Tanti Technology

My photo
Bangalore, karnataka, India
Multi-platform UNIX systems consultant and administrator in mutualized and virtualized environments I have 4.5+ years experience in AIX system Administration field. This site will be helpful for system administrator in their day to day activities.Your comments on posts are welcome.This blog is all about IBM AIX Unix flavour. This blog will be used by System admins who will be using AIX in their work life. It can also be used for those newbies who want to get certifications in AIX Administration. This blog will be updated frequently to help the system admins and other new learners. DISCLAIMER: Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility. If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.

Thursday, 12 September 2013

Different RUN levels in Linux,Solaris and AIX

RedHat Linux - Run Levels 

 

0: Halt
1: Single user mode
2: Multiuser, without NFS
3: Full multiuser mode
4: Unused
5: X11
6: Reboot
 

Solaris - Run Level 

 

S: Single user state (useful for recovery)
0: Access Sun Firmware ( ok> prompt)
1: System administrator mode
2: Multi-user w/o NFS
3: Multi-user with NFS ( default run level)
4: Unused
5: Completely shutdown the host (like performing a power-off @ OBP) [ thanks to Marco ]
6: Reboot but depend upon initdefault entry in /etc/inittab

AIX - Run Levels


0-1: Reserved for future use
2: Multiuser mode with NFS resources shared (default run level)
3-9: Defined according to the user's preferences
m,M,s,S: Single-user mode (maintenance level)
a,b,c: Starts processes assigned to the new run levels while leaving the existing processes at the current level running
Q,q: init command to reexamine the /etc/inittab file

Command to see Run level:-

who -r 
Output:
. run-level 3 Mar 3 14:04 3 0 S

Solaris/Linux changing runlevels after bootup 

 

You need to use init command, for example change runlevel to 2.
/sbin/init 2 
Solaris changing the default runlevel
An entry with initdefault (in /etc/inittab file) is scanned only when init is initially invoked. init uses this entry to determine which run level to enter initially.
Open /etc/inittab file:
vi /etc/inittab 
Find out this entry:
is:3:initdefault: Change is:3 to number you want, don't use S, 0, 6 ;). Save file.
 

What is SGID and how to set SGID in Linux?

What is SGID?


SGID (Set Group ID up on execution) is a special type of file permissions given to a file/folder. Normally in Linux/Unix when a program runs, it inherits access permissions from the logged in user. SGID is defined as giving temporary permissions to a user to run a program/file with the permissions of the file group permissions to become member of that group to execute the file. In simple words users will get file Group’s permissions when executing a Folder/file/program/command.
SGID is similar to SUID. The difference between both is that SUID assumes owner of the file permissions and SGID assumes group’s permissions when executing a file instead of logged in user inherit permissions.

 

Learn SGID with examples:


Example: Linux Group quota implementation
 
When implementing Linux Group quota for group of people SGID plays an important role in checking the quota timer. SGID bit set on folder is used to change their inherit permissions to group’s permissions to make it as single user who is dumping data. So that group members whoever dumps the data the data will be written with group permissions and in turn quota will be reduced centrally for all the users. For clear understanding of this you have to implement group quota from the above link. Without implementation of SGID the quota will not be effective.

How can I setup SGID for a file?


SGID can be set in two ways

1) Symbolic way (s)

2) Numerical/octal way (2, SGID bit as value 2)
 
Use chmod command to set SGID on file: file1.txt

Symbolic way:
 
chmod g+s file1.txt
 
Let me explain above command we are setting SGID(+s) to group who owns this file.

Numerical way:
 
chmod 2750 file1.txt
 
Here in 2750, 2 indicates SGID bitset, 7 for full permissions for owner, 5 for read and execute permissions for group, and no permissions for others.
 
How can I check if a file is set with SGID bit or not?
 
Use ls –l to check if the x in group permissions field is replaced by s or S
For example: file1.txt listing before and after SGID set

Before SGID set:
ls -l

total 8

-rwxr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt
 
After SGID set:
ls -l

total 8

-rwxr-sr-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt 
 
Some FAQ’s related to SGID:

 
Where is SUID used?
 
1) When implementing Linux group disk quota.
I am seeing “S” ie Capital s in the file permissions, what’s that?
After setting SUID or SGID to a file/folder if you see ‘S’ in the file permission area that indicates that the file/folder does not have executable permissions for that user or group on that particular file/folder.
chmod g+s file1.txt
output:
-rwxrwSr-x 1 surendra surendra 0 Dec 27 11:24 file1.txt



so if you want executable permissions too, apply executable permissions to the file.
chmod g+x file1.txt
output:
-rwxrwsr-x 1 surendra surendra 0 Dec 5 11:24 file1.txt




How can I find all the SGID set files in Linux/Unix.
 
find / -perm +2000
The above find command will check all the files which is set with SGID bit(2000).


Can I set SGID for folders?
Yes, you can if it’s required (you should remember one thing, that Linux treats everything as a file)
How can I remove SGID bit on a file/folder?

chmod g-s file1.txt

What is SUID and how to set SUID in Linux/Unix?


What is SUID and how to set it in Linux?


SUID (Set owner User ID up on execution) is a special type of file permissions given to a file. Normally in Linux/Unix when a program runs, it inherits access permissions from the logged in user. SUID is defined as giving temporary permissions to a user to run a program/file with the permissions of the file owner rather that the user who is running it. In simple words users will get file owner’s permissions as well as owner UID and GID when executing a file/program/command.

The above sentence is bit tricky and should be explained in-depth with examples.

Learn SUID with examples:

 

Example1: passwd command


When we try to change our password we will use passwd command which is owned by root. This passwd command file will try to edit some system config files such as /etc/passwd, /etc/shadow etc when we try to change our password. Some of these files cannot be opened or viewed by normal user only root user will have permissions. So if we try to remove SUID and give full permissions to this passwd command file it cannot open other files such as /etc/shadow file to update the changes and we will get permission denied error or some other error when tried to execute passwd command. So passwd command is set with SUID to give root user permissions to normal user so that it can update /etc/shadow and other files.

Example2: ping command



Similarly if we take ping command, when we have to execute this command internally it should open socket files and open ports in order to send IP packets and receive IP packets to remote server. Normal users don’t have permissions to open socket files and open ports. So SUID bit is set on this file/command so that whoever executes this will get owner (Root user’s) permissions to them when executing this command. So when this command start executing it will inherit root user permissions to this normal user and opens require socket files and ports.

Example3: crontab and at command.


When scheduling the jobs by using crontab or at command it is obvious to edit some of the crontab related configuration files located in /etc which are not writable for normal users. So crontab/at commands are set with SUID in-order to write some data.

How can I setup SUID for a file?

 

SUID can be set in two ways

1) Symbolic way(s, Stands for Set) 
2) Numerical/octal way(4)
 
Use chmod command to set SUID on file: file1.txt

Symbolic way:

chmod u+s file1.txt
Here owner permission execute bit is set to SUID with +s

Numerical way:

chmod 4750 file1.txt
 
Here in 4750, 4 indicates SUID bit set, 7 for full permissions for owner, 5 for write and execute permissions for group, and no permissions for others.

How can I check if a file is set with SUID bit or not?

Use ls –l to check if the x in owner permissions field is replaced by s or S

For example: file1.txt listing before and after SUID set

Before SUID set:

ls -l
total 8

-rwxr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt
 
After SUID set:

ls -l
total 8

-rwsr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt

 

Some FAQ’s related to SUID:

 

A) Where is SUID used?

1) Where root login is required to execute some commands/programs/scripts.
2) Where you don’t want to give credentials of a particular user and but want to run some programs as the owner.
3) Where you don’t want to use SUDO command but want to give execute permission for a file/script etc.

B) I am seeing “S” I.e. Capital “s” in the file permissions, what’s that?

After setting SUID to a file/folder if you see ‘S’ in the file permission area that indicates that the file/folder does not have executable permissions for that user on that particular file/folder.
For example see below example

chmod u+s file1.txt
ls -l
-rwSrwxr-x 1 surendra surendra 0 Dec 27 11:24 file1.txt
 
If you want to convert this S to s then add executable permissions to this file as show below
chmod u+x file1.txt
ls -l
-rwsrwxr-x 1 surendra surendra 0 Dec 5 11:24 file1.txt
you should see a smaller ‘s’ in the executable permission position now.


SUID with execute permissions:

SUID_Linux


SUID with out execute permissions:

SUID_Linux_without_execute_permissions

C) How can I find all the SUID set files in Linux/Unix.

find / -perm +4000
The above find command will check all the files which is set with SUID bit(4000).

D) Can I set SUID for folders?

Yes, you can if its required(you should remember one thing, that Linux treats everything as a file)

E) What is SUID numerical value?
It has the value 4

What is a sticky Bit and how to set it in Linux?


What is Sticky Bit?

Sticky Bit is mainly used on folders in order to avoid deletion of a folder and its content by other users though they having write permissions on the folder contents. If Sticky bit is enabled on a folder, the folder contents are deleted by only owner who created them and the root user. No one else can delete other users data in this folder(Where sticky bit is set). This is a security measure to avoid deletion of critical folders and their content(sub-folders and files), though other users have full permissions.

Learn Sticky Bit with examples:

 

Example: Create a project(A folder) where people will try to dump files for sharing, but they should not delete the files created by other users.
  
How can I setup Sticky Bit for a Folder?

Sticky Bit can be set in two ways
  1. Symbolic way (t,represents sticky bit)
  2. Numerical/octal way (1, Sticky Bit bit as value 1)
Use chmod command to set Sticky Bit on Folder: /opt/dump/

Symbolic way:

chmod o+t /opt/dump/
or
chmod +t /opt/dump/

Let me explain above command, We are setting Sticky Bit(+t) to folder /opt/dump by using chmod command.

Numerical way:

chmod 1757 /opt/dump/

Here in 1757, 1 indicates Sticky Bit set, 7 for full permissions for owner, 5 for read and execute permissions for group, and full permissions for others.

Checking if a folder is set with Sticky Bit or not?

Use ls –l to check if the x in others permissions field is replaced by t or T
For example: /opt/dump/ listing before and after Sticky Bit set

Before Sticky Bit set:
ls -l
total 8
-rwxr-xrwx 1 xyz xyzgroup 148 Dec 22 03:46 /opt/dump/

After Sticky Bit set:
ls -l
total 8
-rwxr-xrwt 1 xyz xyzgroup 148 Dec 22 03:46 /opt/dump/

Some FAQ’s related to Sticky Bit:

 

Now sticky bit is set, lets check if user “temp” can delete this folder which is created xyz user.

$ rm -rf /opt/dump
rm: cannot remove `/opt/dump’: Operation not permitted

$ ls -l /opt
total 8
drwxrwxrwt 4 xyz xyzgroup 4096 2012-01-01 17:37 dump
$


if you observe other user is unable to delete the folder /opt/dump. And now content in this folder such as files and folders can be deleted by their respective owners who created them. No one can delete other users data in this folder though they have full permissions.I am seeing “T” ie Capital s in the file permissions, what’s that?
After setting Sticky Bit to a file/folder, if you see ‘T’ in the file permission area that indicates the file/folder does not have executable permissions for all users on that particular file/folder.

Sticky bit without Executable permissions:




so if you want executable permissions, Apply executable permissions to the file.

chmod o+x /opt/dump/
ls -l command output:
-rwxr-xrwt 1 xyz xyzgroup 0 Dec 5 11:24 /opt/dump/

Sticky bit with Executable permissions:


sticky bit unix, unix sticky bit, suid, linux sticky bit, sticky bit in unix, sticky bit aix, sticky bit chmod, sticky bits, sticky bit linux, suid sgid sticky bit, set sticky bit, stickybit, sticky bit permission, setting sticky bit, solaris sticky bit, sticky bit solaris, sticky bit directory, remove sticky bit, ubuntu sticky bit, sticky bit t, aix sticky bit, sticky bit load balancer, directory sticky bit, umask


you should see a smaller ‘t’ in the executable permission position.
How can I find all the Sticky Bit set files in Linux/Unix.

find / -perm +1000
The above find command will check all the files which is set with Sticky Bit bit(1000).

Can I set Sticky Bit for files?
Yes, but most of the time it’s not required.

How can I remove Sticky Bit bit on a file/folder?
chmod o-t /opt/dump/

HMC basic commands

Show managed frames attached to a hmc
lssyscfg -r sys -F name:type_model:serial_num

Show managed lpars attached to a frame
lssyscfg -m -r lpar -F name

Show profiles from a specific lpar
lssyscfg -r prof -m --filter "lpar_names="

Shutdown lpar from HMC
chsysstate -m -r lpar -n -o shutdown –immed

To perform a partition shutdown using the shutdown command on the client operating system
chsysstate -r lpar -o osshutdown –n -m

To perform a delayed partition shut down (white button shut down):
chsysstate -r lpar -o shutdown –n -m

To perform an immediate partition shutdown (operator panel function :
chsysstate -r lpar -o shutdown --immed –n -m

To perform an immediate restart of a partition (operator panel function 3):
chsysstate -r lpar -o shutdown --immed --restart –n -m

To perform a restart of a partition after initiating a dump (operator panel function 22):
chsysstate -r lpar -o dumprestart –n -m

Boot lpar
chsysstate -r lpar -m -o on -n -f

To perform a partition boot into system management services:
chsysstate -r lpar -m -o on -n -b sms

To perform a partition boot into diagnostic with default bootlist
chsysstate -r lpar -m -o on -n -b dd

To perform a partition boot into diagnostic with stored bootlist
chsysstate -r lpar -m -o on -n -b ds

To perform a partition boot into diagnostic with stored bootlist
chsysstate -r lpar -m -o on -n -b ds

To perform a partition boot into open firmware OK prompt
chsysstate -r lpar -m -o on -n -b of

To perform a partition boot into normal mode
chsysstate -r lpar -m -o on -n -b norm

Show free processor/memory/adapters on specific frame/lpar

Proc
lshwres -r proc -m --level sys
lshwres -r proc -m --level lpar

Mem
lshwres -r mem -m --level sys
lshwres -r mem -m --level lpar

Adapters
lshwres -r hca -m --level sys
lshwres -r hca -m --level lpar

Show io resources in a frame
lshwres -r io --rsubtype unit -m
lshwres -r io --rsubtype bus -m
lshwres -r io --rsubtype slot -m


Difference Between Linux and UNIX

 UNIX is copyrighted name only big companies are allowed to use the UNIX copyright and name, so IBM AIX and Sun Solaris and HP-UX all are UNIX operating systems. The Open Group holds the UNIX trademark in trust for the industry, and manages the UNIX trademark licensing program.
Most UNIX systems are commercial in nature.

Linux is a UNIX Clone

But if you consider Portable Operating System Interface (POSIX) standards then Linux can be considered as UNIX. To quote from Official Linux kernel README file:

Linux is a Unix clone written from scratch by Linus Torvalds with assistance from a loosely-knit team of hackers across the Net. It aims towards POSIX compliance.

However, "Open Group" do not approve of the construction "Unix-like", and consider it misuse of their UNIX trademark.

Linux Is Just a Kernel

Linux is just a kernel. All Linux distributions includes GUI system + GNU utilities (such as cp, mv, ls,date, bash etc) + installation & management tools + GNU c/c++ Compilers + Editors (vi) + and various applications (such as OpenOffice, Firefox). However, most UNIX operating systems are considered as a complete operating system as everything come from a single source or vendor.

As I said earlier Linux is just a kernel and Linux distribution makes it complete usable operating systems by adding various applications. Most UNIX operating systems comes with A-Z programs such as editor, compilers etc. For example HP-UX or Solaris comes with A-Z programs.

License and cost

Linux is Free (as in beer [freedom]). You can download it from the Internet or redistribute it under GNU licenses. You will see the best community support for Linux. Most UNIX like operating systems are not free (but this is changing fast, for example OpenSolaris UNIX). However, some Linux distributions such as Redhat / Novell provides additional Linux support, consultancy, bug fixing, and training for additional fees.

User-Friendly

Linux is considered as most user friendly UNIX like operating systems. It makes it easy to install sound card, flash players, and other desktop goodies. However, Apple OS X is most popular UNIX operating system for desktop usage.

Security Firewall Software

Linux comes with open source netfilter/iptables based firewall tool to protect your server and desktop from the crackers and hackers. UNIX operating systems comes with its own firewall product (for example Solaris UNIX comes with ipfilter based firewall) or you need to purchase a 3rd party software such as Checkpoint UNIX firewall.

Backup and Recovery Software

UNIX and Linux comes with different set of tools for backing up data to tape and other backup media. However, both of them share some common tools such as tar, dump/restore, and cpio etc.

File Systems

Linux by default supports and use ext3 or ext4 file systems.
UNIX comes with various file systems such as jfs, gpfs (AIX), jfs, gpfs (HP-UX), jfs, gpfs (Solaris).
System Administration Tools
UNIX comes with its own tools such as SAM on HP-UX.
Suse Linux comes with Yast
Redhat Linux comes with its own gui tools called redhat-config-*.

However, editing text config file and typing commands are most popular options for sys admin work under UNIX and Linux.

System Startup Scripts

Almost every version of UNIX and Linux comes with system initialization script but they are located in different directories:
HP-UX - /sbin/init.d
AIX - /etc/rc.d/init.d
Linux - /etc/init.d
 
End User Perspective
The differences are not that big for the average end user. They will use the same shell (e.g. bash or ksh) and other development tools such as Perl or Eclipse development tool.

System Administrator Perspective


Again, the differences are not that big for the system administrator. However, you may notice various differences while performing the following operations:
Software installation procedure
Hardware device names
Various admin commands or utilities
Software RAID devices and mirroring
Logical volume management
Package management
Patch management

UNIX Operating System Names

A few popular names:
HP-UX
IBM AIX
Sun Solairs
Mac OS X
IRIX

Linux Distribution (Operating System) Names

A few popular names:
Redhat Enterprise Linux
Fedora Linux
Debian Linux
Suse Enterprise Linux
Ubuntu Linux

Common Things Between Linux & UNIX


Both share many common applications such as:
GUI, file, and windows managers (KDE, Gnome)
Shells (ksh, csh, bash)
Various office applications such as OpenOffice.org
Development tools (perl, php, python, GNU c/c++ compilers)
Posix interface


How to mount CD-ROM in AIX


Steps to mount a CD-ROM in AIX

1.         Insert the CD-ROM into the CD-ROM drive.
2.         Log in as user ROOT or type su - root to login using the root profile.
3.         Create a /cdrom directory by entering mkdir /cdrom.
4.         Enter smit to add a CD-ROM file system.
5.         Select System Storage Management (Physical & Logical Storage) -> File Systems -> Add/Change/Show/Delete File Systems -> CDROM File Systems -> Add a CDROM File System.

6.         Select a device name, such as cd0. CD-ROM file system device names must be unique.

7.         Type /cdrom to get the Mount Point prompt.
8.         Select OK, or press Enter if using the smit ASCII interface, returning to the previous smit level,
System Storage Management (Physical & Logical Storage).

9.         Select File Systems -> Mount a File System.
10.       For file system name, select /dev/cd0.
11.       For directory over which to mount, select /cdrom.
12.       For type of file system, select cdrfs.
13.       For Mount as a READ-ONLY system, select Yes.
14.       Select OK, or press Enter if using the smit ASCII interface.
15.       Exit smit.

Resetting an unknown root password in AIX


The following procedure requires some system downtime.

a) Insert the product media for the same version and level as the current installation into the appropriate drive.
b) Power on the machine.
c) When the screen of icons appears, or when you hear a double beep, press the F1 key repeatedly until the System Management Services menu appears.
d) Select Boot options
e) Select Install/boot device.
f) Select the device that holds the product media and then select Install.(cd/DVD)
g) Media type if installations (SCSCi,IDE etc.)
h) Select shown devices
i) Select Normal boot mode
j) Exit SMS mode
k) System boots from the media
l) Define your current system as the system console by pressing the F1 key and then press Enter.
m) Select the number of your preferred language and press Enter.
n) Choose Start Maintenance Mode for System Recovery by typing 3 and press Enter.
o) Select Access a Root Volume Group. A message displays explaining that you will not be able to return to the Installation menus without rebooting if you change the root volume group at this point.
Type 0 and press Enter.
p) Type the number of the appropriate volume group from the list and press Enter.
Select Access this Volume Group and start a shell by typing 1 and press Enter.
At the # (number sign) prompt, type the passwd command at the command line prompt to reset the root password. For example:

# passwd
Changing password for "root"
root's New password:
Enter the new password again:
To write everything from the buffer to the hard disk and reboot the system, type the following:
sync;sync;sync;reboot

Switching between 32-bit & 64-bit modes in AIX


SWITCHING BETWEEN 32-BIT AND 64-BIT MODES
----------------------------------------------------------------------------------------------
To switch from 32-bit mode to 64-bit mode run do following commands,
in the given order:
1. ln -sf /usr/lib/boot/unix_64 /unix
2. ln -sf /usr/lib/boot/unix_64 /usr/lib/boot/unix
3. smitty load64bit
4. Select Enable/Disable at System Restart
5. Choose Yes and press ENTER.
6. Quit smitty.
7. bosboot -ad /dev/ipldevice
8. shutdown -Fr
9. bootinfo -K (should now show 64)
 
===============================================================
SWITCHING BETWEEN 64-BIT AND 32-BIT MODES
-----------------------------------------------------------------------------------------------
 To switch from 64-bit mode to 32-bit mode run the following commands,
in the given order:
1. ln -sf /usr/lib/boot/unix_mp /unix
2. ln -sf /usr/lib/boot/unix_mp /usr/lib/boot/unix
3. smitty load64bit
4. Select Enable/Disable at System Restart
5. Choose No and press ENTER.
6. Quit smitty.
7. bosboot -ad /dev/ipldevice
8. shutdown -Fr
9. bootinfo -K (should now show 32)

AIX Boot Process


Three phases available in BOOT Process

1. Ros kernel init phase
2. Base Device Configuration
3. System boot phase

1. Ros Kernel init phase (PHASE1)


A. Post (power on self test)

In this post it will do basic hardware checking

B. Then it will go to NVRAM and check the boot list for last boot device (hdisk0 or hdisk1).

C. Then it will check the BLV (hd5) in boot device.

D. Then it will check the boot image

E. Then boot image is moved to memory.

F. Then kernel will execute.

2. Base Device configuration (PHASE2)

A. Here cfgmgr will run for device configuration.

3. System Boot Phase (PHASE3)

A. Kernel will execute.
B. The paging space (hd6) will get started.
C. Then following file system will be mounted /, /var. /usr, /home. /tmp
D. Kernel start the init process, it will read the /etc/inittab file and execute the following process.

/etc/rc.boot,
srcmstr
/etc/rc.tcpip
/etc/rc.net

The above network related files /etc/rc.tcpip, /etc/rc.net, used to configure the ip address and routing.

E. Then it will start the system by default run level 2.

NOTE:

Run level 2: It contains all of the terminal process and daemons that are run in the multi user environment. This is default run level.

/etc/inittab file contains four fields, 1. Identifier, 2. Command, 3. Action, 4. Runlevel

Linux boot process

In this topic we will discuss indepth of Linux Boot Sequence.How a linux system boots?
This will help unix administrators in troubleshooting some bootup problem.
Before discussing about it I will notedown the major component we need to know which are responsible for the booting process.

        1.BIOS(Basic Input/Output System)
        2.MBR(Master Boot Record)
        3.LILO or GRUB
             LILO:-LInux LOader
             GRUB:-GRand Unified Bootloader
        4.Kernel
        5.init
        6.Run Levels


1.BIOS:
      i.When we power on BIOS performs a Power-OSelf-Test (POST) for all of the different hardware components in the system to make sure everything is working properly
     ii.Also it checks for whether the computer is being started from an off position (cold boot) or from a restart (warm boot) is
stored at this location.
     iii.Retrieves information from CMOS (Complementary Metal-Oxide Semiconductor) a battery operated memory chip on the motherboard that stores time, date, and critical system information.
     iv.Once BIOS sees everything is fine it will begin searching for an operating system Boot Sector on a valid master boot sector
on all available drives like hard disks,CD-ROM drive etc.
     v.Once BIOS finds a valid MBR it will give the instructions to boot and executes the first 512-byte boot sector that is the first
sector (“Sector 0″) of a partitioned data storage device such as hard disk or CD-ROM etc .
2.MBR
     i. Normally we use multi-level boot loader.Here MBR means I am referencing to DOS MBR.
     ii.Afer BIOS executes a valid DOS MBR,the DOS MBR will search for a valid primary partition marked as bootable on the hard disk.
     iii.If MBR finds a valid bootable primary partition then it executes the first 512-bytes of that partition which is second level MBR.
     iv. In linux we have two types of the above mentioned second level MBR known as LILO and GRUB
3.LILO
     i.LILO is a linux boot loader which is too big to fit into single sector of 512-bytes.
     ii.So it is divided into two parts :an installer and a runtime module.
     iii.The installer module places the runtime module on MBR.The runtime module has the info about all operating systems installed.
     iv.When the runtime module is executed it selects the operating system to load and transfers the control to kernel.
     v.LILO does not understand filesystems and boot images to be loaded and treats them as raw disk offsets
GRUB
     i.GRUB MBR consists of 446 bytes of primary bootloader code and 64 bytes of the partition table.
     ii.GRUB locates all the operating systems installed and gives a GUI to select the operating system need to be loaded.
     iii.Once user selects the operating system GRUB will pass control to the karnel of that operating system.
see below what is the difference between LILO and GRUB
4.Kernel
     i.Once GRUB or LILO transfers the control to Kernel,the Kernels does the following tasks
  • Intitialises devices and loads initrd module
  • mounts root filesystem
5.Init
     i.The kernel, once it is loaded, finds init in sbin(/sbin/init) and executes it.
     ii.Hence the first process which is started in linux is init process.
     iii.This init process reads /etc/inittab file and sets the path, starts swapping, checks the file systems, and so on.
     iv.It runs all the boot scripts(/etc/rc.d/*,/etc/rc.boot/*)
     v.starts the system on specified run level in the file /etc/inittab

6.Runlevel
     i.There are 7 run levels in which the linux OS runs and different run levels serves for different purpose.The descriptions are
given below.
  • 0  – halt
  • 1  – Single user mode
  • 2  – Multiuser, without NFS (The same as 3, if you don’t have networking)
  • 3  – Full multiuser mode
  • 4  – unused
  • 5  – X11
  • 6  – Reboot
     ii.We can set in which runlevel we want to run our operating system by defining it on /etc/inittab file.
Now as per our setting in /etc/inittab the Operating System the operating system boots up and finishes the bootup process.
Below are given some few  important differences about LILO and GRUB
LILO
GRUB
LILO has no interactive command interfaceGRUB has interactive command interface
LILO does not support booting from a networkGRUB does support booting from a network
If you change your LILO config file, you have to rewrite the LILO stage one boot loader to the MBRGRUB automatically detects any change in config file and auto loads the OS
LILO supports only linux operating systemGRUB supports large number of OS

Replace failed mirrored internal disk in AIX


The following procedure should be used to replace a failed internal (boot) disk on AIX 5 or higher, with software mirroring.
(Note: in these examples, hdisk0 and hdisk1 are doubly-mirrored internal disks and members of rootvg; hdisk1 has failed)

1. Identify the failed disk by analyzing the errpt logs. Confirm the failure using lspv by checking if "PV State" is "Missing".

2. Break the mirror and remove the device from AIX:

# unmirrorvg rootvg hdisk1
# reducevg rootvg hdisk1
# rmdev -l hdisk1 -d

3. Confirm that the device is no longer present using lspv.

4. Replace the disk drive, letting the new device take the same device name (hdisk1).

5. Add the new device into rootvg:

# extendvg rootvg hdisk1

6. Re-mirror the volume group. No additional arguments are required to doubly-mirror the two internal disks.

# mirrorvg rootvg

7. Re-add the boot image to the new internal disk:

# bosboot -ad hdisk1

8. Re-add the new disk to the bootlist and confirm it is present:

# bootlist -m normal hdisk0 hdisk1
# bootlist -m normal -o
hdisk0 blv=hd5
hdisk1 blv=hd5

How to clear AIX NFS cache on a server


Do the following on a server that is having problem exporting NFS mounts
------------------------------------------------------------------------------------

1) Move the currents exports file to another name
       mv /etc/exports /etc/exports.old

2) Create a new exports file
       touch /etc/exports

3)  Unexport everything
       exportfs -ua

4)  Stop NFS
       stopsrc -g nfs

5)  Stop portmapper
       stopsrc -s portmap

6)  Change directory to /etc and remove or rename the following files if they exist.
       rm -rf xtab state sm sm.bak rmtab   
   
7)  change directory to /var/statman and remote the status monitoring files.
       rm -rf state sm sm.bak

8)  start the portmapper
       startsrc -s portmap

9)   start nfs
       startsrc -g nfs

10)  re-export what is left in /etc/exports
       exportfs -va

11)  refresh the inetd daemon subsystem
       refresh -s inetd

12)  Move the /etc/exports file that you backed up back in place.
       mv /etc/exports.old /etc/exports

13)  export all directories in /etc/exports
       exportfs -a

Procedure to mount and unmount NFS filesystems on AIX


1)  Show what is being exported on the source server

     showmount -e

    Note:  If the command above does not show the correct mount points
    that needs to be exported.  You can run the following command to attempt
    to export the filesystems.

     exportfs -a

2)  To unmount the filesystem on the source server that is being NFS on other systems.

     a)  unmount the NFS mount points on the target server.

          umount (filesystems)   target servers
         
     b)  umount the filesystem on the source server once the target servers
         are unmounted.

           umount (filesystems)
          
3)  Mounting NFS mount points on target server.

     a) mount (IP):(mount point)  (mount point)

System dump devices - AIX

Traditionally the default dump device for system dumps was: /dev/hd6 (paging space) and still is on a lot of systems. If there is not enough space to copy over the dump file after a crash, then the system administrator is prompted upon restart to copy the dump file over to some removable media , like a tape or DVD. This can be time consuming and it is sometimes the case that you want to get your system back up quickly. I can sympathise with system administrators who just ignore the prompt to get the system back up due to business pressure, thus deleting the dump, so then one does not know why it crashed in the first place. If you do not have enough space on your dump device to copy the dump, then during the start-up process, the copydumpmenu menu utility is invoked to give the system administrator the opportunity to copy the dump to a removable media, for example to a tape device if present. The copydumpmenu utility can also be called from the command line when the system is up. The copy directory by default is /var/adm/ras with the file-name:vmcore..BZ , where is a sequence number. The dump file is a BZ (BZIP) and not a Z compressed file format.

The snap command can be used to gather information about the dump file, be-sure to include the -D flag, it gathers the information from the primary dump device.

With systems now having more memory available, this has provided more flexibility as to where the primary dump device could be placed. Typically, for systems with over 4 GB of memory there is now a dedicated dump device, called: lg_dumplv

# lsvg -l rootvg |grep sysdump
 lg_dumplv sysdump 8 8 open/syncd N/A

Using the sysdumpdev command, one can determine what devices are used for the system dumps.

The following output shows a system using AIX 7.1 having the lg_dumplv as its primary dump device:
# sysdumpdev -l 
primary /dev/lg_dumplv 
secondary /dev/sysdumpnull 
copy directory /var/adm/ras 
forced copy flag TRUE 
always allow dump TRUE 
dump compression ON 
type of dump traditional

Looking more closely at the above output fields. Notice that an extra field is now present for AIX 6.1 onwards: type of dump. Currently set to traditional, here you can have it set at (firmware) fw-assisted, if your hardware supports it. For the secondary field, there is no dump device. This is denoted by using the sysdumpnull device. This means all system dumps are lost if it goes to that device. The copy directory is /var/adm/ras, this is where the system dump will be copied to , for either further examination, or to be copied off to go to IBM support. Note that 'always allow dump' is set to true, this must be the case if a dump is to be successfully initiated. Dump compression is on by default.

Common settings using sysdumpdev are:
To change the primary device use: sysdumpdev -P -p
To change the secondary device use: sysdumpdev -P -s
To change the copy directory use: sysdumpdev -D
To change the always dump condition use: sysdumpdev -k for false, sysdumpdev -K for true
To change the type of dump use: sysdumpdev -t


Few Commands:

1. To view the current dump configuration :

# sysdumpdev -l

primary /dev/hd6
secondary /dev/sysdumpnull
copy directory /var/adm/ras
forced copy flag TRUE
always allow dump FALSE
dump compression OFF

2. To change the primary dump device temporarily :

# sysdumpdev -p /dev/dumplv

3. To change the primary dump device permanently :

# sysdumpdev -P -p /dev/dumplv

4. To change the secondary dump device temporarily :

# sysdumpdev -s /dev/dumplv

5. To change the secondary dump device permanently :

# sysdumpdev -P -s /dev/dumplv

6. To set the copy flag :

# sysdumpdev -K

7. To unset the copy flag :

# sysdumpdev -k

8. To estimate the dump size :

# sysdumpdev -e

9. To list the last dump information :

# sysdumpdev -L
Device name: /dev/lg_dumplv
Major device number: 12
Minor device number: 4
Size: 42123543 bytes
Date/Time: Wed Jan 01 12:03:00 CDT 2009
Dump status: 0
dump completed successfully
Dump copy filename: /var/adm/ras/vmcore.1

10. To copy the saved vmcoren file to tape :

# snap -gfkD -o /dev/rmt0

11. To read the dump file :

# crash dump unix
>

12. To change the dump file location and if the copy fails it should ask external media to copy the dump file:

# sysdumpdev -D /opt/dumpfiles

13. To change the dump file location and if the copy fails it should ignore the system dump:

# sysdumpdev -d /opt/dumpfiles

14. To specify the dumps should not be compressed :

# sysdumpdev -c

15. To specify the dumps should be always compress :

# sysdmpdev -C

16. To find out whether a new systemp dump has occured before the last reboot :

# sysdumpdev -z 

The compressed dump is now on the LV lg_dumplv. The dump was not copied across to the copy directory when issuing a user initiated dump. To copy the most recent system dump from a system dump device to a directory, use the savecore command. For example, to copy the dump to the directory /var/adm/ras. I could use:
# savecore -d /var/adm/ras
vmcore.0.BZ

If you need to uncompress the file use the dmpuncompress utility. The format of the command is:
dmpuncompress  < filename>

After uncompressing, the dump file is now ready for further investigation using kdb or for transfer to IBM support.
# dmpuncompress vmcore.0.BZ
replaced with vmcore.0
Alternatively you can use the smit dump menu option and select,Copy a system dump. The following screen displays:
                              Copy dump image to:

Type or select values in entry fields.
Press Enter after making all desired changes.

                                                        [Entry Fields]
* Copy dump image from:                              [/dev/lg_dumplv]         /
* Copy dump image to:                                [/var/adm/ras/dump_fil>
* Input and output file blocksize for copy           [4096]                   #
  Size in bytes of dump image                         63894528
  Date of last dump                                   Thu Oct 27 18-02-28 B>

The fields are populated with the current dump that is on the primary dump device. This is the default setting, after the copy, the dump file is present in: /var/adm/ras:
# ls -l dump_file_copy.BZ
-rw-r--r--    1 root     system     63894528 Oct 27 18:15 dump_file_copy.BZ

After a dump has occurred there may well be a minidump generated as a well. Contained in the errorlog output listing earlier in the article, there was an entry for:
F48137AC   1027180411 U O minidump       COMPRESSED MINIMAL DUMP

The minidump is a small compress dump that will be present in: /var/adm/ras. This file contains a snapshot of the system when the system was dumped or crashed. This file can be used for diagnosing if the main dump is not present, due to the dump being removed or not captured.

Using find command

The command find is used to search a given directory for a file or a given expression mentioned in the command. we can also do necessary actions on the output files using xargs

Some important options:

    
 -xdev                                          Stay on the same file system (dev in fstab).
    -exec cmd {} \;                           Execute the command and replace {} with the full path
    -iname                                        Like -name but is case insensitive
    -ls                                                Display information about the file (like ls -la)
    -size n                                         n is +-n (k M G T P)
    -cmin n                                      File's status was last changed n minutes ago.

find . -type f ! -perm -444
 Find files not readable by all
 find . -type d ! -perm -111
 Find dirs not accessible by all
 find /home/user/ -cmin 10 -print
 Files created or modified in the last 10 min.
 find . -name '*.[ch]' | xargs grep -E 'expr'
 Search 'expr' in this dir and below.
 find / -name "*.core" | xargs rm
 Find core dumps and delete them
 find / -name "*.core" -print -exec rm {} \;
 Other syntax
 find . \( -name "*.png" -o -name "*.jpg" \) -print
 iname is not case sensitive
 find . -type f -name "*.txt" ! -name README.txt -print
 Exclude README.txt files
 find /var/ -size +1M -exec ls -lh {} \;
 find /var/ -size +1M -ls 
Find in /var files above 1M and longlist them
 find . -size +10M -size -50M -print
 find /usr/ports/ -name work -type d -print -exec rm -rf {} \;
 Clean the ports

Find files with SUID; those file have to be kept secure.

Some more Examples:

1 .To list all files in the file system with a given base file name, type:
 
find / -name .profile -print


This searches the entire file system and writes the complete path names of all files named .profile.
The / (slash) tells the find command to search the root directory and all of its subdirectories.
 
In order not to waste time, it is best to limit the search by specifying the directories where you think the
files might be.

2. To list files having a specific permission code in the current directory tree, type:
find . -perm 0600 -print

This lists the names of the files that have only owner-read and owner-write permission. The . (dot) tells the find command to search the current directory and its subdirectories. See the chmod command for an explanation of permission codes.

3. To search several directories for files with certain permission codes, type:
 
find manual clients proposals -perm -0600 -print

This lists the names of the files that have owner-read and owner-write permission and possibly other permissions. The manual, clients, and proposals directories and their subdirectories are searched. In the previous example, -perm 0600 selects only files with permission codes that match 0600 exactly.
In this example, -perm -0600 selects files with permission codes that allow the accesses indicated by 0600 and other accesses above the 0600 level. This also matches the permission codes 0622 and 2744.

4 .To list all files in the current directory that have been changed during the current 24-hour period, type:
find . -ctime 1 -print

5 .To search for regular files with multiple links, type:
find . -type f -links +1 -print

This lists the names of the ordinary files (-type f) that have more than one link (-links +1). Note: Every directory has at least two links: the entry in its parent directory and its own . (dot) entry. The ln command explains multiple file links.

6 . To find all accessible files whose path name contains find, type:
 
find . -name '*find*' -print


7. To remove all files named a.out or *.o that have not been accessed for a week and that are not mounted using nfs, type:
find / \( -name a.out -o -name '*.o' \) -atime +7 ! -fstype nfs -exec rm {} \;

Note: The number used within the -atime expression is +7. This is the correct entry if you want the command to act on files not accessed for more than a week (seven 24-hour periods).

8 . To print the path names of all files in or below the current directory, except the directories named SCCS or files in the SCCS directories, type:
 
find . -name SCCS -prune -o -print

To print the path names of all files in or below the current directory, including the names of SCCS directories, type:
find . -print -name SCCS -prune

9. To search for all files that are exactly 414 bytes long, type:
find . -size 414c -print

10. To find and remove every file in your home directory with the .c suffix, type:
find /u/arnold -name "*.c" -exec rm {} \;

Every time the find command identifies a file with the .c suffix, the rm command deletes that file. The rm command is the only parameter specified for the -exec expression. The {} (braces) represent the current path name.

11 .In this example, dirlink is a symbolic link to the directory dir. You can list the files in dir by refering to the symbolic link dirlink on the command line. To do this, type:
find -H dirlink -print

12 . In this example, dirlink is a symbolic link to the directory dir. To list the files in dirlink, traversing the file hierarchy under dir including any
symbolic links, type:
find -L dirlink -print

13 . To determine whether the file dir1 referred by the symbolic link dirlink is newer than dir2, type:
find -H dirlink -newer dir2
Note: Because the -H flag is used, time data is collected not from dirlink but instead from dir1, which is found by traversing the symbolic link.

14. To produce a listing of files in the current directory in ls format with expanded user and group name, type :
 find . -ls -long

15 .To list the files with ACL/EA set in current directory, type:
find . -ea