Oracle 9i Installation Tips

Audience: All Date: June 2, 2003

The attached file from Doug Ranz contains installation tips for Oracle 9i, including recommendations for AIX 5.2 Dir I/O. Oracle-9i-Install-tip.pdf

XML Databases
By Danny Kalev Date: September 27, 2002

A relational database stores information in tables, with the ability to relate information from one table to information primary data unit in relational databases is a column, which may contain one or more fields. While this model operate data oriented systems, it isn't ideal for manipulating XML data. Database vendors have come up with several solution discuss two representative products that are available on Linux.

Data-centric and Document Centric XML

Document-centric XML documents typically contain essays, poems, letters etc. In these documents, the primary data rather than individual fields. By contrast, data-centric documents can be an employee's information or a catalog item. intended to read such documents in their raw form, but rather they are created and used by software application. In su nodes contain meaningful information even when used outside the context of their document, an employee's name for

XML-enabled Databases

Relational databases that offer special capabilities for dealing with XML data are known as "XML-enabled databases traditional rows and columns internally. The simplest mapping model simply stores the original XML document in a t OBject, or LOB. This mapping model isn't ideal for performing sophisticated queries based on specific elements of an database engine isn't aware of its structure. IBM's DB2 uses "side tables" to solve this problem. A side table contains point to specific elements in the original XML document.

Alternatively, a side table contains the navigation scheme of the original document (known as "XPath" in XML-parla these methods is truly relational. If we wish to change a single node, we need to retrieve the entire document value, c This approach is therefore more suitable for document-centric applications.

Object-relational Storage

A second mapping model breaks the elements of an XML document into individual ta This way, the database is aware of the original document's structure. Oracle's 9i data this approach. The DBA can decide which documents should be mapped to a table sc documents should be stored as LOBs. Equipped with an array of XML-related softwa XML Class Generator, XML SQL Utility and XML Parser, Oracle's 9i handles documen centric XML equally well. AIX Tip of the Week: Service Director: RS/6000 Call Home Support
Audience: AIX System Administrators Date: April 1999 (Updated: December 2000)

Service Director is an AIX software program that monitors, diagnoses and reports system errors. It can automatically without customer intervention. It may be configured to run on a single system, or as part of a client/server network.

Service Director and it's documentation can obtained by anonymous ftp at ftp.software.ibm.com (198.17.57.66). The

procedure is listed below. Be sure to set the file transfer mode as "binary" if using this method.
> > > > bin cd /aix/servdir_client_code get servdir.installp.Z get sd6ug.ps.Z or sd6kug.pdf

Although there is no charge for this software, the "call home" function does require the RS/6000 hardware to be on w maintenance contract.

Update 12/2000
Service Director is being replaced by Service Agent. Documentation and install image can be found at: ftp://ftp.software.ibm.com/aix/service_agent_code

AIX Tip of the Week: Error Notification Facility

Audience: AIX Administrators Date: July 9, 1999

AIX's Error Notification Facility is a useful systems management tool. This facility can be configured to send alerts ( a specific** hardware or software problem appears in the error log. This allows administrators to quickly address, and problems that could affect system availability. See the AIX documentation for information on configuring the Error N

The error_notice.htm attachment is a copy of the AIX documentation in HTML format. The pager attachment is a she page. It can be used in conjunction with the Error Notification Facility.

"pager" Shell Script

#! /bin/ksh # Pager: send digital page via the "cu" command. # modified...Bruce Spencer 7/15/97 # # Prerequisites # 1. A tty be defined to AIX: # Create the tty with "smitty tty". Set "Enable Login" # to either "share" or "disable" # # 2. Install AIX BNU (also known as UUCP) # It's on the base AIX CD. # # 3. Define the tty to the BNU dialer program by adding # the following line to /usr/lib/uucp/Devices # # Direct tty2 - 9600 direct # tty2 = your tty modem line

# # The script outputs "cu" commands, which control the modem. # The sleep command provides the necessary delays between modem commands. # # # USAGE: # pager phone_number pager_number [code] # # where: # phone_number = telephone number of the pager # pager_number = PIN number,option number, etc... # [code] = optional field for your message code # # EXAMPLE: # pager 9,1-800-555-7243 123456 2001 # ########################################### # # Parameters to modify for your environment # DEVICE=/dev/tty0 # Modem device over which to place the call # # Define CU options # see cu(1) man page for options # CU_OPTS="-l${DEVICE} -m" # # # File to log errors and calls to. Use /dev/null to ignore # LOG=/tmp/${0##*/}.log # LOG=/dev/null ########################################### if [ $# -eq 3 ]; then CODE="$3" elif [ $# -ne 2 ]; then echo "usage: ${0##*/} phone pager [code]" >&2 echo " phone: phone number to dial" >&2 echo " pager: pager id" >&2 echo " code: optional display code for pager" >&2 exit 1 else CODE=0000 fi PHONE="$1" PAGER="$2" # Put the following commands inside of curley braces so we can # pipe the output to cu. Redirect stdout and stderr of cu to /dev/null, since # we really don't care much about the progress of the call { # # Log the call # echo "\n`date`\nDialing ${PHONE} pager ${PAGER} code ${CODE}" >> $LOG # # Be sure we have the modem's attention by sending it # the AT command twich # echo "AT"

echo "AT" sleep 1 # # # # # # # Output commands to dial paging system, to enter pager number, and to enter callback number. As is typical with the "AT" dial set, commas separate the commands with a short pause. Add several pauses after dialing to be sure we have gotten through the phone system

echo "ATDT${PHONE},,,,,,${PAGER}#,,${CODE}##\n" # Wait long enough for modem to complete call, and then output command to # terminate the cu executable. sleep 30 echo "~." } | cu ${CU_OPTS} >> $LOG 2>&1

AIX Tip of the Week: Error Notification Facility

Audience: AIX Administrators Date: July 9, 1999

AIX's Error Notification Facility is a useful systems management tool. This facility can be configured to send alerts ( a specific** hardware or software problem appears in the error log. This allows administrators to quickly address, and problems that could affect system availability. See the AIX documentation for information on configuring the Error N

The error_notice.htm attachment is a copy of the AIX documentation in HTML format. The pager attachment is a she page. It can be used in conjunction with the Error Notification Facility.

"pager" Shell Script

#! /bin/ksh # Pager: send digital page via the "cu" command. # modified...Bruce Spencer 7/15/97 # # Prerequisites # 1. A tty be defined to AIX: # Create the tty with "smitty tty". Set "Enable Login" # to either "share" or "disable" # # 2. Install AIX BNU (also known as UUCP) # It's on the base AIX CD. # # 3. Define the tty to the BNU dialer program by adding # the following line to /usr/lib/uucp/Devices # # Direct tty2 - 9600 direct # tty2 = your tty modem line

# # The script outputs "cu" commands, which control the modem. # The sleep command provides the necessary delays between modem commands. # # # USAGE: # pager phone_number pager_number [code] # # where: # phone_number = telephone number of the pager # pager_number = PIN number,option number, etc... # [code] = optional field for your message code # # EXAMPLE: # pager 9,1-800-555-7243 123456 2001 # ########################################### # # Parameters to modify for your environment # DEVICE=/dev/tty0 # Modem device over which to place the call # # Define CU options # see cu(1) man page for options # CU_OPTS="-l${DEVICE} -m" # # # File to log errors and calls to. Use /dev/null to ignore # LOG=/tmp/${0##*/}.log # LOG=/dev/null ########################################### if [ $# -eq 3 ]; then CODE="$3" elif [ $# -ne 2 ]; then echo "usage: ${0##*/} phone pager [code]" >&2 echo " phone: phone number to dial" >&2 echo " pager: pager id" >&2 echo " code: optional display code for pager" >&2 exit 1 else CODE=0000 fi PHONE="$1" PAGER="$2" # Put the following commands inside of curley braces so we can # pipe the output to cu. Redirect stdout and stderr of cu to /dev/null, since # we really don't care much about the progress of the call { # # Log the call # echo "\n`date`\nDialing ${PHONE} pager ${PAGER} code ${CODE}" >> $LOG # # Be sure we have the modem's attention by sending it # the AT command twich # echo "AT"

echo "AT" sleep 1 # # # # # # # Output commands to dial paging system, to enter pager number, and to enter callback number. As is typical with the "AT" dial set, commas separate the commands with a short pause. Add several pauses after dialing to be sure we have gotten through the phone system

echo "ATDT${PHONE},,,,,,${PAGER}#,,${CODE}##\n" # Wait long enough for modem to complete call, and then output command to # terminate the cu executable. sleep 30 echo "~." } | cu ${CU_OPTS} >> $LOG 2>&1

AIX Alternate Disk Installation

Jeff Marsh

In this article, I will describe some tools within AIX (some new, some old) that can help you reduce the off-h administration staff during maintenance upgrades. I will also show you some uses for these same toolsets recovery times due to rootvg corruption.

Alternate Disk Installation What is it? According to the IBM AIX Installation Guide: "Alternate disk installation, available in AIX Version 4.3, allows installing the system while it is up and runni or upgrade down time to be decreased considerably."

Thus, with another set of bootable drives within a server, you can install maintenance (e.g., upgrade your s to AIX 4.3.3.06) during the day without interruption or any effects to the running applications. However, you make it active.

The support model prior to Alternate Disk Installation required all work to be done off-hours during an appli window that generally took two to four hours. Now you can reduce that off-hour time from two to four hours time to reboot. I'll also show you how you can complete multiple upgrades in that same reboot window usin Manager (NIM). Requirements To enable Alternate Disk Installation, you need to install the following base-level filesets and upgrade to at corresponding fileset levels. These filesets do not require a reboot to install:
Base level filesets: Fileset levels: bos.alt_disk_install.rte 26 bos.alt_disk_install.boot_images 27

You will also need another free, bootable drive within your server. In this case, you are configuring new ser drives for systems administration purposes: two drives for the primary rootvg mirrored, and two for alt_dis implementations. You could get by with just one additional drive, but we prefer to have two.

How It Works Alternate Disk Installation works by cloning your primary rootvg running on hdisk0 and hdisk1, for example drives, hdisk2 and hdisk3. After the system completes those copies using basic find, backup, and restfile latest maintenance level you designate.

This process is shown in Figure 1. First, you clone hdisk0/1 to hdisk2/3, and then you apply maintenance t hdisk2/3 while the applications continue to run against hdisk0/1.

To complete this task from SMIT, issue the following fast path. You should expect to see the following pane
smitty alt_clone Clone the rootvg to an Alternate Disk: Type or select values in entry fields. Press Enter AFTER making all desired changes. * Target Disk(s) to install Phase to execute + image.data file [hdisk2 hdisk3] all []

AIX Tip of the Week: Split Mirror Copy Saves Backup Time
Audience: IT Managers and Administrators Date: April 3, 2000

AIX in the News: According to a report just released by industry consultant D.H. Brown, AIX ranks #1. For details, s http://www.dhbrown.com/dhbrown/opsysscorecard.cfm

And now for the tip: The "split mirror copy" technique can be used to reduce downtime for backups to seconds. The of a mirrored file system and mounts it as read-only for use as an online backup. The AIX 4.3 command to do a split m chfs -a splitcopy=/backup -a copy=2 /testfs

It takes about 15secs for 2GB on my machine. The pro/con's of split mirror backups are discussed in the attached PDF

AIX Tip of the Week: AIX Network Installation Manager

Audience: AIX Administators and IT Management Date: April 15, 2000

Network Installation Manager (NIM) reduces the complexity of managing large installations of RS/6000's by allowin maintain AIX on remote RS/6000's from a central network server. For example, you can plug a new RS/6000 into the install a system image, and customize it with the appropriate hostname, IP address, etc. NIM can also automatically d new software to remote systems. NIM's benefits include the ability to install remote systems without physically having to be there, the ability to clone failed system, and to maintain configuration information on the remote systems. NIM is available on the base AIX CD. For more information, see: http://www.redbooks.ibm.com/pubs/pdfs/redbooks/sg245524.pdf

AIX Tip of the Week: Using AIX for NT File/Print Serving

Audience: IT Management and AIX Administrators Date: May 27, 2000

Everyone knows about the tremendous growth in the number of NT file/print servers in the Enterprise. What many do cost of maintaining all of these servers. Ongoing costs include monitoring, updating, backing up, managing tapes, pro HVAC, etc.

One way to reduce these costs is to consolidate NT file/print services on AIX. The benefits include fewer systems to m scaleability (see attached presentation), reliability, and utilization of disk and tape drives.

I generally recommend either AIX Connections or Samba software to provide NT file/print services on AIX. Both hav and functionality. However AIX Connections lists for $1,495, where as Samba is freeware (http://www-frec.bull.fr/). relatively easier to use, and is supported by IBM. Samba is a bit more complex and is not supported by IBM. For more information, see http://www.redbooks.ibm.com and search for "SG24-5102".

Subject: History of AIX Functionality by Version/Release

Audience: System Administraters Date: June 27, 2000

The attached PDF file should be useful to those considering upgrading their version of AIX. The file lists the history o version/release. History of AIX Functionality

IBM in the News

IBM to reveal technology that effectively doubles (PC) computer memory http://www.sjmercury.com/svtech/news/breaking/merc/docs/000801.htm IBM, Sun jockey for position in Unix server market (IDC Ranks IBM #1 in Mid Range Unix Servers!) http://news.cnet.com/news/0-1003-200-2136510.html?tag=st.ne.1002.thed.ni

New AIX Hot Spare Network Adapter Functionality

Audience: System Administrators Date: May 25, 2001

AIX 4.3.3 ML 8 and AIX V5 support "hot spare" network adapters without HACMP. The attached note from Steve Pi function in greater detail The AIX Differences Guide that Steve refers to can be found at http://www.redbooks.ibm.com (search for "AIX") or http://publib-b.boulder.ibm.com/cgi-bin/searchsite.cgi?query=AIX

A new function called Network Interface Takeover ships with AIX V4.3.3 Maintenance Level 8. The function is also

The function adds a netif_backup choice to the Mode option on the Add An Etherchannel smit menu, which allows an

configure a pair of adapters in active/standby mode. That is, one adapter is active and the other is an idle standby. If th Ethernet device driver will activate the idle standby adapter, take over the failed adapter's IP and MAC address, and a continue without interruption. The AIX 5L Differences Guide Version 5.1 Edition Redbook (SG24-5765-01) says:

Etherchannel is a network aggregation technology that allows you to produce a single large pipe by combining the ba Ethernet adapters. In AIX 5L Version 5.1, the Etherchannel feature has been enhanced to support the detection of inte network interface backup.

In the network interface backup mode, the channel will only activate one adapter at a time. The intention is that the ad different Ethernet switches, each of which is capable of getting to any other machine on the subnet/network. When a p with the direct connection, or through inability to ping a machine, the channel will deactivate the current adapter, and

The network interface backup feature is currently supported by 10/100 Ethernet and gigabit Ethernet PCI cards (devic devices.pci.14100401.rte). If you are using other devices, you might get unexpected results.

The Differences Guide has some additional information about configuring Etherchannel for network interface backup

See the AIX Version 4.3 Differences Guide Redbook (SG24-2014-02) for more information about basic Cisco EtherC Network Interface Takeove) in AIX V4.3.3. Regards, Steve. (925)277-5080, 227-x5080 IBM Open Systems Technology Team - Dept. IGRF San Ramon, Ca. I intend to *MAKE* the system work! Internet address: skywalker@alum.mit.edu

Sys Admin Magazine Article Covering AIX Functions

Audience: System Administrators Date: May 25, 2001

Learning AIX? The June 2001 issue of Sys Admin magazine has a special supplemental section just for AIX Adminis

NIM AIX error logging facility Linux affinity Alternate disk installation smit Network dispatcher AIX book reviews.

The web version of the magazine supplement is at: http://www.sysadminmag.com/current/supplement/index.htm

Commands Reference, Volume 3

mkramdisk Command
Purpose
Creates a RAM disk using a portion of RAM that is accessed through normal reads and writes.

Syntax
mkramdisk size

Description

The mkramdisk command is shipped as part of bos.rte.filesystems, which allows the user to create a RAM disk. Up the mkramdisk command, a new RAM disk is created, a new entry added to /dev, and the name of the new RAM dis output. If the creation of the RAM disk fails, the command prints an internalized error message using perror.

The names of the RAM disks are in the form of /dev/rramdiskx where x is the logical RAM disk number (0 through

The mkramdisk command also creates block special device entries (for example, /dev/ramdisk5) although use of th discouraged because it adds overhead. The device special files in /dev are owned by root with a mode of 600. Howev group ID can be changed using normal system commands. Up to 8 RAM disks can be created with up to 2 GB memory (in 512 byte blocks) allotted for each RAM disk. Note: The size of a RAM disk cannot be changed after it is created.

RAM disks can be removed by using the rmramdisk command. RAM disks are also removed when the machine is re

To set up a RAM disk that is approximately 20 MB in size and create a file system on that RAM disk, enter the follow mkramdisk 40000 ls -l /dev | grep ram mkfs -V jfs /dev/ramdiskx mkdir /ramdisk0 mount -V jfs -o nointegrity /dev/ramdiskx /ramdiskx where x is the logical RAM disk number. RAM disk pages are pinned.

Parameters

size

Indicates the amount of RAM (in 512 byte increments) to use for the new RAM disk. For example, typing: mkramdisk 1 creates a RAM disk that uses 512 bytes of RAM. To create a RAM disk that uses approximately 20 MB of mkramdisk 40000

Commands Reference, Volume 4

rmramdisk Command
Purpose
Removes RAM disks created by the rmramdisk command.

Syntax
rmramdisk ram_disk_name

Description

The rmramdisk command removes the specified RAM disk and the device special files created for that RAM disk. R removed when the system is rebooted.

Parameters
ram_disk_name

Name of the specific RAM disk to be removed from memory. If not specified, an error is ret RAM disks are in the form of rramdiskx where x is the logical RAM disk number (0 throug

Work Load Manager Demonstration

Audience: System Administrators Date: September 23, 2001 Do you need to consolidate applications on fewer servers, but are concerned about meeting Service Levels? Do you have a poorly behaving application that overloads the system to the point you can't log in? Would you like a simple tool to view CPU, memory and I/O utilization by application?

If so, try AIX's Work Load Manager. WLM allows you to specify the amount of CPU, memory, and I/O bandwidth** application during peak periods. The benefit is that WLM can address all of the above issues.

To illustrate, I've attached two files containing a 10 minute WLM demonstration that can be run on your server. The d

setsof WLM profiles and a load generation program to simulate CPU, memory or I/O activity. See below for instructi WLM Demo Download: wlm_demo.tar.Z Instructions from below in PDF format: wlm_demo.pdf Bruce Spencer, baspence@us.ibm.com

AIX Tip of the Week: Work Load Manager Starter Kit

September 22, 2001 Background

UNIX servers typically run a single application or database due to the difficulty in maintaining service levels with mi result in inefficient server utilization and higher operating costs. One solution is AIX's Work Load Manager which he by arbitrating contention for CPU, memory and I/O bandwidth .

I've found the best way to get started is to use WLM. Therefore this tip is a "hands on" demonstration that you can run includes the WLM profiles and a load generation program that illustrates two basic ways WLM can be used to manag Demonstration

This demonstration illustrates two ways to configure WLM to resolve CPU contention among three users. In the first users sharing the same server. When the system is under load, we want to "time slice" the CPU unequally so that user user2 gets 30% and user3 gets 20%.

In the second case, we simulate a server where we have one primary user and two secondary users. The primary user system so that it takes precedence over all other applications. Secondary users get whatever is left over. If the primary secondary users must wait.

Although this demonstration only controls user access to the CPU, it is trivial to extend this to control to groups and a memory and I/O. Setup 1. If necessary, install the bos.rte.control fileset from the base AIX installation CDROM. 2. Create three user ids: user1, user2, user3 3. Unpack the wlm_demo.tar.Z file

Copy the "wlm_demo.tar.Z" file to /etc/wlm (if using ftp, transfer in binary mode). Change directory to /etc/wlm Unpack the tar file: "zcat wlm_demo.tar.Z | tar -xvf -" You should see 2 directories: test1 and test2 and the loadgen program. Test1 and test2 directories contain the WLM configuration profiles

Loadgen is a program that simulates load (CPU, memory and I/O) Verify the loadgen program is executable by all: "chmod a+x loadgen"

Test 1: Concurrent Users with Different Time Slices

Objective: provide concurrent access to multiple groups. However, each group has different priority when the system Method: Use "shares" to prioritize CPU access. WLM's Formula for determining CPU Access Under Load CPU-User(I) = shares(I)/(total active shares) Predicted CPU Utilization Who's Active Active Shares User1 CPU (50 Shares) All users User 2, 3 User 1, 2 100 50 70 50% User2 CPU (30 Shares) 30% 60% 71% User3 CPU (20 Shares) 20% 40% 29%

The following results are

(uniprocessor) at AIX 4.3.3 ML7. . 1. Log on as root 2. Check the WLM configuration: lsclass -f
3. System: 4. CPUshares = 10 5. memorymin = 1 6. memorymax = 100 7. 8. Default: 9. 10.User1: 11. description = "High priority jobs" 12. tier = 1 13. CPUshares = 5 14. 15.User2: 16. description = "Medium priority" 17. tier = 1 18. CPUshares = 3 19.

20.User3: 21. description = "Low priority" 22. tier = 1 23. CPUshares = 2

Comment: in the output above, User1, User2 and User3 are "classes" (groups that access resources), not user "class" and user id use the same name, as I put user1 in the class User1, user 2 in class User2, etc. But in pract names will not match, as a "class" may contain multiple user ids, group ids, and executable names.

For the moment, ignore the System class and its 10 CPU shares. The System class includes all root processes "tier 0" which means it gets any resources it needs before "tier 1" users. So the WLM formula for CPU access the same tier. 24. Start WLM using "test1" profiles: wlmcntrl -d /etc/wlm/test1 25. Start user3's workload: su - user3 -c /etc/wlm/loadgen -t 500 >/dev/null & 26. View steady state utilization by "class" with only user3 active: wlmstat 20 3
27.Name 28.Unclassified 29.System 30.Default 31.User1 32.User2 33.User3 CPU 0 3 0 0 0 92 MEM 20 41 4 0 0 7

Comment: this illustrates a WLM advantage over physical partitioning. When there is no contention, any pro the system resources. In contrast, an application in a partitioned system can only access resources within its pa partitions are idle. Jobs in a WLM environment have more resources and generally perform better than if parti same system. 34. Start user2 workload: su - user2 -c /etc/wlm/loadgen -t 500 >/dev/null& 35. View the steady state utilization by "class" with user2 and user3 active: wlmstat 20 3
36.Name CPU 37.Unclassified 0 38.System 3 41 39.Default 0 40.User1 0 41.User2 52 42.User3 40 MEM 20 4 0 9 10

Comment: not quite the 60/40 user2/user3 split we expected, but close enough. Over the long term it should a 43. Start user3 workload: su - user3 -c /etc/wlm/loadgen -t 500 > /dev/null& 44. View the steady state utilization by "class" with all three users: wlmstat 20 3
45.Name 46.Unclassified 47.System 48.Default 49.User1 50.User2 51.User3 CPU 0 3 0 43 28 20 MEM 20 43 4 7 10 10

Comment: the observed 43/28/20 ratio is close to the expected 50/30/20 ratio 52. Stop loadgen programs

kill %1 kill %2 kill %3 53. Stop WLM: wlmcntrl -o Test 1 Conclusions:

o o o o

Use "shares" to control concurrent access to a system Put "classes" (access groups) in the same "tier" WLM only controls access when there is contention. The WLM overhead is less than 3% (System class)

Test 2: Primary User Gets All Resources, Secondary Users Get Unused Cycles Objective: Primary application has full access to the server. Lower priority applications may only access whatever is application needs resources, lower priority applications wait. .

Method: Use "tiers" to control access. Tiers range from 0-9, where 9 is the highest priority, and 9 the lowest. Users in they need. Users in tier 1 can access any left over resources after tier 0 users. Tier 2 users get any left over resources a (Shares have no effect between tiers. For example, a tier 0 user with 1 share has priority over a tier 1 user with 1000 s demonstration, the users were assigned the following tiers. Root = tier 0 User1 = tier 1 User2 = tier 2 User3 = tier 3 1. Log on as root, "cd /etc/wlm" 2. Check the WLM configuration: lsclass -f
3. System: 4. CPUshares = 5. memorymin = 6. memorymax = 7. 8. Default: 9. 10.User3: 11. description 12. tier = 3 13. CPUshares = 14. 15.User2: 16. description 17. tier = 2 10 1 100

= "High priority jobs" 5 = "Medium priority"

18. CPUshares = 3 19. 20.User1: 21. description = "Low priority" 22. tier = 1 23. CPUshares = 2

Comment: we're using tiers to control access. In this example, each user is in a different tier. CPUshares have tiers. Tier 0 has the highest priority. Tier 9 has the lowest. All users in tier "n" get resources before users in tie CPUshares. 24. Start WLM using "test2" profiles: wlmcntrl -d /etc/wlm/test2 25. Start user3's workload: su - user3 -c /etc/wlm/loadgen -t 500 >/dev/null & 26. View steady state system utilization by "class" with user3: wlmstat 20 3
27.Name 28.Unclassified 29.System 30.Default 31.User1 32.User2 33.User3 CPU MEM 0 20 4 40 0 4 0 0 0 0 87 4

Comment: user3 (lowest priority user) can access the entire system if there is no contention for resources. 34. Start user2's workload: su - user2 -c /etc/wlm/loadgen -t 500 >/dev/null& 35. View steady state utilization by "class" with two users: wlmstat 20 3
36.Name CPU MEM 37.Unclassified 0 20 38.System 3 41 39.Default 0 8 40.User1 0 0 41.User2 89 9 42.User3 2 8

Comment: working as expected. User2 is in tier 2, which has priority over user3 in tier 3. Notice that shares h 43. Start user1's workload: su - user1 -c /etc/wlm/loadgen -t 500 >/dev/null& 44. View steady state utilization by "class" with three users: wlmstat 20 3
45.Name CPU MEM 46.Unclassified 0 20 47.System 3 42 48.Default 0 4 49.User1 88 10 50.User2 2 10 51.User3 1 8

Comment: as expected. The highest priority user gets full access if needed. Lower priority tiers must wait. 52. Stop the jobs kill %1 kill %2 kill %3

53. Stop WLM: wlmcntrl -o

Test 2 Conclusions
o o

Use "tiers" when you have a high priority application that takes precedence over all other jobs. Shares have no relevance between tiers.

Discussion
Here are a couple suggestions for follow on tests:
o o o o

Experiment by adding more users to each class and running different combinations of users and config Try the "loadgen" memory load generator Try the "loadgen" I/O load generator (AIX 5 only) Try your own applications (such as multiple database instances)

There are many ways to configure WLM. Configurations will differ by applications, Service Level Agreements, and a As an administrator, my preferences is to add classes starting at "tier 1" and above. I leave "tier 0" for "root" processe processes have precedence over all applications (assuming the application is started by a non-root id). This allows roo application problems that might otherwise "hang" the system. This configuration has minimal impact on performance System overhead was only 3%.

Another useful WLM function is the wlmstat command. As we saw in the tests, wlmstat summarizes CPU/Memory u output can be used for performance monitoring, problem determination, and capacity planning. You can use wlmstat, WLM to control workloads. To do so, define the "classes" according to your needs, and start WLM in the "passive" or (wlmcntrl -p).

Summary
1. WLM controls access only when there is contention for resources o Otherwise, jobs have full access to resources o CPU overhead is less than 3% 2. Use "shares" to control concurrent access o "Shares" should be in same "tier" 3. Use "tiers" to run non-essential jobs in the background o "Shares" have no relevance between "tiers"

Bruce Spencer IBM baspence@us.ibm.com

Appendix

WLM Command Summary Function Smit Fastpath Start WLM Stop WLM Check to See if WLM is Running View System Performance List Configuration Command smit wlm wlmcntrl wlmcntrl -o wlmcntrl -q wlmstat [interval] [repetitions] lsclass -f

WLM Documentation IBM Redbooks: http://www.redbooks.ibm.com (Search => WLM) AIX Documentation: http://www.rs6000.ibm.com/cgi-bin/ds_form (Search => WLM)

Enabling CPU Deallocation

Audience: System Administrators Date: January 7, 2002

AIX's "CPU Deallocation" can enhance SMP availability by dynamically taking a failing CPU offline. However, "CP enabled by default. To enable, use smit or the command chdev -l sys0 -a cpuguard='enable' To verify it has been enabled, run the command: lsattr -El sys0 Note: CPUguard requires a minimum of three CPU's.

You can use the cpu_deallocate command to dynamically turn off a processor. See the AIX Tip cpu_deallocate for m

AIX Tip of the Week: Server Consolidation Financial Justification

Audience: Finance, IT Managers, Systems Administrators Date: August 6, 1999

Server consolidation is a major driving force in the IT industry. Server consolidation involves many considerations, in organizational boundaries, technical capabilities and financial benefits. This tip addresses the financial benefits, whic the attached Excel spreadsheet. The spreadsheet was developed outside of IBM and is "server neutral." Some of the c tool using RS/6000 servers are:

Benefits result from continued price/performance improvements of new servers Every situation is unique and must be considered individually. o Results are highly sensitive to the criteria used: floor space in Tokyo may dominate the analysis, but no o Generally, equipment older than 3-4 years can be automatically cost justified o Vendor pricing: differences in vendor pricing affects analysis (especially after purchase costs). Rules of thumb: o If you can consolidate five servers into to one, maintenance savings alone will pay for the new replace o Administrator costs can be a major source of savings Intangibles, or hard to quantify benefits may justify the consolidation. o Reliability, quality, network traffic, service improvements. o If the financial ROI is close to your company's hurdle rate, the "intangibles" benefits will make the con Financial paybacks can be huge o Spreadsheet example: the estimated ROI was 49% for consolidating five RS/6000 R30 servers into on Broadening the scope will improve the payback o Include all platforms: Unix, NT, VMS, Novel

If consolidation is financially justifiable, the next step would be to address the organizational and technical considera cover some of the technology issues, and how a new function in AIX 4.3.3 facilitates consolidation.. (For a detailed s analysis, IBM uses an internally developed "ALIGN" methodology. Contact your local IBM representative for more i Download server consolidation spreadsheet

AIX Tip of the Week: Systems Management Self Audit

Audience: IT Managers and Administrators Date: August 11, 1999

Implementing systems management procedures can increase the value of IT through increased availability, performan atttached PDF file contains a useful self assessment that can be used to assess your systems management processes. Download systems management self audit

AIX Tip of the Week: Systems Availability, How Does Your System Compare?
Audience: IT Managers and Administrators Date: November 29, 1999

How does your system availability compare to industry averages? A Gartner Report from October 1998 lists the follo platform: Platform Outages/Server/Year Availability S390 (sysplexed) 10 minutes 99.998% Tandem 1.7 hours 99.98% AS/400 5.2 hours 99.94% S3900 (non-sysplexed) 8.9 hours 99.90% VAX 18.9 hours 99.78% Unix (all) 23.6 hours 99.73% NT 224.5 hours 97.44% Download Original Gartner Report

AIX Tip of the Week: Service Level Agreements

Audience: IT Managers and Administrators Date: February 18, 2000

Service Level Agreement (SLA) is a contract between an IT service provider and their users. The SLA clearly states w can expect, and what your organization will do to ensure that this level of support . Benefits include common expecta performance objectives for measuring success. As a starting point, a Service Level Agreement should address the following items: 1. Facilities to be provided

Applications Databases Networks Servers Workstations Printers

2. Service hours

Normal service hours Scheduled maintenance windows Target Availability (%)

3. Service Recovery

File recovery times Failure recovery times Disaster recovery times

4. Performance expectations

Response Time (by application)

5. Limitations of use

Identifies the user group(s) supported by the agreement Processing volumes (data, transactions, queries)

6. User responsibilities

User representative Notice required for changes to SLA Procedures for problem resolution, change control

7. Available assistance

Help desk number Operations manager/service analyst

8. Measurements

Identify measurements Publication of service levels achieved for each service Service reviews

AIX Tip of the Week: Software Pricing Model Favors High Performance CPU's
Audience: AIX Administators and IT Management Date: April 28, 2000

Software costs are often the most expensive component in a systems purchase. Software costs can vary dramatically b comparable price/performance. This is because software vendors are moving to a pricing model that prices based on t "MHz" X "CPU's". The higher the performance rating, the more you pay. This model favors SMP's with higher perfor

The attached report from Giga Information Group shows how significant the price difference can be. The report com a RS/6000 S80, a SUN 6500 cluster and a SUN UE/10000. Although all servers in this example have comparable per Oracle price on the UE/1000 is over double that on the S80 (Table 4). The total cost of the S80 in this example is 44% for a savings of $1.64M.

Giga Information Group Report

AIX Tip of the Week: Ten Mistakes to Avoid for Data Warehousing Managers
Audience: IT Managers and Administrators Date: May 11, 2000 The Data Warehousing Institute has compiled a list of the top ten mistakes data warehousing managers should avoid. with industry experts, data warehousing project managers and IS executives. The mistakes are: 1. Starting with the Wrong Sponsorship Chain 2. Setting Expection You Cannot Meet 3. Engaging in Politically-Naive Behavior 4. Loading the Warehouse with Information "Just because it Was Available" 5. Designing a Data Warehouse Database the Same as Tranactional DB 6. Choosing a Data Warehousing Manager Who is Technology Rather than User Oriented 7. Ignoring the Potential Value of External Data (Text, Images, Sound, Video) 8. Delivering Data with Overlapping and Confusing Definitions 9. Believing Performance, Capacity and Scalability Promises 10. Believing Your Problems are Over Once the Warehouse is Operational 11. Focusing on Ad Hoc and Periodic Reporting See the attached file for an explanation of each item, as well as the reason why the list has eleven (not ten) items!

Ten Mistakes to Avoid for Data Warehousing Manage

The Data Warehousing Institute (TDWI) is dedicated to helping organizations increase their understanding and use of business intelligence b I/S professionals on the proper deployment of data wareho using strategies and technologies. In addition, TDWI helps its membership advan development as data warehousing managers and practitioners.

TDWI accomplishes these goals through sharing information about best practices and real world lessons learned by data warehousing visiona TDWI convenes annual worldwide conferences and courses on data warehousing and b usiness information strategies where experienced pro experiences. TDWI is also the first professional organization to offer a comprehensive data-warehousing curriculum.

The staff of The Data Warehousing Institute has called upon experts across the industry, and conducted meetings in several cities with active managers and IS executives to assist us in developing a compendium of the "ten m istakes to avoid for data warehousing managers." This art the complete document.

1. Starting with the Wrong Sponsorship Chain

The right sponsorship chain includes two key individuals above the data-warehousing manager. At the top is an execu deal of money to invest in effective use of information. A good sponsor, however, is not th e only person required in t the warehousing manager. When a data-warehousing project craters, the cause can sometimes be traced to the lack of the sponsor and the data-warehousing manager. That person is of ten called the project "driver" because he or she kee the right direction and ensures the schedule is kept. A good driver is a business person with three essential characteris earned the respect of the other executives, (2) s/he has a healthy skepticism about technology, and (3) s/he is decisive

2. Setting Expectations that You Cannot Meet and Frustrating Executives at the Moment

Data warehousing projects have at least two phases: (1) the selling phase in which you attempt to persuade people tha wonderful access to the right data through simple, graphical delivery tools, (2) the strug gle to meet the expectations y one.

Data warehouses do not give users all the information they need. All data warehousing is, by necessity, domain specif on a particular set of business information. Worse still, many warehouses are loaded with summary informatio n - not by an executive requires more detail or requires information from outside the domain, the answer is often, "we haven but we can, it will just cost (a bunch) and take (many) weeks." E xecutives focus their frustration on the person who m

3. Engaging in Politically-Naive Behavior. (e.g. Saying "This Will Help Managers Make Be

A foolish error made by many data warehousing managers is promoting the value of their data warehouse with argum will help managers make better decisions." When a self-respecting manager hears t hose words, the natural reaction is have not been making good decisions and that his/her system is going to fix us." From that point on, that manager is

Most experienced CIOs know that the objective of data warehousing is the same one that fueled the fourth generation seventies, and the EIS craze of the late eighties - giving end users better access to important information. F ourth gene a long and useful life, but EIS had a quick rise and a quicker fall. Why? One possible answer is that 4GLs were sold a EIS were promoted as change agents that would improve business and enable b etter management decisions. That rais made enemies out of potential supporters.

4. Loading the Warehouse with Information "Just Because It Was Available."

Some inexperienced data warehousing managers send a list of tables and data elements to end users along with a requ elements should be included in the warehouse?" Sometimes they ask for categorie s such as essential, important, a back long lists of marginally useful information that radically expand the data warehouse storage requirements and, m responsiveness. Extraneous data buries important in formation. Faced with the need to dig through long guides to find having to deal with multiple versions of the same information, users quickly grow frustrated and may even give up en

5. Believing that Data Warehousing Database Design is the Same as Transactional Datab

Data warehousing is fundamentally different from transaction processing. The goal here is to access aggregates - sum more. Another difference is the user. In transaction processing, a programmer develops a qu ery that will be used tens data warehousing, an end-user develops the query and may use it only one time. Data warehousing databases are ofte them easier to navigate for infrequent users.

An even more fundamental difference is in content. Where transactional systems usually contain only the basic data, d increasingly expect to find aggregates and time-series information already calculated for them and ready for imme dia impetus behind the multi-dimensional database market.

6. Choosing a Data Warehousing Manager Who is Technology-Oriented Rather than Use

"The biggest mistake I ever made was putting that propeller-head in as the manager of the project." Those are the exa a large oil company, explaining how the user-hostile project manager had made so many people angry that the entire p being scrapped.

Do not let his words tar all technologists. Some make excellent project managers and can serve as effective data ware

however, many cannot. Data warehousing is a service business-not a storage business-and making clients angry is a n destroying a service business.

7. Focusing on Traditional Internal Record-Oriented Data and Ignoring the Potential Valu and of Text, Images, and - Potentially - Sound and Video

A White House study of commercial executives showed that the very highest executives rely on outside data (news, te associates, etc.) for more than 95 percent of all the information they use. Because of their focus on external sources o executives sometimes see data warehouses as irrelevant. Therefore, its valuable to extend the project focus to include

In addition, consider expanding the forms of information available through the warehouse. Users are starting to ask, " contract (image) that explains the information behind the data? And wheres the ad (image) that ran in th at magazine

Wheres the tape (audio or video) of the key competitor at a recent conference talking about its business strategy? Wh launch (video)?" This is the age of television. Traditional alphanumeric data is two generations behind the current tec

8. Delivering Data with Overlapping and Confusing Definitions

The Achilles heel of data warehousing is the requirement to gain consensus on data definitions. Conflicting definition and they are not easily reconciled. Many of the most stubborn definitions have been constru cted by managers to refle their department look effective. To the finance manager, sales means the net of revenue less returns. Sales to the distri needs to be delivered. Sales to the sales organization is t he amount committed by clients. One organization reported t definitions of sales.

Executives do not give up their definitions without a fight, and few data warehousing managers are in a position to bu agreement. Solving this problem is one of the most important tasks of the data-warehousing driver. If it is not so lved confidence in the information they are getting. Worse, they may embarrass themselves by using the wrong data - in w inevitably blame the data warehouse.

9. Believing the Performance, Capacity, and Scalability Promises

At a recent conference, CIOs from three companies-a manufacturer, a retailer, and a service company-described their Although the three data warehouses were very different, all three ran into an identical pr oblem. Within four months o the CIOs unexpectedly had to purchase at least one additional processor of a size equal to or larger than the largest co originally purchased for data warehousing. They simply ran o ut of power. Two of the three had failed to budget for th themselves with a serious problem. The third had budgeted for unforeseen difficulties, and was able to adapt.

A very common capacity problem arises in networking. One company reported that it sized a network to support an im discovered that the network was soon overwhelmed The surprise was that the images were not at fault. The problem t traffic for data transfer between the end-user application and the database of indices on the server. The images moved finding the right one clogged the network. Network overloads are a very common surprise in c lient/server systems in warehousing systems in particular.

10. Believing that Once the Data Warehouse is Up and Running, Your Problems are Finis

Each happy data warehouse user asks for new data and tells others about the great new tool. And they, too, ask for m all of them want it immediately. At the same time, each performance or delivery problem results in a high-pressure se technology or a new process. Thus the data warehousing project team needs to maintain high energy over long period is to place data warehousing in the hands of project-oriented peo ple who believe that they will be able to set it up onc

Data warehousing is a journey, not a destination.

11. Focusing On Ad Hoc Data Mining and Periodic Reporting. *

This is a subtle error, but an important one. Fixing it may transform a data-warehousing manager from a data librarian

The natural progression of information in a data warehouse is (1) extract the data from legacy systems, clean it, and f support ad hoc reporting until you learn what people want, and then (3) convert the ad hoc reports into regularly sche natural progression, but it isnt the best progression. It ignores the fact that managers are busy and that reports are liab unless the recipients have time to read the reports.

Alert systems can be a better approach and they can make a data warehouse mission-critical. Alert systems monitor th warehouse and inform all key people with a need to know, as soon as a critical event takes place. Harris Semicon duc manufacturing alert server, for example, monitors patterns in semi-conductor test data, and screams loudly (via email anywhere in the world (Malaysia, Singapore, or three US sites) creep too far from t he ideal. Rethink the manager's ne want reports? Or would an alert system be better?

*You'll find eleven "mistakes" on our list. Believing there are only ten mistakes to avoid is also a mistake, so weve g you on your toes.

AIX Tip of the Week: The Three P's of High Availability - Part I
Audience: IT Managers Date: February 3, 2001

Achieving high availability requires more than just reliable systems. According to a 1999 Standish Group Research N caused by non-system factors, such as planned maintenance, application bugs, operator error, etc. Therefore, a succes the Three P's of High Availability: People, Process and Products.

People strategy includes adequate training, documentation, assigning responsibility and authority, as well as maintain includes setting availability targets, along with its measurement method.

Processes should be in place to address backup/recovery, change control, performance management and problem trac includes staying "current" with microcode and software levels, testing all changes before implementing in production changes.

Product considerations include application resiliency, hardware reliability, middleware add-on's, and the architecture Part II of this tip will discuss some common high availability techniques. Related link: IT Self Audit

AIX Tip of the Week: The Three P's of High Availability - Part II

Audience: IT Management, Systems Administrators Date: February 10, 2001

Part I of this tip discussed the importance of people and processes in high availability. This tip, Part II, covers five com building a highly available 1. 2. 3. 4. 5. User Segmentation: Assigning users to a specific server Data Replication: Mirroring data on multiple servers Client Server: Queue transactions Load Leveling: Spread users over multiple servers. Hot Spare: Hot spare server takes over if primary fails

The availability presentation explains each technique in more detail.

Server Replacement Justification

Audience: All Date: May 4, 2002

Tired of nursing older systems and the boss says we can't afford to replace it? Or maybe your company is downsizing the server farm. Or possibly you want to "justify your existence."

If you are in any of these situations, you might consider replacing your "tired iron" with a new system that reduces th The attached financial analysis I did for a local grocery store chain shows how this can be done. This analysis shows of ownership of a paid-off RS/6000 R50 by at least 10%, simply by replacing it with a new 6C1 model. I say "at least included the easily quantified benefits. The other benefits, such as increased reliability and reduced software mainten exceed the 10% savings I've identified Sound too good to be true? Not really. Here's why.

Software Cost: CPU performance has doubled roughly every 12-18 months since the 1960's. You can now do more w case, we were able to go from 6 to 1 CPU, and provide the same TPC-C performance. Reducing CPU's reduces softw costs, which are often based on the number of CPU's.

Support Costs: as a computer system ages, it's reliability declines. This means you pay more in maintenance costs, a revenue due to outages.

Environmental Costs: new technology (like copper chips) use less power, cooling and floor space. In the current ana may seem to be small. However in the bigger picture, if your data center is running out of floor space, or you need to supply, replacing/consolidating older systems is much cheaper.

Finally, in this example I've justified a 1:1 replacement of an R50 with a 6C1. In most cases a 1:1 replacement can't b justify, you'll need to consolidate multiple servers (N:1). In the past, many administrators have been reluctant to conso server because they couldn't guarantee Service Levels. However with integrated tools such as Work Load Manager, th concern.

SCON_justify.xls

Identifying an AIX LPAR Partition ID

Audience: All Date: June 6, 2003

The uname -L command identifies a partition on a system with multiple LPARS. The LPAR id can be useful for writ customize system settings such as IP address or hostname The output of the command looks like: # uname -L 1 lpar01

The output of uname -L varies by maintenance level. For consistent output across maintenance levels, add a -s flag. F command assigns the partition number to the variable "lpar_number" and partiton name to "lpar_name". uname -Ls | read junk lpar_number lpar_name

Monitoring AIX Users

Audience: AIX Administrators and End Users Date: July 16, 1999

Monitoring user activity is an important system administration task. Here are a few useful AIX commands for monito Command last who ps -fu "userid"

Description Display information about previous logins, including login date/time, logout time, originatin List users who are currently logged on. List processes being run by "userid". Text file located in the home directory of each Korn shell user. The file contains the last 50 c .sh_history user. /var/adm/sulog Text file containing all "su" activity. /etc/security/failedlogin Binary file containing a listing of all failed login attempts. The file can be read by only root, AIX has two other facilities for monitoring user activity on a more granular level. The first is "Accounting" which mo and system usage (cpu by command, diskstorage and printer usage). The second is "Auditing", a security related func detailed audit trail of each user's activity, including priviledge failures, commands run, files they view/create/delete, a and Auditing are part of the base AIX operating system. However, both must be configured to run. The attachment HT set up accounting and auditing. See your AIX documentation for more information.

AIX System Security Audit [audit.all.cmd]

AIX System Security Audit

------------------------------------------------------------------------------Contents About This Document Related Documentation Overview Auditing Events and Objects Auditing Mode: BIN and STREAM Starting and Stopping Audit Auditing Configuration Auditing a User Auditing an Object Disk Space Consideration Understanding the Output Common Problems with Auditing Data Overload Fixes for Auditing Subsystem ------------------------------------------------------------------------------About This Document This document is intended to simplify the use of the auditing system provided in AIX and applies to all versions of AIX. It includes information on what auditing offers, what its requirements are, and what common problems may be encountered. The intention is not to answer every question about auditing, but to provide a starting point for understanding and setting up auditing. Related Documentation Documentation for System Auditing can be found in Chapter 5 of the "System Management Guide" for AIX version 3.2, Chapter 3 of the "System Management Guide: Operating System and Devices" for AIX version 4, and Chapter 8 in the IBM Redbook "Elements of Security: AIX 4.1" (GG24-4433-00). The AIX and RS/6000 product documentation library is also available: http://www.rs6000.ibm.com/resource/ ------------------------------------------------------------------------------Overview The auditing subsystem provides the means to record security-related information and to alert system administrators of potential and actual violations of the system security policy. The information collected by auditing includes: the name of the auditable event, the status (success or failure) of the event, and any additional event-specific information related to security auditing. ------------------------------------------------------------------------------Auditing Events and Objects A list of audit events built into AIX, along with a list of predefined audit objects, can be found in the file /etc/security/audit/events. In general, auditing events are defined at the system call level. A single operation at the command line would result in records of several events in the audit trail. For example, when viewing a file using the cat or more command, you would see the following records logged into the audit trail: FILE_Open (file is opened)

FILE_Read (file is read) FILE_Write (file is written to standard output) PROC_Create (process creation for more OR cat) PROC_Execute (command execution) PROC_Delete (process completion) Auditing all possible events can produce a huge amount of data. Through audit controls (that is, modifying the configuration files), you can select events to be recorded. Audit events are grouped into classes. The events can be defined by which events are in a class. While the class names are arbitrary, they, rather than individual event names, are associated with user IDs when the audit subsystem is active. Auditing objects are just individual files that will be monitored. Three operations can be audited: read, write, and execute. Objects are not associated with user IDs. Audit records are generated whenever an audited object is referenced by any user (including root). To add further audit objects, extend the /etc/security/audit/objects file. ------------------------------------------------------------------------------Auditing Mode: BIN and STREAM There are two modes of operation for auditing: BIN and STREAM. BIN mode writes the audit trail to alternating temporary files (bins), then to a single trail file. STREAM mode writes to a circular buffer that is read synchronously through an audit pseudo-device (/dev/audit). An audit can be started in one OR both of these modes. Using the audit configuration setup shipped with AIX, /etc/security/audit/config, the BIN mode alternates between /audit/bin1 and /audit/bin2. When one BIN is full (the binsize parameter determines the size of the bin), the audit switches to the other BIN file while adding the accumulated data in the first file to the audit trail (defined in /etc/security/audit/bincmds), /audit/trail. Use "audit shutdown" to be certain that all audit records have been added to /audit/trail. The BIN mode audit record is in binary format. You can read it with audit commands such as auditpr. In STREAM mode, the default AIX configuration provides a program to read the STREAM buffer and processes each record with the commands found in /etc/security/audit/streamcmds. These commands format the output into human-readable form and write it in /audit/stream.out. This file is NOT cumulative; it is restarted every time the audit is restarted. The STREAM audit trail can be read in real time by reading /audit/stream.out, or by sending output directly to a terminal or printer. ------------------------------------------------------------------------------Starting and Stopping Audit There are five audit subcommands for invoking auditing. They are as follows: audit start - to activate the audit subsystem (This is the only correct way to start audit.) audit shutdown - to stop auditing subsystem, processing final BIN records and removing the /audit/auditb file that is used as an "active" indicator by the audit modules audit off - to suspend auditing temporarily

audit on audit query

- to resume audit after audit off - to display the status of auditing

NOTE: Using audit commands in the wrong order can confuse the auditing subsystem. If the auditing subsystem gets confused, reset everything by deleting all files in the /audit directory (except trail, stream.out and bin files). Auditing can be run at the discretion of the system administrator. Depending on the environment, it is usually not necessary to have auditing running at all times. If it is configured to monitor a large number of events or objects at all times, the amount of data generated would be so substantial that its overhead would outweigh its benefit. It is worthwhile to take time to configure auditing to collect selected information. To start auditing at system startup, add the following line to the /etc/rc file, just prior to the line reading dspmsg rc.cat 5 'Multi-user initialization completed': /usr/sbin/audit start If auditing is running at all times, make sure to run or to add the following in the /usr/sbin/shutdown script to properly shut down: /usr/sbin/audit shutdown ------------------------------------------------------------------------------Auditing Configuration All auditing related configuration files reside in /etc/security/audit. The /etc/security/audit/config file contains the key audit controls. It has the following stanzas: start bin and stream classes specifies whether BIN or STREAM (or both) should be used for auditing contain controls for each mode; the names of the BIN files are specified here defines several groups (classes) of auditing events

The predefined classes are: general, objects, SRC, kernel, files, SVIPC, mail, cron, and TCPIP. New classes can be defined using the auditing events in the /etc/security/audit/events file. All audit classes except the objects class are associated with user IDs. For example, audit the events defined as "general" and "TCPIP" for user root. user stanza lists specified users and the audit classes assigned to them; each username must be the login name of a system user or the string 'default'

An example of this stanza is as follows: users: root = general joe = general, files, TCPIP default = general

When auditing starts, it ALWAYS audits the events specified for every user ID defined in the config file and ALL the objects defined in /etc/security/audit/objects. If the objects' audit records are not wanted,

remove or comment out (using an *) the objects defined in the objects file. If there are specific classes of events that are not wanted as audit records, specify No_Events for that specific class in the config file. For example: files = No_Events or tcpip = No_Events The objects file contains all objects to be audited when auditing is active. A user defined object is displayed as: /home/joe/my.stuff: r = "JOE_READ" w = "JOE_WRITE"

The names JOE_READ and JOE_WRITE are referenced in the /etc/security/events file to define the format of the auditpr output: JOE_READ = printf "%s" JOE_WRITE = printf "%s" NOTE: There is no need to add the newly added objects to the objects stanza in the /etc/security/audit/config file, since the objects line is not referenced. Only the objects file is referenced. The streamcmds file has commands that are entered for STREAM audit records. The default file contains one command. Enter: /usr/sbin/auditstream | auditpr > /audit/stream.out & Adding the -v flag for the auditpr command improves this command at the expense of having more information. Without -v, full path names for files are not shown in the audit output; only file descriptors are recorded. To limit the amount of data collected during the auditing operation, use the -c option on the auditstream command to select a specific class of events as defined in the config file, or use the auditselect command to select specific events. For example: NOTE: This command must be all on one line in the streamcmds file. This command will collect only FILE_Open event records. /usr/sbin/auditstream | /usr/sbin/auditselect -e "event == FILE_Open" | auditpr -v > /audit/stream.out & NOTE: The following command will limit data collection to only the TCPIP class of events as defined in the config file. /usr/sbin/auditstream -c tcpip | auditpr -v > /audit/stream.out & The bincmds file contains commands that are entered whenever a BIN file fills or when auditing is shut down. The file distributed reads like the following: /usr/sbin/auditcat -p -o $trail $bin

The environment variables in the preceding command are defined while auditing is active. The auditselect command can be added to select specific events, reducing the amount of audit records. The bincmds file will only collect audit records that match USER_SU or USER_Login audit events. Enter: /usr/sbin/auditselect -e "event== USER_SU || event== \ USER_Login" $bin > /audit/trail.login ------------------------------------------------------------------------------Auditing a User For example: 1. To audit classes, use the fastpath command smit chuser. *User NAME AUDIT classes [joe] [general, files]

A user stanza should be displayed for joe in /etc/security/audit/config file. 2. At the command line, edit the /etc/security/config file. In the classes stanza, add the following new class: procmon = PROC_Create, PROC_Delete, PROC_Execute In the users stanza, the following could exist: joe = procmon The newly assigned audit classes will take effect at the next login for user joe. 3. The BIN mode audit trail can be read with the following: auditpr -v < /audit/trail | more The STREAM mode audit file /audit/stream.out can be viewed directly. Remember that the /audit/stream.out file is rewritten each time the auditing subsystem is started. Save the old stream.out before starting auditing. If you do not want the objects audit records when auditing a user ID, comment out the objects defined in the /etc/security/audit/objects file or rename this file. ------------------------------------------------------------------------------Auditing an Object In the following example, all processes writing to the /etc/utmp file will be audited. 1. Edit the /etc/security/audit/objects file to add the following: /etc/utmp: w = "UTMP_WRITE" 2. Edit the /etc/security/audit/events file to include the following: * /etc/utmp UTMP_WRITE = printf " %s "

The audit record is displayed as follows: UTMP_WRITE root OK Wed Jul 12 12:12:25 1995 init

In this case, the init process owned by root wrote to the file. NOTE: The length of an audit event or object name cannot exceed 15 characters. This limit is defined in the header file /usr/include/sys/audit.h, ah_event [16]. The following error message usually indicates an invalid event or object name. "auditevents (): Invalid argument" ------------------------------------------------------------------------------Disk Space Consideration Each record in the audit trail takes about 50 to 150 bytes depending on what mode is used and whether the verbose mode flag is specified. This means that 1MB of data could contain about 6800 entries. ------------------------------------------------------------------------------Understanding the Output It is important to specify what information should be reviewed while auditing. Although you can configure auditing to record events of interest, there may still be too much data to be useful when viewed all at once. The auditselect command can be used with auditpr to sort through volumes of information and pull out only that which is needed for a specific report. It can be used to pull all data from a specific time period, for a specific user, or for a specific event, or any combination of these three. For example: /usr/sbin/auditselect -f /audit/pick \ /audit/trail | /usr/sbin/auditpr -v The /audit/pick file reads as follows: command == rlogin && \ time >= 08:00:00 && time <= 17:00:00 && \ data >= 04/01/96 && date <= 04/12/96 This command reports the use of the rlogin command within the specific time interval (8AM-5PM between April 1 and April 12). The compressed trail data from the binmode auditing is not in the same format at AIX version 3.2 as it is in 4.1 or later. There is a utility to convert the data from a pre-AIX Version 4 format to the Version 4 format. It is a command called auditconv. ------------------------------------------------------------------------------Common Problems with Auditing Errors When Starting Audit o There are certain errors that appear when running audit start. Error Message: ** failed setting kernel audit objects

This occurs when there is a syntax error in the /etc/security/audit/objects file. o Error Message: auditbin: ** failed backend command /etc/auditcat -p -o /audit/trail -r /audit/bin1 This error can be corrected by removing or renaming the BIN files. It is sometimes helpful to run audit shutdown again and then to retry audit start. o Error in config file: It is necessary to have the "user" stanza in the /etc/security/audit/ configuration file or the following error will display when you start auditing: Unable to find the user stanza in /etc/security/audit/config If it is not obvious that the user stanza is missing, verify that each of the classes are defined on a single continuous line. ------------------------------------------------------------------------------Data Overload Given the way that cron and the TCPIP code is written, each sets up its own set of audit events. These events will get written into the audit trail regardless of how the config files are set up. The workaround is to use auditselect to exclude these events when generating the audit report. TCPIP sessions, ftpd, rexecd, and telnetd all call auditproc() to set up process auditing using the class tcpip in /etc/security/audit/config. The same thing is done in the cron code (at, cron, and cronadm) for the cron class in /etc/security/audit/config. These events will be written into the audit trail. The best thing to do is to filter them using auditselect. For example: auditselect -e"event!=AT_JobAdd && event!=AT_JobRemove && ..." This will exclude events AT_JobAdd and At_JobRemove and so on. Or select on the command name: auditselect -e"command!=cron && command!=at && ..." This excludes recording related to commands, at, cron, and so on. ------------------------------------------------------------------------------Fixes for Auditing Subsystem As defects arise, updates to the AIX audit code are made. Techdocs Ref:90605195614808 4FAX Ref:4824

Setup of System Accounting in AIX 3.2 [acct.setup.32.cmd]

Setup of System Accounting in AIX 3.2 -------------------------------------------------------------------------------

Contents About This Document Related Documentation What to Install to Get Accounting Working on a System Steps for Modifying the Root User Profile Steps for Setting Up System Accounting Fields of the Daily Usage Report Fixes and Problems Diagnosing Problems ------------------------------------------------------------------------------About This Document This document describes the accounting setup procedures for AIX Version 3.2. The setup of system accounting as documented in the 3.2 AIX InfoExplorer has some errors. This document describes the Version 3.2 setup procedures and provides the corrections to enable system accounting under AIX version 3.2. Access to the InfoExplorer and system documentation for AIX Version 3.2 require the setup person to be root. In this document, root user will be used for setting up system accounting and the user adm for running the reports. Modify the root user .profile to provide access to the required executables. Modification of the root profile is optional, but will probably help with administration. Related Documentation InfoExplorer ------------------------------------------------------------------------------What to Install to Get Accounting Working on a System Make sure the following product is installed: bosext2.acct.obj - 'lslpp -l bosext2.acct.obj' This command should report the state as COMMITTED or APPLIED if the fileset is installed. To get the latest level accounting software, refer to the section "Fixes and Problems" later in this document. ------------------------------------------------------------------------------Steps for Modifying the Root User Profile 1. Log in as root. 2. Edit the .profile file with your favorite text editor. 3. Locate the PATH statement in the .profile file. It must include the /usr/sbin/acct and /var/adm/acct directories as shown in the following example: PATH= /usr/bin:/etc:/usr/sbin:/usr/ucb:/usr/bin/X11:/sbin: /usr/sbin/acct:/var/adm/acct ; export PATH 4. Locate the export statement in the .profile. If the PATH statement given above was not used, the PATH variable must be included. -------------------------------------------------------------------------------

Steps for Setting Up System Accounting 1. Log in to the system as root user. As described previously, root is the accounting administrator. 2. Enter: su - adm -c /usr/lib/acct/nulladm /var/adm/wtmp /var/adm/pacct

This command ensures correct permissions and provides access to the wtmp and pacct files. 3. Update the /etc/acct/holidays file for the current year using a favorite text editor. The following notes will help clarify the format of this file: o An asterisk (*) in column 1 denotes a comment. o Define prime time on the first data line (the first line that is not a comment) using a 24-hour clock. The line will consist of three 4-digit fields, in the following order: - current year - when (hhmm) prime time begins - when (hhmm) prime time ends Leading blanks are ignored. Midnight can be entered as either 0000 or 2400. For example, to specify the year 1992 with prime time beginning at 8:00 a.m. and ending at 5:00 p.m., specify: 1992 0800 1700

o Define the company holidays for the year on the next data line. Each line contains four fields in the following order: - day of the year - month - day of the month - description of the holiday The day-of-the-year field contains the number of the day of the year in which the holiday falls. It must be a number from 1 through 365 (366 on a leap year like 1992). 4. The file systems that will be included for accounting information need to be configured in the /etc/filesystems file. For each file system that will be included, add the following information to its stanza: account = true 5. Indicate the data file that will be used for printer data by adding the following line to the /etc/qconfig stanza for that printer: acctfile = /var/adm/qacct This entry must be added to the queue stanza and not the device stanza. If the entry is added by editing the /etc/qconfig file, enter the following command to re-digest the qconfig file: enq -d Another method of adding this entry to the qconfig file would be to enter the command smitty chque. Then follow the next steps: 1. Select queue name. 2. Enter /var/adm/qacct for the ACCOUNTING FILE pathname. These steps will update the appropriate stanza in /etc/qconfig file and will re-digest the qconfig file.

NOTE: The printer accounting will not record usage for network printers, transparent printers, or PostScript printers. In addition, all print queues must use the same accounting file: /var/adm/qacct The pac command (printer accounting command) is more versatile because it allows separate accounting files for each printer. For more information, see InfoExplorer. 6. Create directories /var/adm/acct/nite, /var/adm/acct/fiscal, and /var/adm/acct/sum if they do not already exist. These directories should be owned by the user adm with a group ID of "adm". Use the following series of commands to create these directories: su - adm cd /var/adm/acct mkdir nite fiscal sum chown adm:adm nite fiscal sum chmod 755 nite fiscal sum exit 7. Modify the crontabs file for the adm user for automated accumulation of accounting data. The crontabs file for the adm user is in /var/spool/cron/crontabs/adm. To edit the adm crontab, log on as root and enter: su - adm -c crontab -e This will bring up the adm crontabfile in a vi session. You may need to uncomment or add some entries, and times may need to be modified to suit the installation's time requirements. An example of the entries needed is as follows: 10 23 * * 0-6 /usr/lib/acct/runacct 2> \ /usr/adm/acct/nite/accterr > /dev/null 0 23 * * 0-6 /usr/lib/acct/dodisk > /dev/null 2>&1 0 * * * * /usr/lib/acct/ckpacct > /dev/null 2>&1 15 4 1 * * /usr/lib/acct/monacct > /dev/null 2>&1 o The first line starts runacct at 11:10 pm (10 23), each Sunday through Saturday (0-6). runacct runs the daily reporting. o The second line starts disk accounting at 11:00 pm (0 23), each Sunday through Saturday (0-6), before starting runacct. o The third line checks the /var/adm/pacct file to ensure that it does not get too large at 0 minutes past each hour (0 *) every day (*). If the free space in /var falls below 500 blocks, then ckpacct turns off accounting until space is made available. A loss of accounting data will result during the period that accounting is turned off. ckpacct will turn accounting on again when more space is available. THERE IS NO NOTIFICATION unless the MAILCOM variable is set as follows: MAILCOM="mail root adm" The variable can be set in the ckpacct and runacct scripts or in the /etc/environment file. If MAILCOM is set in both places the setting in ckpacct and runacct will be used. o The fourth line runs the monthly accounting reports at 4:15 am on the first of every month.

8. Turn on process accounting by adding the following line to the /etc/rc file. /usr/bin/su - root -c /usr/sbin/acct/startup The startup command records the time that accounting was turned on and cleans up the previous day's accounting files. If the system is not going to be rebooted at this time, run the preceding startup command from the root command line to start process accounting. ------------------------------------------------------------------------------Fields of the Daily Usage Report The meaning of the fields in the accounting Daily Usage Report are as follows: UID User ID number LOGIN NAME Login name of user CPU PRIME Cumulative CPU minutes during prime hours CPU NPRIME During non-prime hours KCORE PRIME Cumulative minutes spent in the kernel during prime hours KCORE NPRIME During non-prime hours BLKIO PRIME Cumulative blocks transferred during prime hours BLKIO NPRIME During non-prime hours RW/WR PRIME Cumulative blocks read/written during prime hours RW/WR NPRIME During non-prime hours CONNECT PRIME Cumulative connect time (minutes) during prime hours CONNECT NPRIME During non-prime hours DISK BLOCKS Cumulative disk usage PRINT Queuing system charges (pages) FEES Fee for special services # OF PROCS Count of processes # OF SESS Count of login sessions # OF SAMPLES Count of count of disk samples ------------------------------------------------------------------------------Fixes and Problems Fixes for AIX Version 3.2.5 and later can be downloaded via the Internet with the FixDist service. On very large systems, if there are over 1000 users in the /etc/passwd file, the /usr/sbin/acct/dodisk script must be changed. At line 136 in dodisk, the

diskusg command must be changed to read as follows: diskusg -Unnnnn $args > dtmp nnnnn is the new maximum number of users for which disk accounting should be done. (When the maximum number is too small, the dodisk script will return an error message that tells the user to use -uxxxx. It should say -Uxxxx.) On AIX 3.2.5 and Greater o IX38748 corrects the problem of a user missing the output from individual users for the CPU and DASD output. o IX39408 corrects the problem of process accounting failing on a diskless workstation. o IX42292 corrects the problem of the runacct account command truncating the wtmp file during its nightly run, causing connection accounting to be lost for users who do not log off. o IX40232 corrects the problem of daily and monthly per-user memory accounting being off by a factor of exactly 200. o IX42322 corrects the problem of a 64MB limit on system process accounting. With this problem, any process that used more than 64MB of memory caused an overflow, and the process size reported by the ac_mem field was inaccurate. o IX43161 corrects the problem of acctprc2 core dumping with more than 500 users. o IX41228 corrects the problem of acctdisk entering into an infinite loop if the input file is corrupted. o IX40305 corrects the problem of the /var/adm/acct/sum/login log file not being updated in 3.2.5. ------------------------------------------------------------------------------Diagnosing Problems General Information Needed o Which accounting command is being used? acctcms acctcom acctcon acctdisk acctmerg acctprc acctprcl acctprc2

All of these accounting commands accept input from standard input (as in acctcms < /usr/adm/pacct) and redirect to standard output (as in acctcmd < /usr/adm/pacct > /tmp/report). Find out which accounting file is being used as standard input and where the output is being directed by entering: acct_cmd < In_file > Out_file o Defaults are standard in and standard out. Exact syntax is very important. o How is accounting started, via cron or via command line? If accounting is started via cron, note the crontab file entries. If accounting is run from root, then the entry is in /usr/spool/cron/crontabs/root. If accounting is run from adm, then the entry is in /usr/spool/cron/crontabs/adm. When Accounting Fails 1. Check to see what state accounting is in. Look at the /usr/adm/acct/nite/active file. States are as follows:

setup wtmpfix connect1 connect2 process merge fees disk queueacct mergetacct cms userexit cleanup 2. Check accterr for additional messages. 3. Refer to section "How To Fix General Accounting Problems" in InfoExplorer. 4. Restart runaccount. Other Items to Check o Is the /usr directory out of space? o Does wtmp have records with inconsistent data stamps? o Is cron failing? (Check mail for root and adm.) Techdocs Ref:90605194214786 4FAX Ref:2486

AIX Tip of the Week: Temporarily Disabling AIX User Logins

Audience: Administrators Date: June 2, 2000 This weeks tip contains three sections: IBM News, AIX Tips on the Internet, and the AIX Tip.

IBM in the News

IBM Builds Chips for It's Own Systems......and Rivals http://biz.yahoo.com/rf/000523/n23186149.html IBM Adds Zip to PowerPC Chips http://www5.zdnet.com/zdnn/stories/news/0,4586,2573525,00.html

AIX Tips on the Internet

In response to several requests, I've posted past AIX Tips on the Internet. The site is located at: http://www.aiche-norcal.org/AIXtip

AIX Tip

Sometimes it is necessary to disable users from logging into a system, such as when doing certain types of administra login in AIX, create the file /etc/nologin. When a non-root user attempts to login, the system blocks the login and disp

/etc/nologin file. To enable user login, erase the /etc/nologin file.

Creating a ftp-only Account

Audience: All Date: March 29, 2003 You can make a "ftp-only" account by creating a user id with the "login" and "rlogin" flags set to false: mkuser login=false rlogin=false ftpuser

This allows the user to ftp files to the system, but restricts their ability to log on. This is useful in situations where you 1. Share files with password protection 2. Prevent users from logging on to the system 3. Log ftp accesses by user id

As an alternative, you can use "anonymous" ftp if you do not need to password protection. An "anonymous" id allows public directory. To create an anonymous ftp account, you can use the AIX "/usr/samples/tcpip/anon.ftp" script.