DISCLAIMER : Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility.If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.


Migrating Users from One AIX System to Another AIX System

This document discusses migrating users from one AIX system to another. This does not include transferring the user's personal data or home directories.
The information in this document applies to AIX 5.2 and above.

Since the files involved in the following procedure are flat ASCII files and their format has not changed from V4 to V5, the users can be migrated between systems running the same or different versions of AIX (for example, from V4 to V5).

Files that can be copied over: 
/etc/group 
/etc/passwd
/etc/security/group 
/etc/security/limits 
/etc/security/passwd
/etc/security/.ids 
/etc/security/environ 
/etc/security/.profile 
 
NOTE: Edit the passwd file so the root entry is as follows

 root:!:0:0::/:/usr/bin/ksh

When you copy the /etc/passwd and /etc/group files, make sure they contain at least a minimum set of essential user and group definitions.

Listed specifically as users are the following:
root
daemon
bin
sys
adm
uucp
guest
nobody
lpd
Listed specifically as groups are the following:

system
staff
bin
sys
adm
uucp
mail
security
cron
printq
audit
ecs
nobody
usr 

If the bos.compat.links fileset is installed, you can copy the /etc/security/mkuser.default file over. If it is not installed, the file belongs in the /usr/lib/security directory.
If you copy over mkuser.default, changes must be made to the stanzas. Replace group with pgrp, and program with shell. A proper stanza should look like the following:

    user: 
            pgrp = staff 
            groups = staff 
            shell = /usr/bin/ksh 
            home = /home/$USER 
 
The following files may also be copied over, as long as the AIX version in the new machine is the same:

   /etc/security/login.cfg 
   /etc/security/user 
 
NOTE: If you decide to copy these two files, open the /etc/security/user file and make sure that variables such as tty, registry, auth1 and so forth are set properly with the new machine. Otherwise, do not copy these two files, and just add all the user stanzas to the new created files in the new machine.

Once the files are moved over, execute the following:

    usrck -t ALL 
    pwdck -t ALL 
    grpck -t ALL 
 
This will clear up any discrepancies (such as uucp not having an entry in  /etc/security/passwd). Ideally this should be run on the source system before copying over the files as well as after porting these files to the new system.
NOTE: It is possible to find user ID conflicts when migrating users from older versions of AIX to newer versions. AIX has added new user IDs in different release cycles. These are reserved IDs and should not be deleted. If your old user IDs conflict with the newer AIX system user IDs, it is advised that you assign new user IDs to these older IDs.

Submitting system dump testcase to IBM

If you find any critical hardware or software issuess in errpt of a AIX server, you need to call IBM support .

 IBM support contact number - 1-800-426-7378 (1-800-IBM-SERV)

Check the information about the last recorded system dump (sysdumpdev –L). If this command reports no previous dump was recorded, then you will not be able to submit a system dump testcase. A dump will not be recorded if:

a) The system was halted or rebooted and did not crash.

b) The system hung but was not reset properly.

c) The dump device was changed after the crash and the previously recorded dump has been lost.
 
# sysdumpdev -L
0453-039
Device name: /dev/lg_dumplv
Major device number: 10
Minor device number: 11
Size: 21010432 bytes
Date/Time: Tue Feb 12 13:05:33 CST 2002
Dump status: 0
dump completed successfully

Ensure the Date/Time is the actual time when the system crashed or hung. If the time stamp is old, the dump will not contain any information about the latest outage and there is no need to create a system dump testcase.

Check the dump status: If the status is 0 (Succesful dump) OR -2 (Dump device is too small) OR -3 (Dump crashed or didn't start): Proceed to step to create the system dump testcase.

If the status is -4 (Dump failed due to i/o error): There might not be a system dump if Size is 0 bytes. This usually indicates a bad disk or disk adapter. Check the error report for disk or disk adapter errors. If hardware errors exist, consider also opening a ticket with IBM Hardware Support. Even if the size of the dump is 0 bytes, proceed to step to create the system dump testcase so that AIX Software Support can assist with determining why the dump failed.

If the status is -1 (No dump device is defined): There is no system dump. A dump device should be configured so that a dump can be captured the next time the system crashes.

The snap command will be be used to create the testcase in the file system of your choice. The command creates a number of sub-directories including a directory named dump that will include a compressed copy of the system dump. The -c option on the snap command will create a compressed pax archive of the sub-directories named snap.pax.Z and this is the testcase file that should be ftp'ed to IBM. You will need to find a file system with sufficient space to hold all of the testcase data. In general, the file system you choose should have enough free space to hold about 2.5 times the size of the compressed system dump if the system is using dump compression. Dump compression is always used on AIX 6.1 or higher, but is optional on AIX 5. The sysdumpdev -L command can be used to obtain the size of the system dump to use in determining how much space will be required to hold the testcase. 

AIX 6.1 or higher:

The output from sysdumpdev -L will contain the following line that shows the size of the
compressed system dump.
Size: N (this is the size of the compressed dump in bytes)
Find a file system with at least 2.5 times this value.

AIX 5

If the system is using dump compression, the output from sysdumpdev -L will include
the following two lines:
Size: N (this is the size of the compressed dump in bytes)
Uncompressed: N (this is the size of the uncompressed dump in bytes)
Find a file system with at least 2.5 times the size of the compressed system dump.
If the system is not using dump compression, the output from sysdumpdev -L will
include the following line:
Size: (this is the size of the uncompressed dump in bytes)
In this case, find a file system with at least 1/2 the size of the uncompressed dump.

In the instructions that follow, the file system you choose to contain the testcase will be referred to as /thefs. Replace all occurrences of /thefs with the path to the filesystem you have chosen. If you choose the /tmp filesystem to contain the testcase data, the snap command will automatically create a subdirectory in /tmp named ibmsupt and this is where the testcase data will be stored. The snap.pax.Z file will be located at /tmp/ibmsupt/snap.pax.Z.

If you choose a filesystem other than /tmp, create a directory named ibmsupt in that filesystem and later you will give the snap command the location of this ibmsupt directory with the -d option. The snap.pax.Z file will be located at /thefs/ibmsupt/snap.pax.Z.

# mkdir /thefs/ibmsupt

  Run the snap commmand to generate the testcase data. This will create a file named snap.pax.Z which will be located inside the ibmsupt directory. If your chosen file system is /tmp, run:
# snap -r ; snap -ac
If your chosen file system is not /tmp, run:
# snap -acd /thefs/ibmsupt
 
Ftp the testcase file to IBM.
Rename the snap.pax.Z file to the PMR number using this format:
#####.###.000.snap.pax.Z
For example, if the PMR number is 12345,678 then name the file 12345.678.000.snap.pax.Z
Ftp the file to testcase.software.ibm.com or use the web interface at
https://testcase.boulder.ibm.com/ to upload the file into the directory /toibm/aix.
# cd /thefs/ibmsupt
# ftp testcase.software.ibm.com
user : anonymous
password : your full email address
> cd /toibm/aix
> bin
> hash
> put 12345.678.000.snap.pax.Z
> bye
Note: If a permission denied error is returned from ftp, first make certain that the ftp current directory is /toibm/aix. If it is, then usually a permissions denied error means an attempt is being made to overwrite an existing file and the permissions on the file will not allow this. In this case, try renaming the file to something like this:
12345.678.000.2.snap.pax.Z
 
Verify the upload with your ITS personnel and a quick follow-up with the technician will solve your problem quickly.

Using "tar" in Unix

On Unix platform, tar command is the primary archiving utility. Understanding various tar command options will help you master the archive file manipulation.
In this article, let us review various tar examples including how to create tar archives (with gzip and bzip compression), extract a single file or directory, view tar archive contents, validate the integrity of tar archives, finding out the difference between tar archive and file system, estimate the size of the tar archives before creating it etc.,

1. Creating an archive using tar command

 

Creating an uncompressed tar archive using option cvf

 

This is the basic command to create a tar archive.
$ tar cvf archive_name.tar dirname/
In the above command:
  • c – create a new archive
  • v – verbosely list files which are processed.
  • f – following is the archive file name

Creating a tar gzipped archive using option cvzf

The above tar cvf option, does not provide any compression. To use a gzip compression on the tar archive, use the z option as shown below.
$ tar cvzf archive_name.tar.gz dirname/
  • z – filter the archive through gzip
Note: .tgz is same as .tar.gz
Note: I like to keep the ‘cvf’ (or tvf, or xvf) option unchanged for all archive creation (or view, or extract) and add additional option at the end, which is easier to remember. i.e cvf for archive creation, cvfz for compressed gzip archive creation, cvfj for compressed bzip2 archive creation etc., For this method to work properly, don’t give – in front of the options.

Creating a bzipped tar archive using option cvjf

Create a bzip2 tar archive as shown below:
$ tar cvfj archive_name.tar.bz2 dirname/
  • j – filter the archive through bzip2
gzip vs bzip2: bzip2 takes more time to compress and decompress than gzip. bzip2 archival size is less than gzip.
Note: .tbz and .tb2 is same as .tar.bz2

2. Extracting (untar) an archive using tar command

 

Extract a *.tar file using option xvf

 

Extract a tar file using option x as shown below:
$ tar xvf archive_name.tar
  • x – extract files from archive

 

Extract a gzipped tar archive ( *.tar.gz ) using option xvzf

 

Use the option z for uncompressing a gzip tar archive.

$ tar xvfz archive_name.tar.gz

 

Extracting a bzipped tar archive ( *.tar.bz2 ) using option xvjf

 

Use the option j for uncompressing a bzip2 tar archive.

 $ tar xvfj archive_name.tar.bz2

Note: In all the above commands v is optional, which lists the file being processed.

3. Listing an archive using tar command

 

View the tar archive file content without extracting using option tvf


You can view the *.tar file content before extracting as shown below.

$ tar tvf archive_name.tar

 

View the *.tar.gz file content without extracting using option tvzf


You can view the *.tar.gz file content before extracting as shown below.
$ tar tvfz archive_name.tar.gz

 

View the *.tar.bz2 file content without extracting using option tvjf

You can view the *.tar.bz2 file content before extracting as shown below.

$ tar tvfj archive_name.tar.bz2

 

 4. Listing out the tar file content with less command

 

When the number of files in an archive is more, you may pipe the output of tar to less. But, you can also use less command directly to view the tar archive output, as explained below.

While opening archive file it shows “ls -l” of the files available in the archive, so you can see the size of file, permissions of it and owner, group too.

$ less autocorrect.tar 
-rwxrwxrwx anthony/anthony 84149 2009-02-02 03:20 autocorrect.dat
-rwxrwxrwx anthony/anthony 443 2009-02-02 03:21 generator.rb
-rwxrwxrwx anthony/anthony 181712 2009-02-02 03:21 autocorrect.vim
 
For the archived and compressed file also less command shows the output in “ls -l” format.

$ less XML-Parser-2.36.tar.gz
drwxr-xr-x matt/matt 0 2007-11-20 19:58 XML-Parser-2.36/
-rw-r--r-- matt/matt 25252 2007-11-20 19:52 XML-Parser-2.36/Changes
drwxr-xr-x matt/matt 0 2007-11-20 19:58 XML-Parser-2.36/Expat/
-rw-r--r-- matt/matt 3184 2003-07-27 16:37 XML-Parser-2.36/Expat/encoding.h
-rw-r--r-- matt/matt 33917 2007-11-20 19:54 XML-Parser-2.36/Expat/Expat.pm
-rw-r--r-- matt/matt 45555 2007-11-17 01:54 XML-Parser-2.36/Expat/Expat.xs

 

5. Extract a single file from tar, tar.gz, tar.bz2 file

 

To extract a specific file from a tar archive, specify the file name at the end of the tar xvf command as shown below. The following command extracts only a specific file from a large tar file.

$ tar xvf archive_file.tar /path/to/file

Use the relevant option z or j according to the compression method gzip or bzip2 respectively as shown below.

$ tar xvfz archive_file.tar.gz /path/to/file

$ tar xvfj archive_file.tar.bz2 /path/to/file

 

6. Extract a single directory from tar, tar.gz, tar.bz2 file

 

To extract a single directory (along with it’s subdirectory and files) from a tar archive, specify the directory name at the end of the tar xvf command as shown below. The following extracts only a specific directory from a large tar file.

$ tar xvf archive_file.tar /path/to/dir/

To extract multiple directories from a tar archive, specify those individual directory names at the end of the tar xvf command as shown below.

$ tar xvf archive_file.tar /path/to/dir1/ /path/to/dir2/

Use the relevant option z or j according to the compression method gzip or bzip2 respectively as shown below.

$ tar xvfz archive_file.tar.gz /path/to/dir/

$ tar xvfj archive_file.tar.bz2 /path/to/dir/

 

7. Extract group of files from tar, tar.gz, tar.bz2 archives using regular expression

 

You can specify a regex, to extract files matching a specified pattern. For example, following tar command extracts all the files with pl extension.

$ tar xvf archive_file.tar --wildcards '*.pl'

Options explanation:
  • –wildcards *.pl – files with pl extension

 

8. Adding a file or directory to an existing archive using option -r

 

You can add additional files to an existing tar archive as shown below. For example, to append a file to *.tar file do the following:

$ tar rvf archive_name.tar newfile

This newfile will be added to the existing archive_name.tar. Adding a directory to the tar is also similar,

$ tar rvf archive_name.tar newdir/

Note: You cannot add file or directory to a compressed archive. If you try to do so, you will get “tar: Cannot update compressed archives” error as shown below.

$ tar rvfz archive_name.tgz newfile
tar: Cannot update compressed archives
Try `tar --help' or `tar --usage' for more information.

 

9. Verify files available in tar using option -W

 

As part of creating a tar file, you can verify the archive file that got created using the option W as shown below.

$ tar cvfW file_name.tar dir/

If you are planning to remove a directory/file from an archive file or from the file system, you might want to verify the archive file before doing it as shown below.

$ tar tvfW file_name.tar
Verify 1/file1
1/file1: Mod time differs
1/file1: Size differs
Verify 1/file2
Verify 1/file3

If an output line starts with Verify, and there is no differs line then the file/directory is Ok. If not, you should investigate the issue.
Note: for a compressed archive file ( *.tar.gz, *.tar.bz2 ) you cannot do the verification.
Finding the difference between an archive and file system can be done even for a compressed archive. It also shows the same output as above excluding the lines with Verify.
Finding the difference between gzip archive file and file system

$ tar dfz file_name.tgz

Finding the difference between bzip2 archive file and file system

$ tar dfj file_name.tar.bz2

 

10. Estimate the tar archive size

 

The following command, estimates the tar file size ( in KB ) before you create the tar file.

$ tar -cf - /directory/to/archive/ | wc -c
20480

The following command, estimates the compressed tar file size ( in KB ) before you create the tar.gz, tar.bz2 files.

$ tar -czf - /directory/to/archive/ | wc -c
508

$ tar -cjf - /directory/to/archive/ | wc -c
428

The basics of VIO


VIO technologies consist of servers, software, and various commands.

VIO servers

VIO technology is based on the idea of having special LPARs that manage the disk and network resources that other LPARs use on the same pSeries or IBM System p servers. Instead of the individual network and disk resources being carved out on an LPAR-by-LPAR basis (especially in cases where there wouldn't be sufficient resources for all the LPARs to possess what they require to function), one or two VIO servers are given control of these resources and share them out to the other LPARs (VIO client LPARs).

VIO software

This VIO server runs a special version of the AIX operating system, with an additional software package called IOS. This software comes bundled and is managed independent of the usual operating system commands (for example, installp) and versioning structure (technology levels). It is similar to how HMCs have specialized software loaded onto a Linux kernel for a specific purpose.

Note: Installing third-party software or altering the operating system through any means outside of the IOS typically invalidates support from IBM, so it's best to avoid modifying the server in any nonstandard, non-VIO way.

The VIO user ID and commands

Instead of using the root user ID to issue commands, an administrative user ID—padmin—is used for all of the VIO controls. This user ID has a shell called the IOS command-line interface (ioscli) that runs a unique set of commands for managing devices assigned to the VIO servers. Many of these commands are similar to regular AIX commands (for example, lsdev) but use different flags and command structures (for example, lsdev –dev). But, most of the superuser level commands are new and perform many different operations at once. In fact, when administered properly, systems administrators will rarely have to become root. Helpful padmin commands include:

  • help: This command lists all of the commands available in the ioscli. If you pass a specific command into it, such as help updateios, you can see the specific flags and syntax for that command.
  • cfgdev: This command is the equivalent of the cfgmgr command and detects new physical and logical devices added to the VIO server.
  • oem_setup_env: This command is the equivalent of running su – root but without the need to enter a password. Again, you will rarely have to become root on a VIO server.

  • mkvdev: This command manages the virtual devices that you create and serve up to the VIO client LPARs.
  • mktcpip, lstcpip, and rmtcpip: These commands manage your networking from the command line and circumvent the need for utilities such as smitty tcpip.
  • lsmap: This command shows the relationships between disk resources and VIO client LPARs.


SSH login without password


If you want to use unix and OpenSSH to automize your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don't want to enter any passwords, because you want to call ssh from a within a shell script.

First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:


a@A:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A

Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine):

a@A:~> ssh b@B mkdir -p .ssh
b@B's password: 
Finally append a's new public key to b@B:.ssh/authorized_keys and enter b's password one last time:
a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
b@B's password: 

From now on you can log into B as b from A as a without password:
a@A:~> ssh b@B hostname
B

Depending on your version of SSH you might also have to do the following changes:
  • Put the public key in .ssh/authorized_keys2
  • Change the permissions of .ssh to 700
  • Change the permissions of .ssh/authorized_keys2 to 640


Basics of Vi editor in UNIX

Vi is present on any Unix installation and it is therefore useful to know some basic
commands. There are two modes: command mode and insertion mode. The commands mode is
accessed with [ESC], the insertion mode with i.appending mode with a .

Quit

:w                      
newfilename save the file to newfilename
:wq or :x            
save and quit
:q!                     
quit without saving


Search and move

/string                
Search forward for string
?string               
Search back for string
n                      
Search for next instance of string
N                     
Search for previous instance of string
{                      
Move a paragraph back
}                      
Move a paragraph forward
1G
Move to the first line of the file
nG
Move to the n th line of the file
G
Move to the last line of the file
:%s/OLD/NEW/g
Search and replace every occurrence

Delete text


dd
delete current line
D
Delete to the end of the line
dw
Delete word
x
Delete character
u
Undo last
U
Undo all changes to current line