UNIX Health Check - System Admin

Tech Blog

These are blog entries written by the UNIX Health Check development team. Our team has extensive technical experience on both AIX and Red Hat systems, and we like to share our knowledge with our visitors.

Topics: AIX, Backup & restore, System Admin

DVD-RAM Backup

You can use a DVD-RAM to create a system backup. To do so, enter:

# smitty mkdvd

This works in AIX 5.2 and above.

Topics: AIX, System Admin ↑

Korn Shell history

To retrieve a list of all recent commands:

# history -100

This shows you the last 100 entries.

Topics: AIX, System Admin ↑

Log file rotation script

A little script to rotate a log while not upsetting the process which is logging to the file. This script will copy and compress the log file, and then zero the log file out. Then the script will search for older log files and remove them after +3 days since last modification.

DATE=`date +%d%h-%I%p` 
BASE_DIR='/var' 
if [ -f $BASE_DIR/logname.log ]; then 
    cp $BASE_DIR/logname.log $BASE_DIR/logname.log.$DATE 
    > $BASE_DIR/logname.log 
    compress $BASE_DIR/logname.log.$DATE 
fi 

find $BASE_DIR -name 'logname.log.*' -a -mtime +3 -exec rm {} \;

Topics: AIX, System Admin ↑

Fast IPL

Using FAST IPL only works on some RS6000 systems, like SP's or J/G/R30/40's.

To configure FAST IPL:

# mpcfg -cf 11 1

Check current configuration:

# mpcfg -df

If you can only use a terminal to configure the Fast IPL:
Put the key into service mode, press [ENTER] on the keyboard. Then type: sbb. Using the menu you can configure Fast IPL. Then reboot and switch the key back to Normal.

Topics: AIX, Security, System Admin ↑

HOWTO: set up ssh keys

First, install OpenSSH and OpenSSL on two UNIX servers, serverA and serverB. This works best using DSA keys and SSH2 by default as far as I can tell. All the other HOWTOs I've seen seem to deal with RSA keys and SSH1, and the instructions not surprisingly fail to work with SSH2.

On each server type ssh someserver.example.com and make a connection with your regular password. This will create a .ssh dir in your home directory with the proper permissions. On your primary server where you want your secret keys to live (let's say serverA), type:

# ssh-keygen -t dsa

This will prompt you for a secret passphrase. If this is your primary identity key, use an empty passphrase (which is not secure, but the easiest to work with). If this works right, you will get two files called id_dsa and id_dsa.pub in your .ssh dir.

Copy the id_dsa.pub file to the other host's .ssh dir with the name authorized_keys2:

# scp ~/.ssh/id_dsa.pub serverB:.ssh/authorized_keys2

Now serverB is ready to accept your ssh key.

For a test, type:

# ssh serverB

This should let you in without typing a password or passphrase. Hooray! You can ssh and scp all you want and not have to type any password or passphrase.

Topics: AIX, Red Hat / Linux, System Admin ↑

Remote file system copy

How to copy a filesystem from one server to another:

Make sure you can execute a remote shell on the target host (by adding an entry of the source host in the /.rhosts file). Login to the source system as root and enter:

# (cd LOCAL_MOUNTPOINT && tar cpvBf - . ) | rsh REMOTEHOST 'cd REMOTE_MOUNTPOINT && tar xpvBf -'

For ssh, use the following command:

# tar -cf - myfiles | ssh user@host "umask 000 ; cat | tar -xpf -"

You might also have run into the problem that, when FTP'ing CD software on a Windows PC to a remote AIX system, files with lowercase names suddenly change to uppercase file names. This is how to copy the complete contents of a CD on a Red Hat Linux system to a remote AIX system as a tar file:

Login as root on the Linux system.
Mount the CD-ROM:
```
# mount /mnt/cdrom
# cd /mnt/cdrom
```
Tar the contents:
# tar -cvf - . | ssh userid@hostname "cd /path/to/where/you/want/it/on/the/target/system ; cat > filename.tar"
Unmount the CD-ROM:
```
# cd /
# umount /mnt/cdrom
```

Important note: make sure you can write with your user-ID in the target folder on the target system. Otherwise your tar file might end up in the home directory of the user-ID used.

Topics: AIX, NIM, System Admin ↑

Doing a mksysb restore through NIM

A "how-to" restore a mksysb through NIM:

Create a mksysb resource in NIM: Logon to the NIM server as user root. Run smitty nim, Perform NIM Administration Tasks, Manage resources, Define a resource, select mksysb, type name mksysb_, enter "master" as Server of Resource, enter the full path to the mksysb file at Location of Resource: e.g. /backup/hostname.image.
Add the mksysb resource to the defined machine in NIM, together with the original SPOT and LPP source of the host: Run: smitty nim, Perform NIM Administration Tasks, Manage Machines, Manage Network Install Resource Allocation, Allocate Network Install Resources, select the machine, select the mksysb resource defined in the previous step, along with the correct SPOT and LPP_SOURCE of the oslevel of the system.
Do a perform operation on the machine in NIM and set it to mksysb: Run smitty nim, Perform NIM Administration Tasks, Manage Machines, Perform Operations on Machines, select the machine, select bos_inst, set the Source for BOS Runtime Files to mksysb, set Remain NIM client after install to no, set Initiate Boot Operation on Client to no, set Accept new license agreements to yes.
Start up the system in SMS mode and boot from the NIM server, using a virtual terminal on the HMC. Select the disks to install to. Make sure that you set import user volume groups to "yes". Restore the system.

By the way, another method to initiate a mksysb restore is by using:

# smitty nim_bosinst

Topics: AIX, ODM, System Admin ↑

Automatically e-mail error report entries

You can automatically forward all error report entries to your email. This next part describes how to do that.

Create a file like this:

# cat /tmp/mailgeorge
errnotify:
  en_name="mailgeorge"
  en_persistenceflg=1
  en_method="errpt -a -l $1|mail -s \"errpt: $9\" george@email.com"

Add this to the ODM:

# odmadd /tmp/mailgeorge

Now log an entry in the error report:

# errlogger "My coffee is cold"

You will see in the error report:

# errpt -a
----------------------------------------------------
LABEL:          OPMSG
IDENTIFIER:     AA8AB241

Date/Time:       Tue Oct  6 15:57:58 CDT 2009
Sequence Number: 585
Machine Id:      0004D6EC4C00
Node Id:         hostname
Class:           O
Type:            TEMP
Resource Name:   OPERATOR

Description
OPERATOR NOTIFICATION

User Causes
ERRLOGGER COMMAND

        Recommended Actions
        REVIEW DETAILED DATA

Detail Data
MESSAGE FROM ERRLOGGER COMMAND
My coffee is cold

Clear the error log again (because we logged a fake test-entry in the error report):

# errclear 0

Watch your email. You should receive the same error report entry in your email.

By the way, you can delete this from the ODM like this:

# odmdelete -q 'en_name=mailgeorge' -o errnotify

Topics: AIX, Performance, System Admin ↑

PerfPMR

When you suspect a performance problem, PerfPMR can be run. This is a tool generally used by IBM support personal to resolve performance related issues. The download site for this tool is:

ftp://ftp.software.ibm.com/aix/tools/perftools/perfpmr

Topics: AIX, System Admin ↑

Copying a logical volume

For copying a logical volume, the cplv command can be used. Using the -v flag, you can enter the name of the volume group you wish to copy to.

Once the logical volume has been copied, the trick is to get the file system in it back online:

Copy the stanza of the file system in the logical volume you copied to a new stanza in /etc/filesystems. Modify this new stanza; enter the correct jfs log, mount point and logical volume name. After this, do a fsck of your new mount point. Make sure your new mount point exists. After the fsck, you can mount the file system.

Number of results found for topic System Admin: 249.
Displaying results: 201 - 210.

Order

No time to lose? Need to know what's wrong with
your UNIX system now? Then get started TODAY!