Audit Files in AIX

/var/adm/sulog   
/var/adm/lastlog
/etc/inetd.conf   
/etc/passwd   
/etc/security/user   
/etc/security/passwd
/etc/security/last   
/etc/security/audit/config       
ls –al/var/spool/cron/crontabs
Critical files Permissions   
                  (1) ls –lLd /etc
                  (2) ls –lLd /etc/security
                  (3) ls –lLd /bin
                  (4) ls –lLd /usr
                  (5) ls –lLd /var
                  (6) ls –lLd /sbin


cut -d: -f6 /etc/passwd | sort -u | xargs -I {}  -t ls -ld {}/.netrc
cut -d: -f6 /etc/passwd | sort -u | xargs -I {}  -t ls -ld {}/.rhosts   

/etc/hosts.equiv
/etc/ftpusers   
instfix –iv   

Service Process

 To clean Sendmail  command queue .

/usr/lib/smdemon.cleanu   

 To stop tcp/ip daemon

/etc/tcp.clean

To Start NFS Services:

mknfs  -N

If the /etc/exports file does not exist, the nfsd and the rpc.mountd daemons will not be started. You can create an empty /etc/exports file by running the command touch /etc/exports. This will allow the nfsd and the rpc.mountd daemons to start, although no file systems will be exported.

Inetd configuration file
/etc/inetd.conf

/etc/services - information about services, such as port number

Starting and stopping a process:
refresh -p <pid>
refresh -s <subsystem name>

Changing the inetd configuration

    Files
        /etc/inetd.conf
        /etc/services
    Using smit - daemon is recycled automatically upon exit
    Using vi
        restart the inetd daemon so that the new configuration is read:
        refresh -s inetd
    Using chservices to edit /etc/services
        chservices -c  --> changes entries
        chservices -a  --> adds entries
        chservices -d  --> deactivates entries

Boot Process

During Boot Process, the system will  test hardware, loads and runs the operating system, and configures devices.

To boot the operating system, a boot image is loaded  and access to / and  /usr  filesystem is required.

Cold Boot : System is started by turning on the power switch

Warm Boot: System is restarted by shutdown or  reboot command.

Events  occurs on system before it is ready for use.

1.       ROS (Read Only Storage) Kernel init phase. (Problems with the motherboard are checked. It searches   for bootlist and boot image is read into memory and system initialization starts.)

2.       Base device configuration phase.   ( All the devices are configured with cfgmgr )

3.       System Boot phase.(all the lv's are varied on ,paging is started and inittab is processed)

RS6000 uses sound  and graphics to show different phases of the boot process. As soon as you power on the system, an audio beep is produced when the processor is found to be active, the PowerPC logo is shown (or text is presented) when the system memory checking is completed, and device logos are shown for all devices that have a valid address. At the end of the device logo display, if the system ROS is not damaged, an audio beep is again produced.


To clear the boot record 
# mkboot -c  -d /dev/hdisk 

Korn Shell Tips

1.  To erase  ^?^?^?    when typing backspace.

      # stty erase ^?

2.  To activate  esc key functions. To navigate the command line like a vi session
   
       #   set -o vi

While Loop

Execute controlled  while loop .

Shell Tips and Tricks

Command Line Short cuts:

1.  You can edit  previous command/one liner in vi editor simply by pressing  "v". This takes the shell into vi mode.

Eg:      # for i in 0 1
            > do
            >  lspv | grep hdisk$i
            > done

Press  Esc+k

 Press  v

   
Update the Script, Added  2 3 and  press  :wq!  < To save and exit>

Now the command/Oneliner is executed .

To Keep Processor Busy

Q:   How to keep processor busy.

A:   yes > /dev/null

  Above Command will put load on Single Processor Thread.
 To Keep  Mutliple Processor Threads Busy . Run  the above command multiple times.

KDB Commands on AIX.

# echo vnode| kdb

# echo "rqi"  | kdb

# echo "mrq *" | kdb

# echo "ppda *" | kdb


To  View VIO  Server  for VSCSI Disks
      # echo cvai | kdb | grep -i vscsi

To  View VIO  Server  for VFCS  Disks
     # echo vfcs | kdb | grep -i vio

To View  how many Vitrual Process are Active 
        #  echo "vpm" | kdb     

To View Filesystem Details
       # echo vfs | kdb

Perfpmr for AIX Performance Issue

1. Download PERFPMR from  ibm site <Binary Format>

 

2.  Upload the perfpmr to  server in /tmp.

3.  Create Directory   in /tmp. eg : perf71. untar the perfpmr.

      # cd /tmp

   # uncompress  perf71.tar.Z

   # cd  perf71 ; tar -xvf  /tmp/perf71.tar

   # cd /tmp/perf71 ; ls -ltr

      (or)

   # mkdir /tmp/perf71

   # cd /tmp/perf71

   # zcat /tmp/perf71.tar.Z | tar -xvf -

4. Create  another directory in /tmp to collect  perfpmr logs.  Eg:   perfpmrdata

   # mkdir /tmp/perfdata

   # cd /tmp/perfdata

5.  Execute perfpmr.sh   from  perfdata directory. Default it would be running for 600 Seconds (i.e, 10 Mins)

For Completing of below command it would take  18 to 20 Mins in real world.

     

     # cd /tmp/perfdata

     # /tmp/perf71/perfpmr.sh (or) # /tmp/perf71/perfpmr.sh 600

6. Send   perfpmr  logs collected in  /tmp/perfdata to IBM for analysis.

      # cd /tmp/perfdata   

      # cd ..

      # pax -xpax -vw perfdata | gzip -c > pmr#.pax.gz

 More Details can be  found in /tmp/perf71/README  file.

AIX Server Reboot Checklist

1. Check  the rootvg mirrored properly or not.      
           # lsvg -l rootvg

2. Check bootlv  is assigned Properly or not.

3. Check the bootlist and re-run the boot image.
          # bootlist -m normal -o
          # bootlist -m normal <hdisk#>  <hdisk#>
          # bosboot -ad </dev/hdisk#>   (or)       # bosboot -a
         
4. Check Server Configuration and take backup of Server Configuration.

5.  Reboot server.
       # shutdown -Fr