UNKNOWN_ user in /etc/security/failedlogin AIX

Unknown entry appears when somebody tried to log on with a user id which is not known to the system. It would be possible to show the userid they attempted to use but this is not done as a common mistake is to enter the password instead of the userid. If this was recorded it would be a security risk..

Sticky bit

The most common use of the sticky bit today is on directories – files/ folders in that directory can only be renamed or deleted by the item’s owner, the directory’s owner, or the superuser.

 Generally this is set on the /tmp directory to prevent ordinary users from deleting or moving other users’ files.

The sticky bit can only be set by superuser root  w/ chmod command, it can be set using its octal mode 1000 or by its symbol t (s is already used by the setuid bit). For example, to add the bit on the directory /usr/local/tmp, one would type chmod +t /usr/local/tmp. Or, to make sure that directory has standard tmp permissions, one could also type chmod 1777 /usr/local/tmp.

In Unix symbolic file system permission notation, the sticky bit is represented by the letter t in the final character-place. For instance, on Solaris 8, the /tmp directory, which by default has the sticky-bit set, shows up as:

$ ls -ld /tmp

drwxrwxrwt 4 root sys 485 Nov 10 06:01 /tmp

If the sticky-bit is set on a file or directory without the execution bit set for the others category (non-user-owner and non-group-owner), it is indicated with a capital T:

# ls -l test

-rw-r–r– 1 root other 0 Nov 10 12:57 test

# chmod +t test; ls -l test

-rw-r–r-T 1 root other 0 Nov 10 12:57 test

SAN AIX HBA imp commands

• See the current OS levels

       uname -a

oslevel -r

oslevel -q

oslevel -g

 

• See adapters, drivers, and microcode.See the bottom of this section for AIX part number mappings

lsdev -Cc adapter -spci | grep fcs   For each of the FCS instances

 

• Micorcode

lsmcode -cd fcs0

 

• Firmware

lscfg -vl fcs0 | grep Z9

 

• Driver

lsdev -C -Ftype,name | grep -i fcs

 

• Software

lslpp -l | grep -i hba

lslpp -l | grep “FC Software”

lslpp -L EMC.Symm*   Should get two outputs – aix and fcp

lslpp -L devices.pci.df1000f7.com

lslpp -L devices.pci.df1000f*

 

• Disk type/info

lsattr -El hdisk

lsattr -El vpath

 

 

• List Powerpath info

Software

lslpp -l | grep -i powerpath

 

Devices

lsdev -C -t power

 

WWN

Loop for each adapter

lscfg -vl fcs0 | grep Z8

 

• IBM Part numbers

To determine the part numbers for the HBAs

lscfg -vpl fcs0 | grep “Part Number”

To corrolate the Part Number from above to a “Feature Code”

that EMC uses in their documentation OR to a HBA vendor model.

 

Emulex LP10000  FC 5716

80P4543 (FRU 80P4544)

80P4544

Emulex LP9002   FC 6228

00P2995 (FRU 00P2996)

00P2996

00P4494 (FRU 00P4495)

00P4495

03N2452 (FRU 09P0102)

09P0102

09P5079 (FRU 09P5080)

09P5080

80P4381 ???

80P4384

Emulex LP9802   FC 6239

00P4295

00P4297

Emulex LP7000   FC 6227

00P1882

03N4167

09P1162

09P1173

09P4038

24L0023

 

INITIAL load software, drivers and firmware

NOTE: You may need to modify lines for the APPROPRIATE version

mount nimserver:/depot/Software/UNIX /mnt

Drivers

See if they are already loaded

lslpp -L devices.pci.df1000f*

 

If not, then

cd /mnt/aix/aix52_apar_IY56722

installp -a -Q -d . devices.pci.df1000fa.rte

smit install_software

use dot (.) for directory

select the following:

devices.pci.df1000fa

devices.pci.df1000f7

• Multipath software

AIX

lsvpcfg

lspv

 

• AIX SDD

datapath query version

datapath query adapter

datapath query device

datapath query essmap

datapath query wwpn

datapath query portmap

datapath query adaptstats <n>

datapath query devstats <n>

 

• EMC Symmetrix software

cd /mnt/EMC/Drivers/AIX

installp -qa -d ./EMC.AIX.5.2.0.0  EMC.Symmetrix.aix.rte EMC.Symmetrix.fcp.rte

• EMC ECC package

cd /mnt/EMC/ECC/Control_Center_5.2

./install_master.sh ‘pwd‘

/opt/ecc

ECC-servername

default

default

Y

/opt/ecc/exec/start_master.csh

 

echo “ecc:2:once:/opt/ecc/exec/start_master.csh > /dev/console 2>&1 Start ECCagent” >> /etc/inittab

 

EMC PowerPath

Must have a valid PowerPath license for this host

cd /mnt/EMC/PowerPath/PowerPath4.4/aix

installp -qa -d ./EMCpower_install EMCpower

/usr/sbin/emcpreg -install

/usr/sbin/powermt check_registration

View SDD

lsvpcfg

datapath query adapter

datapath query device

5.X and greater

iostat -m

 

• Initialize HBAs in ODM

diag

Advanced Diag Routines

System Verification

(select each fcsX => F7)

loopback plug? no

F10

• Configure disks

cfgmgr -vl fcs0

cfgmgr -vl fcs1

 

EMC Symmetrix software

cfgmgr -v

/usr/lpp/EMC/Symmetrix/bin/emc_cfgmgr

/usr/sbin/powermt config

/usr/sbin/powermt save

 

• SDD

config HBA into SDD

/usr/sbin/allpaths

 

config Paths via HBA

cfgmgr -l dpo

**or**

/usr/lib/methods/cfallvpath -2

 

lsdev -Cc disk | grep -i emc

lspv

 

if this is the DR node, it needs to see failover disk’s serial numbers

so in can import the volumegroup

for DISK in $(lspv | grep hdiskpower | awk ‘{print $1}’)

do

echo $DISK

chdev -l $DISK -a pv=yes

done

 

Increase fastT array size, LUN and actual VG on AIX host.

Increase capacity of an array first  (storage manager –> select array –> add free space –> OK). And then increase capacity of actual LUN.  Go to AIX host and run chvg -g against volume group to make it aware of changes. Run lsvg to see if changes took into effect.

Notes –

chvg -g < vg name >

Following message shows up  –

0516-1216 chvg: Physical partitions are being migrated for volume group descriptor area expansion.  Please wait.
0516-1164 chvg: Volume group <>vg changed.  With given characteristics <>vg   can include upto 112 physical volumes with 8128 physical partitions each.

-g
Will examine all the disks in the volume group to see if they have
grown in size. If any disks have grown in size attempt to add
additional PPs to PV. If necessary will determine proper 1016
multiplier and conversion to big vg. Notes:

1    The user might be required to execute varyoffvg and then
varyonvg on the volume group for LVM to see the size change
on the disks.
2    There is no support for re-sizing while the volume group is
activated in classic or enhanced concurrent mode.
3    There is no support for re-sizing for the rootvg.

AIX paging

Recommendations for paging

Creating all paging spaces the same size

Maximum spreading across disks

Make sure they are all online

Avoid shared disks likely to be moved to another system (might require a reboot)

Don’t have dedicated paging disks – when you have a peak in paging you want ALL disks to help out.

To see current paging space use : lsps -a
Create paging space

• Use smit lvm
• set size
• set online “now”
• set online at next reboot too

Warning:

• lsps and create paging use different units!!
• use lsps -a -c

We recommend using more paging spaces rather than growing just the one but there is a limit to the number of paging spaces

• A paging space can be increased in size
• If the spaces are different sizes this can be used to make them all the same size.
• Paging spaces are used evenly therefore lots of paging spaces and lots of disks

If a paging space disk fails, the system will halt, on reboot the paging space will be disabled.
If your paging space is not protected by RAID5 or a disk subsystem then you should consider mirroring.

For extra availability – mirror the paging space
Just like mirroring a logical volume (LV)

• smitty lvm + LV + Set LV + Add a copy
• or use command: mklvcopy command

Removing a Paging Space

Impossible – well it was on older AIX versions on newer version sit is possible you will have to check for your version.

• Use: smit lvm
• take Paging Space
• then deactivate it
• then remove it

If you can’t remove it set to be offline at next reboot … wait till you can reboot.

Backup and Recovery: AS400

If you intend to restore the entire system from a full-system backup tape you can IPL from the tape –

 

http://publib.boulder.ibm.com/iseries/v5r2/ic2924/index.htm?info/rzakw/rzakwfaq.htm

sql query against master db for CPU intensive cmd

select sysdatabases.[name] as ‘database name’, sysdatabases.[dbid],spid,blocked,waittime,uid,cpu,program_name,loginame,hostprocess,cmd from sysdatabases join sysprocesses on (sysdatabases.dbid = sysprocesses.dbid) where sysdatabases.[dbid] >4 order by cpu desc

Some imp HACMP commands

clstat – show cluster state and substate; needs clinfo.
cldump – SNMP-based tool to show cluster state
cldisp – similar to cldump, perl script to show cluster state.
cltopinfo – list the local view of the cluster topology.
clshowsrv -a – list the local view of the cluster subsystems.
clfindres (-s) – locate the resource groups and display status.
clRGinfo -v – locate the resource groups and display status.
clcycle – rotate some of the log files.
cl_ping – a cluster ping program with more arguments.
clrsh – cluster rsh program that take cluster node names as argument.
clgetactivenodes – which nodes are active?
get_local_nodename – what is the name of the local node?
clconfig – check the HACMP ODM.
clRGmove – online/offline or move resource groups.
cldare – sync/fix the cluster.
cllsgrp – list the resource groups.
clsnapshotinfo – create a large snapshot of the hacmp configuration.
cllscf – list the network configuration of an hacmp cluster.
clshowres – show the resource group configuration.
cllsif – show network interface information.
cllsres – show short resource group information.
lssrc -ls clstrmgrES – list the cluster manager state.
lssrc -ls topsvcs – show heartbeat information.
cllsnode – list a node centric overview of the hacmp configuration.