This document discusses migrating users from one AIX system to another. This does not include transferring the user's personal data or home directories.
The information in this document applies to AIX 5.2 and above.

Since the files involved in the following procedure are flat ASCII files and their format has not changed from V4 to V5, the users can be migrated between systems running the same or different versions of AIX (for example, from V4 to V5).

Files that can be copied over: 

/etc/group 
/etc/passwd
/etc/security/group 
/etc/security/limits 
/etc/security/passwd
/etc/security/.ids 
/etc/security/environ 
/etc/security/.profile 

NOTE: Edit the passwd file so the root entry is as follows


When you copy the /etc/passwd and /etc/group files, make sure they contain at least a minimum set of essential user and group definitions.

Listed specifically as users are the following:

root
daemon
bin
sys
adm
uucp
guest
nobody
lpd

Listed specifically as groups are the following:

system
staff
bin
sys
adm
uucp
mail
security
cron
printq
audit
ecs
nobody
usr 

If the bos.compat.links fileset is installed, you can copy the /etc/security/mkuser.default file over. If it is not installed, the file belongs in the /usr/lib/security directory.
If you copy over mkuser.default, changes must be made to the stanzas. Replace group with pgrp, and program with shell. A proper stanza should look like the following:

    user: 
            pgrp = staff 
            groups = staff 
            shell = /usr/bin/ksh 
            home = /home/$USER 

The following files may also be copied over, as long as the AIX version in the new machine is the same:

   /etc/security/login.cfg 
   /etc/security/user 

NOTE: If you decide to copy these two files, open the /etc/security/user file and make sure that variables such as tty, registry, auth1 and so forth are set properly with the new machine. Otherwise, do not copy these two files, and just add all the user stanzas to the new created files in the new machine.

Once the files are moved over, execute the following:

    usrck -t ALL 
    pwdck -t ALL 
    grpck -t ALL 

This will clear up any discrepancies (such as uucp not having an entry in  /etc/security/passwd). Ideally this should be run on the source system before copying over the files as well as after porting these files to the new system.
NOTE: It is possible to find user ID conflicts when migrating users from older versions of AIX to newer versions. AIX has added new user IDs in different release cycles. These are reserved IDs and should not be deleted. If your old user IDs conflict with the newer AIX system user IDs, it is advised that you assign new user IDs to these older IDs.

If you choose a filesystem other than /tmp, create a directory named ibmsupt in that filesystem and later you will give the snap command the location of this ibmsupt directory with the -d option. The snap.pax.Z file will be located at /thefs/ibmsupt/snap.pax.Z.

# mkdir /thefs/ibmsupt

If your chosen file system is not /tmp, run: #####.###.000.snap.pax.Z
For example, if the PMR number is 12345,678 then name the file 12345.678.000.snap.pax.Z
Ftp the file to testcase.software.ibm.com or use the web interface at
https://testcase.boulder.ibm.com/ to upload the file into the directory /toibm/aix.
# cd /thefs/ibmsupt
# ftp testcase.software.ibm.com
user : anonymous
password : your full email address
> cd /toibm/aix
> bin
> hash
> put 12345.678.000.snap.pax.Z
> bye
Note: If a permission denied error is returned from ftp, first make certain that the ftp current directory is /toibm/aix. If it is, then usually a permissions denied error means an attempt is being made to overwrite an existing file and the permissions on the file will not allow this. In this case, try renaming the file to something like this:
12345.678.000.2.snap.pax.Z

On Unix platform, tar command is the primary archiving utility. Understanding various tar command options will help you master the archive file manipulation.
In this article, let us review various tar examples including how to create tar archives (with gzip and bzip compression), extract a single file or directory, view tar archive contents, validate the integrity of tar archives, finding out the difference between tar archive and file system, estimate the size of the tar archives before creating it etc.,

1. Creating an archive using tar command

 

Creating an uncompressed tar archive using option cvf

 

This is the basic command to create a tar archive.

$ tar cvf archive_name.tar dirname/

In the above command:

• c – create a new archive
• v – verbosely list files which are processed.
• f – following is the archive file name

Creating a tar gzipped archive using option cvzf

The above tar cvf option, does not provide any compression. To use a gzip compression on the tar archive, use the z option as shown below.

$ tar cvzf archive_name.tar.gz dirname/

• z – filter the archive through gzip

Note: .tgz is same as .tar.gz
Note: I like to keep the ‘cvf’ (or tvf, or xvf) option unchanged for all archive creation (or view, or extract) and add additional option at the end, which is easier to remember. i.e cvf for archive creation, cvfz for compressed gzip archive creation, cvfj for compressed bzip2 archive creation etc., For this method to work properly, don’t give – in front of the options.

Creating a bzipped tar archive using option cvjf

Create a bzip2 tar archive as shown below:

$ tar cvfj archive_name.tar.bz2 dirname/

• j – filter the archive through bzip2

gzip vs bzip2: bzip2 takes more time to compress and decompress than gzip. bzip2 archival size is less than gzip.
Note: .tbz and .tb2 is same as .tar.bz2

2. Extracting (untar) an archive using tar command

 

Extract a *.tar file using option xvf

 

Extract a tar file using option x as shown below:

$ tar xvf archive_name.tar

• x – extract files from archive

 

Extract a gzipped tar archive ( *.tar.gz ) using option xvzf

 

Use the option z for uncompressing a gzip tar archive.

$ tar xvfz archive_name.tar.gz

 

Extracting a bzipped tar archive ( *.tar.bz2 ) using option xvjf

 

Use the option j for uncompressing a bzip2 tar archive.

 $ tar xvfj archive_name.tar.bz2

Note: In all the above commands v is optional, which lists the file being processed.

3. Listing an archive using tar command

 

View the tar archive file content without extracting using option tvf

You can view the *.tar file content before extracting as shown below.

$ tar tvf archive_name.tar

 

View the *.tar.gz file content without extracting using option tvzf

You can view the *.tar.gz file content before extracting as shown below.

$ tar tvfz archive_name.tar.gz

 

View the *.tar.bz2 file content without extracting using option tvjf

You can view the *.tar.bz2 file content before extracting as shown below.

$ tar tvfj archive_name.tar.bz2

 

 4. Listing out the tar file content with less command

 

When the number of files in an archive is more, you may pipe the output of tar to less. But, you can also use less command directly to view the tar archive output, as explained below.

While opening archive file it shows “ls -l” of the files available in the archive, so you can see the size of file, permissions of it and owner, group too.

$ less autocorrect.tar 
-rwxrwxrwx anthony/anthony 84149 2009-02-02 03:20 autocorrect.dat
-rwxrwxrwx anthony/anthony 443 2009-02-02 03:21 generator.rb
-rwxrwxrwx anthony/anthony 181712 2009-02-02 03:21 autocorrect.vim

For the archived and compressed file also less command shows the output in “ls -l” format.

$ less XML-Parser-2.36.tar.gz
drwxr-xr-x matt/matt 0 2007-11-20 19:58 XML-Parser-2.36/
-rw-r--r-- matt/matt 25252 2007-11-20 19:52 XML-Parser-2.36/Changes
drwxr-xr-x matt/matt 0 2007-11-20 19:58 XML-Parser-2.36/Expat/
-rw-r--r-- matt/matt 3184 2003-07-27 16:37 XML-Parser-2.36/Expat/encoding.h
-rw-r--r-- matt/matt 33917 2007-11-20 19:54 XML-Parser-2.36/Expat/Expat.pm
-rw-r--r-- matt/matt 45555 2007-11-17 01:54 XML-Parser-2.36/Expat/Expat.xs

 

5. Extract a single file from tar, tar.gz, tar.bz2 file

 

To extract a specific file from a tar archive, specify the file name at the end of the tar xvf command as shown below. The following command extracts only a specific file from a large tar file.

$ tar xvf archive_file.tar /path/to/file

Use the relevant option z or j according to the compression method gzip or bzip2 respectively as shown below.

$ tar xvfz archive_file.tar.gz /path/to/file

$ tar xvfj archive_file.tar.bz2 /path/to/file

 

6. Extract a single directory from tar, tar.gz, tar.bz2 file

 

To extract a single directory (along with it’s subdirectory and files) from a tar archive, specify the directory name at the end of the tar xvf command as shown below. The following extracts only a specific directory from a large tar file.

$ tar xvf archive_file.tar /path/to/dir/

To extract multiple directories from a tar archive, specify those individual directory names at the end of the tar xvf command as shown below.

$ tar xvf archive_file.tar /path/to/dir1/ /path/to/dir2/

Use the relevant option z or j according to the compression method gzip or bzip2 respectively as shown below.

$ tar xvfz archive_file.tar.gz /path/to/dir/

$ tar xvfj archive_file.tar.bz2 /path/to/dir/

 

7. Extract group of files from tar, tar.gz, tar.bz2 archives using regular expression

 

You can specify a regex, to extract files matching a specified pattern. For example, following tar command extracts all the files with pl extension.

$ tar xvf archive_file.tar --wildcards '*.pl'

Options explanation:

• –wildcards *.pl – files with pl extension

 

8. Adding a file or directory to an existing archive using option -r

 

You can add additional files to an existing tar archive as shown below. For example, to append a file to *.tar file do the following:

$ tar rvf archive_name.tar newfile

This newfile will be added to the existing archive_name.tar. Adding a directory to the tar is also similar,

$ tar rvf archive_name.tar newdir/

Note: You cannot add file or directory to a compressed archive. If you try to do so, you will get “tar: Cannot update compressed archives” error as shown below.

$ tar rvfz archive_name.tgz newfile
tar: Cannot update compressed archives
Try `tar --help' or `tar --usage' for more information.

 

9. Verify files available in tar using option -W

 

As part of creating a tar file, you can verify the archive file that got created using the option W as shown below.

$ tar cvfW file_name.tar dir/

If you are planning to remove a directory/file from an archive file or from the file system, you might want to verify the archive file before doing it as shown below.

$ tar tvfW file_name.tar
Verify 1/file1
1/file1: Mod time differs
1/file1: Size differs
Verify 1/file2
Verify 1/file3

If an output line starts with Verify, and there is no differs line then the file/directory is Ok. If not, you should investigate the issue.
Note: for a compressed archive file ( *.tar.gz, *.tar.bz2 ) you cannot do the verification.
Finding the difference between an archive and file system can be done even for a compressed archive. It also shows the same output as above excluding the lines with Verify.
Finding the difference between gzip archive file and file system

$ tar dfz file_name.tgz

Finding the difference between bzip2 archive file and file system

$ tar dfj file_name.tar.bz2

 

10. Estimate the tar archive size

 

The following command, estimates the tar file size ( in KB ) before you create the tar file.

$ tar -cf - /directory/to/archive/ | wc -c
20480

The following command, estimates the compressed tar file size ( in KB ) before you create the tar.gz, tar.bz2 files.

$ tar -czf - /directory/to/archive/ | wc -c
508

$ tar -cjf - /directory/to/archive/ | wc -c

428

VIO technologies consist of servers, software, and various commands.

VIO servers

VIO technology is based on the idea of having special LPARs that manage the disk and network resources that other LPARs use on the same pSeries or IBM System p servers. Instead of the individual network and disk resources being carved out on an LPAR-by-LPAR basis (especially in cases where there wouldn't be sufficient resources for all the LPARs to possess what they require to function), one or two VIO servers are given control of these resources and share them out to the other LPARs (VIO client LPARs).

VIO software

This VIO server runs a special version of the AIX operating system, with an additional software package called IOS. This software comes bundled and is managed independent of the usual operating system commands (for example, installp) and versioning structure (technology levels). It is similar to how HMCs have specialized software loaded onto a Linux kernel for a specific purpose.

Note: Installing third-party software or altering the operating system through any means outside of the IOS typically invalidates support from IBM, so it's best to avoid modifying the server in any nonstandard, non-VIO way.

The VIO user ID and commands

Instead of using the root user ID to issue commands, an administrative user ID—padmin—is used for all of the VIO controls. This user ID has a shell called the IOS command-line interface (ioscli) that runs a unique set of commands for managing devices assigned to the VIO servers. Many of these commands are similar to regular AIX commands (for example, lsdev) but use different flags and command structures (for example, lsdev –dev). But, most of the superuser level commands are new and perform many different operations at once. In fact, when administered properly, systems administrators will rarely have to become root. Helpful padmin commands include:

• help: This command lists all of the commands available in the ioscli. If you pass a specific command into it, such as help updateios, you can see the specific flags and syntax for that command.
  
• cfgdev: This command is the equivalent of the cfgmgr command and detects new physical and logical devices added to the VIO server.
  
• oem_setup_env: This command is the equivalent of running su – root but without the need to enter a password. Again, you will rarely have to become root on a VIO server.
  
  
• mkvdev: This command manages the virtual devices that you create and serve up to the VIO client LPARs.
  
• mktcpip, lstcpip, and rmtcpip: These commands manage your networking from the command line and circumvent the need for utilities such as smitty tcpip.
  
• lsmap: This command shows the relationships between disk resources and VIO client LPARs.
  
  
  

If you want to use unix and OpenSSH to automize your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don't want to enter any passwords, because you want to call ssh from a within a shell script.

First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:

a@A:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A

Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine):

a@A:~> ssh b@B mkdir -p .ssh
b@B's password: 

Finally append a's new public key to b@B:.ssh/authorized_keys and enter b's password one last time:

a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
b@B's password: 

From now on you can log into B as b from A as a without password:

a@A:~> ssh b@B hostname
B

Depending on your version of SSH you might also have to do the following changes:

• Put the public key in .ssh/authorized_keys2
• Change the permissions of .ssh to 700
• Change the permissions of .ssh/authorized_keys2 to 640
  
  
  

Vi is present on any Unix installation and it is therefore useful to know some basic
commands. There are two modes: command mode and insertion mode. The commands mode is
accessed with [ESC], the insertion mode with i.appending mode with a .

Quit

:w	newfilename save the file to newfilename
:wq or :x	save and quit
:q!	quit without saving

Search and move

/string	Search forward for string
?string	Search back for string
n	Search for next instance of string
N	Search for previous instance of string
{	Move a paragraph back
}	Move a paragraph forward
1G	Move to the first line of the file
nG	Move to the n th line of the file
G	Move to the last line of the file
:%s/OLD/NEW/g	Search and replace every occurrence

Delete text

dd	delete current line
D	Delete to the end of the line
dw	Delete word
x	Delete character
u	Undo last
U	Undo all changes to current line