Selectable Applications

Integration with OpenView Operations (OVO, formerly known as VPO or ITO) and the associated Smart Plug In (SPI): Enables customers to monitor IDS/9000 alerts from the OVO management console. For configuration and control of IDS/9000 agent, the IDS/9000 administrative GUI is launched from within the OVO console.

New administrative GUI: More task oriented and easier to use. Reduces the number of interactions for installing, configuring, monitoring and controlling IDS/9000 agents.

Web protection capability: Documentation and a template script on how to customize IDS/9000 to provide near real-time protection against web server defacement.

Automatic restart of surveillance schedules after a reboot: Users no longer need to manually activate the monitoring schedules after a system reboot.

Multiple response script capability: The limit of having a single response script has been removed and users can now have multiple response scripts invoked when an alert is generated.

Rewritten and enhanced user's manual: Task oriented documentation with new sections on agent configuration, response programs, error messages, and troubleshooting.

New certificate generation and management tools: Accommodates a pure Java implementation of SSL for the administrative GUI.

install HP-UX on multiple systems in your network

create custom install configurations

recover HP-UX systems remotely

monitor system-installation status

An IUX feature has been enhanced so that newly installed core components and patches will be swmodify'ed with the correct file data to avoid swverify problems with those files.

To avoid accidental tape rewinding, the print_manifest command will no longer call diskinfo (or provide a tape capacity estimate) for tape devices.

Drivers such as X.25 (nioxb) now have their driver binding preserved during a recovery. This prevents them from becoming “unclaimed” after a recovery.

The hw_instance_num config file keyword includes a new optional driver parameter. See the instl_adm(4) manpage for more information.

The save_config command now sets the above driver parameter. A check was also added that ensures that the hardware path is of the format expected by the parser for HW_instance_num. This fixes the problem introduced by the sdm driver which has a hardware path of “es” for the virtbus class.

Ignite-UX servers that have multiple IP addresses assigned to a single network card now work correctly—as far as doing network boots using instl_bootd is concerned. However, this does not fix the issue documented in the FAQ item #1.9. The FAQ (a text file) is installed with Ignite-UX in /opt/ignite/share/doc/FAQ.

Ignite-UX now supports setting the block size for VxVS file systems. Previously this was only allowed to default. The user interface now permits this to be set to valid values and the save_config command saves it in order to restore it for a recovery. A sanity check now tests for valid values (also covering block sizes for HFS file systems) and applies this when laying out VxFS file systems.

If an OS archive image contains volume group files (for example, the directory /dev/vg00 and the files underneath that), and the major and minor numbers match ones that have been created but have a different name (like if vg00 was renamed bpr00), then the /dev/vg00 directory and its contents will be removed and the action logged to install.log. This avoids problems with commands like swapinfo which would report incorrect information since it would find /dev/vg00 before /dev/bpr00.

Additional sanity checks have been added to check for invalid mount points. This includes a missing mount point, a null string mount point, and a mount point that does not begin with a slash (“/”) character.

The subdirectory /etc/opt/OV (part of OpenView) is now permitted to be a mount point.

The make_bundles command was incorrectly putting the entire product into bundles created when only a list of filesets on the command line were given. This ended up causing clients added for recovery from the ignite GUI to have the entire Ignite-UX product loaded instead of the subset needed for make_net_recovery as intended. If you don't need the entire Ignite-UX product on the clients (that is, if you don't use make_tape_recovery), you can manually remove the Ignite-UX.FILE-SRV-* filesets on the clients to free up space.

The make_medialif command no longer prevents the usage of the -a and -o options to B.11.00 releases and later. There are clients which can run 10.20 and which require the WINSTALL kernel from the B-version of Ignite-UX in order to be installed. Now that it is possible to create a LIF header for such 10.20 clients which would include both WINSTAL and 10.20 SYSCMDS.

An issue was found that will cause newer PA-RISC workstations running the B-version of IUX with the HP-UX 10.20 to be unable to boot from a tape created with either make_tape_recovery or make_recovery. This issue has been fixed with this version of IUX. There is no issue with these same systems using version A of IUX. (See section #1.20 in the FAQ for more information including a workaround. The FAQ, a text file, is installed with IUX in /opt/ignite/share/doc/FAQ.)

If a mount point contains a symbolic link, it will now follow the same rules for archival as all other mount points. It either needs to be specifically included or marked as an essential item or it needs to be on a volume group or whole disk that already contains some item that has been included or marked as an essential item. If neither of these cases are met, then the mount point will not be included in the archive.

If the DNS domain has been set, the line in the /etc/hosts file for the system being installed will be written out as:

<IP address><tab><hostname>.<domain> <hostname>

For example:

15.16.17.18 myhost.corp.com myhost

If the DNS domain has not been set, only the hostname without domain is used.

The add_release command is not supported for the B.11.11 release and beyond. This command will be completely obsoleted in a future release. Instead of add_release, you may use the following commands:

# make_depots -d <depot name> -s <source_device>

# make_config -c /var/opt/ignite/data/Rel_B.<XX.YY>/core_cfg -s <depot name>

# manage_index -a -f /var/opt/ignite/data/Rel_B.<XX.YY>/core_cfg

The B version of IUX now uses the ndd command to turn off subnet mask checking to allow for subnet masks such as 255.0.0.0. This is only done when installing HP-UX 11.00 or later.

Removing volumes when recovering a system from a make_*recovery backup now correctly results in them being commented out of the /etc/fstab file. This also fixes a problem where if the /var volume was removed, the /var directory was left renamed to /var_iux after the system was recovered.

A manual page for the fix_patches command has been included for the first time. See the fix_patches(1M) manpage for more information.

The B version of Ignite-UX no longer supports installing or recovering disk devices connected to the older PCI Tachyon (A3740A) fibre channel cards. This has been the case since the B.3.0 release.

A sanity check has been added that tests the relationships between memory size, allocated dump space, and free space in whatever logical volume contains /var/adm/crash. The check will produce messages if dump space is less than 50 percent of memory, and if the free space for /var/adm/crash is less than the dump space allocated. The check, at worst, produces warnings which can be ignored, and installations are allowed to proceed.

File mtime, ctime, and atime behaviors have changed in the recovery commands. The commands make_tape_recovery, make_net_recovery, make_recovery, and make_sys_image no longer use the -t option to the pax command. In the past, this option was used so that the “atime” (access modification time) of the files being backed up was restored. However, a hidden side-effect of this -t option was that it caused the “ctime” (inode modification time) of files being backed up to change, which, in turn, triggered security tools to raise an alarm. Another side effect of the -t option also caused the “mtime” (modification time) of /etc/passwd and /etc/group to be changed due to the way make_recovery used -t in combination with the -s pax option.

Device files for drivers that use dynamic major numbers are now modified to track any changes to the dynamic major assignments that may occur during the installation or recovery of a system. Prior to this change, some products (such as X.25 and EMS) may not work correctly after recovering a system, or when installing a system from an archive image. For this change to work, the OS archive image must contain the /stand/ioconfig file from the original system. Therefore, you will need to recreate old OS archive images with the new make_sys_image script that includes /stand/ioconfig in the archive.

The make_sys_image command no longer retrieves variable values from the /tmp/install.vars or /var/opt/ignite/local/host.info files.

A UID larger than 64K on an automount directory will no longer cause the contents of the automounted directory to be backed up as if it were a directory on the local disk or volume group. If a mount is detected as stale, the system will now issue a WARNING and continue the traversal of the volumes and disks that need to be recovered and put them in the archive image.

When recovering systems that use Auto Port Aggregation Software (APA) installation, IUX no longer comments out the Internet Configuration parameters for LAN aggregates in the /etc/rc.config.d/netconf file. If the recovery is done over the network, you will need to specify that the networking parameters are temporary for the system to come up on the LAN aggregate interface.

A new option -V has been added to bootsys. One or more -V options may be supplied to set a value to a variable.

All options of make_bundles other than -f, will generate content lines with product- level instead of fileset-level detail. This is a fix for duplicate entries in the bundle contents due to a product having both 32-bit and 64-bit filesets for 11.x and beyond. The -f option now lists the fa=* attribute in the bundle contents.