efforts have been made to publish reliable data and information, but the author and the publisher cannot assume responsibility for the validity of all materials or for the consequences of their use Neither this book nor any part may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, microfilming, and recording, or by any information storage or retrieval system, without prior permission in writing from the publisher The consent of CRC Press LLC does not extend to copying for general distribution, for promotion, for creating new works, or for resale Specific permission must be obtained in writing from CRC Press LLC for such copying Direct all inquiries to CRC Press LLC, 2000 N.W Corporate Blvd., Boca Raton, Florida 33431 Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation, without intent to infringe Visit the CRC Press Web site at www.crcpress.com © 2002 by CRC Press LLC No claim to original U.S Government works International Standard Book Number 0-8493-1351-1 Library of Congress Card Number 2002017438 Printed in the United States of America Printed on acid-free paper © 2002 by CRC Press LLC TOC.fm Page v Thursday, April 18, 2002 7:02 PM Preface Unix Administration: A Comprehensive Sourcebook for Effective Systems and Network Management attempts to make UNIX essential and network administrative topics more accessible to a wide audience, including both academic and professional users The selected book title fully reflects this idea: to present UNIX administration in a comprehensive way and enable effective systems and network management based on the presented text To achieve this goal, the book gives equal weight to UNIX systems and network concepts and their practical implementations During the many years that I have worked as a computer hardware designer and programmer, and most recently as a UNIX administrator, I have tackled many practical UNIX and network problems Working for different employers, I faced real-life situations in an academic environment, in the financial industry and the retail industry, and on the Internet At the same time, while teaching at New York University and Columbia University, I met many novices in this field and learned an optimal and quick way to teach UNIX administration This accumulated knowledge and experience have helped me to select UNIX topics that are of the utmost relevance to successful administration, and those topics served as the basis for this book Some additional UNIX topics, significant from a historical point of view, or necessary for an overall presentation of UNIX administration, are also included In concert, they create a logical and comprehensive text, easy to read and follow It is impossible to say that everything existing in the UNIX administration arena is covered here — it would be impossible to put it all in a single book However, the principal and most important UNIX administrative topics that make a complete UNIX administration environment and a sufficient base for overall UNIX management are fully explored UNIX was developed in two different environments: academic and industrial Consequently, two main UNIX platforms, Berkeley UNIX (also known as Berkeley Software Distribution — BSD UNIX) and System V UNIX (also known as AT&T UNIX) have emerged Both platforms have coexisted for many years, continuing to develop and promote UNIX Simultaneously, many vendors started to develop their own UNIX flavors by trying to adopt the best from the two main platforms Today we see a number of vendorspecific UNIX flavors, all based on these two main platforms In most cases, it is even difficult to evaluate which platform is prevailing — each flavor is simply a hybrid of both platforms, often bringing something new and specific to the UNIX market However, upon looking further at specific UNIX segments — for example, file system management, printing, accounting, etc — one is more easily able to describe them as mostly Berkeleylike, or System V-like Networking, which appeared later, at a time when UNIX had already developed into quite a mature product, merged very efficiently into both UNIX platforms and virtually eliminated their differences in the network area The TCP/IP protocols became a network standard, while UNIX provided the main underlying layer of core network services The net effect was that UNIX network administration is more or less uniform among many existing UNIX flavors, although far from identical Differences in kernels, available commands, and some other details make a difference in some cases This book basically follows a historical UNIX path, i.e., it addresses UNIX administration with an eye to the two main UNIX platforms, Berkeley and System V For easier conceptual understanding of administrative topics, Berkeley UNIX seems more convenient This is © 2002 by CRC Press LLC TOC.fm Page vi Thursday, April 18, 2002 7:02 PM probably the case, because it was primarily developed in academia By following that pattern for each individual UNIX topic, the Berkeley platform is discussed first and afterward its System V counterpart A practical implementation of a specific UNIX topic is accomplished through many real-life examples from different vendor-specific UNIX flavors Now, at the start of a new millennium, Solaris, HP-UX, Linux, and AIX and SGI IRIX are the most dominant flavors, and thus, this book mainly addresses them SunOS, as a dominant UNIX flavor for many years, is also occasionally quoted, especially because SunOS is a typical representive of Berkeley UNIX, and is still widely in use In combination, the book is an instrumental source of the information needed to learn UNIX administration and efficiently perform the most essential and network-related UNIX administrative tasks This book presents a reliable UNIX administration reference book for practical UNIX implementation However, it could be easily used for educational purposes, as a textbook, due to its education-related organization, conceptual clarifications, as well as an appropriate selection of administrative topics Not many books of this kind are on the market that are so diverse and detailed oriented at the same time Many practical examples and specific administrative procedures, logically connected to theoretical issues, strongly support the educational significance of this book UNIX Administration Sourcebook started as handouts prepared for the course "UNIX System Administration" at NYU’s School of Continuous and Professional Studies and has been in full use for quite some time with very encouraging feedback from students During this time, a number of text improvements and updates have been made, until this version was reached UNIX is changing continually (supposedly always better) and this text presents an up-to-date version organized in a logical and comprehensive way It can be easily used by beginners, as well as experienced administrators There are many books related to UNIX systems and network administration, and they all contribute to this complex arena in some way This book contains elements that make it different from others: • The comprehensive organization and presentation of the text • The condensed explanation of concepts and their practical implementations • The inclusion of both UNIX systems and network administration, in full detail • The choice of crucial administrative topics and their full coverage • The discussion of the most common UNIX flavors • The text is self-sufficient for successful administration on a daily basis • The coverage of all basic and many advanced UNIX administrative topics • The coverage of X window system, a complex administrative topic almost always excluded from UNIX administration books • Up-to-date text with coverage of the latest main UNIX flavors and releases • Usefulness as a reference book as well as a textbook • A careful selection of relevant examples based on many years of professional experience in this field • And last but not least, many years use of the initial book text in a handout form demonstrates high usability of the text by students and professionals The book consists of four parts: UNIX Administration, Network Administration, Supplemental UNIX Topics, and Case Studies A total of 82 figures fully support the existing text Such an organization is logical, comprehensive, and easy to read © 2002 by CRC Press LLC TOC.fm Page vii Thursday, April 18, 2002 7:02 PM UNIX Administration covers essential UNIX administration and contains 13 chapters The first three chapters are an introduction to the UNIX operating system, an overview of a certain number of selected UNIX topics important for the administration, and an overview of the UNIX administration itself The remaining chapters cover UNIX system startup and shutdown, detailed UNIX filesystem management and layout, user account management and system security, logging and printing subsystems, terminals, system backup and recovery, and time-related UNIX facilities In combination they provide sufficient material for a successful “out-of-network” UNIX administration, which can also be called stand-alone UNIX administration Network Administration covers network-related UNIX administration and contains eight chapters The first two chapters present an introduction to networking and, more specifically, to TCP/IP networks Other chapters cover the main network services: domain name system (DNS), network information system (NIS), network filesystem (NFS), UNIX remote commands and secure shell, electronic mail, and the most common network applications such as telnet and ftp Selected network topics present core network services with which each networked UNIX system has to comply Supplemental UNIX Topics covers several more subjects, which, by implementing certain criteria, make UNIX administration complete These administrative topics are often handled separately, out of basic UNIX administration Four chapters include X window system, kernel reconfiguration, modems and related UNIX facilities, and intranet technologies X windowing, with its quite complex administration, is almost always handled separately, as well as most of the advanced intranet technologies Finally, Case Studies are presented in three chapters on subjects extremely important to practical UNIX implementation: UNIX installation, disk space upgrade, and several emergency situations that every UNIX administrator should expect to face at some point Most administrators have experienced a need to bypass a “forgotten root password,” and while this routine bypassing task varies among different flavors, the general hints presented can be helpful in any case Finally, I would like to point out that during many years of active UNIX administration, I was always thinking how nice it would be to have a single book in front of me, which together with standard UNIX online documentation (UNIX manual pages) would be sufficient for effective usual daily systems and network management This book is a response to that idea Dr Bozidar Levi New York City October 2001 © 2002 by CRC Press LLC TOC.fm Page ix Thursday, April 18, 2002 7:02 PM About the Author Dr Bozidar Levi is an electronics engineer by education, a hardware designer and programmer by evocation, and an UNIX administration expert by profession He received his education at the University of Belgrade, Yugoslavia, and was awarded B.S., M.S., and Ph.D degrees in electronics and computer science Dr Levi joined Belgrade’s Pupin Institute and had a successful career path from a junior associate to a top senior scientist, dealing with many challenging projects — mostly as a project leader A majority of the devices and equipment he designed are still operational worldwide UNIX was a logical continuation of Dr Levi’s rich and extensive IT background He has focused with enthusiasm and strength on system and network administration issues Again, Dr Levi made a full circle by working in academia (Hunter College of the City University of New York), in the financial industry (New York Stock Exchange), retail industry (J Crew), and currently the Internet (Linkshare Corporation) Such a wide working range has resulted in accumulated administrative expertise and experience Dr Levi has also fully exercised his educational mission: first by teaching at the University of Belgrade, and now at Columbia and New York University His teaching has always been a rational balance between theory and practice, with strong emphasis on reallife problems Many of his former students are employed as IT professionals in various industrial and non-industrial segments nationwide UNIX Administration: A Comprehensive Sourcebook for Effective Systems and Network Management is an extended and updated version of his UNIX administration course syllabi, which are appreciated and highly rated by his students The book merges the required theoretical background with the practical needs for a successful UNIX administration in almost any environment Dr Levi has also appeared as an author or co-author in more than 60 published and presented articles and papers and has received several awards for excellence and achievement © 2002 by CRC Press LLC TOC.fm Page xi Thursday, April 18, 2002 7:02 PM Contents Section I UNIX Administration UNIX — Introductory Notes 1.1 UNIX Operating System 1.2 User’s View of UNIX 1.3 The History of UNIX 1.3.1 Berkeley Standard Distribution — BSD UNIX 1.3.2 System V or ATT UNIX 1.4 UNIX System and Network Administration 1.4.1 System Administrator’s Job 1.4.2 Computing Policies 1.4.3 Administration Guidelines 1.4.3.1 Legal Acts 1.4.3.2 Code of Ethics 1.4.3.3 Organizations 1.4.3.4 Standardization 1.4.4 In This Book The UNIX Model — Selected Topics 2.1 Introduction 2.2 Files 2.2.1 File Ownership 2.2.2 File Protection/File Access 2.2.2.1 Access Classes 2.2.2.2 Setting a File Protection 2.2.2.3 Default File Mode 2.2.2.4 Additional Access Modes 2.2.3 Access Control Lists (ACLs) 2.2.4 File Types 2.2.4.1 Plain (Regular) File 2.2.4.2 Directory 2.2.4.3 Special Device File 2.2.4.4 Link 2.2.4.5 Socket 2.2.4.6 Named Pipe 2.2.4.7 Conclusion 2.3 Devices and Special Device Files 2.3.1 Special File Names 2.3.2 Special File Creation 2.4 Processes 2.4.1 Process Parameters 2.4.1.1 Process Types 2.4.1.2 Process Attributes © 2002 by CRC Press LLC The ten remaining disks will be placed into the volume group vg01, and new logical volumes will be created Please note that HP-UX LVM supports RAID0 (striping) or RAID1 (mirroring) only RAID0+1 is not supported; however, there is a tricky way to accomplish RAID0 + (which is not recommended) The implementation of striping and mirroring separately follows: • Create (initialize) physical volume for each of the ten disks: pvcreate /dev/rdsk/c0t1d0 pvcreate /dev/rdsk/c0t2d0 pvcreate /dev/rdsk/c1t4d0 pvcreate /dev/rdsk/c1t5d0 • Create the special device file for the volume group vg01: mkdir /dev/vg01 chmod 755 /dev/vg01 mknod /dev/vg01/group c 64 0ì010000 chmod 640 /dev/vg01/group ã Create the volume group vg01: vgcreate /dev/vg01 /dev/dsk/c0t1d0 vgextend /dev/vg01 /dev/dsk/c0t2d0 vgextend /dev/vg01 /dev/dsk/c1t4d0 vgextend /dev/vg01 /dev/dsk/c1t5d0 • Check the created volume group: vgdisplay -v /dev/vg01 To make the 3.8 GB mirrored logical volume lvol4 (supposing GB disks): • Create the 1.9 GB logical volume lvol4 on the first available disk /dev/dsk/ c0t0d0: lvcreate -n lvol4 -M n -C y -L 1900 /dev/vg01 • Increase the logical volume size of the next disk /dev/dsk/c0t2d0: • Mirror to disks /dev/dsk/c1t1d0 and /dev/dsk/c1t2d0: lvextend -L 3800 /dev/vg01/lvol4 /dev/dsk/c0t2d0 lvextend -m /dev/vg01/lvol4 /dev/dsk/c1t1d0 /dev/dsk/c1t2d0 • Check physical volume layout: pvdisplay -v /dev/dsk/c0t1d0 pvdisplay -v /dev/dsk/c0t2d0 pvdisplay -v /dev/dsk/c1t1d0 pvdisplay -v /dev/dsk/c1t2d0 To make a journaled (VxFS) filesystem: • Create VxFS filesystem: newfs -F vxfs /dev/vg01/rvol4 • Mount the new filesystem: mkdir /mntvol4 mount /dev/vg01/lvol4 /mntvol4 • Modify the /etc/fstab file; add the entry: /dev/vg01/lvol4 /mntvol4 vxfs delaylog, datainlog,rw,suid To make GB striped logical volume lvol5 across the six remaining disks: • Create the logical volume (LVM will select all disks): lvcreate -n lvol5 -i -I /dev/vg01 • Check physical volume layout: pvdisplay -v /dev/dsk/c0t3d0 pvdisplay -v /dev/dsk/c0t4d0 pvdisplay -v /dev/dsk/c0t5d0 pvdisplay -v /dev/dsk/c1t3d0 pvdisplay -v /dev/dsk/c1t4d0 pvdisplay -v /dev/dsk/c1t5d0 • Create VxFS filesystem: • Mount the new filesystem: newfs -F vxfs /dev/vg01/rvol5 mkdir /mntvol5 mount /dev/vg01/lvol5 /mntvol5 • Modify the /etc/fstab file; add the entry: /dev/vg01/lvol5 /mntvol5 vxfs delaylog, datainlog,rw,suid The remaining disk space can be managed in a similar way 27.2.2 LVM on the Solaris Platform For Solaris, VxVM is optional software; the standard OS installation uses disk partitions Let us suppose that the OS was installed on two disk partitions (this is one of the possible outputs of the installation program): Partition Mount Directory Description c0t0d0s0 c0t0d0s1 / kernel swap To prepare the root and swap mirrored volumes: • Encapsulate the existing root and swap disk and create the mandatory default disk group “rootdg” and the root and swap volumes: vxencap -g rootdg -c btd01=c0t0d0 • Initialize and add a new disk into the disk group “rootdg”: vxdisksetup -i c1t0d0 vxdg -g rootdg adddisk btd02=c1t0d0 • Mirror the root and swap volumes: vxrootmir btd02 vxassist mirror swapvol layout =contig,diskalign btd02 • or alternatively: vxassist mirror rootvol layout =contig,diskalign btd02 vxbootsetup $V_opt btd02 vxassist mirror swapvol layout =contig,diskalign btd02 • Modify EEPROM variables to make the system bootable from the alternate disk: eeprom use-nvramrc ?=true eeprom nvramrc =“devalias vx-btd02 hwpath_for_c1t0d0” eeprom boot-device =“disk vx-btd02” The ten remaining disks will be placed into the disk group “appldg” and the new RAID0+1 volume will be created VxVM supports RAID0+1 • Initialize remaining disks: vxdisksetup -i c0t1d0 vxdisksetup -i c0t2d0 vxdisksetup -i c1t4d0 vxdisksetup -i c1t5d0 • Create a new disk group with the first disk: vxdg init appldg apd01=c0t1d0 • Add the other disks into the group: vxdg -g appldg adddisk apd02=c0t2do vxdg -g appldg adddisk apd03=c0t3do vxdg -g appldg adddisk apd09=c1t4do vxdg -g appldg adddisk apd10=c1t5do • Create the striped volume applvol of the maximum size (RAID0), across five VM disks (supposing Bourne or Korn shell): MAX = Ժvxassist -g appldg -U fsgen -p maxsize layout= stripe,nolog,nstripe=5 \ stripeunit= 128 apd01 apd02 apd03 apd04 apd05Ժ vxassist -g appldg -U fsgen make applvol $MAX layout= stripe,nolog,nstripe=5 \ stripeunit= 128 apd01 apd02 apd03 apd04 apd05 • Mirror the created volume applvol (RAID0), across five remaining VM disks (RAID + 1): vxassist -g appldg mirror applvol layout= stripe apd06 apd07 apd08 apd09 apd10 28 UNIX Emergency Situations 28.1 Introductory Notes UNIX systems run and behave very stably, especially if they are properly configured for their missions Unfortunately, unpredicted and unwanted situations occur A UNIX system, as any other computer system, can experience different problems giving quite a hard time to UNIX administrators It is very important to be ready to handle such events This chapter describes several procedures to overcome certain emergency situations It is very instructive in the sense of what to if something similar happens Although the illustrated examples are related to Solaris and HP-UX flavors, they could also provide hints on how to approach the same problems on other UNIX platforms In the first part, the problem of forgotten root password is addressed; more or less every UNIX administrator faces the same problem during the professional carrier The second part describes some other cases when a recovery action is required, or at least preparedness for such an action is supposed All presented examples are fully documented 28.2 Lost Root Password Almost all UNIX administrators during their professional careers face the problem of a “lost root password;” occasionally a root password for some of the existing UNIX systems drops out of our control, and we are no longer able to administer that system In a network with several hundred UNIX boxes, administered by dozens of UNIX administrators, it is not so unusual to find a “forgotten” system that nobody has taken care of lately How it happened, and why it has happened, is another issue; the fact is that a superuser access to this very system is not possible, and we desperately need it UNIX predicts such situations, and each UNIX flavor does have a procedure to solve them The forgotten password can never be recreated — it can only be replaced with a new password However, UNIX allows the change of a password only if the old password is previously submitted as a proof of an authorized password replacement Obviously, at the moment we are not able to fulfill this requirement So the solution is to purge the encrypted root password in the /etc/passwd file or /etc/shadow file, where encrypted passwords are normally kept For this action the UNIX system has to be brought in the single-user mode Two examples follow 28.2.1 Solaris and Lost Root Password This paragraph describes the emergency procedure to change the root password on Solaris 2.X platform if the root password was lost (forgotten) When root access to the system is not possible, the usual procedures to change a password by using the command passwd, or to bring the system into “single-user” mode cannot be implemented The emergency procedure requires the Solaris 2.X OS Installation CD disk Start Solaris 2.X from CD in single-user mode Put Solaris 2.6 Software CD in the CD drive ok > boot cdrom -s At this point the Mini OS — single-user mode — from CD is loaded into memory Mount root filesystem to /a mount point — this directory already exists for this purpose, although another mount point could also be created: mount /dev/dsk/c0t3d0s0 /a (this is an example –— here the corresponding device file for the root partition must be used) Set a terminal for easy editing: TERM = vt100 export TERM Purge encrypted root password from “shadow” file: $ cd /a/etc $ vi shadow (delete encrypted password from the root password entry — leave the field blank) At this point, the old lost root password is removed and the root access to the system is possible; there is no password at all, and the system should be disconnected from the network to prevent potential intruders Reboot the system: $ reboot Set/change the root password: $ passwd This step may be used if there is some booting problem with the boot disk Upon booting to singleuser mode from CD, run fsck on the root partition $ fsck /dev/rdsk/c0t3d0s0 (use the corresponding device file for the root partition) 28.2.2 HP-UX and Lost Root Password To change a lost (forgotten) root password, the system must be brought into the single-user mode Since a system reboot requires the root password, the only possible way is to poweroff the system (a system halt also requires the root password), with an unavoidable risk for a filesystem corruption Once it is down, the procedure is: Power-on the system Follow messages on the console Pay attention to the message: “To discontinue press any key within 10 seconds…,” hit any key At main menu prompt enter: Main Menu: Enter command or menu > boot Respond to the question: Interact with IPL (Y or N)? > y booting… At ISL prompt enter: ISL > hpux -is The system continues booting and enters the SINGLE USER mode Purge the encrypted root password from /etc/shadow file Reboot the system into the multi-user mode: $ shutdown -r Change the root password: $ passwd 28.3 Some Special Administrative Situations A few practical examples of how to handle system emergency situations are described here They illustrate very important and difficult administrative tasks related to potential system disasters and their later recovery The good system administrator should be prepared to respond appropriately to the worst-case system scenarios 28.3.1 Solaris Procedure to Create an Alternate Boot Partition The purpose of an alternate boot partition is to enable the system booting in case the OS on the primary partition is corrupt Booting from an alternate partition provides a minimal core OS configuration; however, it should be sufficient to fix the primary root filesystem The primary root filesystem is mounted in “/ root” directory, or if it is mirrored in /boot1 and /boot2 directories (two root partitions from two disks that are mirrored.) To boot the system from an alternate partition, the alternate partition must be specified in the system’s NVRAM for an easy booting (otherwise a hardware path should be specified) Supposed names are: “altboot”, or “altboot1” and “altboot2” for multiple alternate boot partitions To boot from an alternate partition (for example “altboot”) type: ok > boot altboot To reboot the system with an alternate boot partition, type: # reboot altboot The detailed procedure to install Solaris 2.6 into an alternate partition follows: Put Solaris 2.6 Software CD in the drive ok > boot cdrom At this point Mini OS from the CD is loaded into memory and minimal required root filesystem mounted in /tmp Select a Locale 0) USA - English (ASCII only) Type a number and press Return or Enter [0]: What type of terminal are you using? 1) ANSI Standard CRT 2) DEC VT52 3) DEC VT100 Type the number of your choice and press Return: The Solaris Installation Program Select F2_Continue At this point if function keys not work, press < Esc > , and then < Esc-2 > instead of < F2 > and ( < Esc-6 > instead < F6 > ) Identify This System Select F2_Continue Host Name Enter a corresponding hostname Select F2_Continue Network Connectivity Networked [X] Yes [ ] No Select F2_Continue IP Address Enter a corresponding IP address (permanent or temporary) Select F2_Continue Primary Network Interface If there are multiple network interfaces, you will be asked for: Select network interface hme (or whatever…) [X] hme0 [ ] kme Select F2_Continue 10 Confirm Information Select F2_Continue 11 Name Service [ ] NIS+ [ ] NIS (formerly yp) [X] Other [ ] None Select F2_Continue 12 Subnets System part of a subnet [X] Yes [ ] No Select F2_Continue 13 Netmask Netmask: 255.255.255.0 Select F2_Continue 14 Time Zone [X] United States Select F2_Continue [X] Eastern Select F2_Continue 15 Date and Time Set date and time Select F2_Continue 16 Confirm Information Select F2_Continue At this point, system identification is completed, and the Solaris Installation Program is started 17 Solaris Interactive Installation Select F4_Initial Select F2_Continue 18 Allocate Client Services? Select F2_Continue 19 Select Software Note: Select “Core System Support” [ ] Entire Distribution plus OEM support 838.00 MB [ ] Entire Distribution 831.00 MB [ ] Developer System Support 764.00 MB [ ] End User System Support 504.00 MB [X] Core System Support 309.00 MB Select F2_Continue 20 Select Disks Note: Select a corresponding disk where an alternate boot partition resides (for example) Disk Device (Size) [ ] c0t0d0 (8633 MB) [ ] c2t0d0 (4092 MB) [ ] c2t1d0 (8633 MB) [ ] c2t2d0 (8633 MB) [X] c3t0d0 (4092 MB) boot disk [ ] c3t1d0 (8633 MB) [ ] c3t2d0 (8633 MB) Total Selected: Suggested Minimum: Select F2_Continue Available Space 8633 MB 4092 MB 8633 MB 8633 MB 4092 MB 8633 MB 8633 MB 4092 MB 838 MB 21 Preserve Data? This is the crucial step! Root partition must be preserved; to preserve the partition it must be renamed from “/” to “/ root” (or “/ root1”) /altboot partition should be renamed to “/” to install OS in it Mark (set X) “/root” and “swap” to be preserved (although swap is not important); “overlap” (whole disk) is already marked! Select F2_Continue 22 Automatically Layout File Systems? Select F4_Manual Layout 23 File System and Disk Layout At this point a disk layout is displayed Pay attention that /root partition must be preserved! Select F2_Continue 24 Mount Remote File Systems? Select F2_Continue 25 Profile At this point an installation profile is displayed! Select F2_Continue A warning message about remaining free disk space could be ignored! 26 Reboot After Installation? [X] Auto Reboot [ ] Manual Reboot Select F2_Begin Installation The installation of the OS core is relatively quick You will be informed about the installation status during this time Do not set the root password when asked for (upon the automatic reboot) — just hit Return twice NOTE: Do not assume that the system modifies NVRAM to boot from this partition permanently! All required modifications will be done manually 27 Log in to the system and set a workable environment 28 Set NVRAM For the proper system booting from the alternate boot partition the NVRAM must be modified in the following way: Check the contents of following NVRAM locations: “use-nvramrc?” and “nvramrc.” Type: “eeprom” If needed, modify: eeprom use-nvramc? = true eeprom nvramrc = “…whatever was written… devalias altboot hw_path_for_this_disk:d” where “hw_path_for_this_disk” must be properly specified! 29 Test everything by rebooting the system with the primary and the alternate boot partition For primary partition type: reboot or: halt For alternate partition type: or: 28.3.2 ok > boot reboot altboot halt ok > boot altboot Solaris Recovery of the Failed Mirrored Boot Disk The following procedure refers to the Solaris system recovery when one of the mirrored boot disks fails, and the implemented Disk Manager is “DiskSuite 4.1.” The procedure itself is sufficiently general for many different hardware configurations The tested configuration consisted of two SCSI disks: c0t3do - > prime boot disk c0t1d0 - > mirrored disk The test included removal of the prime boot disk, and the system power recycling Afterward, the disk was returned into the system root (/) mirror d10 - > d11 (c0t3d0s0) & d12 (c0t1d0s0) swap mirror d20 - > d21 (c0t3d0s1) & d22 (c0t1d0s1) /altboot (ufs) mirror d30 - > d31 (c0t3d0s3) & d32 (c0t1d0s3) dedicated partitions (slices) c0t3d0s7 and c0t1d0s7 are used for metadevice database replicas (each for three replicas) The system was shut down, and the prime boot disk taken out The system was rebooted again with a single disk (mirrored boot disk) A number of warning and error messages were displayed during the system startup (mostly related to the “read-only or missing files”) The system has required maintenance - > single-user mode! The System Recovery Bring the system into the single-user mode, enter the root password Remove metadevice db replicas from the “broken” disk (the quotes are used because the disk was not really broken!): cd /usr/opt/SUNWmd/sbin Check the current status — should be six replicas: / metadb Remove replicas: / metadb -d c0t3dos7 Check again — should be three replicas: / metadb Unmirror (detach) all mirrors — must be done forcibly: $ > metadetach -f d10 d11 d10: Submirror d11 is detached $ > metadetach -f d20 d21 d20: Submirror d21 is detached $ > metadetach -f d30 d31 d30: Submirror d31 is detached Keep in mind that concats/submirrors d11, d21, and d31 belong to the “broken” disk — prime root disk (c0t3d0); otherwise should be d12, d22, and d32 Reboot the system, type: reboot The system should boot into multiuser mode with a single disk; everything appears to be correct Log in as root To check the status: metastat The concats/submirrors from the broken disk (in this case d11, d21, and d31) need maintenance Reinstall the disk Power-off the system $ > poweroff or $ > halt ok power-off Return (reinstall) the disk and power-on the system Recreate database replicas Log in as root Check the current status — should be three replicas: metadb Add three more replicas for the returned disk: metadb -a -c c0t3dos7 Check again — should be six replicas: metadb Check the status of metadevices: metastat Reboot the system: reboot disk1 Remirror disks Check the status of db replicas: metadb Mirror (reattach) concats/submirrors: $ > metattach d10 d11 d10: Submirror d11 is attached $ > metattach d20 d21 d20: Submirror d21 is attached $ > metattach d30 d31 d30: Submirror d31 is attached Check for completion of mirroring (recycling) To check the status of mirroring (recycling) type: metastat Reboot the system when recycling is complete: reboot Disk Replacement — If the mirrored disk is broken, this disk must be replaced (this is the most probable case), and the new empty disk must be prepared for mirroring Supposing three partitions with root filesystem “/”, swap, and additional filesystem /altboot, the procedure to replace and remirror the disk is: Partition the disk c0t3d0 to match the boot disk c0t1d0 Use format utility Type: format Select the boot disk: c0t1d0 Type: partition ( “p” is sufficient) Type: print ( “p” is sufficient) to see current root partitioning Type: quit ( “q” is sufficient) Type: disk to select the new disk “c0t3d0” Type: partition Create all partitions as on the root disk Type: label to save a new partitioning table into the disk Ready to label disk, continue? y Create “state database replicas” in a new disk (pay attention to identify the partition/slice “s7”): metadb -a -c c0t3d0s7 Three additional db replicas will be created in a dedicated slice “s7” of the new disk To check created db replicas: metadb Reboot the system — type: reboot Mirror root filesystem Create the concat/submirror d11: $ > metainit -f d11 1 c0t3d0s0 d11: Concat/Stripe is setup Attach concat/submirror “d11” to the mirror d10: $ > metattach d10 d11 d10: Submirror d11 is attached Mirroring itself will take awhile! Mirror swap Create the concat/submirror d21: $ > metainit -f d21 1 c0t3d0s1 d21: Concat/Stripe is setup Attach concat/submirror d21 to the mirror d20: $ > metattach d20 d21 d20: Submirror d21 is attached Mirroring itself will take awhile! Mirror /altboot Create the concat/submirror d31: $ > metainit -f d31 1 c0t3d0s3 d31: Concat/Stripe is setup Attach concat/submirror “d31” to the mirror d30: $ > metattach d30 d31 d30: Submirror d31 is attached Mirroring itself will take awhile! Check for completion of mirroring (recycling) To check the status of mirroring (recycling) type: metastat Reboot the system when recycling is complete: reboot 28.3.3 HP-UX Support Disk Usage HP-UX allows system startup from the support CD disk, which can be very convenient for some emergency situations Insert CD “HP-UX Support Disk” into CD drive Power-on the system At main menu prompt enter: Main Menu: Enter command or menu > boot 56/52.2.0 (an example for CD HW path) Respond to the question: Interact with IPL (Y or N)? > y booting… At ISL prompt enter: ISL > 800 Support The system continues booting from the Support CD disk (although some messages refer to Support Tape) … Boot :disk (56/52.2.0:0); ERECOVERY … … Welcome to the HP-UX recovery process! [ Run a Recovery Shell ] [ Cancel and Reboot ] [ Help ] Select and enter: Run a Recovery Shell Respond to the question: Would you like to startup networking at this time? [n] n (or just Enter) Following messages are displayed: HP-UX SUPPORT MEDIA WARNING: YOU ARE SUPERUSER !! NOTE: Commands residing in the RAM-based file system are unsupported ‘mini’ commands These commands are only intended for recovery purposes Loading commands needed for recovery! WARNING: If ANYTHING is changed on a root (/) that is mirrored a “maintenance mode” (HPUX -lm) boot MUST be done in order to force the mirrored disk to be updated At the end, the support main menu is displayed: SUPPORT MEDIA MAIN MENU s Search for a file b Reboot l Load a file r Recover an unbootable HP-UX system x Exit to shell c Instructions on chrooting to lvm /(root) Enter “c” to see “chroot” instuctions: Exit to the shell and run ‘chroot_lvmdisk’ Follow these instructions; enter “x” Support# chroot_lvmdisk Enter the hardware path associated with the ‘/’ (ROOT) file system (example: 56/52.6.0) Enter “56/52.6.0” or “56/52.5.0”, depending on selected boot disk The selected root FS is checked… … Mounting c2t6d0s1lvm to the Support Tape’s /ROOT directory… … Finally the system root FS is mounted onto “/ROOT” 10 To remount the system’s root filesystem, and start Bourne shell, enter: cd /ROOT ; chroot /ROOT /sbin/sh The system’s root filesystem is mounted onto “/” (the “/stand” filesystem is also mounted) Other filesystems could be mounted manually, as well as any UNIX command executed (including a filesystem check) from the command line 11 To return to Support shell, enter exit 12 To return to SUPPORT MEDIA MAIN MENU, enter exit 13 To reboot the system, in the SUPPORT MEDIA MAIN MENU, enter b NOTE: System rebooting… … … Regular rebooting process continues… 28.3.4 HP-UX Procedure to Synchronize a Mirrored Logical Volume The data in a mirrored copy, or copies, of a logical volume could become “out of sync” or “stale” (for example as a result of disk power failure, or a replacement of a disk) In such cases, to reestablish identical data, synchronization must occur This procedure refers to HP9000 Series 700/800 computer systems Automatic Synchronization — When a nonactive volume group is activated, either automatically at boot time or later with the vgchange command, LVM automatically synchronizes the mirrored copies of all logical volumes within the volume group, replacing data in physical extents marked as “stale” with data from “nonstale” extents Otherwise, no automatic synchronization occurs and manual synchronization is necessary LVM also automatically synchronizes mirrored data in the following cases: • When a disk comes back online after experiencing a power failure • When a logical volume is extended by increasing the number of mirror copies; then the newly added physical extents will be synchronized Manual Synchronization Check the status of a logical volume, to see if it contains any stale data: lvdisplay -v /dev/vg02/lvol3 Identify which disk contains the stale physical extents To synchronize manually the data in one or more logical volumes (an example): lvsync /dev/vg02/lvol3 To synchronize manually the data in all logical volumes in one or more volume groups (an example): vgsync /dev/vg02 Disk Replacement Save the volume group configuration data (an example): vgcfgbackup /dev/vg02 By default the configuration data are saved in /etc/lvmconf/vg02.conf Remove the broken disk from the volume group by using (an example): vgreduce /dev/vg02 /dev/dsk/c1t3d0 Physically disconnect and replace the broken disk Restore saved LVM configuration data to the replaced disk (an example): vgchange -a n /dev/vg02 vgcfgrestore -n /dev/vg02 /dev/dsk/c1t3d0 The volume group must be first deactivated, and then configuration data restored from the default backed-up file /etc/vmconf/vg02.conf Reactivate the volume group (an example): vgchange -a y /dev/vg02 Manually synchronize all the extents in the volume group (an example): vgsync /dev/vg02 28.3.5 HP-UX Support Tape and Recovery of Root Disk HP-UX provides a powerful way for recovery of a corrupted or broken root disk A special procedure allows a transfer of the content of the root disk onto the tape, and a creation of the bootable support tape In the critical situations when the root disk is broken or corrupted, the system could be started from the support tape and its content now transferred back to the disk There is no need for OS reinstallation and later root recovery, a previously copied root disk is simply recreated This procedure is described in the following text Pay attention to the specified hardware paths for the root disk and the tape specific to this example The HP-UX specific Support Media Tool COPYUTIL is used The first part describes the procedure to create the support tape, while the second one describes disk recovery The support tape could be a good replacement for mirroring of the root disk Part One — How to Create a Support Tape — The COPYUTIL utility could be found on the SUPPORT CD The system must be booted from the SUPPORT CD to use the COPYUTIL Booting the system from the SUPPORT CD: Log in as root Reboot the system shutdown -r -y Follow messages on the console, until the system displays: To override, press any key within 10 seconds Hit any key! After the message: “Boot terminated,” the main menu will be displayed: Insert SUPPORT CD into CD Drive At the main menu prompt, type: Main Menu: Enter command or menu > boot 10/12/5.2.0 [hardware path for CD Drive] Follow messages and enter corresponding responses: Interact with IPL (Y or N)? > y Booting… ISL > ode ODE > ls to list available utilities ODE > copyutil Since COPYUTIL checked for available devices, a list of all devices found will be displayed Depending on the system hardware configuration, it could be done in two steps: first, the SCSI busses only, and then devices (upon the selection [all]) In this example: T0 10/12/5.0.0 HPC1533A/C1 530B tape drive (internal) D1 10/0.6.0 SEAGATE ST15150W disk drive (root disk) D2 10/0.5.0 SEAGATE ST15150W disk drive (another disk) T 11 10/4/16.3.0 HPC1533A/C 1530B tape drive (external) COPYUTIL > backup root disk Enter the Disk index ([q]/?): internal tape drive Enter the Tape index ([q]/?): or, you can use the external tape drive: index 11 Depending on the existing tape drive, an additional question could be displayed: Use data compression? (y/[n]? n not use compression * Please Load into Tape Drive, Tape Volume for Backup If you have to, you may safely remove the SUPPORT MEDIA now At this point, eject the SUPPORT CD from the CD drive Continue the procedure: Ready to continue ([y]/n/q/?): y Checking for the beginning of tape: DONE ……….10% completed ……….20% completed ……….30% completed ……….40% completed ……….50% completed ……….60% completed ……….70% completed ……….80% completed ……….90% completed ……….100% completed End of BACKUP Please wait while I rewind the tape Depending on the size of the disk tape capacity, a single tape might not be sufficient The system asks for another tape by repeating the menu It is easy to figure out when 100% is completed COPYUTIL > exit Replace the SUPPORT MEDIA now, if you removed it earlier At this point, close the CD drive with the SUPPORT CD Exit to return ISL prompt ODE > exit ISL > Note: The system was booted from the SUPPORT CD; at this point we can power-cycle (power off and on) the system, or continue with bringing the system into the recovery mode (recommended): ISL > 800SUPPORT Once the system reaches the recovery menu (it takes some time) select: [ Cancel and Reboot ] NOTE: System rebooting The full test of the system is performed, so it takes awhile! The regular system startup continues Labeling the support tape The COPYUTIL tape/tapes of the root disk are ready They could be used for the recovery (restore) of the root disk, if necessary Label them as: “Hostname: COPYUTIL# of Root Disk.” Part Two — How to Recover (Restore) the Root Disk from the “COPYUTIL Tape” The system recovery procedure is similar to the preparation of the support tape The differences are: Now the source media is a tape Now the destination media is a disk The COPYUTIL utility could be found only on the SUPPORT CD The system must be booted from the SUPPORT CD to use the COPYUTIL 10 Booting the system from the SUPPORT CD: Power-on (reset) the system Follow messages on the console, until the system displays: To override, press any key within 10 seconds Hit any key After the message: “Boot terminated,” the main menu will be displayed: Insert SUPPORT CD into CD Drive 11 12 13 14 At the main menu prompt, type: Main Menu: Enter command or menu > boot 10/12/5.2.0 [hardware path for CD Drive] Follow messages and enter corresponding responses: Interact with IPL (Y or N)? > y Booting… ISL > ode to list available utilities ODE > ls ODE > copyutil Because COPYUTIL checked for available devices, a list of all found devices will be displayed This can be done in two steps, first, the SCSI busses only, and then the devices T0 10/12/5.0.0 HPC1533A/C1 530B tape drive (internal D1 10/0.6.0 SEAGATE ST15150W disk drive (root disk) D2 10/0.5.0 SEAGATE ST15150W disk drive (another disk) T 11 10/4/16.3.0 HPC1533A/C1530B tape drive (external) COPYUTIL > restore: internal tape drive Enter the Tape index ([q]/?): root disk Enter the Disk index ([q]/?): or, you can use the external tape drive: index 11 Depending on the existing tape drive, an additional question could be displayed: Use data compression? (y/[n]?) n not use compression * Please Load into Tape Drive, Tape Volume (or the Desired Tape) If you have to, you may safely remove the SUPPORT MEDIA now At this point, eject the SUPPORT CD from the CD drive Continue procedure: Ready to continue ([y]/n/q/?): y Checking for the beginning of tape: DONE ……….10% completed ……….20% completed ……….30% completed ……….40% completed ……….50% completed ……….60% completed ……….70% completed ……….80% completed ……….90% completed ……….100% completed Restored Successful COPYUTIL > exit Replace the SUPPORT MEDIA now, if you removed it earlier At this point, close the CD drive with the SUPPORT CD Exit ODE > exit to return ISL prompt ISL > 800SUPPORT Note: The system was booted from the SUPPORT CD; at this point it can be power-cycled (power off and on), or brought into the recovery mode in this way! Once the system reaches the Recovery Menu (it takes some time) select: [ Cancel and Reboot ] NOTE: System rebooting The full test of the system is performed, so it takes awhile! The regular system startup continues ... the administrators In the UNIX and network arena there are significant efforts toward standardization There are several standards bodies, both formal and informal Each body has different rules for. .. System interface specifications for C, ADA, and FORTRAN • Shell and utility specification • System administration specifications for software installation, user administration, and print management. .. many national standards organizations Approved standards can also be purchased from the IEEE in electronic (PDF) format The IEEE also publishes Standards Interpretations for many of the standards