Users and Groups :

Starting from HP-UX 11i v3, user and group names can be 255 chars long

Files Related to User/group:

/etc/passwd - Contains the basic user configuration information

/etc/shadow - Password shadow file. Contains the encrypted password
/etc/ptmp - Lock file when updating the password file
/etc/group - Contains the group configuration information
/etc/default/security - Security defaults configuration
/etc/security.dsc - Security attributes description file
/var/adm/btmp - Keeps track of failed logins
/var/adm/wtmp - Keeps track of successful logins
/etc/utmp - Keeps track of currently logged in users

Directories related to User/group:

/etc/skel - Skeleton directory where the templates of profiles are kept

/etc/default/security – Containing Password Related Attributes.

Useful Commands Related to User/group:

1. To create a user with default settings:

# useradd username

2. To create an user with the specific uid, primary group, secondary groups, home directory, shell, comment and also
creates the home directory if it doesn’t exist, also allows the uid to be non-unique:

# useradd –u uid –o –g group_name –G group1,group2 –d home_dir –s shell –c comment –m user_name

3. To list the defaults for primary group, base directory, inactivity timeout and skeleton directory:

# useradd –D

4. To change the default primary group to dba:

# useradd –D –g dba

5. To change the primary group to dba for the user sinto:

# usermod –g dba sinto

6. To delete an user but not his/her home directory:

# userdel user

7. To delete an user along with the home directory:

# userdel –r user name

8. To reset the password for an user:

# passwd user name

Faruq
9. To force a password change at next login:

# passwd –f user name

10. To view password aging status for an user:

# passwd –s user name

11. To lock or disable a user:

# passwd –l user name

12. To create a group called dba and add the respective entries to /etc/group:

# groupadd dba

13. To create a group called dba with gid as 123:

# groupadd –g 123 dba

14. To modify the gid for an existing group:

# groupmod –g 214 dba

15. To delete the group dba:

# groupdel dba

16. To delete the group only if it’s not the primary group for any user:

# groupdel –s dba

17. To list the failed logins (to display the contents of /var/adm/btmp):

# lastb

18. To list the successful logins (to display the contents of /var/adm/wtmp)

# last

19. To list the currently logged in users (to display the contents of /etc/utmp)

# who –u

20. To create the password shadow file and to move the encrypted password from /etc/passwd to /etc/shadow:

# pwconv

21. To check the /etc/passwd and /etc/shadow files for consistencies:

# pwck

22. To copy the encrypted passwd and aging information from /etc/shadow to /etc/passwd and then delete the
/etc/shadow file:

# pwunconv

Faruq
Device file naming convention:
In HP-UX uses the device file naming convention looks like as follows:

c#t#d#

To understand what those letters means

* c - Instance number of interface card/Controller

* t - SCSI target address/Target
* d - Device number aka SCSI LUN/Disk

Use ioscan command to get information about your device under HP-UX. A block device file is always in /dev/dsk and
a character device file in /dev/rdsk directory.

* /dev/dsk/c0t5d0 - Block device file

* /dev/rdsk/c0t5d0 - Raw device file

Cluster commands:
Status and startup

Viewing cluster and package status:

# cmviewcl –v

This will tell you the detailed status of the cluster, nodes, packages and services. For simple cluster status you can
use cmviewcl also.

Starting the cluster:

# cmruncl

This command will help/force nodes to form a cluster and start all enabled packages in that cluster.

Halting a cluster:

# cmhaltcl

This command will halt ServiceGuard operations on all nodes which are currently running in the cluster. If any
packages are running, the cluster will not be halted.

# cmhaltcl –f

This will force the packages to halt and after that it halts Service Guard operations on all nodes which are currently
running in the cluster

Starting a node:

# cmrunnode <node name>

This command will start the specified node to join an already running cluster.

Faruq
Halting a node:

# cmhaltnode <node name>

This command will halt ServiceGuard operations on the specified node. If any packages are running on that node, the
node will not be halted.

# cmhaltnode –f <node name>

Force the node to halt even if there are packages or group members running on it

Running a package

# cmrunpkg [ -n <node name> ] <packag name>

This will run the package on the current node or on the node specified. Logs will be written in
/etc/cmcluster/<SID>/<control_script>.log.

Halting a package:

# cmhaltpkg <packag name>

This will halt the package, Logs will be written in /etc/cmcluster/<packag name>/<control_script>.log.

enable or disable switching attributes for a cluster

# cmmodpkg –e/-d <packag name>

Enabling a package to run on a particular node

After a package has failed on one node, that node is disabled. This means the package will not be able to run on that
node. The following command will enable the package to run on the specified node.

# cmmodpkg –e -n <node name> <package name>

Disabling a package from running on a particular node

# cmmodpkg-d-n <node name> <packag name>

This will command will disable the package to run on the specified node.

What are the daemons that control MC/Serviceguard

There are the OS MC ServiceGurard Components, and the Application Packages. Eight Daemons are associated
with MC/ServiceGuard.

/usr/lbin/cmclconfd---ServiceGuard Configuration Daemon

/usr/lbin/cmcld---ServiceGuard Cluster Daemon

/usr/lbin/cmlogd---ServiceGuard Syslog Log Daemon

/usr/lbin/cmlvmd---Cluster Logical Volume Manager Daemon

/usr/lbin/cmomd---Cluster Object Manager Daemon - logs to /var/opt/cmom/cmomd.log

/usr/lbin/cmsnmpd---Cluster SNMP subagent (optionally running)

/usr/lbin/cmsrvassistd---ServiceGuard Service Assistant Daemon

Faruq
/usr/lbin/cmtaped---ServiceGuard Shared Tape Daemon

Each of these daemons logs to the /var/adm/syslog/syslog.log file

Daemon details:-

cmclconfd -- gathers cluster info ie network and vol grp info started in /etc/inetd.conf

cmcld -- determines cluster membership. Package Mgr, Cluster Mgr, and Network Mgr run as parts of cmcld.

cmlogd -- used by cmcld to write syslog messages.

cmlvmd -- keeps track of Volume group info.

cmomd -- provides info to client about the cluster. /etc/inetd.conf.

cmsnmpd -- produces MIB for snmp

cmsrvassitd -- fork and exec scripts for the cluster.

cmtaped -- keeps track of shard tape devices.

Information about the starting and halting of each package is found in the package’s control script log. This log
provides the history of the

operation of the package control script. It is found at /etc/cmcluster/<pkgname>/pkgname.cntl.log or

/etc/cmcluster/package_name/control_script.log.

You can also find in /var/adm/syslog/syslog.log which indicate what has occurred and whether or not the package has
halted or started.

Some scenarios in cluster:

Fail over without halting clustering on either node:

1. cmviewcl –v (This will display status packages and nodes defined to cluster. Verify

status of nodes and pkgs before taking any action.)

2. cmhaltpkg –n <nodename> –v <pkgname> (command can be issued from either node;

if node name not specified, command will be executed on whichever node it is issued

from)

3. Wait to see results of command; tail –f /etc/cmcluster/<pkgname>.cntl.log to determine

success or failure of halt command. If successful, move on to step 3.

4. cmmodpkg –e –n <nodename> -v <pkgname> (enables pkg to run, and enables pkg

switching. This can be issued on either node. It will automatically start pkg on it’s

adoptive node if nodename is not specified)

Faruq
5. cmrunpkg –n <nodename> -v <pkgname> (starts specified pkg on specified node. Can

be run from either node.

Fail over of one node to another, halting clustering on one node:

1. cmhaltnode –f –v <nodename> (halts clustering on node specified, and fails over any

running pkgs to other node).

2. Check /etc/cmcluster/<pkgname>.cntl.log on each machine to verify that the pkg did

shutdown on one node and then started on the other node.

Run both the packages to single node (other server is shutdown completely)

cmruncl -n < node_name>

Startup and Shutdown

Startup and Shutdown of HP-UX

Here describing the boot sequence of HP-UX.

It is basically divided into 2 main parts,

1. Boot PROM Startup - Same like other systems

2. HP-UX Startup - Included ISL, SSL (hpux), kernel (/stand/vmunix), swapper, init and /etc/inittab

Here is the boot sequence given in steps,

 Power On the system or Reboot the System

 Processor Dependent Code
o PDC gets executed and it performs the initial self-test include processor, memory and also detects
peripherals attached to the system.
o If auto boot is disabled, it displays a menu list, something like smsin aix, bios in your pc.
 PDC initializes the console to display boot messages and any errors. Then it looks for the primary boot
path (hardware path to the bood disk)
 Initial System Loader from the boot dick gets loaded into the memory and executed by PDC
 Secondary System Loader 'hpux' gets loaded into the memory by the ISL. "hpux" is stored in the boot
sector of the boot disk.
 SSL hpux loads the kernel "/stand/vmunix" into the memory and from here kernel takes over the control.

Faruq
  Kernel then loads the device drivers and starts the process "swapper"
 Swapper process (PID = 0) then intiates a shell process to execute commands from /sbin/pre_init_rc
 Finally kernel loads the system's first process called "init". Hence init pid is always 1.
 The init process processes the /etc/inittab file and runs the startup scripts to start other daemons and
processes based on the default run level set. This will take the system to the default run level and from now

on users can login to the system.

Few important ISL Commands:

1. To boot in single-user mode :

ISL > hpux -is

2. To boot from alternate kernel :

ISL > hpux /stand/vmunix.old

3. To boot in single-user mode using an alternate kernel :

ISL > hpux -is /stand/vmunix.old

4. To display the version of hpux utility :

ISL > hpux -v

5. To display the files in the /stand directory (mostly used to find the alternate kernel file name) :

ISL > hpux ll /stand

Contents of Boot Area:

Boot disk contains a boot area and a root partition plus swap space and other file systems.

Boot area contains the below stuff :

a. An LIF volume header that indentifies the LIF volume

b. A file containing a HP-UX volume name

c. A directory that contains a list of files contained in this area

d. Initial System Loader (ISL)

e. A secondary System Loader (hpux)

f. A file named AUTO - Contains the hpux utility name and any arguments to be passed onto hpux.

Faruq
To list the contents of the boot area:

# lifls -l /dev/dsk/c0t0d0

where cotod0 is the boot disk ie., controller 0, target 0, disk 0

Few Boot list commands :

1. To view the current primary, alternate bootpaths, autoboot and autosearch :

# setboot

2. What is the command to install files in the LIF area :

# mkboot

3. What is the command to delete files in the LIF area :

# rmboot

Run Levels in HP UX:

0 - Terminates all the processes by going to the lower run levels and finally shuts down the system

s - Single User Mode. Only one physical console can be used. Only the root file system is mounted. Only the
processes (daemons) those having keyword sysinit in the /etc/inittab are started and any other daemon started by the
kernel.

S - It is functionally same as ‘s’ with the exception that the current terminal will be considered as console (virtual).

1 - It is above run level ‘s’. The system is dedicated to one user but all the file systems are mounted, with a process
known as ‘syncer’ running.

2 - Multiuser run level with no NFS

3 - Functionally same as “2”, with Network daemons, NFS, Web-base administration, graphical presentation
managers running.

4 - Currently not available. You can customize this as per your environment.

5 - Currently not available. You can customize this as per your environment.

6 - Currently not available. You can customize this as per your environment.

You can use 'init' command to change the run level.

For Ex., to goto run level 3 from single-user mode

# init 3

Few Commands related to stat up and shutdown:

1. To display the current run level:

# who -r

2. To immediately shutdown a system with no interactive response:

# Shutdown -h -y 0

Note: You can use "reboot" command if you're running in a single user mode. It normally kills all the daemons instead
of graceful terminating them. So its not recommended in multi-user mode.

Faruq
3. To shutdown a system with no interactive response after 60 seconds:

# Shutdown -h -y 60

4. To shutdown a system immediately and to reboot:

# Shutdown -r -h 0

5. How to view the shutdown and reboot times for the system :

# cat /etc/shutdown.log

6. How to allow an user called sinto from a remote machine (workstation1) to shutdown the system server1:

Just add the below lines to /etc/shutdown.allow

workstation sinto

Ex., # echo "workstation sinto" >> /etc/shutdown.allow

System Information

Commands to gather system information:

1. To view OS Version:
# uname –r

2. To find the memory details:

# glance (external tool)
Look for the physical memory size in the output.

3. To list the processors:

# ioscan -C processor

4. To display the system architecture:

# uname –m

5. To display machine model:

# model
# getconf MACHINE_MODEL

6. To display Operating Environment and OS Version.Update:

# swlist HPUX*OE*

6. To show Hw(CPU) bit :

# getconf HW_CPU_SUPP_BITS

7. To show Kernel bit:

# getconf KERNEL_BITS

8. To get the serial number: (Use any of the below):

# echo "sc product system;info;wait;il" | cstm | grep -i "system serial"
# echo "sel path system\ninfolog\nexit"|cstm|grep "System Serial"
# getconf MACHINE_SERIAL
# machinfo | grep "machine serial"

Faruq
Commands to modify system information :

1. To set hostname, ip addres , date/time, dns/nis server details, default gateway after the OS installation :
This command will run automatically after the OS installation.
# set_parms initial

2. To change the date and time :

# set_parms date_time

3. To change the timezone :

# set_parms timezone

Networking

Network Configuration in HP-UX

Configuration Files :

/etc/rc.config.d/netconf - Contains the hostname, ip address, default route

/etc/hosts - Contains the hsotname to IP address mapping

/etc/resolv.conf - Contains DNS server details

/etc/inetd.conf - Internet daemon configuration file

Changing hostname & IP address

#vi /etc/rc.config/netconf

Edit the necessary lines. After that you will need to restart the services as follows.

#cd /sbin/init.d

#./net stop

#./net start

#./hostname start

Some useful Network Commands:

1. To set the hostname:

# set_parms hostname

2. To set primary ip address:

# set_parms ip_address

3. To set the default gateway, DNS/NIS server details:

# set_parms addl_netwrk

4. To restart inetd daemon:

# inetd -c

Faruq
5. To stop network services:

# /sbin/init.d/net stop

6. To start network services:

# /sbin/init.d/net start

7. To display the ip address details:

# netstat -i

# ifocnfig lan0

8. To display the network adapters:

# lanscan

9. To display routing table:

# netstat -rn

Checking the World Wide Name (WWN) on HP-UX

Assuming that you have a HBA (Fiber Channel) Card installed on your server.

Issue the command ioscan -nfC FC

Get the device path for the desire FC.

e.g. /dev/fcd0

Issue the command

#fcmsutil /dev/fcd0

Look for the line below.

N_Port Port WWN:

That will be your WWN for that fiber port

NFS in HP-UX

Configuration Files:
/etc/exports - Contains a list of exportable file systems. This file is available in upto HP-UX 11i v2

/etc/dfs/dfstab - Contains a list of sharable file systems. This file is available from HP-UX 11i v3

/etc/rc.config.d/nfsconf - NFS server configuration file contains the nfs, autofs and mountd daemons startup

Command for NFS service:

1. To start NFS server daemons :

# /etc/init.d/nfs.server start

2. To stop NFS server daemons :

# /etc/init.d/nfs.server stop

Faruq
3. To export or share a file system :

# share /data <--- From HP-UX 11i v3

4. To unexport or unshaer a file system :

# unshare /data <--- From HP-UX 11i v3

5. To export or share all the filesystems defined in /etc/exports or /etc/dfs/dfstab :

# shareall <--- From HP-UX 11i v3

Device Management
All the devices are communicated by HP Unix using their device files which are located under /dev directory. Most of
the devices and their device files are configured automatically during the boot time. On boot time, HP Unix try to
connect all devices and executes. /sbin/ioinit.rc script will create new device files if needed.

Some useful commands are given below.

1. To show all the configured devices:

# ioscan -f

2. To list the available disk/CD Drives along with their device file details:
# ioscan -funC disk

3. To list the tape drives:

# ioscan -funC tape

4. To list the lan adapters:

# ioscan -funC lan

5. To show the details of a device file:

# lssf /dev/rmt/0mn

6. To configured the recently connected tape drive:

# insf -C tape

7. To configure newly connected CD Rom or disk,

# insf -C disk

http://mailsinto.blogspot.com/p/users-and-groups.html

Faruq