Advanced Technology Services Group

AIX System Administration

Class

Justin Richard Bleistein

IBM POWER Systems/PowerVM/AIX/PowerHA/TSM/Oracle database/Programmer

December 2010 © 2010 ATS Group, LLC

Class Syllabus
 Monday thru Friday – 9:30am to 5:30pm

9:30am – Class starts

10:30am – 15 minute morning break
10:45am – Class resumes from first break
12:00pm – Break for lunch
1:00pm – Class resumes from lunch
3:00pm – 15 minute afternoon break
3:15pm – Class resumes from second break
5:30pm – Class ends for the day

Instructor: Justin Richard Bleistein

Phone: (856) 912 – 0861
Email: [email protected]

AIX Basic System Administration 2

Getting to know you.
 Going around the room:

- What is your name?

- What is your current position with the company?

- What is your field of technical expertise?

AIX Basic System Administration 3

 Unix Overview

AIX Basic System Administration 4

UNIX Overview
 Unix is an operating system originally developed by a group of AT&T
Bell lab employees. It was developed in 1969. – (Dennis Ritchie,
and Ken Thompson were the main developers).

 The current owner of the UNIX trademark, is the Open Group.

 The current owner of the UNIX System V code, which AT&T

originally wrote is SCO.

 The UNIX code was licensed to commercial companies such as

IBM, Oracle/Sun, and Hewett Packard, so they could create their
own version of the UNIX operating system.

 University of California, Berkeley developed their own versions of

the UNIX operating system called Free BSD, and Net BSD. These
are not as widely used as the commercial, or Linux like operating
systems.

AIX Basic System Administration 5

UNIX Overview

 The history of UNIX goes back to the 1960’s. Massachusetts

Institute of Technology (MIT), AT&T Bell Labs, and General Electric
(GE) developed an experimental operating system called Multics.
(Multiplexed Information and Computing Service).

 AT&T at some point pulled out of the Multics project. Some of the
developers continued to work on it. In the 1970’s a project known as
Unics, which later changed to UNIX commenced.

 The first version was written in assembly language, but in 1973 it

was re-written using the C programming language.

AIX Basic System Administration 6

 AIX Overview

AIX Basic System Administration 7

AIX Overview

 AIX stands for Advanced Interactive eXecutive

 AIX is IBM’s version of the UNIX operating system.

 AIX, IBM’s version of UNIX competes with Microsoft Windows server

operating systems, and other proprietary UNIX operating systems
such as, Oracle’s Sun Solaris, Hewett Packard’s HP-UX, and Tru64
Unix.

 AIX is mainly used for enterprise business computing.

 The latest version of AIX, is AIX 6.1. This version was made
generally available by IBM in 2007. AIX version 7.1 is currently as
of, 2010, available via the IBM Open Beta release program.

AIX Basic System Administration 8

AIX Overview
 AIX comes with an LVM, Logical Volume Manager, integrated into the
operating system by default. It has for years.

 AIX supports LPARS, Logical Partitions.

 AIX supports both hardware(LPARS) and software(WPARS) virtualization.

 AIX supports newest hardware offerings such as 10 gig ethernet adapters, and
8 gig fibre channel adapters.

 AIX is compliant with System V Unix system standards.

 AIX provides advanced system security features, at many levels.

 AIX has advanced diagnostic applications for hardware and software errors.

AIX Basic System Administration 9

AIX Overview

 AIX has a lot in common with other proprietary Unix operating systems.
Proprietary Unix operating systems typically differ with sysadmin tools, and
virtualization technology.

 AIX comes with a journaled filesystem – JFS2. The older version JFS is still
shipped with AIX. JFS2 will allow multi terabyte files, and multi petabyte
filesystems.

 AIX provides integrated security auditing features, allowing you to audit system
activity at a very granular level.

 AIX provides an integrated accounting system, so that you can account for
user, and application usage of resources on the system. This is especially
useful in chargeback environments.

AIX Basic System Administration 10

AIX Overview

 By default AIX comes with a software component known as WorkLoad

Manager – WLM. This software allows you to logically divide a single AIX
operating system into multiple classes by resources for applications and users
to run it.

 PowerHA, formerly known as HACMP, provides high availability clustering for

AIX systems. This provides automated failover and fallback configurations. This
product does not come with AIX by default. You must purchase a separate
software license from IBM.

 By default AIX comes with a system monitoring tool – RMC, Resource

Monitoring and Control, which can monitor and react to certain AIX events, and
then execute a certain action based on that event, such as automatically email
the sysadmin, or some other system based action.

AIX Basic System Administration 11

AIX Overview

 AIX comes with a backup utility known as mksysb – MaKe SYStem Backup.
This utility will allow you to create a bootable system backup which you will
use for system disaster recovery scenarios.

 AIX comes with another backup utility, called backup. This command allows
you to backup at a file, and/or directory level. The counterpart to this command
is the restore command, which allows you to restore the files and/or directories
you backed up with the backup command.

 AIX comes with it’s own software management subsystem, for software. It can
manage software inventory for both LPP format software, and RPM format
software.

AIX Basic System Administration 12

AIX Overview

 Starting in AIX version 5.1, Linux affinity is integrated into the operating
system.

 Media comes with AIX called, Linux Applications Toolbox for AIX. Contents
of media are also available for free download via the internet from IBM. This
media contains IBM certified Linux applications compiled to run on POWER
systems.

 The rpm command, which installs Linux software is included

by default in AIX.

 The source code to these applications are also available.

 Starting in AIX version 5.1, a lot of AIX now contains architecture,

which is most commonly found on Linux based systems.

AIX Basic System Administration 13

AIX overview
 AIX version release history:

1986 – AIX version 1.0 – 2.0

1989 – AIX version 1.1 for the PS/2 PC
1989 – AIX version 3.0 for RISC/6000 line of servers
1992 – AIX version 3.2 for RISC/6000 line of servers
1994 – AIX version 4.0 for RISC/6000 line of servers
1995 – AIX version 4.1 for RISC/6000 line of servers
1996 – AIX version 4.2 for RISC/6000 line of servers
1997 – AIX version 4.3 for RISC/6000 line of servers
1999 – AIX version 4.3.3 for RISC/6000 line of servers
2001 – AIX version 5.1 for RISC/6000 and POWER servers
2002 – AIX version 5.2 for POWER servers
2004 – AIX version 5.3 for POWER servers
2007 – AIX version 6.1 for POWER servers

2011 – AIX version 7.1. – TENTATIVE.

AIX Basic System Administration 14
AIX overview

AIX Basic System Administration 15

A word on Linux

 Linux is a clone of the UNIX operating system. It is technically not

considered UNIX.

 The first Linux kernel was developed by Linus Trorvalds in 1991.

 Linux’s origins are found in the MINX operating system project which was
a minimal Unix like operating system used for educational purposes, etc.
It was released in 1987. Linux actually started because Linus was
frustrated with the licensing of the MINIX operating system.

 There are many different distributions of the Linux operating system,

aimed for different things, the two most used in the business computing
world however are: Novell Suse Linux and Red Hat Linux used mostly in
Europe and in the U.S. respectively.

AIX Basic System Administration 16

IBM POWER Servers

AIX Basic System Administration 17

IBM POWER line of servers p6 – 520 Express

AIX Basic System Administration 18

IBM POWER line of servers p6 – 550 Express

AIX Basic System Administration 19

IBM POWER line of servers p6 – 560 Express

AIX Basic System Administration 20

IBM POWER line of servers p6 - 570

AIX Basic System Administration 21

IBM POWER line of servers p6 – 595

AIX Basic System Administration 22

IBM POWER Servers

AIX Basic System Administration 23

IBM POWER line of servers p7 – 710 Express

- Low end class

Up to 64 GB of memory/RAM

Up to 1 X 3.7 Gigahertz processors

6 core POWER7 processors

HMC and PowerVM capabilities

Other processor options:

1 POWER7 3.0 GHz processors – 4 cores

1 POWER7 3.55 GHz processors – 8 cores

AIX Basic System Administration 24

IBM POWER line of servers p7 – 720 Express
- Low end class

Up to 128 GB of memory/RAM

Up to 1 X 3.0 Gigahertz processors

8 core POWER7 processors

HMC and PowerVM capabilities

Other processor options:

1 POWER7 3.0 GHz processors – 4 cores

1 POWER7 3.0 GHz processors – 6 cores

AIX Basic System Administration 25

IBM POWER line of servers p7 – 730 Express

- Low end class

Up to 128 GB of memory/RAM

Up to 2 X 3.7 Gigahertz processors

8 core POWER7 processors

HMC and PowerVM capabilities

Other processor options:

2 POWER7 3.0 GHz processors – 8 cores

2 POWER7 3.7 GHz processors – 12 cores
2 POWER7 3.55 GHz processors – 16 cores

AIX Basic System Administration 26

IBM POWER line of servers p7 – 740 Express
- Low end class

Up to 256 GB of memory/RAM

Up to 2 X 3.7 Gigahertz processors

8 core POWER7 processors

HMC and PowerVM capabilities

Other processor options:

2 POWER7 3.3 GHz processors – 4 cores

2 POWER7 3.3 GHz processors – 8 cores
2 POWER7 3.7 GHz processors – 4 cores
2 POWER7 3.7 GHz processors – 6 cores
2 POWER7 3.7 GHz processors – 12 cores
2 POWER7 3.55 GHz processors – 8 cores
2 POWER7 3.55 GHz processors – 16 cores

AIX Basic System Administration 27

IBM POWER line of servers p7 – 750 Express
- Low end class

Up to 512 GB of memory/RAM

Up to 4 X 3.55 Gigahertz processors

8 core POWER7 processors

HMC and PowerVM capabilities

Other processor options:

4 POWER7 3.0 GHz processors – 8 cores
4 POWER7 3.3 GHz processors – 6 cores
4 POWER7 3.3 GHz processors – 8 cores

AIX Basic System Administration 28

IBM POWER line of servers p7 - 770

- Midrange class
- Up to 4 building blocks

Up to 512 GB of memory/RAM

Up to 2 X 3.5 Gigahertz processors

6 core POWER7 processors

HMC and PowerVM capabilities

Other processor option:

2 POWER7 3.1 GHz processors
8 cores

AIX Basic System Administration 29

IBM POWER line of servers p7 - 780

- Midrange class
- Mainframe inspired

Up to 512 GB of memory/RAM

Up to 2 X 4.1 Gigahertz processors

4 core POWER7 processors

HMC and PowerVM capabilities

Other processor option:

2 POWER7 3.8 GHz processors
8 cores

AIX Basic System Administration 30

IBM POWER line of servers p7 - 795

- High end/Enterprise class

- Mainframe inspired
- Most powerful UNIX server

Up to 8 TB of memory/RAM

Up to 32 X 4 Gigahertz processors
8 core POWER7 processors – (Total 256 cores)

HMC and PowerVM capabilities

Turbo option:
128 POWER7 4.25 GHz processors

AIX Basic System Administration 31

IBM POWER Blade Servers

AIX Basic System Administration 32

IBM POWER line of servers p6 – JS12, JS22,
JS23, and JS43

J43

AIX Basic System Administration 33

IBM POWER Blade Servers

AIX Basic System Administration 34

IBM POWER line of servers p7 – PS700, PS701,
and PS702 PS700 – Single wide blade.

Up to 64 GB of memory/RAM

Up to 1 X 3.0 Gigahertz processors

4 core POWER7 processors

PowerVM capabilities

PS701 – Single wide blade.

Up to 128 GB of memory/RAM

Up to 1 X 3.0 Gigahertz processors

8 core POWER7 processors

PowerVM capabilities

PS702 – Double wide blade.

Up to 256 GB of memory/RAM

Up to 2 X 3.0 Gigahertz processors

16 core POWER7 processors

PowerVM capabilities

AIX Basic System Administration 35

IBM POWER line of servers p7 – Bladecenters

AIX Basic System Administration 36

Throughout IBM AIX system history

AIX Basic System Administration 37

Throughout IBM AIX system history

 RT – AIX version 1.0 – 2.0 only.

AIX Basic System Administration 38

Throughout IBM AIX system history

 320 system

AIX Basic System Administration 39

Throughout IBM AIX system history

 590

AIX Basic System Administration 40

Throughout IBM AIX system history

 RS/6000 43P

AIX Basic System Administration 41

Throughout IBM AIX system history
 Another 43P

AIX Basic System Administration 42

Throughout IBM AIX system history
 F50

AIX Basic System Administration 43

Throughout IBM AIX system history

 42T

AIX Basic System Administration 44

Throughout IBM AIX system history

 RS/6000 B50

AIX Basic System Administration 45

Throughout IBM AIX system history

 H80

AIX Basic System Administration 46

Throughout IBM AIX system history

 S80

AIX Basic System Administration 47

Throughout IBM AIX system history

 RS/6000 SP

AIX Basic System Administration 48

Throughout IBM AIX system history

 More RS/6000 SPs

AIX Basic System Administration 49

Our Lab

 The configuration of the ATS lab, The Innovation Center, we’ll be using in this
week’s class is as follows.

 Two POWER7 blades: PS700. They have the following specs:

- 4 IBM Power 7 processors.

- 32 Gigabytes of real memory/RAM.
- 2 X 300 Gigabyte internal hard disks.

AIX Basic System Administration 50

Our Lab

Each blade has 13 AIX LPARS created on them. AIX version 6.1 TL 6 SP 2.

We will be using 5 LPARs from the first blade, Blade # 13:

Gvicaix01
Gvicaix02
Gvicaix03
Gvicaix04
Gvicaix05

AIX Basic System Administration 51

Our Lab
We will be using 2 LPARs from the second blade, Blade # 14:

Gvicaix06
Gvicaix07

- The login name is root, and there is currently no password set.

The Instructor will now assign them. Every student will be assigned their own
LPAR.
AIX Basic System Administration 52
Our Lab

 Our lab network is a standard, Class C, flat network, on subnet 192.168.240.

The IP addresses of the LPARS are listed below:

Gvicaix01 – 192.168.240.123
Gvicaix02 – 192.168.240.124
Gvicaix03 – 192.168.240.125
Gvicaix04 – 192.168.240.126
Gvicaix05 – 192.168.240.127
Gvicaix06 – 192.168.240.135
Gvicaix07 – 192.168.240.136

AIX Basic System Administration 53

Our Lab
 On your desktop you should have an application called, Putty. Go ahead
and double-click on it:

AIX Basic System Administration 54

Our Lab
 Once the application starts type in the IP address of your assigned
LPAR:

 Be sure that “telnet” is selected, and then click “Open”.

AIX Basic System Administration 55

Our Lab
 The Integrated Virtualization Manager, IVM, is a web interface which allows you
to manage a physical system which has virtual AIX operating systems running on
it. In this class we will use this interface to gain console access to our LPARS.

 Open the Microsoft Internet Explorer to the following address:

http://192.168.240.101
(For students on LPARS: Gvicaix01, thru Gvicaix05)

Or

http://192.168.240.102
(For students on LPARS: Gvicaix06, and Gvicaix07)

Login for both: padmin

Password for both: ibmibm

After you open it minimize the window, you will need it in later labs.

AIX Basic System Administration 56

Our Lab

AIX Basic System Administration 57

Our Lab

AIX Basic System Administration 58

 Installing the AIX Operating System

AIX Basic System Administration 59

Installing the AIX Operating System
 The AIX operating system is shipped from IBM traditionally on 8 CDs, or 2
DVDs.

 When you install the operating system, you are installing what’s referred to as
the BOS – Base Operating System.

 On most systems the operating system installation will take about ~45 minutes
to ~1 hour to complete.

 The AIX Base Operating System requires ~512 MB of memory/RAM, and ~5 GB

of disk space.

NOTE: Installation of the operating system will not be done in class as a lab, in the
interest of time.

AIX Basic System Administration 60

Installing the AIX Operating System

 There are three types of AIX BOS installations.

- New and Complete Overwrite

- Migration

- Preservation

AIX Basic System Administration 61

Installing the AIX Operating System

 BOS installations can be accomplished with the following methods.

- New install from the DVD media from IBM.

- Install over the network with NIM – Network Installation Manager.

- Recovery of a bootable system backup – (Tape, CD, DVD, or NIM).

- From an ISO file – VIO.

- Alt_disk_install method/cloning.

AIX Basic System Administration 62

 Installing the AIX Operating System

AIX Basic System Administration 63

Installing the AIX Operating System

AIX Basic System Administration 64

Installing the AIX Operating System

AIX Basic System Administration 65

Installing the AIX Operating System

AIX Basic System Administration 66

Installing the AIX Operating System

AIX Basic System Administration 67

Installing the AIX Operating System

AIX Basic System Administration 68

Installing the AIX Operating System

AIX Basic System Administration 69

Installing the AIX Operating System

AIX Basic System Administration 70

Installing the AIX Operating System

AIX Basic System Administration 71

Installing the AIX Operating System

AIX Basic System Administration 72

Installing the AIX Operating System

AIX Basic System Administration 73

Installing the AIX Operating System

AIX Basic System Administration 74

 Logging into the System

AIX Basic System Administration 75

High level Components of a Unix system

AIX Basic System Administration 76

AIX – Logging into the system

AIX Basic System Administration 77

AIX – Logging into the system

 After the system boots, or anytime you connect to the system you
will be presented with a login screen which is known as the herald
message. This is prompting you for a login name which will identify
you as a valid user to the system.

AIX Version 6
Copyright IBM Corporation, 1982, 2009.
login:

By AIX BOS installation default the only user which is available to log
into is the user “root”. Root is the administrator of the system. It’s the
most powerful user-id on the system.

Note: A synonym for root is Super user.

AIX Basic System Administration 78

AIX – Logging into the system
By installation default, when you login as the root user, you are not
prompted for a password. The password is not set for the root user
by default.

AIX Version 6
Copyright IBM Corporation, 1982, 2009.
login: root
*********************************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
**********************************************************************************************

AIX Basic System Administration 79

AIX – Logging into the system
After successfully identifying yourself to the system, and logging in you will be
presented with a message known as the Message Of The Day (MOTD).
After that message you will see the symbol #, pound sign. This is the Korn
shell prompt which indicates that the system is now ready for you to
communicate with it. It’s waiting for a command. The #, pound sign, is the
prompt for the root user.
AIX Version 6
Copyright IBM Corporation, 1982, 2009.
login: root
**********************************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
**********************************************************************************************

AIX Basic System Administration 80

AIX – Logging into the system

 A shell is how the user/you communicates with the operating

system. Think of it as a text version of the Windows Desktop. There
are many shells available for Unix systems. They are listed below:

- Ksh = Korn Shell (Default shell for AIX).

- Bsh = Bourne Shell
- Bash = Bourne Again Shell
- Csh = C-shell
- Tsh = Trusted shell

ETC…

 The Korn shell is the default in AIX. When you install the system,
and create regular users, they will be placed into the Korn shell in
their home directory automatically when they log into the system.

AIX Basic System Administration 81

AIX – Logging into the system

 A user communicates with a Unix system with commands, which are

submitted to the system via a shell. A command executes within a shell
environment.

 A command is a program/executable which is used to accomplish tasks on a

Unix system.

 A command obeys rules known as syntax, how the command is to be entered.

 A command consists of the following components:

1. Program
2. Options
3. Arguments

AIX Basic System Administration 82

AIX – Logging into the system

Ex of a command:

# ls –l /home

ls = Command/program

-l = Option

/home = Argument

AIX Basic System Administration 83

AIX – Logging into the system
 The id command will display the user you are logged into the system
as. Notice how root is UID, User ID: 0. This is the numeric user-id
that the system internally uses to identify you. UID 0, means the root
user, or a user with root privilege.
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
#

To set the password of the root user, or any user for that matter use
the passwd command.
# passwd
Changing password for "root"
root's New password:
Enter the new password again:
#

The password will not be visible as you are entering it. You will have to
confirm it, once it’s typed in. The system does this to prevent typos,
and for security reasons.

AIX Basic System Administration 84

AIX – Logging into the system
 To exit the Korn shell, type in the command “exit”.
Once you do that you will be disconnected from the system.

# exit
Connection closed – (Putty closes).

Open another connection to the system, and login as the root user
again:
AIX Version 6
Copyright IBM Corporation, 1982, 2007.
login: root
root's Password:

*MOTD IS DISPLAYED, THEN KORN SHELL PROMPT*

Notice that the system now prompts you for a password because you
set it for the root user.

AIX Basic System Administration 85

AIX – Logging into the system
 Notice how the password was not visible when you entered it.
This is done for security reasons.

 If you enter the wrong password, AIX will not tell you which one,
user id, or password was invalid, it will tell you that one of them is
incorrect. This is done for security reasons.

AIX Version 6
Copyright IBM Corporation, 1982, 2007.
login: root
root's Password:

You entered an invalid login name or password.

login:

AIX Basic System Administration 86

 Interacting with Unix

AIX Basic System Administration 87

Interacting with Unix

 It’s very imperative to understand that Unix is case sensitive. That

means that just about everything is lower case.

# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)

Not the same as typing:

# ID
ksh: ID: not found
#

AIX Basic System Administration 88

Interacting with Unix

You can see the current month’s calendar with the following command:

# cal
September 2009
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30

AIX Basic System Administration 89

Interacting with Unix

You can see the whole year calendar by feeding the command the
year. Note, doesn’t have to be the current year.

# cal 2009
2009

January February
Sun Mon Tue Wed Thu Fri Sat Sun Mon Tue Wed Thu Fri Sat
1 2 3 1 2 3 4 5 6 7
4 5 6 7 8 9 10 8 9 10 11 12 13 14
11 12 13 14 15 16 17 15 16 17 18 19 20 21
18 19 20 21 22 23 24 22 23 24 25 26 27 28
25 26 27 28 29 30 31

March April
Sun Mon Tue Wed Thu Fri Sat Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7 1 2 3 4
8 9 10 11 12 13 14 5 6 7 8 9 10 11
15 16 17 18 19 20 21 12 13 14 15 16 17 18
22 23 24 25 26 27 28 19 20 21 22 23 24 25
29 30 31 26 27 28 29 30

AIX Basic System Administration 90

Interacting with Unix
 You can also specify a specific month of a year.

# cal 8 2010
August 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31

# cal 10 2010
October 2010
Sun Mon Tue Wed Thu Fri Sat
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31

AIX Basic System Administration 91

Interacting with Unix

 Let’s say you wanted to know the current date, and time. Use the
Unix date command

# date
Fri Sep 4 15:57:18 EDT 2009
#

Even though you just typed in the date command, you will also get the
current time as well. Note that time is military by defaut in Unix.

AIX Basic System Administration 92

Interacting with Unix
 Unix also has a built in calculator. It’s called bc for Basic Calculator.

# bc

4+2
6

5*7
35

7-2
5

100 / 50
2

quit
#

Note, even though bc stands for basic calculator, it does have the
capability of doing more complex calculations other than just
arithmetic, as shown above.

AIX Basic System Administration 93

Interacting with Unix
Unix comes with a text editor called vi. This stands for VIsual editor.
You can use this editor to create new text files, or edit existing ones.

Note: There are other text editors which are available in Unix such as
ed, emacs, etc. However, vi is more widely used.
# vi /file

~
~
~
~
~
~
~
~
~
~
“/file” [New file]
1. Once in the editor type in a to enter input mode.
2. Start entering text, ex – “This is the best Unix class I have ever been to. <ENTER> <ENTER> I would
recommend it to anyone.”
3. Now hit the Escape key to get out of input mode, and to enter command mode.
4. Type in the colon, and type in wq – ( w = write(save) q = quit vi ).

AIX Basic System Administration 94

Interacting with Unix
 Short VI reference – “Moving around”

ESC + x = Deletes a single character

ESC + j = Move down a line.

ESC + k = Move up a line.
ESC + l = Move right one space.
ESC + h = Move left one space.

Note: On most terminals today, you can move around with the normal
keyboard arrows.

AIX Basic System Administration 95

Interacting with Unix

 To view the contents of the file you just created with the vi text
editor, or any file on the system for that matter, use the cat
command, which is short for ConcATenate. This means concatenate
the bytes on disk.

# cat /file
This is the best Unix class I have ever been to.

I would recommend it to anyone.

#

AIX Basic System Administration 96

Interacting with Unix
 You can view the first N lines of a file with the head command.

# head -1 file
This is the best Unix class I have ever been to.
#

By default the head command will show you the first ten lines of a file.

AIX Basic System Administration 97

Interacting with Unix
 You can view the last N lines of a file with the tail command.

# tail -2 file
I would recommend it to anyone.

By default the tail command will show you the last ten lines of a file.

Note: There is also a tail –f, which provides streaming output of the
last line of a file.
AIX Basic System Administration 98
Interacting with Unix
 You can list the contents of a file with all of the lines in the file
numbered with the cat command with the –n argument.

# cat -n /file
1 This is the best Unix class I have ever been to.
2
3 I would recommend it to anyone.
#

AIX Basic System Administration 99

Interacting with Unix
 If you wanted to count the number of lines, words, or characters of a
file, then you can use the wc command, which stands for Word
Count, but it counts the abovementioned entities of a file as well.

# cat /file
This is the best Unix class I have ever been to.

I would recommend it to anyone.

# wc -c /file
82 /file

# wc -w /file
17 /file

# wc -l /file
3 /file
#

AIX Basic System Administration 100

Interacting with Unix
 You can use the cut command to display certain portions of a file, or
other output out.

# cat /file
This is the best Unix class I have ever been to.

I would recommend it to anyone.

# cut -c1-3 file

Thi

Iw

# cut -c1,5 file

T

Iu
#

AIX Basic System Administration 101

Interacting with Unix
 The command grep, will search for a specific string in a file, or other
output, and will display the line it found that string on.

# cat /file
This is the best Unix class I have ever been to.

I would recommend it to anyone.

#
# grep would /file
I would recommend it to anyone.
#

# grep is /file
This is the best Unix class I have ever been to.
#

AIX Basic System Administration 102

Interacting with Unix
 The banner command can be very useful. It’s a way of displaying
strings, which are imperative to your users. A good example of this
may be the word PRODUCTION. You would definitely want your
users to know they are on a production system

# banner production

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

AIX Basic System Administration 103

Interacting with Unix
 Unix has online help available. This is the equivalent of pressing
<F1> on a Windows system. The command is man, which is short
for MANual, as in manual pages.
# man id
Commands Reference, Volume 3, i - m

id Command

Purpose

Displays the system identifications of a specified user.

Syntax

id [user]

id -G [-n ] [User]

id -g [-n l | [ -n r ] [User]

id -u [-n l | [ -n r ] [User]

Description

The id command writes to standard output a message containing the

system identifications (ID) for a specified user. The system IDs are
numbers which identify users and user groups to the system. The id
command writes the following information, when applicable:
* User name and real user ID
…

AIX Basic System Administration 104

Interacting with Unix
 There is a special symbol called a pipe. The symbol is |, the vertical
bar. It’s located right above the <ENTER> key, on the standard
American computer keyboard.
# date
Fri Sep 4 20:34:11 EDT 2009

# cut
Usage: cut {-b <list> [-n] | -c <list> | -f <list> [-d <char>] [-s]} file ...
#

Note, the Unix cut command doesn’t do much without this pipe
symbol, or feeding a file to it.
Let’s say you wanted only to display the first three characters of the
date command output. You would have to use the cut command to
accomplish this. Let’s say you wanted to accomplish this with one
command. What you can do is execute the date command, then tie
it to the cut command with a Unix pipe.
# date
Fri Sep 4 20:36:48 EDT 2009

# date | cut -c1-3

Fri
#
AIX Basic System Administration 105
Interacting with Unix
 What happened with the pipe in the previous example, is it took the
output of the date command, as it’s input.

 Here are some more examples:

# who
root pts/0 Sep 4 20:19 (192.168.220.8)

# who | wc -l
1
# who | wc -c
58
# who | wc -w
6
#

AIX Basic System Administration 106

Interacting with Unix
 Let’s say you issued the command: prtconf, the command which
lists the hardware configuration of the server , but the output is too
long for you to read the entire thing. It scrolls off of the screen too
quickly. Unless you can read at the speed of light, this won’t do you
much good.

# prtconf
System Model: IBM,9117-MMA
Machine Serial Number: 10118F0
Processor Type: PowerPC_POWER6
Number Of Processors: 8
Processor Clock Speed: 3504 MHz
CPU Type: 64-bit
Kernel Type: 64-bit
LPAR Info: 5 gvicaix14
Memory Size: 2048 MB
Good Memory Size: 2048 MB
Platform Firmware level: Not Available
Firmware Version: IBM,EM340_041
Console Login: enable
Auto Restart: true

THE REMAINDER OF THE OUTPUT SCROLLS OFF OF THE

SCREEN.
…

AIX Basic System Administration 107

Interacting with Unix
 There are two what they call pager commands you can use which
will preclude long outputs such as this one from scrolling off of the
screen before you had a chance to read it. One command is more,
and the other command is pg, which is short for PaGer.

# prtconf | more
System Model: IBM,9117-MMA
Machine Serial Number: 10118F0
Processor Type: PowerPC_POWER6
Number Of Processors: 8
Processor Clock Speed: 3504 MHz
CPU Type: 64-bit
Kernel Type: 64-bit
LPAR Info: 5 gvicaix14
Memory Size: 2048 MB
Good Memory Size: 2048 MB
Platform Firmware level: Not Available
Firmware Version: IBM,EM340_041
Console Login: enable
Auto Restart: true
Full Core: false

OUTPUT PAUSES WHEN IT FITS THE SCREEN, UNTIL YOU HIT THE <ENTER> KEY TO CONTINUE
TO THE NEXT PAGE.

AIX Basic System Administration 108

Interacting with Unix
# prtconf | pg
System Model: IBM,9117-MMA
Machine Serial Number: 10118F0
Processor Type: PowerPC_POWER6
Number Of Processors: 8
Processor Clock Speed: 3504 MHz
CPU Type: 64-bit
Kernel Type: 64-bit
LPAR Info: 5 gvicaix14
Memory Size: 2048 MB
Good Memory Size: 2048 MB
Platform Firmware level: Not Available
Firmware Version: IBM,EM340_041
Console Login: enable
Auto Restart: true
Full Core: false

Network Information
Host Name: gvicaix14
IP Address: 192.168.240.137
Sub Netmask: 255.255.255.0
Gateway: 192.168.240.1
Name Server:
Domain Name:

If you use a +, or a – here it will allow you to move forward, or back by

one page respectively.
AIX Basic System Administration 109
Interacting with Unix
 Variables are used to store other values. They are most useful in
programming languages.

# export FNAME=justin
# echo $FNAME
justin
#

Note, variables are not discussed in depth in this course. They would
be discussed in more detail in a Unix shell scripting/programming
course.

AIX Basic System Administration 110

Interacting with Unix
 There are some pre-defined variables which come set with the shell.
These are sometimes referred to as system variables.
# set
AUTHSTATE=compat
EDITOR=/usr/bin/vi
ERRNO=0
FCEDIT=/usr/bin/ed
FNAME=justin
HOME=/
IFS='
'
LANG=C
LC__FASTMSG=true
LINENO=1
LOCPATH=/usr/lib/nls/loc
LOGIN=root
LOGNAME=root
MAIL=/usr/spool/mail/root
MAILCHECK=600
MAILMSG='[YOU HAVE NEW MAIL]'
NLSPATH=/usr/lib/nls/msg/%L/%N:/usr/lib/nls/msg/%L/%N.cat
ODMDIR=/etc/objrepos
OPTIND=1
PATH=/usr/bin:/etc:/usr/sbin:/usr/ucb:/usr/bin/X11:/sbin:/usr/java14/jre/bin:/us
r/java14/bin
PPID=307422
PS1='# '
PS2='> '
PS3='#? '

AIX Basic System Administration 111

Interacting with Unix

 One thing you can do with the pre-defined shell variables is change
the korn shell root prompt, from the default #, to unix>.

# echo $PS1
#
# export PS1="unix> "
unix>
unix>
unix>
unix>

Log out of the system via the exit command, and then login as root
again, by opening another Putty session. You will notice that the
prompt reset itself back to what it was originally. This behaivor is
discussed with more detail in the User Management section.

AIX Basic System Administration 112

 Navigating around the system

AIX Basic System Administration 113

AIX – Navigating around the system
 UNIX/AIX has a filing system which it uses to organize the data
which is stored on the system’s HDD. This organized system is
known as a file tree hierarchy.

 Files are used to store data/information. Files can either have

human readable text in them, like an email message, or it can have
machine readable binary code, like a compiled program/executable.

 Files are kept in directories. Directories are a way of organizing files.

Think of directories as filing cabinets, for your files. Directories are
equivalent to folders in the Windows world.

 Directories can contain directories as well as files. The directories

which reside in another directory is called the sub-directory. Files
are a collection of bytes logically grouped together and stored in an
object – a file.

AIX Basic System Administration 114

AIX - Navigating around the system
 Directory structure example

AIX Basic System Administration 115

AIX – Navigating around the system
Type in the command: “pwd”

# pwd
/
#

This command stands for Present Working Directory. This will tell you
where exactly on the directory hierarchy/tree you currently are.
Notice how you are in “/”. This means you are at the top of the
directory tree. This is root’s home directory. Normally when you
create a regular user the default home directory will be
/home/user_name. Since this is the root user, /, is the home
directory.

More details on user home directories in the User Management

section.
AIX Basic System Administration 116
AIX – Navigating around the system
 To list all of the directories, and files in your current directory type in the “ls”
command. This is short for LiSt.

# ls
.sh_history dev lost+found sbin u
.vi_history esa lpp smit.log unix
admin etc mnt smit.script usr
audit home opt smit.transaction var
bin image.data pconsole tftpboot
bosinst.data lib proc tmp
#

 This is the root directory listing which is default after BOS installation.

AIX Basic System Administration 117

Navigating around the system
 To determine which object is a file, and which one is a directory issue the ls
command with the –F argument. Note, arguments are characters after the
command which instruct the command to behave in a certain way.

# ls -F
.rhosts audit/ dev/ image.data mksysb/ proc/ smit.transaction unix@
.sh_history bin@ esa/ lib@ mnt/ sbin/ tftpboot/ usr/
.vi_history bosinst.data etc/ lost+found/ opt/ smit.log tmp/ var/
admin/ core home/ lpp/ pconsole/ smit.script u@
#

This command added / at the end of the objects which are directories.

Note, this command also shows the @ symbol at the end of certain directories.
This means these are links. Links mean that the directory, or file actually refers
to another file, or directory.

AIX Basic System Administration 118

Navigating around the system
 Long listing of a directory.
# ls -l
total 1368
-rw-r--r-- 1 root system 18 Nov 24 21:24 .rhosts
-rw------- 1 root system 8886 Nov 27 19:46 .sh_history
-rw------- 1 root system 145 Nov 27 18:29 .vi_history
drwxr-xr-x 4 root system 256 Nov 24 21:19 admin
drwxr-x--- 2 root audit 256 Apr 15 2010 audit
lrwxrwxrwx 1 bin bin 8 Nov 24 21:22 bin -> /usr/bin
-rw-r--r-- 1 root system 6084 Nov 24 19:51 bosinst.data
-rw------- 1 root system 7188 Nov 26 12:31 core
drwxrwxr-x 5 root system 4096 Nov 27 19:32 dev
drwxr-xr-x 16 esaadmin system 4096 Nov 24 19:37 esa
drwxr-xr-x 34 root system 12288 Nov 26 13:50 etc
drwxr-xr-x 5 bin bin 256 Nov 24 21:19 home
-rw-r--r-- 1 root system 11960 Nov 24 19:51 image.data
lrwxrwxrwx 1 bin bin 8 Nov 24 21:22 lib -> /usr/lib
drwx------ 2 root system 256 Nov 24 21:17 lost+found
drwxr-xr-x 163 bin bin 8192 Nov 24 21:24 lpp
drwxr-xr-x 3 root system 256 Nov 24 21:17 mksysb
drwxr-xr-x 2 bin bin 256 Apr 15 2010 mnt
drwxr-xr-x 17 root system 4096 Nov 24 21:19 opt
drwxr-xr-x 4 pconsole pconsole 256 Nov 24 17:47 pconsole
dr-xr-xr-x 1 root system 0 Nov 27 19:46 proc
drwxr-xr-x 3 bin bin 256 Nov 24 17:43 sbin
-rw-r--r-- 1 root system 568505 Nov 26 10:01 smit.log
-rw-r--r-- 1 root system 14094 Nov 26 09:59 smit.script
-rw-r--r-- 1 root system 17059 Nov 26 09:59 smit.transaction
drwxrwxr-x 2 root system 256 Nov 24 14:31 tftpboot
drwxrwxrwt 13 bin bin 4096 Nov 27 19:45 tmp
lrwxrwxrwx 1 bin bin 5 Nov 24 21:22 u -> /home
lrwxrwxrwx 1 root system 21 Nov 24 21:22 unix -> /usr/lib/boot/unix_64
#

AIX Basic System Administration 119

Navigating around the system
 What the objects in / are used for:

admin – Directory for admin temp files.

audit – Directory for the user audit logs. If AIX auditing is enabled, which it is not by default.
bin – Directory where the commands you execute, such as ls, and pwd are kept.
dev – Directory which represents all devices on a system. Remember everything on a Unix system is a
file, and is controlled through a file.
etc – Directory where configuration files for the operating system, and it’s components live.
home – Directory where all of the regular user’s default home directories live.
lib – Directory where the C libraries for the Unix operating system live.
lost+found – This directory is created by default in every filesystem – IN DEPTH LATER.
lpp – This directory is where the information about the software installed on the system lives.
mnt – This is an empty directory which gives you a place to temporarily mount filesystems, if you don’t
want to create directories.
opt – Directory where Linux sofware is installed for AIX.
pconsole – Directory for some graphic functionality.
proc – Directory where currently running process information lives.
sbin – Directory where sysadmin commands live for AIX.
tftpboot – Directory used to store boot images, for systems who want to boot off of the network.
tmp – Temporary area for every user to write to. JUNK.
u – This is for backward compatibility. This is where the user’s home directories used to live.
unix – This directory is where the system kernel lives.
usr – This directory is where IBM, and IBM compliant software is installed. It also holds imperative system
data.
var – This directory is where the system stores log files from the operating system, and it’s components.

AIX Basic System Administration 120

Navigating around the system

 Let’s move to the /tmp directory. You change directories in Unix with
the cd command, and the name of the directory as the argument.
CD stands for Change Directory.

# pwd
/

# cd /tmp
# pwd
/tmp
#

Notice, how the output of the pwd command changes. Now you are in
the /tmp directory. You are no longer in the / directory.

AIX Basic System Administration 121

Navigating around the system
 To move back to the directory you were just in, you can use the –
argument to the cd command.
# pwd
/tmp

# cd -
/

# pwd
/

# cd -
/tmp

# pwd
/tmp
#

This is a shortcut in Unix shells to move back to your previous

directory.
AIX Basic System Administration 122
Navigating around the system
 To move back to your home directory, use the cd command with no
arguments.

# pwd
/tmp

# cd
# pwd
/
#

AIX Basic System Administration 123

Navigating around the system
 Creating a directory, will give you a place to store files, and other
directories (sub-directories). Use the mkdir command, short for
MaKe DIRectory, to create a directory.

# cd /tmp
# pwd
/tmp

# mkdir dira
# cd dira
# pwd
/tmp/dira

# ls
#

Notice the new directory path, and how there are no files in this new
directory.

Note, directory names have a limit of 256 characters – (alphanumeric).

AIX Basic System Administration 124

Navigating around the system

 Go ahead and create another sub-directory in this current directory,

and also some empty files. Empty files are created with the Unix
command touch.

# pwd
/tmp/dira

# ls
#

# mkdir dirab
# touch filea fileb filec
# ls
dirab filea fileb filec
#

# ls -F
dirab/ filea fileb filec
#

Note, file names have a limit of 256 characters – (alphanumeric).

AIX Basic System Administration 125

 Navigating around the system
 One imperative concept to keep in mind when discussing directories, and
files, is the concept of location. Remember the directory and file structure on
Unix systems are setup as an hierarchy.

 There are two location types when it comes to directories and files.

1. Absolute – (Fully Qualified Path name)

2. Relative

An example of a an absolute/fully qualified pathname is:

# ls -l /tmp/dira/filea
-rw-r--r-- 1 root system 0 Dec 02 09:08 /tmp/dira/filea
#

An example of a relative pathname is:

# cd /tmp/dira  Note, I moved to the dira directory via it’s absolute/fully qualified pathname.
# pwd
/tmp/dira

# ls -l filea
-rw-r--r-- 1 root system 0 Dec 02 09:08 filea

AIX Basic System Administration 126

Navigating around the system
 Getting back to creating directories.

 Let’s say you wanted to create a file called testfile, but the fully qualified path of
this file was to be:

/tmp/testdir/testdir2/testdir3/testfile

No problem, right? Go ahead and create the file:

# touch /tmp/testdir/testdir2/testdir3/testfile
touch: 0652-046 Cannot create /tmp/testdir/testdir2/testdir3/testfile.
#

You can’t because the directories don’t exist. Ok, no problem again, right? Let’s go
ahead and create the directories for this file:
# mkdir /tmp/testdir/testdir2/testdir3
mkdir: 0653-357 Cannot access directory /tmp/testdir/testdir2.
/tmp/testdir/testdir2: A file or directory in the path name does not exist.
#

AIX Basic System Administration 127

Navigating around the system
 This did not work either. Why? It didn’t work because a directory needs to exist
before its subdirectory can exist. To direct the mkdir command to automatically
create all directories in this fully qualified path use the –p option:

# mkdir -p /tmp/testdir/testdir2/testdir3
# touch /tmp/testdir/testdir2/testdir3/testfile

# ls -ld /tmp/testdir/testdir2/testdir3
drwxr-xr-x 2 root system 256 Dec 02 08:56 /tmp/testdir/testdir2/testdir3
#

# ls -l /tmp/testdir/testdir2/testdir3
total 0
-rw-r--r-- 1 root system 0 Dec 02 08:56 testfile

AIX Basic System Administration 128

Navigating around the system

 There are two special files called, “.” and “..”

. Represents the present directory, while .. represents the directory a level above,
the one you are currently in.

# ls -l
total 16
drwxr-xr-x 3 root system 256 Sep 4 23:04 .
drwxrwxrwt 4 bin bin 4096 Sep 5 16:05 ..
drwxr-xr-x 2 root system 256 Sep 4 22:24 dirab
-rw-r--r-- 1 root system 0 Sep 4 22:23 filea
-rw-r--r-- 1 root system 0 Sep 4 22:23 fileb
-rw-r--r-- 1 root system 0 Sep 4 22:23 filec

# pwd
/tmp/dira

# cd ..
# pwd
/tmp

# cd ..
# pwd
/
# cd /tmp/dira

AIX Basic System Administration 129

Navigating around the system
 You can use wildcards as a way to display files on a Unix system.
Wilds cards are a way to list files when you don’t really know the full
name of them, and only know a portion of their names. The wildcard
characters we use in Unix are: *, ?, and […].

# ls
dirab filea fileb filec

# ls f*
filea fileb filec

# ls file[a-b]
filea fileb

# ls f????a
f????a not found

# ls f??e?
filea fileb filec
#

AIX Basic System Administration 130

Navigating around the system
 Another way to create a file is to re-direct a command’s output to a
file. This is called re-directing stdout – STanDard OUTput.

# date > filed

# cat filed
Fri Sep 4 22:35:16 EDT 2009

# ls -l
total 8
drwxr-xr-x 2 root system 256 Sep 4 22:24 dirab
-rw-r--r-- 1 root system 0 Sep 4 22:23 filea
-rw-r--r-- 1 root system 0 Sep 4 22:23 fileb
-rw-r--r-- 1 root system 0 Sep 4 22:23 filec
-rw-r--r-- 1 root system 29 Sep 4 22:35 filed
#

If you use double greater than sign >>, then that command’s output
will append to the end of the already existing file
# date >> filed
# cat filed
Fri Sep 4 22:35:16 EDT 2009
Fri Sep 4 22:37:33 EDT 2009
#

AIX Basic System Administration 131

 Navigating around the system
If you use a single greater than sign again, it will overwrite the contents
of the existing file
# date > filed
# cat filed
Fri Sep 4 22:38:57 EDT 2009
#

Commands which end with errors do not get directed to a file by

default. They get directed to something which called stderr –
STanDard ERRor.

# dati > filed

Ksh: dati: not found

# cat filed
#

# dati 2> filed

# cat filed
ksh: dati: not found

# dati 2>> filed

# cat filed
ksh: dati: not found
ksh: dati: not found

AIX Basic System Administration 132

Navigating around the system
 There is a special file in Unix called /dev/null, among others.

 This is commonly referred to as the “Black Hole”

 It’s a place to re-direct output you don’t want. Whatever you re-direct to it just
gets thrown away. It goes nowhere.

# ls -l /dev/null
crw-rw-rw- 1 root system 2, 2 Dec 03 13:12 /dev/null

# date > /dev/null

# ls -l > /dev/null
# cat /dev/null
#

# ls -l /dev/null
crw-rw-rw- 1 root system 2, 2 Dec 03 13:12 /dev/null
#

AIX Basic System Administration 133

Navigating around the system
 If you wanted output to be re-directed to a file and to your stdout, the
screen simultaneously, then you would use the tee command.

# date | tee filed

Fri Sep 4 22:54:07 EDT 2009

# cat filed
Fri Sep 4 22:54:07 EDT 2009
#

If you wanted to append to a file using tee, you would use the –a
option of the tee command.
# date | tee filed
Fri Sep 4 22:56:27 EDT 2009

# cat filed
Fri Sep 4 22:56:27 EDT 2009
#

# date | tee -a filed

Fri Sep 4 22:57:24 EDT 2009

# cat filed
Fri Sep 4 22:56:27 EDT 2009
Fri Sep 4 22:57:24 EDT 2009
#

AIX Basic System Administration 134

Navigating around the system
 If you wanted to copy a file, you would use the cp command.

# ls -l filed
-rw-r--r-- 1 root system 58 Sep 4 22:57 filed

# cp filed filee
# ls -l filed filee
-rw-r--r-- 1 root system 58 Sep 4 22:57 filed
-rw-r--r-- 1 root system 58 Sep 4 23:01 filee

# cat filed
Fri Sep 4 22:56:27 EDT 2009
Fri Sep 4 22:57:24 EDT 2009

# cat filee
Fri Sep 4 22:56:27 EDT 2009
Fri Sep 4 22:57:24 EDT 2009
#

AIX Basic System Administration 135

Navigating around the system
 If you wanted to move/rename a file, you would use the mv
command.

# ls -l filed filee
-rw-r--r-- 1 root system 58 Sep 4 22:57 filed
-rw-r--r-- 1 root system 58 Sep 4 23:01 filee

# mv filed filee
# ls -l filed filee
filed not found
-rw-r--r-- 1 root system 58 Sep 4 22:57 filee

# ls -l
total 8
drwxr-xr-x 2 root system 256 Sep 4 22:24 dirab
-rw-r--r-- 1 root system 0 Sep 4 22:23 filea
-rw-r--r-- 1 root system 0 Sep 4 22:23 fileb
-rw-r--r-- 1 root system 0 Sep 4 22:23 filec
-rw-r--r-- 1 root system 58 Sep 4 22:57 filee
#

AIX Basic System Administration 136

Navigating around the system

 To remove a directory you use the rmdir command, which is short for ReMove
DIRectory:

# ls -ld dirab
drwxr-xr-x 2 root system 256 Nov 27 19:57 dirab

# rmdir dirab
# ls -ld dirab
ls: 0653-341 The file dirab does not exist.
#

AIX Basic System Administration 137

Navigating around the system

 To remove a file use the rm command, which is short for ReMove.

# ls -l
total 0
-rw-r--r-- 1 root system 0 Sep 4 14:43 filea
-rw-r--r-- 1 root system 0 Sep 4 14:43 fileb
-rw-r--r-- 1 root system 0 Sep 4 14:43 filec
-rw-r--r-- 1 root system 58 Sep 4 23:01 filee
#
# rm filea
# ls -l
total 0
-rw-r--r-- 1 root system 0 Sep 4 14:43 fileb
-rw-r--r-- 1 root system 0 Sep 4 14:43 filec

# rm fileb filec filee

# ls -l
total 0
#

AIX Basic System Administration 138

Navigating around the system
 Getting back to directories for a moment:

 Create a directory called: /tmp/testdir

# mkdir /tmp/testdir

 Now populate that directory with files:

# touch /tmp/testdir/file1
# touch /tmp/testdir/file2
# touch /tmp/testdir/file3
# ls -l /tmp/testdir
total 0
-rw-r--r-- 1 root system 0 Dec 02 08:44 file1
-rw-r--r-- 1 root system 0 Dec 02 08:44 file2
-rw-r--r-- 1 root system 0 Dec 02 08:44 file3
#

AIX Basic System Administration 139

Navigating around the system

 Now attempt to remove this directory:

# rmdir /tmp/testdir
rmdir: 0653-611 Directory /tmp/testdir is not empty.
#

You were not able to do so, because this directory is not empty. You have two
options, you can delete everything in this directory manually, or you could issue
the following command:

# rm -r /tmp/testdir
# ls -ld /tmp/testdir
ls: 0653-341 The file /tmp/testdir does not exist.
#

AIX Basic System Administration 140

 SMIT – System Management Interface Tool

AIX Basic System Administration 141

SMIT
 AIX has the most extensive unix systems management tool – smit
 SMIT
Systems Management Interface Tool

 Invoke using the command smit or smitty

 Logging under user home directory
– Root this is typically /smit.log
 Commands run are stored in user home directory
– Root this is typically /smit.script
Used for auditing, building scripts

 SMIT covers about ~95% of system administration tasks.

 SMIT executes commands under the covers to accomplish it’s tasks.
 Configuration entered via SMIT menus are persistent across
reboots.
 SMIT menus can be created, and tailored to any environment.

AIX Basic System Administration 142

SMIT
# smitty

AIX Basic System Administration 143

SMIT

AIX Basic System Administration 144

SMIT

AIX Basic System Administration 145

SMIT

 To move back a screen in smit press the <F3> key.

AIX Basic System Administration 146

SMIT

 Pressing <F10> will exit smit all together.

AIX Basic System Administration 147

SMIT
 Fast paths are a shortcut in SMIT, allowing you to jump down the
menu hierarchy right to the menu you desire.

# smitty users

AIX Basic System Administration 148

SMIT
 The fast path of a specific menu screen can be determined by
pressing the <F8> key while in that menu. Note, if it’s a text screen
session press ESC+#.

 Press <F10> to exit smit.

AIX Basic System Administration 149
SMIT
 You can use the smit <F6> key while in a menu, to determine which
command smit is calling under the convers.

# smitty shutdown

 <F10>
AIX Basic System Administration 150
SMIT
 You could use the SMIT <F9> key to exit out to an AIX command
shell prompt, temporarily, from within a SMIT menu.

# smitty

# smitty

Press <F9>

AIX Basic System Administration 151

SMIT

AIX Basic System Administration 152

SMIT

 Type in the command exit, to return to the SMIT menu session.

#
# exit

AIX Basic System Administration 153

SMIT

 You can press <F1> at any point while in SMIT to view the help of
that particular SMIT menu screen

 <F10>
AIX Basic System Administration 154
SMIT
 Go to the change user attribute smitty window via it’s fastpath. Hit
<F4>. This will generate a pick list. Smit provides this as a easy way
to select the object, in this case user name, you would like to edit.

# smitty chuser

AIX Basic System Administration 155

SMIT
 Smitty also has a search string function. When you want to search
for something in a smit screen use the / key, and then type in the
string you wish to search for in that smit menu.

AIX Basic System Administration 156

SMIT

 Hit <F10> to exit smitty.

AIX Basic System Administration 157

 SMIT
 SMIT also has a graphical version.

AIX Basic System Administration 158

SMIT
 In graphical SMIT, there is a graphic of a man, “rocky”, running
when a command is running:

AIX Basic System Administration 159

SMIT
 In graphical SMIT there is a graphic of a man, “rocky”, who falls flat
on his face when a command fails.

AIX Basic System Administration 160

SMIT
 In graphical SMIT there is a graphic of a man, “rocky”, who raises
his hand in triumph following a successful command execution

AIX Basic System Administration 161

SMIT

AIX Basic System Administration 162

 AIX User Management

AIX Basic System Administration 163

AIX User Management
 To create a user-id on AIX, either use the smit, System
Management Interface Tool, or the command mkuser, which is short
for MaKeUSER.

 Note, there is a limit of 8 alphanumeric characters for a user name.

 I prefer to use smit. It’s more productive than the command line. -

# smitty mkuser
USE YOUR FIRST NAME

AIX Basic System Administration 164

AIX User Management

 What is the mkuser doing ?

Modifying files:
/etc/passwd. /etc/group
Also /etc/security/passwd, group, users, limits

 These files can be edited

 If they get out of sync, check for consistency:
usrck
pwdck
grpck

AIX Basic System Administration 165

AIX User Management
 Users on the system are defined in the /etc/passwd file.
This file has the following format.

USER_NAME : LOGIN_SYMBOL : UID : GID :GECOS: HOME_DIRECTORY :

SHELL

The ! in the second field indicates that the password is in the shadow file.
The * in the second field indicates that the user can’t login.
# ls -l /etc/passwd
-rw-r--r-- 1 root security 484 Sep 5 21:38 /etc/passwd

# cat /etc/passwd
root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
lpd:!:9:4294967294::/:
lp:*:11:11::/var/spool/lp:/bin/false
snapp:*:200:12:snapp login user:/usr/sbin/snapp:/usr/sbin/snappd
nuucp:*:6:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico

AIX Basic System Administration 166

AIX User Management
 The shadow file, is where the encrypted password of all users are
kept. The /etc/passwd file is read by user-ids as they log into the
system, the ! next to their userid in that file, tells the login program to
check the shadow file, /etc/security/passwd, for the actual password
to authenticate you into the system. Older Unix systems used the
/etc/passwd file to store the encrypted password.

# ls -l /etc/security/passwd
-rw------- 1 root security 313 Sep 5 21:42 /etc/security/passwd

# cat /etc/security/passwd
root:
password = Fy0ubxgHHBrFM
lastupdate = 1252082327
flags =

daemon:
password = *

bin:
password = *

….

AIX Basic System Administration 167

AIX User Management
 The /etc/group file contains the user/group memberships of all users
defined to the system. Note the second field, ! , is not valid anymore.

# ls -l /etc/group
-rw-r--r-- 1 root security 327 Sep 5 21:37 /etc/group

# cat /etc/group
system:!:0:root,pconsole
staff:!:1:justin
bin:!:2:root,bin
sys:!:3:root,bin,sys
adm:!:4:bin,adm
uucp:!:5:uucp,nuucp
mail:!:6:
security:!:7:root
cron:!:8:root
printq:!:9:lp
audit:!:10:root
ecs:!:28:
nobody:!:4294967294:nobody,lpd
usr:!:100:guest
perf:!:20:
shutdown:!:21:
lp:!:11:root,lp
snapp:!:12:snapp
pconsole:!:13:pconsole

AIX Basic System Administration 168

AIX User Management
 After the user is created you will see it via the id command, or
listusers command.

# id justin
uid=202(justin) gid=1(staff)

# listusers
guest
justin
lp
nobody
pconsole
snapp snapp login user
#

After you create the user id, you as root will have to set that user id’s
login password

# passwd justin
Changing password for "justin"
justin's New password:
Re-enter justin's new password:
#

Note, there is a limit of 8 alphanumeric characters for a user’s

password.
AIX Basic System Administration 169
AIX User Management
 Now log off, by typing in exit, and then login again as user justin.
# exit

Connection Closed. (Putty closes).

Connect to the system again, and login as newly created user justin

AIX Version 6
Copyright IBM Corporation, 1982, 2007.
login: justin
justin's Password:
[compat]: You are required to change your password. Please choose a new one.

justin's New password:

Re-enter justin's new password:
***************************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
***************************************************************************************

AIX Basic System Administration 170

AIX User Management
 Notice, even though you as root set this user’s password. The
system still prompts the user to change this password upon initial
login. This is done for security reasons.

 Also, notice that the same message of the day is displayed to this
user when they login.

 After the user logs in notice the dollar-sign, $, shell prompt. This
shell prompt indicates that this user is a regular, non-root/admin
user.

 The id command will verify that you are now logged in as user justin.

$ id
uid=202(justin) gid=1(staff)
$

Also notice the default user group. The user is automatically put in the
staff user group when created. This is for all non-admin users.

AIX Basic System Administration 171

AIX User Management
 Notice this initial directory you are placed in when you first log into
the system. The default home directory for non-root users is
/home/user_name.

$ pwd
/home/justin
$

There is a special character which is used as a short cut for

someone’s home directory. A way to go to your home directory use
~USER
$ ls -ld ~
drwxr-xr-x 2 justin staff 256 Dec 02 10:35 /home/justin
$ ls -ld ~justin
drwxr-xr-x 2 justin staff 256 Dec 02 10:35 /home/justin
$ ls -ld ~guest
drwxr-xr-x 2 guest usr 256 Apr 15 2010 /home/guest
$ grep -i guest /etc/passwd
guest:!:100:100::/home/guest:
$

AIX Basic System Administration 172

AIX User Management
 Recommended home directory setup for environments. Justin Tip!!! Setup a sub
home directory up for each user group within your organization.

 DBAs’ home directories:

# ls -ld /home/dba
drwxr-xr-x 15 oracle dba 512 Jul 25 10:49 /home/dba

# ls -l /home/dba
total 13
drwxr-xr-x 2 chouer dba 512 Jan 10 2006 chouer
drwxr-xr-x 2 daifran dba 512 Jul 03 09:31 daifran
drwxr-xr-x 2 govindb dba 512 Jul 25 10:49 govindb
drwxr-xr-x 2 harishp dba 512 May 23 2005 harishp
drwxr-xr-x 2 heuveln dba 512 Jun 22 03:38 heuveln
drwxr-xr-x 2 jaschif dba 512 Jun 05 10:58 jaschif
drwxr-xr-x 2 lipaul dba 512 May 28 2005 lipaul
drwxr-xr-x 2 oracle dba 512 Jul 18 09:10 oracle
drwxr-xr-x 2 raghupm dba 512 Jun 25 15:53 raghupm
drwxr-xr-x 2 suhjos dba 512 Mar 28 2005 suhjos
drwxr-xr-x 2 witten dba 512 Apr 10 2006 witten
drwxr-xr-x 2 xiaodan dba 512 Dec 05 2005 xiaodan
drwxr-xr-x 2 zhengw dba 512 Sep 13 2005 zhengw

AIX Basic System Administration 173

AIX User Management
 The application administrator's home directories:

# ls -ld /home/appl
drwxrwxrwx 14 root appldev 512 Jul 31 11:27 /home/appl

# ls -l /home/appl
total 12
drwxr-xr-x 2 bastenp dstage 512 Jul 11 12:28 bastenp
drwxr-xr-x 2 flakew dstage 512 Jul 10 15:02 flakew
drwxr-xr-x 2 hendrik dstage 512 Jul 24 15:22 hendrik
drwxr-xr-x 4 kilcult dstage 512 Jul 18 11:43 kilkult
drwxr-xr-x 2 moserm dstage 512 Jul 10 15:14 moserm
drwxr-xr-x 2 mountj dstage 512 Jul 10 15:08 mountj
drwxr-xr-x 2 rathins dstage 512 Jul 10 15:05 rathens
drwxr-xr-x 3 rathins dstage 512 Jul 20 10:40 rathins
drwxr-xr-x 2 vanhoop dstage 512 Jul 30 08:02 vanhoop
drwxr-xr-x 2 werfad dstage 512 Jul 16 01:29 werfad
drwxr-xr-x 2 zagorob dstage 512 Jul 31 11:27 zagorob
drwxr-xr-x 2 zagorob dstage 512 Jul 31 11:25 zagorov

AIX Basic System Administration 174

AIX User Management

 Reset your own password to something different.

$ id
uid=206(justin) gid=1(staff)

$ passwd
Changing password for "justin"
justin's Old password:
justin's New password:
Re-enter justin's new password:
$

Now, log off of the system as user justin by typing in the exit
command, and then log into the system again as user root.

AIX Basic System Administration 175

AIX User Management

 Let’s say that user justin calls you, the admin, and confesses to you
that they have forgotten their login password, and you have to reset
it now for them. You do that with the passwd justin command as you
did before, but notice the difference between when you set the
password as the user him/herself, and when you set the password
as the root user. Notice that when you reset it as the user
themselves you will be prompted for the old password, and then the
new one. This is done for security reasons, but when you set
someone else’s password as the root user, you are not required to
provide the current password. Root has the power to override this
extra security check, and this will also prove useful when resetting a
forgotten password for someone.

AIX Basic System Administration 176

AIX User Management

 To determine who is currently logged into the system use the who
command

# who
root pts/0 Sep 5 21:25 (192.168.220.9)
#

AIX Basic System Administration 177

AIX User Management

 The last command can assist you in determining the login history of
a user into the system.

# last root
root pts/0 192.168.220.9 Sep 05 21:25 still logged in
root pts/0 192.168.220.9 Sep 05 17:10 - 19:11 (02:00)

AIX Basic System Administration 178

AIX User Management
 Let’s say you wanted to perform some sort of system maintenance,
and you didn’t want any users to login during this time. You can do
this with a file called /etc/nologin. Any string you put in that file will
be displayed to users attempting to log into the system.

# echo "THE SYSTEM IS CURRENTLY UNAVAILABLE. CHECK BACK LATER." > /etc/nologin
# ls -l /etc/nologin
-rw-r--r-- 1 root system 55 Sep 5 22:42 /etc/nologin

# cat /etc/nologin
THE SYSTEM IS CURRENTLY UNAVAILABLE. CHECK BACK LATER.
#

Now, log out with exit, and attempt to login as user: justin:

AIX Version 6
Copyright IBM Corporation, 1982, 2007.
login: justin
justin's Password:
THE SYSTEM IS CURRENTLY UNAVAILABLE. CHECK BACK LATER.

login:

Note: The echo command is discussed in more depth in a Unix

programming/shell scripting course.
AIX Basic System Administration 179
AIX User Management
 Note, the root user can bypass this restriction and logon. Also, user’s currently
logged on, when you create this file will not be affected. Test that root can
override this. Login again as root and it will succeed, regardless of this
/etc/nologin file being present:

AIX Version 6
Copyright IBM Corporation, 1982, 2010.
login: root
root's Password:
*******************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
Last unsuccessful login: Wed Dec 1 00:59:52 CST 2010 on /dev/pts/1 from gvicaix01
Last login: Thu Dec 2 08:39:45 CST 2010 on /dev/pts/0 from 192.168.250.8

AIX Basic System Administration 180

AIX User Management
 When you remove this file, then users will be able to log into the system once
again.

# ls -l /etc/nologin
-rw-r--r-- 1 root system 55 Sep 5 22:42 /etc/nologin

# rm /etc/nologin
# ls -l /etc/nologin
/etc/nologin not found
#

Non-root logins are now re-enabled once again. Please note that rebooting the
system will automatically remove this file from the system as well.

AIX Basic System Administration 181

AIX User Management
 Log out, with the exit command, and then log back into the system as the justin
user, to verify that non-root user logins are now re-enabled.

# exit
Connection closed

AIX Version 6
Copyright IBM Corporation, 1982, 2010.
login: justin
justin's Password:
*******************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
1 unsuccessful login attempt since last login.
Last unsuccessful login: Thu Dec 2 10:21:24 CST 2010 on /dev/pts/1 from 192.168.250.8
Last login: Thu Dec 2 10:14:16 CST 2010 on /dev/pts/1 from loopback

AIX Basic System Administration 182

AIX User Management
 Logout with, exit and log back into the system again as root:

$ exit
Connection closed

AIX Version 6
Copyright IBM Corporation, 1982, 2010.
login: root
justin's Password:
*******************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
1 unsuccessful login attempt since last login.
Last unsuccessful login: Thu Dec 2 10:21:24 CST 2010 on /dev/pts/1 from
192.168.250.8
Last login: Thu Dec 2 10:14:16 CST 2010 on /dev/pts/1 from loopback

AIX Basic System Administration 183

AIX User Management
 The default message of the day, MOTD, which is displayed when
you log into the system can be changed. It’s changed by editing the
file /etc/motd.

# cat /etc/motd

***************************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
***************************************************************************************
#

# echo “Welcome to my AIX system” > /etc/motd

# echo “” >> /etc/motd
# banner production >> /etc/motd
# echo “” >> /etc/motd

AIX Basic System Administration 184

AIX User Management

# cat /etc/motd
Welcome to my AIX system

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

AIX Basic System Administration 185

AIX User Management
 Log off by typing in exit, and then login as root again.

AIX Version 6
Copyright IBM Corporation, 1982, 2010.
login: root
root's Password:
Welcome to my AIX system

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

Last unsuccessful login: Fri Nov 26 19:48:33 CST 2010 on /dev/pts/0 from 192.168.220.54
Last login: Sat Nov 27 17:44:28 CST 2010 on /dev/pts/0 from 192.168.240.117

AIX Basic System Administration 186

AIX User Management
 Let’s say you as as a user, didn’t care to see the message of the
day, MOTD, displayed to you every time you logged into the system.
Well you can disable it. You disable it with a special file called
.hushlogin. You place this file in the home directory of the user you
wish to disable this for.

 Log off of the system with exit, and log in as user justin again.

AIX Basic System Administration 187

AIX User Management
 While in the home directory of that user, /home/justin, touch a file
called .hushlogin.

$ pwd
/home/justin

$ ls -l .hushlogin
.hushlogin not found

$ touch .hushlogin
$ ls -l .hushlogin
-rw-r--r-- 1 justin staff 0 Sep 5 22:58 .hushlogin
$

Now, that the file is created, log out, and then log back into the system
as that user, justin, again.

AIX Basic System Administration 188

AIX User Management
 Type exit, and then re-connect to the system again. Note, no MOTD
is displayed upon login.

AIX Version 6
Copyright IBM Corporation, 1982, 2007.
login: justin
justin's Password:

$ id
uid=202(justin) gid=1(staff)

$ pwd
/home/justin
$

AIX Basic System Administration 189

AIX User Management
 Exit and login as root again. Look at the message displayed prior to logging into the
system.The First line starting with AIX, and the third one ending in login: is known
as the herald message. It is the pre-login message displayed to the users when
they go to log into the system, the MOTD discussed earlier is the post login
message.

AIX Version 6
Copyright IBM Corporation, 1982, 2007.
login: root
Password:

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

Last unsuccessful login: Fri Nov 26 22:52:19 CST 2010 on /dev/pts/0 from 192.168.220.54
Last login: Sat Nov 27 16:19:57 CST 2010 on /dev/pts/1 from localhost

AIX Basic System Administration 190

AIX User Management

 There is a file called /etc/security/login.cfg which controls the global login, not
user attributes of the system. To change the herald message you would change
the parameter in this file.

# cd /etc/security
# pwd
/etc/security

# ls -l login.cfg
-rw-r----- 1 root security 5548 Nov 27 16:20 login.cfg

# chsec -f /etc/security/login.cfg -s default -a herald="Welcome to Company ABC's AIX computer system\nPlease

enter your login name: “

# lssec -f /etc/security/login.cfg -s default -a herald

default herald="Welcome to Company ABC's AIX computer system\nPlease enter your login name: "
#

AIX Basic System Administration 191

AIX User Management

 Close your putty session, logging out of the system, and then log back into
the system as root:

Welcome to Company ABC's AIX computer system

Please enter your login name: root
root's Password:

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

Last unsuccessful login: Fri Nov 26 22:52:19 CST 2010 on /dev/pts/0 from 192.168.220.54
Last login: Sat Nov 27 16:19:57 CST 2010 on /dev/pts/1 from localhost

AIX Basic System Administration 192

AIX User Management
 Now open a console/virtual terminal session to your system via the IVM. Notice
the login herald/pre-login message displayed – The old/default one.

AIX Basic System Administration 193

AIX User Management
 What did you notice? The default/old herald message is still being displayed
when you log into the system this way. Also notice how it says Console Login, as
oppose to just Login as with the other default/old herald message. This tells us
that there are two different heralds, so two different settings, a console/virtual
terminal via IVM, and a non-console/telnet herald message. To change the
console login herald message:

# cd /etc/security
# pwd
/etc/security

# ls –l login.cfg
-rw-r----- 1 root security 5637 Nov 27 16:36 login.cfg

# chsec -f /etc/security/login.cfg -s /dev/console -a herald="Welcome to Company ABC's AIX computer

system\nPlease enter your console login name:"
#

Restart your virtual console window from the IVM.

AIX Basic System Administration 194

AIX User Management

AIX Basic System Administration 195

AIX User Management
 If you close your putty session and then open it again, you will see that your
other non-console herald message is still present.

Welcome to Company ABC's AIX computer system

Please enter your login name: root  No console string displayed
root's Password:

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

1 unsuccessful login attempt since last login.

Last unsuccessful login: Sat Nov 27 16:55:55 CST 2010 on /dev/pts/2 from 192.168.220.54
Last login: Sat Nov 27 16:36:39 CST 2010 on /dev/pts/1 from 192.168.220.54

AIX Basic System Administration 196

AIX User Management
 Notice back in the herald message login and password prompts:

Welcome to Company ABC's AIX computer system

Please enter your login name: root
root's Password:

Notice how they both display the user’s name. You can disable this in AIX, to
tighten the security more of your system.

AIX Basic System Administration 197

AIX User Management
# cd /etc/security
# pwd
/etc/security

# ls -l login.cfg
-rw-r----- 1 root security 5558 Nov 27 18:25 login.cfg

# chsec -f /etc/security/login.cfg -s default -a usernameecho=false

#

Close your putty session and then login again. Notice how the username is not
echoed.
Welcome to Company ABC's AIX computer system
Please enter your login name:  User name is not displayed when typed.
****'s Password:  User name in password prompt is hidden.
Welcome to my AIX system

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

Last unsuccessful login: Sat Nov 27 16:55:55 CST 2010 on /dev/pts/2 from 192.168.220.54
Last login: Sat Nov 27 18:29:17 CST 2010 on /dev/pts/7 from 192.168.220.54

AIX Basic System Administration 198

AIX User Management
You can change the password prompt totally as well.
# cd /etc/security
# pwd
/etc/security

# ls -l login.cfg
-rw-r----- 1 root security 5548 Nov 27 17:44 login.cfg

# chsec -f /etc/security/login.cfg -s default -a pwdprompt="Please enter your user's login password: “

Logout, and then log back into the system again with putty as root:

Welcome to Company ABC's AIX computer system

Please enter your login name:
Please enter your user's login password:
Welcome to my AIX system

##### ##### #### ##### # # #### ##### # #### # #

# # # # # # # # # # # # # # # # ## #
# # # # # # # # # # # # # # # # # #
##### ##### # # # # # # # # # # # # # #
# # # # # # # # # # # # # # # # ##
# # # #### ##### #### #### # # #### # #

AIX Basic System Administration 199

AIX User Management

 To change the default GECOs, user’s real life information, use the
following command:

# finger justin
Login name: justin
Directory: /home/justin Shell: /usr/bin/ksh
No Plan.

# passwd -f justin
justin's current gecos:
""
Change (yes) or (no)? > yes
To?>Justin Richard Bleistein

# finger justin
Login name: justin In real life: Justin Richard Bleistein
Directory: /home/justin Shell: /usr/bin/ksh
No Plan.

# grep -i justin /etc/passwd

justin:*:202:1:Justin Richard Bleistein:/home/justin:/usr/bin/ksh
#

AIX Basic System Administration 200

AIX User Management
 As you may have noticed in the past motd discussion, the .hushlogin
file has a period in front of it. That’s because this is a special file.
Files with a period in front of them are not displayed with the ls
command unless the –a argument is used with it, or the file is
referenced directly. This is for regular non-root users.

$ id
uid=202(justin) gid=1(staff)
$ pwd
/home/justin
$ ls
$ ls -l
total 0
$ touch .classified
$ ls
$ ls -l
total 0
$ ls -a
. .. .classified .profile .sh_history
$ ls -la
total 16
drwxr-xr-x 2 justin staff 256 Sep 5 23:10 .
drwxr-xr-x 5 bin bin 256 Sep 5 21:37 ..
-rw-r--r-- 1 justin staff 0 Sep 5 23:10 .classified
-rwxr----- 1 justin staff 254 Sep 5 21:37 .profile
-rw------- 1 justin staff 582 Sep 5 23:10 .sh_history
$

AIX Basic System Administration 201

AIX User Management

 You may also have noticed, that there are already two files in your
home directory with periods in front of them. These are special files
as well. They are put there automatically by the system, when the
user was created.

- .profile = This is a special file for the Korn shell. This is called an
initialization file for the shell. Any code in this file will be executed
automatically when you log into the system, starting this shell.

- .sh_history = This file will keep a history of all of your command

history while using this shell. This file is only valid, for your shell
login session.

AIX Basic System Administration 202

AIX User Management
 The file /etc/security/user. This file contains the default user
attributes for new users, as well as individual user attributes.

# ls -l /etc/security/user
-rw-r----- 1 root security 10551 Sep 6 00:51 /etc/security/user
#
…

default:
admin = false
login = true
su = true
daemon = true
rlogin = true
sugroups = ALL
admgroups =
ttys = ALL
auth1 = SYSTEM
auth2 = NONE
tpath = nosak
umask = 022
expires = 0
SYSTEM = "compat"
logintimes =
pwdwarntime = 0
account_locked = false
loginretries = 0
….
.
AIX Basic System Administration 203
AIX User Management
…

snapp:
admin = false
rlogin = false
su = false
SYSTEM = "NONE"
login = true
ttys = /dev/tty0
registry = files
dce_export = false

nuucp:
admin = false

pconsole:
admin = true
login = false
rcmds = deny
su = false

justin:
admin = false

AIX Basic System Administration 204

AIX User Management
 Let’s say you wanted to lock a user account. Well you could either
go through smit, or user the following command.

# chuser account_locked=true justin

#

Now look at the justin stanza in the /etc/security/user file.

…

justin:
admin = false
account_locked = true

Open another connection, and attempt to login as user justin.

AIX Version 5
Copyright IBM Corporation, 1982, 2007.
login: justin
justin's Password:
Your account has been locked; please see the system administrator.

login:

AIX Basic System Administration 205

AIX User Management

 Now log back in as root unlock the user account with the chuser
command.

# chuser account_locked=false justin

Look at the justin stanza in that file once again.

…

justin:
admin = false
account_locked = false

User account should be unlocked now.

AIX Basic System Administration 206

AIX User Management
 To delete a user from the system use the rmuser –p username
command.

# id justin
uid=202(justin) gid=1(staff)

# rmuser -p justin
# id justin
User not found in /etc/passwd file
#

Refer back to slide # 164, and re-create this user.

AIX Basic System Administration 207

AIX User Management
 To create a group, use the command mkgroup.

# lsgroup dba
Group "dba" does not exist.

# mkgroup dba
#
# tail -1 /etc/group
dba:!:202:

# lsgroup dba
dba id=202 admin=false users= registry=files
#

Note, A group name has a limit of 8 alphanumeric characters in Unix.

AIX Basic System Administration 208

AIX User Management
 To delete the group from the system, use the rmgroup command.

# lsgroup dba
dba id=202 admin=false users= registry=files

# rmgroup dba
# lsgroup dba
Group "dba" does not exist.

# tail -1 /etc/group
ipsec:!:200:
#

Go back to the previous slide # 208, and re-create the user group.

AIX Basic System Administration 209

AIX User Management
 Put user justin into the group, with the chuser command.

# id justin
uid=203(justin) gid=1(staff)

# chuser pgrp=dba justin

# id justin
uid=204(justin) gid=202(dba) groups=1(staff)

# tail -1 /etc/passwd
justin:*:204:202::/home/justin:/usr/bin/ksh
#

If you noticed, there are two group settings for a user in AIX. Primary
groups, and group set. When you create a file it is owned by the
user who created the file, and is put in the primary group of that
user. You could temporarily switch to any one of the secondary
groups listed in the group set if you needed to. More on this in the
security section.

AIX Basic System Administration 210

AIX User Management
 It may be necessary at times to send what’s called a broadcast
message out to all users currently logged onto the system. You do
that by logging in as root, and using the wall command.

# wall System needs to come down soon for emergency maintenance

Broadcast message from root@gvicaix14 (pts/1) at 01:26:15 ...

System needs to come down soon for emergency maintenance

Log off the system with exit, and login again as user justin.

AIX Basic System Administration 211

AIX User Management
 There will be times when you will have to switch between different
users on the system. For instance, you are currently logged in as
user justin, and you want to switch to being user root, without
completely logging out of the system. You can use the su command
for this. This command stands for Switch User.

$ id
uid=202(justin) gid=202(dba)

$ su root
root's Password:

# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
#

If you type in the whoami command, with no spaces, it will display the
user you su’d to, currently logged in as. If you type in the who am i
command with spaces, it will display the user you su’d from.
# whoami
root
# who am i
justin pts/0 Sep 7 22:09 (192.168.220.9)
#

AIX Basic System Administration 212

AIX User Management
 Note, if you type in su, without a user name as an argument the meaning of the
command changes from Switch User, to Super User, and by default will switch you
to root, if of course, you know the password.

 Type in exit, to get back to user justin, and this time type in su without a username
argument:

# exit

$ id
uid=203(justin) gid=1(staff)

$ su
root's Password:

# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
#

Type in exit to get back to user justin:

# exit

AIX Basic System Administration 213

AIX User Management
 Notice when a normal, non-root, user su’s to another user, not just root, that
user is required to supply the target user’s password to su to that target user.
$ id
uid=206(justin) gid=202(dba)

$ su root
root's Password:
#

Now su from root to the user justin. Notice how you are not prompted for
justin’s password. This is because you are root.

# su justin
$ id
uid=206(justin) gid=202(dba)
$

Close the putty application, and then log into the system again, as user root.

AIX Basic System Administration 214

AIX User Management
 You can also su to a user with a -, hyphen. This means that the user should pick
up the entire environment: variables, etc, of the target user.

 Let’s say we appended the following to justin’s .profile file:

# vi ~justin/.profile
…

PATH=/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:.

export PATH

if [ -s "$MAIL" ] # This is at Shell startup. In normal

then echo "$MAILMSG" # operation, the Shell checks
fi # periodically.

HEY=YOU
echo "HELLO WELCOME TO USER JUSTIN. YOU SU'D WITH THE - ARGUMENT"
#

AIX Basic System Administration 215

AIX User Managment
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)

# su justin
$ id
uid=203(justin) gid=1(staff)

$ echo $HEY

$ exit
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)

# su - justin
HELLO WELCOME TO USER JUSTIN. YOU SU'D WITH THE – ARGUMENT

$ id
uid=203(justin) gid=1(staff)

$ echo $HEY
YOU

$ exit
#

AIX Basic System Administration 216

AIX User Management
 There is an audit log of su attempts, failures, and successes which
are logged in the file /var/adm/sulog.

 In this file the character + indicates the su was successful.

 In this file the character – indicates the su was unsucessful.

 Log out of the system, and then log back in as user justin. Then fail
at an attempt to su to root, and then succeed.

$ id
uid=202(justin) gid=202(dba)
$ su -
root's Password:
Cannot su to "root" : Authentication is denied.
$ su -
root's Password:
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
#

AIX Basic System Administration 217

AIX User Management

# cd /var/adm
# pwd
/var/adm

# ls -l sulog
-rw------- 1 root system 420 Sep 11 10:33 sulog

# tail -2 sulog
SU 09/11 10:33 - pts/1 justin-root
SU 09/11 10:33 + pts/1 justin-root
#

AIX Basic System Administration 218

AIX User Management
 The .plan file which you can put in the user’s home directory,
/home/user_name/, by default, presents an overall objective to the user’s
existence on that system.

# finger justin
Login name: justin In real life: Justin Richard Bleistein
Directory: /home/justin Shell: /usr/bin/ksh
No Plan.
# su - justin
$ id
uid=202(justin) gid=1(dba)
$ pwd
/home/justin
$ echo "Participating in the development of the software's memory structure" > .plan
$ ls -l .plan
-rw-r--r-- 1 justin dba 68 Nov 27 16:02 .plan
$ cat .plan
Participating in the development of the software's memory structure
$ exit
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
# finger justin
Login name: justin In real life: Justin Richard Bleistein
Directory: /home/justin Shell: /usr/bin/ksh
Plan:

Participating in the development of the software's memory structure

AIX Basic System Administration 219

AIX User Management
 The /home/user/.project file displays the name of a project that the user might
be involved in, requiring them to be defined on this system:

# finger justin
Login name: justin In real life: Justin Richard Bleistein
Directory: /home/justin Shell: /usr/bin/ksh
Plan:

Participating in the development of the software's memory structure

# su - justin
$ id
uid=202(justin) gid=1(dba)
$ pwd
/home/justin
$ echo "Software Development phase # 1" > .project
$ ls -l .project
-rw-r--r-- 1 justin dba 31 Nov 27 16:05 .project
$ cat .project
Software Development phase # 1
$ exit
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
# finger justin
Login name: justin In real life: Justin Richard Bleistein
Directory: /home/justin Shell: /usr/bin/ksh
Project:
Software Development phase # 1
Plan:

Participating in the development of the software's memory structure

AIX Basic System Administration 220

AIX User Management
 There will be times when you wish to lock out a user account in AIX. You can do
this with smitty. I know we did this before, this is just to get you used to smit. As
root.

# smitty users

AIX Basic System Administration 221

AIX User Management

 Select the user whose account you wish to lock out:

AIX Basic System Administration 222

AIX User Management
 Change to true, with the <TAB> key:

AIX Basic System Administration 223

AIX User Management

 <F10>

AIX Basic System Administration 224

AIX User Management
If you check the /usr/security/user file, you will see that justin’s account_locked
parameter has changed to true:
# tail -10 /etc/security/user
umask = 22
default_roles = SysConfig
registry = files

justin:
admin = false
account_locked = true

# usrck -n justin
3001-662 User justin is locked

However root can override this because root can still su to this account just fine:

# su - justin
$ id
uid=203(justin) gid=1(dba)
$

Log out and then attempt to login as user justin:

$ exit
# exit

AIX Basic System Administration 225

AIX User Management
AIX Version 6
Copyright IBM Corporation, 1982, 2010.
login: justin
justin's Password:
3004-301 Your account has been locked; please see the system administrator.

To unlock the account, go ahead and log back into the system as root again. This time let’s change this user’s attribute via
the command line rather than with smit.

# chuser account_locked=false justin

# tail /etc/security/user
umask = 22
default_roles = SysConfig
registry = files

justin:
admin = false
account_locked = false
#

# usrck –n justin
#

Now exit, and attempt to login as user justin again. This time you will succeed.

AIX Basic System Administration 226

AIX User Management

 The default user’s Unix shell in AIX, is Korn. To change that you use the passwd
command. To determine which shell your user is currently set to, display the value
of the system variable $SHELL.

$ id
uid=202(justin) gid=1(dba

$ echo $SHELL
/usr/bin/ksh
$

To change the login shell, log out, and then log back in as the root user.
Once in as root, check the password file to see what shell user justin currently has
set as his default.

# grep -i justin /etc/passwd

justin:!:203:1::/home/justin:/usr/bin/ksh
#

AIX Basic System Administration 227

AIX User Management
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
# passwd -s justin
Current available shells:
/bin/sh
/bin/bsh
/bin/csh
/bin/ksh
/bin/tsh
/bin/ksh93
/usr/bin/sh
/usr/bin/bsh
/usr/bin/csh
/usr/bin/ksh
/usr/bin/tsh
/usr/bin/ksh93
/usr/bin/rksh
/usr/bin/rksh93
/usr/sbin/uucp/uucico
/usr/sbin/sliplogin
/usr/sbin/snappd
justin's current login shell:
/usr/bin/ksh
Change (yes) or (no)? > yes
To?>/bin/bsh

AIX Basic System Administration 228

AIX User Management
# grep -i justin /etc/passwd
justin:!:203:1::/home/justin:/usr/bin/bsh
#

Log out, and then log back into the system again as user: justin. You will see how
the default shell of this user has changed from Korn, to Bourne:

$ id
uid=203(justin) gid=1(staff)

$ echo $SHELL
/usr/bin/bsh
$

There is also a chsh command, which will accomplish the same thing.

AIX Basic System Administration 229

AIX User Management
 Unix has two built-in schedulers. These schedulers allow you to
setup programs to run at any date, or time in the future unattended.
The two schedulers are Cron, and At.

 The Cron scheduler is the most widely used.

 The Cron scheduler is implemented by way of a cron table.

 A Cron table is a file which holds the job/Cron configuration data.

By configuration data, I mean the date, and time the schedule/job will
run unattended on the system.

 Every user who is authorized to use the cron scheduler, will have
their own cron table file.

AIX Basic System Administration 230

AIX User Management
User’s crontabs are kept in the file /var/spool/cron/crontabs/

The root user has a crontab setup by default. You can see what’s
scheduled to run via the cron scheduler, by using the command
crontab –l, while logged
# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
#

# crontab –l
….

#0 3 * * * /usr/sbin/skulker
#45 2 * * 0 /usr/lib/spell/compress
#45 23 * * * ulimit 5000; /usr/lib/smdemon.cleanu > /dev/null
0 11 * * * /usr/bin/errclear -d S,O 30
0 12 * * * /usr/bin/errclear -d H 90
0 15 * * * /usr/lib/ras/dumpcheck >/dev/null 2>&1
# SSA warning : Deleting the next two lines may cause errors in redundant
#SSA warning : hardware to go undetected.
01 5 * * * /usr/lpp/diagnostics/bin/run_ssa_ela 1>/dev/null 2>/dev/null
0 * * * * /usr/lpp/diagnostics/bin/run_ssa_healthcheck 1>/dev/null 2>/dev/null
# SSA warning : Deleting the next line may allow enclosure hardware errors to go undetected

AIX Basic System Administration 231

AIX User Management

 The following is an example of a crontab entry

0 2 3 2 0 /home/bob/program1

There are six fields in a crontab configuration. They are as follows, from left to
right.

1 – The minute of the hour the job will run – (0-59)

2 – The hour of the day the job will run – (0-23)
3 – The day of the month the job will run – (1-31)
4 – The month of the year the job will run – (1-12)
5 – The day of the week the job will run – (0-6) 0 = Sunday.
6 – Command/program to run.

In our example at the top of the page a program called program1 which resides
in the directory /home/bob, will run at 2am, on February 3rd, on Sunday.
You can also use an asterick, *, in a specific field to denote, run every
whatever.

The pound sign, #, will disable that job/program from running via cron.

AIX Basic System Administration 232

AIX User Management

 Setting the EDITOR system variable to a specific editor will tell the
crontab editor which editor to use to edit the crontab.

# ls -l /usr/bin/vi
-r-xr-xr-x 5 bin bin 302706 Sep 7 22:41 /usr/bin/vi

# export EDITOR=/usr/bin/vi
# echo $EDITOR
/usr/bin/vi

# date
Fri Sep 11 10:40:18 EDT 2009
#

# crontab –e
…

45 10 * * * /usr/bin/sleep 60 &

# ps -ef | grep -i sleep

root 372746 340172 0 10:41:23 pts/0 0:00 grep -i sleep
#

AIX Basic System Administration 233

AIX User Management
You can view the status of a past cron job by viewing the /var/adm/cron/log file.

# ps -ef | grep -i sleep

root 372754 1 0 10:45:00 - 0:00 /usr/bin/sleep 60

# cd /var/adm/cron
# pwd
/var/adm/cron

# ls -l log
-rw-rw-r-- 1 bin bin 32059 Sep 11 11:00 log

# tail log
root : CMD ( /usr/lpp/diagnostics/bin/run_ssa_healthcheck 1>/dev/null 2>/de
v/null ) : PID ( 372876 ) : Fri Sep 11 10:00:00 2009
Cron Job with pid: 372876 Successful
root : CMD ( /usr/lpp/diagnostics/bin/run_ssa_encl_healthcheck 1>/dev/null
2>/dev/null ) : PID ( 372940 ) : Fri Sep 11 10:30:00 2009
Cron Job with pid: 372940 Successful
root : CMD ( /usr/bin/sleep 1000 & ) : PID ( 393470 ) : Fri Sep 11 10:45:00 2009
Cron Job with pid: 393470 Successful

AIX Basic System Administration 234

AIX User Management
 You can also use the at scheduler to run programs unattended in
Unix/AIX. The advantage of using the at scheduler over cron,
especially for on-time jobs, is that you do not have to clean up the
job from any tab file, when it’s completed.

# date
Fri Sep 11 11:09:59 EDT 2009

# at 11:11 today
sleep 60
job root.1252681860.a at Fri Sep 11 11:11:00 2009

# at -l
root.1252681860.a Fri Sep 11 11:11:00 2009
#

# ps -ef | grep -i sleep

root 393284 372838 0 11:11:00 - 0:00 sleep 60

# at -l
#

AIX Basic System Administration 235

AIX User Management
 At jobs status’ are also logged to the /var/adm/cron/log file.

# tail /var/adm/cron/log
root : CMD ( /usr/lpp/diagnostics/bin/run_ssa_encl_healthcheck 1>/dev/null
2>/dev/null ) : PID ( 372940 ) : Fri Sep 11 10:30:00 2009
Cron Job with pid: 372940 Successful
root : CMD ( /usr/bin/sleep 1000 & ) : PID ( 393470 ) : Fri Sep 11 10:45:00
2009
Cron Job with pid: 393470 Successful
root : CMD ( /usr/bin/errclear -d S,O 30 ) : PID ( 393258 ) : Fri Sep 11 11
:00:00 2009
root : CMD ( /usr/lpp/diagnostics/bin/run_ssa_healthcheck 1>/dev/null 2>/de
v/null ) : PID ( 405614 ) : Fri Sep 11 11:00:00 2009
Cron Job with pid: 405614 Successful
Cron Job with pid: 393258 Successful
root : CMD ( root.1252681860.a ) : PID ( 372838 ) : Fri Sep 11 11:11:00 2009
Cron Job with pid: 372838 Successful
#

AIX Basic System Administration 236

AIX User Management
 The cron, and at schedulers also have a basic security mechanism.

- The file /var/adm/cron/cron.deny is used to list users who are not

authorized to use cron.

- The file /var/adm/cron/cron.allow is used to list users who are

authorized to use cron.

- The file /var/adm/cron/at.deny is used to list users who are not

authorized to use at.

- The file /var/adm/cron/at.allow is used to list users who are

authorized to use at.

AIX Basic System Administration 237

AIX User Management
 User information is usually kept local on the AIX system they are
logging onto, including their passwords. You can use a feature
which comes with AIX called NIS, Network Information Services, or
Yellow Pages. This is a standard which allows you to have a central
place to look up users, passwords, and other information. This is a
nice alternative to managing this information individually for each
system.

 Sudo is an Open Source tool you can install, which will allow a
regular user to gain root privilege with the regular user’s password.

 AIX also has roles, RBAC, which can be used to easily to distribute
system privileges, and tasks to different users.

AIX Basic System Administration 238

 AIX System Startup and Shutdown

AIX Basic System Administration 239

AIX System Startup and Shutdown
 Shutting down an AIX system has to be done in a controlled, graceful matter.
Forget about a companies’ change management policies, you have to
ensure the applications, databases which run on the system come down
gracefully, not to mention the operating system itself.

# shutdown

SHUTDOWN PROGRAM
Tue Apr 17 09:20:46 CDT 2007

Broadcast message from root@h1 (tty) at 09:20:46 ...

shutdown: PLEASE LOG OFF NOW !!!

All processes will be killed in 1 minute.

Broadcast message from root@h1 (pts/0) at 09:21:46 ...

shutdown: THE SYSTEM IS BEING SHUT DOWN NOW

Wait for 'Halt completed...' before stopping.

Error reporting has stopped.
Advanced Accounting has stopped...
Process accounting has stopped.
nfs_clean: Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.

AIX Basic System Administration 240

AIX System Startup and Shutdown

 After the system shuts down, restart it via the IVM.

See instructor

AIX Basic System Administration 241

AIX System Startup and Shutdown
 You can also tell the system to reboot, after the graceful shutdown.

# shutdown -Fr

SHUTDOWN PROGRAM
Tue Apr 17 09:32:25 CDT 2007

Wait for 'Rebooting...' before stopping.

Error reporting has stopped.
Advanced Accounting has stopped...
Process accounting has stopped.
nfs_clean: Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-004 The Subsystem or Group, gssd, is currently inoperative.
0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.
0513-004 The Subsystem or Group, rpc.mountd, is currently inoperative.
0513-004 The Subsystem or Group, ypbind, is currently inoperative.
Connection closed.

AIX Basic System Administration 242

AIX System Startup and Shutdown
Sometimes it maybe useful to fake shutdown the system. For example,
to get users off of the system for application maintenance, etc..

# shutdown -k

SHUTDOWN PROGRAM
Tue Apr 17 09:39:16 CDT 2007

Broadcast message from root@h1 (tty) at 09:39:16 ...

shutdown: PLEASE LOG OFF NOW !!!

All processes will be killed in 1 minute.

Broadcast message from root@h1 (pts/0) at 09:40:16 ...

shutdown: THE SYSTEM IS BEING SHUT DOWN NOW

shutdown -k is finished.
The system is still up.
#

AIX Basic System Administration 243

AIX System Startup and Shutdown
 There is a special file/script you can create called /ec/rc.shutdown.
Any code/commands contained within it will be automatically called,
and executed by the shutdown command. This is useful for when
you need to bring down applications, or databases gracefully, etc..

# ls -l /etc/rc.shutdown
ls: 0653-341 The file /etc/rc.shutdown does not exist.
# vi /etc/rc.shutdown

..

# cat /etc/rc.shutdown
#System shutdown script written by AIX system admins.
#This script will be automatically executed by AIX upon system shutdown
#via the shutdown AIX command.
#
#
echo "TEST... THE SHUTDOWN COMMAND HAS BEEN INVOKED ON THIS SYSTEM."
#
#
#End of script

# chmod u+x /etc/rc.shutdown

Note: The “echo” command is used in Unix shell

scripting/programming. We don’t cover that topic in this course.
AIX Basic System Administration 244
AIX System Startup and Shutdown
 The script is executed, when the shutdown command is ran.

# shutdown -Fr

SHUTDOWN PROGRAM
Tue Apr 17 08:35:55 CDT 2007
TEST... THE SHUTDOWN COMMAND HAS BEEN INVOKED ON THIS SYSTEM.

Wait for 'Rebooting...' before stopping.

Error reporting has stopped.
Advanced Accounting has stopped...
Process accounting has stopped.
nfs_clean: Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-004 The Subsystem or Group, gssd, is currently inoperative.
0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.
0513-004 The Subsystem or Group, rpc.mountd, is currently inoperative.
0513-004 The Subsystem or Group, ypbind, is currently inoperative.
Connection closed.

Note: The halt command can also shutdown a system, and the reboot
command can also restart the system.
AIX Basic System Administration 245
AIX System Startup and Shutdown
 The file /etc/inittab, which stands for INITialization TABle, contains
programs to execute automatically on system reboot.

# lsitab -a
init:2:initdefault:
brc::sysinit:/sbin/rc.boot 3 >/dev/console 2>&1 # Phase 3 of system boot
powerfail::powerfail:/etc/rc.powerfail 2>&1 | alog -tboot > /dev/console # Power Failure Detection
load64bit:2:wait:/etc/methods/cfg64 >/dev/console 2>&1 # Enable 64-bit execs
tunables:23456789:wait:/usr/sbin/tunrestore -R > /dev/console 2>&1 # Set tunables
rc:23456789:wait:/etc/rc 2>&1 | alog -tboot > /dev/console # Multi-User checks
fbcheck:23456789:wait:/usr/sbin/fbcheck 2>&1 | alog -tboot > /dev/console # run/etc/firstboot
srcmstr:23456789:respawn:/usr/sbin/srcmstr # System Resource Controller
rctcpip:23456789:wait:/etc/rc.tcpip > /dev/console 2>&1 # Start TCP/IP daemons
nimsh:2:wait:/usr/bin/startsrc -g nimclient -a "-c" >/dev/console 2>&1
sniinst:2:wait:/var/adm/sni/sniprei > /dev/console 2>&1
rcnfs:23456789:wait:/etc/rc.nfs > /dev/console 2>&1 # Start NFS Daemons
cron:23456789:respawn:/usr/sbin/cron
nimclient:2:once:/usr/sbin/nimclient -S running > /dev/console 2>&1 # inform nim we're running
cons:0123456789:respawn:/usr/sbin/getty /dev/console
shdaemon:2:off:/usr/sbin/shdaemon >/dev/console 2>&1 # High availability daemon

AIX Basic System Administration 246

AIX System Startup and Shutdown

 The fields of the inittab file are:

Identifier: Run_Level: Action: Command

Identifier = The string the line is known as.

Run_Level = The run-level to start this program at – Default is 2.
Action = The action to perform with this program/script.
Command = The program/script to start at system reboot.

AIX Basic System Administration 247

AIX System Startup and Shutdown
# mkitab "sleep:2:once:/usr/bin/sleep 10000 2>&1“
#

# lsitab sleep
sleep:2:once:/usr/bin/sleep 10000 2>&1
#

Now, reboot the system.

# shutdown -Fr

SHUTDOWN PROGRAM
Sat Sep 5 17:07:48 EDT 2009
Wait for 'Rebooting...' before stopping.
Error logging stopped...
Advanced Accounting has stopped...
Process accounting stopped...
Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-004 The Subsystem or Group, gssd, is currently inoperative.
0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.

Note: The “sleep” command is used in Unix shell

scripting/programming. We don’t cover that topic in this course.
AIX Basic System Administration 248
AIX System Startup and Shutdown
 When the system boots back up you can determine how long the
system has been up with the uptime command, and you can
determine the last date, and time the system has been rebooted with
the who –b command.

# uptime
05:11PM up 1 min, 1 user, load average: 0.49, 0.12, 0.04

# who -b
. system boot Sep 5 17:10
#

AIX Basic System Administration 249

AIX System Startup and Shutdown

 You can also determine the last time the system was rebooted with
the last command.

# last reboot
reboot ~ Sep 05 17:10
wtmp begins Sep 04 12:19

# last shutdown
shutdown pts/1 Sep 05 17:08

wtmp begins Sep 04 12:19

#

AIX Basic System Administration 250

AIX System Startup and Shutdown
You’ll notice after system reboot, that the sleep program/command is
running in the background. It was started automatically by the
/etc/inittab file which is called by the system – init process.

# ps -ef | grep -i sleep | grep -iv grep

root 323742 1 0 17:10:38 - 0:00 /usr/bin/sleep 10000
#

To remove an entry from the inittab use the rmitab command.

# lsitab sleep
sleep:2:once:/usr/bin/sleep 10000 2>&1

# rmitab sleep
# lsitab sleep
#

Note, you could also use the chitab command to change the contents
of an inittab entry.

AIX Basic System Administration 251

AIX System Startup and Shutdown
 The SYS V version of startup and shutdown scripts are used to startup and
shutdown services automatically on system boot up and shutdown
respectively.

 The /etc/rc.d/ directory contains a sub-directory for each system run-level, a

directory for all the scripts for manual execution, and the actual rc Unix shell
script which runs the scripts for each run-level, with the run level as the
argument to the shell script. This script is called from the /etc/inittab file:

$ more /etc/inittab

l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
l7:7:wait:/etc/rc.d/rc 7
l8:8:wait:/etc/rc.d/rc 8
l9:9:wait:/etc/rc.d/rc 9

AIX Basic System Administration 252

AIX System Startup and Shutdown
# ls -l /etc/rc.d
total 8
drwxr-xr-x 2 root system 256 Apr 15 2010 init.d
-r-xr--r-- 1 root system 1610 Aug 22 2007 rc
drwxr-xr-x 2 root system 256 Nov 24 21:24 rc2.d
drwxr-xr-x 2 root system 256 Nov 24 18:01 rc3.d
drwxr-xr-x 2 root system 256 Apr 15 2010 rc4.d
drwxr-xr-x 2 root system 256 Apr 15 2010 rc5.d
drwxr-xr-x 2 root system 256 Apr 15 2010 rc6.d
drwxr-xr-x 2 root system 256 Apr 15 2010 rc7.d
drwxr-xr-x 2 root system 256 Apr 15 2010 rc8.d
drwxr-xr-x 2 root system 256 Apr 15 2010 rc9.d
#

AIX Basic System Administration 253

AIX System Startup and Shutdown
# cd /etc/rc.d/init.d
# pwd
/etc/rc.d/init.d
# vi script1.ksh

case "$1" in
stop)
echo "script 1 executed on shutdown" > /var/script1.shutdown.out;sleep 60;;
start)
echo "script 1 executed on startup" > /var/script1.startup.out;sleep 60;;
*)
echo "Invalid Option..";;
esac

AIX Basic System Administration 254

AIX System Startup and Shutdown
# vi script2.ksh

case "$1" in
stop)
echo "script 2 executed on shutdown" > /var/script2.shutdown.out;sleep 60;;
start)
echo "script 2 executed on startup" > /var/script2.startup.out;sleep 60;;
*)
echo "Invalid Option..";;
esac

AIX Basic System Administration 255

AIX System Startup and Shutdown
# vi script3.ksh

case "$1" in
stop)
echo "script 3 executed on shutdown" > /var/script3.shutdown.out;sleep 60;;
start)
echo "script 3 executed on startup" > /var/script3.startup.out;sleep 60;;
*)
echo "Invalid Option..";;
esac

AIX Basic System Administration 256

AIX System Startup and Shutdown
# chmod u+x script1.ksh
# chmod u+x script2.ksh
# chmod u+x script3.ksh
# cd ..
# cd rc2.d
# pwd
/etc/rc.d/rc2.d
# ls
K71itcaTivoliCommonAgent0 K99dbrc.ksh Kwpars S00ct_boot S71itcaTivoliCommonAgent0 S99dbrc.ksh

# ln -s /etc/rc.d/init.d/script2.ksh S1script2.ksh
# ln -s /etc/rc.d/init.d/script1.ksh S2script1.ksh
# ln -s /etc/rc.d/init.d/script3.ksh S3script3.ksh
# ls -l
total 16
lrwxrwxrwx 1 root system 56 Nov 24 21:22 K71itcaTivoliCommonAgent0 -> /var/opt/tivoli/ep/runtime/nonstop/bin/nonstopservice.sh
lrwxrwxrwx 1 root system 25 Nov 25 22:29 K99dbrc.ksh -> /etc/rc.d/init.d/dbrc.ksh
-r-x------ 1 root system 2439 Nov 24 18:01 Kwpars
-rwxr-xr-x 1 root system 175 Nov 24 21:24 S00ct_boot
lrwxrwxrwx 1 root system 28 Nov 25 23:17 S1script2.ksh -> /etc/rc.d/init.d/script2.ksh
lrwxrwxrwx 1 root system 28 Nov 25 23:17 S2script1.ksh -> /etc/rc.d/init.d/script1.ksh
lrwxrwxrwx 1 root system 28 Nov 25 23:17 S3script3.ksh -> /etc/rc.d/init.d/script3.ksh
lrwxrwxrwx 1 root system 56 Nov 24 21:22 S71itcaTivoliCommonAgent0 -> /var/opt/tivoli/ep/runtime/nonstop/bin/nonstopservice.sh
lrwxrwxrwx 1 root system 25 Nov 25 22:29 S99dbrc.ksh -> /etc/rc.d/init.d/dbrc.ksh
#

AIX Basic System Administration 257

AIX System Startup and Shutdown

# ln -s /etc/rc.d/init.d/script3.ksh K1script3.ksh
# ln -s /etc/rc.d/init.d/script1.ksh K2script1.ksh
# ln -s /etc/rc.d/init.d/script2.ksh K3script2.ksh
# ls -l
total 16
lrwxrwxrwx 1 root system 28 Nov 25 23:20 K1script3.ksh -> /etc/rc.d/init.d/script3.ksh
lrwxrwxrwx 1 root system 28 Nov 25 23:20 K2script1.ksh -> /etc/rc.d/init.d/script1.ksh
lrwxrwxrwx 1 root system 28 Nov 25 23:20 K3script2.ksh -> /etc/rc.d/init.d/script2.ksh
lrwxrwxrwx 1 root system 56 Nov 24 21:22 K71itcaTivoliCommonAgent0 -/var/opt/tivoli/ep/runtime/nonstop/bin/nonstopservice.sh
lrwxrwxrwx 1 root system 25 Nov 25 22:29 K99dbrc.ksh -> /etc/rc.d/init.d/dbrc.ksh
-r-x------ 1 root system 2439 Nov 24 18:01 Kwpars
-rwxr-xr-x 1 root system 175 Nov 24 21:24 S00ct_boot
lrwxrwxrwx 1 root system 28 Nov 25 23:17 S1script2.ksh -> /etc/rc.d/init.d/script2.ksh
lrwxrwxrwx 1 root system 28 Nov 25 23:17 S2script1.ksh -> /etc/rc.d/init.d/script1.ksh
lrwxrwxrwx 1 root system 28 Nov 25 23:17 S3script3.ksh -> /etc/rc.d/init.d/script3.ksh
lrwxrwxrwx 1 root system 56 Nov 24 21:22 S71itcaTivoliCommonAgent0 ->
/var/opt/tivoli/ep/runtime/nonstop/bin/nonstopservice.sh
lrwxrwxrwx 1 root system 25 Nov 25 22:29 S99dbrc.ksh -> /etc/rc.d/init.d/dbrc.ksh
#

AIX Basic System Administration 258

AIX System Startup and Shutdown
# ls /var/*out
# shutdown -Fr

SHUTDOWN PROGRAM
Mon May 14 09:39:32 CDT 2007

PAUSES FOR 3 MINUTES…

Wait for 'Rebooting...' before stopping.

May 14 2007 09:39:32
/usr/es/sbin/cluster/utilities/clstop : called with flags -y -N -s -f -S

0513-004 The Subsystem or Group, clinfoES, is currently inoperative.

Error reporting has stopped.
Advanced Accounting has stopped...
Process accounting has stopped.
…

# uptime
11:38PM up 9 mins, 1 user, load average: 1.46, 0.67, 0.30

# who -b
. system boot Nov 25 23:29
#

AIX Basic System Administration 259

AIX System Startup and Shutdown
Wait 3 minutes after the system comes back up from reboot for the startup scripts to
execute.

Recap of the script execution sequence:

Script3.shutdown was set to execute first on system shutdown.

Script1.shutdown was set to execute second on system shutdown.
Script2.shutdown was set to execute third/last on system shutdown.
# ls -l /var/*shutdown*
-rw-r--r-- 1 root system 30 Dec 01 15:21 /var/script1.shutdown.out (2)
-rw-r--r-- 1 root system 30 Dec 01 15:22 /var/script2.shutdown.out (3)
-rw-r--r-- 1 root system 30 Dec 01 15:20 /var/script3.shutdown.out (1)

Script2.startup was set to execute first on system startup.

Script1.startup was set to execute second on system startup.
Script3.startup was set to execute third/last on system startup.
# ls -l /var/*startup*
-rw-r--r-- 1 root system 29 Dec 01 15:24 /var/script1.startup.out (2)
-rw-r--r-- 1 root system 29 Dec 01 15:23 /var/script2.startup.out (1)
-rw-r--r-- 1 root system 29 Dec 01 15:25 /var/script3.startup.out (3)
#

AIX Basic System Administration 260

AIX System Startup and Shutdown
 Remove the scripts and log files they created:

# rm /etc/rc.d/init.d/script*
# rm /etc/rc.d/rc2.d/*script*
# rm /var/*out

# ls –l /etc/rc.d/init.d/scrip*
ls: 0653-341 The file /etc/rc.d/init.d/script* does not exist.

# ls –l /etc/rc.d/rc2.d/*scrip*
ls: 0653-341 The file /etc/rc.d/rc2.d/*scri* does not exist.

# ls –l /var/*out
ls: 0653-341 The file /var/*out does not exist.

AIX Basic System Administration 261

 Filesystems

AIX Basic System Administration 262

Filesystem Details

 Filesystems are a mechanism to manage files, and directories on an LV.

 JFS – Journaled File System.
 Filesystems are created on top of logical volumes
 There are two types of filesystems which come with AIX: JFS, and JFS2. –
(JFS2 was introduced in AIX version 5.1).
 When you install the AIX BOS on a 64-bit system/LPAR, JFS2 filesystem are
automatically created for the system.
 Filesystem data is journaled for a JFS, and JFS2 filesystem using a JFS, or
JFS2 log respectively.
 Recommend using smitty to create filesystems – many, many arguments to
the crfs command
 Smitty allows creation from a logical volume or creation of fs and lv at same
time
 Supports compressed filesystems

AIX Basic System Administration 263

Filesystem Details

 Note: default creation of filesystem is to not mount at system restart

 In the newest version of AIX 6.1, filesystems can be encrypted for security.

 AIX comes with a user space quota system which you implement at the user,
and filesystem level to assist in enforcing space constraints.

 There are snapshot utilities available in AIX, for quick backups of filesystem
data.

 Filesystems can be accessed by more then one node/server, at a time on a

shared disk sub-system in a clustered environment using the IBM product
GPFS – General Parallel File System.

AIX Basic System Administration 264

Filesystem Details

 The differences between JFS(1), and JFS2 filesystems.

 Maximum file size for JFS is --> 64 gig.

 Maximum file size for JFS2 is --> 1 PB

 Maximum filesystem size for JFS is --> 1 TB.

 Maximum filesystem size for JFS2 is --> 4 PB

 Maximum number of inodes for JFS is --> Fixed, set manually at

filesystem creation.

 Maximum number of inodes for JFS2 is --> Dynamic. Limited by disk

space capacity.

AIX Basic System Administration 265

Filesystems
The default logical volumes, and filesystems created on the system
are as follows. These filesystems are needed to run the system.
hd1  /home
hd2  /usr
hd3  /tmp
hd4  / - (root)
hd9var  /var
hd10opt  /opt
hd11admin  /admin
/proc  /proc

The filesystems above, since they are installed by default with the
operating system, are nick named “The BIG 8”.
# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 11.62 1.92 84% 53567 11% /
/dev/hd2 13.12 9.95 25% 44923 2% /usr
/dev/hd9var 0.38 0.21 44% 18819 28% /var
/dev/hd3 3.38 3.37 1% 78 1% /tmp
/dev/hd1 30.00 3.68 88% 89546 10% /home
/dev/hd11admin 0.12 0.12 1% 5 1% /admin
/proc - - - - - /proc
/dev/hd10opt 2.00 0.77 62% 33135 16% /opt

AIX Basic System Administration 266

Filesystems
 There are also logical volumes which are created by default with the
operating system. These logical volumes, are called raw logical volumes
because there are no filesystems on top of them. The system uses them
directly.

hd5 – The boot logical volume. Where the boot code resides.

hd6 – The default system dump device, and system paging space.
Note: When you install a system which is > 4 Gig of physical memory, the
system will automatically create the paging space device lg_dumplv to hold
system dumps.

hd8 – The default JFS or JFS2 log logical volumes. Where the logical volume
resides.

AIX Basic System Administration 267

Filesystems
 To view filesystems which are currently mounted on the system type
in the mount command. This command will also show you what type
of filesystem it is, JFS, or JFS2, the date and time it was mounted,
and the logical volume it’s using to journal it’s changes.

# mount
node mounted mounted over vfs date options
-------- --------------- --------------- ------ ------------ ---------------
/dev/hd4 / jfs2 Nov 26 19:34 rw,log=/dev/hd8
/dev/hd2 /usr jfs2 Nov 26 19:34 rw,log=/dev/hd8
/dev/hd9var /var jfs2 Nov 26 19:34 rw,log=/dev/hd8
/dev/hd3 /tmp jfs2 Nov 26 19:34 rw,log=/dev/hd8
/dev/hd1 /home jfs2 Nov 26 19:35 rw,log=/dev/hd8
/dev/hd11admin /admin jfs2 Nov 26 19:35 rw,log=/dev/hd8
/proc /proc procfs Nov 26 19:35 rw
/dev/hd10opt /opt jfs2 Nov 26 19:35 rw,log=/dev/hd8
#

AIX Basic System Administration 268

 AIX Logical Volume Manager

AIX Basic System Administration 269

Logical Volume Manager

 AIX Logical Volume Manager – LVM

 Software level management interface which provides a method of
managing disks in order to turn them into usable storage on AIX.
 Integrated in AIX architecture. No subsequent licenses, or
installations required.
 Can add/delete/modify logical volumes while system is up and
running
 Can add/remove mirroring while up and running
 Supports RAID 0 + 1 (mirroring and striping)
 Provides a rich set of commands to manage

AIX Basic System Administration 270

Logical Volume Manager
 When a hard disk is installed in the system, scsi disk, or SAN lun, it
is given the name hdiskX on the system. Ex: hdisk0, 1, 2, 3, etc..

 When a hard disk is made a member of a volume group, vg, it is

said to be initialized. When initialized it is called a physical volume –
PV.

 You create logical volumes/partitions on the PVs. These logically

divide the hard disk.

 On top of those LVs are Physical Partitions PPS. These are regions
of the logical volume divided into equal size.

 On top of those PPs, are logical partitions LPS. These sit on top of
the PPs and can have one to many relationships with the their PPS.

 On top of the LPs, sit the filesystems where directories, and files
actually reside.
 LVM information resides in both the system’s ODM, and on the PV
itself.
AIX Basic System Administration 271
Logical Volume Manager
 For the LVM information which resides on disk. All of the disks in a
vg know about other disks in the same vg. This is accomplished by a
special area on disk known as the VGDA – Volume Group
Descriptor Area.

 If there is one disk in a vg, then there are two VGDAs on one disk.

 If there are two disks in a vg, then there is one VGDA on one disk,
and two on the other.

 If there are three, or more disks in a vg, then there is one VGDA per
disk.

 The same goes for another meta data area of a disk drive in AIX.
This area is called the VGSA – Volume Group Status Area. This will
provide information regarding mirrored copies of data on disk.

AIX Basic System Administration 272

Logical Volume Manager

AIX Basic System Administration 273

Logical Volume Manager

AIX Basic System Administration 274

Logical Volume Manager
 When the system is installed there is only one volume group
defined. This volume group is called rootvg, and contains all of the
system logical volumes – hd*.

 To list the volume groups currently defined to the system type in the
lsvg command, which stands for LiSt Volume Group.

# lsvg
rootvg

AIX Basic System Administration 275

Logical Volume Manager

 To get more details about a volume group, such as total used space,
free space, etc, use the lsvg command with the volume group name as
the argument.

# lsvg rootvg
VOLUME GROUP: rootvg VG IDENTIFIER: 00c118f000004c00000001239778ea2f
VG STATE: active PP SIZE: 8 megabyte(s)
VG PERMISSION: read/write TOTAL PPs: 639 (5112 megabytes)
MAX LVs: 256 FREE PPs: 386 (3088 megabytes)
LVs: 9 USED PPs: 253 (2024 megabytes)
OPEN LVs: 8 QUORUM: 2 (Enabled)
TOTAL PVs: 1 VG DESCRIPTORS: 2
STALE PVs: 0 STALE PPs: 0
ACTIVE PVs: 1 AUTO ON: yes
MAX PPs per VG: 32512
MAX PPs per PV: 16256 MAX PVs: 2
LTG size (Dynamic): 256 kilobyte(s) AUTO SYNC: no
HOT SPARE: no BB POLICY: relocatable
#

AIX Basic System Administration 276

Logical Volume Manager

 To list the disks which make up the volume group, type in the command lsvg
with the option –p, and the vg name.

# lsvg -p rootvg
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 639 386 125..05..00..128..128
#

AIX Basic System Administration 277

Logical Volume Manager

 To get more details about a physical volume type in lspv with the hdisk# name
as the argument.

# lspv hdisk0
PHYSICAL VOLUME: hdisk0 VOLUME GROUP: rootvg
PV IDENTIFIER: 00c118f097291ded VG IDENTIFIER 00c118f000004c00000001239778ea2f
PV STATE: active
STALE PARTITIONS: 0 ALLOCATABLE: yes
PP SIZE: 8 megabyte(s) LOGICAL VOLUMES: 9
TOTAL PPs: 639 (5112 megabytes) VG DESCRIPTORS: 2
FREE PPs: 386 (3088 megabytes) HOT SPARE: no
USED PPs: 253 (2024 megabytes) MAX REQUEST: 256 kilobytes
FREE DISTRIBUTION: 125..05..00..128..128
USED DISTRIBUTION: 03..123..127..00..00
#

AIX Basic System Administration 278

Logical Volume Manager

 To list the logical volumes which currently make up the volume group type in
the lsvg command with the option –l.
# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 3 3 1 closed/syncd N/A
hd6 paging 64 64 1 open/syncd N/A
hd8 jfs2log 1 1 1 open/syncd N/A
hd4 jfs2 3 3 1 open/syncd /
hd2 jfs2 161 161 1 open/syncd /usr
hd9var jfs2 2 2 1 open/syncd /var
hd3 jfs2 5 5 1 open/syncd /tmp
hd1 jfs2 2 2 1 open/syncd /home
hd10opt jfs2 12 12 1 open/syncd /opt
#

AIX Basic System Administration 279

Logical Volume Manager
 To get more details of a logical volume use the command lslv with
the logical volume name as the argument.
# lslv hd1
LOGICAL VOLUME: hd1 VOLUME GROUP: rootvg
LV IDENTIFIER: 00c118f000004c00000001239778ea2f.8 PERMISSION: read/writ
e
VG STATE: active/complete LV STATE: opened/syncd
TYPE: jfs2 WRITE VERIFY: off
MAX LPs: 512 PP SIZE: 8 megabyte(s)
COPIES: 1 SCHED POLICY: parallel
LPs: 2 PPs: 2
STALE PPs: 0 BB POLICY: relocatable
INTER-POLICY: minimum RELOCATABLE: yes
INTRA-POLICY: center UPPER BOUND: 32
MOUNT POINT: /home LABEL: /home
MIRROR WRITE CONSISTENCY: on/ACTIVE
EACH LP COPY ON A SEPARATE PV ?: yes
Serialize IO ?: NO
#

AIX Basic System Administration 280

Logical Volume Manager

 To list what logical volumes reside on a specific hard disk, use the
command lspv –l and use hdisk# as your argument.

# lspv -l hdisk0
hdisk0:
LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd6 64 64 00..64..00..00..00 N/A
hd8 1 1 00..00..01..00..00 N/A
hd4 3 3 00..00..03..00..00 /
hd2 161 161 00..49..112..00..00 /usr
hd9var 2 2 00..00..02..00..00 /var
hd3 5 5 00..00..05..00..00 /tmp
hd1 2 2 00..00..02..00..00 /home
hd10opt 12 12 00..10..02..00..00 /opt
hd5 3 3 03..00..00..00..00 N/A
#

AIX Basic System Administration 281

Logical Volume Manager

 To list the hard disks currently installed on the system which are, or
aren’t currently a member of a volume group type in the command
lspv for LiSt Physical Volume.

# lspv
hdisk0 00c118f097291ded rootvg active
hdisk1 00c118f005a9fabb None
hdisk2 00c118f09780218b None
#

Note, None next to the hard disk means that it is not currently a
member of a volume group.

AIX Basic System Administration 282

Logical Volume Manager

 Attempt to get detailed information off one of the hard disks which
are not a physical volume yet, meaning they are not members of a
volume group yet. You will receive an error.

# lspv hdisk1
0516-320 : Physical volume hdisk1 is not assigned to
a volume group.
#

You will have to make that hdisk a member of a vg, turn it into a
physical volume, before you can use it.

AIX Basic System Administration 283

Logical Volume Manager

 To determine the size of a hard disk on the system, use the bootinfo
command with the –s, for size, option.

# bootinfo –s hdisk1
10240

# bootinfo –s hdisk2
5120

This is listed in megabytes. So these disks are 10 gig, and 5 gig

respectively.

AIX Basic System Administration 284

Logical Volume Manager
 Volume groups contain hdisks. It concatenates the disks into one.
For instance if you have three disks each of 3 gig each, and put
them in one volume group, then you’ll have one 9 gig volume group
– (3 * 3 = 9). A disk is made into a PV, so the system can use it,
when it becomes a member of a volume group.

 There are three types of vgs in AIX.

1.) Original or Standard Volume Group – (Maximum of 32 physical

volumes).
2.) Big Volume Group – (Maximum of 128 physical volumes).
3.) Scalable Volume Group (Maximum of 1024 physical volumes).

AIX Basic System Administration 285

Logical Volume Manager

 To create a volume group use smitty. There is also a command line

version available – mkvg.

 Volume group names have a limit of 15 characters (alphanumeric)

# smitty mkvg

AIX Basic System Administration 286

Logical Volume Manager

AIX Basic System Administration 287

Logical Volume Manager
 Once the vg is created, issue the lsvg command again, and this time
you’ll see the newest created vg on the system. Also issue the lspv
command, and you’ll see that this hdisk no longer has none next to
it, and you’ll also see that it has a PVID number. This is the Physical
Volume IDentification number. It’s a 16 character string which is
created based on the date, and time the vg was created, and the
serial number of the system it was created on.

# lsvg
rootvg
vg

# lspv
hdisk0 00c118f097291ded rootvg active
hdisk1 00c118f005a9fabb None
hdisk2 00c118f09780218b vg active
#

AIX Basic System Administration 288

Logical Volume Manager
 Let’s create a logical volume now. We do this via smitty. Again,
there is a command to do this as well. To do this you must first
decide how big will this logical volume be, which is basically saying,
if you will be using a filesystem, how big will my filesystem be?

 You must specify the size of an lv in LPs. Remember LPs live on top
of PPs, and are the same size. Let’s say that the vg was carved up
with PPs of all 4 meg each. That means if the disk is 5 gig in size,
the whole disk will be made up of 1262 PPs – (1262 * 4 = 5048). So
let’s say we wanted our logical volume and/or filesystem to be 2 gig,
then it would take 500 LPs to create that logical volume/filesystem –
(2000 / 4 = 500).

# smitty mklv

AIX Basic System Administration 289

Logical Volume Manager

AIX Basic System Administration 290

Logical Volume Manager

 Logical volume names have a limit of 15 characters (alphanumeric)

AIX Basic System Administration 291

Logical Volume Manager
# lsvg -l vg
vg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
mylv1 jfs2 500 500 1 closed/syncd N/A
#

Now, do the reverse arithmetic operation to see how big this logical
volume is in meg – (Remember 1,000 meg = 1 gig).

# bc

500 * 4
2000

quit
#

AIX Basic System Administration 292

Logical Volume Manager
 Now that the logical volume is created, now it’s time to create a
filesystem on top of it.
# smitty crfs

AIX Basic System Administration 293

Logical Volume Manager

AIX Basic System Administration 294

Logical Volume Manager

AIX Basic System Administration 295

Logical Volume Manger

 The filesystem is created, notice how a journal log was automatically

created for it.

# lsvg -l vg
vg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
mylv1 jfs2 500 500 1 closed/syncd /myfs1
loglv00 jfs2log 1 1 1 closed/syncd N/A

# lsfs /myfs1
Name Nodename Mount Pt VFS Size Options Auto
Accounting
/dev/mylv1 -- /myfs1 jfs2 4096000 rw no
no
#

AIX Basic System Administration 296

Logical Volume Manager
 Issue the df –g command, and the mount command. Notice this
filesystem is not listed. That’s because it hasn’t been mounted.
Filesystems have to be mounted before they can be used. Mounting
mounts the logical volume/filesystem to the mount point, which is a
directory you as the user can create sub-directories, and files in.
# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.02 0.01 64% 1682 45% /
/dev/hd2 1.26 0.07 95% 30013 61% /usr
/dev/hd9var 0.02 0.00 80% 438 34% /var
/dev/hd3 0.04 0.04 6% 18 1% /tmp
/dev/hd1 0.02 0.02 3% 7 1% /home
/dev/hd11admin 0.12 0.12 1% 5 1% /admin
/proc - - - - - /proc
/dev/hd10opt 0.09 0.02 84% 1538 30% /opt

# mount
node mounted mounted over vfs date options
-------- --------------- --------------- ------ ------------ ---------------
/dev/hd4 / jfs2 Sep 09 00:27 rw,log=/dev/hd8
/dev/hd2 /usr jfs2 Sep 09 00:27 rw,log=/dev/hd8
/dev/hd9var /var jfs2 Sep 09 00:28 rw,log=/dev/hd8
/dev/hd3 /tmp jfs2 Sep 09 00:28 rw,log=/dev/hd8
/dev/hd1 /home jfs2 Sep 09 00:28 rw,log=/dev/hd8
/dev/hd11admin /admin jfs2 Nov 26 19:35 rw,log=/dev/hd8
/proc /proc procfs Sep 09 00:28 rw
/dev/hd10opt /opt jfs2 Sep 09 00:28 rw,log=/dev/hd8
#

AIX Basic System Administration 297

Logical Volume Manager
 Now, issue the command: mount /fs_name to mount the filesystem.
# mount /myfs1
# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.02 0.01 64% 1682 45% /
/dev/hd2 1.26 0.07 95% 30013 61% /usr
/dev/hd9var 0.02 0.00 80% 438 34% /var
/dev/hd3 0.04 0.04 6% 18 1% /tmp
/dev/hd1 0.02 0.02 3% 7 1% /home
/dev/hd11admin 0.12 0.12 1% 5 1% /admin
/proc - - - - - /proc
/dev/hd10opt 0.09 0.02 84% 1538 30% /opt

/dev/mylv1 1.95 1.95 1% 4 1% /myfs1

# mount
node mounted mounted over vfs date options
-------- --------------- --------------- ------ ------------ ---------------
/dev/hd4 / jfs2 Sep 09 00:27 rw,log=/dev/hd8
/dev/hd2 /usr jfs2 Sep 09 00:27 rw,log=/dev/hd8
/dev/hd9var /var jfs2 Sep 09 00:28 rw,log=/dev/hd8
/dev/hd3 /tmp jfs2 Sep 09 00:28 rw,log=/dev/hd8
/dev/hd1 /home jfs2 Sep 09 00:28 rw,log=/dev/hd8
/dev/hd11admin /admin jfs2 Nov 26 19:35 rw,log=/dev/hd8
/proc /proc procfs Sep 09 00:28 rw
/dev/hd10opt /opt jfs2 Sep 09 00:28 rw,log=/dev/hd8
/dev/mylv1 /myfs1 jfs2 Sep 09 14:01 rw,log=/dev/loglv00
#

AIX Basic System Administration 298

Logical Volume Manager
 Reboot the system. We’ll use the reboot command this time.

# reboot
Rebooting . . .

When the system boots back up, log in as root again.

AIX Version 6
Copyright IBM Corporation, 1982, 2007.
login: root

….

AIX Basic System Administration 299

Logical Volume Manager
 Issue a df -g, and mount commands again. Notice how the /myfs1
filesystem has not been mounted automatically on system reboot.

# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.02 0.01 64% 1686 45% /
/dev/hd2 1.26 0.07 95% 30013 61% /usr
/dev/hd9var 0.02 0.00 80% 440 34% /var
/dev/hd3 0.04 0.04 6% 20 1% /tmp
/dev/hd1 0.02 0.02 3% 7 1% /home
/dev/hd11admin 0.12 0.12 1% 5 1% /admin
/proc - - - - - /proc
/dev/hd10opt 0.09 0.02 84% 1538 30% /opt

# mount
node mounted mounted over vfs date options
-------- --------------- --------------- ------ ------------ ---------------
/dev/hd4 / jfs2 Sep 09 14:04 rw,log=/dev/hd8
/dev/hd2 /usr jfs2 Sep 09 14:04 rw,log=/dev/hd8
/dev/hd9var /var jfs2 Sep 09 14:04 rw,log=/dev/hd8
/dev/hd3 /tmp jfs2 Sep 09 14:04 rw,log=/dev/hd8
/dev/hd1 /home jfs2 Sep 09 14:04 rw,log=/dev/hd8
/dev/hd11admin /admin jfs2 Nov 26 19:35 rw,log=/dev/hd8
/proc /proc procfs Sep 09 14:04 rw
/dev/hd10opt /opt jfs2 Sep 09 14:04 rw,log=/dev/hd8
#

AIX Basic System Administration 300

Logical Volume Manager

 To set it so the filesystem will mount automatically on system

reboots, you have to edit a file called /etc/filesystems.

# tail /etc/filesystems
vol = /opt
free = false

/myfs1:
dev = /dev/mylv1
vfs = jfs2
log = /dev/loglv00
mount = false
options = rw
account = false
#

Notice how there is the value of false, next to mount. This means that
the filesystem will not be mounted automatically on system reboot.
We can also see this via the lsfs command.

AIX Basic System Administration 301

Logical Volume Manager
# lsfs /myfs1
Name Nodename Mount Pt VFS Size Options Auto
Accounting
/dev/mylv1 -- /myfs1 jfs2 4096000 rw no
no
#

# chfs -a mount=true /myfs1

# lsfs /myfs1
Name Nodename Mount Pt VFS Size Options Auto
Accounting
/dev/mylv1 -- /myfs1 jfs2 4096000 rw yes
no
# tail /etc/filesystems
vol = /opt
free = false

/myfs1:
dev = /dev/mylv1
vfs = jfs2
log = /dev/loglv00
mount = true
options = rw
account = false
#

# reboot
Rebooting . . .

AIX Basic System Administration 302

Logical Volume Manager
 The next time the system reboots, log in as root again, and you’ll
see the /myfs1 filesystem is now mounted.

# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.02 0.01 64% 1684 45% /
/dev/hd2 1.26 0.07 95% 30013 61% /usr
/dev/hd9var 0.02 0.00 81% 439 34% /var
/dev/hd3 0.04 0.04 6% 20 1% /tmp
/dev/hd1 0.02 0.02 3% 7 1% /home
/dev/hd11admin 0.12 0.12 1% 5 1% /admin
/proc - - - - - /proc
/dev/hd10opt 0.09 0.02 84% 1538 30% /opt
/dev/mylv1 1.95 1.95 1% 4 1% /myfs1

# mount
node mounted mounted over vfs date options
-------- --------------- --------------- ------ ------------ ---------------
/dev/hd4 / jfs2 Sep 09 14:17 rw,log=/dev/hd8
/dev/hd2 /usr jfs2 Sep 09 14:17 rw,log=/dev/hd8
/dev/hd9var /var jfs2 Sep 09 14:17 rw,log=/dev/hd8
/dev/hd3 /tmp jfs2 Sep 09 14:17 rw,log=/dev/hd8
/dev/hd1 /home jfs2 Sep 09 14:17 rw,log=/dev/hd8
/dev/hd11admin /admin jfs2 Nov 26 19:35 rw,log=/dev/hd8
/proc /proc procfs Sep 09 14:17 rw
/dev/hd10opt /opt jfs2 Sep 09 14:17 rw,log=/dev/hd8
/dev/mylv1 /myfs1 jfs2 Sep 09 14:17 rw,log=/dev/loglv00

AIX Basic System Administration 303

Logical Volume Manager
 To unmount a filesystem use the umount command. Before you do
that look at the ls of the directory, notice a lost+found directory. This
is created by default for all new filesystems in their root directories.
This is for internal system cleanup.
# cd /myfs1
# pwd
/myfs1

# ls -l
total 0
drwxr-xr-x 2 root system 256 Sep 9 13:56 lost+found
# df -g .
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/mylv1 1.95 1.95 1% 4 1% /myfs1

# touch file1 file2 file3

# ls -l
total 0
-rw-r--r-- 1 root system 0 Sep 9 14:20 file1
-rw-r--r-- 1 root system 0 Sep 9 14:20 file2
-rw-r--r-- 1 root system 0 Sep 9 14:20 file3
drwxr-xr-x 2 root system 256 Sep 9 13:56 lost+found
#
# umount /myfs1
umount: error unmounting /dev/mylv1: Device busy

# cd /
# pwd
/
# umount /myfs1
# df -g /myfs1
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.02 0.01 64% 1686 45% /

AIX Basic System Administration 304

Logical Volume Manager
# cd /myfs1
# pwd
/myfs1

# df -g .
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.02 0.01 64% 1686 45% /
# ls -l
total 0
# cd /
# mount /myfs1
# ls –l /myfs1
total 0
-rw-r--r-- 1 root system 0 Sep 9 14:20 file1
-rw-r--r-- 1 root system 0 Sep 9 14:20 file2
-rw-r--r-- 1 root system 0 Sep 9 14:20 file3
drwxr-xr-x 2 root system 256 Sep 9 13:56 lost+found
# umount /myfs1

# ls /myfs1
#

AIX Basic System Administration 305

Logical Volume Manager

 To remove a filesystem use the rmfs command.

# rmfs -r /myfs1
rmlv: Logical volume mylv1 is removed.

# lsfs /myfs1
lsfs: No record matching '/myfs1' was found in /etc/filesystems.

# ls -ld /myfs1
/myfs1 not found

# lsvg -l vg
vg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
loglv00 jfs2log 1 1 1 closed/syncd N/A
#

AIX Basic System Administration 306

Logical Volume Manager
 To remove a logical volume use the rmlv command.

# rmlv loglv00
Warning, all data contained on logical volume loglv00 will be destroyed.
rmlv: Do you wish to continue? y(es) n(o)? yes
rmlv: Logical volume loglv00 is removed.

# lsvg -l vg
vg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
#

AIX Basic System Administration 307

Logical Volume Manager

 Create another filesystem, this time allow AIX to create the logical
volume for you automatically – (Easier, but less control).

# smitty crfs

AIX Basic System Administration 308

Logical Volume Manager

AIX Basic System Administration 309

Logical Volume Manager

AIX Basic System Administration 310

Logical Volume Manager

AIX Basic System Administration 311

Logical Volume Manager
 Notice, how AIX figured out the number of LPs it would need
automatically. This filesystem is 2 gig as well.

# mount /myfs1
# df -g /myfs1
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/fslv00 1.95 1.95 1% 4 1% /myfs1

# lsvg -l vg
vg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
loglv00 jfs2log 1 1 1 open/syncd N/A
fslv00 jfs2 500 500 1 open/syncd /myfs1
#

Note, when you create an enhanced, JFS2, filesystem and let AIX
create the lv, it will automatically select the name fslv##, as the
name of the lv.

When you create a JFS1 filesystem and let AIX create the lv, it will
automatically select the name lv##, as the name of the lv.
AIX Basic System Administration 312
Logical Volume Manager
 Let’s say you wanted to increase the size of a filesystem by 1 gig.
You would first check the volume group to see if you had that much
space, and then perform the operation. If you didn’t have enough
space in the vg, then you would add a disk to the vg.

# lsvg vg | grep -i free

MAX LVs: 256 FREE PPs: 761 (3044 megabytes)

# df -m /myfs1
Filesystem MB blocks Free %Used Iused %Iused Mounted on
/dev/fslv00 2000.00 1999.37 1% 4 1% /myfs1

# chfs -a size=+50M /myfs1

Filesystem size changed to 4120576

# df -m /myfs1
Filesystem MB blocks Free %Used Iused %Iused Mounted on
/dev/fslv00 2012.00 2011.37 1% 4 1% /myfs1
#

AIX Basic System Administration 313

Logical Volume Manager

 To reduce the size of a filesystem use the chfs command again, but
this time with the – operator.

# df -m /myfs1
Filesystem MB blocks Free %Used Iused %Iused Mounted on
/dev/fslv00 2012.00 2011.37 1% 4 1% /myfs1

# chfs -a size=-50M /myfs1

Filesystem size changed to 4104192

# df -m /myfs1
Filesystem MB blocks Free %Used Iused %Iused Mounted on
/dev/fslv00 2004.00 2003.37 1% 4 1% /myfs1
#

AIX Basic System Administration 314

Logical Volume Manager
 Let’s say you wanted to export a vg from the system. This is done
via the following. This is a good feature, because it give you the
ability to export the vg, physically remove the disk from the AIX
system, physically install the disk into a new AIX system, and then
import the vg again. Or logically move the disk around with SAN
zoning/mappings, etc.

# lsvg -o
vg
rootvg
# lsvg -l vg
vg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
loglv00 jfs2log 1 1 1 open/syncd N/A
fslv00 jfs2 501 501 1 open/syncd /myfs1
# df -g /myfs1
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/fslv00 1.96 1.96 1% 4 1% /myfs1
# umount /myfs1
# varyoffvg vg
# lsvg -o
rootvg
# lsvg
rootvg
vg
# exportvg vg
# lsvg
rootvg

AIX Basic System Administration 315

Logical Volume Manager

 Notice, how the filesystem is gone too, as if it was removed.

# lsfs /myfs1
lsfs: No record matching '/myfs1' was found in /etc/filesystems.
#

To import the volume group again, either on the same, or different AIX
system, use the following.

# importvg -y vg hdisk2
vg

# mount all
mount: /dev/hd1 on /home: Device busy
mount: /proc on /proc: Device busy
mount: /dev/hd10opt on /opt: Device busy

# df -g /myfs1
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/fslv00 1.96 1.96 1% 4 1% /myfs1

AIX Basic System Administration 316

Logical Volume Manager
 To remove a volume group use the reducevg command.

# umount /myfs1
# reducevg vg hdisk2
0516-016 ldeletepv: Cannot delete physical volume with allocated
partitions. Use either migratepv to move the partitions or
reducevg with the -d option to delete the partitions.
0516-884 reducevg: Unable to remove physical volume hdisk2.

# reducevg -d vg hdisk2
0516-914 rmlv: Warning, all data belonging to logical volume
loglv00 on physical volume hdisk2 will be destroyed.
rmlv: Do you wish to continue? y(es) n(o)?
yes
rmlv: Logical volume loglv00 is removed.
0516-914 rmlv: Warning, all data belonging to logical volume
fslv00 on physical volume hdisk2 will be destroyed.
rmlv: Do you wish to continue? y(es) n(o)?
yes
rmlv: Logical volume fslv00 is removed.
ldeletepv: Volume Group deleted since it contains no physical volumes.

# lsvg
rootvg
#

AIX Basic System Administration 317

Logical Volume Manager
 Let’s say you wanted to add a disk to a volume group. You do so
with the extendvg command.

# bootinfo -s hdisk1
10240
#
# lsvg -p rootvg
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 639 386 125..05..00..128..128
# lsvg rootvg | grep -i free
MAX LVs: 256 FREE PPs: 386 (3088 megabytes)
# lspv
hdisk0 00c118f097291ded rootvg active
hdisk1 00c118f005a9fabb None
hdisk2 00c118f09780218b None
# extendvg -f rootvg hdisk1
# lspv
hdisk0 00c118f097291ded rootvg active
hdisk1 00c118f005a9fabb rootvg active
hdisk2 00c118f09780218b None
# lsvg rootvg | grep -i free
MAX LVs: 256 FREE PPs: 1665 (13320 megabytes)
# lsvg -p rootvg
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 639 386 125..05..00..128..128
hdisk1 active 1279 1279 256..256..255..256..256
#

AIX Basic System Administration 318

Logical Volume Manager
 You can move the contents, of let’s say, the whole operating system
from one disk to another if you wanted to, with the migatepv
command. You can do this while the system is running. Note, you
could also do this when an application, and/or database is running.
Disks have to be in the same vg, for migration between them.

# lspv -l hdisk0
hdisk0:
LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd9var 2 2 00..00..02..00..00 /var
hd3 5 5 00..00..05..00..00 /tmp
hd1 2 2 00..00..02..00..00 /home
hd10opt 12 12 00..10..02..00..00 /opt
hd5 3 3 03..00..00..00..00 N/A
hd6 64 64 00..64..00..00..00 N/A
hd8 1 1 00..00..01..00..00 N/A
hd4 3 3 00..00..03..00..00 /
hd11admin 2 2 00..02..00..00..00 /admin
hd2 161 161 00..49..112..00..00 /usr
loglv01 1 1 00..01..00..00..00 N/A
# lspv -l hdisk1
#

AIX Basic System Administration 319

Logical Volume Manager

 To move the LPs from one disk to another.

# migratepv hdisk0 hdisk1

0516-1011 migratepv: Logical volume hd5 is labeled as a boot logical volume.
0516-1246 migratepv: If hd5 is the boot logical volume, please run 'chpv -c hdis
k0'
as root user to clear the boot record and avoid a potential boot
off an old boot image that may reside on the disk from which this
logical volume is moved/removed.
migratepv: boot logical volume hd5 migrated. Please remember to run
bosboot, specifying /dev/hdisk1 as the target physical boot device.
Also, run bootlist command to modify bootlist to include /dev/hdisk1.
#

AIX Basic System Administration 320

Logical Volume Manager

# lspv -l hdisk0
#

# lspv -l hdisk1
hdisk1:
LV NAME LPs PPs DISTRIBUTION MOUNT
POINT
hd9var 2 2 00..00..02..00..00 /var
hd3 5 5 00..00..05..00..00 /tmp
hd1 2 2 00..00..02..00..00 /home
hd10opt 12 12 00..00..12..00..00 /opt
hd5 3 3 03..00..00..00..00 N/A
hd6 64 64 00..64..00..00..00 N/A
hd8 1 1 00..00..01..00..00 N/A
hd4 3 3 00..00..03..00..00 /
hd11admin 2 2 00..02..00..00..00 /admin
hd2 161 161 00..00..161..00..00 /usr
loglv01 1 1 00..01..00..00..00 N/A
#

AIX Basic System Administration 321

Logical Volume Manager
 To migrate just one lv, you can use the –l option to the migratepv
command.

# lspv -l hdisk0
# lspv -l hdisk1
hdisk1:
LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd9var 2 2 00..00..02..00..00 /var
hd3 5 5 00..00..05..00..00 /tmp
hd1 2 2 00..00..02..00..00 /home
hd10opt 12 12 00..00..12..00..00 /opt
hd5 3 3 03..00..00..00..00 N/A
hd6 64 64 00..64..00..00..00 N/A
hd8 1 1 00..00..01..00..00 N/A
hd4 3 3 00..00..03..00..00 /
hd11admin 2 2 00..02..00..00..00 /admin
hd2 161 161 00..00..161..00..00 /usr
loglv01 1 1 00..01..00..00..00 N/A

# migratepv -l hd1 hdisk1 hdisk0

# lspv -l hdisk0
hdisk0:
LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd1 2 2 00..00..02..00..00 /home
#

AIX Basic System Administration 322

Logical Volume Manager
 Migrate everything from hdisk1, back to hdisk0.
# migratepv hdisk1 hdisk0
0516-1011 migratepv: Logical volume hd5 is labeled as a boot logical volume.
0516-1246 migratepv: If hd5 is the boot logical volume, please run 'chpv -c hdisk1‘

as root user to clear the boot record and avoid a potential boot
off an old boot image that may reside on the disk from which this
logical volume is moved/removed.
# chpv -c hdisk1
# bosboot -ad hdisk0

bosboot: Boot image is 35774 512 byte blocks.

# lspv -l hdisk0
hdisk0:
LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd9var 2 2 00..02..00..00..00 /var
hd3 5 5 00..05..00..00..00 /tmp
hd1 2 2 00..00..02..00..00 /home
hd10opt 12 12 00..12..00..00..00 /opt
hd5 3 3 03..00..00..00..00 N/A
hd6 64 64 00..64..00..00..00 N/A
hd8 1 1 00..00..01..00..00 N/A
hd4 3 3 00..00..03..00..00 /
hd11admin 2 2 00..02..00..00..00 /admin
hd2 161 161 00..00..121..40..00 /usr
loglv01 1 1 00..01..00..00..00 N/A
#

# lspv –l hdisk1
#

AIX Basic System Administration 323

Logical Volume Manager

 If you wanted to remove a disk from a volume group, you would use
the reducevg command.

# lsvg rootvg | grep -i free

MAX LVs: 256 FREE PPs: 1665 (13320 megabytes)

# lsvg -p rootvg
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 639 386 125..05..00..128..128
hdisk1 active 1279 1279 256..256..255..256..256

# reducevg rootvg hdisk1

# lsvg -p rootvg
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 639 386 125..05..00..128..128

# lsvg rootvg | grep -i free

MAX LVs: 256 FREE PPs: 386 (3088 megabytes)
#

AIX Basic System Administration 324

Logical Volume Manager
 Mirroring of disks in AIX, which is usually recommended for the
rootvg vg, is done at a vg level. The source, and target disk of an
AIX disk mirror operation must be in the same vg. You can mirror a
disk, a total of 3 ways – 3 copies (1 primary, and 2 secondaries).

# lspv
hdisk0 00c118f097291ded rootvg active
hdisk1 00c118f005a9fabb None
hdisk2 00c118f09780218b None

# extendvg rootvg hdisk1

# lspv
hdisk0 00c118f097291ded rootvg active
hdisk1 00c118f005a9fabb rootvg active
hdisk2 00c118f09780218b None

# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 3 3 1 closed/syncd N/A
hd6 paging 64 64 1 open/syncd N/A
hd8 jfs2log 1 1 1 open/syncd N/A
hd4 jfs2 3 3 1 open/syncd /
hd2 jfs2 161 161 1 open/syncd /usr
hd9var jfs2 2 2 1 open/syncd /var
hd3 jfs2 5 5 1 open/syncd /tmp
hd1 jfs2 2 2 1 open/syncd /home
hd11admin 2 2 00..02..00..00..00 /admin
hd10opt jfs2 12 12 1 open/syncd /opt

AIX Basic System Administration 325

Logical Volume Manager
# mirrorvg rootvg hdisk0 hdisk1
0516-1804 chvg: The quorum change takes effect immediately.
0516-1126 mirrorvg: rootvg successfully mirrored, user should perform
bosboot of system to initialize boot records. Then, user must modify
bootlist to include: hdisk1 hdisk0.

# bosboot -ad /dev/hdisk1

bosboot: Boot image is 35774 512 byte blocks.

# bootlist -m normal -o
hdisk0 blv=hd5

# bootlist -m normal hdisk0 hdisk1

# bootlist -m normal -o
hdisk0 blv=hd5
hdisk1 blv=hd5
#

# bootinfo -b
hdisk0
#

AIX Basic System Administration 326

Logical Volume Manager

 Notice the one to many, total 3, LP, to PP relationship in the

command output below.

# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 3 6 2 closed/syncd N/A
hd6 paging 64 128 2 open/syncd N/A
hd8 jfs2log 1 2 2 open/syncd N/A
hd4 jfs2 3 6 2 open/syncd /
hd2 jfs2 161 322 2 open/syncd /usr
hd9var jfs2 2 4 2 open/syncd /var
hd3 jfs2 5 10 2 open/syncd /tmp
hd1 jfs2 2 4 2 open/syncd /home
hd11admin 2 2 00..02..00..00..00 /admin
hd10opt jfs2 12 24 2 open/syncd /opt
#

# reboot
Rebooting . . .

AIX Basic System Administration 327

Logical Volume Manager
 When the system boots back up, notice how it still booted from your
install/source disk – hdisk0. This is because even though you
mirrored the disk, it’s still the first boot device listed in the list. Note,
you could also boot off of the disk SAN, tape, CDs, DVDs, and the
network.
# bootinfo -b
hdisk0
#

Now, change the bootlist, so hdisk1, where we mirrored to, will be the
disk the system boots off of during next reboot.
# bootlist -m normal -o
hdisk0 blv=hd5
hdisk1 blv=hd5

# bootlist -m normal hdisk1

# bootlist -m normal -o
hdisk1 blv=hd5
#

AIX Basic System Administration 328

Logical Volume Manager
 Reboot the system. Once it’s done rebooting, issue the bootinfo –b,
command to determine the last disk the disk booted off of, and it should be
hdisk1 now, the target of our rootvg mirror operation.
# reboot
Rebooting . . .

SYSTEM REBOOTS…

# bootinfo -b
hdisk1
# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.02 0.01 59% 1678 42% /
/dev/hd2 1.26 0.07 95% 30013 61% /usr
/dev/hd9var 0.02 0.00 80% 439 34% /var
/dev/hd3 0.04 0.04 6% 19 1% /tmp
/dev/hd1 0.02 0.02 3% 7 1% /home
/dev/hd11admin 0.12 0.12 1% 5 1% /admin
/proc - - - - - /proc
/dev/hd10opt 0.09 0.02 84% 1538 30% /opt
# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 3 6 2 closed/syncd N/A
hd6 paging 64 128 2 open/syncd N/A
hd8 jfs2log 1 2 2 open/syncd N/A
hd4 jfs2 3 6 2 open/syncd /
hd2 jfs2 161 322 2 open/syncd /usr
hd9var jfs2 2 4 2 open/syncd /var
hd3 jfs2 5 10 2 open/syncd /tmp
hd1 jfs2 2 4 2 open/syncd /home
hd11admin 2 2 00..02..00..00..00 /admin
hd10opt jfs2 12 24 2 open/syncd /opt

AIX Basic System Administration 329

Logical Volume Manager
 Now, change the bootlist back, and reboot so the system boots off of
hdisk0, as normal.

# bootlist -m normal -o
hdisk1 blv=hd5

# bootlist -m normal hdisk0 hdisk1

# bootlist -m normal -o
hdisk0 blv=hd5
hdisk1 blv=hd5

# reboot
Rebooting . . .

SYSTEM REBOOTS…

# bootinfo -b
hdisk0
#

AIX Basic System Administration 330

Logical Volume Manager
 To unmirror a volume group, use the unmirrorvg command.

# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 3 6 2 closed/syncd N/A
hd6 paging 64 128 2 open/syncd N/A
hd8 jfs2log 1 2 2 open/syncd N/A
hd4 jfs2 3 6 2 open/syncd /
hd2 jfs2 161 322 2 open/syncd /usr
hd9var jfs2 2 4 2 open/syncd /var
hd3 jfs2 5 10 2 open/syncd /tmp
hd1 jfs2 2 4 2 open/syncd /home
hd11admin jfs2 2 2 1 open/syncd /admin
hd10opt jfs2 12 24 2 open/syncd /opt

# unmirrorvg rootvg
0516-1246 rmlvcopy: If hd5 is the boot logical volume, please run 'chpv -c <diskname>'
as root user to clear the boot record and avoid a potential boot
off an old boot image that may reside on the disk from which this
logical volume is moved/removed.

0516-1804 chvg: The quorum change takes effect immediately.

0516-1144 unmirrorvg: rootvg successfully unmirrored, user should perform
bosboot of system to reinitialize boot records. Then, user must modify
bootlist to just include: hdisk0.
#

AIX Basic System Administration 331

Logical Volume Manager

# chpv -c hdisk1
# bosboot -ad /dev/hdisk0

bosboot: Boot image is 35774 512 byte blocks.

# bootlist -m normal -o
hdisk0 blv=hd5
Hdisk1

# bootlist -m normal hdisk0

# bootlist -m normal -o
hdisk0 blv=hd5
#

AIX Basic System Administration 332

Logical Volume Manager
 Notice the 1 to 1 relationship between the LPs and the PPs once
again.

# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 3 3 1 closed/syncd N/A
hd6 paging 64 64 1 open/syncd N/A
hd8 jfs2log 1 1 1 open/syncd N/A
hd4 jfs2 3 3 1 open/syncd /
hd2 jfs2 161 161 1 open/syncd /usr
hd9var jfs2 2 2 1 open/syncd /var
hd3 jfs2 5 5 1 open/syncd /tmp
hd1 jfs2 2 2 1 open/syncd /home
hd11admin jfs2 2 2 1 open/syncd /admin
hd10opt jfs2 12 12 1 open/syncd /opt
#

AIX Basic System Administration 333

 AIX File Management

AIX Basic System Administration 334

AIX File Management
 Sometimes it is desirable to pack multiple files into one file, which acts as a
package. The tar command creates an archived package file which consists of
multiple files, and/or directories.

 These archived packages are known as tar-balls.

 TAR stands for TApe aRchive.

 Create a directory in /tmp called junk, and create multiple files, a subdirectory
and files under that subdirectory:

$ mkdir /tmp/junk
$ cd /tmp/junk
$ touch filea fileb filec filed filee
$ mkdir /tmp/junk/dira
$ touch /tmp/junk/dira/filef
$ touch /tmp/junk/dira/fileg

AIX Basic System Administration 335

AIX File Management
$ cd /tmp/junk
$ pwd
/tmp/junk

$ ls -l
total 24
drwxr-xr-x 2 justin staff 256 Nov 24 19:24 dira
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filea
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 fileb
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filec
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filed
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filee

$ ls -l dira
total 0
-rw-r--r-- 1 justin staff 0 Nov 24 19:23 filef
-rw-r--r-- 1 justin staff 0 Nov 24 19:24 fileg

$ tar -cvf /tmp/files.tar /tmp/junk/*

a /tmp/junk/dira
a /tmp/junk/dira/filef 0 blocks.
a /tmp/junk/dira/fileg 0 blocks.
a /tmp/junk/filea 0 blocks.
a /tmp/junk/fileb 0 blocks.
a /tmp/junk/filec 0 blocks.
a /tmp/junk/filed 0 blocks.
a /tmp/junk/filee 0 blocks.
a /tmp/junk/files.tar 20 blocks.

AIX Basic System Administration 336

AIX File Management
$ ls -l /tmp/files.tar
-rw-r--r-- 1 justin staff 20480 Nov 24 19:26 /tmp/files.tar
$

 To view the contents of the tar-ball use the following command:

$ tar -tvf /tmp/files.tar

drwxr-xr-x 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/
-rw-r--r-- 202 1 0 Nov 24 19:23:55 2010 /tmp/junk/dira/filef
-rw-r--r-- 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/fileg
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filea
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/fileb
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filec
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filed
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filee
-rw-r--r-- 202 1 10240 Nov 24 19:22:32 2010 /tmp/junk/files.tar
$

 Delete the /tmp/junk directory:

$ rm -r /tmp/junk
$ ls -ld /tmp/junk
ls: 0653-341 The file /tmp/junk does not exist.
$

AIX Basic System Administration 337

AIX File Management
$ ls -ld /tmp/files.tar
-rw-r--r-- 1 justin staff 20480 Nov 24 19:26 /tmp/files.tar

$ tar -xvf /tmp/files.tar

x /tmp/junk/dira
x /tmp/junk/dira/filef, 0 bytes, 0 media blocks.
x /tmp/junk/dira/fileg, 0 bytes, 0 media blocks.
x /tmp/junk/filea, 0 bytes, 0 media blocks.
x /tmp/junk/fileb, 0 bytes, 0 media blocks.
x /tmp/junk/filec, 0 bytes, 0 media blocks.
x /tmp/junk/filed, 0 bytes, 0 media blocks.
x /tmp/junk/filee, 0 bytes, 0 media blocks.
x /tmp/junk/files.tar, 10240 bytes, 20 media blocks.

$ ls -ld /tmp/junk
drwxr-xr-x 3 justin staff 256 Nov 24 19:28 /tmp/junk
$ ls -lR /tmp/junk
total 24
drwxr-xr-x 2 justin staff 256 Nov 24 19:24 dira
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filea
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 fileb
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filec
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filed
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 filee
-rw-r--r-- 1 justin staff 10240 Nov 24 19:22 files.tar
/tmp/junk/dira:
total 0
-rw-r--r-- 1 justin staff 0 Nov 24 19:23 filef
-rw-r--r-- 1 justin staff 0 Nov 24 19:24 fileg

AIX Basic System Administration 338

AIX File Management
 You can extract only a specific file from your archive tar-ball:

$ ls -l /tmp/junk/filea
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 /tmp/junk/filea

$ rm /tmp/junk/filea
$ ls -l /tmp/junk/filea
ls: 0653-341 The file /tmp/junk/filea does not exist.

$ tar -xvf files.tar /tmp/junk/filea

x /tmp/junk/filea, 0 bytes, 0 media blocks.

$ ls -l /tmp/junk/filea
-rw-r--r-- 1 justin staff 0 Nov 24 19:22 /tmp/junk/filea
$

AIX Basic System Administration 339

AIX File Management
 To add to the contents of a tar-ball which already exists:
$ tar -tvf /tmp/files.tar
drwxr-xr-x 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/
-rw-r--r-- 202 1 0 Nov 24 19:23:55 2010 /tmp/junk/dira/filef
-rw-r--r-- 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/fileg
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filea
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/fileb
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filec
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filed
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filee
-rw-r--r-- 202 1 10240 Nov 24 19:22:32 2010 /tmp/junk/files.tar
$ touch /tmp/FILEA /tmp/FILEB
$ tar -rvf /tmp/files.tar /tmp/FILEA /tmp/FILEB
a /tmp/FILEA 0 blocks.
a /tmp/FILEB 0 blocks.
$ tar -tvf /tmp/files.tar
drwxr-xr-x 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/
-rw-r--r-- 202 1 0 Nov 24 19:23:55 2010 /tmp/junk/dira/filef
-rw-r--r-- 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/fileg
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filea
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/fileb
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filec
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filed
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filee
-rw-r--r-- 202 1 10240 Nov 24 19:22:32 2010 /tmp/junk/files.tar
-rw-r--r-- 202 1 0 Nov 24 19:41:21 2010 /tmp/FILEA
-rw-r--r-- 202 1 0 Nov 24 19:41:21 2010 /tmp/FILEB
$

AIX Basic System Administration 340

AIX File Management

 You can also use the tar command to move files, and subdirectories between
systems, etc.

 Note, the native tar command in AIX can only crate tar-ball archives which are 8
gig in size. To get around this you can download a free version called gtar,
which can create tar-ball archives which are greater than 8 gig in size.

AIX Basic System Administration 341

AIX File Management

 You can compress files in Unix with the compress command

$ pwd
/tmp

$ ls -l files.tar
-rw-r--r-- 1 justin staff 20480 Nov 24 19:41 files.tar

$ compress files.tar
$ ls -l files.tar
ls: 0653-341 The file files.tar does not exist.

$ ls -l files.tar.Z
-rw-r--r-- 1 justin staff 886 Nov 24 19:41 files.tar.Z

$ tar -xvf files.tar.Z

tar: 0511-169 A directory checksum error on media; 0 not equal to 61150.

Note, the compress command automatically appends a .Z extension to the end of

the file it compresses.

AIX Basic System Administration 342

AIX File Management
 To uncompress a file you use the, you guessed it, uncompress comand:

$ ls -l files.tar.Z
-rw-r--r-- 1 justin staff 886 Nov 24 19:41 files.tar.Z

$ uncompress files.tar.Z
$ ls -l files.tar
-rw-r--r-- 1 justin staff 20480 Nov 24 19:41 files.tar

$ tar –tvf files.tar

drwxr-xr-x 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/
-rw-r--r-- 202 1 0 Nov 24 19:23:55 2010 /tmp/junk/dira/filef
-rw-r--r-- 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/fileg
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filea
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/fileb
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filec
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filed
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filee
-rw-r--r-- 202 1 10240 Nov 24 19:22:32 2010 /tmp/junk/files.tar
-rw-r--r-- 202 1 0 Nov 24 19:41:21 2010 /tmp/FILEA
-rw-r--r-- 202 1 0 Nov 24 19:41:21 2010 /tmp/FILEB
$

Note the uncompress command will automatically remove the .Z extension of a file it
uncompresses.

AIX Basic System Administration 343

AIX File Management
 There is another command which handles compression. It is called gzip.

$ ls -l files.tar
-rw-r--r-- 1 justin staff 20480 Nov 24 19:41 files.tar

$ gzip files.tar
$ ls -l files.tar.gz
-rw-r--r-- 1 justin staff 379 Nov 24 19:41 files.tar.gz

$ tar -tvf files.tar.gz

tar: 0511-164 There is a media read or write block size error.
$

The gzip command will append the file extension .gz to any files it compresses.

Note, the gzip command achieves a better compression ratio than the compress
command.
AIX Basic System Administration 344
AIX File Management
 To uncompress any file you compressed with the gzip command, you use the
gunzip command:

$ ls -l files.tar.gz
-rw-r--r-- 1 justin staff 379 Nov 24 19:41 files.tar.gz

$ gunzip files.tar.gz
$ ls -l files.tar
-rw-r--r-- 1 justin staff 20480 Nov 24 19:41 files.tar

$ tar -tvf files.tar

drwxr-xr-x 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/
-rw-r--r-- 202 1 0 Nov 24 19:23:55 2010 /tmp/junk/dira/filef
-rw-r--r-- 202 1 0 Nov 24 19:24:01 2010 /tmp/junk/dira/fileg
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filea
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/fileb
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filec
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filed
-rw-r--r-- 202 1 0 Nov 24 19:22:24 2010 /tmp/junk/filee
-rw-r--r-- 202 1 10240 Nov 24 19:22:32 2010 /tmp/junk/files.tar
-rw-r--r-- 202 1 0 Nov 24 19:41:21 2010 /tmp/FILEA
-rw-r--r-- 202 1 0 Nov 24 19:41:21 2010 /tmp/FILEB
$

Notice how the gunzip command removes the .gz file extension from the file you
uncompressed.
AIX Basic System Administration 345
AIX File Management

 The checksum of a file can serve as both a security measure and an integrity
check for files.

 There are three sum commands available in AIX:

sum – Two numbers generated. One is a 16-bit checksum. The other is how
many 1024-byte blocks the file occupies.

cksum- Two numbers are generated. One is a 32-bit checksum, CRC – Cyclic
Redundancy Check. The other is the number of bytes the file occupies.

csum – md5 checksum. The most reliable.

AIX Basic System Administration 346

AIX File Management
$ sum /tmp/files.tar
55502 20 /tmp/files.tar

$ sum /tmp/files.tar
55502 20 /tmp/files.tar
$

The cksum comand:

$ cksum /tmp/files.tar
3203472726 20480 /tmp/files.tar

$ cksum /tmp/files.tar
3203472726 20480 /tmp/files.tar
$

The csum command:

$ csum /tmp/files.tar
3b527c471941b88b516e655a6b2e3476 /tmp/files.tar
$ csum /tmp/files.tar
3b527c471941b88b516e655a6b2e3476 /tmp/files.tar
$

AIX Basic System Administration 347

AIX File Managment

 Changing the contents of a file in anyway will change the checksum:

Previous: 55502 20

$ echo "" >> /tmp/files.tar

$ sum /tmp/files.tar
27761 21 /tmp/files.tar

Previous: 3203472726 20480

$ cksum /tmp/files.tar
934779789 20481 /tmp/files.tar

Previous: 3b527c471941b88b516e655a6b2e3476
$ csum /tmp/files.tar
2983325f6403aedddfe0b44a70dcffed /tmp/files.tar
$

AIX Basic System Administration 348

AIX File Management
 The Unix file command performs a series of tests on an object, and determines
the type: files, directory, text file, executable, etc:

$ file /tmp
/tmp: directory

$ file /tmp/files.tar
/tmp/files.tar: tar archive

$ file /usr/bin/cat
/usr/bin/cat: executable (RISC System/6000) or object module

$ file /tmp/junk/filea
/tmp/junk/filea: empty
$

$ file /etc/hosts
/etc/hosts: ascii text
$

AIX Basic System Administration 349

AIX File Management

 Computer science refresher of how space is calculated.

Byte scale:

- 8 Bits = 1 Byte
- 1,000 Bytes = 1 Kilobyte
- 1,000 Kilobytes = 1 Megabyte
- 1,000 Megabytes = 1 Gigabyte
- 1,000 Gigabytes = 1 Terabyte
- 1,000 Terabytes = 1 Petabyte
- 1,000 Petabytes = 1 Exabyte
- 1,000 Exabytes = 1 Zettabyte
- 1,000 Zettabytes = 1 Yottabyte

AIX Basic System Administration 350

AIX File Management
 You can create empty files of a certain size in AIX. The command is called
lmktemp. To create a 10 meg file called testfile in /tmp:

# pwd
/tmp

# lmktemp testfile 10m

testfile

# ls -l testfile
-rw-r--r-- 1 root system 10485760 Nov 29 11:12 testfile

To create a 1 gig file:

# lmktemp testfile2 1000m

testfile2

# ls -l testfile2
-rw-r--r-- 1 root system 1048576000 Nov 29 11:17 testfile2
#

AIX Basic System Administration 351

AIX File Management

To display the size of a file or directory use the du command.

# du -m testfile
10.00 testfile

# du -g testfile2
0.98 testfile2

# du -m testfile2
1000.00 testfile2
#

AIX Basic System Administration 352

 AIX File Management
 To view the size of an entire directory, you can use the du command against a
directory as well as a file.

# pwd
/tmp

# mkdir files
# cd files
# pwd
/tmp/files

# mv testfile files
# mv testfile2 files
# ls -l files
total 2068488
-rw-r--r-- 1 root system 10485760 Nov 29 11:23 testfile
-rw-r--r-- 1 root system 1048576000 Nov 29 11:23 testfile2
#

# du -m files
1010.00 files

# du -g files
0.99 files

# rm –r files

AIX Basic System Administration 353

AIX System Paging Space

AIX Basic System Administration 354

AIX System Paging Space

 Paging space allows the system to address more memory then is actually
there.

 If you have 20 gig of real memory/RAM, but also have 5 gig of paging space,
you can think of the system as having 25 gig of total memory.

 Paging space resides on physical disk as a logical volume.

It is a special purpose logical volume in AIX which is not intended to have a
filesystem on it.

Paging space is also known as swap space.

AIX Basic System Administration 355

AIX System Paging Space
 How it works?

When the amount of free physical memory/RAM in the system is low, programs or
data that have not been used recently are moved from real physical
memory/RAM to paging space on disk to release the real memory/RAM for other
activities.

By default AIX BOS installation creates a paging space logical volume called hd6 on
drive hdisk0, where you installed the operating system.

The default paging space size is determined during BOS installation, by the
following initial sizing rules:

- Paging space can use no less than 64 MB.

- If real memory/RAM is less than 256 MB, paging space is two times real memory.
- If real memory/RAM is greater than or equal to 256 MB, paging space is 512 MB

- On all systems today the paging space will be 512MB by default.

AIX Basic System Administration 356

AIX System Paging Space
 You can create multiple paging space logical volumes on a system.

 Paging space is allocated in a round robin fashion via 4KB pages with multiple
paging spaces/lvs.

 To display the current paging spaces and usage:

# lsps -s
Total Paging Space Percent Used
512MB 2%
#

To display more info regarding your paging space:

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0
#

AIX Basic System Administration 357

AIX System Paging Space

 You can dynamically increase the size of paging space with the
following command:
# lsvg rootvg | grep -i "pp size"
VG STATE: active PP SIZE: 64 megabyte(s)

# bc
1000 / 64
15
quit

# chps -s 15 hd6
# lsps -s
Total Paging Space Percent Used
1472MB 1%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
hd6 hdisk0 rootvg 1472MB 1 yes yes lv 0
#

AIX Basic System Administration 358

AIX System Paging Space
 You can dynamically reduce the size of a paging space:

# lsps -s
Total Paging Space Percent Used
1472MB 1%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
hd6 hdisk0 rootvg 1472MB 1 yes yes lv 0

# chps -d 15 hd6
shrinkps: Temporary paging space paging00 created.
shrinkps: Dump device moved to temporary paging space.
shrinkps: Paging space hd6 removed.
shrinkps: Paging space hd6 recreated with new size.
shrinkps: Resized and original paging space characteristics differ,
check the lslv command output.

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0

# lsps -s
Total Paging Space Percent Used
512MB 2%
#

AIX Basic System Administration 359

AIX System Paging Space
 To create additional paging spaces use smitty:

# smitty mkps

AIX Basic System Administration 360

AIX System Paging Space
For the sake of this lab, please select no for start using
paging space now, and use this paging space each time
the system is restarted

AIX Basic System Administration 361

AIX System Paging Space
 By default a logical volume with the name paging00, will be created for your
paging space. Note all subsequent paging spaces will be named paging##, ##
being incremented by one.

AIX Basic System Administration 362

AIX System Paging Space
# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 0 no no lv 0
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0

# lsps -s
Total Paging Space Percent Used
512MB 2%
#

Notice how the column Active, and Auto have the value of no for this newly
created paging space, paging00. To activate the paging space use the swapon
command:
# swapon /dev/paging00
# lsps -s
Total Paging Space Percent Used
1472MB 1%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 1 yes no lv 0
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0
#

AIX Basic System Administration 363

AIX System Paging Space

 To disable paging space, use the swapoff command:

# lsps -s
Total Paging Space Percent Used
1472MB 1%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 1 yes no lv 0
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0

# swapoff /dev/paging00
# lsps -s
Total Paging Space Percent Used
512MB 2%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 0 no no lv 0
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0
#

AIX Basic System Administration 364

AIX System Paging Space

 Reboot your system:

# shutdown -Fr

SHUTDOWN PROGRAM
Sat Sep 5 17:07:48 EDT 2009
Wait for 'Rebooting...' before stopping.
Error logging stopped...
Advanced Accounting has stopped...
Process accounting stopped...
Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-004 The Subsystem or Group, gssd, is currently inoperative.
0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.

AIX Basic System Administration 365

AIX System Paging Space

 When the system comes back up from its reboot, we will see that
the paging space we created, paging00, is not activated:

# uptime
10:10AM up 1 min, 1 user, load average: 0.06, 0.03, 0.01

# who -b
. system boot Nov 26 10:09

# lsps -s
Total Paging Space Percent Used
512MB 2%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 0 no no lv 0
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0
#

AIX Basic System Administration 366

AIX System Paging Space
 It is not activated because it isn’t set to do so in the /etc/swapspaces file.

# ls -l /etc/swapspaces
-rw-r--r-- 1 root system 502 Nov 26 09:59 /etc/swapspaces

# cat /etc/swapspaces
* /etc/swapspaces
*
* This file lists all the paging spaces that are automatically put into
* service on each system restart (the 'swapon -a' command executed from
* /etc/rc swaps on every device listed here).
*
* WARNING: Only paging space devices should be listed here.
*
* This file is modified by the chps, mkps and rmps commands and referenced
* by the lsps and swapon commands.

hd6:
dev = /dev/hd6
auto = yes
checksum_size = 0

paging00:
dev = /dev/paging00
auto = no
checksum_size = 0

AIX Basic System Administration 367

AIX System Paging Space
 To set this paging space to activate automatically on system boot up you can
either edit this file manually, or you can use the following command which will
make the appropriate change to this file.

# chps -ay paging00

# cat /etc/swapspaces
* /etc/swapspaces
*
* This file lists all the paging spaces that are automatically put into
* service on each system restart (the 'swapon -a' command executed from
* /etc/rc swaps on every device listed here).
*
* WARNING: Only paging space devices should be listed here.
*
* This file is modified by the chps, mkps and rmps commands and referenced
* by the lsps and swapon commands.

hd6:
dev = /dev/hd6
auto = yes
checksum_size = 0

paging00:
dev = /dev/paging00
auto = yes
checksum_size = 0

AIX Basic System Administration 368

AIX System Paging Space
# lsps -s
Total Paging Space Percent Used
512MB 2%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 0 no yes lv 0
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0
#

 You can manually enable all paging spaces with the command:
# swapon -a
0517-075 swapon: Paging device /dev/hd6 is already active.
swapon: Paging device /dev/paging00 activated.
#

# lsps -s
Total Paging Space Percent Used
1472MB 1%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 1 yes yes lv 0
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0
#

AIX Basic System Administration 369

AIX System Paging Space
 Reboot your system once again:

# shutdown -Fr

SHUTDOWN PROGRAM
Sat Sep 5 17:07:48 EDT 2009
Wait for 'Rebooting...' before stopping.
Error logging stopped...
Advanced Accounting has stopped...
Process accounting stopped...
Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-004 The Subsystem or Group, gssd, is currently inoperative.
0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.

AIX Basic System Administration 370

AIX System Paging Space
 When the system comes back up from it’s reboot this time, you will see that the
paging spaces were automatically activated:

# uptime
10:28AM up 1 min, 1 user, load average: 0.46, 0.16, 0.06

# who -b
. system boot Nov 26 10:27

# lsps -s
Total Paging Space Percent Used
1472MB 1%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 1 yes yes lv 0
hd6 hdisk0 rootvg 512MB 1 yes yes lv 0
#

AIX Basic System Administration 371

AIX System Paging Space
 To remove a paging space, the paging space must be disabled.

# lsps -s
Total Paging Space Percent Used
1472MB 1%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
paging00 hdisk0 rootvg 960MB 1 yes yes lv 0
hd6 hdisk0 rootvg 512MB 1 yes yes lv 0

# swapoff /dev/paging00
# rmps paging00
rmlv: Logical volume paging00 is removed.

# lsps -s
Total Paging Space Percent Used
512MB 2%

# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum
hd6 hdisk0 rootvg 512MB 2 yes yes lv 0
#

AIX Basic System Administration 372

AIX System Paging Space

 Guidelines for creating paging spaces.

1. Do not create more than one paging space on one hdisk.

2. Create all paging spaces to be equal size on the system.
3. Do not create a paging space so it spans multiple hdisks.
4. Attempt to keep all paging spaces in rootvg.
5. Do not put paging spaces on currently heavily utilized hdisks.

AIX Basic System Administration 373

 AIX System Dump Facility

AIX Basic System Administration 374

AIX System Dump Facility
 When the system boots it copies the entire kernel into memory/RAM.

 When the system experiences a fatal error in it’s kernel, sometimes referred to
as a kernel panic, the system dump facility will copy the entire contents of
memory/RAM, kernel memory pages, to a special logical volume known as the
dump device.

 By default if your system’s memory/RAM is less than 4 gig, during BOS

installation, the system will designate the same logical volume used for paging
space as it’s dump device, hd6. However, if the memory/RAM is greater than 4
gig, during BOS installation, then system will create it’s own dedicated dump
device, called lg_dumplv, for LarGe DUMP device.

 When there is a fatal problem which would cause AIX not to function any
longer, the entire contents of the kernel will be dumped to this dump device.
After that the system will reboot itself, and return to service. You can then either
analyze the generated system dump yourself, or send it to IBM technical
support for analysis, as some analysis require in depth knowledge of AIX
internals, as well as access to it’s source code.

AIX Basic System Administration 375

AIX System Dump Facility
 There are two types of dumps. A system dump which is an entire
dump of the kernel’s memory to disk, and a core dump, which is just
a dump of a specific program’s memory area. Note, you will need
access to the program’s source code to troubleshoot core dumps,
usually.

 You can generate your own via the following commands:

# ps -ef | grep -i sleep
# ls -l core
ls: 0653-341 The file core does not exist.
# sleep 1000 &
[1] 3080416

# ps -ef | grep -i sleep

root 3080416 5570658 0 12:31:48 pts/1 0:00 sleep 1000
# kill -11 3080416
# ls -l core
-rw------- 1 root system 7188 Nov 26 12:31 core
[1] + Segmentation fault(coredump) sleep 1000 &
# ls -l core
-rw------- 1 root system 7188 Nov 26 12:31 core

AIX Basic System Administration 376

AIX System Dump Facility
 To view the current system dump device settings use the sysdumpdev
command:

# sysdumpdev -l
primary /dev/hd6
secondary /dev/sysdumpnull
copy directory /var/adm/ras
forced copy flag TRUE
always allow dump FALSE
dump compression ON
type of dump traditional
#

Due to the fact that our systems in this lab are all under 4 gig of memory/RAM, we
do not have a dedicated dump device for the running kernel to dump to. In the
event of a system dump/panic, it will dump to /dev/hd6, which is also the default
paging space logical volume device.

Note: A system dump in AIX version 6.1, and above will always result in a
compressed system dump. You cannot disable compression any longer.

AIX Basic System Administration 377

AIX System Dump Facility

 Due to this, if the system were to dump it’s running kernel, due to an error, it will dump to
hd6. Now theoretically the system has no need for paging space at this point, because it is
in the process of crashing completely. That being the case it uses that space for the
running system’s kernel in memory which is currently failing.

 After the system dumps the running kernel to the paging space LV, hd6, it will reboot itself.

 During the system boot following a system dump, the system will copy the dump contained
in the logical volume to a file on disk, to clear the space for paging space. This directory is
called the copy directory.

 If your copy directory does not have sufficient space for this copy, to hold the dump in hd6,
you will be asked, via the console, to copy the dump off of the paging space to an external
device to protect it. You need to protect it from when the system boots and paging space is
active, otherwise when paging space is initialized, and written to it will overwrite some of
the dump, or all of it, damaging it. Note, the system only prompts you for this copy during
system reboot, if the dump device is set to the paging space device.

AIX Basic System Administration 378

AIX System Dump Facility

 On systems that have never experienced a dump/system crash before:

# sysdumpdev -L
0453-019 No previous dumps recorded.

Scanning device /dev/hd6 for existing dump.

AIX Basic System Administration 379

AIX System Dump Facility
 To manually start a system dump execute the following command:

# sysdumpstart –p

After the system dumps the memory to the dump device, the system will
automatically reboot itself.

# uptime
10:06PM up 1 user, load average: 0.63, 0.20, 0.07
# who -b
. system boot Nov 26 22:05
# sysdumpdev -L
0453-039

Device name: /dev/hd6

Major device number: 10
Minor device number: 2
Size: 67115008 bytes
Uncompressed Size: 644424256 bytes
Date/Time: Fri Nov 26 22:01:53 CST 2010
Dump status: 0
Type of dump: traditional
dump completed successfully
Dump copy filename: /var/adm/ras/vmcore.0.BZ
# cd /var/adm/ras
# ls -l vmcore*
-rw------- 1 root system 67115008 Nov 26 22:04 vmcore.0.BZ
#

AIX Basic System Administration 380

AIX System Dump Facility
 Kick off another system dump.

# sysdumpstart –p

# uptime
10:13PM up 1 min, 2 users, load average: 0.66, 0.28, 0.11
# who -b
. system boot Nov 26 22:12

# sysdumpdev -L
0453-039

Device name: /dev/hd6

Major device number: 10
Minor device number: 2
Size: 67697664 bytes
Uncompressed Size: 652301407 bytes
Date/Time: Fri Nov 26 22:08:02 CST 2010
Dump status: 0
Type of dump: traditional
dump completed successfully
Dump copy filename: /var/adm/ras/vmcore.1.BZ
# cd /var/adm/ras
# ls -l vmcore*
-rw------- 1 root system 67697664 Nov 26 22:10 vmcore.1.BZ
#

AIX Basic System Administration 381

AIX System Dump Facility
Go to the /var/adm/ras directory, default copy directory, and create an empty file so
it takes up most of the space of that filesystem, as a test to see what will happen
when the system reboots after a system dump and discovers that the copy
directory is too small to copy the dump on the dump device to.

# cd /var/adm/ras
# pwd
/var/adm/ras

# df -m .
Filesystem MB blocks Free %Used Iused %Iused Mounted on
/dev/hd9var 448.00 114.32 75% 9859 27% /var

# lmktemp file 110000000

File

# du -m file
104.91 file
# df -m .
Filesystem MB blocks Free %Used Iused %Iused Mounted on
/dev/hd9var 448.00 9.41 98% 9860 73% /var

# sysdumpstart –p

AIX Basic System Administration 382

AIX System Dump Facility
 You will see the following menu appear which is giving you the opportunity to
copy this system dump file safely off to removable media such as tape, so the
system can start using the paging space device, hd6, again when it fully boots,
and your dump will be safe for analysis. Just type 99 to continue the boot
process.

AIX Basic System Administration 383

AIX System Dump Facility
 To change the dump copy directory. Create a filesystem called
/dump, or whatever, and make it 1 gig:

# smitty crfs

AIX Basic System Administration 384

AIX System Dump Facility

AIX Basic System Administration 385

AIX System Dump Facility

AIX Basic System Administration 386

AIX System Dump Facility

AIX Basic System Administration 387

AIX System Dump Facility

AIX Basic System Administration 388

AIX System Dump Facility
# mount /dump
# df -m /dump
Filesystem MB blocks Free %Used Iused %Iused Mounted on
/dev/fslv02 128.00 127.66 1% 4 1% /dump

# ls /dump
lost+found

# sysdumpdev -l
primary /dev/hd6
secondary /dev/sysdumpnull
copy directory /var/adm/ras
forced copy flag TRUE
always allow dump FALSE
dump compression ON
type of dump traditional

# sysdumpdev -d /dump
# sysdumpdev -l
primary /dev/hd6
secondary /dev/sysdumpnull
copy directory /dump
forced copy flag FALSE
always allow dump FALSE
dump compression ON
type of dump traditional
#

AIX Basic System Administration 389

AIX System Dump Facility
 Initiate a system dump again:

# sysdumpstart –p

# uptime
11:03PM up 1 min, 1 user, load average: 0.95, 0.32, 0.12
# who -b
. system boot Nov 26 23:01
# sysdumpdev -L
0453-039

Device name: /dev/hd6

Major device number: 10
Minor device number: 2
Size: 67366400 bytes
Uncompressed Size: 652640517 bytes
Date/Time: Fri Nov 26 22:57:49 CST 2010
Dump status: 0
Type of dump: traditional
dump completed successfully
Dump copy filename: /dump/vmcore.0.BZ
# ls -l /dump
total 131584
--w------- 1 root system 2 Nov 26 23:00 bounds
-rw------- 1 root system 67366400 Nov 26 23:00 vmcore.0.BZ
#

AIX Basic System Administration 390

AIX System Dump Facility

 Prior to you creating a dedicated dump device, you need to determine how
much space your would need if your system were to crash/dump right now.

 You should run this command during your system’s most heaviest workload.

# sysdumpdev -e
0453-041 Estimated dump size in bytes: 189372825
#

AIX Basic System Administration 391

AIX System Dump Facility
 To change the primary dump device/LV, so that a copy is not
necessary on the subsequent reboot following the system crash:
# lsvg rootvg | grep -i "pp size"
VG STATE: active PP SIZE: 64 megabyte(s)
# smitty mklv

AIX Basic System Administration 392

AIX System Dump Facility
Intentionally create it too small

AIX Basic System Administration 393

AIX System Dump Facility

AIX Basic System Administration 394

AIX System Dump Facility
# sysdumpdev -l
primary /dev/hd6
secondary /dev/sysdumpnull
copy directory /dump
forced copy flag FALSE
always allow dump FALSE
dump compression ON
type of dump traditional

# sysdumpdev -Pp /dev/dumplv

primary /dev/dumplv
secondary /dev/sysdumpnull
copy directory /dump
forced copy flag FALSE
always allow dump FALSE
dump compression ON
type of dump traditional
#

AIX Basic System Administration 395

AIX System Dump Facility

 Create another LV which will be the secondary dump device:

# smitty mklv

AIX Basic System Administration 396

AIX System Dump Facility

AIX Basic System Administration 397

AIX System Dump Facility

AIX Basic System Administration 398

AIX System Dump Facility

# sysdumpdev -l
primary /dev/dumplv
secondary /dev/sysdumpnull
copy directory /dump
forced copy flag FALSE
always allow dump FALSE
dump compression ON
type of dump traditional

# sysdumpdev -Ps /dev/dumplv2

primary /dev/dumplv
secondary /dev/dumplv2
copy directory /dump
forced copy flag FALSE
always allow dump FALSE
dump compression ON
type of dump traditional
#

AIX Basic System Administration 399

AIX System Dump Facility
 Initiate another system dump:

# sysdumpstart –p

After the system reboot:

# uptime
11:35PM up 1 user, load average: 0.43, 0.11, 0.04
# who -b
. system boot Nov 26 23:35
# sysdumpdev -L
0453-039

Device name: /dev/dumplv2

Major device number: 10
Minor device number: 16
Size: 67108352 bytes
Uncompressed Size: 644473103 bytes
Date/Time: Fri Nov 26 23:31:22 CST 2010
Dump status: -2  RETURN CODE INDICATES DUMP DEVICE WAS TOO SMALL.
Type of dump: traditional
dump device too small
#

AIX Basic System Administration 400

AIX System Dump Facility

 You or IBM support examine’s the dump with the kdb, Kernel DeBugger utility.

 In version of AIX 4.3 and below the crash utility was used. In AIX version 5.1
and above the kdb utility is used.

AIX Basic System Administration 401

 AIX System Dump Facility
 Typically IBM/AIX technical support will have you run the snap command to
gather configuration information, as well as the system dump iteself into one
package, to send to them for further analysis:

# snap -a
Checking space requirement for general information.........

Checking space requirement for tcpip information..................................................... done.

Checking space requirement for kernel information............... done.
Checking space requirement for printer information.... done.
Checking space requirement for dump information........
Attention: The dump is compressed, and we were not able to verify it is
consistent with /unix. Processing continues. . done.
Checking space requirement for sna information.../var/sna not found done.
Checking space requirement for filesys information.................... done.
Checking space requirement for async information................ done.
Checking space requirement for lang information.......... done.
Checking space requirement for XS25 information.................................................................................................done.
Checking space requirement for install information... done.
Checking space requirement for ssa information.......... done.
Checking space requirement for logical volume manager information.........VGs...PVs.. done.
Checking space requirement for multicpu trace files
/var/adm/ras/trcfile: No such file or directory

AIX Basic System Administration 402

 AIX System Dump Facility
# ls -ld /tmp/ibmsupt
drwx------ 29 root system 4096 Dec 08 14:47 /tmp/ibmsupt

# date
Wed Dec 1 14:50:52 CST 2010

# cd /tmp/ibmsupt
# pwd
/tmp/ibmsupt

# ls
async dumpdata getRtasHeap kernel nfs printer sissas
tcpip wpars
XS25 client_collect filesys hacmp lang other
scraid sna testcase
artex dump general install lvm pcixscsi
script.log ssa wlm
#

AIX Basic System Administration 403

AIX System Dump Facility
Everything the IBM technician requires to analyze the system dump:

# cd dump
# pwd
/tmp/ibmsupt/dump

# ls
autoload dump.BZ dump.snap errdead kdb kdb_64
livedumpdead mdmprpt.out minidump_last trcdead unix.Z
#

AIX Basic System Administration 404

AIX System Dump Facility
 The kdb is a tool/command for analysing the system dumps. It is used for post-
mortem analysis of system dumps, or for monitoring the running kernel.

 The kdb command has two arguments, when running on the system that did not
originally generate the system dump you are analyzing.

1. The dump file

2. The unix, kernel, file from the failing system. They are both included in that
snap /tmp/ibmsupt/dump directory.

If you are analyzing the system dump on the system where the dump was
generated, then you will not need to explicitly specify the unix, kernel, file as an
argument when invoking it.

In this example, we’ll invoke it with the unix, kernel, file as if we were IBM/AIX
technical support.

AIX Basic System Administration 405

 AIX System Dump Facility
 You will have to uncompress the unix, kernel, file and the system dump file
before analyzing it:

# uncompress unix.Z
# dmpuncompress dump.BZ
-- replaced with dump
#

Now invoke the kdb command against both:

# kdb dump unix
dump mapped from @ 700000000000000 to @ 7000000290f4300
START END <name>
0000000000001000 0000000004070000 start+000FD8
F00000002FF47600 F00000002FFDF9C0 __ublock+000000
000000002FF22FF4 000000002FF22FF8 environ+000000
000000002FF22FF8 000000002FF22FFC errno+000000
F1000F0A00000000 F1000F0A10000000 pvproc+000000
F1000F0A10000000 F1000F0A18000000 pvthread+000000
Dump analysis on CHRP_SMP_PCI POWER_PC POWER_7 machine with 4 available CPU(s) (64-bit registers)
Processing symbol table...
.......................done
read vscsi_scsi_ptrs OK, ptr = 0xF1000000C015F398
(0)>

AIX Basic System Administration 406

AIX System Dump Facility
 The first step is always to issue the stat command, this will give you some basic
high level information about the system which crashed:

(0)> stat
SYSTEM_CONFIGURATION:
CHRP_SMP_PCI POWER_PC POWER_7 machine with 4 available CPU(s) (64-bit registers)

SYSTEM STATUS:
sysname... AIX
nodename.. gvicaix09
release... 1
version... 6
build date Oct 1 2010
build time 18:00:31
label..... 1040A_61L
machine... 000B158AD400
nid....... 0B158AD4
time of crash: Wed Dec 1 13:44:09 2010
age of system: 3 day, 23 hr., 4 min., 46 sec.
xmalloc debug: enabled
FRRs active... 0
FRRs started.. 0

CRASH INFORMATION:
CPU -1 CSA 03C372A8 at time of crash, error code for LEDs: 00000000

(0)>

AIX Basic System Administration 407

AIX System Dump Facility
 The kdb utility always opens on the CPU which ran the crashing thread. The
prompt of kdb when we started it was 0, meaning any command we issue in this
prompt, will be giving us info about the first CPU on the system which crashed.

0>

To switch CPUs, use the kdb cpu # command:

0> cpu 1
1>

Now the kdb prompt changes because we are now looking at CPU 1 – The
second CPU.

AIX Basic System Administration 408

AIX System Dump Facility
 Now move to other CPUs:

(1)> cpu 2

(2)> cpu 3

(3)> cpu 4
Invalid cpu 4 number

Notice how moving to CPU 4 errored. Why? Well let’s exit kdb and find out. Kdb
is exited with the exit command:

(3)> exit
#

AIX Basic System Administration 409

AIX System Dump Facility
 List the CPUs installed on this system. Each processor core has 4 possible
hardware thread execution streams. That is why we have

# lsdev -Cc processor

proc0 Available 00-00 Processor

# lsattr -El proc0

frequency 3000000000 Processor Speed False
smt_enabled true Processor SMT enabled False
smt_threads 4 Processor SMT threads False
state enable Processor state False
type PowerPC_POWER7 Processor type False

# smtctl

This system is SMT capable.

This system supports up to 4 SMT threads per processor.
SMT is currently enabled.
SMT boot mode is not set.
SMT threads are bound to the same virtual processor.

proc0 has 4 SMT threads.

Bind processor 0 is bound with proc0
Bind processor 1 is bound with proc0
Bind processor 2 is bound with proc0
Bind processor 3 is bound with proc0

AIX Basic System Administration 410

AIX System Dump Facility
 To see what was running on each processor/CPU at the time of the system
crash:

(0)> status
CPU TID TSLOT PID PSLOT PROC_NAME
0 1860061 390 6000BE 96 sysdumpstart
1 180031 24 E001C 14 wait
2 190033 25 F001E 15 wait
3 1B0037 27 100020 16 wait
4-255 Disabled

AIX Basic System Administration 411

 AIX System Dump Facility
 Back to kdb: kdb dump /unix
 To list filesystems which were mounted on the system that crash, at the time of
the crash:

(0)> vfs
GFS DATA TYPE FLAGS

1 F1000A01000C0510 028A8780 F1000A0180660080 JFS2 DEVMOUNT

... /dev/hd4 mounted over /
2 F1000A01000C0610 028A8780 F1000A0180631C80 JFS2 DEVMOUNT
... /dev/hd2 mounted over /usr
3 F1000A01000C0C10 028A8780 F1000A0180604880 JFS2 DEVMOUNT
... /dev/hd9var mounted over /var
4 F1000A01000C0410 028A8780 F1000A0180695C80 JFS2 DEVMOUNT
... /dev/hd3 mounted over /tmp
5 F1000A01000C0E10 028A8780 F1000A01808AB880 JFS2 DEVMOUNT
... /dev/hd1 mounted over /home
6 F1000A01000C1010 028A8780 F1000A018091B880 JFS2 DEVMOUNT
... /dev/hd11admin mounted over /admin
7 F1000A01000C1110 028A8820 0000000000000000 PROCFS
... /proc mounted over /proc
8 F1000A01000C1210 028A8780 F1000A01808CBC80 JFS2 DEVMOUNT
... /dev/hd10opt mounted over /opt
9 F1000A01000C0D10 028A8780 F1000A018166DC80 JFS2 DEVMOUNT
... /dev/fslv00 mounted over /fs1

AIX Basic System Administration 412

AIX System Dump Facility
(0)> p *
SLOT NAME STATE PID PPID ADSPACE CL #THS

pvproc+000000 0 swapper ACTIVE 0000000 0000000 0000000801001190 0 0001

pvproc+000400 1 init ACTIVE 0000001 0000000 0000000815095480 0 0001
pvproc+000800 2 wait ACTIVE 0020004 0000000 0000000803003190 0 0001
pvproc+000C00 3 sched ACTIVE 0030006 0000000 0000000805005190 0 0001
pvproc+001000 4 lrud ACTIVE 0040008 0000000 0000000807007190 0 0002
pvproc+001400 5 vmptacrt ACTIVE 005000A 0000000 0000000809009190 0 0001
…
pvproc+018000 96*sysdumps ACTIVE 06000BE 07400D4 000000081CDBC480 0 0001
pvproc+018400 97 IBM.CSMA ACTIVE 06100C2 04F00CC 00000008177B7480 0 0016
pvproc+019000 100 IBM.DRMd ACTIVE 064004E 04F00CC 0000000804804480 0 0014
pvproc+019400 101 getty ACTIVE 0650042 0000001 0000000811B11480 0 0001
pvproc+01A400 105 telnetd ACTIVE 069009C 03B00AE 000000081ED7E480 0 0001
pvproc+01AC00 107 efs_tkr_ ACTIVE 06B0058 0000001 000000080FB0F190 0 0001
pvproc+01D000 116 ksh ACTIVE 07400D4 069009C 0000000806D66480 0 0001

(0)>

AIX Basic System Administration 413

AIX System Dump Facility
To display more info about a particular process in the particular internal process
slot table.

(0)> p 96
SLOT NAME STATE PID PPID ADSPACE CL #THS

pvproc+018000 96*sysdumps ACTIVE 06000BE 07400D4 000000081CDBC480 0 0001

NAME....... sysdumpstart
STATE...... stat :07 .... xstat :0000
FLAGS...... flag :00200001 LOAD EXECED
........... flag2 :00000000
........... flag3 :00000000
........... atomic :00000000
........... secflag:0001 ROOT
LINKS...... child :0000000000000000
........... siblings :0000000000000000
........... uidinfo :00000000022A2D68
........... ganchor :F1000F0A00018000 <pvproc+018000>
THREAD..... threadlist :F1000F0A10018600 <pvthread+018600>
DISPATCH... synch :FFFFFFFFFFFFFFFF
AACCT...... projid :00000000 ........... sprojid :00000000
........... subproj :0000000000000000
........... file id :0000000000000000 0000000000000000 00000000
........... kcid :00000000
........... flags :0000

AIX Basic System Administration 414

AIX System Dump Facility

 Clean up from the lab:

# cd /
# umount /dump
# rmfs –r /dump

AIX Basic System Administration 415

 AIX System Process Management

AIX Basic System Administration 416

AIX System Process Management

 A program, internally, can run in two modes:

1. User mode
2. System mode

User mode means that the system is executing the source code of the program,
that a developer/programmer wrote.

System mode means that the system is executing what is known as a system
call. A system call is called on behalf of a user process. A system call is a pre-
defined “function”. System calls are functions that a programmer can call to
perform the services of the operating system. An example of a system call is
read(). When the processor sees that the running program code needs to read
a file on disk, the user program calls on the kernel to execute the read()
system call on it’s behalf because a system call has to run in the kernel’s
private/privilege area, and user programs cannot run there.

AIX Basic System Administration 417

AIX System Process Management
 A process is the entity in Unix where a program runs. It describes the
program itself, the system resources it uses, etc.

 Each process has a name, a name which is usually the name of the program,
etc. A process is a name given to a program being executed by the operating
system

 Every process has a unique ID which gets assigned to them when you
submit them to the system for execution. This ID is called the PID, Process
Identifier. This ID is used so you and the system can keep track of this
running process, and control it.

 All process IDs, PID numbers, are even, with the exception of the init
process, PID 1.

 The first system/kernel process ID, PID, is number 0. It is assigned to the

swapper process during the boot process.

 The first user process ID, PID, number is 1. It is assigned to the init process
during the boot process.
AIX Basic System Administration 418
AIX System Process Management
 The smallest unit of a process is a thread.

 Every process has at least one thread.

 A process can be multi-threaded, meaning that it can run more than one software
instruction on multiple processors/CPUs simultaneously.

 A system with multiple processors/CPUs is known as an SMP, Symmetrical Multi-

Processor, system.

 Every thread adopts many attributes from it’s parent process.

 Every thread is assigned a unique ID known as the TID, Thread Identifier. There
numbers are odd.

 Each process is made up of one or more threads.

 A thread is a single sequential flow of control.

AIX Basic System Administration 419

  The processor penalty is an integer that is calculated from the recent
processor usage of a thread

 The recent processor usage increases by approximately 1 each time the

thread is in control of the processor at the end of a 10 ms clock tick, up to a
maximum value of 120.

 Once per second, the recent processor usage values for all threads are
recalculated.

AIX Basic System Administration 420

AIX System Process Management

AIX Basic System Administration 421

AIX System Process Management
 To determine what is currently running on a system use the ps –ef command.
This command stands for Process Status – EVEN NUMBERS

# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Dec 01 - 0:00 /etc/init
root 655466 4653244 0 Dec 01 - 0:00 /usr/sbin/portmap
root 1507436 4653244 0 Dec 01 - 0:00 sendmail: accepting connect
root 1835106 4653244 0 Dec 01 - 0:00 /usr/sbin/nimesis -s
root 1966272 5570770 0 Dec 01 - 0:59 /var/opt/tivoli/ep/_jvm/jre
root 2031762 4653244 0 Dec 01 - 0:00 /usr/sbin/hostmibd
root 2162820 4653244 0 Dec 01 - 0:04 /usr/sbin/syslogd
root 2228378 4653244 0 Dec 01 - 0:00 /usr/sbin/tftpd -n
root 2293960 4653244 0 Dec 01 - 0:00 /opt/freeware/cimom/pegasus
root 2359386 1 0 Dec 01 - 0:00 /usr/ccs/bin/shlap64
root 2752610 4653244 0 Dec 01 - 0:00 /usr/sbin/aixmibd
root 2818188 4653244 0 Dec 01 - 0:00 /usr/sbin/snmpmibd
root 2949226 1 0 Dec 01 - 0:00 /opt/ibm/icc/cimom/bin/dirs
root 3014808 4653244 0 Dec 01 - 0:00 /usr/sbin/writesrv
root 3080392 1 0 Dec 01 - 0:00 /usr/sbin/uprintfd
pconsole 3145922 5701812 0 Dec 01 - 0:00 /bin/ksh /pconsole/lwi/bin/
root 3342462 4653244 0 Dec 01 - 0:00 /usr/sbin/inetd
root 3407994 4653244 0 Dec 01 - 0:00 /usr/sbin/snmpd
root 3473652 1 0 Dec 01 - 0:00 /usr/sbin/cron
root 3539112 1 1 Dec 01 - 0:31 /usr/sbin/getty /dev/consol
root 3604716 4653244 0 Dec 01 - 0:00 /usr/sbin/biod 6

AIX Basic System Administration 422

AIX System Process Management
 Threads – ODD NUMBERS

# ps –elmo THREAD

USER PID PPID TID ST CP PRI SC WCHAN F TT BND COMMAND

root 1 0 - A 0 60 1 - 200003 - - /etc/init
- - - 65539 S 0 60 1 - 410400 - --
root 1573002 1 - A 0 60 1 - 41001 - - ./slp_srvreg -D
- - - 6947061 S 0 60 1 - 418400 - --
root 1769656 1 - A 0 60 1 f1000a1000a298b0 240001 - - /opt/ibm/director/cimom/bin/tier1slp
- - - 5439691 S 0 60 1 f1000a1000a298b0 410400 - --
root 1966172 1 - A 0 60 1 f1000000a05f9098 240001 - - /usr/ccs/bin/shlap64
- - - 2621547 S 0 60 1 f1000000a05f9098 400 - --
root 2031736 1 - A 0 60 17 * 240001 - - /usr/sbin/syncd 60
- - - 655417 S 0 60 1 f1000a1000a22bb0 410400 - --
- - - 2097249 S 0 60 1 f1000a1000a21db0 410400 - --
- - - 2228325 S 0 60 1 f1000a1000a206b0 410400 - --
- - - 2556093 S 0 60 1 f1000a0018ad47b0 410400 - --
- - - 3473547 S 0 60 1 f1000a1000a27fb0 410400 - --
- - - 3539111 S 0 60 1 f1000a1000a20bb0 410400 - --
- - - 3604637 S 0 60 1 f1000a1000a26bb0 410400 - --
- - - 3866753 S 0 60 1 f1000a1000a25eb0 410400 - --
- - - 4325513 S 0 60 1 f1000a0018ad4db0 410400 - --
- - - 4522125 S 0 60 1 f1000a1000a270b0 410400 - --
- - - 4587663 S 0 60 1 f1000a1000a290b0 410400 - --
- - - 4653203 S 0 60 1 f1000a1000a251b0 410400 - --

AIX Basic System Administration 423

AIX System Process Management

 A process can run in the foreground or the background.

 To run a process in the foreground, like a regular command, simply just run it in
the shell by typing it in:
# sleep 5
#

The problem with the foreground is that you will have to wait until it completes
before you gain control of your terminal again. To throw something in the
background put an ampersand - & at the end of it. This way you can move on
to other things, while this is running.

# sleep 5 &
[1] 7405732
#
#

[1] + Done sleep 5 &

#

AIX Basic System Administration 424

AIX System Process Management
Process Management:

# sleep 1000 &

[1] 3735750

# jobs
[1] + Running sleep 1000 &

# jobs -l
[1] + 3735750 Running sleep 1000 &

# ps -ef | grep -i sleep

root 3735750 5898262 0 09:33:38 pts/0 0:00 sleep 1000
#

AIX Basic System Administration 425

AIX System Process Management

You can take a job which is currently running in the background and move it to
the foreground
# fg 3735750
sleep 1000

To send your process to the background/stopping it go ahead and hit

CONTROL+Z
^Z[1] + Stopped (SIGTSTP) sleep 1000 &

# jobs -l
[1] + 3735750 Stopped (SIGTSTP) sleep 1000 &
#

To re-start it in the background type in the following

# bg 3735750
[1] sleep 1000 &
# jobs
[1] + Running sleep 1000 &
# ps -ef | grep -i sleep
root 3735750 5898262 0 09:33:38 pts/0 0:00 sleep 1000
#

AIX Basic System Administration 426

AIX System Process Management
 There are many signals you can send to a running process. They can be seen
with the following command:
# kill -l
1) HUP 14) ALRM 27) MSG 40) bad trap 53) bad trap
2) INT 15) TERM 28) WINCH 41) bad trap 54) bad trap
3) QUIT 16) URG 29) PWR 42) bad trap 55) bad trap
4) ILL 17) STOP 30) USR1 43) bad trap 56) bad trap
5) TRAP 18) TSTP 31) USR2 44) bad trap 57) bad trap
6) ABRT 19) CONT 32) PROF 45) bad trap 58) RECONFIG
7) EMT 20) CHLD 33) DANGER 46) bad trap 59) CPUFAIL
8) FPE 21) TTIN 34) VTALRM 47) bad trap 60) GRANT
9) KILL 22) TTOU 35) MIGRATE 48) bad trap 61) RETRACT
10) BUS 23) IO 36) PRE 49) bad trap 62) SOUND
11) SEGV 24) XCPU 37) VIRT 50) bad trap 63) SAK
12) SYS 25) XFSZ 38) ALRM1 51) bad trap
13) PIPE 26) bad trap 39) WAITING 52) bad trap
#

AIX Basic System Administration 427

AIX System Process Management
To kill a process from running you can use signal number 9, which as you will
recall from the previous slides output is the signal “KILL”

# kill -9 3735750

# ps -ef | grep -i sleep

[1] + Killed sleep 1000 &
#

AIX Basic System Administration 428

AIX System Process Management
 Kick off another sleep command in the background:

# sleep 1000 &

[1] 6029312

# ps -ef | grep -i sleep

root 6029312 2294014 0 13:59:39 pts/1 0:00 sleep 1000
#

Now look at the second number in the above ps –ef output, which is the third
column over. That is the PPID – Parent Process ID. This is the process who is
a parent of the process running – sleep. Sleep is the child to 2294014. Now
let’s see what 2294014 is?

# ps -ef | grep -i 2294014 | grep -iv grep

root 2294014 6881354 1 12:48:49 pts/1 0:00 -ksh
root 4849772 2294014 0 14:01:16 pts/1 0:00 ps -ef
root 6029312 2294014 0 13:59:39 pts/1 0:00 sleep 1000
#

It is the Korn shell process that you logging onto the system launched.

AIX Basic System Administration 429

AIX System Process Management
 Now kill the PPID of the sleep process:

# ps -ef | grep -i sleep

root 6029312 2294014 0 13:59:39 pts/1 0:00 sleep 1000

# kill -9 2294014

That will terminate your putty connection to the system because that is your login
session/Korn shell.

Log back into the system as root, and you will now see that sleep process has
been adopted by it’s grandparent – init PID 1.

# ps -ef | grep -i 6029312

root 6029312 1 0 13:59:39 - 0:00 sleep 1000
#

AIX Basic System Administration 430

AIX System Process Management
 Normally what happens is when the child/sleep is done running, it will alert the
parent process/ksh that it has completed, and it is then the parent’s/ksh
responsibility to burry the child properly – release system resources, etc.
However if the parent dies before the child, then the child is known as an orphan,
and the grandparent is then forced to adopt it.

 Sometimes something funky happens and the child cannot be killed by the parent
or the grandparent. When this happens the child process becomes a zombie
when it’s done running. Now you cannot kill a zombie process because you
cannot kill a process that is already dead. The only way to get rid of zombies is to
reboot the system. A zombie has no negative impact on the system, it just takes
up a process slot, in the process table.

AIX Basic System Administration 431

AIX System Process Management

 What Zombies look like on a system:

# ps -k | grep -i def
278720 0:00 <defunct>
405600 0:00 <defunct>
450610 0:00 <defunct>
520274 0:00 <defunct>
565278 0:00 <defunct>
684206 0:00 <defunct>

AIX Basic System Administration 432

AIX System Process Management
 Kick off a sleep process in the background again:

# sleep 10000 &

[1] 7405732
#
#
[1] + Done sleep 5 &
#

Now disconnect from the system with the exit command

# exit
There are running jobs.

Note how you received the warning above that jobs are currently running under
your user name. Ignore that and type in exit a second time, maybe a third time
as well.
# exit
# exit

Connection Closed.

AIX Basic System Administration 433

 AIX System Process Management

 Login again as root.

# ps -ef | grep -i sleep

#

 Note how the process died even though 10000 seconds isn’t up yet. You can
tell the system not to kill the process just because you as the user who started
it logged out of the system:

# nohup sleep 10000&

[1] 6881364
# Sending nohup output to nohup.out.

# ps -ef | grep -i sleep

root 6881364 7078006 0 14:23:19 pts/0 0:00 sleep 10000
# jobs
[1] + Running nohup sleep 10000&
#

AIX Basic System Administration 434

AIX System Process Management

 Log into the system again, and you will see this time that the process is still
running happily, and was adopted by root:
# ps -ef | grep -i sleep
root 6881364 1 0 14:23:19 - 0:00 sleep 10000
#

This command automatically creates a nohup.out file, just in case any output is
generated:

# ls -l nohup.out
-rw------- 1 root system 0 Dec 03 14:23 nohup.out

# date
Fri Dec 3 14:25:39 CST 2010
#

AIX Basic System Administration 435

AIX System Process Management
 Only one program/process/thread can run on a system processor at one time.

 There is an internal mechanism known as the scheduler, swapper, which creates

the illusion that multiple processes/threads are running on a system processor
simultaneously.

 It may seem to you that there are more programs/processes/threads running on a

system then there are processors/CPUS, but that is not the case.

 To understand how this illusion happens we need to understand what happens

when you create a program/process/thread.

 The algorithm for determining which thread should be run next is called a
scheduling policy.

AIX Basic System Administration 436

AIX System Process Management
1.) A user runs a program - (i.e. --> They run a command such as: sleep).
2.) That program becomes a process on the system, which allocates the required
system resources to run.
3.) That process dispatches a thread, in this example it is a single threaded
program, (although programs can be multi-threaded as well.)
4.) That thread goes into the system global run queue known as RUN-RUN.
5.) That thread is then put on a CPU's run queue where it's priority is governed by
a nice value for new processes, and re-nice for already running processes.
6.) That thread is then selected with other competing processes for CPU time, to
run on that CPU.
7.) The thread runs on a CPU for 10ms at a time.
8.) At the end of that 10ms time slice, or quantum of time, which is called a clock
tick the kernel will interrupt that user thread running on the CPU, and perform
some internal system housekeeping routines, as well as update the CPU usage
for that running thread. Note: That thread will be charged even for the kernel
interrupt. This kernel interrupt is known as an external interrupt. Also during that
10ms interrupt the kernel will check to see if a new, or existing threads have
entered that CPU's run queue with a higher priority, then the one currently
running.

AIX Basic System Administration 437

AIX System Process Management
If there is one then that thread takes the place of the currently running thread on
that CPU, and the currently running thread gets put back into that CPU's run
queue. If no new thread has come in with a higher priority, then the currently
running thread on that CPU, will run for another 10 ms.

9.) After 1 second, a clock click, (once every second), this is assuming nothing has
preempted the currently running thread, and this thread is taking more than 1
second to run, all of the threads in that CPU's run queue's priorities are re-
calculated, and that running thread gets thrown back into that CPU's run-queue
to attempt and keep processor affinity for re-dispatchment of it later. You see a
thread can only run for 1 second total which is known as a clock click, if it's not
interrupted before it gets to that 1 second. After 1 second all threads in that
CPU's run queue including that one are re-calculated, and another re-calculated
thread could now run on the CPU. This is to give everyone a chance to run on
the CPU. How does this work exactly with the priorities? Well every time a thread
is still running at every 10ms clock tick when the system wakes up a check, that
thread is penalized with it’s priority incrementing by one because of the CPU
usage penalty. That’s why at every clock click, we know there is a good chance
that our currently running thread will get switch back out to the run queue.
AIX Basic System Administration 438
AIX System Process Management
 The procedure just discussed is known as an external interrupt, because the
running thread did not give up the processor/CPU voluntarily, it was an
involuntary forfit of the processor/CPU.

 Each process/thread is given a priority, it’s recent CPU usage, at the

conclusion of each interrupt will affect that priority. The higher the number a
less of a priority it has, the lower the number the more of a priority it has.

 Run queues have 256 slots total. Used to be 128.

 There are internal interrupts as well. This is when the user thread makes a
system call, for the kernel to do something on it's behalf. If the system sees
that this is an I/O operation which will require some time to complete, it still
wants to give other threads in the run queue who maybe ready to run now, a
chance to run. That being the case, the user thread interrupts itself by
making a system call for the kernel to run in system mode. The user thread
will then go back into the queue as a sleeping process, S, waiting for that I/O
to complete, while that I/O is running another thread can make use of that
CPU. When that I/O is done then that thread will be eligible to re-gain control
of a CPU, and run once again continuing it's run.
AIX Basic System Administration 439
AIX System Process Management
 While a thread is running on a CPU, it will be interrupted always by the kernel, if
the kernel has to service a h/w request. After a h/w interrupt the kernel will
check the run-queue of that CPU, to see if any thread which is runnable has a
better priority then then one which was just interrupted by the h/w interrupt.

 Only one CPU can make a system call to a kernel/access the kernel at one
time.

 The one second clock click where all threads priorities are adjusted is referred
to as a major clock cycle.

AIX Basic System Administration 440

AIX System Process Management

AIX Basic System Administration 441

AIX System Process Management
1.) When a process is initiated/started the first resource to be allocated is a slot in
the Unix process table of the system.
The process in the state above is in the SNONE state.

2.) While the process is undergoing creation (waiting for resources(memory) to be

allocated), it is in the SIDL state. These two states together are known as
the I state.

3.) When a process is in the A state, one or more of it's threads are in the R state.
This means that they are ready to run.

- If a thread is waiting for an event or for an I/O (system call) the thread is said to
be sleeping, or in the S state.

- When the I/O is complete, the thread is awankened and placed in the ready-to-
run queue.

AIX Basic System Administration 442

AIX System Process Management

 A process in the following which has a thread in one of the following states, is in
an A state:

 R,S, Running, T

 If a thread is stopped with a SIGSTOP signal it is in the T state while suspended.

AIX Basic System Administration 443

AIX System Process Management
 To view kernel processes type in the following:

# ps -k
PID TTY TIME CMD
0 - 0:25 swapper
131076 - 3:26 wait
196614 - 0:00 sched
262152 - 0:00 lrud
327690 - 0:00 vmptacrt
393228 - 0:00 psmd
458766 - 0:00 vmmd
524304 - 0:00 memgrdd
589842 - 0:00 lsareapr
720918 - 0:00 devstatd
786456 - 0:00 pilegc
851994 - 0:01 xmgc
917532 - 2:55 wait
983070 - 0:00 netm
1048608 - 0:22 gil
1114146 - 0:00 wlmsched
1179684 - 0:00 armtrace_kproc
1376348 - 0:00 rtcmd
1572946 - 0:00 n4bg
1638454 - 0:00 vscsi_kproc
1703988 - 0:00 lvmbb
1769532 - 0:00 memp_rbd
1900622 - 0:00 rgsr
2097216 - 0:00 j2pg

AIX Basic System Administration 444

AIX System Process Management

 There is a special filesystem known as /proc, short for process. This is a

special filesystem because it is what is known as a pseudo filesystem. This
comes from the Linux world. This filesystem does not physically reside on disk.
It is in memory, and offers a portal into the running system kernel.

 Look under the disk space statistics in the command below, they are null,
noted by the -, hyphen. This is because this filesystem and it’s contents are
not really on disk.

# df -g /proc
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/proc - - - - - /proc
#

AIX Basic System Administration 445

AIX System Process Management
 Every currently running process on the system has a directory created for it
automatically in the /proc filesystem named after it’s PID number:

# ls /proc
0 1179684 1507394 1835120 2031736 2294014 262152 2883672 3145876 3408006 3670158
4128856 4390958 4653228 4915244 5242890 5439662 5701860 5898426 655418 851994 version
1 131076 1573002 1900602 2097262 2359376 2621520 2949278 327690 3473576 393228
4194452 4456666 4718792 4980908 524304 5505226 5767358 5963972 6881354 917532
1048608 1376330 1638454 196614 2162762 2424918 2752666 3014760 3276920 3539052 3932324
4260014 4522128 4784324 5112020 5308652 5570734 5832710 6160586 720918 983070
1114146 1441848 1769656 1966172 2228382 2490468 2818134 3080308 3342546 3604674 4063380
4325516 458766 4849896 5177588 5374126 5636284 589842 6226124 786456 sys
#

AIX Basic System Administration 446

AIX System Process Management
# ls -l proc
total 0
dr-xr-xr-x 1 root system 0 Dec 03 13:00 0
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1048608
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1114146
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1179684
dr-xr-xr-x 1 root system 0 Dec 03 13:00 131076
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1376330
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1441848
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1507394
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1573002
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1638454
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1769656
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1835120
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1900602
dr-xr-xr-x 1 root system 0 Dec 03 13:00 196614
dr-xr-xr-x 1 root system 0 Dec 03 13:00 1966172
dr-xr-xr-x 1 root system 0 Dec 03 13:00 2031736
dr-xr-xr-x 1 root system 0 Dec 03 13:00 2097262
dr-xr-xr-x 1 root system 0 Dec 03 13:00 2162762
dr-xr-xr-x 1 root system 0 Dec 03 13:00 2228382
dr-xr-xr-x 1 root system 0 Dec 03 13:00 2294014
dr-xr-xr-x 1 root system 0 Dec 03 13:00 2359376

AIX Basic System Administration 447

AIX System Process Management
 Start a sleep process:

# sleep 10000 &

[1] 7405648

# ps -ef | grep -i sleep

root 7405648 2294014 0 13:02:32 pts/1 0:00 sleep 10000
#

AIX Basic System Administration 448

AIX System Process Management
# cd /proc
# pwd
/proc

# ls -ld 7405648
dr-xr-xr-x 1 root system 0 Dec 03 13:03 7405648

# cd 7405648
# pwd
/proc/7405648

# ls -l
total 16
-rw------- 1 root system 0 Dec 03 13:03 as
-r-------- 1 root system 128 Dec 03 13:03 cred
--w------- 1 root system 0 Dec 03 13:03 ctl
lr-x------ 22 root system 0 Dec 03 10:14 cwd -> /
dr-x------ 1 root system 0 Dec 03 13:03 fd
dr-xr-xr-x 1 root system 0 Dec 03 13:03 lwp
-r-------- 1 root system 0 Dec 03 13:03 map
-r-------- 1 root system 0 Dec 03 13:03 mmap
dr-x------ 1 root system 0 Dec 03 13:03 object
-r--r--r-- 1 root system 448 Dec 03 13:03 psinfo
lr-x------ 22 root system 0 Dec 03 10:14 root -> /
-r-------- 1 root system 12288 Dec 03 13:03 sigact
-r-------- 1 root system 1520 Dec 03 13:03 status
-r--r--r-- 1 root system 0 Dec 03 13:03 sysent

AIX Basic System Administration 449

AIX System Process Management
# ls -l lwp
total 0
dr-xr-xr-x 1 root system 0 Dec 03 13:03 5308459

# cd lwp
# pwd
/proc/7405648/lwp

# ls
5308459

# cd 5308459
# ls
lwpctl lwpsinfo lwpstatus

# ls -l
total 0
--w------- 1 root system 0 Dec 03 13:04 lwpctl
-r--r--r-- 1 root system 120 Dec 03 13:04 lwpsinfo
-r-------- 1 root system 1200 Dec 03 13:04 lwpstatus

AIX Basic System Administration 450

AIX System Process Management
When you kill the process, or it ends on its own then it’s references in the /proc
filesystem will be removed:

# cd /
# ls -ld /proc/7405648
dr-xr-xr-x 1 root system 0 Dec 03 13:07 /proc/7405648

# ps -ef | grep -i sleep

root 7405648 2294014 0 13:02:32 pts/1 0:00 sleep 10000

# kill -9 7405648
# ps -ef | grep -i sleep
[1] + Killed sleep 10000 &

# ls -ld /proc/7405648
ls: 0653-341 The file /proc/7405648 does not exist.
#

AIX Basic System Administration 451

AIX System Process Management
The System Resource Controller, SRC, is a facility in AIX which controls the
starting, running, and stopping of critical system programs/daemons:

# lssrc -a
Subsystem Group PID Status
platform_agent 4587666 active
cimsys 2293960 active
snmpd tcpip 3407994 active
syslogd ras 2162820 active
portmap portmap 655466 active
sendmail mail 1507436 active
inetd tcpip 3342462 active
hostmibd tcpip 2031762 active
snmpmibd tcpip 2818188 active
aixmibd tcpip 2752610 active
nimesis nim 1835106 active
biod nfs 3604716 active

….

AIX Basic System Administration 452

AIX System Process Management
 SRC provides an easy and structured way to stop a group of
processes, subsystems:

# lssrc –s inetd
Subsystem Group PID Status
inetd tcpip 3342462 active

# ps -ef | grep -i inetd

root 3342462 4653244 0 Dec 01 - 0:00 /usr/sbin/inetd

# stopsrc -s inetd
0513-044 The /usr/sbin/inetd Subsystem was requested to stop.

# ps -ef | grep -i inetd

# lssrc -s inetd
Subsystem Group PID Status
inetd tcpip inoperative
#

AIX Basic System Administration 453

AIX System Process Management

SRC provides an easy and structured way to start a group of processes,

subsystems:

# ps -ef | grep -i inetd

# lssrc -s inetd
Subsystem Group PID Status
inetd tcpip inoperative

# startsrc -s inetd
0513-059 The inetd Subsystem has been started. Subsystem PID is 2228386.

# ps -ef | grep -i inetd

root 2228386 4653244 5 00:08:37 - 0:00 /usr/sbin/inetd
root 7078016 6160450 2 00:08:40 pts/0 0:00 grep -i inetd

# lssrc -s inetd
Subsystem Group PID Status
inetd tcpip 2228386 active
#

AIX Basic System Administration 454

AIX System Process Management
 System Resources can also be organized into groups:

# lssrc -g nfs
Subsystem Group PID Status
biod nfs 3604716 active
nfsd nfs 4980976 active
rpc.mountd nfs 5046464 active
rpc.statd nfs 5243054 active
rpc.lockd nfs 5308584 active
nfsrgyd nfs inoperative
gssd nfs inoperative

AIX Basic System Administration 455

AIX System Process Management

 Processes managed by SRC can be stopped as a group:

# stopsrc -g nfs
0513-044 The biod Subsystem was requested to stop.
0513-044 The nfsd Subsystem was requested to stop.
0513-044 The rpc.mountd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.

# lssrc -g nfs
Subsystem Group PID Status
biod nfs inoperative
nfsd nfs inoperative
rpc.mountd nfs inoperative
nfsrgyd nfs inoperative
gssd nfs inoperative
rpc.lockd nfs inoperative
rpc.statd nfs inoperative
#

AIX Basic System Administration 456

AIX System Process Management
 You can also startup processes as a group:

# startsrc -g nfs
0513-059 The biod Subsystem has been started. Subsystem PID is 5046476.
0513-059 The nfsd Subsystem has been started. Subsystem PID is 5243058.
0513-059 The rpc.mountd Subsystem has been started. Subsystem PID is 5308588.
0513-059 The nfsrgyd Subsystem has been started. Subsystem PID is 4980982.
0513-059 The gssd Subsystem has been started. Subsystem PID is 4456472.
0513-059 The rpc.lockd Subsystem has been started. Subsystem PID is 4980984.
0513-059 The rpc.statd Subsystem has been started. Subsystem PID is 3604718.

# lssrc -g nfs
Subsystem Group PID Status
biod nfs 5046476 active
nfsd nfs 5243058 active
rpc.mountd nfs 5308588 active
rpc.lockd nfs 4980984 active
rpc.statd nfs 3604718 active
nfsrgyd nfs inoperative
gssd nfs inoperative
#

AIX Basic System Administration 457

AIX System Process Management
 You can restart an SRC managed process with the refresh comand:

# lssrc -s inetd
Subsystem Group PID Status
inetd tcpip 2228386 active

# refresh -s inetd
l0513-095 The request for subsystem refresh was completed successfully.

AIX Basic System Administration 458

 Devices

AIX Basic System Administration 459

Devices
 Everything in AIX/Unix is a file, including devices.

 Every device on the system is accessed via a special device file.

 The special device files reside in the /dev directory, which is under
the root – hd4 partition/lv in the rootvg vg.

 The special device files in the /dev directory maybe the access
points to these devices for the o/s commands, but the actual device
attributes are kept in the system’s ODM – Object Data Manager.

 The ODM is a special proprietary database which is maintained by

the operating system. It’s unique to AIX. Some people even
compare it to the Registry on Microsoft Windows operating systems
– not quite!

 The ODM is stored in two places on the system, /etc/objrepos, and

/usr/lib/objrepos.

AIX Basic System Administration 460

Devices

 The ODM contains the following information:

1.) Device attributes

2.) LVM information
3.) Software inventory information
4.) SMIT menu configuration

The ODM is very critical to the overall operation of the system. If the
ODM fails, or is removed from the system, that could render the
whole system unusable, and it could crash, and not be able to
reboot.

AIX Basic System Administration 461

Devices
 Take a look at the ODM files. These files are called classes.
That’s about as far as we’ll be diving into the ODM in this class.

# ls /etc/objrepos
ATM_PVC DAVars PdAt config_lock
CDiagAtt DSMOptions PdAt.vc crypto_module
CDiagAtt.vc DSMOptions.vc PdAtXtd crypto_module.vc
CDiagDev DSMenu PdAtXtd.vc errnotify
Config_Rules FRUB PdCn history
CuAt FRUB_SRC PdDv history.vc
CuAt.vc FRUs PdDv.vc inventory
CuData FRUs_src PdPathAt inventory.vc
CuData.vc MenuGoal PdPathAt.vc lpp

# ls /usr/lib/objrepos
.sna.anynet.socksna.fail_install XINPUT.vc
CC crypto_module
CC.vc crypto_module.vc
DSMOptions fix
DSMOptions.vc fix.vc
DSMenu fix_lock
FONT history
FONT.vc history.vc
GAI inventory
…

AIX Basic System Administration 462

Devices

 As we’ve mentioned prior Everything in Unix is a file. Special Unix filenames

for common devices are as follows:

/dev/fd# - For diskette drive devices.

/dev/cd# - For CD-ROM/DVD drive devices.
/dev/hdisk# - For hard disk devices – including SAN disk LUNS.
/dev/ent# – For physical ethernet NIC adapter. Mac address seen from here.
/dev/en# - For logical ethernet NIC interface – (IP gets configured on this).
/dev/fcs# - For Fibre channel device/HBA interface. WWN is seen from here.
/dev/fscsi# - For ethernet fibre channel device/HBA adapter. SAN switch link
status seen from here.
/dev/console – For system console.
/dev/proc# - For CPU, processor.
/dev/rmt# - For tape drive devices – including SAN tape drives.
/dev/mem0 – System real/good memory/RAM.

AIX Basic System Administration 463

Devices
# ls -ld /dev
drwxrwxr-x 5 root system 4096 Dec 01 00:00 /dev

# ls /dev
.SRC-unix hd11admin mem ptyp7 rhd3 sysdumpfile ttypb
IPL_rootvg hd2 null ptyp8 rhd4 sysdumpnull ttypc
SRC hd3 nuls ptyp9 rhd5 tty ttypd
__vg10 hd4 nvram ptypa rhd6 ttyp0 ttype
audit hd5 pmem ptypb rhd8 ttyp1 ttypf
clone hd6 ptc ptypc rhd9var ttyp2 urandom
console hd8 pts ptypd rhdisk0 ttyp3 vio0
echo hd9var ptyp0 ptype rootvg ttyp4 vscsi0
error hdisk0 ptyp1 ptypf sad ttyp5 vty0
errorctl ipl_blv ptyp2 random sfw0 ttyp6 xti
fscsi0 ipldevice ptyp3 rhd1 slog ttyp7 zero
fscsi1 iscsi0 ptyp4 rhd10opt spx ttyp8
hd1 kmem ptyp5 rhd11admin sysdump ttyp9
hd10opt log ptyp6 rhd2 sysdumpctl ttypa
#

AIX Basic System Administration 464

Devices
 Every device has a major and minor number. Internally what they do is the major
number refers to the device driver, and the minor number refers to the specific
instance of the device. All devices with the same major numbers will refer to the
same device driver. For instance all default system logical volumes/hd’s will have
the same major number.

# ls -l /dev
total 40
drwxrwx--- 2 root system 4096 Nov 30 23:50 .SRC-unix
crw-rw---- 1 root system 10, 0 Nov 24 22:50 IPL_rootvg
srwxrwxrwx 1 root system 0 Nov 30 10:39 SRC
crw------- 1 root system 10, 0 Nov 30 10:39 __vg10
cr--r----T 1 root system 8, 0 Nov 24 22:47 audit
crw-rw-rw- 1 root system 12, 0 Nov 24 22:47 clone
crw--w--w- 1 root system 4, 0 Nov 24 22:47 console
crw-rw-rw- 1 root system 12, 25 Nov 24 22:51 echo
crw--w--w- 1 root system 6, 0 Nov 30 15:00 error
crw------- 1 root system 6, 1 Nov 24 22:47 errorctl
crw-rw-rw- 1 root system 17, 0 Nov 24 22:47 fscsi0
crw-rw-rw- 1 root system 17, 1 Nov 24 22:47 fscsi1
brw-rw---- 1 root system 10, 8 Nov 24 22:49 hd1
brw-rw---- 1 root system 10, 9 Nov 24 22:49 hd10opt
brw-rw---- 1 root system 10, 10 Nov 24 22:49 hd11admin
brw-rw---- 1 root system 10, 5 Nov 24 22:49 hd2
brw-rw---- 1 root system 10, 7 Nov 24 22:49 hd3
…

AIX Basic System Administration 465

Devices
 To list all hard disks on your system, this includes SAN disk LUNS, type in
the following:

# lsdev -Cc disk

hdisk0 Available Virtual SCSI Disk Drive
#

AIX Basic System Administration 466

Devices
 To list system processors type in the following:

# lsdev -Cc processor

proc0 Available 00-00 Processor
#

AIX Basic System Administration 467

Devices

 To list all ethernet interfaces on your system:

# lsdev -Cc if
en0 Available Standard Ethernet Network Interface
en1 Defined Standard Ethernet Network Interface
et0 Defined IEEE 802.3 Ethernet Network Interface
et1 Defined IEEE 802.3 Ethernet Network Interface
lo0 Available Loopback Network Interface
#

AIX Basic System Administration 468

Devices

 To list all physical devices on your system:

# lsdev -Cc adapter

ent0 Available Logical Host Ethernet Port (lp-hea)
ent1 Available Virtual I/O Ethernet Adapter (l-lan)
fcs0 Available C5-T1 Virtual Fibre Channel Client Adapter
fcs1 Available C6-T1 Virtual Fibre Channel Client Adapter
lhea0 Available Logical Host Ethernet Adapter (l-hea)
vsa0 Available LPAR Virtual Serial Adapter
vscsi0 Available Virtual SCSI Client Adapter
#

AIX Basic System Administration 469

Devices

 To list the memory/RAM installed on your system:

# lsdev -Cc memory

L2cache0 Available L2 Cache
mem0 Available Memory
#

AIX Basic System Administration 470

Devices
 To list attributes of a device type in the lsattr –El dev, command.

# lsdev -Cc disk

hdisk0 Available Virtual SCSI Disk Drive
hdisk1 Available Virtual SCSI Disk Drive
hdisk2 Available Virtual SCSI Disk Drive

# lsattr -El hdisk0

PCM PCM/friend/vscsi Path Control Module False
algorithm fail_over Algorithm True
hcheck_cmd test_unit_rdy Health Check Command True
hcheck_interval 0 Health Check Interval True
hcheck_mode nonactive Health Check Mode True
max_transfer 0x40000 Maximum TRANSFER Size True
pvid 00c118f0968264400000000000000000 Physical volume identifier False
queue_depth 3 Queue DEPTH True
reserve_policy no_reserve Reserve Policy True
#

A true next to the device attribute indicates that this attribute can be
changed with the chdev –a attr=value –l device command. A false
next to the device attribute indicates that this attribute cannot be
changed.

AIX Basic System Administration 471

Devices

 To list the attributes of your system processor/CPU:

# lsattr -El proc0

frequency 3000000000 Processor Speed False
smt_enabled true Processor SMT enabled False
smt_threads 4 Processor SMT threads False
state enable Processor state False
type PowerPC_POWER7 Processor type False
#

AIX Basic System Administration 472

Devices
 To list attributes of your ethernet interfaces:

# lsdev -Cc if
en0 Available Standard Ethernet Network Interface
en1 Defined Standard Ethernet Network Interface
et0 Defined IEEE 802.3 Ethernet Network Interface
et1 Defined IEEE 802.3 Ethernet Network Interface
lo0 Available Loopback Network Interface
# lsattr -El en0
alias4 IPv4 Alias including Subnet Mask True
alias6 IPv6 Alias including Prefix Length True
arp on Address Resolution Protocol (ARP) True
authority Authorized Users True
broadcast Broadcast Address True
mtu 1500 Maximum IP Packet Size for This Device True
netaddr 192.168.240.123 Internet Address True
netaddr6 IPv6 Internet Address True
netmask 255.255.255.0 Subnet Mask True
prefixlen Prefix Length for IPv6 Internet Address True
remmtu 576 Maximum IP Packet Size for REMOTE Networks True
rfc1323 Enable/Disable TCP RFC 1323 Window Scaling True
security none Security Level True
state up Current Interface Status True
tcp_mssdflt Set TCP Maximum Segment Size True
tcp_nodelay Enable/Disable TCP_NODELAY Option True
tcp_recvspace Set Socket Buffer Space for Receiving True
tcp_sendspace Set Socket Buffer Space for Sending True
#

AIX Basic System Administration 473

Devices
To list attributes of your ethernet adapters:
# lsattr -El ent0
alt_addr 0x000000000000 Alternate Ethernet address True
flow_ctrl no Request Transmit and Receive Flow Control True
jumbo_frames no Request Transmit and Receive Jumbo Frames True
large_receive yes Enable receive TCP segment aggregation True
large_send yes Enable hardware Transmit TCP segmentation True
media_speed Auto_Negotiation Requested media speed True
multicore yes Enable Multi-Core Scaling True
rx_cksum yes Enable hardware Receive checksum True
rx_cksum_errd yes Discard RX packets with checksum errors True
rx_clsc 1G Enable Receive interrupt coalescing True
rx_clsc_usec 95 Receive interrupt coalescing window True
rx_coalesce 16 Receive packet coalescing True
rx_q1_num 8192 Number of Receive queue 1 WQEs True
rx_q2_num 4096 Number of Receive queue 2 WQEs True
rx_q3_num 2048 Number of Receive queue 3 WQEs True
tx_cksum yes Enable hardware Transmit checksum True
tx_isb yes Use Transmit Interface Specific Buffers True
tx_q_num 512 Number of Transmit WQEs True
tx_que_sz 8192 Software transmit queue size True
use_alt_addr no Enable alternate Ethernet address True
#
AIX Basic System Administration 474
Devices
 To list attributes of your fibre channel adapter/HBA:

# lsattr -El fcs0

intr_priority 3 Interrupt priority False
lg_term_dma 0x800000 Long term DMA True
max_xfer_size 0x100000 Maximum Transfer Size True
num_cmd_elems 200 Maximum Number of COMMAND Elements True
sw_fc_class 2 FC Class for Fabric True
#

AIX Basic System Administration 475

Devices

 To list attributes of your fibre channel interface:

# lsattr -El fscsi0

attach none How this adapter is CONNECTED False
dyntrk yes Dynamic Tracking of FC Devices True
fc_err_recov fast_fail FC Fabric Event Error RECOVERY Policy True
scsi_id Adapter SCSI ID False
sw_fc_class 3 FC Class for Fabric True
#

AIX Basic System Administration 476

Devices

 To list the attributes of your memory:

# lsattr -El mem0

ent_mem_cap I/O memory entitlement in Kbytes False
goodsize 1024 Amount of usable physical memory in Mbytes False
mem_exp_factor Memory expansion factor False
size 1024 Total amount of physical memory in Mbytes False
var_mem_weight Variable memory capacity weight False
#

AIX Basic System Administration 477

Devices

 To list a specific device attribute:

# lsattr -El hdisk0 -a PCM

PCM PCM/friend/vscsi Path Control Module False
#

# lsattr -El ent0 -a media_speed

media_speed Auto_Negotiation Requested media speed True
#

AIX Basic System Administration 478

Devices
 To display the legal, possible values for an attribute type in the following:

# lsattr -Rl ent0 -a media_speed

10_Full_Duplex
100_Full_Duplex
1000_Full_Duplex
10000_Full_Duplex
Auto_Negotiation

AIX Basic System Administration 479

Devices

 To display the factory default setting of a device attribute:

# lsattr -Dl ent0 -a media_speed

media_speed Auto_Negotiation Requested media speed True
#

AIX Basic System Administration 480

Devices
The value of False next to a device attribute indicates that this device attribute is
not modifiable:

# chdev -l hdisk0 -a PCM=friend

Method error (/etc/methods/chgdisk):
0514-018 The values specified for the following attributes
are not valid:
PCM Path Control Module

AIX Basic System Administration 481

Devices
The value of True next to a device attribute indicates that this device attribute is
modifiable:

# chdev -l ent0 -a media_speed=1000_Full_Duplex

Method error (/usr/lib/methods/chgent):
0514-062 Cannot perform the requested function because the
specified device is busy.

We have come across another issue above. We can modify this value, but not
when the device is in use. To correct this use the option –P. What is option
does is update the ODM database/registry, but not the running device driver. It
updates the ODM, so the next time you reboot the system, which will be when
the this device, hdisk0, is not in use again because the operating system will be
down.

AIX Basic System Administration 482

Devices
# lsattr -El ent0 -a media_speed
media_speed Auto_Negotiation Requested media speed True

# chdev -l ent0 -a media_speed=1000_Full_Duplex -P

ent0 changed

# lsattr -El ent0 -a media_speed

media_speed 1000_Full_Duplex Requested media speed True

# entstat -dt ent0 | grep -i speed

Media Speed Selected: Autonegotiate
Media Speed Running: 1000 Mbps / 1 Gbps, Full Duplex
External-Network-Switch (ENS) Port Speed: 1000 Mbps / 1 Gbps, Full Duplex
#

Reboot the system for the change take affects:

# shutdown -Fr

SHUTDOWN PROGRAM
Wed Dec 1 01:32:58 CST 2010

Wait for 'Rebooting...' before stopping.

Error reporting has stopped.
Advanced Accounting has stopped...
Process accounting has stopped.
nfs_clean: Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.

AIX Basic System Administration 483

Devices
 After the system comes back up from its reboot you will notice that this NIC is
now running at a 1000 full duplex, as oppose to it’s default – autonegociate:

# entstat -dt ent0 | grep -i speed

Media Speed Selected: 1000 Mbps / 1 Gbps, Full Duplex
Media Speed Running: 1000 Mbps / 1 Gbps, Full Duplex
External-Network-Switch (ENS) Port Speed: 1000 Mbps / 1 Gbps, Full Duplex
#

# lsattr -El ent0 -a media_speed

media_speed 1000_Full_Duplex Requested media speed True
#

AIX Basic System Administration 484

Devices
 The lscfg command displays what is known as vital product data. Information
such as the World Wide Name of an HBA port will be here:

# lscfg -vl fcs0

fcs0 U8406.70Y.06B159A-V9-C5-T1 Virtual Fibre Channel Client Adapter

Network Address.............C05076030A4A001C
ROS Level and ID............
Device Specific.(Z0)........
Device Specific.(Z1)........
Device Specific.(Z2)........
Device Specific.(Z3)........
Device Specific.(Z4)........
Device Specific.(Z5)........
Device Specific.(Z6)........
Device Specific.(Z7)........
Device Specific.(Z8)........C05076030A4A001C
Device Specific.(Z9)........
Hardware Location Code......U8406.70Y.06B159A-V9-C5-T1

AIX Basic System Administration 485

Devices
 Or information such as the MAC address of a NIC;

# lscfg -vl ent0

ent0 U78A5.001.WIH9DAC-P1-T5 Logical Host Ethernet Port (lp-hea)

IBM Host Ethernet Adapter:

Network Address.............E41F1320829D

AIX Basic System Administration 486

Devices
 The entstat command is an ethernet NIC specific command. It can tell you
information such as if there is physical link to this NIC from an ethernet
switch:

# entstat -dt ent0 | grep -i link

Logical Port Link State: Up
Physical Port Link State: Up
#

It can also tell you what speed your NIC is set at, and how fast it is currently
running:

# entstat -dt ent0 | grep -i speed

Media Speed Selected: Autonegotiate
Media Speed Running: 1000 Mbps / 1 Gbps, Full Duplex
External-Network-Switch (ENS) Port Speed: 1000 Mbps / 1 Gbps, Full Duplex
#

AIX Basic System Administration 487

Devices
 Getting back to the fibre channel/HBA device attributes:

# lsattr -El fscsi0

attach none How this adapter is CONNECTED False
dyntrk yes Dynamic Tracking of FC Devices True
fc_err_recov fast_fail FC Fabric Event Error RECOVERY Policy True
scsi_id Adapter SCSI ID False
sw_fc_class 3 FC Class for Fabric True
#

The attach attribute displays the status of the HBA connection to your SAN:

 none = Status if the adapter is not connected to a SAN switch (cable is present,
but switch port is not configured.

 switch = Status if the adapter is connected to a SAN switch.

 al = Status if the adapter has no cable to a switch or you are directly attached to
a storage subsystem, “al” means Arbitrary Loop. In the latter case this Status is
acceptable for direct attachment when bypassing a SAN switch.
AIX Basic System Administration 488
Devices

 To remove a device from the system, type in rmdev –dl dev.

# lsdev -Cc disk

hdisk0 Available Virtual SCSI Disk Drive
hdisk1 Available Virtual SCSI Disk Drive
hdisk2 Available Virtual SCSI Disk Drive

# rmdev -dl hdisk1

hdisk1 deleted

# lsdev -Cc disk

hdisk0 Available Virtual SCSI Disk Drive
hdisk2 Available Virtual SCSI Disk Drive
#

AIX Basic System Administration 489

Devices

 To add a new device which you just connected to the system,

without rebooting, or to bring a device back you just deleted, run the
cfgmgr command, which stands for ConFiGuration ManaGeR.

# lsdev -Cc disk

hdisk0 Available Virtual SCSI Disk Drive
hdisk2 Available Virtual SCSI Disk Drive

# cfgmgr
# lsdev -Cc disk
hdisk0 Available Virtual SCSI Disk Drive
hdisk1 Available Virtual SCSI Disk Drive
hdisk2 Available Virtual SCSI Disk Drive
#

AIX Basic System Administration 490

Devices
 There are smit menus for managing devices, and there is a smit fast path to
get to the relevant menus:

# smitty devices

AIX Basic System Administration 491

Devices
 There is also smit menus to change the attributes of a device. For a disk for
instance:

# smitty chgdsk

AIX Basic System Administration 492

Devices

AIX Basic System Administration 493

Devices

 Firmware/Flash/Microcode = Microcode is programming/code that is

inserted into programmable read-only memory, thus becoming a
permanent part of a computing device.

 POWER5 – (There is only one firmware/microcode stream):

SF means “Squadrons Firmware”.

POWER6 – (There are different firmware/microcode streams per

different classifications of systems)
EH is Enterprise High-End
EM is Enterprise Mid-Range (formerly Intermediate-High)
EL is Enterprise Low-End

AIX Basic System Administration 494

Devices

 On POWER7 servers there are different firmware/microcode

streams for the different classifications of systems, just like in p6,
with the E… naming conventions. In POWER7 the naming
convention is Ax

 The IBM system type, and model of each current p7 system are as
follows:

 8231-E2B# - p710 – AL firmware (Low end).

 8202-E4B# - p720 – AL firmware (Low end).
 8231-E2B# - p730 – AL firmware (Low end).
 8205-E6B# - p740 – AL firmware (Low end).
 8233-E8B# - p750 – AL firmware (Low end).
 9117-MMB# - p770 – AM firmware (Midrange).
 9179-MHB# - p780 – AM firmware (Midrange).
 9119-FHB# - p795 – AH firmware (High end).

AIX Basic System Administration 495

Devices
 To determine the microcode/firmware of the system type in the following:

# lsmcode -c
The current permanent system firmware image is AA710_088
The current temporary system firmware image is AA710_088
The system is currently booted from the temporary firmware image.
#

When you upgrade the microcode/firmware of a system, you are upgrading the
flexible service processor/FSP’s code. There are two sides to the service
processor, the A – Permanent side, and the B – Temporary side. When you
apply microcode/firmware to the system it gets applied initially to the Temporary
side, while the current/old microcode/firmware remains on the Permanent side.
After you allow the system to run for, let’s say a few weeks, with the new
microcode/firmware then you commit it by copying the Temporary side/new level
it to the permanent side/old level. You can also reject the newly upgrade
microcode/firmware if it causes issues with the system, and that is copying the
Permanent side/old level over the Temporary side/new level.

AIX Basic System Administration 496

 Devices

Every IBM server has a four digit machine type such as 8406, and a model id such
as 70Y. To determine this for your system type in the following:

# uname -M
IBM,8406-70Y
#

Every IBM server has a unique serial number. To determine this for your system
type in the following:

# prtconf | grep "Serial Number"

Machine Serial Number: 06B159A
#

The format of the system serial number is:

FACTORY_CODE(06)FIVE_DIGIT_SERIAL_NUMBER(B159A)

AIX Basic System Administration 497

Devices

 To determine how much memory/RAM you have installed on your system:

# prtconf -m
Memory Size: 1024 MB

# bootinfo -r
1048576

# lsattr -El mem0

ent_mem_cap I/O memory entitlement in Kbytes False
goodsize 1024 Amount of usable physical memory in Mbytes False
mem_exp_factor Memory expansion factor False
size 1024 Total amount of physical memory in Mbytes False
var_mem_weight Variable memory capacity weight False
#

AIX Basic System Administration 498

Devices

 How to display your processor/CPU’s clock speed:

# lsattr -El proc0

frequency 3000000000 Processor Speed False
smt_enabled true Processor SMT enabled False
smt_threads 4 Processor SMT threads False
state enable Processor state False
type PowerPC_POWER7 Processor type False

# prtconf -s
Processor Clock Speed: 3000 MHz
#

AIX Basic System Administration 499

Devices
 The diagnostics program is mainly used by IBM hardware CEs. It used to run
hardware checks on the devices on the system, upgrade microcode/firmware on
adapters, etc.

# diag

<E NTER>

AIX Basic System Administration 500

Devices

<ENTER>

AIX Basic System Administration 501

Devices

<F10>

AIX Basic System Administration 502

Devices
 There is a daemon which runs on all AIX systems known as the error daemon. It
is responsible for logging certain software, and hardware errors which occur on
the system. Note, not all errors are logged via this facility.

# ps -ef | grep -i err

root 655530 1 0 01:43:18 - 0:00 /usr/lib/errdemon
#

To display the error report type in the following command:

# errpt
IDENTIFIER TIMESTAMP T C RESOURCE_NAME DESCRIPTION
A6DF45AA 1201014310 I O RMCdaemon The daemon is started.
2BFA76F6 1201014110 T S SYSPROC SYSTEM SHUTDOWN BY USER
9DBCFDEE 1201014310 T O errdemon ERROR LOGGING TURNED ON
192AC071 1201013910 T O errdemon ERROR LOGGING TURNED OFF
A6DF45AA 1201013610 I O RMCdaemon The daemon is started.
2BFA76F6 1201013410 T S SYSPROC SYSTEM SHUTDOWN BY USER
9DBCFDEE 1201013610 T O errdemon ERROR LOGGING TURNED ON
192AC071 1201013310 T O errdemon ERROR LOGGING TURNED OFF

AIX Basic System Administration 503

Devices
 To display a more detailed error report of the errors type in the following:

# errpt -a | more
---------------------------------------------------------------------------
LABEL: RMCD_INFO_0_ST
IDENTIFIER: A6DF45AA

Date/Time: Wed Dec 1 01:43:38 CST 2010

Sequence Number: 85
Machine Id: 000B159AD400
Node Id: gvicaix01
Class: O
Type: INFO
WPAR: Global
Resource Name: RMCdaemon

Description
The daemon is started.

Probable Causes
The Resource Monitoring and Control daemon has been started.

User Causes
The startsrc -s ctrmc command has been executed or
the rmcctrl -s command has been executed.

Recommended Actions
Confirm that the daemon should be started.

AIX Basic System Administration 504

Devices
 To clear the entire error report type in the following:

# errclear 0
# errpt
#

AIX Basic System Administration 505

IBM Hardware Information Center
http://publib.boulder.ibm.com/infocenter/powersys/v3r1m5/index.jsp

AIX Basic System Administration 506

IBM Hardware Information Center

AIX Basic System Administration 507

IBM AIX Information Center
http://publib.boulder.ibm.com/infocenter/aix/v6r1

AIX Basic System Administration 508

IBM AIX Information Center

AIX Basic System Administration 509

 AIX Networking – TCP/IP

AIX Basic System Administration 510

AIX Networking – TCP/IP

 TCP/IP = Transmission Control Protocol/Internet Protocol.

 A way to transport data from one system to another.

 Data is transferred over the network in a transport mechanism

known as packets.

 There are version 4 ip addresses, and version 6 ip address. Version

5 is more widely used.

 Hubs are used to break up what’s called collision domains.

 Routers are used to break up what’s called broadcast domains.

 A route will inform a packet which NIC to use and which router to go
to to get to where they have to get.

AIX Basic System Administration 511

AIX Networking – TCP/IP

 Each computer on a network, has a unique IP address with the

format ###.###.###.###, for IP version 4, which is the most
commonly used.

 This IP address can, and is often aliased by a symbolic name. So, a

system which is referred to as aixdb1, actually will translate to some
###.###.###.### IP address. To display the hostname of your
system use either the hostname, or uname –n command

# hostname
gvicaix15
#

# uname -n
gvicaix15
#

AIX Basic System Administration 512

AIX Networking – TCP/IP

 NICS, Network Interface Card, are physically installed on the

system, either on-board, or in PCI slots. They are the physical
adapters which provide connection to a network. These are the
adapters that the ip address of the system are configured on. To
display the ip addresses of the NICs configured your system type in
the ifconfig command.

# ifconfig -a
en0:
flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPR
T,64BIT,CHECKSUM_OFFLOAD(ACTIVE),CHAIN>
inet 192.168.240.138 netmask 0xffffff00 broadcast 192.168.240.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1
lo0:
flags=e08084b<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT
>
inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255
inet6 ::1/0
tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1
#

AIX Basic System Administration 513

AIX Networking – TCP/IP

 Notice there are two interfaces configured for AIX currently. En0,
which has our lab’s 192.168.240.X ip address configured on it, and
Lo0 which has the standard ip of 127.0.0.1 configured on it.

 Lo0 is short for loopback. This is not a real NIC interface adapter.
This is an internal kernel virtual NIC device. All it does is provide a
way to troubleshoot the current system’s TCP/IP stack. It’s ip will
always be 127.0.0.1.. This is not just on Unix systems.

AIX Basic System Administration 514

AIX Networking – TCP/IP
 To test if you can communicate with another system on a network
use the ping command. A non-response could indicate that the
system is down.

Note, you can also ping hostnames, if setup.

# ping 192.168.240.138
PING 192.168.240.138 (192.168.240.138): 56 data bytes
64 bytes from 192.168.240.138: icmp_seq=0 ttl=255 time=0 ms
64 bytes from 192.168.240.138: icmp_seq=1 ttl=255 time=0 ms
64 bytes from 192.168.240.138: icmp_seq=2 ttl=255 time=0 ms
64 bytes from 192.168.240.138: icmp_seq=3 ttl=255 time=0 ms
64 bytes from 192.168.240.138: icmp_seq=4 ttl=255 time=0 ms
^C
--- 192.168.240.138 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0/0/0 ms
#

I pressed control ^ C, to exit out of the ping.

AIX Basic System Administration 515

AIX Networking – TCP/IP
 Attempt to ping something which doesn’t exist such as the following
hostname:

# ping non_existing_hostname

^C

The above ping output shows an attempt to reach a hostname which is

not responding on the network.

AIX Basic System Administration 516

AIX Networking - TCPIP

 Network name resolution is the process of translating ip addresses

into hostnames. It’s easier, and more efficient to use symbolic
names such as hostnames, rather then several ip addresses.

 Name resolution is handled locally on the AIX system with a file

called /etc/hosts, which handles local translation, and there is also a
standard global translation mechanism known as DNS – Domain
Name System.

AIX Basic System Administration 517

AIX Networking – TCP/IP
The /etc/hosts file is the local method for network name resolution.

# ls -l /etc/hosts
-rw-rw-r-- 1 root system 1870 Sep 11 11:26 /etc/hosts
#

# tail /etc/hosts
# indicates the beginning of a comment; characters up to the end of the
# line are not interpreted by routines which search this file. Blank
# lines are allowed.

# Internet Address Hostname # Comments

# 192.9.200.1 net0sample # ethernet name/address
# 128.100.0.1 token0sample # token ring name/address
# 10.2.0.2 x25sample # x.25 name/address
127.0.0.1 loopback localhost # loopback (lo0) name/address
192.168.240.123 gvicaix01
#

AIX Basic System Administration 518

AIX Networking – TCP/IP

Open the /etc/hosts file with the vi editor, and populate this file as
follows. Just don’t insert an entry for your server – (This example is
on Gvicaix01, so that server is not included in the file below).

Format of /etc/hosts file:

IP_ADDRESS HOSTNAME ALIAS_2 …

# cat /etc/hosts
…

192.168.240.124 gvicaix02 system2

192.168.240.125 gvicaix03 system3
192.168.240.126 gvicaix04 system4
192.168.240.127 gvicaix05 system5
192.168.240.135 gvicaix06 system6
192.168.240.136 gvicaix07 system7

AIX Basic System Administration 519

AIX Networking - TCPIP

 Test that local name resolution is operational.

# ping gvicaix02
PING gvicaix02 (192.168.240.102): 56 data bytes
64 bytes from 192.168.240.102: icmp_seq=0 ttl=255 time=0 ms
64 bytes from 192.168.240.102: icmp_seq=1 ttl=255 time=0 ms
^C
--- gvicaix02 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0/0/0 ms

# ping system2
PING gvicaix02 (192.168.240.102): 56 data bytes
64 bytes from 192.168.240.102: icmp_seq=0 ttl=255 time=0 ms
64 bytes from 192.168.240.102: icmp_seq=1 ttl=255 time=0 ms
^C
--- gvicaix02 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0/0/0 ms
#

AIX Basic System Administration 520

AIX Networking - TCPIP
 Use the telnet command to log into another system.

Student on system Gvicaix01 telnet to Gvicaix02, and vice-versa.

Student on system Gvicaix03 telnet to Gvicaix04, and vice-versa.
Student on system Gvicaix05 telnet to Gvicaix06, and vice-versa.
Student on system Gvicaix07 telnet to Gvicaix06.

AIX Basic System Administration 521

AIX Networking - TCPIP
 To telnet from one system to another, use the telnet command list
as follows.

# hostname
gvicaix14
# telnet gvicaix15
Trying...
Connected to gvicaix15.
Escape character is '^]'.

telnet (gvicaix15)

AIX Version 5
Copyright IBM Corporation, 1982, 2007.
login: root

….

Last login: Fri Sep 11 11:27:07 2009 on /dev/pts/0 from 192.168.240.137

# hostname
gvicaix15
# who
root pts/0 Sep 11 11:27 (gvicaix14)
# exit
Connection closed.
# hostname
gvicaix14

AIX Basic System Administration 522

AIX Networking – TCP/IP
 Using the same system partnerships detailed for the telnet lab, we’re
going to now transfer a file from system to system via the ftp
command, which stands for File Transfer Protocol. A download:

# hostname
gvicaix14
# ftp gvicaix15
Connected to gvicaix15.
220 gvicaix15 FTP server (Version 4.2 Sat Jun 16 07:20:05 CDT 2007) ready.
Name (gvicaix15:root): root
331 Password required for root.
Password:
230-Last unsuccessful login: Fri Sep 11 11:45:13 2009 on ftp from gvicaix14
230-Last login: Fri Sep 11 11:45:20 2009 on /dev/pts/0 from gvicaix14
230 User root logged in.
ftp> get
(remote-file) /etc/hosts
(local-file) /tmp/hosts
200 PORT command successful.
150 Opening data connection for /etc/hosts (1896 bytes).
226 Transfer complete.
1951 bytes received in 0.000987 seconds (1930 Kbytes/s)
local: /tmp/hosts remote: /etc/hosts
ftp> quit
221 Goodbye.

# ls -l /tmp/hosts
-rw-r--r-- 1 root system 1896 Sep 11 11:45 /tmp/hosts

AIX Basic System Administration 523

AIX Networking – TCP/IP
 Upload:
# hostname
gvicaix14
# ftp gvicaix15
Connected to gvicaix15.
220 gvicaix15 FTP server (Version 4.2 Sat Jun 16 07:20:05 CDT 2007) ready.
Name (gvicaix15:root): root
331 Password required for root.
Password:
230-Last unsuccessful login: Fri Sep 11 11:45:13 2009 on ftp from gvicaix14
230-Last login: Fri Sep 11 11:45:37 2009 on ftp from gvicaix14
230 User root logged in.
ftp> put
(local-file) /etc/passwd
(remote-file) /tmp/passwd
200 PORT command successful.
150 Opening data connection for /tmp/passwd.
226 Transfer complete.
543 bytes sent in 0.001172 seconds (452.5 Kbytes/s)
local: /etc/passwd remote: /tmp/passwd
ftp> quit

Now, goto the target system, and verify the file was sent there.
# hostname
gvicaix15
# ls -l /tmp/passwd
-rw-r----- 1 root system 528 Sep 11 11:48 /tmp/passwd
#

AIX Basic System Administration 524

AIX Networking – TCP/IP
Global DNS name resolution is handled by another server(s) in the
environment holding the ip address, and hostname translation table,
rather then it being maintained locally on the AIX systems. The
/etc/resolv.conf file, which doesn’t exist by default, points to the ip
address of the DNS server, so it knows where to go to resolve an ip
address.

# ls -l /etc/resolv.conf
/etc/resolv.conf not found
#

# nslookup www.ibm.com
Server:

^C#

AIX Basic System Administration 525

AIX Networking – TCP/IP

 Once the ip address of the DNS server of the environment, is in the

/etc/resolv.conf file, you can now translate ips, such as those from
the internet, if setup to do so.

# ls -l /etc/resolv.conf
-rw-r--r-- 1 root system 57 Sep 11 11:56 /etc/resolv.conf

# cat /etc/resolv.conf
domain theatsgroup.com
nameserver 192.168.240.150

# nslookup www.ibm.com
Server: atsicdc.ats.local
Address: 192.168.240.150

Non-authoritative answer:
Name: www.ibm.com.cs186.net
Address: 129.42.58.216
Aliases: www.ibm.com

AIX Basic System Administration 526

AIX Networking – TCP/IP
 To view the routing table type in the following:

# netstat -rn
Routing tables
Destination Gateway Flags Refs Use If Exp Groups

Route Tree for Protocol Family 2 (Internet):

default 192.168.240.1 UG 0 4 en0 - -
127/8 127.0.0.1 U 14 279 lo0 - -
192.168.240.0 192.168.240.123 UHSb 0 0 en0 - - =>
192.168.240/24 192.168.240.123 U 6 1071 en0 - -
192.168.240.123 127.0.0.1 UGHS 4 78 lo0 - -
192.168.240.255 192.168.240.123 UHSb 2 8 en0 - -

Route Tree for Protocol Family 24 (Internet v6):

::1%1 ::1%1 UH 3 32 lo0 - -
#

The route next to default, is the system’s default route/gateway.

AIX Basic System Administration 527

AIX Networking – TCP/IP

 Telnet, and FTP are insecure programs. They transmit passwords in

clear text over the network. You should use SSH and SFTP, SCP
respectively as an alternative. Data is transferred via SSH in a
secured, encrypted fashion.

 Unix has r-commands. These commands also allow communication

over a network. These commands are also insecure, because they
also transfer the password over the network in clear text. You can
also use SSH as an alternative for these commands.

- rexec
- rsh
- rlogin

AIX Basic System Administration 528

 AIX Security

AIX Basic System Administration 529

AIX Security

 AIX is shipped insecure. However, it has all of the tools to be very

secure.

 The process of securing a system is called hardening a system.

 Depending upon your corporate IT policy, security can be loose on

an AIX system, or very tight.

 There is a thin line between a secured system, and a non-productive

system. Most customers compromise somewhere in the middle as
far as security is concerned. This is of course as long as there are
no legal regulations, etc..

AIX Basic System Administration 530

AIX Security

 One of the first things you should do to ensure your system is

secure, is ensure the root user is protected with a password. We
already accomplished this earlier in the class.

# passwd
Changing password for "root"
root's New password: <ENTER>
Re-enter root's new password: <ENTER>

# logins -p
root 0 system

# passwd
Changing password for "root"
root's New password:
Re-enter root's new password:

# logins -p
#

AIX Basic System Administration 531

AIX Security
 Install ssh, and disable telnet. Remember, telnet is insecure
because it transmits login passwords in clear text over the network.
To disable telnet, you must disable it’s subserver. You do that with
the stopsrc –t sub_server command.

# lssrc -t telnet
Service Command Arguments Status
telnet /usr/sbin/telnetd telnetd -a active

# stopsrc -t telnet
0513-127 The telnet subserver was stopped successfully.

# lssrc -t telnet
Service Command Arguments Status
#

Now attempt to telnet into your partner system.

# telnet gvicaix15
Trying...
telnet: connect: Connection refused
#

AIX Basic System Administration 532

AIX Security
 FTP should be disabled as well.

# lssrc -t ftp
Service Command Arguments Status
ftp /usr/sbin/ftpd ftpd active

# stopsrc -t ftp
0513-127 The ftp subserver was stopped successfully.

# lssrc -t ftp
Service Command Arguments Status
#

Now attempt to ftp to your partner system.

# ftp loopback
ftp: connect: Connection refused
ftp> quit
#

AIX Basic System Administration 533

AIX Security

 Enable telnet, and ftp once again. The last two labs was just to
demonstrate how to disable those two services.

# lssrc -t telnet
Service Command Arguments Status
# startsrc -t telnet
0513-124 The telnet subserver has been started.
# lssrc -t telnet
Service Command Arguments Status
telnet /usr/sbin/telnetd telnetd -a active
#

# lssrc -t ftp
Service Command Arguments Status
# startsrc -t ftp
0513-124 The ftp subserver has been started.
# lssrc -t ftp
Service Command Arguments Status
ftp /usr/sbin/ftpd ftpd active
#

AIX Basic System Administration 534

AIX Security

 Another task you can do to protect the root user account is to

disable the ability to log into that user remotely.

# smitty chuser

AIX Basic System Administration 535

AIX Security

AIX Basic System Administration 536

AIX Security

 Open another putty session, and note how you can’t login as that
root user any longer remotely. Now, you would be able to login as
root from the system console.

AIX Version 5
Copyright IBM Corporation, 1982, 2007.
login: root
Remote logins are not allowed for this account.

login:

AIX Basic System Administration 537

AIX Security

 After you set this attribute, rlogin=false, note you will still be able to
su to the root user, from a normal user id. This is typically done to
enforce user accountability.

 Go back through smit, and change it back to remote login true.

AIX Basic System Administration 538

AIX Security
 AIX has quite a few security options you can set for users you setup
on the system. Go into the smitty chuser fastpath, and let’s review
them together.

# smitty chuser

AIX Basic System Administration 539

AIX Security

 All of these settings, are set in the /etc/security/user config file. user
security

User ID
ADMINISTRATIVE USER?
Primary GROUP
Group SET
ADMINISTRATIVE GROUPS
ROLES
Another user can SU TO USER?
SU GROUPS
HOME directory
Initial PROGRAM
User INFORMATION
EXPIRATION date (MMDDhhmmyy)
Is this user ACCOUNT LOCKED?

AIX Basic System Administration 540

AIX Security
User can LOGIN?
User can LOGIN REMOTELY(rsh,tn,rlogin)?
Allowed LOGIN TIMES
Number of FAILED LOGINS before
user account is locked
Login AUTHENTICATION GRAMMAR
Valid TTYs
Days to WARN USER before password expires
Password CHECK METHODS
Password DICTIONARY FILES
NUMBER OF PASSWORDS before reuse
WEEKS before password reuse
Weeks between password EXPIRATION and LOCKOUT

AIX Basic System Administration 541

 AIX Security

Password MAX. AGE

Password MIN. AGE
Password MIN. LENGTH
Password MIN. ALPHA characters
Password MIN. OTHER characters
Password MAX. REPEATED characters
Password MIN. DIFFERENT characters
Password REGISTRY
Soft FILE size
Soft CPU time
Soft DATA segment
Soft STACK size
Soft CORE file size
Hard FILE size

ETC…

AIX Basic System Administration 542

AIX Security

 For this section which deals with Unix file, and directory
permissions, go ahead and create another user called justin2, which
is yourname2:

# mkuser justin2

# id justin2
uid=288(justin2) gid=202(staff)

# passwd justin2
Changing password for "justin2"
justin2's New password:
Enter the new password again:

# pwdadm -c justin2
#

AIX Basic System Administration 543

AIX Security

When you create a file or directory in AIX, you user id owns the file,
and your primary group owns it as well.

Log in as the user you created back in the User Management section, and create an
empty file and directory:

$ id
uid=287(justin) gid=202(dba) groups=1(staff)

$ pwd
/home/justin

$ touch file
$ ls -l file
-rw-r--r-- 1 justin dba 0 Nov 05 23:32 file

$ mkdir dir
$ ls -ld dir
drwxr-xr-x 2 justin dba 256 Nov 05 23:32 dir
$

AIX Basic System Administration 544

AIX Security
 By default, you can delete, rename/move any files, or directories you
created/own.

Delete:

$ id
uid=287(justin) gid=202(dba) groups=1(staff)

$ ls -l file
-rw-r--r-- 1 justin dba 0 Nov 05 23:32 file

$ rm file
$ ls -l file
ls: 0653-341 The file file does not exist.

$ ls -ld dir
drwxr-xr-x 2 justin dba 256 Nov 05 23:32 dir

$ rmdir dir
$ ls -ld dir
ls: 0653-341 The file dir does not exist.

AIX Basic System Administration 545

AIX Security

Rename/move:

$ touch file
$ mkdir dir
$ ls -l file
-rw-r--r-- 1 justin dba 0 Nov 05 23:55 file

$ ls -ld dir
drwxr-xr-x 2 justin dba 256 Nov 05 23:55 dir

$ mv file file2
$ mv dir dir2
$ ls -l file2
-rw-r--r-- 1 justin dba 0 Nov 05 23:55 file2

$ ls -ld dir2
drwxr-xr-x 2 justin dba 256 Nov 05 23:55 dir2
$

AIX Basic System Administration 546

AIX Security

 Populate the file, file with data:

$ echo "data in file" > file

$ ls -l file
-rw-r--r-- 1 justin dba 13 Nov 06 00:17 file

$ cat file
data in file
$

 By default all users on the system have read permission to this file.
Also, by default all users who are also members of user justin’s
primary group, dba, the group which owns this file, have read
permission to this file, meaning if you are logged into the system
who is a member of the same group who created a specific file, then
you will have permission to read that file, just as the owner does.

AIX Basic System Administration 547

AIX Security

 Now, open another putty session to your system, and login as user
justin2, the user you created at the start of this lab section. Once in,
attempt to read the file you just created as user justin in user justin’s
home directory, you will be able to, but attempt to write to this file as
user justin2 who doesn’t own the file, you won’t be able to:

$ id
uid=288(justin2) gid=1(staff)

$ ls -l /home/justin/file
-rw-r--r-- 1 justin dba 13 Nov 06 00:17 /home/justin/file

$ cat /home/justin/file
data in file

$ echo "more data in file" >> /home/justin/file

The file access permissions do not allow the specified action.
ksh: /home/justin/file: 0403-005 Cannot create the specified file.
$

AIX Basic System Administration 548

AIX Security

 Switch user, with the Unix su command, to the root user of the
system and then change the owner of the /home/justin/file file to
justin2. You change the user ownership of a file with the chown
comand:

$ su –
root’s Password:

# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)

# ls -l /home/justin/file
-rw-r--r-- 1 justin dba 13 Nov 06 00:17 /home/justin/file

# chown justin2 /home/justin/file

# ls -l /home/justin/file
-rw-r--r-- 1 justin2 dba 13 Nov 06 00:17 /home/justin/file
#

AIX Basic System Administration 549

AIX Security
 Now, type in the exit command, to become user justin2 again.
Attempt to write to the file /home/justin/file again, and now that user
justin2 owns this file, justin2 will be able to write to that file. Since
user justin2 now owns this file, and by default Unix gives write
permission to the owner of a file, justin2 will now be able to write to
this file.

# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)

# exit
$ id
uid=288(justin2) gid=1(staff)

$ ls -l /home/justin/file
-rw-r--r-- 1 justin2 dba 13 Nov 06 00:17 /home/justin/file

$ cat /home/justin/file
data in file

$ echo "more data in file" >> /home/justin/file

$ cat /home/justin/file
data in file
more data in file
$

AIX Basic System Administration 550

AIX Security
 Unix file and directory permissions are handled by ten bits set for
each file and directory. You see this via the ls –l command. Go
ahead and go to your justin Putty session:

$ id
uid=287(justin) gid=202(dba) groups=1(staff)

$ touch filea
$ echo "data" > filea
$ cat filea
data

$ ls -l filea
-rw-r--r-- 1 justin dba 5 Nov 06 04:07 filea
$

AIX Basic System Administration 551

 AIX Security
$ ls -l filea

-rw-r--r-- 1 justin dba 5 Nov 06 04:07 filea

$

These ten permission bits are grouped together into three permission bit sets, with three
permissions each: r, w, and x. There is a permission bit set for the following groups of users:

- Users which own the file or directory.

- Users who are members of the same group who owns the file or directory.
- Others/World. Everyone else on the system. Not the owner or a member of the group who
owns the file or directory.

- There are also three basic permissions you can set for each group – r = Read, w = Write,
and x = eXecute.
Directory? Read? Write? Execute? Read? Write? Execute? Read? Write? Execute?

N Y Y N Y N N Y N N

Owner Group Other

AIX Basic System Administration 552
AIX Security
 So based on the ls –l output of the file, filea we deduce the following:

 User justin, the owner, has read, and write permission on filea.
 Every user on the system who is in the dba group has read permission on filea.
 Every user on the system who is not the owner or not in the dba group has read permission
on filea.

Go to the justin2 Putty session, and attempt to read the file, filea:
$ id
uid=288(justin2) gid=1(staff)

$ cat /home/justin/filea
data
$

Go back to the justin Putty session, and attempt to read the file, filea:

$ id
uid=287(justin) gid=2978(dba) groups=1(staff)
$ cat filea
data
$

AIX Basic System Administration 553

AIX Security
 Now let’s change the file permission of the file. To change the permission we
use the chmod command. In our example we are going to take read
permission way from the owner of the file:

$ chmod u-r filea

$ ls -l filea
--w-r--r-- 1 justin dba 5 Nov 06 04:07 filea

$ cat filea
cat: 0652-050 Cannot open filea.
$

For the chmod command you use the following parameters to specify which
permission bit set you are setting, and which permission bit you are setting:

- u = Owner of the file permission bit set.

- g = Group member of group which owns the file permission bit set.
- o = Others/World. Non-owners of the file, and non-group members of the
group owner of the file permission bit set.

- You use the +, plus sign to grant, and the minus -, sign to revoke.

AIX Basic System Administration 554

AIX Security

Go to your justin2 window and attempt to read the file. Note, even
though justin2 is not the owner, the third permission bit, other, has
the r – read set, this means justin2 can read the file even though
justin/owner cannot.
$ id
uid=288(justin2) gid=1(staff)

$ ls -l /home/justin/filea
--w-r--r-- 1 justin dba 5 Nov 06 04:07 /home/justin/filea

$ cat /home/justin/filea
data
$

AIX Basic System Administration 555

AIX Security
 Back at the justin user window attempt to edit the file, file, by re-
directing output to it from the Unix shell:

$ id
uid=287(justin) gid=2978(dba) groups=1(staff)

$ ls -l filea
--w-r--r-- 1 justin dba 5 Nov 06 04:07 filea

$ date >> filea

$ cat filea
cat: 0652-050 Cannot open filea.

$ vi filea

"filea" The file access permissions do not allow the specified action.

Note, you as the owner still have write permission to filea, so you can
re-direct output to that file, however since you as the owner do not
have read permission to that file you cannot edit the file with the vi
editor, because you need read permission to edit the file with an
editor which must read it.
AIX Basic System Administration 556
AIX Security
 Now go to the justin2 window and cat the file, so you see that even
without read permission you were able to append to this file as user
justin with the shell re-direction of the date command output:

$ id
uid=288(justin2) gid=1(staff)

$ cat /home/justin/filea
data
Sat Nov 6 13:15:04 EDT 2010
$

As justin2 attempt to write to this file by re-directing shell output

to it:
$ id
uid=288(justin2) gid=1(staff)

$ date >> /home/justin/filea

The file access permissions do not allow the specified action.
ksh: /home/justin/filea: 0403-005 Cannot create the specified file.

$ ls -l /home/justin/filea
--w-r--r-- 1 justin dba 34 Nov 06 13:15 /home/justin/filea
$

AIX Basic System Administration 557

AIX Security
 Back in the justin window go ahead and give the last permission bit set o for other, write
permission to this file.

$ id
uid=287(justin) gid=2978(dba) groups=1(staff)

$ ls -l filea
--w-r--r-- 1 justin dba 34 Nov 06 13:15 filea

$ chmod o+w filea

$ ls -l filea
--w-r--rw- 1 justin dba 34 Nov 06 13:15 filea
$

Now in the justin2 window you should be able to write/append to this file, because justin2 now
not being the owner or in the dba group has permission to write to this file. This is also
known as “world writable”:
$ id
uid=288(justin2) gid=1(staff)

$ date >> /home/justin/filea

$ cat /home/justin/filea
data
Sat Nov 6 13:15:04 EDT 2010
Sat Nov 6 13:25:15 EDT 2010

AIX Basic System Administration 558

AIX Security
 In the justin window give the owner, you, read permission to filea again:

$ id
uid=287(justin) gid=2978(dba) groups=1(staff)

$ ls -l filea
--w-r--rw- 1 justin dba 63 Nov 06 13:25 filea

$ chmod u+r filea

$ ls -l filea
-rw-r--rw- 1 justin dba 63 Nov 06 13:25 filea

$ vi filea

Use ESC+dd three times to delete all three lines within vi. Insert the following
comands/lines to the file. This is a simple shell script:
#!/usr/bin/ksh

echo “Hello”
sleep 3
echo “This is a simple shell script in Unix”

AIX Basic System Administration 559

AIX Security
 To run/execute a Unix shell script all you do is enter the name of the
file, and the Unix shell will sequentially execute every command in
that file.

$ ls -l filea
-rw-r--rw- 1 justin dba 82 Nov 06 13:30 filea

$ filea
ksh: filea: 0403-006 Execute permission denied.
$

To be able to run/execute this file go ahead and give the owner of the
file execute permission to it.
$ chmod u+x filea
$ ls -l filea
-rwxr--rw- 1 justin dba 82 Nov 06 13:30 filea

$ filea
Hello

(SHELL SCRIPT PAUSES FOR THREE SECONDS).

This is a simple shell script in Unix

$

AIX Basic System Administration 560

AIX Security
 Go to the justin2 user window and attempt to execute this shell
script:

$ id
uid=204(justin2) gid=1(staff)

$ /home/justin/filea
ksh: /home/justin/filea: 0403-006 Execute permission denied.
$

$ chmod o+x /home/justin/filea

0481-014 chmod: not all requested changes were made to /home/justin/filea
$

Note, only the owner of a file, or directory can change the permission
of a file or directory. Back in the justin window:

$ id
uid=203(justin) gid=204(dba) groups=1(staff)
$ chmod o+x filea
$ ls -l filea
-rwxr--rwx 1 justin dba 84 Nov 20 13:17 filea
$

AIX Basic System Administration 561

AIX Security
 You will now see that back in the justin2 window, that user can now
execute this shell script:

$ id
uid=204(justin2) gid=1(staff)

$ /home/justin/filea
Hello
This is a simple shell script in Unix
$

AIX Basic System Administration 562

AIX Security

 For Directory permissions:

- Read permission is required if a user wishes to view the contents of a directory, like
with the ls command.
- Write permission is required if a user wishes to create a file or sub-directory in a
directory, or delete a file or sub-directory in a directory.
- Execute permission is required if a user wishes to move to a directory with the cd
command.

AIX Basic System Administration 563

AIX Security
 Go ahead and revoke read permission from this directory:

$ ls -ld dir2
drwxr-xr-x 2 justin dba 256 Nov 06 14:41 dir2
$ chmod u-r dir2
$ ls -ld dir2
d-wxr-xr-x 2 justin dba 256 Nov 06 14:41 dir2
$

Also take execute for the owner away:

$ chmod u-x dir2

Notice now, how you cannot even view the contents of the directory, let alone cd to it:

$ ls dir2
ls: dir2: The file access permissions do not allow the specified action.
$ ls -l dir2
ls: dir2: The file access permissions do not allow the specified action.
total 0

With the chmod command you can also specify multiple permissions for a permission bit
set at once. So now let’s give read, and execute permission only to the owner back for
the dir2 directory:

$ chmod u+rx dir2

$ ls -ld dir2
drwxr-xr-x 2 justin dba 256 Nov 06 14:41 dir2

AIX Basic System Administration 564

AIX Security

 Go ahead and create some empty files in the directory dir2:

$ pwd
/home/justin

$ cd dir2
$ pwd
/home/justin/dir2

$ ls
$ touch filea fileb filec
$ ls -l
total 0
-rw-r--r-- 1 justin dba 0 Nov 06 14:41 filea
-rw-r--r-- 1 justin dba 0 Nov 06 14:41 fileb
-rw-r--r-- 1 justin dba 0 Nov 06 14:41 filec
$

AIX Basic System Administration 565

AIX Security
 Go ahead and move back to your/justin’s home directory, and take
away the execute permission to this directory:

$ cd
$ pwd
/home/justin

$ ls -ld dir2
drwxr-xr-x 2 justin dba 256 Nov 06 14:41 dir2

$ chmod u-x dir2

$ ls -ld dir2
drw-r-xr-x 2 justin dba 256 Nov 06 14:41 dir2

$ ls dir2
filea fileb filec

$ cd dir2
ksh: dir2: Permission denied.

What can we conclude here? Well a Unix directory needs execute

permission on it, for a user to be able to move to it - cd, to it.
However as long as there is read permission to the directory, we can
still view it’s contents – files, and/or sub-directories.

AIX Basic System Administration 566

AIX Security

 Give full rwx permission back to dir2:

$ chmod u+rwx dir2

$ ls -ld dir2
drwxr-xr-x 2 justin dba 256 Nov 06 14:41 dir2
$

Now, revoke the write permission from this directory for the owner:

$ chmod u-w dir2

$ ls -ld dir2
dr-xr-xr-x 2 justin dba 256 Nov 06 14:41 dir2
$

AIX Basic System Administration 567

AIX Security
 Notice how you cannot create/write anything in this directory,
because you revoke your ability to write to it:

$ ls dir2
filea fileb filec

$ ls -l dir2
total 0
-rw-r--r-- 1 justin dba 0 Nov 06 14:41 filea
-rw-r--r-- 1 justin dba 0 Nov 06 14:41 fileb
-rw-r--r-- 1 justin dba 0 Nov 06 14:41 filec

$ cd dir2
$ pwd
/home/justin/dir2

$ touch filed
touch: 0652-046 Cannot create filed.
$
$ mkdir dir2b
mkdir: 0653-357 Cannot access directory ..
.: The file access permissions do not allow the specified action.
$

$ cd

AIX Basic System Administration 568

AIX Security
 BIG GOTCHA. Let’s say you had a directory that you, user justin, created
called dirb.

$ id
uid=287(justin) gid=2978(dba) groups=1(staff)
$ mkdir dirb
$ ls -ld dirb
drwxr-xr-x 2 justin dba 256 Nov 16 12:28 dirb
$

Now you go into that directory, and create a file called: filea, and a sub-directory called dirc:
$ cd dirb
$ pwd
/home/justin/dirb
$ touch filea
$ ls -l filea
-rw-r--r-- 1 justin dba 0 Nov 16 12:29 filea

$ mkdir dirc
$ ls -ld dirc
drwxr-xr-x 2 justin dba 256 Nov 16 13:15 dirc
$

AIX Basic System Administration 569

AIX Security
Go to your justin2 login window, and attempt to delete this file:
$ id
uid=288(justin2) gid=1(staff)

$ cd /home/justin/dirb
$ ls -l filea
-rw-r--r-- 1 justin dba 82 Nov 06 13:30 filea

$ rm filea
rm: Remove filea? y
rm: 0653-609 Cannot remove filea.
The file access permissions do not allow the specified action.

$ rmdir dirc
rmdir: 0653-609 Cannot remove dirc.
The file access permissions do not allow the specified action.
$

You can’t, right? Now check this out.

AIX Basic System Administration 570

AIX Security
Go back to your justin window and change the directory permission of
dirb to give others/world write permission to this directory:

$ id
uid=287(justin) gid=2978(dba) groups=1(staff)

$ cd
$ ls -ld dirb
drwxr-xr-x 2 justin dba 256 Nov 16 12:29 dirb

$ chmod o+w dirb

$ ls -ld dirb
drwxr-xrwx 2 justin dba 256 Nov 16 12:29 dirb

AIX Basic System Administration 571

AIX Security
 Return to your justin2 login window, and now attempt to delete the
filea file:

$ id
uid=288(justin2) gid=1(staff)
$ cd /home/justin/dirb
$ ls -l
drwxr-xr-x 2 justin dba 256 Nov 16 12:38 dirb
-rw-r--r-- 1 justin dba 0 Nov 16 12:29 filea
$ rm filea
rm: Remove filea? y
$ ls -l filea
ls: 0653-341 The file filea does not exist.
$ rmdir dirc
$ ls –l dirc
ls: 0653-341 The file dirb does not exist.

 You are able to do it, even though you, justin2, do not own this file,
but justin does. You can because as long as the directory has write
permission on it for a permission bit set, anyone in that set can
delete from that directory, even if they do not own the file.

AIX Basic System Administration 572

AIX Security
 So how do you create a public directory where all users can dump their files,
and sub-directories, but only the owner of said files, and sub-directories can
delete them? This is where a special bit known as the “sticky bit” comes into
place. That is exactly what it is for, it makes it so all users can create files,
and/or sub-directories in a directory, but only the owner can delete them.

 Back in the justin user window:

$ id
uid=203(justin) gid=204(dba) groups=1(staff)

$ ls -ld dirb
drwxr-xrwx 2 justin dba 256 Nov 20 13:25 dirb

$ chmod o+t dirb

$ ls -ld dirb
drwxr-xrwt 2 justin dba 256 Nov 20 13:25 dirb
$

AIX Basic System Administration 573

AIX Security

 Now as user justin create filea and dirc:

$ id
uid=203(justin) gid=204(dba) groups=1(staff)

$ cd dirb
$ touch filea
$ mkdir dirc
$ ls -l
total 0
drwxr-xr-x 2 justin dba 256 Nov 20 13:28 dirc
-rw-r--r-- 1 justin dba 0 Nov 20 13:28 filea
$

AIX Basic System Administration 574

AIX Security
 Go to user justin2’s window and attempt to delete that file, and directory just
created/owned by user justin. You won’t be able to, even though you,
everyone/world, has permission to write to this directory. Also while you are there
create your own file and directory which will be owned by you, justin2:

$ id
uid=204(justin2) gid=1(staff)
$ cd /home/justin/dirb
$ ls -l
total 0
drwxr-xr-x 2 justin dba 256 Nov 20 13:28 dirc
-rw-r--r-- 1 justin dba 0 Nov 20 13:28 filea
$ rmdir dirc
rmdir: 0653-609 Cannot remove dirc.
Operation not permitted.
$ rm filea
rm: Remove filea? y
rm: 0653-609 Cannot remove filea.
Operation not permitted.
$ touch fileb
$ mkdir dird
$ ls -l
total 0
drwxr-xr-x 2 justin dba 256 Nov 20 13:28 dirc
drwxr-xr-x 2 justin2 staff 256 Nov 20 13:29 dird
-rw-r--r-- 1 justin dba 0 Nov 20 13:28 filea
-rw-r--r-- 1 justin2 staff 0 Nov 20 13:29 fileb

AIX Basic System Administration 575

AIX Security
 Back in the justin window, attempt to delete the file an directory user justin2 just
created:

$ id
uid=203(justin) gid=204(dba) groups=1(staff)
$ cd
$ cd dirb
$ ls -l
total 0
drwxr-xr-x 2 justin dba 256 Nov 20 13:28 dirc
drwxr-xr-x 2 justin2 staff 256 Nov 20 13:29 dird
-rw-r--r-- 1 justin dba 0 Nov 20 13:28 filea
-rw-r--r-- 1 justin2 staff 0 Nov 20 13:29 fileb
$ rm fileb
rm: Remove fileb? y

$ rmdir dird
rm:dir: A file or directory in the path name does not exist.
rm: 0653-603 Cannot remove directory dird.
$ rmdir dird
$ ls -l
total 0
drwxr-xr-x 2 justin dba 256 Nov 20 13:28 dirc
-rw-r--r-- 1 justin dba 0 Nov 20 13:28 filea
$

AIX Basic System Administration 576

AIX Security
 Can anyone tell me what happened and why?

ANSWER!!!

 To correct this you use a user who will never use this directory, or who is the
project manager, of the project which is using this common directory/repository
for multiple user’s files, and directories. We can see an example of this, by
default, on all already installed AIX system. This is seen in a filesystem,
directory called /tmp. This filesystem, directory is created automatically when
the operating system is installed, and look at it’s permissions:

$ ls -ld /tmp
drwxrwxrwt 7 bin bin 4096 Nov 20 13:37 /tmp
$

As you can see this filesystem, directory has the sticky bit set.

AIX Basic System Administration 577

AIX Security
 As user justin create a file and directory in /tmp:

$ id
uid=203(justin) gid=204(dba) groups=1(staff)

$ cd /tmp
$ pwd
/tmp

$ touch filea
$ mkdir dira
$ ls -l filea
-rw-r--r-- 1 justin dba 0 Nov 20 13:39 filea

$ ls -ld dira
drwxr-xr-x 2 justin dba 256 Nov 20 13:39 dira
$

AIX Basic System Administration 578

AIX Security
 As user justin2 create a file and directory as well in /tmp:

$ id
uid=204(justin2) gid=1(staff)
$ cd /tmp
$ pwd
/tmp
$ touch fileb
$ mkdir dirb
$ ls -l fileb
-rw-r--r-- 1 justin2 staff 0 Nov 20 13:41 fileb
$ ls -ld dirb
drwxr-xr-x 2 justin2 staff 256 Nov 20 13:41 dirb
$

While logged in as justin2, attempt to delete filea and dira created by user justin:

$ rm filea
rm: Remove filea? y
rm: 0653-609 Cannot remove filea.
Operation not permitted.
$ rmdir dira
rmdir: 0653-609 Cannot remove dira.
Operation not permitted.
$

AIX Basic System Administration 579

AIX Security

 Now as user justin attempt to delete the file, and directory you
created as user justin2:

$ id
uid=203(justin) gid=204(dba) groups=1(staff)
$ cd /tmp
$ pwd
/tmp
$ rm fileb
rm: Remove fileb? y
rm: 0653-609 Cannot remove fileb.
Operation not permitted.
$ rmdir dirb
rmdir: 0653-609 Cannot remove dirb.
Operation not permitted.
$

AIX Basic System Administration 580

AIX Security
 As user justin2 delete the file, and directory you, justin2, created:
$ id
uid=204(justin2) gid=1(staff)
$ cd /tmp
$ rm fileb
$ rmdir dirb
$ ls -l fileb
ls: 0653-341 The file fileb does not exist.
$ ls -ld dirb
ls: 0653-341 The file dirb does not exist.
$

As user justin delete the file and directory you, justin, created:
$ id
uid=203(justin) gid=204(dba) groups=1(staff)
$ cd /tmp
$ rm filea
$ rmdir dira
$ ls -l filea
ls: 0653-341 The file filea does not exist.
$ ls -ld dira
ls: 0653-341 The file dira does not exist.
$

AIX Basic System Administration 581

AIX Security
 You can also revoke multiple permissions simultaneously from a permission
group set. Back in justin window:

$ pwd
/home/justin

$ ls -ld dir2
dr-xr-xr-x 2 justin dba 256 Nov 06 14:41 dir2

$ chmod u-rwx dir2

$ ls -ld dir2
d---r-xr-x 2 justin dba 256 Nov 06 14:41 dir2
$

As you can do with multiple permission group sets as well simultaneously:

$ chmod go-rwx dir2
$ ls -ld dir2
d--------- 2 justin dba 256 Nov 06 14:41 dir2
$

Above we simultaneously revoked the read, write and execute permissions from
the group and others/world permission bit set for this directory.

AIX Basic System Administration 582

AIX Security
 To set a file permission for all permission sets, use the a option to the chmod
command:

$ chmod a=rw filea

$ ls -l filea
-rw-rw-rw- 1 justin staff 82 Nov 06 13:30 filea
$

Now all permission sets owner, group, and other/world have read write access
to the file.

To unset all permission sets to all:

$ chmod a= filea
$ ls -l filea
---------- 1 justin staff 82 Nov 06 13:30 filea
$

$ date > filea

The file access permissions do not allow the specified action.
ksh: filea: 0403-005 Cannot create the specified file.
$ cat filea
cat: 0652-050 Cannot open filea.
$ ./filea
ksh: ./filea: 0403-006 Execute permission denied.

AIX Basic System Administration 583

AIX Security
 You can change the permission bit mode of a file using numeric representations
of the permission via the chmod command.

 The chmod command has the following numerical representation for file
permissions in Unix:

- 0 = No permission bit set

- 1 = Execute permission bit
- 2 = Write permission bit
- 4 = Read permission bit

 Each permission bit set gets one number, three total for each permission bit set:
owner, group, and other/world. See upcoming examples for an elaboration on
this statement.

AIX Basic System Administration 584

AIX Security

 To give the owner of filea execute(1) permission only type in:

$ ls -l filea
---------- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 100 filea

$ ls -l filea
---x------ 1 justin staff 82 Nov 06 13:30 filea
$

To give the owner of filea write(2) permission only type in:

$ chmod 200 filea

$ ls -l filea
--w------- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 585

AIX Security
 To give the owner of filea read(4) permission only:

$ ls -l filea
--w------- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 400 filea

$ ls -l filea
-r-------- 1 justin staff 82 Nov 06 13:30 filea
$

To give the group of filea execute(1) permission only:

$ ls -l filea
------x--- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 010 filea

$ ls -l filea
------x--- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 586

AIX Security
 To give the group of filea write(2) permission only:

$ ls -l filea
------x--- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 020 filea

$ ls -l filea
-----w---- 1 justin staff 82 Nov 06 13:30 filea
$

To give the group of filea read(4) permission only:

$ ls -l filea
-----w---- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 040 filea

$ ls -l filea
----r----- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 587

AIX Security
 To give others/world execute(1) permission only on filea

$ ls -l filea
----r----- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 001 filea

$ ls -l filea
---------x 1 justin staff 82 Nov 06 13:30 filea
$

To give others/world write(2) permission only on filea

$ ls -l filea
---------x 1 justin staff 82 Nov 06 13:30 filea

$ chmod 002 filea

$ ls -l filea
--------w- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 588

AIX Security

 To give world/others read(4) permission only on filea

$ ls -l filea
--------w- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 004 filea

$ ls -l filea
-------r-- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 589

AIX Security
 Note, what happened you lost the ownership of the previous permission bit
everytime we did this, so to retain our previous permission bit setting we just
include that in the number representation.

 Example, first clear out all permission for filea, which would be cleared using 0,
since 0 means no permissions, and we do that for all three permission bit sets:
$ ls -l filea
-------r-- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 000 filea

$ ls -l filea
---------- 1 justin staff 82 Nov 06 13:30 filea
$

 Now in this example we want the owner of filea to have read(4) permission, the group to
have execute(1) permission, and others/world to have write(2) permission:
$ chmod 412 filea
$ ls -l filea
-r----x-w- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 590

AIX Security

 Lets say you wanted each permission group set to have multiple
permission, for instance, you wanted the owner of the file to have
read(4), write(2), and execute(1) permission:

$ chmod 400 filea

$ chmod 200 filea
$ chmod 100 filea
$ ls -l filea
---x------ 1 justin staff 82 Nov 06 13:30 filea

$ chmod 42100 filea

$ ls -l filea
---x--S--- 1 justin staff 82 Nov 06 13:30 filea
$

How do you set multiple permission bits to a permission set with the chmod
command using numbers?

ANYONE???
AIX Basic System Administration 591
AIX Security
 You sum all of the desired permission bit numerical values up and
then just apply that number to the command.

 So remember, in our first example, we want the owner of the file to

have read(4), write(2), and execute(1) permission.

Owner – 4 + 2 + 1 = 7
Group – 0 + 0 + 0 = 0
Other/world – 0 + 0 + 0 = 0

Directory? Read? Write? Execute? Read? Write? Execute? Read? Write? Execute?

4 2 1 0 0 0 0 0 0

Owner Group Other

AIX Basic System Administration 592
AIX Security

$ ls -l filea
---------- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 700 filea

$ ls -l filea
-rwx------ 1 justin staff 82 Nov 06 13:30 filea

To give the group read and execute permission only, 4 + 1 = 5:

$ chmod 750 filea

$ ls -l filea
-rwxr-x--- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 593

AIX Security

 To give the others/world, read, and write permission only, 4 + 2 = 6:

$ chmod 756 filea

$ ls -l filea
-rwxr-xrw- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 594

AIX Security

 To understand how those numbers: 1 for execute, 2 for write, and 4 for read, are
assigned, we must think binary – (1’s and 0’s).

 To illustrate and example let us say that you wanted a file to have the following
permission set:

-rwx r-x rw-

That is owner: read, write, execute. Group: read, execute, and Others/world: read,
and write.

AIX Basic System Administration 595

AIX Security

 To determine which number represents which permission you use a binary chart.
You put a 1 under each permission bit set, and a 0 under each – (hypen), which
means no permission bit set here.

 Remember our desired permission set for a file: -rwx r-x rw-

Directory? Read? Write? Execute? Read? Write? Execute? Read? Write? Execute?

0 1 1 1 1 0 1 1 1 0

Owner Group Other

AIX Basic System Administration 596

AIX Security
 You are just turning on and off bits, and summing up the binary values of those
on and off bit positions:

 Owner: -rwx
4 2 1

1 1 1

Decimal representation of the binary bit count above is: 4 + 2 + 1 = 7.

 Group: r-x

4 2 1

1 0 1

Decimal representation of the binary bit count above is: 4 + 1 = 5.

AIX Basic System Administration 597

AIX Security
 Owner: -rw-

4 2 1

1 1 0

Decimal representation of the binary bit count above is: 4 + 2 = 6.

Q.E.D.
$ chmod 000 filea
$ ls -l filea
---------- 1 justin staff 82 Nov 06 13:30 filea

$ chmod 756 filea

$ ls -l filea
-rwxr-xrw- 1 justin staff 82 Nov 06 13:30 filea
$

AIX Basic System Administration 598

AIX Security
 You can change the group ownership of a file, or directory with the Unix chgrp
command.

$ ls -l filea
-rwxr--rw- 1 justin dba 82 Nov 06 13:30 filea
$

Notice how the second permission bit set does not have an x, so that means
anyone in the same group cannot run this shell script, so let’s give the group
permission bit execute permission:
$ chmod g+x filea
$ ls -l filea
-rwxr-xrw- 1 justin dba 82 Nov 06 13:30 filea
$

AIX Basic System Administration 599

AIX Security
Now go to the justin2 user window and attempt to run the shell script.
$ id
uid=288(justin2) gid=1(staff)

$ /home/justin/filea
ksh: /home/justin/filea: 0403-006 Execute permission denied.
$

This failed because we gave the group execute permission, and user justin2 is not in the
dba group, which is the owner group of the /home/justin/filea shell script. To correct this
we can either put user justin2 into the dba group, change the world/other execute
permission, or change the shell script’s group ownership to staff, so justin2 can execute
it. We do this by becoming the root user, and then using the Unix chgrp command:

$ su -
root's Password:

# id
uid=0(root) gid=0(system) groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)

# ls -l /home/justin/filea
-rwxr-xrw- 1 justin dba 82 Nov 06 13:30 /home/justin/filea

# chgrp staff /home/justin/filea

# ls -l /home/justin/filea
-rwxr-xrw- 1 justin staff 82 Nov 06 13:30 /home/justin/filea

AIX Basic System Administration 600

AIX Security

 Type in exit, to get back to user justin2, and then attempt to execute that shell
script again. Now the execution attempt will succeed.

# exit
$ id
uid=288(justin2) gid=1(staff)

$ ls -l /home/justin/filea
-rwxr-xrw- 1 justin staff 82 Nov 06 13:30 /home/justin/filea

$ /home/justin/filea
Hello

SHELL SCRIPT PAUSES FOR THREE SECONDS

This is a simple shell script in Unix

$

AIX Basic System Administration 601

AIX Security

 The umask determines what the default permissions of a file and/or directory
will be in Unix.

 When you create a file, it’s default permission is rw for the owner, r only for
the group, and r only for everyone else/world.

 Return to user justin:

$ id
uid=203(justin) gid=204(dba) groups=1(staff)

$ cd
$ pwd
/home/justin

$ touch filed
$ ls -l filed
-rw-r--r-- 1 justin dba 0 Nov 20 13:53 filed
$

AIX Basic System Administration 602

AIX Security
 When you create a directory, it’s default permission is rwx for the owner, rx only
for the group, and rx only for everyone else/world.

$ mkdir dird
$ ls -ld dird
drwxr-xr-x 2 justin dba 256 Nov 20 13:55 dird
$

Check the current umask value. The following umask value is the default for all
users:
$ umask
022
$

AIX Basic System Administration 603

AIX Security
Change the umask so all subsequent files, and directories created in this user’s
shell will by default have read permission only for the user permission group,
write permission only for the group permission group, and read, write only for
the other/world permission group:

$ umask u=r,g=w,o=rw
$ umask
0351

$ umask -S
u=r,g=w,o=rw

$ touch filee
$ ls -l filee
-r---w-rw- 1 justin dba 0 Nov 20 14:22 filee

$ mkdir dire
$ ls -ld dire
dr---w-rw- 2 justin dba 256 Nov 20 14:22 dire
$

AIX Basic System Administration 604

AIX Security
$ id
uid=203(justin) gid=204(dba) groups=1(staff)

$ umask
0351

 Go to the user justin2’s window and check the umask. Notice how it
is the default Unix umask value, 022. That is because the umask
setting is per user shell session:

$ id
uid=204(justin2) gid=1(staff)

$ umask
022
$ touch filee
$ ls -l filee
-rw-r--r-- 1 justin2 staff 0 Nov 20 14:28 filee

$ mkdir dire
$ ls -ld dire
drwxr-xr-x 2 justin2 staff 256 Nov 20 14:28 dire
$

AIX Basic System Administration 605

AIX Security
 Remain in the user justin2’s window. Let’s discuss the umask number:

$ umask
022
$

The umask command works with numbers just as the chmod command does, as
we have seen earlier, but the difference is the umask command actually
subtracts the numbers from 7 – Every permission set (rwx).

Default umask:

Owner: 7(rwx) – 0 = rwx

4(r)=on, w(2)=on, x(1)=on – x for directories only.

Group: 7(rwx) – 2 = 5
4(r)=on, w(2)=off, x(1)=on – x for directories only.

Other: 7(rwx) – 2 = 5
4(r)=on, w(2)=off, x(1)=on – x for directories only.

AIX Basic System Administration 606

 AIX Security
 Go back to the justin user’s window

$ id
uid=203(justin) gid=204(dba) groups=1(staff)

$ umask
0351
$

Owner: 7(rwx) – 3 = 4(r)

4(r)=on, w(2)=off, x(1)=off – x for directories only.

Group: 7(rwx) – 5 = 2(w)

4(r)=off, w(2)=on, x(1)=off – x for directories only.

Other: 7(rwx) – 1 = 6
4(r)=on, w(2)=on, x(1)=off – x for directories only.

AIX Basic System Administration 607

 AIX Security
$ umask
0351

$ ls -l filee
-r---w-rw- 1 justin dba 0 Nov 20 14:22 filee

$ ls -ld dire
dr---w-rw- 2 justin dba 256 Nov 20 14:22 dire
$

Directory? Read? Write? Execute? Read? Write? Execute? Read? Write? Execute?

4 0 0 0 2 0 4 2 0

Owner Group Other

Check your subtraction with addition:

U=4+0+0=4+3=7
G=0+2+0=2+5=7
O=4+2+0=6+1=7
AIX Basic System Administration 608
AIX Security
 One more example, set the umask to 552 – 7-5 = 2(w), 7-5 = 2(w),
7-2 = 5(rx):

$ umask 552

$ umask
0552

$ umask -S
u=w,g=w,o=rx

$ touch filef
$ ls -l filef
--w--w-r-- 1 justin dba 0 Nov 20 15:20 filef

$ mkdir dirf
$ ls -ld dirf
d-w--w-r-x 2 justin dba 256 Nov 20 15:20 dirf
$

The execute permission is never set for a file by default, and it is set
for a directory.

AIX Basic System Administration 609

 AIX Software Management

AIX Basic System Administration 610

Software Management
 AIX delivers operating system fixes, and new features and hardware support in software packages
known as patches.

 An AIX Technology Level, formally known as Maintenance Levels, provide support for new features
and hardware. They are released twice a year, and are supported for two years by IBM. Technology
Levels are cumulative, and also contain past Service packs.

 An AIX Service Pack provides fixes to AIX operating system problems. It is used to address problems
between Technology Levels. Service packs are cumulative.

 APARs – Authorized Program Analysis Report. Is a report of an operating system problem either
discovered by customers in the field, or by IBM development themselves. APARs are wrapped up in
Service packs, which are wrapped up in Technology Levels, which are ultimately wrapped in up newer
AIX versions, and levels.

 PTFs = Program Temporary Fixes are what you download between service packs to fix known
problems with the operating system which may affect a large number of customers – i.e. problem is
with base code of AIX.

 e-Fixes, are usually developed by IBM for a particular customer. They usually don’t address common
problems. If they do, they are usually emergency fixes which can’t wait for service packs, like security
advisories, etc..

 The AIX instfix command is used to install APARs, fixes, in AIX.

 The AIX installp command is used to install IBM, and IBM supported software format, LPP, in AIX.

AIX Basic System Administration 611

Software Management
 These AIX operating system fixes can be obtained from the IBM AIX
Fix Central web site, and you can use either FTP, or a Java applet
to download them.

AIX Basic System Administration 612

Software Management
 Software which is distributed in LPP format – Licensed Program Product, are installed
with the installp command, or smitty installp fast path.

 Goto a directory where I have staged some software, for this class. It’s in a standard
location for staging software on AIX systems at /usr/sys/inst.images

# cd /usr/sys/inst.images
# smitty installp

AIX Basic System Administration 613

Software Management
Type in a . , dot, here. This will represent the current directory you
were in when you started smitty. Typically the software would be on
removable software such as a cd. In that case you would type in
cd0.

AIX Basic System Administration 614

Software Management
 Press <F4> over the SOFTWARE to install field, to generate a pick
list of software, LPPs, on the installation media, this case the
directory available to be installed. Move down to a software package
we want to install. This one is called tivoli.tsm.devices.aix5.rte. The
+ sign next to the fileset indicates it is not installed, a @ sign next to
the fileset would indicate that it is installed. Press <F7> when you
have the fileset highlighted you want to install.

AIX Basic System Administration 615

Software Management
 You should select a Preview first. This won’t actually install the
software. This will go through a non-intrusive test run to test if there
are any problems, such as missing pre-reqs, etc..

AIX Basic System Administration 616

Software Management
 Don’t forget the accept the license agreement.

AIX Basic System Administration 617

Software Management

 Once the preview goes through ok, then press <F3> to move back
to the previous smit menu.

AIX Basic System Administration 618

Software Management
 Now, change the preview to no, and hit enter again to install the
software for real this time.

AIX Basic System Administration 619

Software Management
 When it’s done installing hit <F10> to exit smitty, and then let’s verify
the software is now installed on the system with an lslpp command.

AIX Basic System Administration 620

Software Management
# installp -C

installp: No filesets were found in the Software Vital

Product Database that could be cleaned up.

# lppchk -v
# lslpp -l tivoli.tsm.devices.aix5.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
tivoli.tsm.devices.aix5.rte
5.3.0.0 COMMITTED IBM Tivoli Storage Manager
Device Support runtime

Path: /etc/objrepos
tivoli.tsm.devices.aix5.rte
5.3.0.0 COMMITTED IBM Tivoli Storage Manager
Device Support runtime
#

AIX Basic System Administration 621

Software Management

 If you wanted to learn the date, and time a fileset was installed, use
the –h option to the lslpp command.
# date
Sat Sep 12 16:32:22 CDT 2009

# lslpp -h tivoli.tsm.devices.aix5.rte
Fileset Level Action Status Date Time
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
tivoli.tsm.devices.aix5.rte
5.3.0.0 COMMIT COMPLETE 09/12/09 16:29:58

Path: /etc/objrepos
tivoli.tsm.devices.aix5.rte
5.3.0.0 COMMIT COMPLETE 09/12/09 16:29:59
#

AIX Basic System Administration 622

Software Management

 All filesets have levels referred to as V.R.M.L…

Version Release Modification Level.

If we wanted to upgrade that tivoli.tsm.devices.aix5.rte level from

5.3.0.0, which is it’s base to 5.3.3.2.. We could install with an APPLY
option. What this option will do is it will install the new level, 5.3.3.2,
but save a copy of the old level 5.3.0.0. This will give the users,
some time to test and verify that the upgrade did not break anything.
Once they confirm them you can COMMIT the upgrade.

Note, if there was a problem with the upgrade and you have to go back
to the base, then you would perform a REJECT of the 5.3.3.2 level,
to revert back to the 5.3.0.0 base level.

Note, once a level is COMMITTED it cannot be REJECTED.

AIX Basic System Administration 623

Software Management
 To deinstall software from the system. Go back into smitty with the
install fastpath like so.
# smitty install

AIX Basic System Administration 624

Software Management

AIX Basic System Administration 625

Software Management
 Hit <F4> to generate a pick list of filesets which are currently
installed on the system, which you could select to de-install.

AIX Basic System Administration 626

Software Management
 Use the / key to bring up a search box. Type in tivoli.tsm.devices as
our search string.

AIX Basic System Administration 627

Software Management
 Press <F7> to select it for de-installation.

AIX Basic System Administration 628

Software Management
 You could also do a preview only for the deinstall just as you could
for the install. Change that to no for this lab. Also select REMOVE
dependent software was well.

AIX Basic System Administration 629

Software Management

 Press <ENTER> to deinstall the software.

AIX Basic System Administration 630

Software Management

Now, an lslpp command will verify that the fileset has been deinstalled.

# installp -C

installp: No filesets were found in the Software Vital

Product Database that could be cleaned up.
# lppchk -v

# lslpp -l tivoli.tsm.devices.aix5.rte
lslpp: Fileset tivoli.tsm.devices.aix5.rte not installed.
#

AIX Basic System Administration 631

 AIX System Performance Tuning

AIX Basic System Administration 632

AIX System Performance Tuning
 By AIX BOS installation default AIX is tuned for a mixed workload.

 There are six major subsystems in AIX when it comes to performance:

1. Disk I/O
2. Memory – Virtual memory
3. RAS – Reliability, Availability, Serviceability.
4. Networking
5. NFS
6. Processor/CPU

AIX Basic System Administration 633

AIX System Performance Tuning
 There are a number of commands and monitoring tools available in AIX for
performance monitoring and tuning.

- vmstat = Performance counter command presenting an overall view of system

performance from a CPU and memory perspective. Basic statistics:
# vmstat 1 3

System configuration: lcpu=2 mem=1024MB ent=0.10

kthr memory page faults cpu

----- ----------- ------------------------ ------------ -----------------------
r b avm fre re pi po fr sr cy in sy cs us sy id wa pc ec
3 0 168460 41719 0 0 0 0 0 0 2 303 400 2 5 94 0 0.01 9.9
3 0 168460 41719 0 0 0 0 0 0 1 166 382 0 3 96 0 0.01 6.6
3 0 168460 41719 0 0 0 0 0 0 2 179 386 1 3 97 0 0.01 6.1
#

AIX Basic System Administration 634

AIX System Performance Tuning
 The Sar, System Activity Report, is a tool which concentrates on
CPU/processor statistics:

# sar 1 3

AIX gvicaixnim01 1 6 000292D2D700 12/03/10

System configuration: lcpu=2 ent=0.10 mode=Uncapped

10:46:26 %usr %sys %wio %idle physc %entc

10:46:27 1 5 0 94 0.01 9.6
10:46:28 1 3 0 96 0.01 6.4
10:46:29 2 4 0 94 0.01 8.7

Average 1 4 0 95 0.01 8.2

#

AIX Basic System Administration 635

AIX System Performance Tuning
 For networking:

# netstat 1
input (en0) output input (Total) output
packets errs packets errs colls packets errs packets errs colls
3382 0 1635 0 0 4782 0 3035 0 0
2 0 1 0 0 2 0 1 0 0
1 0 1 0 0 1 0 1 0 0
2 0 2 0 0 2 0 2 0 0
^C#

Control+C to stop the counter.

AIX Basic System Administration 636

AIX System Performance Tuning

 Memory usage statistics:

# svmon
size inuse free pin virtual mmode
memory 262144 220832 41312 65822 168666 Ded
pg space 131072 1325

work pers clnt other

pin 55231 0 0 10591
in use 168666 0 52166

PageSize PoolSize inuse pgsp pin virtual

s 4 KB - 143984 1325 22638 91818
m 64 KB - 4803 0 2699 4803
#

AIX Basic System Administration 637

AIX System Performance Tuning
 There is a program called Topas, which is a good overall performance tool:

# topas

AIX Basic System Administration 638

AIX System Performance Tuning
 The NMON tool is also a performance tool which comes with AIX.
# nmon

AIX Basic System Administration 639

AIX System Performance Tuning

 ?

AIX Basic System Administration 640

AIX System Performance Tuning
 Type p for realtime LPAR CPU stats:

AIX Basic System Administration 641

AIX System Performance Tuning
 To view standard performance tuning parameters for the system’s memory
subsystem:
# vmo -a
ame_cpus_per_pool = n/a
ame_maxfree_mem = n/a
ame_min_ucpool_size = n/a
ame_minfree_mem = n/a
ams_loan_policy = n/a
enhanced_affinity_affin_time = 1
enhanced_affinity_vmpool_limit = 10
force_relalias_lite = 0
kernel_heap_psize = 65536
lgpg_regions = 0
lgpg_size = 0
low_ps_handling = 1
maxfree = 1088
maxperm = 214920
maxpin = 211843
maxpin% = 80
memory_frames = 262144
memplace_data = 2
memplace_mapped_file = 2
memplace_shm_anonymous = 2
memplace_shm_named = 2
memplace_stack = 2
memplace_text = 2
memplace_unmapped_file =

AIX Basic System Administration 642

AIX System Performance Tuning
 To view standard performance tuning parameters for the system’s disk – I/O
subsystem:

# ioo -a
aio_active = 0
aio_maxreqs = 65536
aio_maxservers = 30
aio_minservers = 3
aio_server_inactivity = 300
j2_atimeUpdateSymlink = 0
j2_dynamicBufferPreallocation = 16
j2_inodeCacheSize = 400
j2_maxPageReadAhead = 128
j2_maxRandomWrite = 0
j2_metadataCacheSize = 400
j2_minPageReadAhead = 2
j2_nPagesPerWriteBehindCluster = 32
j2_nRandomCluster = 0
j2_syncPageCount = 0
j2_syncPageLimit = 16
lvm_bufcnt = 9
maxpgahead = 8
maxrandwrt = 0
numclust = 1
numfsbufs = 196
pd_npages = 65536
posix_aio_active = 0
…

AIX Basic System Administration 643

AIX System Performance Tuning
 To view standard performance tuning parameters for the system’s CPU/processor
subsystem:

# schedo -a
affinity_lim = 7
big_tick_size = 1
ded_cpu_donate_thresh = 80
fixed_pri_global = 0
force_grq = 0
maxspin = 16384
pacefork = 10
proc_disk_stats = 1
sched_D = 16
sched_R = 16
tb_balance_S0 = 2
tb_balance_S1 = 2
tb_threshold = 100
timeslice = 1
vpm_fold_policy = 1
vpm_xvcpus = 0
#

AIX Basic System Administration 644

AIX System Performance Tuning
 To view standard performance tuning parameters for the system’s networking
subsystem:

# no -a
arpqsize = 12
arpt_killc = 20
arptab_bsiz = 7
arptab_nb = 149
bcastping = 0
clean_partial_conns = 0
delayack = 0
delayackports = {}
dgd_packets_lost = 3
dgd_ping_time = 5
dgd_retry_time = 5
directed_broadcast = 0
fasttimo = 200
icmp6_errmsg_rate = 10
icmpaddressmask = 0
ie5_old_multicast_mapping = 0
ifsize = 256
igmpv2_deliver = 0
ip6_defttl = 64
ip6_prune = 1
ip6forwarding = 0
ip6srcrouteforward = 1

AIX Basic System Administration 645

AIX System Performance Tuning
 To view standard performance tuning parameters for the system’s NFS, Network
File System subsystem:

# nfso -a
client_delegation = 1
nfs_max_read_size = 65536
nfs_max_write_size = 65536
nfs_rfc1323 = 1
nfs_securenfs_authtimeout = 0
nfs_server_base_priority = 0
nfs_server_clread = 1
nfs_use_reserved_ports = 0
nfs_v3_server_readdirplus = 1
nfs_v4_fail_over_timeout = 0
portcheck = 0
server_delegation = 1
utf8_validation = 1
#

AIX Basic System Administration 646

AIX System Performance Tuning
 To view standard performance tuning parameters for the system’s RAS,
Reliability Availability and Service:

# raso -a
biostat = 0
kern_heap_noexec = 0
kernel_noexec = 1
mbuf_heap_noexec = 0
mtrc_commonbufsize = 547
mtrc_enabled = 1
mtrc_rarebufsize = 27
tprof_cyc_mult = 1
tprof_evt_mult = 1
tprof_evt_system = 1
tprof_inst_threshold = 1000
#

AIX Basic System Administration 647

AIX System Performance Tuning
 Change the VMO parameter maxfree:
# vmo -o maxfree
maxfree = 1088
# vmo -o maxfree=2000
Setting maxfree to 2000
# vmo -o maxfree
maxfree = 2000
#

Now reboot the system:

# shutdown -Fr

SHUTDOWN PROGRAM
Sat Sep 5 17:07:48 EDT 2009
Wait for 'Rebooting...' before stopping.
Error logging stopped...
Advanced Accounting has stopped...
Process accounting stopped...
Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-004 The Subsystem or Group, gssd, is currently inoperative.
0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.

AIX Basic System Administration 648

 AIX System Performance Tuning
When the system comes back up after reboot check that parameter:
# uptime
10:07AM up 1 min, 1 user, load average: 1.24, 0.29, 0.10
# vmo -o maxfree
maxfree = 1088
#

Notice how it reverted back to it’s default value 1088, rather than keep the modified
value of 2000 persistent.
Change it again:

# vmo -o maxfree=2000
Setting maxfree to 2000

# vmo -L maxfree
NAME CUR DEF BOOT MIN MAX UNIT TYPE
DEPENDENCIES
--------------------------------------------------------------------------------
maxfree 2000 1088 1088 16 209715 4KB pages D
minfree
memory_frames
--------------------------------------------------------------------------------
#

Look at the BOOT value, we much change that to 2000.

AIX Basic System Administration 649
AIX System Performance Tuning
 To change this parameter so it is persistent across all subsequent system
reboots, you use the -p option when setting it:

# vmo -po maxfree=2000

Setting maxfree to 2000 in nextboot file
Setting maxfree to 2000
# vmo -L maxfree
NAME CUR DEF BOOT MIN MAX UNIT TYPE
DEPENDENCIES
--------------------------------------------------------------------------------
maxfree 2000 1088 2000 16 209715 4KB pages D
minfree
memory_frames
--------------------------------------------------------------------------------
#

As you can see it says it appended this value to the nextboot file. The file it is
referring to is a file in the directory /etc/tunables. There are three configuration
files in that directory which allow you to set these performance parameters to
non-default values upon all subsequent system reboots.

AIX Basic System Administration 650

AIX System Performance Tuning

 Performance parameters configuration files:

# cd /etc/tunables
# pwd
/etc/tunables
# ls -l
total 56
-rw-rw-r-- 1 root system 18950 Dec 03 10:06 lastboot
-rw-r--r-- 1 root system 433 Dec 03 10:06 lastboot.log
-rw-r--r-- 1 root system 437 Dec 03 10:10 nextboot
#

# tail nextboot
# COPYRIGHT International Business Machines Corp. 2002
# All Rights Reserved
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
# IBM_PROLOG_END_TAG

vmo:
maxfree = "2000"

AIX Basic System Administration 651

AIX System Performance Tuning
 Reboot the system again:

# shutdown -Fr

SHUTDOWN PROGRAM
Sat Sep 5 17:07:48 EDT 2009
Wait for 'Rebooting...' before stopping.
Error logging stopped...
Advanced Accounting has stopped...
Process accounting stopped...
Stopping NFS/NIS Daemons
0513-004 The Subsystem or Group, nfsd, is currently inoperative.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-004 The Subsystem or Group, gssd, is currently inoperative.
0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.

AIX Basic System Administration 652

AIX System Performance Tuning
 After the system comes back up from it’s reboot you will see the performance
parameter has remained:

# uptime
10:16AM up 1 min, 1 user, load average: 1.47, 0.35, 0.12

# vmo -o maxfree
maxfree = 2000

# cd /etc/tunables
# pwd
/etc/tunables

# ls -l
total 56
-rw-rw-r-- 1 root system 18919 Dec 03 10:15 lastboot
-rw-r--r-- 1 root system 457 Dec 03 10:15 lastboot.log
-rw-r--r-- 1 root system 437 Dec 03 10:10 nextboot
#

- The lastboot file provides a backup of how your tuning performance parameters
looked prior to your change.

- The lastboot.log file provides a log of what was changed from a performance tuning
parameter perspective during last system reboot.
AIX Basic System Administration 653
AIX System Performance Tuning
 There are other performance parameters known as restricted tunables, they
should only be tuned under the instruction of IBM AIX technical support.

# vmo -aF
ame_cpus_per_pool = n/a
ame_maxfree_mem = n/a
ame_min_ucpool_size = n/a
ame_minfree_mem = n/a
ams_loan_policy = n/a
enhanced_affinity_affin_time = 1
enhanced_affinity_vmpool_limit = 10
force_relalias_lite = 0
kernel_heap_psize = 65536
lgpg_regions = 0
lgpg_size = 0
….

##Restricted tunables
ame_sys_memview = n/a
cpu_scale_memp = 8
data_stagger_interval = 161
defps = 1
enhanced_affinity_attach_limit = 100
enhanced_affinity_balance = 100
enhanced_affinity_private = 40
enhanced_memory_affinity = 0
esid_allocator = 0
…

AIX Basic System Administration 654

AIX System Performance Tuning
# ioo -aF
aio_active = 0
aio_maxreqs = 65536
aio_maxservers = 30
aio_minservers = 3
aio_server_inactivity = 300
j2_atimeUpdateSymlink = 0
j2_dynamicBufferPreallocation = 16
j2_inodeCacheSize = 400
j2_maxPageReadAhead = 128
j2_maxRandomWrite = 0

##Restricted tunables
aio_fastpath = 1
aio_fsfastpath = 1
aio_kprocprio = 39
aio_multitidsusp = 1
aio_sample_rate = 5
aio_samples_per_cycle = 6
j2_maxUsableMaxTransfer = 512
j2_nBufferPerPagerDevice = 512
…

AIX Basic System Administration 655

AIX System Performance Tuning

# schedo -aF
affinity_lim = 7
big_tick_size = 1
ded_cpu_donate_thresh = 80
fixed_pri_global = 0
force_grq = 0
maxspin = 16384
pacefork = 10
proc_disk_stats = 1
sched_D = 16
sched_R = 16
tb_balance_S0 = 2
tb_balance_S1 = 2
tb_threshold = 100
timeslice = 1
vpm_fold_policy = 1
vpm_xvcpus = 0
##Restricted tunables
%usDelta = 100
allowMCMmigrate = 0
clk_transition = 12
fast_locks = n/a
hotlocks_enable = 0
idle_migration_barrier = 4
intr_stealing = 0
…

AIX Basic System Administration 656

AIX System Performance Tuning
# no -aF
arpqsize = 12
arpt_killc = 20
arptab_bsiz = 7
arptab_nb = 149
bcastping = 0
clean_partial_conns = 0
delayack = 0
delayackports = {}
dgd_packets_lost = 3
dgd_ping_time = 5
dgd_retry_time = 5
…

##Restricted tunables
extendednetstats = 0
inet_stack_size = 16
net_malloc_police = 16384
netm_affinity = 0
pseintrstack = 24576
use_isno = 1
…

AIX Basic System Administration 657

AIX System Performance Tuning

# raso -aF
biostat = 0
kern_heap_noexec = 0
kernel_noexec = 1
mbuf_heap_noexec = 0
mtrc_commonbufsize = 547
mtrc_enabled = 1
mtrc_rarebufsize = 27
tprof_cyc_mult = 1
tprof_evt_mult = 1
tprof_evt_system = 1
tprof_inst_threshold = 1000
##Restricted tunables
recovery_action = 1
recovery_average_threshold = 5
recovery_debugger = 0
recovery_framework = 0
#

AIX Basic System Administration 658

AIX System Performance Tuning
# nfso -aF
client_delegation = 1
nfs_max_read_size = 65536
nfs_max_write_size = 65536
nfs_rfc1323 = 1
nfs_securenfs_authtimeout = 0
nfs_server_base_priority = 0
nfs_server_clread = 1
nfs_use_reserved_ports = 0
nfs_v3_server_readdirplus = 1
nfs_v4_fail_over_timeout = 0
portcheck = 0
server_delegation = 1
utf8_validation = 1
##Restricted tunables
lockd_debug_level = 0
nfs_allow_all_signals = 0
nfs_auto_rbr_trigger = 0
nfs_dynamic_retrans = 1
nfs_gather_threshold = 4096
nfs_iopace_pages = 0
nfs_max_threads = 3891
nfs_repeat_messages = 0

AIX Basic System Administration 659

AIX System Performance Tuning
 You can modify system performance tuning parameters via the Smit interface as
well as command line.

# smitty tuning

AIX Basic System Administration 660

AIX System Performance Tuning

AIX Basic System Administration 661

AIX System Performance Tuning

<F10>
AIX Basic System Administration 662
AIX System Performance Tuning
 To get to the smit interface of the restricted tunable parameters:

# smitty tuningDev

AIX Basic System Administration 663

AIX System Performance Tuning

AIX Basic System Administration 664

AIX System Performance Tuning

AIX Basic System Administration 665

 AIX System Backup and Recovery

AIX Basic System Administration 666

Backup of System - mksysb

 mksysb, MaKe SYStem Backup – Utility provided by AIX to backup and

restore the operating system
 Based on backup/restore utility
 Writes to tape or writable cdrom
 Provides a bootable system image
 Does not backup other, non-rootvg, volume groups
Savevg and restvg must be run on other non-rootvg volume groups
 Has the ability to perform incremental level backups.
 Has the ability to perform advanced tape writing methods.
 Has the ability to backup and restore raw logical volumes.

AIX Basic System Administration 667

Sysback – alternate method

 Sysback is a separate purchased product

 Provides all functionality of mksysb plus
Can backup alternate volume groups (Non-rootvg volume groups).
Can backup to a remote tape drive
Can modify and redirect restore to alternate disks or locations
Provides a template of volume groups so that data can be restored from another
source ( TSM )
Provides a user interface to restore individual files from a backup

AIX Basic System Administration 668

Tivoli Storage Manager

 Enterprise Backup Software – Server/Client network software

architecture.
 Mixed platform/heterogenous environments.
 Executes incremental forever backups – (No more full backups).
 Treats all files as data, doesn’t understand how to recreate
filesystems, volume groups…

AIX Basic System Administration 669

 IBM POWER System LPARs

AIX Basic System Administration 670

IBM System LPARs
 LPAR – Logical Partition

 First introduced on IBM’s mainframe system platform years ago – MVS.

 Hardware virtualization

 Each LPAR is its own copy/image of an operating system.

 IBM POWER systems support LPARs, and each can support the following
operating systems on the same physical IBM POWER system:

- IBM AIX 5.1 and above.

- IBM i – (Previously known as OS/400)
- Linux – (Redhat, and Novell Suse distributions)

- Resources such as PCI adapters, CPUs and memory are allocated on a per
LPAR basis.

AIX Basic System Administration 671

IBM System LPARs
 Each LPAR is independent of one another in just about every way.

 LPARs can be rebooted, deactivated, and activated independently

of one another.

 Each LPAR can have it’s own date and time.

 An operating system error, or system crash occurring on one LPAR

will not affect other LPARs on the same system.

 Every LPAR on the system will have the same serial number,
because it is the same physical system.

 Every LPAR’s hdisk PVID, Physical Volume IDentifier, in AIX will

have similar IDs, due to the fact that they all share the same
physical system – serial number.

AIX Basic System Administration 672

AIX System LPARS
 There is a special firmware component of POWER systems, all models, known
as the Power Hypervisor – PHYP.

 The Power Hypervisor controls virtualization on a POWER system. It is always

activated and handles the separation of the different LPARs, as far as resource
assignments, etc. It also ensures that one LPAR’s operating system does not
interfere with the operating system of another LPAR, etc.

 When a system first ships from IBM, by default, it’s a standalone system. The
Power Hypervisor is active and there is only one LPAR which is named after
the serial number of the system itself, and that LPAR owns every resource on
the system, i.e. memory, CPUs, and I/O slots. This is known as a full system
partition.

 You can allocate processors/CPUs as a dedicated processor, or a shared

processor. Note, you need at least the PowerVM express edition to take
advantage of microprocessors. *

AIX Basic System Administration 673

IBM System LPARs

AIX Basic System Administration 674

HMC – Hardware Management Console
 HMC – Hardware Management Console

 An appliance rack mounted, or desktop xSeries PC, running a

locked down version of the Linux operating system, and a
proprietary Java based application known as the Hardware
Management Console. These are pre-loaded by IBM factory default.

 POWER Systems require an HMC in order to create, and manage

LPARs. *

 When a POWER system does not have an HMC attached to it, that
system is known as a standalone system.

 When a POWER system has an HMC attached to it, that system is

known as a managed system.

* There are exceptions to this statement. Please refer to the IVM – Integrated Virtualization Manager section for details.

AIX Basic System Administration 675

HMC – Hardware Management Console
 The HMC connects to the managed system via Flexible Service
Processors – (FSP). These are special processors which have a locked
down, and stripped version of the Linux operating system running on them.
The service processor is always running, and is the control point to the
firmware/mircrocode of the managed system itself.

 The HMC connects to the managed system via an integrated/on-board port

labeled – HMC1.

 You can connect two HMCs to one managed system for redundancy, by
connecting the second HMC to the second integrated/on-board port
labeled – HMC2.

 The HMC has an https, secure, user web interface.

 The HMC can connect to the managed system via a private, or public
network connection.

AIX Basic System Administration 676

HMC – Hardware Management Console
 You can have a maximum of 254 LPARs on one managed system – 795.

 An HMC can manage a mixture of POWER7 managed systems – 710’s, 750’s,

a 770.

 The mixture of different POWER# managed systems on one HMC is dependent

on the HMC software version you are running.

 An HMC can manage a maximum of 48 managed systems.

 An HMC can only have a maximum of 32 795 managed systems.

 The latest version of the HMC is 7.7.X as of: December 2010.

 You upgrade the managed system’s firmware/microcode via the HMC.

AIX Basic System Administration 677

HMC to managed system connections
1. HMC private network connection to managed system

AIX Basic System Administration 678

HMC to managed system connections
2. HMC public network connection to managed system

AIX Basic System Administration 679

HMC to managed system connections
3. Redundant HMC private network connection to managed system

AIX Basic System Administration 680

HMC to managed system connections
4. Redundant HMC public network connection to managed system

AIX Basic System Administration 681

HMC to managed system connections

AIX Basic System Administration 682

HMC – Hardware Management Console

 There are currently two HMC models which are shipped with IBM
POWER systems, when ordered. A deskside, and rack mountable
system:

- 7042-C06 desk side HMC

- 7042-CR4 rack mountable HMC

AIX Basic System Administration 683

HMC – Hardware Management Console
 There are other models with varying resources in them. Note the CR models
are the rack models, and the C0 models are the desk side models

7042-CR4
7042-CR5
7042-CR6
7042-C06
7042-C07
7042-C08

AIX Basic System Administration 684

HMC – Hardware Management Console
- 7042-C06 desk side HMC model:

AIX Basic System Administration 685

HMC – Hardware Management Console

- 7042-CR4 rack mountable HMC model:

AIX Basic System Administration 686

HMC – Hardware Management Console
 To access the HMC web interface. Access the following URL from your web
browser: https://IP_ADDRESS_OR_RESOLVED_HOSTNAME_OF_HMC

 The IBM factory default login credentials of the HMC are as follows:

Login: hscroot
Password: abc1234

 There is very, very limited root access to the Linux operating system on the
HMC. IBM technical support will have to assist you in gaining “real” Linux root
access, if needed.

AIX Basic System Administration 687

HMC – Hardware Management Console

AIX Basic System Administration 688

IBM Power System LPARs
Managed system view

AIX Basic System Administration 689

IBM Power System LPARs
LPAR view

AIX Basic System Administration 690

 IBM POWER Power/VM Virtualization
(APV – Advanced Power Virtualization)

AIX Basic System Administration 691

IBM PowerVM

 IBM PowerVM – Licensed software/firmware feature which enables IBM

virtualization technology on IBM POWER systems.

 IBM PowerVM was formerly known as APV – Advanced Power Virtualization.

 IBM PowerVM is available in three editions:

- IBM PowerVM Express Edition

- IBM PowerVM Standard Edition
- IBM PowerVM Enterprise Edition

Each edition offers specific limitations, or additional features, as relative to one another.

AIX Basic System Administration 692

IBM PowerVM
 Microprocessors, a.k.a. shared processors, allow you to carve up the
processor/CPU itself into time slices, and assign those time slices to LPARs,
whether than whole dedicated processors/CPUs. Even though you are only
carving up a fraction of the processor/CPU for an LPAR. The LPAR sees it as a
whole processor.

 You can carve up a processor/CPU in granuler units of 1/10th of the

processor/CPU – so one millisecond – (1/10th out of one time sice 10
milliseconds).

 After you staisfy at least the minimum 1/10th processor/CPU requirement for an
LPAR, you can then go even more granular in processor/CPU slicing, and carve
it up in 1/100th units.

 You can have a mixture of dedicated, and shared processors/CPU LPARs on

one managed system.

AIX Basic System Administration 693

License is required for PowerVM

AIX Basic System Administration 694

IVM - Integrated Virtualization Manager

 IVM – Integrated Virtualization Manager

 Alternative to the HMC, Hardware Management Console, appliance for low-end

systems, which still want to utilize LPARs, and other virtualization capabilities.

 Lower end systems must purchase at least the PowerVM Express Edition to
utilize the IVM.

 The IVM is only supported on POWER systems – 710 thru 750.

 The IVM is not supported on POWER systems – 770, 780, and 795. They must
have an HMC for LPARs.

 The IVM is supported on PSXXX blade servers.

 The IVM uses an interface similar to the HMC.

AIX Basic System Administration 695

IVM – Integrated Virtualization Manager

AIX Basic System Administration 696

Instructor Presentation on laptop

AIX Basic System Administration 697

 IBM POWERHA – AIX System Clustering
(HACMP) – Whiteboard discussion

AIX Basic System Administration 698

GLVM – Geographic Logical Volume Manager -
Whiteboard discussion

AIX Basic System Administration 699

 GPFS – General Parallel File System - Whiteboard
discussion

AIX Basic System Administration 700

AIX Advanced Topics
 AIX RBAC, Role Based Access Control, system security.

 Workload Partitions – WPARs

 PowerHA – Formerly known as HACMP. AIX system clustering.

 Encrypted Filesystems.

 Web/GUI version of the operating system installation, and SMIT interface.

 Trusted AIX.

 Standard, and Enterprise Edition of AIX.

 AIX WLM – Work Load Manager

 AIX security auditing

 AIX resource accounting

 AIX Linux affinity.

 Performance tools.

 Unix shell scripting – programming.

AIX Basic System Administration 701

Where to Get More Information

 IBM Education:

1-800-IBM-TEACH

 IBM Redbooks:

http://www.redbooks.ibm.com

 IBM System P Websites:

http://www.ibm.com/systems/p

http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp

AIX Basic System Administration 702