10.04.2012

individual umask in sftp/scp

For HPUX (at least some of the 11.31 versions) the following can be used in sshd_config to set the umask for individual users or groups:
Add the following two lines at the end of the file to configure the sftp umask for a group of users.

Match Group  <group name>
ForceCommand  internal-sftp  -u 73

Or, add the following two lines at the end of the file to configure the sftp umask for a single user.

Match User   <user name>
ForceCommand  internal-sftp -u 73
of course you'll need to restart ssh by doing:  kill -HUP $(cat /var/run/sshd.pid)   or /sbin/init.d/secsh stop ;  /sbin/init.d/secsh start
from:

9.28.2012

syslogd cores

 HP-UX syslog crashes with a core file in /var/adm/syslog.   file /var/adm/syslog/core:  ELF-32 core file - IA64 from 'syslogd' - received SIGXFSZ
 
if none of your files in /var/adm/syslog are over 2GB, then change the LOG_SIZE to NOLIMIT in /etc/default/syslogd  like this:
 
query value:
ch_rc -l -p LOG_SIZE /etc/default/syslogd
 
set to NOLIMIT:
ch_rc -a -p LOG_SIZE=NOLOMIT /etc/default/syslogd
 
what happened is that OVO (HPOM) process opcle had syslog.log open and it hit 2GB so when syslog was recycled, the opcle process didn't release and the system still thinks that syslog.log is over 2GB.  That's the theory anyway.  I guess if that's the case you probably could just restart OVO/HPOM and that might fix it.

8.17.2012

Windows 7 enable lpr/lpq

enable lpr and lpq commands in Windows 7; by default it's not enabled
or turned on.

go into control panel and "turn windows features on or off" and under
"print and document services" turn on "lpr port monitor"

8.13.2012

EMC Open Migrator

move / sync data transparently to end user - better than rsync cause
it's synced real time via dynamic kernel module. it works on raw
logical volumes. Here's how it works. you configure new logical
volumes of the exact same size as the old ones using new LUNs (and a
new VG of course, which is a good time to maybe change the VG details
- max PE, etc). then create session files which "pair" up the old LV
to new LV. Once the sync is complete and you can take an outage,
unmount the old LV and VG and new ones too. Then stop the session and
mount the new stuff.

Open Migrator (OpenMigrator or OM) details:

create session file, /tmp/session1_pairs contents:
/dev/vg00/rlvol11 /dev/new-vg00/rlvol1


/sbin/stormigrate create -file /tmp/session1_pairs -session u01
/sbin/stormigrate list
/sbin/stormigrate activate -s u01
/sbin/stormigrate show -s u01
/sbin/stormigrate copy -s u01
/sbin/stormigrate query -s u01
/sbin/stormigrate query -i 5 -s u01
/sbin/stormigrate query -miostat -s u01


/sbin/stormigrate tune -ceiling 40
/sbin/stormigrate tune -mio_recover_action log
/sbin/stormigrate tune -mio_recover_action term

higher IO:
/sbin/stormigrate tune -iosize 128 -mio_perf_ratio 500


umount /u01
vi /etc/fstab -- update to san-np01
then deactivate session:
/sbin/stormigrate deactivate -s u01
/sbin/stormigrate delete -session u01

mount /u01
bdf /u01 -- verify using new VG and lvol

8.08.2012

dbprofile/​lanboot and PXE-E18 error

Use dbprofile and lanboot on an Itanium server but get this:
PXE-E18: Server response timeout.

and this shows up in the ignite server's syslog:
tftp: client does not accept options
receive: RRQ /opt/ignite/boot/hpux.efi octet blksize 16384
send: OACK  blksize 16384
send_file: recv: Can't assign requested address
receive: RRQ /opt/ignite/boot/hpux.efi octet blksize 16384
send: OACK  blksize 16384
send_file: recv: Can't assign requested address
receive: RRQ /opt/ignite/boot/hpux.efi octet blksize 16384
send: OACK  blksize 16384
Transfer timed out


Then add the following option to the tftpd entry in inetd.conf:
-s -r blksize

so something like this:
tftp        dgram  udp  wait   root /usr/lbin/tftpd    tftpd -s -r blksize /opt/ignite /var/opt/ignite


See this for full instructions:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&taskId=110&prodSeriesId=4077173&prodTypeId=18964&objectID=c03083630

7.16.2012

get model nuber of SAS drive in RAID1 config

How to get the product number for a drive in a RAID1 mirror on a qlogic LSI SAS controller, typically on the first Gen BL860c (and other model) blades
 
You can get the product or model number for the individual drives:
sasmgr get_info -D /dev/sasd0 -v -q lun=all -q lun_locate
 
 
interestingly, I still can't find a way to turn on the UID/attention LED on an individual drive within a RAID1 set.

7.12.2012

change title bar in putty programmatically

here's some code for a shell script that will change the title bar text in putty (or other terminal/ssh apps):
 
title_bar.sh
params=$*
echo "\033]0;$params\007"
 
then call the shell script with whatever you want in the title bar:  ./title-bar.sh hello my friends     "hello my friends" will appear in putty's title bar.

7.09.2012

grocery shopping list on kindle touch

There's no notepad or writing app built-in on the kindle touch.  But there's a free checklist app from amazon that would make a good grocery or shopping list.
 
Search for "My Checklist" by Amazon Digital Services on the kindle store of amazon  It's not bad and free to boot.

6.21.2012

memory details on HPUX

echo "selclass qualifier memory;info;wait;infolog" | /usr/sbin/cstm > /tmp/cstmramlog.txt


For i2 blades run:  /opt/propplus/bin/cprop -summary -c "Memory"

6.14.2012

ssh errors

sshd[20015]: Accepted publickey for USER from IP  port 3891 ssh2
sshd[20032]: wtmp_get_entry: problem opening /var/adm/wtmp: Permission denied
sshd[20015]: error: openpty: Device busy
sshd[20032]: error: session_pty_req: session 0 alloc failed
if you get this, then something is holding some device files open.  Close all ssh sessions and do a ps -ef | grep ssh.  kill any sessions you find, then restart ssh:  /sbin/init.d/secsh stop / start

newer versions probably do not have this problem - this was on 11.11 using T1471AA                               A.03.81.002    HP-UX Secure Shell

6.13.2012

ECC agent install issues on HPUX

if you have file systems listed in fstab that won't mount, dont think you can get away by doing an -x mount_all_filesystems=false.  You'll probably need to comment them out of fstab.  ECC is sometimes bundled and kicks off a secondary swinstall that doesn't get any options passed to it.
 
also if you get the following message in swagent.log:

An unsupported version of Master Agent was found.  Please uninstall from /usr/ecc to continue.
./install_native.sh[372]: /usr/ecc/install_native.log: Cannot create the specified file.
 
but yet, there is no /usr/ecc.....    it's finding a file in /var/emc/.eccrc and thinks there's a previous version installed - just delete that file and try again.

OnlineJFS not installed on HPUX 11.31 (or newer versions)

fsadm command to extend a file system online wasn't working – got this error:

UX:vxfs fsadm: ERROR: V-3-25255: fsadm: You don't have a license to run this program

I then checked and did not see the OnlineJFS product, so I did the following steps to fix it and was able to then extend the file system:

swinstall -x autoreboot=true -x mount_all_filesystems=false -s DEPOTSERVER:/depot/11.31 B3929EA

Then see if the license is installed:
/usr/sbin/vxlicrep
 
enable license:
/sbin/vxenablef –a

then you should b able to extend.

 

6.07.2012

hpux 11.23 panic lo_realvfs

Panic string: lo_realvfs
 
if you have automountd or autofs turned on and an application or someone tries to access the local machine via /net/HOSTNAME, autofs creates a LOFS mount it since it's a local file sytem.  This rarely cuases problems but there is a known issue with the LOFS code that causes a panic, with Panic string: lo_realvfs in the /etc/shutdownlog
 
The work-around is to add the -L option to AUTOMOUNTD_OPTIONS in the nfsconf file:
check the options first:
ch_rc -vlp AUTOMOUNTD_OPTIONS
 
add the -L option:
ch_rc -ap AUTOMOUNTD_OPTIONS=-L
 
reboot the box or restart NFS:   (you may only have to restart nfs.client, but I have not tested that)
/sbin/init.d/nfs.client stop
/sbin/init.d/nfs.server stop
/sbin/init.d/nfs.core stop
 
/sbin/init.d/nfs.core start
/sbin/init.d/nfs.server start
/sbin/init.d/nfs.client start

6.04.2012

ADS - alternate data streams on NTFS and batch files

run a batch file (.bat or .cmd) from a network share or downloaded to your local drive without the security dialog
filename:Zone.Identifier

ADS

sending vcards to LG420G (straighttalk)

Had a bugger of a time transferring vcard phone contacts from lg220c to lg420g.  it appears that the format used by lg420g (straight talk) expects


vcf format for LG220C to LG420G:
the email records of each contact needs at two fields: EMAIL and HOMEor (whatever) 

sed -e '/^EMAIL/d' ContactA.vcf > ../ContactA.vcf

disabling browser back button in windows

disable the browser back button

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,6a,e0,00,00,69,e0,\
  00,00,00,00


This will also (inadvertently) prevent Windows Update KB2686509 from installing with the following message:
Some updates could not be installed.
Security Update for Windows XP (KB268509)


to install the patch, delete the Scancode Map, reboot (Necessary) and re-install the patch or run Windows Update.

2.16.2012

HP SmartArray controller disk replacement steps on HP i2 blades

This is for the BL860c i2 blades (and other i2 models):


Replace a failed LVM mirror disk that is attached to a SmartArray SAS controller.

 

Notes:  For this example /dev/disk/disk2 is the failed disk and /dev/disk/disk4 is the new device that was created because the SAS controller identified a new disk.

Notes:  For this example the SAS controller device is /dev/ciss0

Notes:  The failed disk is in volume group vg00

 

Identify the disk by serial number.  Give the Bay number to the HP CE so they know which disk to replace:

sautil /dev/ciss0 -s

scsimgr get_info -D /dev/rdisk/disk2

 

Deactivate the PV:

pvchange -a n /dev/disk/disk2

 

Replace the failed disk.

 

Activate the WWID of the new disk.  The Error can be ignored.  A new disk device should be created:

scsimgr -f replace_wwid -D /dev/rdisk/disk2 dsf

scsimgr: ERROR: Cannot convert hardware path to an IO tree node

 

Find the new disk device that was created:

ioscan -fNnC disk

 

Create a description file to create the EFI partitions:

# cat >> /tmp/idf << EOF

3

EFI 500MB

HPUX 100%

HPSP 400MB

 

Use idisk to setup the disk partitioning on the new disk device:

idisk -wf /tmp/idf  /dev/rdisk/disk4

insf -e –C disk

 

Assign the old instance number to the replacement disk:

io_redirect_dsf -d /dev/disk/disk2 -n /dev/disk/disk4

 

Verify that /dev/disk/disk2 is in a claimed state:

ioscan –fnNC disk

 

Use mkboot to format and populate the newly created EFI partition:

mkboot -e -l /dev/disk/disk2

 

Change the AUTO file contents to the proper mode:

mkboot -a "boot vmunix -lq" /dev/rdisk/disk2

 

Restore the LVM reserved areas (PVRA/VGRA):

vgcfgrestore –n vg00 /dev/rdisk/disk2_p2

 

Reattach the new disk:

pvchange -a y /dev/disk/disk2_p2

 

Sync volume group:

vgsync vg00

 

Use lvlnboot to ensure that the LVM logical volumes are prepared:

lvlnboot -R

lvlnboot -v

SAS controller on HPUX itanium disk replace

The SAS controller in the first generation BL860C (and other models) has some special commands in order to replace a failed disk.  I would recommend using the built-in RAID-1 capabilities of this controller - that way you no longer need to worry about LVM mirroring.  But if you need to use LVM mirroring then, add the couple steps below to your standard LVM mirror root/boot disk procedure:

#get the SAS controller dsf:
saslist get_info ctrl sasd

#get info on the disks:
sasmgr get_info -D /dev/sasd0 -q raid

#if the disk is working enough to turn on the attention LED:
sasmgr set_attr -D /dev/sasd0 -q lun=/dev/dsk/c0t1d0 -q locate_led=on

AFTER the disk is replaced:
#since each disk will have a unique WWID, the server will assign a new HW path and persistent dsf
#to change them first change the hardware path (legacy style)
sasmgr replace_tgt -D /dev/sasd0 -q old_tgt_hwpath=0/2/1/0.0.0.1.0 -q new_tgt_hwpath=0/2/1/0.0.0.2.0

#then change the persistent dsf
io_redirect_dsf -d /dev/disk/disk3 -n /dev/disk/disk8

1.26.2012

sas commands (Hardware mirroring) hp-ux

HPUX SAS controller commands - hardware mirroring (only on some controllers)

status of serial attached SCSI raid set:
sasmgr get_info -D /dev/sasd0 -q raid

get controller HW path and device file
saslist get_info ctrl sasd

get list of LUNs being controlled by the sasd driver
saslist get_info lun sasd

status all physical drives
sasmgr get_info -D /dev/sasd0 -q phy=all

statistics of HBA (for problems)
sasmgr get_stat -D /dev/sasd0

track down disk problems
sasmgr get_stat -D /dev/sasd0 -q phy=all

clear statistics on PHY 1
sasmgr clear_stat -D /dev/sasd0 -q phy_in_port=1

1.12.2012

start a search when opening a file in vi

To start a search when opening a file: vi +/Search_string /tmp/filename
It'll open a vi session placing your cursor at the start of the line containing the first match of the keyword.   You can hit 'n' to continue the search like normal

1.09.2012

cimprovagt using too much memory

if cimprovagt is using too much memory, you can restart it by restarting the whole cimserver ( /sbin/init.d/cim_server stop / start  OR cimserver -s ; cimserver ).  Or you can just disable then re-enable the module.  There seems to be lots of memory leaks in the modules, or upgrade if possible.

- Identify the provider:
# ps -ef | grep cimprovagt
# cimprovider -l -s

- Disable provider sample:

#cimprovider -d -m MODULE

#cimprovider -l -s

or shutdown/start the module:
#cimprovider -d -m MODULE
#cimprovider -e -m MODULE

12.07.2011

excessive dots during HPUX startup

two ways to mitigate a bunch of dots during the startup script process on HP-UX:
Change the GSP/MP/iLO "asynchronous" port to the correct terminal
type: vt100 verses HPTERM. usually you can get in and do a "CA"
(configure asynchronous) and change the console terminal type there.

OR:
One suggestion I've seen on the HP forums is to try setting
"LIST_MODE=1" in /etc/rc.config.d/list_mode, rather than the default
value of zero. This forces the startup to use the same line-oriented
mode regardless of the terminal type. It might be worth a try.

11.29.2011

HPUX LVM logical volume size limit

2TB is the max size for a logical volme and file system on 11.23,
unless some patches are installed:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&taskId=110&prodSeriesId=459574&prodTypeId=18964&objectID=c02742533

with the patches or on 11.31 it's 16TB

9.20.2011

AT&T vs T-mobile sim card in straight talk phone

difference between att and tmobile sim card in a straghttalk phone or service:

look at the SIM card numbers. If it starts with 890126 its T-mobile. 890141 for AT&T.
OR  check bottom of packaging of the phone. Look for the white label. Look on the right for an "A" or "T" (AT&T or T-mobile)

Packet tracing in HPUX

quick primer to packet tracing/logging/sniffing in hpux.  "nettl" network tracing and logging, no need for tcpdump (even though it's probably better).

get status on trace or logging:
/usr/sbin/nettl -status [log |trace |all]


start/stop trace:
nettl -tn pduin pduout loopback -e all -tracemax 65536 -f /tmp/me
nettl -tf -e all

the output file can be opened in wireshark/ethereal.

format commands
netfmt -vf nettl.LOG000 > /tmp/nettl.txt
netfmt -nl1f me.TRC000 > me.out


combine both nettl and netfmt to filter results:
add a filter to ~/.netfmtrc like the following for dns
filter tcp_sport 53
filter tcp_dport 53
filter udp_sport 53
filter udp_dport 53

then start the trace (be sure to turn off):
nettl -tn pduin pduout -e ns_ls_ip | netfmt -1
or
nettl -tn pduin pduout -e ns_ls_ip -m 250 -ks 10M -us 30M -nk 5 -nu 5 | netfmt -1

turn it off again, even if control-c (intr) was used:
nettl -tf -e all


tui/gui:
nettladm

9.14.2011

enable CDE on hpux

uncomment in inetd.conf:
dtspc stream tcp nowait root /usr/dt/bin/dtspcd /usr/dt/bin/dtspcd
rpc xti tcp swait root /usr/dt/bin/rpc.ttdbserver 100083 1 /usr/dt/bin/rpc.ttdbserver
cde rpc dgram udp wait root /usr/dt/bin/rpc.cmsd 100068 2-5 rpc.cmsd
rpc dgram udp wait root /usr/dt/bin/rpc.cmsd 100068 2-5 rpc.cmsd

then inetd -c (of course)

should be commented out in /etc/dt/config/Xconfig and /usr/dt/config/Xconfig:
#Dtlogin.requestPort: 0


update inetd.sec if it exists, change hostname to the server's hostname
dtspc allow 127.0.0.1 hostname

make the DESKTOP=CDE, either manually or through this: /usr/dt/bin/dtconfig -e

OR

$ ch_rc -a -p DESKTOP=CDE
$ grep -i desktop /etc/rc.config.d/desktop
DESKTOP=CDE


finally start CDE:
$ /sbin/init.d/dtlogin.rc start

check if running properly:
ps -ef | grep dt and netstat -an | grep 177
dtlogin should be running and UDP port 177 should be listening (for XDMCP traffic)

diagnostics command: /usr/contrib/bin/X11/dr_dt

not a tech topic - the real reason why they hate us

Be honest with yourself, they (the terrorists) don't hate and want to kill us because we're free and our culture is different from their's.  If that was true, then why haven't we been attacked earlier than the 1990's; why isn't Canada, Switzerland, and the Netherlands being attacked?

The real reason, which might be hard for some to accept, is that we have military bases, occupy their "holy land", and invade their country.  Violence is not acceptable, but put yourself in their shoes and ask what you would do if that was happening in your country.

8.29.2011

HPUX 11.31 native multipathing

to see the lun path status, this give you the number of paths and if they are active/alive/dead:

scsimgr lun_map -D /dev/rdisk/diskXXX

8.26.2011

swinstall strange errors - check your hosts file for correct IP

if you get any of the following weird errors doing sdux command, then make sure your hosts file has the correct IP address for the hostname.

swacl, swreg, swinstall 
ERROR:   There is no "depot" ACL at "XXXXXXXXXXX".  The object is, or is part of, a read-only depot.

ERROR:   Could not open remote depot/root
         "XXXXXXXXXXXXXXXX".  The remote daemon failed to
         create the remote agent process:  You do not have the proper
         permissions to perform the requested operation.  Generally,
         this either means the ACL protecting the software object does
         not grant you the permission required for this operation, or
         the software object is part of an unregistered depot.  Use
         "swacl -v" to list and/or edit the ACL, use "swlist -l depot"
         to list registered depots, and use "swreg -l depot" to
         register an unregistered one
ERROR:   Cannot open source.  Check above for errors, as well as the
         daemon logfile on the source host (default location:
         /var/adm/sw/swagentd.log

Verizon Mifi Diags page - force EVDO/3g mode only

to get to the diags page on a Verizon MiFi, open up VZAccess Manager,  do NOT connect.  do: control-D, enter password: diagvzw, hit settings and there you go.

8.18.2011

samsung GSM A687 (Strive) factory reset -- in case you don't have password

dial this:  *2767*3855#   be careful - this erases everything, including the sim card and sd card, I think.

7.24.2011

Garmin Nuvi Issue - "updating GPS Firmware"

Updating GPS Firmware  and  GPS Firmware update complete - if these messages show up on your Garmin Nuvi 260 (or other Garmin GPS devices) consistently when you turn it on, or while it's running, then you may have to delete the contents of the garmin\RemoteSW folder.  Just plug the gps into a PC using a usb cable and it should show up like a storage device/flash drive.  Go into the garmin\remotesw folder/directory and delete the contents.

see the following thread:
https://forums.garmin.com/showthread.php?t=3375

7.01.2011

no powerpath and getting LUN ID

If you don't have powerpath and need to get the LUN ID to device special file (dsf)/ disk device on HP-UX, try using the following switch on the syminq command (part of Solutions Enabler):

syminq -identifier device_name

example:
syminq -identifier device_name | head

Device Device
------------------------- ----------------------- ----------------
Name Num Vendor Array ID Name
------------------------- ----------------------- ----------------

/dev/rdisk/disk428 09B8 EMC *redacted* N/A
/dev/rdisk/disk429 09B9 EMC *redacted* N/A


Actually I think the default syminq output (without any switches) shows the lun id, but it’s hidden in the “device” “serial Number” column. Skip the first 3 digits in the column (part of the array ID). The next 4 digits (or so) are the Lun ID.

Example (lun ID in bold):
Device Product Device
-------------------------- --------------------------- ---------------------
Name Type Vendor ID Rev Ser Num Cap (KB)
-------------------------- --------------------------- ---------------------
/dev/rdisk/disk437 EMC SYMMETRIX 5874 93009C1000 35692800

4.27.2011

Symbolic links on HP CIFS/Samba 3.5.4

using symlinks on HP CIFS/Samba 3.5.4 can be an issue if the parameter unix extensions = yes (which is the default). Look up the man page for smb.conf for more info on it.

use the testparm -v command (-v = verbose), this will show ALL settings (built-in defaults) along with all the custom settings from your config file.

Since "unix extensions" only helps when using HP CIFS clients, IMO it should be disabled by default. so do this in the global section of smb.conf

unix extensions = no

4.19.2011

dbprofile on Itanium servers (and 4.0+ HPVM)

at EFI shell:
display dbprofile:
dbprofile

add/update profile named "ignite" providing only one parameter: dhcp
dbprofile -dn ignite -dhcp

when modifying the profile, only the parameters that are changing need to be listed; you don't need to re-do the entire syntax

three ways that work: first two only work if the ignite server and client are in the same ethernet broadcast domain (subnet).
  - last option gives fast boot time, first and second options requires less administration.

1. dbprofile -dn ignite -dhcp
2. dbprofile -dn ignite -dhcp -b "/opt/ignite/boot/nbp.efi"
3. dbprofile -dn ignite -sip IGNITE.IP.ADDRESS -cip CLIENT.IP.ADDRESS -gip GATEWAY.IP.ADDRESS -m NETMASK -b "/opt/ignite/boot/nbp.efi"

example - ignite IP 192.168.1.2,  client IP 192.168.0.2, gateway/router IP 192.168.0.1, netmask 255.255.255.0
dbprofile -dn ignite -sip 192.168.1.2 -cip 192.168.0.2 -gip 192.168.0.1 -m 255.255.255.0 -b "/opt/ignite/boot/nbp.efi"

to actually use the dbprofile:
lanboot -dn ignite
or to pick a specific NIC to boot from: lanboot select -dn ignite

to find list of NICs, run:
lanaddress

sometimes on NPARS, not all NICs show up, so do the following to re-connect the EFI drivers:
reconnect -r

4.18.2011

HPUX 11.31 lvm2

Wow LVM2 found in HPUX 11.31 has lifted a lot of burdensome limits on volume groups.  vgcreate automatically creates the  device group file; VGs are only limited by the MAX VG size you specify when creating the VG, using the -S option; hitting the max VG size is the only case where a backup/recreate/restore is needed.  Here's a list of helpful commands:

LVMP_CONF_PATH_NON_BOOT  found in /etc/lvmrc  (in March 2010 release)  allows lvm2 vg configuration file backups to an alternate location because of the large size of VG 2.X backups

lvmadm - (-t) displays limits of LVM1 and LVM2 VG 1.0 and VG 2.0 and up;  (-l) also lists the contents of /etc/lvmtab and lvmtab_p

lvmadm -l
--- Version 1.0 volume groups ---
VG Name /dev/vg00
PV Name /dev/disk/disk3_p2
        /dev/disk/disk2_p2

--- Version 2.1 volume groups ---
VG Name /dev/vgXX
PV Name /dev/disk/diskXXX


convert from legacy to persistent DSF: use vgdsf
/usr/contrib/bin/vgdsf –c vgXX

vgcreate using the new LVM2 VG2.0+ notation:
vgcreate -V 2.1 -s 16 -S 4t vgXXX /dev/disk/diskxxx /dev/disk/diskxxx

convert from VG1.0 to VG2.0+
The -r does a "review" to make sure the VG can be converted.
vgversion -V 2.1 -r vgXX

before the convert will run the VG has to be deactivated:
vgchange -a n vgXX
vgversion -V 2.1 vgXX


ioscan new options for persistent dsfs:
ioscan -m dsf /dev/disk/disk127
Persistent DSF           Legacy DSF(s)
========================================
/dev/disk/disk127        /dev/dsk/c5t5d0
                         /dev/dsk/c6t5d0

10.05.2010

turn off modline support in vim

I can see a number of security issues with this feature turned on (on by default in Win versions)
 
set modelines=0
set nomodeline

9.22.2010

9.10.2010

HPUX verses Solaris

An SA's comparison of HP-UX verses Solaris: 
 
I'm still biased to HPUX, although this guy makes some compelling arguments: DTrace, p*/process command tools, hardware (path) identification, log rotation, shadow file, patch numbering.  especially the Dtrace and /usr/proc/bin tools.
 
 

8.27.2010

ssh without being prompted for password

if you have public keys on most of your boxes but not all and are
running a script against all of them, but don't want the script to
just pause at the password prompt, then specify the
"PreferredAuthentications" option:

ssh -o PreferredAuthentications=hostbased,publickey

I couldn't get the PasswordAuthentication=no option to work, so the
above saved me

8.05.2010

making skype portable

To make skype run on a usb flash drive or some other portable device follow the following:
 
 
  • First...Download the NEWEST version of Skype (Older versions won't work) and install it on any computer as normal.
  • Find the Skype.exe from where it was installed.
    (Usually C:\Program Files\Skype\Phone\Skype.exe )
  • Copy the Skype.exe file to any directory on your USB Drive
  • In that new directory create a directory called "data"
  • Now create a file (with notepad) called "skype.bat"
  • Edit the "skype.bat" file and place the following line there:
    skype.exe /datapath:"Data" /removable
  •  

    7.28.2010

    /tmp on Solaris 10

    On Sun Solaris 10, /tmp is a tmpfs type file system.  It is supposed to make reads/writes to the temp filesystem fast, but there are some caveats:
     

    Swap Space and the TMPFS File System
    The TMPFS file system is activated automatically in the Solaris environment by an entry in the /etc/vfstab file. The TMPFS file system stores files and their associated information in memory (in the /tmp directory) rather than on disk, which speeds access to those files. This results in a major performance enhancement for applications such as compilers and DBMS products that use /tmp heavily.
    The TMPFS file system allocates space in the /tmp directory from the system's swap resources. This means that as you use up space in /tmp, you are also using up swap space. So if your applications use /tmp heavily and you do not monitor swap space usage, your system could run out of swap space.
    Use the following if you want to use TMPFS but your swap resources are limited:
    Mount the TMPFS file system with the size option (-o size) to control how much of the swap resources TMPFS can use.
    If you are close to running out of swap space, you can use your compiler's TMPDIR environment variable to point to a larger, real directory.
    Using your compiler's TMPDIR variable only controls whether the compiler is using /tmp or not. It has no effect on other programs' use of /tmp.

     

    7.20.2010

    hyperlink formulas in excel

    to add a hyperlink formula in excel:
    =HYPERLINK("#sheetname!"&CELL("address",A999))
     
    where 'sheetname' is the name of the worksheet and
    'A999' is the the cell to link to
     
    the pound sign, # is _Necessary_
     
     

    7.07.2010

    allow control D keyboard sequence to work

    the EOF key (generally control D) gets trapped/ignored by the shell on some systems.  Here's how to turn that off:
     
     
    hit control-D
    server$ Use 'exit' to logout

    server$ set -o | grep ignoreeof
    ignoreeof        on

    server$ set +o ignoreeof

    server$ set -o | grep ignoreeof
    ignoreeof        off

    server$ hit cntl-D
    logout

    7.01.2010

    automatically adding ssh keys to known hosts file

    automatically adding host's ssh fingerprint to the known_hosts file:
    -o StrictHostKeyChecking=no
     
    example:
    ssh -o StrictHostKeyChecking=no SecretServername

    5.25.2010

    putty command sender

    Putty Command Sender:  http://www.millardsoftware.com/puttycs

    Sends keystrokes to putty windows.  Filters allow selection of putty sessions/windows to which the commands are sent.  You can exclude/include and use wildcards in the filter.  I don't think it supports regular expressions other than * and ?  Allows arrow keys, control characters, and a lot more.

    Be real careful when using this, experiment first on lab systems.

    how to add a bulk load of putty sessions

    add bunch of putty sessions.  This requires cygwin base install which includes the sed command.  Be sure to add \cygwin\bin to the path:
    create a "template" putty session with all the settings you want.  go into the registry and export the session: HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions\session_name

    put a list of machine names in test.txt

    then in dos:

    for /f %a in (test.txt) do type m.reg | sed -e 's/Template_NAME/%a/g'>> all.reg


    These sessions can then be used in putty session manager or any of the other putty related tools.

    5.12.2010

    free SSH client for iPhone / ipod touch

    a truly free SSH client for the iphone or ipod touch:  "The Rove Mobile Admin Client" aka "Mobile Admin"; search for it in the app store.  Not too many features, but it's the only free SSH client I've seen for the itouch.

    5.07.2010

    disable password aging HP-UX

    HPUX password aging disable:

    passwd -x -1 user_id

    for i in user1 user2 user3
    do
    passwd -x -1 $i
    done


    3.29.2010

    differences trying to retain ownership/permissions on HP-UX and nfs

    on HP-UX (by default anyway), you can change ownership of a file as a normal, non-root user. This means you can do a cp -p to copy files retaining permissions and ownership on HP-UX file systems. However, if using NFS, be aware that the underlying NFS server's operating system controls privileges to file ownership. Therefore most Linux/Solaris/NAS boxes that are NFS servers and mounted on HP-UX, will not allow a successful cp -p for retaining ownership (or chown by a normal non-root user).

    Specifically it can be an issue on EMC Celerra NAS servers, but there's a way to change it:
    To change this behavior you can change the Celerra server parameter, rstchown to 0, the default is 1.

    Here's a copy someone posted: http://www.scribd.com/doc/6116381/Celerra-Network-Server-Parameters-Guide-5639-A03

    contents:
    Sets restricted file ownership.0 = Allow the owner of a file to change the file ownership or group ID to any other owner or group because chown and chgrp follow the less restrictive POSIX semantics.1 = Allow only the superuser to change the owner of a file. The current owner can change the group ID only to a group to which the owner belongs.This parameter applies to NFS, but not to CIFS.

    3.24.2010

    how to determine if usb alfa awus036h is 500mw or 1 watt

    Ways to tell the difference between 500mw and 1W version of the awus036h:
    from: http://forums.remote-exploit.org/general-discussion/28841-how-test-alfa-awus036h-500mw-1w.html (forums appear to be down now)

    The Alfa 1000mW(1W) has a 1 in cased in a circle stamped on the front the 500mW does not
    shine light on LED, the PCB will be blue

    3.01.2010

    adding secondary IP interface and IP index number to APA

    just put the IP in netconf using the Physical PPA lan port (like normal), then when APA starts, it will bind it to the APA port
    INTERFACE_NAME[1]=lan0:1
    IP_ADDRESS[1]=1.2.3.4
    SUBNET_MASK[1]=255.0.0.0
    INTERFACE_STATE[1]=up

    if adding a secondary IP once APA is already running: bind it to the APA PPA (lan900)  as follows:
    ifconfig lan900:1 1.2.3.4 255.0.0.0 up


    HPUX routing and the ip_strong_es_model network tunable

    A "graypaper" on  understanding HP-UX routing including details on ip_strong_es_model tunable: http://www.mayoxide.com/presentations/Understanding_hpux_routing.pdf

    Best description of the ip_strong_es_model tunable via this ITRC link: http://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1267461248860+28353475&threadId=1126880
    ip_strong_es_model is used when you want to configure multiple, physical NICs in the same IP subnet, and/or want the functional equivalent of per-source IP routes.

    2.11.2010

    truecrypt rescue disk on usb

    http://forums.truecrypt.org/viewtopic.php?t=18882&postdays=0&postorder=asc

    and to skip iso check use the /noisocheck or /n  switches on truecrypt or mount the ISO using a virtual cd driver


    contents of first link:
    Here is how:

    1. Format your USB stick from Windows: FAT, Quick, Default Allocation Size.

    2. Download Grub4DOS from: http://download.gna.org/grub4dos/
    Choose latest version. Here is the one I got: http://download.gna.org/grub4dos/grub4dos-0.4.4-2009-06-20.zip

    3. Download Grub Installer from: http://download.gna.org/grubutil/
    Choose latest version. Here is the one I got: http://download.gna.org/grubutil/grubinst-1.1-bin-w32-2008-01-01.zip

    4. Extract them on your hard disk. Run: grubinst_gui.exe

    5. Click DISK. Choose your USB stick. Go 2 boxes down and click REFRESH. On the PART list, choose "WHOLE DISK (MBR)". Make sure everything else is unchecked below.

    If it says something about --skip-mbr-test, type: "--skip-mbr-test" without quotes in EXTRA box.

    Click INSTALL. DOS box should pop up and tell you it transfered MBR.

    6. Copy: file "grldr" from your extracted files to your USB stick.

    7. Create a text file in the root of your USB stick and name it: menu.lst

    Put inside:

    title TRUECRYPT RESCUE DISK
    find --set-root /tc.iso
    map --mem /tc.iso (hd32)
    map (hd0) (hd1)
    map (hd1) (hd0)
    map --hook
    root (hd32)
    chainloader (hd32)

    And save the file.

    8. Copy TrueCrypt Rescue Disk (the iso you created during system encryption) to root of USB and rename it to: tc.iso

    If you don't have the iso, go to TrueCrypt program: SYSTEM > CREATE RESCUE DISK... Follow hte prompts and copy that file to USB and rename it to tc.iso

    That is all.

    1.15.2010

    disable negative dns caching

    Sprint Novatal 2200 mifi devices seems to produce a lot of negative (unsuccessful) dns responses, so just disable the negative caching on windows XP.....

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]
    "MaxNegativeCacheTtl"=dword:00000000


    1.12.2010

    eFax - Free trial - not really free

    eFax offers a "free" 30 day trial.  Though the signup process you are not told how many pages can be sent or received for free.....

    I got two charges for sending over 30 pages ($10 in overages).  When I went to cancel, they said they'd only refund the normal fee ($10).

    Decide for yourself if it's worth dealing with a company that isn't up-front with their terms......

    1.07.2010

    EMC ECC and Naviagent problems and fixes

    Cloning or renaming a system can have some consequences on EMC products like EMC Control Center/ECC  or Navisphere agent for Clarrion arrays:

    ecc fix:
    rm -rf /var/ECC
    cd /usr/ecc/exec && rm -f *.COMFILE *.comfile *.uid *.port *.lck


    Navisphere agent / Naviagent fix:
    stop naviagent and delete HostIdFile.txt:
    /sbin/init.d/agent stop ; rm /etc/log/*

    11.19.2009

    HP-UX sendmail won't start

    if unable to start sendmail and get the following error messages in syslog, the fix is at the bottom:

    Nov 19 15:13:06 HOSTNAME /sbin/init.d/sendmail[11536]: Unable to start Sendmail.
    Nov 19 15:13:06 HOSTNAME /sbin/init.d/sendmail[11536]:
    Nov 19 15:13:06 HOSTNAME /sbin/init.d/sendmail[11536]: The sendmail.cf file is configured for send_only feature.
    Nov 19 15:13:06 HOSTNAME /sbin/init.d/sendmail[11536]: Modify the /etc/rc.config.d/mailservs file with the send_only feature.
    Nov 19 15:13:07 HOSTNAME /sbin/init.d/sendmail[11536]: To disable the send_only feature:
    Nov 19 15:13:07 HOSTNAME /sbin/init.d/sendmail[11536]: - Run the gen_cf file to generate the sendmail.cf file.
    Nov 19 15:13:07 HOSTNAME /sbin/init.d/sendmail[11536]: - Merge your site-specific customizations with the /usr/newconfig/etc/mail/cf/cf/sendmail.cf.gen file.
    Nov 19 15:13:06 HOSTNAME /sbin/init.d/sendmail[11536]:
    Nov 19 15:13:07 HOSTNAME /sbin/init.d/sendmail[11536]: - Copy the /usr/newconfig/etc/mail/cf/cf/sendmail.cf.gen file as /etc/mail/sendmail.cf.
    Nov 19 15:13:07 HOSTNAME /sbin/init.d/sendmail[11536]: - Change the /etc/rc.config.d/mailservs file accordingly.
    Nov 19 15:13:07 HOSTNAME /sbin/init.d/sendmail[11536]: - Restart Sendmail.


    in /etc/mail/sendmail.cf change the following (or similar line)

    from:
    O DaemonPortOptions=Port=smtp,Addr=127.0.0.1,Name=MTA

    to:
    O DaemonPortOptions=Name=MTA

    then restart sendmail:   /sbin/init.d/sendmail start     it should start fine.

    10.01.2009

    Alltel and Sprint mobile broadband

    Windows XP
    Pantech PX-500

    to get on alltel evdo from certain areas, I needed to choose the following settings:

    mode: EVDO
    roaming: AUTO  unchecking Roam guard
    important:  eject and plug card at least once

    It seems important to eject/reinsert the card to get it to connect.  It also took a long time (20+ seconds) when opening connection manager after inserting the card for the first time; searching for service, connecting/disconnecting automatically until it connected to an EVDO signal on the alltel network.

    HP-UX 11.23 to 11.31 update

    some of my notes:
    agile:
    ioscan option -m (mapping)
    -m hwpath -H $hw_path  -- shows hardware paths
    -m lun  -H $hw_path   -- show agile addressing
    -m dsf $device_file  -- maps legacy to agile


    upgrading from v2 to v3 will leave legacy references in lvmtab, etc.. to fix:
    vgscan -N  or  vgdsf
    NOT necessary, but optional:
    rmsf -L  insf -L   --  removes or installs legacy device files from box


    iofind command scans ascii files and converts legacy to agile addresses


    8.18.2009

    use motorola phone as tethered modem on verizon network

    motorola vu204 drivers

    download motorola drivers at http://motorola.com
    create DUN connection using only PAP for security
    password:  vzw
    domain:  blank
    number to dial:#777

    might need reboot phone first.

    8.07.2009

    Backtick grave accent ` iPhone

    The backtick (grave accent) ` character is missing from the iPhone and iPod touch normal keyboard layouts. ( as of OS 3.0 ) To use it, go into the mail app and in the email to/cc/bcc fields you should see the backtick in the upper left on the symbols virtual keyboard. Then just copy and paste it wherever you need it.

    It might be helpful if a bunch of us complained about this missing key on the iPhone and iPod touch keyboards - leave feedback about the missing backtick/grave accent character at: http://www.apple.com/feedback/iphone.html

    Really stupid for them to have it on the email address fields even though it's an invalid char for email addresses.

    1.30.2009

    password aging field

    http://www.tech-faq.com/password-aging.shtml
    http://www.cse.ohio-state.edu/~mamrak/CIS762/unix_encryption_tut.html


    On non-trusted systems password aging is stored as part of the encrypted password each user's account in the system's password file.  The password field, which is the second field is divided in two by a comma.  The first portion, characters 1-13, is the encrypted password.  The second portion, after the comma (characters 15-18), is the password aging field for that account.
    password aging field (characters 15-18) breakdown:
    character 1: max weeks password is valid before expiration
    character 2: min weeks password before password can change
    remaining characters: last password change (in number of weeks since 1/1/1970)

    the characters are Base-64, so it's kind of tricky.  See the above links for a conversion table for Base64.

    calculate:
    ,N/TT

    N = 25 weeks, 175 days max password lifetime
    / = 1 week, 7 days miniumum password before changing
    S = 30
    T = 31
    31 * 64 = 1984
    1984 + 31 = 2050 weeks since January 1, 1970 = 08/07/08


    12.12.2008

    lanadmin options for gigabit cards

    some good stuff here: http://docs.hp.com/en/J5683-90002/ch02s02.html

    specifically I like the lanadmin -x card_info PPA   it gives you firmware, driver versions, etc. level details.  example below for a port on a HP A9784-60002 PCI/PCI-X 1000Base-T FC/GigE Combo Adapter
    *********** Version Information **********
    Driver version: B.11.23.0609
    Firmware version: 1.0.9/1.11
    Chip version: 0x10
    PCI Sub-System ID: 0x12ca (1000Base-T)
    PCI Sub-Vendor ID: 0x103c
    Board Revision: A0
    Software Key: 0
    Engineering Date Code: A-4550

    ********** Card Setting ***********
    Driver State: IGELAN_ONLINE
    Auto Negotiation: On
    Flow Control: On
    Send Max Buf Descriptors: 10
    Recv Max Buf Descriptors: 1
    Send Coalesced Ticks: 150
    Recv Coalesced Ticks: 0

    12.09.2008

    using font server with Cygwin/X

    In cygwin\bin\startxwin.bat

    %RUN% XWin -multiwindow -clipboard -silent-dup-error -fp tcp/FONT_SERVER:7000

    where FONT_SERVER is the name or address of the font server, typically tcp port 7000

    12.03.2008

    great inexpensive waterproof camera case

    here's a great inexpensive waterproof digital camera case: Dicapac

    However, the WP-410 product, even though it says it fits the Olympus Stylus 1010 or 1020, the camera zoom lens will sit on the clear plastic lens of the bag even when using the rubber extender that comes with the case.

    http://tech.yahoo.com/blogs/raskin/17377?comment_start=26&comment_count=20

    http://www.dicapac.com/

    buy from http://www.dicapacusa.com  www.amazon.com and probably other outlets.

    hpux 11.00 trusted account unlock

    to "reactivate" a locked / expired "lifetime maximum reached" account on hp-ux 11.00 trusted system server:

    /usr/lbin/modprpw -l -x USER


    I believe in 11.11 and up all that needed is:  /usr/lbin/modprpw -k USER

    11.11.2008

    c7000 blade enclosures and port maps

    bl860c blade server to c7000 interconnect bays port mapping:

    http://docs.hp.com/en/AD217-9015B-ed5/ch03s09.html

    11.05.2008

    netbackup name resolutions issues

    STATUS CODE 6: Veritas NetBackup (tm) for Oracle database backups fail with a NetBackup Status Code 6 (the backup failed to back up the requested files), and the RMAN log shows an ORA-2702


    bpclntcmd -self -- This returns who the client believes it is
    bpclntcmd -pn -- This returns who the client believes the master is, and what the master says the client is
    bpclntcmd -hn -- This returns the IP address is associated with the master server, using gethostbyname()
    bpclntcmd -hn -- This returns the IP address is associated with the client server, using gethostbyname()

    bpclntcmd -ip -- This returns the hostname associated with the master server's IP address, using gethostbyaddr()

    bpclntcmd -ip -- This returns the hostname associated with the client server's IP address, using gethostbyaddr()

    All names and IP addresses should match

    9.28.2008

    swremove selection had errors

    doing swremove and getting error swremove: selection had errors.

    Nothing further in the swremove.log or any of the swagent.log files in /var/adm/sw.  The problem turn out to be two bundles with the same name, one with the name uppercase, the other lowercase.  In order for the swremove command to work, I needed to specify both bunldes:

    swremove BUNDLE1 bundle1

    9.19.2008

    Netbackup and restores to alternate host

    to allow restores to an alternate host, use the altnames directory:
    http://joostm.nl/netbackup/nbu-env/nbu-env-2-4/doc/TOUCHFILES  (see the No.Restrictions file, to allow any client to restore, BUT it's not safe)


    7.09.2008

    logname and utmp/utmpd problem

    I've encountered the following problem a number of times:
    ssh (or telnet) into a box, sometimes only occurs on a particular tty, like /dev/pts/1
    $ logname logname: could not get login name
    even though:
    $ id
    uid=101(me) gid=102(mygroup)

    UPDATE for sshd issues:
    update your version of SSH or HP patches; see the last couple comment on this ITRC Forum posting.
    try changing UsePrivilegeSeparation to no in sshd_config: /etc/opt/ssh/sshd_config
    UsePrivilegeSeparation no

    then send a SIGHUP to sshd:
    kill -s SIGHUP $(cat /var/run/sshd.pid)
    end update

    It seems like the utmp database is corrupt or not functioning properly. When logname gives the error message "could not get login name", then system doesn't know who I am, so it thinks I'm root (it writes root-root in the sulog file).

    To fix it, I just stopped and restarted the utmpd daemon process: /sbin/init.d/utmpd stop ; /sbin/init.d/utmpd start

    This problem sometimes causes logins to hang when processing /etc/profile, if logname is used in /etc/profile or another login script.

    5.22.2008

    OVO agent issues

    $ /sbin/init.d/opcagt start
    ERROR:   Problems with starting OpC Agent processes or none configured.


    /opt/OV/bin/OpC/opcagt -start
    /opt/OV/bin/OpC/opcagt -status
    The VPO control agent is currently not running. (OpC30-1045)

    edit hosts file and make sure the main IP address for the machine is listed first, escpecially if the hostname is listed more than once.

    $ opcagt -status
    Error opcctla   (Control Agent)(5900) : Initialize of the VPO Control Agent failed. (OpC30-1036)
    Can't lookup servers: Communications failure (dce / rpc). (OpC20-108)
    Can't lookup servers: Communications failure (dce / rpc). (OpC20-108)
    Stopping all VPO Agent processes... (OpC30-1192)

    from: http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=991091

    /opt/OV/bin/OpC/opcagt -kill (stop OVO agent)

    ps -ef |grep -i rpc
    (make sure both rpc and rpcbind are seen)

    /sbin/init.d/Rpcd stop

    Then if rcpd is still running kill it:
        root  1759     1  0  Sep  2  ?        479:48 /opt/dce/sbin/rpcd

    kill -9 1759

    rm /var/opt/dce/dced/Ep.db
    rm /var/opt/dce/dced/Llb.db
    (clear rpcd db files)

    /sbin/init.d/Rpcd start
    (restarts rpcd)

    /opt/OV/bin/OpC/opcagt -start (restart the OVO agent)


    5.12.2008

    APA lan monitor mode hot standby failover mode

    Here's what it looks like when a network link fails over to a secondary, standby lan (and then back again):

    secondary port is down:

    Link Aggregate PPA #             : 900
    Link Aggregation Mode            : LAN_MONITOR
    Load Balance Mode                : Hot Standby (LB_HOT_STANDBY)
    Active Port PPA #                : 0
    Port(s) ready                    : NONE
    Port(s) not ready                : 1
    Port(s) connected to active port : NONE

    SYSLOG:
    May 11 21:00:17 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan1 is down (lan0 is active)
    May 11 21:00:52 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan0 isn't receiving poll packets (lan0 is active)


    after plugged in:
    Link Aggregate PPA #             : 900
    Link Aggregation Mode            : LAN_MONITOR
    Load Balance Mode                : Hot Standby (LB_HOT_STANDBY)
    Active Port PPA #                : 0
    Port(s) ready                    : 1
    Port(s) not ready                : NONE
    Port(s) connected to active port : NONE

    SYSLOG:
    May 11 21:01:32 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan0 is now receiving poll packets (lan0 is active)
    May 11 21:01:52 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan1 is up (lan0 is active)

    then:
    Link Aggregate PPA #             : 900
    Link Aggregation Mode            : LAN_MONITOR
    Load Balance Mode                : Hot Standby (LB_HOT_STANDBY)
    Active Port PPA #                : 0
    Port(s) ready                    : 1
    Port(s) not ready                : NONE
    Port(s) connected to active port : 1




    Primary port down:
    Link Aggregate PPA #             : 900
    Link Aggregation Mode            : LAN_MONITOR
    Load Balance Mode                : Hot Standby (LB_HOT_STANDBY)
    Active Port PPA #                : 1
    Port(s) ready                    : NONE
    Port(s) not ready                : 0
    Port(s) connected to active port : NONE

    SYSLOG:
    May 11 21:03:05 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan0 is down (lan1 is active)
    May 11 21:03:42 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan1 isn't receiving poll packets (lan1 is active)


    Primary port back up:
    Link Aggregate PPA #             : 900
    Link Aggregation Mode            : LAN_MONITOR
    Load Balance Mode                : Hot Standby (LB_HOT_STANDBY)
    Active Port PPA #                : 1
    Port(s) ready                    : 0
    Port(s) not ready                : NONE
    Port(s) connected to active port : NONE

    SYSLOG:
    May 11 21:05:12 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan1 is now receiving poll packets (lan1 is active)


    May 11 21:05:32 sbhs3010 vmunix: APA/LM: FOG:lan900 - lan0 is up (lan1 is active)
    same time:
    Link Aggregate PPA #             : 900
    Link Aggregation Mode            : LAN_MONITOR
    Load Balance Mode                : Hot Standby (LB_HOT_STANDBY)
    Active Port PPA #                : 1
    Port(s) ready                    : 0
    Port(s) not ready                : NONE
    Port(s) connected to active port : 0


    doesn't fail back to original active port because both ports have the same priority.


    using Twitter with Google talk for your domain

    http://www.kavinda.net/2007/07/31/HowToTwitterOnGTalkForYouDomain.aspx  explains how to add the necessary DNS SRV records to your zone in order to twit via Google chat.  This is necessary to get twitter to work with Google Talk when your using Google Apps for your domain.

    Go to the Chat section under 'Service Settings' when in the administration 'manage this domain' page for your domain.  a link will be to: http://www.google.com/support/a/bin/answer.py?answer=60227&hl=en   But you'll need to follow the above instructions as well (maybe, haven't tried yet)

    5.11.2008

    HP APA (auto port aggregation)

    HP-UX has no built in lan aggregation or failover; I know - it's a damn shame.  (note: serviceguard does have a local lan failover mode)  HP APA (Auto Port Aggregation).

    Be sure to do the configuration from a console connection or connect from a NIC that won't be involved in APA, otherwise you'll drop and may not be able reconnect over tha lan if you screw up the config.

    commands to configure it:
    lanqueryconf
    lanapplyconf
    lancheckconf
    landeleteconf

    Here's my quick and dirty version of creating a lan failover group:

    --- APA configuration --
    added the following line to /etc/rc.config.d/hp_apaconf
    HP_APA_USE_SYSLOG=1

    add the following to: /etc/rc.config.d/hp_apaportconf
    HP_APAPORT_INTERFACE_NAME[0]=lan5
    HP_APAPORT_CONFIG_MODE[0]=LAN_MONITOR

    HP_APAPORT_INTERFACE_NAME[1]=lan6
    HP_APAPORT_CONFIG_MODE[1]=LAN_MONITOR


     /sbin/init.d/hplm stop
     /sbin/init.d/hpapa stop
     /sbin/init.d/hpapa start
     /sbin/init.d/hplm start

    create ascii file:
    lanqueryconf -s

    change priority of both primary and secondary to the same value, so that failback doesn't occur.
    vi /etc/lanmon/lanconfig.ascii

    check validity of ascii file:
    lancheckconf

    apply the changes to the binary file:
    lanapplyconf

    check config:
    lanscan and lanscan -q and lanadmin -x -v PPA  and netstat -in



    Once it's configured, here are some useful commands for looking at the status:
    real status of ports:  lanadmin -x -i 900 
    load balancing mode:   lanadmin -x -l 900
    verbose config:        lanadmin -x -v 900

    Where 900 is the PPA number for the apa/failover group

    5.10.2008

    serviceguard error renaming hosts

    The following is from renaming hosts or changing their IP addresses in a SG cluster.  In addition to changing all the cluster configuration files (cmclnodelist, cluster ascii, package ascii and control files) from the old names to the new names, you also probably need to delete /etc/cmcluster/cmclconfig (the cluster binary config file).  The old IP address are "stuck" in there and cmcheckconf or cmapplyconf  won't proceed without deleting the cluster binary file.

    If you don't delete it, here's the message you will receive when running cmapplyconf or cmcheckconf:

    Checking nodes ... Done
    Checking existing configuration ... Done
    Warning: Unable to get configuration for cluster CLUSTER_NAME
    Error: Node HOSTNAME is refusing Serviceguard communication.
    Please make sure that the proper security access is configured on node
    HOSTNAME through either file-based access (pre-A.11.16 version) or role-based
    access (version A.11.16 or higher) and/or that the host name lookup
    on node HOSTNAME resolves the IP address correctly.
    cmcheckconf : Failed to gather configuration information

    5.07.2008

    single vs. dual core in HP-UX

    use machinfo:  /usr/contrib/bin/machinfo

    the following hints are from: http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1209686

    Single-core processors ======================
    processor family: 31 Intel(R) Itanium 2 Family Processors


    Dual-core processors ====================
    processor family: 32 Intel(R) Itanium 2 9000 series
    or
    processor family: 32 Intel(R) Itanium 2 9100 series


    So, processor family 32 means dual core;  processor family 31 means single core.

    5.06.2008

    get CPU speed on HP-UX

    echo itick_per_tick/D | adb -k /stand/vmunix /dev/kmem | tail -1 | awk '{print $2/10000}'

    or
    sam  --> performance monitors,  system properties

    Itanium:  11iv2
    machinfo

    5.05.2008

    ECC agent fails or hosts don't appear

    the hosts don't appear in the EMC Control Center (ECC) master server, or one does but then is replace by another. Sometimes the agent starts, but then unexpectedly quits/dies. If you clone your boxes, exclude /var/ECC or else!

    Otherwise just: stop the agent; nuke /var/ECC ; restart agent is the fix for this issue it seems


    open a http://powerlink.emc.com account and see the article: "Hostname change not reflected in ControlCenter console." EMC doc ID: emc139067

    Looks like you also need to remove a couple more files in /usr/ecc/exec any files with the extensions .lck, .port, .uid and .comfile

    3.14.2008

    set up the IP stack in EFI on HP integrity servers

    from an ignite DVD or even the boot disk of an HP-UX system:
    cd \EFI\HP\TOOLS\NETWORK
    load tcpipv4.efi
    ifconfig sni0 192.168.1.50 netmask 255.255.255.0 up
    route add default 192.168.1.1

    ping 129.168.1.1

    to reuse IP on different interface, unload the tcpipv4 driver, find the driver handle first:
    dh
    unload AF


    not sure how to print the routing table, if anyone knows please comment ('route print') does NOT work.

    3.05.2008

    unable to uninstall Lenovo password manager FF extension

    If you have already removed the client security stuff on your IBM Lenovo Thinkpad, but are still unable to uninstall the thinkvantage password manager extension / add-on from Firefox because the button is disabled or greyed out here's how to manually remove it:

    Delete the registry entry for it in:
    HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions "{FCF36B88-1BBA-487f-B64B-D2E8980A9293}"="C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension"

    2.22.2008

    Strip Out the Formatting before pasting

    I've been looking for a good, small, unintrusive tool to strip all the rich text formatting when copying from a web page to a office, word, excel or any app that accept rich text or web formatting.
    Strip Out the Garbage Code Before You Blog | Shaun Low explains the PureText tool. It sits in the systray and is less than 30k in size, requires no install. http://www.stevemiller.net/puretext

    2.11.2008

    don't use PHNE_35793 on HPVM

    from http://www12.itrc.hp.com/service/patch/patchDetail.do?patchid=PHNE_35793&sel={hpux:11.23,}&BC=main|search|

           - An HPVM guest that uses a virtual interface that belongs
             to an IGELAN interface configured on the HPVM host can
             experience hangs with network services like ping, NFS,
             rcp, ftp for data transfers which use full-sized
             frames.  This behavior is observed with HPVM 2.0 and
             HPVM 3.0.

    oh, and HPVM 1.2 either

    2.05.2008

    ECC agent fails or hosts don't appear

    the hosts don't appear in the EMC Control Center (ECC) master server, or one does but then is replace by another.  Sometimes the agent starts, but then unexpectedly quits/dies.  If you clone your boxes, exclude /var/ECC or else!

    Otherwise just: stop the agent;  nuke /var/ECC ; restart agent is the fix for this issue it seems

    memory card insert - won't autoplay

    After installing vmware server, I couldn't get memory card inserts into Windows XP to autoplay and bring up the "scanners and camera wizard". It's caused by vmware server putting a policy (registry) in place to disable autorun.

    To fix:
    delete: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun
    and HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun

    Discovered by:
    Is there Autorun after VMWare? | Terry Pearson's Blog