|
|
United States-English | |
|
|
 |
|
HP-UX 11i December 2001 Release Notes: HP-UX Servers and Workstations > Chapter 4 HP-UX 11i Operating Environment Applications
HP-UX 11i Operating Environment |
|
|
new at 11i |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |
| |
| |
 | NOTE: The CIFS/9000 documentation files require 2MB of disk space. |
| |
| |
| |
The Event Monitoring Service (EMS) version A.03.20.01 is a framework used to monitor various system resources. In addition to the basic monitoring framework, the EMS product includes a set of general monitors for basic network interfaces, system resources, and ServiceGuard cluster objects. EMS is being released for use with the HP-UX 11.0 and HP-UX 11i operating systems, and is included in the HP-UX 11i Operating Environment. This release has all the features found in earlier versions in addition to new functionality, defect repairs, and support for new hardware configurations.
The EMS version A.03.20.01 is a minor release, with minor changes and defect fixes. The contents of EMS releases A.03.00 through A.03.10 have been incorporated, together with all A.03.10 patches.
The disk space requirement is 2.75MB. An additional 13MB of disk space should be allocated in /etc/opt to support EMS logging facilities.
The memory requirement is 3MB.
With HP-UX 11i, EMS adds a new state to the package monitor: UNAVAIL. If the monitor does not have sufficient information to determine status, the current value for the resource is set to UNAVAIL.
| |
| |
| |
| NOTE: The Event Monitoring Service version A.03.20.01 does not provide Native Language Support. |
| |
| |
| |
In addition to the current user's manual (Using the Event Monitoring Service [B7612-90015]), consult the Event Monitoring Service version A.03.20.01 Release Notes for HP-UX 11i (B7609-90015) for further information. Both publications are available on the HP-UX 11i Instant Information CD and on the Web at:
The Apache Web Server for HP-UX is an HTTP/1.1 compliant server that implements the latest protocols. The server includes software developed by the Apache Software Foundation for use in the Apache HTTP server project (see http://www.apache.org). The HP Apache-based Web Server can be customized by writing software modules using the Apache module API.
The HP-UX release of the HP Apache-based Web Server includes pre-compiled binaries that have been preconfigured to run on HP-UX 11.0 and later releases. It is supported on 32-bit and 64-bit systems. It runs as a 32-bit binary on 64-bit HP-UX 11.0 and 11i. It is not supported on HP-UX 10.20.
This version of the HP Apache-based Web Server includes 128-bit strong encryption. Apache SSL connections use a default dummy certificate provided by HP. See the release notes for the PEM pass phrase associated with the certificate.
| |
| |
| |
| NOTE: You must obtain certificates from authorized agencies for commercial purposes and make the necessary changes in httpd.conf to use the desired certificates. |
| |
| |
| |
The following new features are included in this version (version 1.3.19.21):
Fix for the Automatic restart on reboot
Certmig utility re-built on PA1.1
Fix for support of C++ shared modules.
The following new features are included in this version (version 1.3.19.20):
mod_perl now supports Perl version 5.6.1 (included in the OE).
Apache/Tomcat/Webadmin can now be automatically restarted on reboot. More information on customizing and configuring this feature can be found at /opt/apache/htdocs/doc/config.notes.
The security module mod_ssl updated to v.2.8.3.
Tomcat now starts with a nohup command, so that even if the parent shell is terminated, Tomcat will not die. The output from Tomcat startup is kept in /opt/tomcat/logs/tomcat_startup.log.
Chroot now causes the named directory to become the root directory, the starting point for path searches. A malicious user cannot get to the root file system. Apache Web Server's chroot includes SSL enhancements. Under the chroot directory, there is a script for copying OS files.
Now included is Memory Management (MM), a 2-layer abstraction library that simplifies the usage of shared memory between forked processes under UNIX platforms. MM support allows the use of httpd.conf SSLSessionCashe directives shm:/opt/apache/logs/ssl_scache(512000).
certmig now makes possible the sharing of certificates between
the Netscape Enterprise Server and any server that supports PKCS#12
formats. The certmig utility is an extension of the pk12util utility, provided by the Mozilla community. In addition
to the pk12util functionality, certmig lists and extracts certificates from Netscape certificate
databases.
The following new features are included in this version:
mod_perl is configured for Perl 5.005_03.
Tomcat v.3.1.1, compliant with Java Servlets 2.2 and JavaServer Pages 1.1 and contains defect fixes.
PHPv.4.0.4pl1, a popular, server-side, cross-platform, HTML embedded full-featured language with a Java/C++ syntax. Supports many databases.
Support for loading customized C++ shared libraries.
Third Party Support: BroadVision plug-in provides out-of-the-box support for the BroadVision e-commerce application suite.
Netscape Certificate Migration Tool v.3.1.1 to migrate Netscape and iPlanet certificates to Apache seamlessly. License and export information is included.
Webmin v. 0.84, a Web-based administration and configuration tool from Webmin, enhanced to handle administration and configuration for the Apache Web Server.
Includes mod_ssl v.2.7.1.
For HP-UX 11i, the Apache Web Server is perl-enabled but not configured; therefore, it will not allow the execution of perl scripts unless mod_perl is configured. For detailed configuration and installation instructions, see the online release notes at /opt/apache/htdocs/doc/apache.release.notes or once the web sever has been started, at http//machinename/doc.
| |
| |
| |
 | CAUTION: If you are receiving the Apache Web Server as part of the HP-UX 11i Operating Environment (OE), the software will be installed automatically as part of the OE bundle unless there is a non-HP version of Apache already on the system. If there is a non-HP version of the Apache Web Server already on your system, Apache will NOT install. In this case, you will need to install Apache separately from the rest of the OE bundle, as described in the following section. |
| |
| |
| |
If you are installing Apache Web Server for HP-UX separately from the rest of the OE bundle, or if you obtained the Apache product (B9415AA) independently of the HP-UX 11i Operating Environment, follow these steps:
From CD2 of the HP-UX 11i Operating Environment CDs, run /usr/sbin/swinstall&.
Select the appropriate depot.
From the View menu, go to Change Software View and select Start With Products. The products that are available will display for your selection.
Select Apache.
Go to the Actions menu and select Install. The installation paths are /opt/apache and /opt/tomcat.
| |
| |
| |
| NOTE: By default, swinstall does not reinstall filesets if the same revision already exists on your system. If you want to reinstall the same revision (for example, if some files are lost), you can change the installation options by choosing Options/Change Option. |
| |
| |
| |
Installing a product or a fileset may automatically install dependent filesets necessary to run the selected items.
If an HP or non-HP version of Apache is already on the system, swinstall preserves the existing configuration files under /opt/apache/conf, /opt/apache/conf/jserv, and /opt/tomcat/conf by renaming <file> to <file>.save. It also preserves certificates and certificate-related files under /opt/apache/conf/ssl.* directories by renaming <file> to <file>.save. In this way, you will not lose previous configuration information. However, the original configuration file (<file>.save) will be over-written if you re-install Apache.
Upon successful installation, swinstall runs HP Apache-based Web Server automatically.
All HP-specific documentation included in the HP Apache-based Web Server software can be found online after installation at http://machinename/doc or in the /opt/apache/htdocs/doc directory.
For the latest information on the HP Apache-based Web Server, go to the following web site:
The HP-UX Runtime Environment for the Java 2 (RTE) Platform version 1.2.2.08b contains the basic components for executing a Java application on HP 9000 servers and workstations with HP-UX 11i.
For further information, please read the release notes in the RTE software. Or, for the most up-to-date information, go to the Web at:
HP-UX Support Tools provide a complete set of tools for verifying, troubleshooting, and monitoring HP 9000 system hardware, including CPUs, memory, interface cards, and mass storage devices.
Support Tools Manager (STM) is the platform for executing online diagnostics. The commands to start it are xstm (GUI interface), mstm (menu-driven interface), cstm (command line interface), or stm (general).
With the December 2001 release, STM has been updated to version A.29.00.
Offline Diagnostic Environment (ODE) is the platform for executing offline diagnostics. Normally it is run from the Support Plus CD with the system offline.
EMS Hardware Monitors allow you to monitor the operation of a wide variety of hardware products and be alerted immediately if any failure or other unusual event occurs. The EMS Hardware Monitors are started automatically with no user intervention.
| |
| |
| |
| NOTE: Since the initial release of HP-UX 11i, there have been numerous changes to the Support Tools, including support for new devices, bug fixes, and enhancements. For the latest information on these changes, see the “Documentation” section below. |
| |
| |
| |
The rest of this section describes the major differences between Support Tools on HP-UX 11i and Support Tools on previous releases (HP-UX 10.20 and 11.0).
The HP-UX Support Tools have been modified to support new products, such as Superdome systems.
With HP-UX 11i, the Support Tools are automatically installed with the HP-UX 11i Operating Environment CD. It is no longer necessary to load the Support Tools from the Support Plus media. (The Support Plus media, however, still contains the Support Tools, and will continue to be distributed. Offline tools are run from the Support Plus CD and cannot be run from the HP-UX 11i Operating Environment CD.)
| |
| |
| |
| NOTE: As of HP-UX 11i, Predictive Support is no longer distributed with the Support Tools. |
| |
| |
| |
Disk space required by the HP-UX 11i Support Tools is comparable to the disk space required for previous releases (in the range of 60-70MB).
There are minor changes in monconfig, the user interface for configuring EMS Hardware Monitors. These changes relate to the client configuration files which have been added to support the multiple-view (Predictive-enabled) feature.
If you have scripts which invoke monconfig, they may have to be modified.
For more information on these changes, refer to "Adding a Monitoring Request" in Chapter 2 of the EMS Hardware Monitors User's Guide (June 2000 or later edition) available by searching on the manual title at:
Alternately, you can just run monconfig on HP-UX 11i to see the revised dialog.
The http://docs.hp.com/hpux/diag/ web site also has tutorials, FAQs, Release Notes, and manuals documenting the Support Tools. Although some documentation is also available through other means, such as through the Support Plus CD, the web pages provide the latest information.
For changes since the initial release of HP-UX 11i, see the March 2001, June 2001, or December 2001 documents at the following URLs:
For EMS Release Notes, see http://docs.hp.com/hpux/onlinedocs/diag/ems/ems_rel.htm
For STM Release Notes, see http://docs.hp.com/hpux/onlinedocs/diag/stm/stm_rel.htm
New functionality has been added to the Judy libraries to search for the next available (empty) location in a Judy array. Functions include the following:
FirstEmpty
NextEmpty
LastEmpty
PrevEmpty
See the information library for details at: http://www.hp.com/go/judy.
As of September 2001, the Judy Libraries product was removed
as a selectable application and is now installed with the OEs.
The Judy product is a C language library that enables an unbounded array capability. Judy Libraries provide a state-of-the-art core technology that replaces many traditional data structions and algorithms, such as arrays, sparse arrays, hash tables, B-trees, binary trees, linear lists, skip lists, and counting functions. The Judy product delivers:
Very easy to use API
Improved overall performance and better memory management
Scalable arrays that can grow dynamically to very large populations while maintaining excellent performance
Judy offers three types of arrays:
Judy1 functions provide a way to store, retrieve, and locate Boolean values (bit maps) in a Judy array.
JudyL functions provide a way to store, retrieve, and locate long-word values in a Judy array.
JudySL functions provide a way to store, retrieve, and locate strings as indexes (similar to associative arrays in awk, Perl, and Java).
The table below shows the location of the libraries that are provided with the Judy technology on the HP-UX system:
Hardware Architecture | Type | Location on system (from root) | |
|---|---|---|---|
32-bit | 64-bit | ||
HP-PA 1.1 | archive | /usr/lib/libJudy.a | N/A |
shared | /usr/lib/libJudy.sl | N/A | |
HP-PA 2.0 | archive | none | /usr/lib/pa20_64/libJudy.a |
shared | /usr/lib/pa20_32/libJudy.sl | /usr.lib/pa20_64/libJudy.sl | |
| |
| |
| |
| NOTE: The 32-bit HP-PA 1.1 shared library (/usr/lib/libJudy.sl) is provided for compatibility only. For best performance on 32-bit machines, use the HP-PA 2.0 shared library (/usr/lib/pa20_32/libJudy.sl). |
| |
| |
| |
For more information about the Judy technology, refer to the Judy(3x) manpages (installed
with the product) or visit the Judy web site at http://www.hp.com/go/judy.
Netscape Communicator version 4.7x (B.11.11.05) includes Netscape's popular Web browser, Navigator, as well as Messenger and Composer. Communicator offers the complete set of tools for browsing dynamic Web content, plus complete e-mail capability.
Netscape provides periodic maintenance releases for enterprise customers that include minor feature enhancements as well as improvements to overall stability.
Included as of the September 2001 release, Perl programming language version 5.6.1 is a release of ActivePerl, a product of ActiveState Tool Corporation.
For more information see the following:
Perl Programming, Third Edition, by Larry Wall, Tom Christiansen, and Jon Orwant. O'Reilly and Associates, Inc. USBN 0-596-00027-8
the perl(1) manpage (points you to related perl manpages)
the /opt/perl/bin/perldoc program
For further information, see the following URLs:
Pluggable Authentication Modules (PAM) Kerberos version B.11.11 is a service for authenticating users or services across an open network. HP-UX 11i provides Kerberos authentication through a Kerberos-Client product which is a part of the HP-UX base operating system. Kerberos, the primary authentication mechanism for Windows 2000, is integrated with Active Directory Service to provide enterprise-wide account management. This necessitates the implementation of the Kerberos authentication mechanism on HP-UX as a Pluggable Authentication Module.
Pluggable Authentication Modules (PAM) [OSF RFC 86] is the standard authentication mechanism, and is easily configurable to support multiple authentication technologies on HP-UX.
PAM Kerberos provides the PAM mechanism and encryption support.
The PAM service modules were implemented as a shared library, libpam_krb5.1. This library is built by linking with libkrb5.1, and is therefore not dependent on the libsys.sl library.
The HP-UX 11i implementation of Kerberos version 5 protocol provides enterprise-wide strong user authentication. Using encryption during the user authentication process, Kerberos infrastructure provides privacy and integrity of user login information since passwords are no longer communicated in clear text over the network.
HP-UX system entry services can work with any Kerberos v5 Server, namely, MIT Kerberos and Microsoft Windows 2000. Thus, passwords can be effectively unified in an Intranet with heterogeneous systems such as UNIX and Microsoft Windows 2000. Furthermore, support of password change protocol automates propagation of password changes. These two features can significantly reduce user administration complexity in a heterogeneous environment.
The HP-UX applications using PAM include telnet, login, remsh, ftp, rexec, rlogin, dtlogin, and rcp. PAM Kerberos interoperates with a Key Distribution Center (KDC) operating on either a UNIX or a Microsoft Windows 2000 server.
The PAM Kerberos module is compliant with IETF RFC 1510 and Open Group RFC 86. PAM Kerberos is also available under the product number J5849AA on the Applications Software CD. This product provides a libpam_krb5.1 library, a pam_krb5(1) manpage, and a release note document.
The minimum disk space required to install the product is 1MB. Additional disk space of about 1KB per user in the system /tmp file is required to store initial Ticket Granting Tickets in the credential cache file.
HP-UX PAM Kerberos is implemented under the PAM framework, which allows new authentication service modules to be plugged in and made available without modifying the application or rebooting the system.
PAM Kerberos works on HP 9000 servers and workstations with a minimum of 32MB of memory and sufficient swap space (a minimum of 50MB is recommended).
| |
| |
| |
| NOTE: PAM Kerberos is not thread safe. |
| |
| |
| |
PAM Kerberos (libpam_krb5.1) and PAM DCE (libpam_dce.1) plug-in modules can not be stacked together in the pam.conf file because of different principal styles and credential file paths. If so stacked, the results will be unpredictable.
The Kerberos system ftp service may list the /etc/issue file before the expected output. The sis(5) manpage provides detailed information. If the password has expired on a Microsoft Windows 2000 KDC, you will be asked for a new password but will not be allowed to log in. This is a known problem in Windows 2000.
When changing passwords on a MIT KDC with a version prior to 1.1, up to 45 seconds may elapse before the password is actually changed due to the selection mechanism of the change password protocol.
The following documentation is available:
The newly created manpage for pam_kerberos is available at:
/usr/share/man/man5.Z/pam_krb5.5
The white paper, Network Security Features of HP-UX 11i, is available on the Web at:
The PAM Kerberos Release Notes for HP-UX 11i is available at
The Runtime Plug-in (JPI) for the Java 2 platform allows you to use a version of the runtime environment that differs from the runtime environment embedded with Netscape Navigator 4.61 or later.
For prerequisites, installation information, and documentation, read the release notes included in the Plug-in software. Or, for the most up-to-date information, go to the Web at:
Servicecontrol Manager provides a convenient, single point of administration for HP-UX systems and Linux managed nodes. Now bundled with every HP-UX 11 release (as well as being available for download), Servicecontrol Manager integrates the key products of the HP-UX Servicecontrol systems management tools suite. You can now manage Linux managed nodes from an HP-UX central management server.
Servicecontrol Manager version A.02.05 provides the following new features:
You can now manage Linux nodes from the HP-UX central management station (CMS). Supported distributions for Linux managed nodes are Debian 2.2 and Red Hat 6.2.
You now have new GUI tools to reconfigure managed nodes after software upgrades.
Integration with Partition Manager is now available for Superdome users.
As of Servicecontrol version A.02.05, the following Operating Systems are supported:
Central Management Servers
HP-UX 11.00
HP-UX 11i Operating Environment
HP-UX 11i Enterprise Operating Environment
HP-UX 11i Mission Critical Operating Environment
Managed Nodes
HP-UX 10.20 and 11.00
HP-UX 11i Operating Environment
HP-UX 11i Enterprise Operating Environment
HP-UX 11i Mission Critical Operating Environment
Linux, Debian 2.2 and Red Hat 6.2
PC Web Access to Central Management Server
Microsoft Windows 95, 98, and NT 4.0
Note that the Java Plug-in, required software for a PC Web Client, does not support Windows 2000.
Servicecontrol Manager version A.02.03 provides the following new management and security features:
Integration with HP TopTools 5.5 is now included. TopTools is a web-based tool that helps you to manage your computer assets, network devices, and HP printers, as well as track your network resources and performance.
When selecting nodes for managed clusters, you can now manage up to 999 nodes in one cluster instead of the previous limit of 64.
The Distributed Task Facility (DTF) now has a theoretical limit of 500 task executions, instead of the previous limit of 10, and a theoretical limit of 1000 agent connections, up from the previous limit of 16. Both limits may vary depending on such factors as the machine's kernel settings, memory capacity, tasks running, and the number of threads the system is set up to allow.
A Trusted User can now assign users' roles on node groups as well as individual nodes.
New public/private key authentication between the Central Management Server and the managed node is now available.
Digital signatures now provide tamper resistance between the CMS and the managed nodes; however, digital signatures do not provide encryption.
“On-the-wire” encryption with HP Praesidium IPSec/9000 cryptographic suites can be configured.
Servicecontrol Manager now provides an automated way to start, stop, and restart daemons, instead of having to kill daemons manually.
For HP-UX 11i, SCM includes the following enhancements:
HP-UX 11i support for the central management station (CMS) and managed nodes
HP-UX 10.20 support for managed nodes
support for workstations as CMS/Managed nodes
For more information, see the mxtool(1) manpage and the following documents available through Servicecontrol's web site at www.software.hp.com/products/SCMGR:
Servicecontrol Manager Technical Reference v.1.3 (MPN: B8339-90030)
Planning, Installing, and Updating Servicecontrol Manager Guide (MPN: B8339-90029)
Readme documents and Release Notes
 Printable version |
|
|
|
|
|
|||||||||||||||
|
|||||||||||||||
