This chapter contains notes about issues and known problems with the base operating system and, whenever possible, provides solutions or workarounds to those problems.
The following topics are discussed:
Commands and utilities (Section 5.1)
SysMan system management applications (Section 5.2)
System administration (Section 5.3)
Network and communications (Section 5.4)
Logical Storage Manager (LSM) (Section 5.7)
The following notes apply to commands and utilities.
5.1.1 Escaped Comment Symbols in a Makefile
The
make
command will not recognize escaped comment
symbols as literal characters in a Makefile.
Comment lines that begin with
a number sign (#) and all text following this symbol up
to the end of the line are considered part of a comment.
This is true even
if the symbol is preceded with a backslash (\).
5.1.2 Editing an HTML File with XEmacs
If you use XEmacs to edit an HTML file,
it looks for an entry corresponding to the email ID in an
.emacs
file.
If this file does not exist or if the entry is not found,
XEmacs prompts the user for the mail ID and this information is updated in
the
.emacs
file.
5.1.3 Problem with the at Command During Daylight Saving Time
The
at
command can have a problem scheduling jobs during daylight saving
time (DST) in time zones and countries where daylight saving time applies.
The problem occurs for jobs set to execute during the transition hour on
the day the clocks are set ahead.
Currently, if you schedule a command to run during the hour in which the clocks are set ahead, the command will run an hour earlier. For example, if you schedule a job to run at 2:30 AM on the day the clocks are set ahead, the job will be executed at 1:30 AM, which is one half hour before 3:00 AM.
Alternatively, you can schedule the job to run an hour later.
Then it
will run between 3:00 and 4:00 AM.
5.1.4 Change in the Behavior of the cron Daemon
In previous releases,
the
cron
daemon would periodically clean files such as
/var/adm/cron/log
and
/var/adm/messages
by
default.
These tasks have been removed from the root
crontab
file,
/var/spool/cron/crontabs/root.
Therefore the
cron
daemon does not clean up these files by default.
If you want the
cron
daemon to clean up
these files, add the entries into your root
crontab
file.
5.1.5 Regular Expression Subexpression with Alternatives
The regular expression functionality does not function properly for expressions that include subexpressions with alternatives that use global match keys. For example, the following command does not function properly:
#grep -E '(ab.*|in)=' file
This
problem is known to cause problems with the
calendar
command
and may effect other utilities that rely on complex regular expression syntax.
5.1.6 Netscape Communicator
The following notes apply to the Netscape Communicator.
5.1.6.1 Netscape Communicator Dumps Core Running in CDE
Netscape
Communicator dumps core when the application posts a file selection dialog
(XmFileSelectionBox).
Typically, this occurs when you are
running the application in the Common Desktop Environment (CDE) and select
the Save As option in the File pulldown menu of the Navigator browser.
It
can also occur when you select a link to download a file or save an attachment
to a mail message in the Messenger Mailbox component.
To avoid this problem, invoke Netscape using the following script:/usr/bin/X11/netscape.
As long as this script is used to start Netscape Communicator, the application
will display the file selection dialog within CDE without core dumping.
Use
the
-xrm '*nsMotifFSBCdeMode: True'
command-line option
if you are starting Netscape Communicator using some other means.
For more information, see the Communicator on UNIX release notes at the Netscape Web site:
http://home.netscape.com/eng/mozilla/4.0/relnotes/unix-4.0.html
5.1.6.2 Deleting Multiple Mail Messages Causes Netscape Communicator to Dump Core
Deleting multiple mail messages in Netscape Communicator's
Messenger Mailbox component sometimes causes Communicator to dump core.
Usually,
it requires several multiple deletions of mail to make Communicator dump core.
If Communicator does not dump core immediately, deleted messages might reappear
in the mail folder from which they were deleted.
5.1.6.3 Netscape Communicator Dumps Core Intermittently
Netscape Communicator intermittently dumps core and returns the following error in the terminal window from which it is started:
Memory Fault - (core dumped)
This core dump occurs with different hardware and software configurations
and under
different circumstances.
Sometimes it hangs for a time, taking most of
the CPU time, then it crashes.
At other times, its process
has to be killed and the application restarted.
Numerous problems of this
nature have been reported.
None are resolved at this time and no
workaround is available.
In all cases, the behavior
cannot be reproduced consistently.
5.1.6.4 Cannot Delete Mail Messages from Inbox to Trash When Using IMAP Server
After upgrading from a previous version of Communicator, an IMAP mail user cannot move messages to the Trash folder in the Messenger component. All Delete options in the user interface are insensitive (greyed-out). Setting the Move it to trash folder option in the IMAP mail server preferences window does not work. This behavior is the result of a new feature in Netscape Communicator that might require user customization after upgrading to the latest version.
Starting with Netscape Communicator, the Namespace extension to the standard IMAP protocol is used to locate the users' folders on the IMAP mail server. This feature does not work if you are using an older IMAP server that does not support the Namespace extension to the protocol. Use the following procedure to customize Netscape Communicator to be able to locate a user's Trash folder on an old IMAP server:
Select the Preferences option in the Edit pulldown menu and choose the Mail and News Servers option in the Preferences window.
Select the Mail Servers option from the list of Mail and News Servers options.
Select the IMAP server from the list of servers and choose the Edit button to edit the server configuration.
Choose the Advanced tab in the pop-up dialog box.
Ensure that the Namespace field in the tab reads as follows (quotes and period included):
Namespace: "INBOX."
Click on the OK button in the pop-up window and again in the Preferences window to save the settings.
Exit and restart Communicator.
You can now move messages to the Trash folder and all the Delete options
will now be sensitive (dark letters).
Because IMAP mail server configurations
differ (including the location of the user's folders on the server), check
with your IMAP mail server administrator if the preceding procedure fails
to resolve the problem.
5.1.6.5 Communicator Returns sh: /usr/bin/X11/showps: not found
When you select a link to a PostScript file in the Navigator component of Communicator, it might return the following error message:
sh: /usr/bin/X11/showps: not found
The
showps
helper application has been retired from Tru64 UNIX
as a result of licensing changes to Adobe Display PostScript.
The user might
have customized the PostScript Document MIME type to use the
showps
helper application in
$HOME/.mailcap
and
$HOME/.mime.types
files.
To resolve this problem, you must obtain a new PostScript viewer and
reconfigure the helper application for the PostScript Document MIME type in
Communicator.
Use the Edit option in the Edit->Preferences->Navigator->Applications
pulldown menu of Communicator to edit your PostScript Document helper application
and replace
/usr/bin/X11/showps
with the path to your new
PostScript viewer.
5.2 SysMan System Management Applications
The following sections apply to restrictions on using the SysMan system
management applications.
5.2.1 SysMan Account Manager
You cannot delete a user using the SysMan Account
Manager application while the
dxaccounts
application is
running.
If
dxaccounts
is running and you try to delete
a user using the SysMan Account Manager application, the Account Manager application
displays the following warning message:
/etc/.AM_is_running existing
If you continue the deletion operation, the Account Manager displays the following error message and the application hangs:
Error: key userName UID not found in /account_management/local _passwd_table
If this occurs, kill the hung process. Look for the following entry in the process table:
sysmansh /usr/share/sysman/menu/tasks/account_management
5.2.2 Tcl Error Can Occur During DNS (BIND) Configuration
During the DNS client configuration, the following steps might result in an Out Of Order Hide Tcl error:
Enter a domain name in Local Domain.
Add DNS servers.
Choose OK in the main window.
Choose Yes to update the system host name to reflect the host name with new domain name.
Choose Yes to add "localhost" to access control list? option.
At this point a Tcl Stack Error can occur. However, the data is not lost.
Because all the data entered by the user is committed by the DNS client
application, kill the DNS client application and restart the DNS configuration
using the SysMan DNS to avoid this problem.
5.2.3 Large Integer Values in Configuration Applications
Entering a very large integer value (on the order of 1019)
in numeric fields in some system configuration applications can cause a stack
trace.
Such large integers are not appropriate values for these applications.
Therefore, this problem is not expected to impede you from configuring
your system.
5.2.4 Error Message When Using sysman -cli -set values Command
If you use the
sysman -cli -set values
command
to change specific values for an existing row in the table defined by the
group
staticRoutes, you might receive an error message.
For example:
#sysman -cli -set values -comp routing -group staticRoutes\"-attr gateway=1.2.3.4 -key1 "dummy system 1.1.1.1"Error: "SYSMAN_NO_DATA" No row exists with the specified key: 'dummy system 1.1.1.1'
If a
row with the defined key is present in the
staticRoutes
group, you can ignore this message.
In any case, you can verify that the
row was modified properly by issuing the following command:
#sysman -cli -list values -comp routing -group staticRoutes
5.2.5 Problem with sysman -cli When Setting Values Interactively Using the -attr Option
The following command nullifies the value of the selected attribute
(attr) when using the interactive mode:
#sysman -cli -set value -comp comp -group group -attr attr
To avoid this problem, use the following syntax:
#sysman -cli -set value -comp comp -group group -attr attr = newvalue
5.2.6 The -noverbose Argument on sysman -cli When Setting Values Causes Errors
The
-nonverbose
option does not function properly when setting values.
Therefore, do not use
-nonverbose
when setting values
using the
sysman -cli
command.
5.2.7 Problem When Reconfiguring Network Interface Cards
If you use a SysMan
application to reconfigure a network interface card (NIC) and you change the
host name, the
HOSTNAME
variable in the
/etc/rc.config
file is not updated.
If the system has a single network interface card, you can correct this problem by performing the steps in the following procedure. If the system has more than one network interface card and you changed the host name of the primary card (that is, the card with the same host name as the system's host name), do the following to correct the problem:
Use the
rcmgr set HOSTNAME
command to set
the
HOSTNAME
to the correct name.
For example:
#rcmgr set HOSTNAME abcxyz.com
Use the
hostname
command to change the
host name to the correct value in the kernel.
For example:
#hostname abcxyz.com
Use the
xhost
command to add
localhost
to the access control list of the local Xserver,
as follows:
#xhost + localhost
The
sysman
configuration and administration utility does not work on
hardware configurations within the following locales:
tr_TR.ISO8859-9
tr_TR.ISO8859-9@ucs4
To avoid this problem, set the
LC_ALL
and
LANG
environment variables to C when you run the
sysman
utility.
5.2.9 NTP Configuration Restriction
If you edit the
/etc/ntp.conf
file manually
and subsequently run the SysMan NTP client configuration utility, your changes
might be lost.
The SysMan NTP client configuration utility understands only a small
subset of the commands that can be used in the
ntp.conf
file.
When the NTP client configuration utility reads the
/etc/ntp.conf
file, it ignores commands it does not understand and it does not
output those commands when rewriting the file.
It also does not allow you
to enter commands it does not understand.
For example, it does not allow you
to enter commands using the
sysman -cli
command.
If you want to configure your system as an NTP sever or your configuration
requires a more complex
ntp.conf
file than SysMan can produce,
edit the
ntp.conf
file manually and do not use the SysMan
utility to modify it.
For more information, see the
Network Administration
guide
and the
ntp.conf(4)
and
xntp.conf(8)
reference pages.
5.2.10 NTPconfig Error When Fudge Is Checked for Peer
On the Add (or Modify) NTP Servers/Peers window, the fudge factor toggle is disabled when you select peer mode. If fudge factor was already checked, it remains checked after peer mode is selected. Subsequently clicking OK or Apply causes a validation error to be reported.
To avoid this problem, change back to server mode, uncheck fudge factor,
and return to peer mode.
5.2.11 NIS Configuration and Enhanced Security
The
sysman nis
configuration for an NIS master
server does not build the
prpasswd
maps required for enhanced
security.
To build the maps, execute the following commands, after running
the NIS configuration:
#cd /var/yp#make prpasswd
5.2.12 Checkmarks Do Not Appear in Checklist
Checkmarks
are supposed to appear next to a task's icon after the task is run from the
System or Custom Setup graphical application (/usr/sbin/checklist).
The checkmarks do not appear.
Therefore, there is no indication as to
whether the task has already been run.
5.2.13 Starting the automount Daemon with an Empty Argument List
To start the
automount
daemon with an empty argument list, use the Configure system as
an NFS client item of the Network File System (NFS) option.
The option is
provided by either the
nfsconfig
utility or the SysMan Menu.
Do not use the {Re}start NFS daemons item.
It will restart the
automount
daemon with default arguments instead of the empty argument
list and reset the
AUTOMOUNT_ARGS
parameter in the
rc.config.common
file to the default arguments.
If this happens,
restart the
automount
daemon using the Configure system
as an NFS client item.
This will reset the
AUTOMOUNT_ARGS
parameter to the empty argument list.
5.2.14 SysMan Menu
The notes in this section apply to the SysMan Menu application.
Also
see
Section 8.11.1
for information related to online help.
5.2.14.1 Installation Branch Hangs When Run in Background
The Install software, List installed software, and Remove installed software
tasks in the Installation branch of the SysMan Menu hang if you run the SysMan
Menu in the background.
Do not run the SysMan Menu in the background if
you plan to use these tasks in Installation branch.
5.2.14.2 Installation Branch Is Not Supported for Clusters
Do not run the SysMan
Menu Installation Branch in a cluster environment.
The Install software, List
installed software, and Remove installed software tasks in the Installation
Branch of the SysMan Menu do not work on a cluster system.
5.2.14.3 Some Tasks Can Only Be Run by the root User
Each of the tasks
in the SysMan Menu is associated with an action name.
The task's action name
is the same as its accelerator as displayed by the
sysman -list
command.
These action names are associated with privileges by the Configure
Division of Privilege (DOP) application in the SysMan Menu.
Non-root users
can be granted the privilege to run specific actions.
There is a problem where
several SysMan Menu tasks do not have a required privilege associated with
their actions.
You can perform these tasks only when you are logged in as
root.
These tasks are:
View hardware hierarchy
View cluster
View device information
Manage Cluster File System
Manage DRD Storage
Cluster Alias Manager
Note that in order to perform cluster tasks, the system must
be a member of a cluster.
5.2.14.4 Running the SysMan Menu Standalone on a PC Fails to Launch Tasks
When you run the SysMan Menu from a PC, you might encounter the following problems:
Sometimes multiple logins are required. You are asked for your username and password each time you launch a task.
Sometimes tasks fail to run. No error is displayed. The task window is just not displayed.
To avoid these problems, run the SysMan Menu from within the SysMan Station by doing the following:
Start the SysMan Station either from the Start menu or from a web browser.
Choose the Hardware view.
Right click on a host icon and choose the SysMan Station.
5.2.14.5 Manage Local and NIS Users
The Manage local users and Manage
NIS users tasks in the SysMan Menu are front ends for the
useradd,
usermod, and
userdel
commands.
If a warning message is displayed when a user account is added or modified,
the change to
/etc/passwd
file has completed successfully.
However, the Manage local users and Manage NIS users tasks do not correctly
display the changes in their dialog boxes.
This happens in the
following cases:
When you are adding or modifying a user and specifying a primary or secondary group that does not exist.
When you are adding a user with Create Home Directory enabled but the user's home directory already exists.
To correct this problem, exit the task and restart it.
The
correct attributes for the user will now be displayed.
5.2.15 SysMan Station (SMS)
The notes in this section apply to the SysMan Station (SMS).
Also see
Section 8.11.2
for information related to online help.
5.2.15.1 Incorrect Launch Status
SMS checks the status returned by all the applications
that it launches.
A few applications incorrectly exit with non-zero (failure)
status returns even though the tool has launched successfully.
5.2.15.2 Objects Might Not Display Properly from Internet Explorer
Objects might not display properly in SMS View windows when running SMS from a PC using the Internet Explorer web browser. Sometimes objects are overlayed on top of each other in the upper left-hand corner of the display window.
To correct this problem, select the Show All option from the Action
menu to redraw the display properly.
5.2.15.3 Cannot Restart the Client in a Web Browser
When
you are running the SMS client from a web browser, if you exit the Sysman
Station and attempt to restart it by returning to the URL (http://your_machine:2301), the client
will not restart.
You can correct the problem by restarting the browser.
The client will
load properly from the URL.
5.2.15.4 Client 5-Minute Timeout
If the SMS server (smsd) is restarted while
there are active SM Station clients, the clients will keep an active network
connection that times out after 5 minutes have elapsed.
Attempts to use the
/sbin/init.d/smsd start
during this 5-minute interval will
fail to restart the server because it cannot access the required network port.
You must wait for the 5-minute timeout to elapse before you can restart
the SMS server.
You can also check to see if any clients are using the network port with the following command:
/usr/sbin/netstat -a | grep 596
If no matches are
found, you can restart the SMS daemon (smsd).
5.2.15.5 Physical_Filesystems View Displays Two Disk Objects for LSM File Systems
Two disk objects are displayed in the Physical_Filesystems
view for each file system that uses LSM.
One disk object represents the LSM
private region, the other represents the LSM public region.
5.2.15.6 Icons Indicating Warning or Failed States
Objects in a
failed or warning state are depicted in the SysMan Station's Hardware view
using a red or yellow highlight for the object's icon.
A very small number
of objects do not have warning or failed icons.
In this case, the object's
label does correctly indicate that it is in a warning or failed state.
5.2.15.7 Group Icons Are Not Available for Some Objects
When objects
are grouped together, a special group icon is used to represent the grouping.
A small number of objects do not display a group icon when an object group
is formed.
In these instances, the group's label will correctly
indicate that the icon represents a group.
5.2.15.8 Some Tools Might Not Execute with Proper Priviledges
Some tools may not execute with the proper privileges when launched from within the SysMan Station (SMS). This occurs only for users whose group is privileged in the Division of Privileges (DOP) database but the users themselves are not. Also, this is only a problem when launching X11 applications; suitlets will work properly.
If this problem occurs, error messages are displayed that indicate you do not have the appropriate permissions to make modifications or that you must be root to run the application.
To avoid this problem, launch the applications directly from the command line. For example, to launch the X11 Account Manager application, enter the following on the command line:
#dop X11:accounts
5.2.15.9 Multiple AdvFS Volumes Might Not Appear Properly
When multiple volumes are added to AdvFS file domains, the new AdvFS volume objects might not appear in the SMS AdvFS Filesystem and Physical Filesystem view windows.
You can correct this problem by restarting the SMS daemon (smsd).
To restart the
smsd
daemon, exit all connected
SMS client sessions and issue the following command:
#/sbin/init.d/smsd restart
5.2.16 Configuring Tru64 UNIX from Other Systems
You can now configure Tru64 UNIX from Linux systems.
The following
section provides information on how to install the SysMan client on these
systems.
5.2.16.1 Installing the SysMan Client on a Linux System
You can configure a system running Tru64 UNIX from a system that is running Linux using Java by performing the following steps:
Download the
/usr/share/sysman/web/classLib/suit.jar
file from the Tru64 UNIX system to your Linux system and
add the full path of that file to your
CLASSPATH
environment
variable.
If you use
csh
and you downloaded the
suit.jar
file to
/usr/local/lib, use the following
syntax:
setenv CLASSPATH $CLASSPATH:/usr/local/lib/suit.jar
If you use
ksh
and you downloaded the
suit.jar
file to
/usr/local/lib, use the following
syntax:
CLASSPATH=$CLASSPATH:/usr/local/lib/suit.jar
export CLASSPATH
Run SysMan Menu with the following command, substituting the name or IP address of your Tru64 UNIX computer for HOST:
java suit HOST sysman
Alternatively, you can run a SysMan task directly by substituting the
accelerator for
sysman.
For example:
java suit HOST ntp_config
You can redirect the standard output to
/dev/null
if you do not want to see the diagnostic messages that SysMan
prints when run in this fashion.
SysMan has been tested on RedHat Linux Version 6.0 and SuSE Linux Version
6.0 on Intel using Version 1.1.7 of the Java Run-time Engine (JRE).
Other versions of Linux and Java might also work.
5.3 System Administration
The following notes apply to system administration.
5.3.1 Boot Sequence Stops in Single-User Mode After Core Dump
A problem exists that causes the boot sequence to stop in single-user mode and display the following message:
/sbin/dn_setup: 1048647 Memory fault - core dumped bcheckrc: Device Naming failed boot configure or verify. Please correct the problem and continue or reboot INIT: SINGLE-USER MODE #
This problem is most likely to occur every time you boot systems with Fibre Channel devices or once if you have changed the hardware configuration between boots.
The problem occurs after the
dsfmgr
command has successfully
completed during the exit cleanup routines.
Data integrity is not compromised and there is no corrective action
required, except to remove the core file left in the root directory (/core
or
/core.dsgmgr*).
You can continue the boot process by pressing
[Ctrl/d]
to exit single-user mode or by initiating multi-user mode with
the
init 3
command.
Alternatively, you can reboot the system,
provided there are no Fibre Channel devices connected to the system.
5.3.2 Restriction on the hwmgr Command
Do
not use the
hwmgr -refresh component
command.
In certain cases, using the
hwmgr -refresh component
command prevents the
dsfmgr
command from creating new device
special files and the problem cannot be corrected using the
dsfmg r
-vF
command.
This problem may prevent you from being able to reboot
the system without manual intervention to correct the problem.
To avoid this problem, Use the
hwmgr -delete comp -idnumber
to remove extraneous entries from the hardware component,
SCSI, and hardware topology databases.
5.3.3 Account Manager
The
following notes apply to the Account Manager,
dxaccounts.
5.3.3.1 General Restrictions
The Account Manager has the following restrictions on both base security and enhanced security (C2) systems:
When copying user accounts via cut and paste or drag-and-drop, the Allow Duplicate UIDs option in the General Preferences dialog box is honored. For example, when making a copy of a user account that has a UID of 200, if the Allow Duplicate UIDs check box is off (the default), a unique UID is automatically generated for the resulting copy. If the Allow Duplicate UIDs check box is on, then the copy will have an identical UID. The same rules apply to copying groups.
Leading and trailing white space is not stripped from text entry areas. This can lead to confusion. For example, if a field in the Find dialog box contains a space character before the desired search string, the search string will not match because of the spurious space character.
Using mouse button 1 (MB1) to drag-and-drop user accounts, groups, or templates does a copy operation, not a move operation. This is different from the CDE/Motif default where MB1 performs a drag-and-drop move operation and Shift/MB1 performs a copy operation. For example, if you use MB1 to drag a user account from the Local Users view and drop it in the NIS Users view, you create a copy of that user account in NIS. To avoid this problem, delete the original icon after the copy has been completed.
If you change a user's UID with the Account Manager, the ownership
of the user's files and subdirectories does not change and, under certain
circumstances, the home directory ownership may not change, either.
For example,
if you change the UID of user
johndoe
from 200 to 201,
the files and subdirectories under his home directory still belong to UID
200.
Furthermore, if
johndoe
does not own his home directory,
the ownership of that directory does not change.
To avoid this problem, use
the
chown
command to change the directory and files, if
applicable.
You cannot drag-and-drop items across different instances of the Account Manager. For example, if the Account Manager A on system 1 and the Account Manager B on system 2 are displayed on the same workstation, then you cannot drag-and-drop between Account Manager A and B. To avoid this problem, use the copy/paste feature to copy users, groups, or templates from Account Manager A to B. After paste operations, the Paste Errors dialog box might be displayed. You can ignore the error message and click OK to dismiss the dialog box.
Although the Account Manager
correctly allows two or more system administrators to work on the same password
files simultaneously, only one system administrator can use the Account Manager
at a time.
If multiple instances of the Account Manger are run concurrently,
the proper file locking occurs and new accounts can be added or modified.
However, the local groups file,
/etc/group, and the NIS
groups file,
/var/yp/src/group, are written out after modification
of each group.
Therefore, if more than one system administrator is working
on the same file, the last one to change a group's view window overwrites
any prior changes from a different system administrator.
For this reason,
running multiple, concurrent Account Manager instances is not recommended.
5.3.3.2 Account Manager and Enhanced Security
The following problems apply to the Account Manager application when running on systems with enhanced security:
The Lock/Unlock Toolbar and Menu Options are inactive for the Template views. To avoid this problem, change the template lock setting on the Add/Modify Template dialog screen after selecting the template by double clicking on the template icon in the Template view icon box.
The C1Crypt Encryption Type restricts the password length
to between 6 and 8 characters, even though the Minimum Length and Maximum
Length fields of the Password Controls imply otherwise.
To avoid this problem,
set the passwords by using the/usr/tcb/bin/dxchpwd
or the
/usr/bin/passwd
command when using the C1Crypt Encryption Type.
The Account Manager does not enforce the minimum and maximum
password length limitations when setting passwords.
To avoid this problem,
set passwords by using the
/usr/tcb/bin/dxchpwd
or the
/usr/bin/passwd
command if the minimum and maximum password length
limitation is necessary.
On an enhanced security system, you typically retire user accounts instead of deleting them. However, there are times when you might want to delete a user account. Account Manager supports retiring user accounts but not deleting them. To delete a user account, do the following:
Manually edit the
/etc/passwd
and
/etc/group
files to remove references to the user account.
Use the following command to remove the user account from the protected password database:
#/usr/tcb/bin/edauth -r user name
When you rename a user account by changing the Username field of the Add/Modify User dialog box in Modify mode, the protected password database entry for the old name does not change. To avoid this problem, use the following command to remove the dangling protected password database entry:
#/usr/tcb/bin/edauth -ruser name
Do not rename a template by changing the Template name field of the Add/Modify Template dialog box in Modify mode. The Account Manager creates a new template without removing the old template, but renames, the old template's icon from the Icon Box. To avoid this problem, restart the Account Manager to restore the former template icon. Use the Delete Toolbar icon or the Edit->Delete... option from the Template view to delete the undesired template.
Accounts and templates inherit their settings either from locally defined values in their protected password database entry or from the templates that they reference. All accounts and templates implicitly reference a default template that is not served by the Network Information Service (NIS). This creates an inconsistency for the Account Manager when displaying NIS user accounts and templates on a NIS master. The user and template values displayed might be the default template values of the NIS master. When a NIS user logs in to an NIS client, the NIS client's default template might be different from the NIS master's default template. The client's default template is used to establish the user's account settings.
When you use drag-and-drop to copy a user account on a different view, the user's template references are copied by value. This means that the template itself is no longer referenced by the new account. Instead, the template's values are contained directly in the new user's protected password database entry. For example, assume the local user Joe has an account based on the developers template. If you drag-and-drop Joe's account from the Developers view into the NIS Users view, the attributes from the developers template are placed into the protected password database entry for Joe's account. This preserves Joe's developer attributes and overrides any corresponding attributes from the default template for NIS users. To avoid this problem, modify the copied user's account and change the template from the default to the desired template. Note that the template reference is maintained if the user account is dropped within the same view.
After deleting a template, the NIS maps are not remade. Therefore, you will have to manually remake the NIS maps or perform an Account Manager function (for example, Account Modification) that will remake the maps. To manually remake the maps, do the following:
#cd /var/yp#make all
5.3.3.3 NIS Plus and Minus Accounts
The plus (+) and minus (-) signs are
special characters used by NIS in the local
/etc/passwd
file that specify whether a user is or is not allowed to log into the system.
Users with accounts that are preceded by a plus sign are allowed to log in,
while users with accounts that are preceded with a minus sign are not.
In
the following example, the user
joe
would be allowed to
log in to the local system and the user
harry
would not:
+joe::::::
-harry::::::
All the account management commands insist that the NIS user account exist before creating the corresponding plus or minus account. However, even when the NIS account does exist, the account management tools refuse to create the local plus or minus account. This problem affects the following applications and commands:
Account Manager (dxaccounts)
SysMan Menu's Manage local users and Manage NIS users
The
useradd -t
and
usermod -t
commands
To avoid this problem, use the Account Manager (dxaccounts), add a plus (+) or a minus (-) sign to the username
but do not use the NIS Overrides field in the Options subdialog box.
This
allows the account to be added correctly.
Note that the
/etc/passwd
record will contain a UID and GID but these will be
ignored and the user's NIS UID/GID will be honored.
5.3.4 EISA Configuration Utility Revision Requirements
For Tru64 UNIX
Version 5.0A and its software supplements, the supported version
of the EISA Configuration Utility (ECU) is Version 1.10 or higher.
If your
system is configured with an EISA bus, update the ECU to this
supported version.
5.3.5 Alternate Root Installation May Change Host File Dates
During an alternate root installation of base operating
system subsets, such as is done using the
dmu
utility to
set up a Dataless Management Services environment, the file access dates on
some of the files in the host server's file system might be changed to correspond
to those from the subset's file inventory.
When the release installed into
the alternate root is different from that installed on the host system, these
changed dates appear invalid because they may be newer (or older)
than the actual file dates from the host system's installation kit.
This occurs when the
pax
utility is invoked by the
setld
utility to copy symbolic links from the kit subsets, and the
symbolic links target absolute paths that correspond to actual files in the
host system's file system.
The
pax
utility attempts to
adjust the dates for the symbolic link, but the file system actually adjusts
the dates for the target of the symbolic link.
The changed dates have no operational impact on the host system.
The
content of the affected files is not changed.
However, because the dates
have changed, the behavior of utilities that examine file dates (such as the
find
command or archivers) might be affected.
5.3.6 Use db_checkpoint for Log Trimming
A customized version of the Berkeley Database (Berkeley DB) is embedded in this version of the operating system to provide high-performance database support for critical security files. The database includes full transactional support and database recovery, using write-ahead logging and checkpointing to record changes.
The
secconfig
utility enables you to create a
cron
job to perform log file trimming; that is, to delete log files
no longer involved in active transactions.
The
db_archive
utility requires a log file checkpoint
to determine when a log file is no longer in use.
Under some circumstances,
security activity may not generate checkpoints for long intervals.
Therefore,
add the following line to the
/var/spool/cron/crontabs/root
before the
db_archive
entry:
/usr/tcb/bin/db_checkpoint -1 -h /var/tcb/files
5.3.7 Swap Device List and /sbin/swapdefault Moved to /etc/sysconfigtab
The list of swap devices has moved from the
/etc/fstab
file to the
/etc/sysconfigtab
file.
The use of
/sbin/swapdefault
to indicate the swap allocation
modes has been moved to the
/etc/sysconfigtab
file.
The swap devices and swap allocation mode are automatically placed in
the
/etc/sysconfigtab
file during installation.
Swap devices listed in
/etc/fstab
are ignored.
For more information, see the
System Administration
guide.
5.3.8 Compressed Crash Dump Might Display Incorrect Byte Count
If you have full crash dumps enabled on a machine with more than 2 GB of memory, the compressed crash dump message that displays the number of bytes will be less than zero. If a machine has over 4 GB of physical memory, the displayed value will overflow. For example:
DUMP: Will attempt to compress -688128 bytes of dump
: into 3927949296 bytes of memory.
This problem
is an artifact of the 32-bit integer math used in the
printf()
code that generates the message.
It does not affect the results of the crash
dump.
5.3.9 Security
The notes in this section have to do with system management and security.
5.3.9.1 Authentication Problem With Multi-Threaded Applications
Third-party
applications that perform user authentication or impersonation from multiple
threads, such as PMDF, will only correctly verify a user's group membership
from the first thread.
All other threads that call the
sia_get_groups
routine receive a failure status.
This can lead to seemingly random
behavior, in which a user's membership in a group of which the user is a legitimate
member is sporadically denied.
5.3.9.2 Shadow Password Mode Requires 8-Character Passwords
When you configure enhanced security in Shadow Password mode, the default settings restrict users changing their passwords to a password of exactly 8 characters. Attempts to enter passwords of different sizes produce the following error message:
Password must be from 8 to 8 characters long
You can change this by setting the system default
settings in the
/etc/auth/system/default
file, using the
edauth
utility.
The
u_newcrypt
field defines
the cryptographic algorithm used on password changes.
The default setting
of 2 causes the maximum password length to be restricted to 8 characters,
which is the maximum that the BSD cryptographic algorithm can accept.
Changing
the
u_newcrypt
field to 0 invokes the
bigcrypt
algorithm, which allows the value of the
u_maxchosen
field to determine the maximum password length.
The 8-character minimum occurs because the
u_minchosen
field defaults to zero.
Zero specifies to compute a minimum according
to Green Book rules.
The computed minimum is 9.
The minimum is therefore set
to 8 because it would exceed the maximum of 8 characters for the algorithm.
You can easily change this behavior by setting the
u_minchosen
field to a value other than zero.
Note that these defaults will change in a future release of Tru64 UNIX.
5.3.9.3 Security and Insight Manager
The Insight Manager agent (or daemon) is configured
by default when you install the operating system.
Anonymous login to WebAgent
applications, enabled by default, allows nonprivileged users to invoke the
Insight Manager and view details of any connected devices in the local area
network, although users cannot perform any operations unless authorized.
If
this is not appropriate given your site security policy, see the
System Administration
guide for information on reconfiguring the Insight Manager agent.
5.3.9.4 Behavior of useradd, usermod, and userdel Commands
The
useradd
command correctly honors the default administrative lock value found in the
/.sysman/Account_defaults
file.
If the
Account_defaults
file does not exist, the internal default for the
useradd
command is to create locked accounts.
Use the
administrative_lock_applied
extended command-line option to override the default.
In the following
example, the
useradd
command creates a locked account for
foo
regardless of the default value for administrative
lock:
useradd -x administrative_lock_applied=1 foo
For base security, a locked account has the text
Nologin
in the password field in the
/etc/passwd
file.
If an account
is unlocked and has no password, that account has no value in the password
field.
The account is open and accessible to anyone.
A warning is displayed
if an unlocked account with no password is created.
For enhanced security, all accounts have an asterisk (*)
in the password field in the
/etc/passwd
file, but the
lock flag in the protected password database is correctly set to reflect the
lock status.
As with base security, an unlocked account with no password
is accessible to anyone.
The
usermod
command correctly sets the lock flags
for enhanced security when the
administrative_lock_applied
option is given on the command line.
If you use the
usermod
command to unlock a locked account with no password, a warning is displayed.
The
userdel
command will retire, instead of remove,
accounts on a system running enhanced security.
5.3.9.5 Prevent IP Spoofing Attacks
To detect and prevent
an IP spoofing attack that can potentially result in a denial of service,
configure the
ifaccess.conf
file to disable
localhost
as a source address.
For all adapters except the local loopback adapter (lo0),
disable incoming packets with a source address of
localhost
(127.0.0.1).
For example, add the following entry to the
/etc/ifaccess.conf
for
tu0:
tu0 127.0.0.1 255.255.255.255 denylog
Then enable access filtering on
tu0:
#ifconfig tu0 filter
5.3.10 Change in struct utmp, struct utmpx, and struct lastlog
To bring them
into compliance with several UNIX and Internet standards, the
struct
utmp,
struct utmpx, and
struct lastlog
structures have been changed.
These changes affect the
/usr/include/utmp.h,
/usr/include/utmpx.h, and
/usr/include/lastlog.h
files :
The time field in the
struct utmp
structure
has changed from a
time_t
structure to a
struct
__ut_timeval
structure (to be consistent with the
/usr/include/utmpx.h
file).
The
ut_host
field size (in the
struct utmp
and
struct utmpx
structures) has
been increased to comply with relevant Internet RFCs.
The
ll_line
and
ll_host
manifest constants in the/usr/include/lastlog.h
file have
changed to allow their sizes to correspond to the
ut_line
and
ut_host
fields in
struct utmp
and
struct utmpx
structures.
These changes also affect the format of the
/var/adm/utmp,
/var/adm/wtmp, and
/var/adm/lastlog
files.
The following conversion programs are supplied:
/usr/lbin/wtmpconvert
/usr/lbin/llconvert
The programs enable you to convert your existing
/var/adm/wtmp
and
/var/adm/lastlog
files to the new format
or convert new format files to the old format for use by existing programs.
See the corresponding reference pages for more information.
5.3.11 Argument Size Limit for the exec System Call
The amount
of memory used by the arguments to the
exec
system call
is limited by
sysconf(_SC_ARG_MAX), which is about 38
KB.
You can exceed this limit systemwide by setting the
exec_disable_arg_limit
argument in the
sysconfigtab
file to 1 as follows:
#sysconfig -r proc exec_disable_arg_limit=1
When you set this argument to 1, the limit becomes an
amount that is slightly less than the maximum stack size for the process,
which is typically 8 MB or more.
When you set the
exec_disable_arg_limit
argument to 1,
sysconf(_SC_ARG_MAX)
incorrectly
reports that the limit is 38 KB.
However, programs that rely on this value
will not be limited to 38 KB and will function normally.
It is unlikely that programs will require more than 38 KB of memory;
however, test suites that test this limit and expect an error return when
sysconf(_SC_ARG_MAX)
is exceeded will not obtain their expected
result.
If you are running test suites that expect an error return when this
limit is exceeded, leave the
exec_disable_arg_limit
argument
set to 0.
Otherwise, it is recommended that you set this argument to 1.
5.3.12 Startup Messages Lost in Large Configurations
On systems that display
a large number of console messages at system initialization (typically, systems
configured with a large number of devices), some messages may be missing from
the
/var/adm/messages
file.
You can correct this problem
by increasing the size of the kernel's message buffer.
Use either of the following procedures to change the buffer size. You must be root to make the change.
To change the buffer size using graphical administration tools, use the following steps:
Start the
dxkerneltuner
application.
Select the
generic
subsystem.
Set the Boot Time Value entry for the
msgbuf_size
attribute to the new value.
Apply the change before exiting.
To change the buffer size from the command line, use the following steps:
Create a temporary file,
/tmp/msgbufsize,
containing the following lines, but replacing the 32768 with the size appropriate
for your system:
generic: msgbuf_size = 32768
Enter the following command:
%sysconfigdb -f /tmp/msgbufsize -m
If a different entry is present in the database,
sysconfigdb
displays a warning message to advise you of the change in size.
The increase takes effect at the next system reboot. After rebooting, you can verify the change by entering the following command:
%sysconfig -q generic | grep msgbuf_size
Note
The default size of the message buffer is 4 KB, and the example above sets it to 32 KB. Because the space used by the buffer is not returned for general use after initialization, set the size only high enough to correct the problem.
See the
System Administration
guide for information on changing
the buffer size.
5.3.13 Insight Manager
This section provides information on the Insight Manager.
5.3.13.1 Insight Manager Known Problems
The following problems exist in the current version of the Insight Manager:
The Compaq SNMP subagent might dump core while processing
verbose messages in the
/var/adm/messages
file.
This
is most likely to occur while you are debugging a kernel.
If a core dump occurs,
delete or rename the
/var/adm/messages
file and restart
the SNMP subagent.
The Insight Manager Device Discovery web page (http://machine:2301/cpqdev.htm) may show inconsistent or incorrect data on some platforms, as
active discovery is not fully functional.
On some browsers, the login dialog box, which consists of text fields for Name and Password, opens with the initial focus on the Password text field.
The Insight Manager AutoRefresh option, when set for less than 60 seconds, might stop refreshing web pages when run from a Netscape browser running on Tru64 UNIX.
5.3.13.2 Compaq SNMP Subagent and Insight Manager Restrictions
The online help for Insight Manager in
/usr/share/sysman/bin/insightd
describes four login accounts: anonymous, administrator, operator,
and user.
For this release, only the anonymous and administrator accounts
are accessible.
Before you log in as the Insight Manager administrator, use
the Set Up Insight Manager application from the SysMan Menu to configure the
administrator password.
This version of Insight Manager does not generate SNMP traps. Thus, alerts are not generated.
The Compaq SNMP subagent in
/usr/sbin/cpq_mibs
incorrectly reports the CPU logical slot instead of the physical slot on some
Alpha platforms.
Therefore, Insight Manager displays large values for this
attribute.
The Compaq SNMP subagent returns incorrect values for SCSI disk read
and write statistics.
Therefore, the values displayed by the Insight Manager
web pages are also incorrect.
The values returned are in units of bytes rather
than sectors.
Additionally, the statistics displayed are only calculated once,
when the subagent is started.
5.3.14 Event Manager (EVM)
The notes in this section apply to the Event Manager (EVM).
5.3.14.1 Sorting Events by Summary Gives Incorrect Ordering
If you choose to sort events by Summary in the Event
Viewer, events might appear to be sorted incorrectly.
The viewer uses the
evmsort
command to provide sorted output.
In this release, the
evmsort
command does not provide an option to expand an event's
format data item before sorting.
Therefore, the results are based on the summary,
before variable data has been included.
5.3.14.2 Event Viewer and evmget Display a Message When the binlog File Is Invalid
If the binary error log file,
/var/adm/binary.errlog, contains invalid log entries, an error message similar to the
following is displayed when you run
evmget:
binlog2evm: Invalid event data encountered at offset 80216
binlog2evm: Error occurred while reading from
"/.local../usr/var/adm/binary.errlog"
binlog2evm: Skipped invalid data - restarted at offset 85248
If you see this message, follow your normal investigation and reporting procedures to determine the source of the corruption.
A short-term solution to prevent the message from being
displayed is to redirect
stderr
to
/dev/null.
If you are certain that the error log is properly backed up and does
not contain required event information, you can permanently remove the invalid
data by initiating a cleanup of the log file by using the directions in the
binlogd(8)
reference page.
Note that this operation removes the log file and starts
a new one.
Because two generations of the error log are held, the message
continues to be displayed until you run the cleanup procedure twice.
5.3.14.3 Double Clicking in the Event Viewer Launched from SMS Core Dumps
If you launch the Event Viewer from the SysMan Station (SMS) and double click in the More options window, the viewer fails, resulting in a stack trace.
To avoid this problem, single click in the More Options windows and then click OK to finish your choice.
This problem exists only when you launch the Event Viewer from SMS.
If you launch the viewer from the command line or from the Sysman Menu, you
can double click an option to select it.
5.3.14.4 EVM Reports Kernel Messages with Critical Priority
EVM reports all messages that are posted
from the kernel through the
syslog
event facility as having
critical priority.
This incorrectly includes many informational messages that
are posted when you start the system.
5.3.14.5 EVM Logger Might Miss Events
The EVM logger might not receive all events in situations
where many events are posted in a short period of time.
This is due to buffer
overflow.
If this happens, the logger inserts an event into the log reporting
the number of events that were missed.
5.3.14.6 Problem with Low-Resolution Displays
Some graphical applications may be longer than the display for low-resolution displays using large fonts. Windows that are larger than the display are truncated at the bottom, often resulting in the buttons being cut off. Some windows in Quick Setup have exhibited this behavior on some displays.
To avoid this problem, you can try reducing the size of the font. See the documentation for the window manager you are using. Also, applications that have a curses (character) mode fit better than graphical applications using large fonts.
For more information, see
X(1X),
dtstyle(1),
curses(3), and
sysman_intro(8X).
5.4 Network and Communications
The following notes apply to network and communications software.
5.4.1 DHCP Database Migration (joind and bootpd)
Starting with Tru64 UNIX Version 4.0F, DHCP database files are stored in
an entirely new format that is incompatible with older formats.
The operating
system ships with an online document, provided by JOIN Systems, that
explains the reasons behind this change, lists the files that are affected,
and provides instructions for converting the files to the new format.
The document and conversion utility,
README-DB237
and
conv185-237,
respectively, are located in the
/etc/join
directory.
5.4.2 Mail
This section provides information on problems that can occur when configuring
and running mail on your systems.
5.4.2.1 The mailcv -I -t and -M -t Commands Do Not Work As Expected
If
you are converting a
dtmail
folder hierarchy to IMAP, or
you are converting a single folder that does not already exist in the IMAP
hierarchy, you receive the following error message and the conversion of the
hierarchy stops:
Mailcv: Can?t create output file {foldername}, ignoring conversion.
foldername is the new name of the folder.
Use Netscape to migrate your folders to IMAP as follows:
Set the Local Mail folder to point to the directory that contains
the
dtmail
folder hierarchy.
From the Preferences menu, select the Mail & Newsgroup subtree, then select Mail Servers.
Select the Local Mail Directory and change the directory to the UNIX folder directory you want to convert.
Select OK and restart Netscape.
Select the Netscape Messenger window to display your mail folders. Drag and drop the mail folders from the local folders to the IMAP folders or select all the messages in a folder and use the move command to move all the messages to the IMAP folder.
If you are converting
dxmail
or MH mail to IMAP folders,
you receive the following error message:
Mailcv: Can?t create output file {foldername}, ignoring conversion.
foldername is the new name of the folder.
To migrate
folders from
dxmail
or MH mail folders to IMAP, do the
following:
Migrate the folders to UNIX style by using the
mailcv
command with the
-A
option.
Use Netscape, as described in the previous procedure, to migrate the UNIX mail folders to your IMAP folders.
5.4.2.2 IMAP Server: Preserving Uppercase User Names
If your system is configured as an IMAP server and you want to preserve uppercase for user names, do the following:
Add the
F=u
flag for IMAP mailer in your
sendmail
configuration file.
Edit the
/var/adm/sendmail/sendmail.cf.pd
file and
/var/adm/sendmail/sendmail.m4
file (if it exists)
before you run either the
mailsetup
script or
mailconfig
application.
Search for the line with
Mimap
and add the
u
flag to its
F=
option.
The original line appears
as follows:
Mimap, P=/usr/bin/deliver, F=nsmFDM, S=10, R=20/50, A=deliver $u
After you update the line, it should appear as follows:
Mimap, P=/usr/bin/deliver, F=nsmFDMu, S=10, R=20/50, A=deliver $u
If you have already configured
sendmail
using
either the
mailsetup
script or the
mailconfig
application, apply these changes to the
/var/adm/sendmail/sendmail.cf
file in addition to the
/var/adm/sendmail/sendmail.cf.pd
and
/var/adm/sendmail/sendmail.m4
files.
5.4.2.3 sendmail Warning Message
The
permissions on the
/var
directory do not satisfy the
checks by the sendmail binary.
The
sendmail
utility expects
the permission of the
/var
directory to be 755.
However,
the permissions are 775.
Due to this,
sendmail
logs the
following warning message in the
syslog
file every time
it checks the mode of the
/var
directory:
WARNING: writable directory /var/adm/sendmail
This
does not impact the functionality of
sendmail, so you can
ignore this warning.
If you want, you can change the permissions on the directory
to 755 by logging in as root and entering the following command:
#chmod go-w /var
5.4.2.4 Problem Starting the Sendmail Daemon
If you manually edit the
/var/adm/sendmail/sendmail.cf
file and there are errors in the file, the Sendmail startup script
might display that the daemon started when it has not.
To verify whether the
sendmail
daemon has actually
started, issue the following command:
#ps -aef | grep sendmail
If
the
sendmail
process is not present, check the
mail.log
file for any errors associated with the start of the daemon.
The full path name for this file is
/var/adm/syslog.dated/current/mail.log.
Correct any errors recorded in this file before starting the
sendmail
daemon again with the following command:
#/sbin/init.d/sendmail start
The following notes apply to Local Area Transport (LAT).
5.5.1 Duplicate Minor Numbers and latsetup
The
latsetup
utility sometimes creates
devices with duplicate minor numbers.
If you manually create LAT BSD devices
that do not match the valid BSD
tty
name space convention,
latsetup
can create devices with duplicate minor numbers.
For example,
creating device
tty0
with a minor number 2 instead of 1
can cause this problem.
5.5.2 Simultaneous llogin Connections
When doing a number of simultaneous
llogin
connections, use
llogin
with the
-p
option.
To speed up an
llogin
connection, add the target
host name as a reserved service.
5.6 File Systems
The notes in this section apply to file systems.
5.6.1 UNIX File System Warning Message
When a valid UFS file system has been detected and the
fstype
in the disk label is marked as unused, the following messages
are displayed:
#./mount /dev/disk/dsk5c /mntWarning: partition /dev/disk/dsk5c was detected as marked unused. Warning: partition /dev/disk/dsk5c temporarily set to 'FS_BSDFFS' 4.2BSD fast file system. Warning: Please use disklabel to correct this condition.
Currently the
fstype
in the disk label is temporarily set
and will revert when you unmount the file system with no warning message.
The label could be changed without the knowledge of the user if the
newfs
command is issued on another partition on the same disk.
If you receive this message, use the
disklabel
command
to correct the label.
5.6.2 Advanced File System (AdvFS)
The following notes discuss features, problems, and restrictions of
the Advanced File System (AdvFS).
5.6.2.1 AdvFS and fsync()
You can use the
fsync()
system call to synchronously write dirty file data to disk.
There are two ways a file can have dirty data in memory.
One way is via the
write()
system call.
The other is from a memory write reference
after an
mmap()
system call.
For AdvFS files, the
fsync()
system call writes out dirty data only from the
write()
system call.
If dirty data from an
mmap()
system call also needs to be written, then you must also use the
msync()
system call.
5.6.2.2 New AdvFS On-Disk File Formats
This version of the operating system provides a new on-disk format (Version 4) for AdvFS that was introduced in Version 5.0. Kernels built with this version of the operating system will work with the old on-disk format (Version 3) as well as with the new format. However, you cannot use a kernel built with a version of the operating system prior to Version 5.0 with the new AdvFS on-disk format.
You can bring an AdvFS domain forward from an earlier version and mount it on a system running Version 5.0 or higher. If you do this, your domain will not change; it will continue to use the Version 3 on-disk format, which is still supported.
If you perform an update installation, you do not get the new on-disk format. You only get the new on-disk format if you do a full installation or if you create a new domain using Version 5.0 or higher.
No conversion utility is available to move Version 3 domains to Version 4 domains. The only way to move your data to a new domain using the new on-disk format is to back up your data from a Version 3 domain and restore it into a new Version 4 domain.
Due to the new on-disk file formats, certain AdvFS utilities from earlier releases of the operating system have the potential to corrupt domains created using the new on-disk formats. Therefore, all statically linked AdvFS utilities from versions prior to Version 4.0 will not run on Version 5.0 or higher. Additionally, the following dynamically linked utilities from earlier releases do not run on Version 5.0 or higher:
/sbin/advfs/verify
/sbin/chvol
/usr/sbin/advfsstat
/sbin/showfdmn
/usr/sbin/balance
/usr/sbin/defragment
/usr/sbin/presto
/usr/sbin/rmvol
5.6.2.3 Running verify on the root Domain
The
verify
command has been modified
so that you can no longer run it on a mounted root domain with either the
-f
or
-d
flags.
If you need to run the
verify
command on the root domain with either of these flags,
you must boot off another disk or CD-ROM as follows:
From the CD-ROM, exit the installation procedure.
Change directory to the
/etc/fdmns
directory:
#cd /etc/fdmns
Create a temporary domain directory:
#mkdir verify_root
Change directory to the newly created directory:
#cd verify_root
Create a symbolic link in this directory to the disk partition that contains the domain you want to run verify on:
#ln -s /dev/disk/dsk3a dsk3a
Change directory back to the root directory (/):
#cd /
Run
verify
on the temporary domain:
#/sbin/advfs/verify -f verify_root
Delete the temporary domain:
#rm -rf /etc/fdmns/verify_root
The following notes describe problems and restrictions of the Logical
Storage Manager (LSM).
5.7.1 Using LSM rootvol Requires sysconfigtab Parameters
If you use the LSM
rootvol
volume for the root file system and the
swapvol
volume
is in use as a primary swap volume, LSM adds the following entries to the
/etc/sysconfigtab
file to enable it to become root:
lsm: lsm_rootdev_is_volume=1
If these entries are deleted or if the
/etc/sysconfigtab
file is deleted, the system will not boot.
If
this happens, you can boot the system interactively as follows:
>>>boot -fl i......... .........Enterkernel_name option_1 ... option_n:vmunix lsm_rootdev_is_volume=1
Use the
sysconfigdb
utility to add the LSM entries
as shown previously to the
/etc/sysconfigtab
file after
the system boots.
Then, reboot the system for the changes to take effect.
5.7.2 Cannot Enable Logging on RAID 5 Volumes Using LSM's Bottom-Up Commands
You
can create RAID 5 volumes using either LSM's top-down or bottom-up
commands.
However, you cannot enable logging using the bottom-up commands,
such as
volsd aslog, to associate a log subdisk to a plex
or
volplex att
to attach a logging plex to a RAID 5 volume.
The
volassist
top-down command does work.
Therefore,
use the
volassist addlog
command to add logging to RAID
5 volumes.
Note that if you create a RAID 5 volume using the
volassist
make
command, logging is configured and enabled automatically.
5.7.3 LSM Dirty Region Logging (DRL) Cannot Be Used with rootvol
LSM Dirty Region Logging (DRL) cannot be used with a mirrored
rootvol.
If a system with a mirrored
rootvol
is not brought down cleanly, the system automatically recovers the
rootvol
by doing a complete resynchronization.
Attaching a logging
subdisk might degrade the
rootvol
write performance with
no benefit in recovery time.
5.7.4 The LSMSA Server (lsmsad) Is Not Started at System Startup
The LSMSA server (lsmsad
daemon) does not
start on system boot.
If the server is not running, it starts automatically
when you start a GUI session and it stops when all GUI sessions are ended.
The
/lsbin/rc3.d/S79lsmsa
and
/lsbin/rc0.d/K41lsmsa
scripts no longer exist.
Previous documentation detailing how to start and stop the server is
no longer applicable.
The system starts the
lsmsad
server
as follows:
When the GUI is started, the system attempts to connect it with the server process on the indicated host.
If the GUI cannot connect, the system then attempts to connect
it to the indicated host at the port,
initlsmsad, defined
in the
/etc/services
file, and
vrts.remote.server.initLsmsadPort, defined in the
/usr/lib/java/applications/lsmsa/properties
file.
The port numbers defined in these two files must match.
When the GUI connects to the
initlsmsad
port, the
inetd
server executes the
/usr/lib/java/applications/initlsmsad
program, which creates a subprocess where the
/usr/sbin/lsmsad
script will run.
The
lsmsad
script starts the
LSMSA server processes VMServerImpl, VRTSRegistry, and
cmdserver.
After the LSMSA server processes have been started, the GUI then
connects and operates normally.
If the GUI cannot connect to a port, the error message "Cannot connect to the server" is displayed. When LSMSA exits and disconnects from the server, the server continues to exist in an idle state until another GUI connects or an LSM configuration event occurs (such as creation, deletion, or modification of an LSM object). When the server receives notification of an LSM configuration event, if no GUIs are connected, the server exits. When the server exits, all of the LSMSA server processes exit, as well.
If the GUI cannot connect to the server, try the following:
Check the
/var/lsmsa/logs/server.log
file for startup and error messages.
Run the
/usr/lib/java/applications/initlsmsad
program to view error messages.
You must be root user.
On a very slow network, you may need to adjust the value assigned
to the CONNECTION_TIMEOUT variable in the
/usr/sbin/lsmsadscript.
This is the amount of time after startup that the LSMSA server
will wait for a connection from the client.
The default value is 30 seconds.
When the server process receives an LSM configuration event, if
no GUIs have been or are currently connected and the CONNECTION_TIMEOUT seconds
have elapsed, the server exits.