HP UX Cheatsheet

HP UX Cheatsheet

Hardware Types:
9000 Series = PA-RISC based architecture
Integrity Series = Intel Itanium

Mounting CDROMs:
Get the device-file-name for the cd rom.
> ioscan -fnC disk
Use this device-file-name to mount the cd.
> mount device-file-name /mnt/local

Partitioning (Virtualization)
Creating Node Partitions (nPars) – hardware partitioning
1) Create Genesis Partition – go to MP -> CM -> CC and choose option G
2) Choose Cell that has IO board and core I/O card
3) Once created, type BO to boot the nPar and insert the HP DVD to start the
install
4) After installation, check with the: parstatus command
parstatus –w
parstatus –Vp0
Now you must create the nPar:
1) Check for an available cell board with: parstatus –AC
2) Find an available I/O chassis with: parstatus –AI
3) parcreate –P test_npar –c1::: ###Create the test_npar
4) Define the boot and alt boot disk with: parmodify –p1 –b 1/0/0/2/0.6.0 –t
1/0/0/3/0.6.0
5) parstatus –Vp1 and parstatus –P ###Check partition status
To add a cell to an nPar do: parmodify –p1 –a2::y: -B
shutdown –Ry now
parstatus –P
To remove an nPar: parremove –Fp1
shutdown –Ry now
Note: they can also be managed through SMH

Creating Virtual Partitions (vPars) – software partitioning

1) You must have the following installed: swlist | grep T1335CC
2) vparcreate –p test_vpar0 –a cpu::2 –a cpu:::1:2 –a cpu:41 –a mem::8192 –a
io:1/0/0/2 –a io:1/0/0/3 –a io:1/0/0/2/0.6.0:BOOT –B search –B auto ### creates 1
bound and unbound CPU processor for the vpar with 8GB of memory and searches for
bootable devices
3) Load vpmon on each reboot: (9000 series) mkboot –a “hpux/stand/vpmon
–a“/dev/rdsk/c0t6d0 (Integrity) mkboot –a “boot vpmon –a” /dev/rdsk/c0t6d0
4) Boot the vPar either from: a) cntrl-a and at MON>vparload –p
test_vpar0 b) ISL>hpux /stand/vpmon vparload –p test_vpar0
5) vparstatus;vparstatus –vp test_vpar0 ####Get status information
To add a bound CPU to vPar:
shutdown –hy now
vparmodify –p test_vpar0 –m cpu:::1:3 ###Increase max CPU limit
to 3
vparmodify –p test_vpar0 –a cpu:141 ###Adds new CPU path
vparboot –p test_vpar0
vparstatus –vp
To add an unbound:
vparmodify –p test_vpar0 –m cpu:::1:4
vparmodify –p test_vpar0 –a cpu::1
To delete bound CPU:
shutdown –hy now
vparmodify –p test_vpar0 –d cpu:141
vparboot –p test_vpar0
To delete unbound CPU:
vparmodify –p test_vpar0 –m cpu::2
vparmodify –p test_vpar0 –d cpu::1
To add an LBA to a vPar:
vparmodify –p test_vpar0 –a io:3.0.0.3
vparboot –p test_vpar0
vparstatus –vp
To remove an LBA from vPar:
vparmodify –p test_vpar0 –d io:3.0.0.3
vparboot –p test_vpar0
To add memory to vPar:
vparmodify –p test_vpar0 –a mem::4096
vparboot –p test_vpar0
To reset a vPar:
vparreset –p test_vpar0
To remove vPar:
vparremove –p test_vpar0
To reboot VPMON:
Sut down all vPars
Go to MON> and verify all are down
Power off server
Interact with BCH or EFI as needed
Execute BO from BCH
ISL>hpux /stand/vpmon
Press Cntrl-A and at MON> vparload –all

Console Access LOM Configuration

Console - RS232 port with a Null Modem connection
TO configure the REMOTE ILO:
1) CNTRL-B to access from the RS-232 console to ILO Prompt Main Menu and CO
takes you to the system console
2) Type CM -> from here you can type PC to power off/on the system if you need
to
3) Type LC to change the LAN config
4) If needed, type D to disable DHCP or the option beside the parameter you want
to change i.e. I for IP Address
5) When done, type XD -R to reset the ILO
Note: CL will access the console logs

Ethernet Interface Configuration

To check interfaces: lanscan OR nwmgr then ifconfig interface_name
Menu Driven Configuration (Smitty)
sam or smh Kind of like smitty AND you can see the commands it is
buildings with a tab to [preview] OR show SAM log

Initial Configuration Parameters

set_parms initial #can change paramters like date/time and
console/network - DOES INITIAL SETUP

Basic System Info and Healthchecking

top OR glance
vmstat OR vmstat -n Checks for page ins and outs
netstat -in
sar 5 5
df -k and df -b or bdf (shows disk usage and disk free)
tail /var/adm/syslog/syslog.log Like /var/adm/messages
/usr/sbin/swapinfo Gives Swap information
osinfo Gives OS versions and 64 bit/32 bit capability
machinfo Gives Machine serial number and such
model OR getconf Get machine model info
dmesg | grep -i phys Gives physical memory count
dmesg Displays kernel ring buffer messages

Device Scanning
ioscan Show devices and probe for new ones OR:
insf -e Scans for new hardware (devfsadm) - use with ioscan

Disks
ioscan -fnk -C disk Show Disks (without the k allows detection of new disks)
also diskinfo -v path_to_disk Gives disk size info

Conversion from major/minor number to CTD(S) format for LUNs:

0x1F170100 is major/minor number
1F = Disk Major Number that points to device driver (31 dec – block
device for sdisk)
17 = Bus Number (23 dec)
0 = SCSI target (0 dec)
1 = LUN number (1 dec)
00 = Slice/partition (00 dec)
All of this = c23t0d1

View Legacy Hardware Path ioscan -f

View Lunpath Hardware Path ioscan –fnNk | grep lunpath

ioscan –fnkCdisk Show SCSI disk DSF naming

ll /dev/dsk OR ll /dev/rdsk View Major and Minor disk numbers
lsdev | grep sdisk Show major numbers for
character/block device
ll /dev/disk OR ll /dev/rdisk Show Agile DSF’s

ioscan –fNnk Show disk devices in agile view

ioscan –m dsf Map legacy DSF to persistent DSF
ioscan –m hwpath Map lun hardware path, lunpath and
legacy path
ioscan –m lun Map lun hardware to lun path for all
storage
ioscan –B List deferred bindings

scsimgr get_info –H lunpath_hardware_path Show stats on particular LUN

scsimgr get_stat –D /dev/rdisk/disk22 Get stats on persistent lun path
scsimgr get_attr –D /dev/rdisk/disk22 –a wwid –a serial_number Get attributes
from disk (wwn, SN)

scsimgr lun_map –D /dev/rdisk/disk22 Display lunpaths of a LUN

/dev/disk/disk22

insf –e Create disk special files for all

new/existing devices

To create DSF using mknod:

cd /dev
mknod test c 64 0x010000 Make special file major number 64 and
minor 0x010000
ll test

lssf –s Show stale DSF’s for removed devices

lssf /dev/disk/disk22 Show disk characteristics
rmsf –H hardware_path Remove DSF for a hardware path

Users
/etc/skel Kind of like the default user .profile and .login and such
export PS1='$PWD $'
useradd, usermod, and userdel work much like they do in Solaris/Linux
groupadd, groupmod, groupdel, newgrp work much like they do in Solaris/Linux

usertat –u username Check lock status of a user

Creating templates to add multiple users:

smh -> Accounts for Users and Groups ->Templates

last Display user logons

lastb Display unsuccessful logons

ulimit –a Display process resource limits

ulimit –f 1 Set maximum file size for user to 1 KB

WEB MANAGEMENT URL: http://192.168.1.20:2301

/opt/hpsmh/lbin/hpsmh start Starts the Web Management Daemon
Logs can be viewed with /usr/sam/bin/samlog_viewer
smh –r Can restrict users to run smh

Extending Logical Volumes

Man extendfs (how to extend a logical volume with filesystem)
umount /dev/vg00/lvol1
lvextend -L larger_size /dev/vg00/lvol1
 extendfs -F hfs /dev/vg00/rlvol1
mount /dev/vg00/lvol1 mount_directory

EX:
# bdf
Filesystem kbytes used avail %used Mounted on
/dev/vg00/lvol3 1048576 163120 878576 16% /
/dev/vg00/lvol1 1835008 170688 1651416 9% /stand
/dev/vg00/lvol8 8912896 876648 7973504 10% /var
/dev/vg00/lvol7 5373952 2840728 2513512 53% /usr
/dev/vg00/lvol4 524288 21328 499040 4% /tmp
/dev/vg00/lvol6 8241152 4632080 3580912 56% /opt
/dev/vg00/lvol5 114688 5840 108000 5% /home
# lvextend -l 100 /dev/vg00/lvol6

Starting / Stopping Services

/sbin/init.d/ directory where services are - pass the service you want with a
start/stop
i.e. /sbin/init.d/sendmail start

NETWORKING FILES SOLARIS EQUIVALENT:

/etc/defaultrouter
/etc/rc.config.d/netconf
/etc/inet/netmasks
/etc/rc.config.d/netconf
/etc/hostname.hme0
/etc/rc.config.d/netconf

Shell Scripting
strings filename Prints out any text possible from binary file
set –o vi Enables command line editing
stty erase [bsp] Set tty backspace character
awk ‘{print $1 “ “}’ filename Print 1rst field of file with a tab after
set and env Print variables (set = user and env = environment)
WBEM
swinstall –s /var/tmp/WBEMSvcs_A.02.07_HP-UX_B.11.31_IA_PA.depot Install
WBEM
swverify WBEMServices WBEMSvcs Verify Install
cimserver;/sbin/init.d/cim_server start (stop) Start /
Stop WBEM
osinfo Check
WBEM

Software Maintenance
/usr/sbin/swagentd –k OR /sbin/init.d/swagentd start|stop
Start/Stop swagentd
swagentd –r Restart
swagentd
swlist Show
installed software
swlist –l product Display installed software products
swlist –l subproduct Display installed subproduct
swlist –l fileset Display all installed filesets
swlist –I Run swlist in GUI/TUI
swinstall Install software
swinstall –s /var/depot Install software in location with all
defaults
swinstall –s hp02:/var/depot Install software residing on remote
machine
swinstall –s /var/depot IGNITE Install ignite software without
graphical/text interface
swverify –v IGNITE Verify installed software
swremove Start software removal process
swremove IGNITE Removes ignite software

Software Depots
swopy –s /dvdrom IGNITE @ /var/depot Copy Ignite software from DVD to local
depot
swcopy –s /dvdrom ‘*’ @ / var/depot Copy all software from DVD to local
depot
swreg –l depot /var/depot Register a depot (-ul unregisters)
swlist –l depot List depot
swlist –l product –d @ /var/depot List depot contents
swverify –d \* @ /var/depot Verify software in /var/depot
swremove –d IGNITE @ /var/depot Remove IGNITE from software depot
swremove –d \* @ /var/depot Remove a software depot

Patches
swlist –l patch –x show_superceded_patches=true Show patches that are overrided
show_patches Show patch listing
swlist –l fileset –a patch_state *,c=patch Show patch state
swlist –l fileset –a category_tag *,c=patch Show patch category
swlist –l fileset –a ancestor *,c=patch Show the ancestry of a patch
swlist –l patch Show all patches

Install individual patch:

mkdir /var/depot/patches
mv hpux_11.31_04150209.tar /var/depot/patches
cd /var/depot/patches

tar –xvf hpux_11.31_04150209.tar

./create_depot_hpux.11.31
swinstall –s /depot/patches/depot
OR
mkdir /depot/patch_depot
mv hpux_800_11.31.depot /depot/patch_depot
cd /depot/patch_depot
swreg –l depot /depot/patch_depot/hpux_800_11.31.depot
swinstall –s /depot/patch_depot/hpux_800_11.31.depot

To install from DVD:

swreg –l depot /dvdrom
swinstall –s /dvdrom
Verifying Patches
swverify PHCO_36032 Verify individual patch
swverify BUNDLE Verify a bundle (cluster) patch
OR
check_patches

Roll back a patch

swremove PHCO_360250

Committing Patches
swmodify –x pathc_commit=true PHCO_36569 Commits the patch
cleanup –c 1 Commits superceded patches
and removes files
cleanup –d /depot/patch_depot Removes superceded patches
from a depot

Patch Assessment Tool – can be downloaded from http://itrc.hp.com via the swainv
script. Execute this on the system.
Checking against most current patches on internet -
/opt/sec_mgmt/spc/bin/security_patch_check –d –r
Or if you download and gunzip the security catalog from HP, run:
/opt/sec_mgmt/spc/bin/security_patch_check –d –c /tmp/security_catalog2

Software Assistant
Download and install with: swinstall –s /var/tmp/SwAssistant_C.01.04_HP-
UX_11iv2+v3_IA_PA.depot
swa report Works if you are connected to the Internet
If not connected to Internet:
Download the catalog file and: gunzip /tmp/swa_catalog.xml.gz
swa report –x catalog=/tmp/swa_catalog.xml
If it finds any identified patches run: swa get –t /var/depot

Logical Volume Management

lvdisplay /dev/vg00/lvol1 Display logical volume info
ioscan –fNnkCdisk Display available disks
setboot Shows bootable disks and which one is
boot disk
diskinfo –b /dev/rdisk/disk5 Show size of disk5

Creating physical volumes

mediainit /dev/rdisk/disk22
pvcreate –f /dev/rdisk/disk22
pvdisplay –v /dev/disk/disk22 #Show physical volume information

Creating Volume Groups

mkdir /dev/vg01
cd /dev/vg01
mknod group c 64 0x010000 #Creates group file as character with
major number64 and minor number 0x10000
vgcreate vg01 /dev/disk/disk22
vgdisplay –v vg01 #Show volume group characteristics

Create Logical Volumes

lvcreate vg01
vgdisplay –v vg01 #Show the volume groups/logical
volumes/physical volumes
OR:
lvcreate –L 3150 –n lvdata1 vg01 #Create 3150MB lvdata1 logical volume
in vg01
lvdisplay /dev/vg01/lvdata1 #Display logical volume
characteristics

Extending Logical Volumes

lvextend –L 1000 /dev/vg01/lvol1 Extends the logical volume by 1000MB
lvextend –l 250 /dev/vg01/lvol1 Extends the logical volume by 250
logical extents

Extending a Volume Group

pvcreate /dev/rdisk/disk23
vgextend vg01 /dev/disk/disk23
Changing the size of a Physical Volume (i.e. a SAN LUN)
vgmodify –v vg01 /dev/disk/disk23 ##Expands physical volume size

Reduce Logical Volume

lvreduce –L 500 /dev/vg01/lvol1 ##Reduces logical volume by 500MB

Remove Logical Volume

lvremove /dev/vg01/lvol1 ##Remove logical volume

Reduce Volume Group

vgreduce vg01 /dev/disk/disk23 ##Reduce a volume group

Backup/Restore Volume Group Config

ls -l /etc/lvmconf
vgcfgbackup vg01
vgcfgrestore –n vg01 /dev/rdisk/disk22

Rescan / Recover Lost Volume Groups

vgscan

vgdsf ###Convert Legacy DSF to persistent

Rename Volume Group

vgchange –a n vg01
vgexport –sv –m /tmp/vg01.map vg01
mkdir /dev/vg01ora
cd /dev/vg01ora
mknod group c 64 0x020000
vgimport –sv –m /tmp/vg01.map vg01ora

Remove a Volume Group

vgremove vg01ora

MIRRORING LVM
9000 (PA-RISC)
1. pvcreate –fB /dev/rdisk/disk5
2. vgextend vg00 /dev/disk/disk5
3. mkboot /dev/rdisk/disk5
4. mkboot –a “hpux –lq(;0)/stand/vmunix” /dev/rdisk/disk5
5. lvextend –m 1 /dev/vg00/lvol1 /dev/disk/disk5
6. lvextend –m 1 /dev/vg00/lvol2 /dev/disk/disk5 ….. all the way to lvol8
7. vgdisplay –v vg00
8. lvdisplay –v /dev/vg00/lvol1
9 lvlnboot –b /dev/vg00/lvol1
lvlnboot –r /dev/vg00/lvol3
lvlnboot –s /dev/vg00/lvol2
lvlnboot –d /dev/vg00/lvol2
lvlnboot –R
10. cat /stand/bootconf
11. lvdisplay /dev/vg00/lvol2
shutdown –ry now
12. ISL>hpux –lm
13. vgchange –a y –s vg00
14. lvchange –M n –c n /dev/vg00/lvol2
lvdisplay /dev/vg00/lvol2
15. reboot
16. setboot –a 0/0/4/0/0.0x0.0x0
lvlnboot –v
setboot
17. mkboot –a “hpux –lq(;0)/stand/vmunix” /dev/rdisk/disk2
lifcp /dev/rdisk/disk2:AUTO –

Integrity (Itanium)
1. vi /tmp/part_desc
3
EFI 500MB
HPUX 100%
HPSP 400MB
2. idisk –wf /tmp/part_desc/dev/rdisk/disk5
3. idisk /dev/rdisk/disk5
4. insf –e
 ls –l /dev/rdisk | grep disk5
ls –l /dev/disk | grep disk5
5. pvcreate –fB /dev/rdisk/disk5
6. mkboot –e –l /dev/rdisk/disk5
7. efi_cp –d /dev/rdisk/disk2_p1 –u /efi/hpux/auto /tmp/auto_file
efi_cp –d /dev/rdisk/disk5_p1 /tmp/auto_file/efi/hpux/auto
8. vgextend vg00 /dev/disk/disk5_p2
Now run through steps 5-11 on the 9000 instructions above
10. HPUX> boot –lm vmunix
11. Follow steps 12 – 16 in 9000 instructions above
12. vi /tmp/auto_file
efi_cp –d /dev/disk/disk2_p1 /tmp/auto_file /efi/hpux/auto
efi_cp –d /dev/disk/disk5_p1 /tmp/auto_file /efi/hpux/auto

Mirroring Non-Boot VG
1. pvcreate –f /dev/rdisk/disk23
2. vgextend vg01 /dev/disk/disk23
3. lvextend –m 1 /dev/vg01/lvol1/dev/disk/disk23
lvextend –m 1 /dev/vg01/lvol2 /dev/disk/disk23
4. Use vgdisplay and lvdisplay to see results

Strict allocation policy By default turned on when the logical volume is

created to make certain that a mirror of a logical volume is not occupying the same disk.
Can be turned off with –s n switch in lvcreate command.

Physcial Volume Groups (PVG) – created by creating the /etc/lvmpvg file:

VG /dev/vgweb
PVG PVG0
/dev/disk/disk10
/dev/disk/disk11
/dev/disk/disk12
PVG PVG1
/dev/disk/disk30
/dev/disk/disk31
/dev/disk/disk32
Then: vgdisplay –v vgweb
If at this point you: lvcreate –L 2000 –m 1 –s g vgweb ### -s g is Strict
Allocation to put data on different disks in different PVG’s

lvcreate –L 2000 –m 1 –D y –s g vgweb ####Round robin distributed allocation

(the –D y) of Physical Extents within the PVG that are then mirrored in the second PVG

Managing Mirrors
lvextend –L 4000 /dev/vgweb/lvol1 ####Extend mirrored LV to 4000 MB
lvreduce –L 1000 /dev/vgweb/lvol1 ####Reduce mirrored LV by 1000 MB
lvsplit /dev/vgweb/lvol1 ####Split mirror (detatch)
lvmerge /dev/vgweb/lvol1b /dev/vgweb/lvol1 ####Merge (attach) submirror
lvsync /dev/vgweb/lvol1 ####Sync a stale mirror
vgsync vgweb ####Sync all logical volumes in mirror

Filesystems
fstyp –l ####List supported filesystem types
newfs –F hfs /dev/vg01/rlvol1 ####Create HFS filesystem with
defaults
newfs –F vxfs /dev/vg01/rlvol2 ####Create JFS filesystem with defaults
newfs –F hfs –o largefiles –m 15 /dev/vg01/rvol1 ###Create filessytem with largefiles
and maintain 15% minimum free space
NOTE: there are specific versions of newfs in /sbin/fs/(hfs/vxfs)/ that can create new
filesystems

Mount a filesystem
mkdir /data1
mount –F hfs /dev/vg01/lvol1 /data1
mkdir /data2
mount –F vxfs /dev/vg01/lvol2 /data2
cat /etc/mnttab

bdf OR bdf -i ####Kind of like df –k – views mounted filesystems

bdf –t hfs ####Specify filsystem type utilization
quot /var ####Gives user fielsystem utilization info
mount –v ####Also views mounted filesystems

Extending a filesystem
lvextend –L 1000 /dev/vg01/lvol1
umount /data1
extendfs –F hfs /dev/vg01/rlvol1

Also you can use this command instead of extendfs if this is vxfs:
fsadm –F vxfs –b 2560000 /data2 ####The –b is 2056 X 1024

Reducing filesystem then the Logical Volume

HFS cannot be reduced dynamically, but JFS (vxfs):
fsadm –F vxfs –b 2048000 /data2
lvreduce –L 2000 /dev/vg01/lvol2

lvremove /dev/vg01/lvol1 ###Removes a filesystem

vxtunefs /home ###Display filesystem tuning parameters
fsadm –F vxfs –ed /var ###Defragments a JFS filesystem

fuser –cu /var ###Find out what user/process is holding filesystem

fuser –ck /var ###Kill user/process holding filesystem

umount –a OR umountall ###unmount all noncritical filesystems

mount –a OR mountall ####mount all filesystems

/etc/fstab File that holds the system filesystem mount definitions

fsck –F hfs –f /dev/vg01/rlvol1 ###Repair a filesystem
fsck –o full /dev/vg01/rlvol2 ###Force filesystem check without intent log
replay

Replace/repair superblock
Look for an alternate superblock in /var/adm/sdtab then:
fsck –F hfs –b 16 /dev/vg01/rlvol1

Mount DVD/CD
ioscan –fNnkCdisk | DVD
mkdir /dvdrom
mount –F cdfs –o ro /dev/disk/disk3 /dvdrom
OR to keep filename case:
mount –F cdfs –o cdcase –o ro /dev/disk/disk3 /dvdrom

to unmount:
umount /dvdrom

LOFS filesystems – virtual filesystem to point existing directory or filesystem to a

different path
mkdir /lofs
mount –F lofs /usr /lofs
Ex. makes all files and subdirectories under /usr accessible via /usr and /lofs

Swap
swapinfo View swap areas
swapinfo –atm Gives totals with swap info

Creating a swap device

lvcreate –L 500 –n swapvol vg01
swapon /dev/vg01/swaplvol
swapinfo | grep swaplvol

Create a filesystem swap

swapon –l 100m /data2
swapinfo | grep data2

Note: swap spaces must be added to /etc/fstab to be available at boot

ISL Commands
ISL>display Show boot values for autoboot and autosearch
ISL>hpux –is Boot to single user
ISL>hpux –lm Boot to LVM maintenance
ISL>hpux –lq Boot without mirror quorum checking
ISL>hpux set autofile “hpux –lq(;0)/stand/vmunix” Set boot string at ISL
ISL>lsautofl View/verify auto file’s contents
ISL>hpux (0/0/4/0/0.0;0)/stand/backup/vmunix Boot from a non-default kernel
ISL>hpux /stand/backup/vmunix Boot from kernel on primary boot disk
ISL>hpux ll /stand List contents of /stand directory

FROM OS SHELL:
setboot Shows same at the shell
setboot –b on/off enables / disables autoboot
setboot –s on/off enables / disables autosearch

setboot –p device sets primary boot device

setboot –h device sets HA alt boot device
setboot –a device sets alt device
mkboot –a “hpux –lq(;0)/stand/vmunix” /dev/rdisk/disk2 Sett boot string at shell
lfcp /dev/rdisk/disk2:AUTO - View/verify auto file’s contents at prompt

BCH commands
sea searches for devices to boot from

Boot Integrity Server Manually

1) Highlight EFI shell from boot manager and press ENTER to get into EFI shell
2) Use map command to list known mapped filesystems
Shell>map
Select filesystem by entering its mapped named i.e. fs1:
3) fs1:>hpux
4) To manually boot the system i.e. to single user or LVM main mode, interrupt
the boot process during timeout period

Modify Boot Delay

Shell>autoboot on/off Turn on and off autoboot
OR shell:
# setboot –b on/off

From boot manager:

Boot config -> Autoboot Config ->Set Autoboot Timeout ->specify a number
OR from EFI shell
Shell> autoboot 20 Changes to 20 sec

Booting from Alternate Device

1) Highlight EFI shell from boot manager and press ENTER to get into EFI shell
2) Enter map command to list boot devices
3) Select desired entry then press enter
4) Enter hpux to run the boot loader

Boot to Single User

1) Highlight EFI shell from boot manager and press ENTER to get into EFI shell
2) Use map command to list known mapped filesystems
Shell>map
3) Select desired entry then hit enter
4) Run hpux command to invoke the \EFI\HPUX\HPUX.EFI loader
5) Boot to the HPUX> prompt by hitting any key within 10 sec
6) At the hpux.efi interface, enter the following to boot the /stand/vmunix kernel
to single-user state:
HPUX> boot –is OR for LVM: HPUX> boot –lm OR for alt kernel: HPUX>boot
/stand/backup/vmunix

View Auto File

1) Follow steps 1 -3 in single user
2) cd \EFI\HPUX
3) ls
4) cat AUTO
5) edit AUTO
OR from secondary boot loader:

HPUX> showauto

To modify:
HPUX>setauto –d Delete auto file
HPUX>setauto “boot vmunix –lq” Modifies auto file

OR from command prompt:

1) efi_cp –d /dev/rdisk/disk2s1 –u /EFI/HPUX/AUTO AUTO
2) vi the file
3) copy the file back to EFI partition with:
efi_cp –d /dev/rdisk/disk2s1 AUTO /EFI/HPUX/AUTO

Security
In /etc/default/security, edit the lines:
BOOT_AUTH=1 and BOOT_USERS=root to allow others to access single suer

Hardware Scanning:
Run ioscan and insf

cat /etc/rc.log Check boot log

Kernel Management
kcweb Kernel configuration tool
Other tools include kconfig, kcmodule, kctune

kclog View kernel logs

HPUX>boot shmmni=1000 Override boot kernel tunables

OR: ISL>hpux shmmni=1000

HPUX>boot SC_2 shmmni=1000 Override boot tunables with saved kernel

ISL>hpux SC_2/vmunix shmmni=1000

HPUX>boot –tm OR ISL>hpux –tm Boot to Tunable Maint Mode

Backup and Restore

pax –vwf /dev/rtape/tape1_BEST /etc Write /etc/ to tape
pax –vf /dev/rtape/tape1_BEST List contents of tape device
pax –vrf /dev/rtape/tape1_BEST Restore from tape
pax –vrw /etc/ /var/tmp/etc Copy /etc into /var/tmp
fbackup –f /dev/rtape/tape1_BEST –i /home –I /tmp/index.home Level 0 backup of
/home
frecover –rv Restore all files
from tape

dump 0u /data1 Level 0 backup

of .data1
restore r Restore from above

FOR JFS ONLY:

vxdump 0uf /dev/rtape/tape2_BEST /home Level 0 backup to
tape
vxrestore r /dev/rtape/tape2_BEST Restore from tape

find . | cpio –ocv > /dev/rtape/tape2_BEST Archive current directory and copy to
tape
find . –mtime 7 | cpio –ocv >/tmp/mod.cpio Archive only those that changed in
last week
cpio –ivc < /tmp/mod.cpio Restore from archive

FOR TAPES ONLY:

find . | ftio –ocv > /dev/rtape/tape2_BEST Backup current dir to tape
cpio –itvc < /dev/rtape/tape2_BEST List backup
cpio –ivc < /dev/rtape/tape2_BEST restore from backup

Printing
lpsched OR /sbin/init.d/lp start Start printer queue scheduler
lpshut OR /sbin/init.d/lp stop Stop scheduler

lpadmin –pprn1 –v /dev/lp –m laserjet Configure local printer with laserjet

model
lpadmin –p prn3 –v /dev/lp –c prn_class –m laserjet Create printer class
prn_class and add it to prn3
lpadmin –p prn1 –c prn_class Add prn1 to prn_class
lpadmin –p prn1 –v /dev/null –mrmodel –ocmrcmodel –osmrsmodel –ormhp01 –orpprn1
–v /dev/null Add access to prn1 on hp01 ALSO you must edit inetd.conf and
uncomment the printer stream line

/opt/hpnp/bin/hppi Configure HP Deskjet printer

lpadmin –dprn1 Make prn1 default printer

lpadmin –d Show default printer
enable/disable prn1 Enable or Disable a printer
accept prn1 OR accept prn_class Accept printer requests to printer/class
– change accept to reject to cancel

lpstat –t Check printer status

lpadmin –pprn1 –g5 Change printer priority
lpfence prn1 5 Change printer fence level

Remove a printer:
reject prn1
disable prn1
lpadmin –xprn1

lp /etc/passwd Send print job to print /etc/passwd

lpstat –o List print requests on all printer queues
lpalt prn2 –o –p6 Change print priority
lpmove prn1 prn2 Move print job
cancel prn2-0 Cancel a print request

Cron and Scheduling

Most of the cron facilities mirror that of AIX, Solaris, and Linux.
Logs: cat /var/adm/cron/log
crontab fields: Minute,Hour,Date of month,Month of year,Day of week, command

at 11pm find / -name core –exec rm {} \; Delete core files at 11 PM

Note: cntrl-D submits the job
To check the jobs: ls –l /var/spool/cron/atjobs
Syslog
Controlled through /etc/syslog.conf
Start/Stop with /sbin/init.d/syslog stop/start
Logged with: cat /var/adm/syslog/syslog.log

Healthchecking/Performance Monitoring
uptime
sar
top
glance (or gpm)
swapinfo
vmstat
iostat
ps
ipcs
time or timex
nwmgr/netstat/lanadmin

Networking
nwmgr or lanscan Report interfaces on the system
nwmgr –v –c lan4 Display interface characteristics
ndd –h supported Displays available TCP tunable parameters
/sbin/init.d/nettle start/stop Turn on/off TCP tracing
ioscan –fnkC lan Displays network cards on system
linkloop 0x00306E469D5C Check link between you and MAC address shown
lanadmin Menu driven interface tool
lanadmin –a 1 Show MAC of interface at PPA 1
lanadmin –s 1 Displays NIC speed
lanadmin –x 1 Displays NIC duplex
lanadmin –X 100fd 1 Sets speed/duplex
ifconfig lanx Report ifconfig on interface shown in lanscan
ifconfig lan1:1 192.168.1.2 Add an alias interface to lan1
To configure interfaces to start at boot: vi /etc/rc.config.d/netconf then run:
/sbin/init.d/net start

/etc/hosts Add hostnames to IP’s

route add net 192.168.2.0 netmask 255.255.255.0 192.168.1.1 Add a static route
route add default 192.168.1.1 Add default route
route –f Flush route tables

To add a route permanently, add a route stanza to /etc/rc.config.d/netconf OR use smh

Format:
ROUTE_DESTINATION[2]=default
ROUTE_GATEWAY[2]=192.168.1.1
ROUTE_COUNT[2]=1

DHCP
vi /etc/rc.config.d/netconf
DHCP_ENABLE[4]=1
Then:
/sbin/init.d/net start

Also IP addressing can be set with set_parms initial

SERVICES
cat /etc/inetd.conf Can turn off and on telnet and ftp by
commenting out
It can be controlled by entering in stanzas in /var/adm/inetd.sec at user and system
level:
Ex. telnet allow 192.11.211.*
inetd –l Enabled inetd connection logs – can be made
permanent with: vi /etc/rc.config.d/netdaemons and set INETD_ARGS to 1
inetd –c Reload configuration
cat /etc/services Maps service names to port and protocol
cat /etc/rpc Shows RPC services and ports

/etc/hosts.equiv Can allow passwordless connection with rcp,

rlogin, and remsh
If + is in file allows all users/all hosts. If – disallows all users/all hosts.

SENDMAIL
To configure:
1. Add user accounts
2. vi /etc/rc.config.d/nfsconf and set NFS_SERVER to 1
3. Add this to /etc/dfs/dfstab:
/var/mail
4. vi /etc/rc.config.d/mailservs and set SENDMAIL_SERVER to 1
5. vi /etc/mail/sendmail.cw and add all client hostnames to bottom of file
6. vi /etc/mail.sendmail.cf and add:
Fw/etc/mail/sendmail.cw
7. /sbin/init.d/nfs.server start
/sbin/init.d/sendmail start
Then on clients:
1. vi /etc/rc.config.d/mailservs and set:
SENDMAIL_SERVER=0
SENDMAIL_SERVER_NAME=hp02
2. vi /etc/rc.config.d/nfsconf and set NFS_CLIENT to 1
3. vi /etc/fstab:
hp02:/var/mail /var/mail nfs defaults 0 0
4. /sbin/init.d/sendmail start
/sbin/init.d/nfs.client start

Check sendmail:
bdf –i | mailx –s “Filesystem list of Systems” ccoppock@us.ibm.com
mailq –v ####show mail queues

Aliases
To add a new alias to a user account database, vi /etc/mail/aliases.
Then run newaliases

NTP
Configure Server (can be done from smh too):
1. Select a time source (i.e. the example below local system at reserved address
127.127.1.1 with stratum keyword fudge)
2. vi /etc/ntp.conf
server 127.127.1.1
fudge 127.127.1.1 stratum 9
If you use an internet time system: server 11.59.99.3
For a peer: peer hp03
3. vi /etc/rc.config.d/netdaemons
NTPDATE_SERVER=11.59.99.3
XNTPD=1
4. /sbin/init.d/xntpd start

Client:
1. vi /etc/ntp.conf
server hp01
driftfile /etc/ntp/drift
2. vi /etc/rc.config.d/netdaemons
NTPDATE_SERVER=hp01
XNTPD=1
3. /sbin/init.d/xntpd start

ntpq –p Query NTP systems

ntptrace hp01 Find out where a system is getting their time source

NFS
To configure an NFS server:
1. vi /etc/dfs/dfstab
share –F nfs –o ro /usr/share/man
share –F nfs –o anon=104 –d “Sendmail Binaries” /opt/samba
2. vi /etc/rc.config.d/nfsconf
NFS_CORE=1
NFS_SERVER=1
START_MOUNTD=1
3. /sbin/init.d/nfs.server start
shareall
To configure NFS client:
1. showmount –e OR share
2. vi /etc/rc.config.d/nfsconf
NFS_CLIENT=1
3. /sbin/init.d/nfs.client start
4. vi /etc/fstab and add:
 hp02:/usr/share/man /usr/share/man nfs ro
0 0
hp02:/opt/samba /opt/samba nfs defaults
0 0
5. create the mount points if they don’t exist with mkdir
6. mountall OR mount –aF nfs

showmount –e OR cat /etc/dfs/sharetab Find out what resources are shared

mount –v or bdf –t nfs See what resources are mounted
fuser –cu /mount See what PID/user is using a resource
fuser –ck /mount Kill PID/user on a resource
umount /mount Unmount share
unshared /usr/share/man Stop NFS share
unshareall Stop all NFS shares
nfsstat Check NFS functionality
rpcinfo –p hp02 Ensure client is running all NFS
processes
rpcinfo –u hp02 mountd Checks for mountd to be running

AUTOFS
To configure:
1. vi /etc/rc.config.d/nfsconf
NFS_CLIENT=1
AUTOFS=1
AUTOMOUNT_OPTIONS=””
AUTOMOUNTD_OPTIONS=””
AUTOMOUNT_TIMEOUT=600
2. /sbin/init.d/autofs.start
OR:
automountd
automount –v

Maps:
cat /etc/auto_master Show default master file with entries below:
/net –hosts –nosuid,soft,nobrowse
SAMBA/CIFS
Note: in inet.conf, uncomment the swat line to allow access to SWAT vi:
http://server:901
Configuration:
1. swlist –l product | grep CIFS
2. vi /etc/rc.config.d/samba
RUN_SAMBA=1
3. vi /etc/opt/samba/smb.conf
4. Make the following entries in smb.conf:
[global]
netbios name =hp02
workgroup =localwg
server string =CIFS server
hosts allow =192.168.1
security =user
[mail]
comment =Mail directory
path =/var/mail
writeable =yes
browseable =no
5. /opt/samba/bin/testparm
6. touch /var/opt/samba/private/smbpasswd
chmod 600 /var/opt/samba/private/smbpasswd
chmod 500 /var/opt/samba/private
/opt/samba/bin/smbpasswd –a username
7. /sbin/init.d/samba start
/opt/samba/bin/startsmb
8. /opt/samba/bin/smbstatus

To connect from a client:

1. swlist –l product | grep CIFS
2. vi /etc/rc.config.d/cifsclient
RUN_CIFSCLIENT=1
3. vi /etc/opt/cifsclient/cifsclient.cfg
domain = “LOCALWG”
4. /sbin/init.d/cifsclient start
 /opt/cifsclient/bin/cifsclient
5. mkdir /mntdata
6. vi /etc/fstab:
win-serv01:/data /mntdata cifs defaults 0 0
7. vi /etc/hosts
192.168.1.220 win-serv01
8. mount –aF cifs
9. cifslogin win-serv01 testuser –P test!123 –s
10. cifslist

Note: cifsmount //win-serv01/data/data –U testuser Mounts a CIFS

share hot

NIS
Configure Master Server
1) Make sure all passwd entries on all systems are part of /etc/passwd or
/etc/shadow and make sure there are no duplicates
2) domainname coppock ###Define unique domain name
3) vi /etc/rc.config.d/namesvrs
NIS_DOMAIN=coppock
NIS_MASTER_SERVER=1
NIS_CLIENT=1
4) ypinit –m
When on the slave servers end the entry with Cntrl+d
5) /sbin/init.d/nis.server start
/sbin/init.d/nis.client start

Configure Slave Server

1) domainname coppock
2) vi /etc/rc.config.d/namesvrs
NIS_DOMAIN=coppock
NIS_SLAVE_SERVER=1
NIS_CLIENT=1
3) ypinit –s master_server_name ###Transfers maps from master
server
4) /sbin/init.d/nis.server start
/sbin/init.d/nis.client start

Configure NIS Client

1) domainname coppock
2) vi /etc/rc.config.d/namesvrs
NIS_DOMAIN=coppock
NIS_CLIENT=1
3) /sbin/init.d/nis.client start
4) vi /etc/nsswitch.nis
edit all hosts and passwd and group files to include nis
Ex. passwd: nis[NOTFOUND=return] files

To test: run ypwhich or ypwhich –m

nsquery passwd user5 ###Find password policy for user5
ypcat passwd ###Display passwd ,map contents
ypmatch users group ###Kind of like grep for NIS
yppoll passwd.build ####Displays timestamp of map file
yppasswd user1 OR passwd –r nis ####Change NIS user passwd
yppush OR ypnmake ####Push map updates to slave servers
ypset hostname ####Sets the client NIS binding

Secure NIS
1) Create /var/yp/securenets
2) Specify IP and mask of system or network not allowed access
3) /sbin/init.d/nis.server stop
/sbin/init.d/nis.server start

DNS
what /usr/sbin/named Check BIND Version
Configuration is beyond the scope of a cheatsheet and can be found on page 579 of the
book

Ignite UX
GUI Configuration
1) edit /etc/inetd.conf and uncomment tftp
2) inetd –c
3) vi /etc/passwd
tftp:*:510:1:Trivial FTP user:/home/tftpdir:/usr/bin/false
4) /opt/ignite/bin/ignite
5) Click Server setup
6) Enter Ip and MAC addresses – if this is an Integrity client vi /etc/bootptab and
insert the stanza on page 609
7) Skip DHCP
8) Select Copy CD
9) Exit

Boot a Client from Ignite:

1) On client BCH menu
Main Menu: Enter Command> boot lan.192.168.1.2 install
This will boot the client and pull from HPUX server 192.168.1.2

Cloning to Network
1) mkdir –p /var/opt/ignite/recovery/archives/hp05
chown bin:bin /var/opt/ignite/recovery/archives/hp05
vi /etc/dfstab
/var/opt/ignite/recovery/archives/hp05 anon=2,access=hp01
shareall
2) make_net_recovery –v –s hp01 –a
hp01:/var/opt/ignite/recovery/archives/hp05

Create Client from Clone

1) Power on system
2) Interrupt boot with ESC to go to BCH
3) Main menu: Enter Command> boot lan install
4) DO not interact with IPL
5) Interrupt boot process within 10 sec and follow screens to set hostname and Ip
and such
If this is Integrity:
1) Power on system
2) Interrupt boot with ESC to go to EFI, go to Boot Option Maintenace, Add a Boot
Option
3) Select a network interface. At message prompt enter interface name: LAN1.
Go back to main menu.
4) Select new boot option and boot the system
5) Interrupt boot process within 10 sec and follow screens to set hostname and Ip
and such

Security
passwd –f –n 7 –x 28 ccoppock Sets password expiration
passwd –s ccoppock Checks for Password and expiration
properties
pwconv Implements shadow password
/etc/tsconvert Implements “trusted mode” security
(-r reverts back)
/usr/lbin/modprpw –lk username Unlocks a trusted account user

PAM
/etc/pam.conf Controls system-wide auth
/etc/pam_user.conf Controls user-wide auth

cat /etc/pam.conf
Has entries such as:
login auth required /usr/lib/security/libpam.unix.1