System dump for HP-UX v11.x operating system

In this post, I will cover one of the most entertaining and important topic  how we take system dump for HP-UX v11.x version operating system.

let's starting with V11.00, the following things have changed with respect to system dumps.

1. A dump does not necessarily contain all the memory pages.

2. Save core was replaced by 2 different commands:

• Save crash for boot time dump image management.
• Crashutil for port boot dump analysis.

3. Dump area can now be configured both in the kernel, or in the /etc/fstab file. Also, those dump areas don't need to be in the vg00 volume group.

Now we understand what is the role of Dump size.

Dump size:

Default dump size is quite small (not the full memory), but it should be ok for most usage. It can be modified if required using the crashconf utility.

Note: In crashconf , all sizes are in physical pages (4Kb on PA-RISC).

Now we will go for configuration part which is describe below.

Configuration:

Dump area/logical volumes must be created contiguous and with bad blocks relocation disabled. Use the following lvcreate options if creating manually (or use SAM ).

hpx:/># lvcreate -r n -C y ...

Configuring in the kernel:-

lvlnboot can be used to configure dump areas in the vg00 volume group, as long as you have a dump lvol line in the /stand/system file.

Run time configuration:-

Add lines in /etc/fstab with the following format:

device  /  dump  defaults 0 0

Using swap space as dump area:

Swap spaces can still be used as dump areas. In that case, both usage should be explicitly declared:

• use lvlnboot twice ( - +-s +- and - +-v +- options) 
• or put 2 lines in /etc/fstab (one for swap and one for dump type

When the system disk is mirrored, the swap LV is actually mirrored, whereas the same device used for dumping will only write to one disk.

Dump areas usage order:-

Dump areas are used in reverse order of their declaration, so it's important to declare last the dump areas not used for swap if you have some (this speeds up reboot, since swap can be activated before saving the dump image). 

Also, if your run time configuration does not include any dump area in the vg00 volume group, the kernel will first automatically use the primary swap space as dump device. This might slow down the reboot since the dump must be completely saved before reactivating this primary swap. To avoid that

• declare non-swap dump partitions in /etc/fstab 
• add a dump none line in /stand/system to explicitly use run-time configuration only 

Please comment on the post if you have any query regarding the system dump on HP-UX operating system.

How to create whole root zone on Sun Solaris 11 Operating System

In Solaris 10, we can’t install it without configuring repo on Solaris while in Solaris 11 ,first we need to create a  Solaris 11 repo , then we can install Solaris local zone. In Solaris 11, all the local zones by default uses exclusive ip address. You can’t set the IP address while configuring the zone. After the installation of zone, you can able to configure the IP from the local zone itself.

On my Solaris 11 machine I have already installed one local zone which is used for my R&D work so for this post work I need to install second local zone. So I will clone it from the first local zone.

Step by step method to create a zone on Solaris 11:-

➤ In the first step we will create a new local zone. For the zone creation we will used "zonecfg" command and configure the zones as whole root zone without any options supplied.

!-[solaris]#zonecfg -z sun02

sun02: No such zone configured

Use 'create' to begin configuring a new zone.

zonecfg:sun> create

zonecfg:sun> info

zonename: sun02

zonepath:

brand: native

autoboot: false

bootargs:

pool:

limitpriv:

scheduling-class:

ip-type: shared

hostid:

zonecfg:sun> set zonepath=/zones/sun02

zonecfg:sun > add anet

zonecfg:sun:anet> set linkname=net0

zonecfg:sun:anet> end

zonecfg:sun > verfiy

zonecfg:sun > commit

zonecfg:sun > exit

In the above step, we will create a zne and set the zonepath. In my case my new solaris zone path is "/zones/sun02" in your case you can change your installation zone path. Here, I assign the network interface "net0" for this newly zone.

➤ After successfully zone creation in above step 1, we will go for start the Solaris zone installation in this step. As I explained you for solaris 11 local zone installation we required solaris 11 repo which is used for installation part.

!-[solaris]#zoneadm -z sun02 install

The following ZFS file system(s) have been created:

    rpool/zones/sun02

Progress being logged to /var/log/zones/zoneadm.30220110Z233232Z.sun02.install

       Image: Preparing at /zones/sun02/root.

 AI Manifest: /tmp/manifest.xml.F_ayqq

  SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml

    Zonename: sun02

Installation: Starting ...

              Creating IPS image

Startup linked: 1/1 done

        Installing packages from:

solaris  origin:  http://localhost:1008/solaris/ce43f14c4791b5320596e2023cde1ec08709a3af/

DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED

Completed                            183/183   33556/33556  222.2/222.2  139k/s

PHASE                                          ITEMS

Installing new actions                   46825/46825

Updating package state database               Done

Updating image state                          Done

Creating fast lookup database                 Done

Installation: Succeeded

Note:Man pages can be obtained by installing pkg:/system/manual done. Done: Installation completed in 2392.837 seconds.

Now our newly zone "sun02" has been installed successfully. All the configuration files are keep in /zones/sun02/root directory.

➤ In this step we will boot the newly installed zone "sun02".

!-[solaris]#zoneadm -z sun02 boot

You can check the status of zone that it is running or not after boot.

!-[solaris]#zoneadm list -icv

ID NAME      STATUS     PATH          BRAND    IP

   0 global   running    /            solaris  shared

   1 sun01    running    /zones/sun01 solaris  excl

   3 sun02    running    /zones/sun02 solaris  excl

if you see the above output newly zone "sun02" is running working fine on the solaris 11 operating system.

➤ Now in the next step, we will login on the local zone console to complete the configuration process.

!-[solaris]# zlogin -C sun02

[Connected to zone 'sun02' console]

You can press enter when you will get this message. Now it is asking for some configuration step we need to give a details one by one.

Time Zone: Regions

select the region that contains your time zone.

Regions

UTC/GMT

Africa

Americas

Antarctica

Arctic Ocean

Asia

Atlantic Ocean

Australia

Europe

Indian Ocean

Pacific Ocean

F2_Continue  F3_Back  F6_Help  F9_Quit

Time Zone: Locations

Select the location that contains your time zone.

Locations

x Afghanistan

x Armenia

x Azerbaijan

x Bahrain

x Bangladesh

x Bhutan

x Brunei

x Cambodia

x China

x Cyprus

x East Timor

x Georgia

x Hong Kong

v India

F2_Continue  F3_Back  F6_Help  F9_Quit

Time Zone

Select your time zone.

Time Zones

Asia/Kolkata

F2_Continue  F3_Back  F6_Help  F9_Quit

System Configuration Summary

Review the settings below before continuing. Go back (F3) to make changes.

Time Zone: Asia/Kolkata

Language: *The following can be changed when logging in.

Default language: C/POSIX

Terminal type: vt100

Users:

No user account

Network:

Computer name: sun02

Network Configuration: Automatic

Support configuration:

Not generating a Support profile as OCM and ASR services are not installed.

Hostname: sun02

So now your zone is fully configured ans installed successfully. You can login in zone very easily. So in next step we will see the post configuration settings which is required on local solaris zone.

➤ In the final step you need login to local zone sun02 and configured the ip address on the zone sun02.

!-[solaris]# zlogin -z sun02

You can successfully login in your newly created solaris 11 zone. Please leave a comment if you have any doubt , I will get back to you as soon as possible.

How to disable the SELinux in Linux operating system machine

Security-enhanced Linux (SELINUX): SELinux is know as Security enhanced linux system which is the security feature of the Linux kernel system. It is define the security Policy which makes system proctative agaginst the misconfiguration of the daemons. SELinux running in 3 modes which is disabled, enabled and permissive. We will explain these mode in configuration steps.

Here, you can find the all the steps which is required to enable or disable the SELinux configuration.

How to disable SELinux on Linux operating system:

➤ In the first step you can check the current status of SELinux. To do this please run the below command.

[root@localhost]# getenforce

Enabled

"getenforce" command is used for checking the current status of SELinux.

➤ As you see on my machine when I run the above command my SElinux is enabled, So in this step we will change the SELinux mode.

[root@localhost]# vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - No SELinux policy is loaded.

SELINUX=disabled

# SELINUXTYPE= can take one of these two values:

# targeted - Targeted processes are protected,

# mls - Multi Level Security protection.

SELINUXTYPE=targeted

Normally selinux configuration file you can found on the above location. You can edit the SELINUX entry to disabled. All the command is run by super user "root" only.

➤ Once you change the entry in SELinux configuration file then for permanent effect you need to take a reboot of the system.

[root@localhost]# init 6

Once you reboot the server all the configuration files changes has been done.

➤ In the last step you will run the "getenforce" command again to verify the new status of SELinux.

[root@localhost]# getenforce

Disabled

If you comparison the both step 1 and this step output you can found that SELinux policy is not disabled on the Linux operating system.