|
|
United States-English | |
|
|
 |
|
HP-UX 11i December 2002 Release Notes: HP-UX Servers and Workstations > Chapter 6 HP-UX 11i Version
1.0 Operating Environment Applications
HP-UX 11i Operating Environment |
|
|
new at 11i |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
I/O Driver Bundle | Description | Supported I/O Adapter Cards |
|---|---|---|
FDDI-00 | PCI FDDI | A3739A, A3739B |
FibrChanl-00 | PCI FibreChannel | A5158A, A6795A |
GigEther-00 | PCI GigEther | A4926A, A4929A |
GigEther-01 | PCI GigEther | A6794A, A6825A, A6847A |
IEther-00 | PCI IEther | A6974A |
RAID-00 | PCI RAID | A5856A |
With the September 2002 release, Base VERITAS Volume Manager has been upgraded to version 3.5. The following products are installed by default with the Base VERITAS Volume Manager Bundle 3.5 for HP-UX (swlist version B.03.50.5):
Base-VXVM B.03.50.5 Base VERITAS Volume Manager Bundle 3.5 for HP-UX
Base-VXVM.VRTSvxvm 3.5 m Base VERITAS Volume Manager 3.5 for HP-UX
Base-VXVM.VRTSvmdoc 3.5m VERITAS Volume Manager Documentation
Base-VXVM.VRTSfspro 3.5-ga08 VERITAS File System Management Services Provider
Base-VXVM.VRTSvmpro 3.5m VERITAS Volume Manager Management Services Provider
Base-VXVM.VRTSobgui 3.0.2.261a VERITAS Enterprise Administrator
Base-VXVM.VRTSob 3.0.2.261a VERITAS Enterprise Administrator Service
Base-VXVM.VRTSvlic 3.00.007e VERITAS License Utilities
The VRTSvxvm product replaces the HPvxvm product available with previous HP-UX 11i releases. It is the same product, but since HP and VERITAS have moved to a binary model for VxVM products, VERITAS handles all the packaging and the new name reflects this.
The HPvmsa product is no longer supported with VxVM 3.5. VERITAS has moved to a Unified GUI (UniGUI) product for 3.5. The VRTSob, VRTSobgui, VRTSvmpro, and VRTSfspro products are all part of the UniGUI product.
VERITAS has moved to SIG licensing for VxVM 3.5. As such, the VRTSvlic package is required for correct functioning of VxVM.
During upgrades from previous OEUR or AR releases, the previous HPvxvm and HPvmsa products will be replaced by the above new products. Previous ELM licensing keys will still work with the new SIG licensing package (that is, if a customer has installed the VxVM full product on their December 2001 system and then upgrades to 3.5, they will not need to get new license keys to get the same full functionality).
With VxVM 3.5, changes have been made to Ignite-UX to support VxVM “rootability.”[9] Customers can select at installation time to have their root disk managed by VxVM. (They do not have this option with Update-UX, however.)
The following documentation can be found on the Instant Information CD and in the /usr/share/doc/vxvm directory:
VxVM 3.5 Administrator's Guide
VxVM 3.5 Hardware Release Notes
VxVM 3.5 Installation Guide
VxVM 3.5 Migration Guide
VxVM 3.5 Release Notes
VxVM 3.5 Troubleshooting Guide
VxVM 3.5 User's Guide
The online manual pages are installed with the VRTSvxvm.VXVM-ENG-A-MAN fileset in the /usr/share/man directory.
The Base VERITAS Volume Manager 3.2 for HP-UX (swlist version B.03.20) is a new version of the VERITAS Volume Manager and Cluster Volume Manager with enhanced features that are currently only available on Solaris, but will soon be available on Linux and AIX.
Similar to the Base VERITAS Volume Manager 3.1 for HP-UX, this new version includes the following add-on products:
B9116AA: VERITAS Volume Manager 3.2 for HP-UX provides a full set of enhanced volume manager capabilities, including mirroring, RAID-5, and DMP for active/active devices.
B9117AA: VERITAS Volume Manager 3.2 Cluster Volume Manager for HP-UX provides enhanced volume manager functionality for clustered environments, and is integrated with MC/ServiceGuard 11.13 and ServiceGuard OPS Edition 11.13. (The Cluster Volume Manager for HP-UX requires that the VERITAS Volume Manager be installed first.)
All the software for both the base and add-on products is included in the Base VxVM product, but the enhanced features are unavailable without a license. When you purchase an add-on product, you will get a license that enables the enhanced features.
The Base VERITAS Volume Manager 3.2 for HP-UX will be installed by default on all of the Operating Environments in the December 2001 release. Customers who purchase one of these OEs will no longer need to install Base VxVM. However, none of the VxVM add-on products are available as part of any OEs.
The VERITAS Volume Manager 3.2 includes the following new features:
enhancements to the Dynamic MultiPathing (DMP) feature via a new Device Discovery Layer, which makes it easier to add new array support without requiring a kernel rebuild or a system reboot
4-node CVM support for MC/ServiceGuard and ServiceGuard OPS Edition
CVM and shared disk group support for striped mirrors, online relayout, and Oracle resilvering
full support for HP-UX workstations
performance improvements
Disk groups created with the Base VERITAS Volume Manager 3.1 for HP-UX product must be upgraded to a new disk group version supported with VERITAS Volume Manager 3.2. This upgrade will be transparent to customers when updating to the December 2001 release. See the vxdg(1M) manual page for additional information about upgrading disk groups.
All of the VERITAS Volume Manager 3.2 documents are available on the Instant Information CD, as well as on the http://docs.hp.com web site in both HTML and PDF formats.
The following general VERITAS Volume Manager documents include information about the VxVM products (base and add-ons):
VERITAS Volume Manager 3.2 Administrator's Guide
VERITAS Volume Manager 3.2 Storage Manager Administrator's Guide
VERITAS Volume Manager 3.2 Troubleshooting Guide
VERITAS Volume Manager 3.2 Migration Guide
For release notes on the Base VxVM 3.2 and add-on products for HP-UX 11i, see VERITAS Volume Manager 3.2 for HP-UX Release Notes.
A full set of manpages for both the base VxVM 3.2 and add-on products is included with the Operating Environments.
With CIFS/9000 Client and CIFS/9000 Server, Hewlett-Packard provides a Common Internet File System (CIFS), the Microsoft protocol for remote file access. CIFS is built into all recent Windows operating systems, including Windows 95, 98, NT 4.0, and 2000. By providing both server and client, CIFS/9000 enables file and print interoperability for environments with a mix of UNIX and Windows platforms.
For the most recent information on CIFS/9000 Client and CIFS/9000 Server, see the release notes and other documents listed below under “Documentation.”
CIFS/9000 Server 2.2a (software version A.01.08) includes the following enhancements:
A CIFS/9000 Server can act as a Microsoft Root Distributed File System (DFS) server.
Support is now enabled for printer drive uploading from a Windows NT client.
Support is now enabled for Primary Domain Controller (PDC) functionality.
High Availability (HA) templates have been enhanced to make it easier to create HA configurations that have many nodes.
The way CIFS/9000 uses HP-UX system resources has changed. Specifically, the default value of nfiles has been raised from 8 to 23, and may be set by the user depending upon the specific number of client files and connected clients. In addition, this CIFS Server version now requires that value of the nflocks parameter be set according to the maximum number of client connections desired. Simple formulas are provided to help the user correctly set these values.
A command line tool has been added to help the user populate the smbpasswd file, which is always accessed by CIFS/9000 Server 2.2a when displaying names on local machines.
CIFS/9000 Client, version A.01.07, includes the following changes:
Server-terminated user connections are now automatically re-established when the user attempts to access the server.
If the logfile size reaches a maximum of 50 Mbytes, it is saved with .prev appended to its name (overwriting any previously saved copy); then the logfile is restarted with zero bytes.
The synchronization of file timestamps between CIFS/9000 Clients and Windows Servers now accounts for daylight savings time.
The Japanese-language character-map files for Shift-JIS encoding now include symbols for integers-in-circles in the range 1 to 20, as well as various mathematical, Katakana, and other symbols. In addition, 74 new character mappings have been added.
CIFS/9000 Server version A.01.07 incorporates Samba 2.09, allows Windows 2000 clients to modify POSIX ACLs, and includes an option that can translate open mode locks to HP-UX advisory locks. This version also contains three fixes, including one which allows you to view, and therefore delete, broken (symbolic) links.
CIFS/9000 Client version A.01.06 provides improved file attribute caching and updated PAM-NTLM troubleshooting information.
The following changes were made for HP-UX 11i:
The CIFS/9000 product consists of only two products instead of four. The product numbers are B8724 and B8725.
CIFS/9000 product documentation is provided as .pdf files located in the /opt/samba/HP_docs directory. (Product documentation is also available on the HP-UX 11i Instant Information CD and on the Web at: http://docs.hp.com.)
Available documents include:
Installing and Administering the CIFS/9000 Server (B8725-90021)
Installing and Administering the CIFS/9000 Client (B8723-90011)
CIFS/9000 Server Release Note (B8725-90017)
CIFS/9000 Server Release Note Version A.01.08 (B8725-90020)
CIFS/9000 Client Release Note Version A.01.06 (B8724-90012)
CIFS/9000 Client Release Note Version A.01.07 (B8724-90013)
| |
| |
| |
 | NOTE: The CIFS/9000 documentation files require 2MB of disk space. |
| |
| |
| |
Event Monitoring Service (EMS) version A.03.20.01 is a framework used to monitor various system resources. In addition to the basic monitoring framework, the EMS product includes a set of general monitors for basic network interfaces, system resources, and ServiceGuard cluster objects. EMS is being released for use with the HP-UX 11.0 and HP-UX 11i operating systems, and is included in the HP-UX 11i Operating Environment. This release has all the features found in earlier versions in addition to new functionality, defect repairs, and support for new hardware configurations.
EMS version A.03.20.01 is a minor release, with minor changes and defect fixes. The contents of EMS releases A.03.00 through A.03.10 have been incorporated, together with all A.03.10 patches.
The disk space requirement is 2.75MB. An additional 13MB of disk space should be allocated in /etc/opt to support EMS logging facilities.
The memory requirement is 3MB.
With HP-UX 11i, EMS adds a new state to the package monitor: UNAVAIL. If the monitor does not have sufficient information to determine status, the current value for the resource is set to UNAVAIL.
| |
| |
| |
| NOTE: Event Monitoring Service version A.03.20.01 does not provide native language support. |
| |
| |
| |
In addition to the current user's manual (Using the Event Monitoring Service [B7612-90015]), consult the Event Monitoring Service version A.03.20.01 Release Notes for HP-UX 11i (B7609-90015) for further information. Both publications are available on the HP-UX 11i Instant Information CD and on the Web at:
The HP Apache-based Web Server for HP-UX is an HTTP/1.1 compliant server that implements the latest protocols. The server includes software developed by the Apache Software Foundation for use in the Apache HTTP server project (see http://www.apache.org). The HP Apache-based Web Server can be customized by writing software modules using the Apache module API.
The HP-UX release of the HP Apache-based Web Server includes pre-compiled binaries that have been preconfigured to run on HP-UX 11.0 and later releases. It is supported on 32-bit and 64-bit systems. It runs as a 32-bit binary on 64-bit HP-UX 11.0 and 11i. It is not supported on HP-UX 10.20.
This version of the HP Apache-based Web Server includes 128-bit strong encryption. Apache SSL connections use a default dummy certificate provided by HP.
For the latest download and documentation information, please visit http://www.hp.com/go/webserver.
| |
| |
| |
 | IMPORTANT: HP Apache v.1.3.x has been deprecated (slated for future obsolescence).
Starting July 1, 2003, HP Apache 1.3.x will not be supported on HP-UX. December 2002 is the last release of HP Apache v1.3.x distributed in the HP-UX 11i OE. Starting March 2003, HP Apache v.2.x will be distributed on the HP-UX OE. HP Apache 1.3.x will still be available on HP Software Depot (http://software.hp.com) until June 30th, 2003. Customers should begin upgrading to HP Apache v.2.0 (product number B9416AA). It is available today on the Application Release CD that was shipped in this bundle, as well as on HP Software Depot (http://www.software.hp.com). Compared to previous versions, HP Apache v.2.0 offers better performance and new IPv6, WebDAV, and PHP- connectivity-to-Oracle support to provide a more robust web server for your HP 11i environment. In addition, to assist with this transition, HP has also created the Migration Guide - HP Apache-based Web Server Version 1.3.x to 2.x, which can be downloaded free of charge at http://www.hp.com/products1/unix/webservers/apache/techtips/index.html. For more information on HP Apache v.2.0, please visit our web site at http://www.hp.com/go/webserver. |
| |
| |
| |
| |
| |
| |
| NOTE: You must obtain certificates from authorized agencies for commercial purposes and make the necessary changes in httpd.conf to use the desired certificates. |
| |
| |
| |
HP Apache-based Web Server v.1.3.26.06 includes security fixes from v.1.3.26.05 plus auth_ldap functionality, mod_perl built as a DSO, and new helper utilities.
All users are urged to upgrade immediately to 1.3.26.05 or later.
mod_perl 1.27 is now available as a Dynamically Loadable Module (DSO). It used to be statically linked into Apache in the previous releases of HP Apache 1.3.x. See the release notes for the change in enabling mod_perl.
auth_ldap 1.6 has been added as the connector between Apache and an LDAP directory server module, allowing Apache to authenticate HTTP clients by using entries in an LDAP directory. auth_ldap supports iPlanet (Netscape) Directory Server and OpenLDAP Server, and can be configured to use the stunnel program for secure SSL queries to the LDAP server.
The following utilities have been added to HP Apache 1.3.26.x in the /opt/apache/bin/directory. (For more information on each utility, please see the Utilities User Guide, available at /opt/apache/htdocs/doc/utilities.user.guide.)
mkcert.sh: SSL Certificate Generation Utility. This script generates private keys, certificate signing requests, and certificates for the CA, server, and client.
stunnel_ctl.sh: Stunnel Start/Stop Utility. This is a wrapper utility used to start and stop the stunnel program. Stunnel is used for SSL connections between Apache and an LDAP directory server. More information on configuring an SSL connection is in the LDAP Admin Guide, available at /opt/apache/htdocs/doc/ldap.admin.guide.
OpenSSL 0.9.6g version upgrade fixes certain known OpenSSL vulnerabilities. The Common Vulnerabilities and Exposures Project (http://cve.mitre.org) describes them in issues CAN-2002-0656, CAN-20020657, and CAN-2002-0655. More information can be found at http://www.openssl.org. The OpenSSL community has released OpenSSL 0.9.6g as the best known version superseding the OpenSSL 0.9.6e release that was identified in the CVE report.
mod_ssl 2.8.10
MM 1.2.1 version upgrade fixes certain known vulnerabilities. Before 1.2.0, OSSP mm library (libmm) allowed the local Apache user to gain privileges via temporary files, possibly via a symbolic link. More details can be found in the issue CAN-2002-0658 at http://cve.mitre.org.
HP Apache version 1.3.26.03 is principally a security-fix, bug-fix, and version-upgrade release.
This release has upgraded to PHP 4.2.2 from 4.2.1 in previous HP Apache 1.3.26 releases. PHP 4.2.2 contains the security fix to correct POST vulnerabilities in PHP versions 4.2.0 and 4.2.1. For more information see: http://www.php.net/release_4_2_2.php.
Apache 1.3.26 addresses and fixes the issue regarding a remotely exploitable vulnerability in handling of large data chunks as noted in the following security bulletins:
http://itrc.hp.com/ — Log in and search for “HPSBUX0207-197” in “Technical Documents.” If you do not have a login, follow the easy registration steps.
http://cve.mitre.org/ — Search for “CAN-2002-0392.”
This release is a version update for the following HP Apache components:
Apache base 1.3.26
Tomact 3.3.1
PHP 4.2.2
Webmin 0.980
OpenSSL 0.9.6c
mod_ssl 2.8.9
BSAFE Crypto-C 5.2
In addition to the mod_jserv servlet connector found in previous versions of HP Apache, mod_jk v.1.2.0 is the servlet connector to Tomcat, and can use either the original ajpv12 protocol or the newer ajpv13 protocol.
Enhanced documentation includes FAQs, iPlanet to HP Apache Migration Guide, and HP Apache 1.3.x to 2.x Migration Guide.
The following new feature is included in version 1.3.19.23:
With this release, the chroot feature of the HP Apache-based Web Server has been enhanced. Customers who are currently using chroot (or are planning to use it in the future) are strongly encouraged to upgrade to this release. Current chroot users should recreate their chroot environment by running /opt/apache/bin/chroot_os_cp.sh, making sure to back up their original chroot environment beforehand.
The following new features are included in version 1.3.19.21:
Fix for the Automatic restart on reboot
Certmig utility re-built on PA1.1
Fix for support of C++ shared
modules.
The following new features are included in version 1.3.19.20:
mod_perl now supports Perl version 5.6.1 (included in the OE).
Apache/Tomcat/Webmin can now be automatically restarted on reboot. More information on customizing and configuring this feature can be found at /opt/apache/htdocs/doc/config.notes.
The security module mod_ssl updated to v.2.8.3.
Tomcat now starts with a nohup command, so that even if the parent shell is terminated, Tomcat will not die. The output from Tomcat startup is kept in /opt/tomcat/logs/tomcat_startup.log.
Chroot now causes the named directory to become the root directory, the starting point for path searches. A malicious user cannot get to the root file system. The HP Apache-based Web Server's chroot includes SSL enhancements. Under the chroot directory, there is a script for copying OS files.
Now included is Memory Management (MM), a 2-layer abstraction library that simplifies the usage of shared memory between forked processes under UNIX platforms. MM support allows the use of httpd.conf SSLSessionCashe directives shm:/opt/apache/logs/ssl_scache(512000).
certmig now makes possible the sharing of certificates between
the iPlanet Web Server 4.x and any server that supports PKCS#12
formats. The certmig utility is an extension of the pk12util utility, provided by the Mozilla community. In addition
to the pk12util functionality, certmig lists and extracts certificates from iPlanet certificate
databases.
The following new features are included in this version:
mod_perl is configured for Perl 5.005_03.
Tomcat v.3.1.1 compliant with Java Servlets 2.2 and JavaServer Pages 1.1 and contains defect fixes.
PHPv.4.0.4pl1, a popular, server-side, cross-platform, HTML embedded full-featured language with a Java/C++ syntax. Supports many databases.
Support for loading customized C++ shared libraries.
Third Party Support: BroadVision plug-in provides out-of-the-box support for the BroadVision e-commerce application suite.
Certificate Migration Tool v.3.1.1 to migrate iPlanet certificates to Apache seamlessly. License and export information are included.
Webmin v. 0.84, a Web-based administration and configuration tool from Webmin, enhanced to handle administration and configuration for the HP Apache-based Web Server.
Includes mod_ssl v.2.7.1.
The following requirements must be fulfilled before certain components/features will work:
Fast perl scripts and Apache modules written in perl require mod_perl to be configured.
Apache JServ requires Java Servlet Development Kit (JSDK) 2.0 or later.
Tomcat requires HP-UX Developer's Kit for Java 1.3 or later.
Webmin Administration and Configuration GUI depends on Perl 5.
Building DSOs using apxs depends on Perl installed at /opt/perl/bin/perl.
Binaries are dependent on the B.11.25 or later versions of ld and libdld.
For detailed configuration and installation instructions, see the release notes at /opt/apache/htdocs/doc/apache.release.notes or, once the Web Server has been started, at http://machinename/doc/.
| |
| |
| |
 | CAUTION: If you are receiving the HP Apache-based Web Server
as part of the HP-UX 11i Operating Environment (OE), the software
will be installed automatically as part of the OE bundle unless
there is a non-HP version of Apache already on the system.
If there is a non-HP version of Apache already on your system, the
HP Apache-based Web Server will not install.
In this case, you will need to install Apache separately from the
rest of the OE bundle, as described in the following section. Before updating, make sure to stop your previous HP Apache binary: /opt/apache/bin/apachectl stop Otherwise, the previous binary will continue running, preventing the new one from starting on port 80. |
| |
| |
| |
| |
| |
| |
| NOTE: By default, swinstall does not reinstall filesets if the same revision already
exists on your system. If you want to reinstall the same revision
(for example, if some files are lost), you can change the installation
options by choosing Options/Change Option. Installing a product or a fileset may automatically install dependent filesets necessary to run the selected items. If an HP or non-HP version of Apache is already on the system, swinstall preserves the existing configuration files under /opt/apache/conf, /opt/apache/conf/jserv, and /opt/tomcat/conf by renaming <file> to <file>.save. It also preserves certificates and certificate-related files under /opt/apache/conf/ssl.* directories by renaming <file> to <file>.save. In this way, you should not lose previous configuration information. Upon successful installation of HP Apache-based Web Server, the web server is started automatically with the new default configuration. To recover your previous configuration, restart HP Apache-based Web Server with the saved configuration files (<file>.save).If you wish to stop the HP Apache-based Web Server, as root, type /opt/apache/bin/apachectl stop. To disable HP Apache-based Web Server from starting on a reboot, edit the file /etc/rc.config.d/apacheconf to set the variable APACHE_START to 0. |
| |
| |
| |
If you are installing the HP Apache-based Web Server for HP-UX separately from the rest of the OE bundle, or if you obtained the Apache product (B9415AA) independently of the HP-UX 11i Operating Environment, follow these steps:
Stop the previous HP Apache binary from running: /opt/apache/bin/apachectl stop.
From CD2 of the HP-UX 11i Operating Environment CDs, run /usr/sbin/swinstall&.
Select the appropriate depot.
From the View menu, go to Change Software View and select Start With Products. The products that are available will display for your selection.
Select Apache.
Go to the Actions menu and select Install. The installation paths are /opt/apache and /opt/tomcat.
All HP-specific documentation included in the HP Apache-based Web Server software can be found online after installation at http://machinename/doc or in the /opt/apache/htdocs/doc directory.
For the latest information on the HP Apache-based Web Server, including documentation, Migration Guides, and FAQs, go to the Web at http://www.hp.com/go/webservers.
Both version 1.2 and version 1.3 will be installed. (See the following documentation section for the location of further information.)
The HP-UX Runtime Environment for the Java 2 (RTE) Platform has been updated to version 1.3.
The HP-UX Runtime Environment for the Java 2 (RTE) Platform contains the basic components for executing a Java application on HP servers and workstations with HP-UX 11i.
For further information, please read the release notes in the RTE software. Or, for the most up-to-date information, go to the Web at:
HP-UX Support Tools provide a complete set of tools for verifying, troubleshooting, and monitoring HP system hardware, including CPUs, memory, interface cards, and mass storage devices.
Support Tool Manager (STM) is the platform for executing online diagnostics. The commands to start it are xstm (GUI interface), mstm (menu-driven interface), cstm (command line interface), or stm (general).
Offline Diagnostic Environment (ODE) is the platform for executing offline diagnostics. Normally it is run from the Support Plus CD with the system offline.
EMS Hardware Monitors allow you to monitor the operation of a wide variety of hardware products and be alerted immediately if any failure or other unusual event occurs. The EMS Hardware Monitors are started automatically with no user intervention.
| |
| |
| |
| NOTE: Since the initial release of HP-UX 11i, there have been numerous changes to the Support Tools, including support for new devices, bug fixes, and enhancements. For the latest information on these changes, see the “Documentation” section below. |
| |
| |
| |
With the December 2002, STM has been updated to version A.35.00. Changes to online tools (STM and EMS Hardware Monitors) include the following:
New Fibre Channel Disk Arrays VA7110 and VA7410 are now identified by the STM ID tool.
Support for the iSCSI decoder/monitor has been enabled.
The following new hardware is now supported:
10/100 BT PCI Single Port LAN Card
A8068A: HLDS GDR-8161B ATAPI CD-RW Drive
A7853A: LITE-ON LTR-48126S ATAPI CD-RW Drive
A8070A: TEAC DW224E-B ATAPI DVD-ROM/CD-RW Combo (slim)
SMART support has been added for new and legacy HDD drives.
The existing Firmware Update tool has been enhanced.
With the December 2001 release, STM has been updated to version A.29.00.
The rest of this section describes the major differences between Support Tools on HP-UX 11i and Support Tools on previous releases (HP-UX 10.20 and 11.0).
The HP-UX Support Tools have been modified to support new products, such as Superdome systems.
With HP-UX 11i, the Support Tools are automatically installed with the HP-UX 11i Operating Environment CD. It is no longer necessary to load the Support Tools from the Support Plus media. (The Support Plus media, however, still contains the Support Tools, and will continue to be distributed. Offline tools are run from the Support Plus CD and cannot be run from the HP-UX 11i Operating Environment CD.)
| |
| |
| |
| NOTE: As of HP-UX 11i, Predictive Support is no longer distributed with the Support Tools. |
| |
| |
| |
Disk space required by the HP-UX 11i Support Tools is comparable to the disk space required for previous releases (in the range of 60-70MB).
There are minor changes in monconfig, the user interface for configuring EMS Hardware Monitors. These changes relate to the client configuration files which have been added to support the multiple-view (Predictive-enabled) feature.
If you have scripts which invoke monconfig, they may have to be modified.
For more information on these changes, refer to "Adding a Monitoring Request" in Chapter 2 of the EMS Hardware Monitors User's Guide (June 2000 or later edition) available by searching on the manual title at:
Alternately, you can just run monconfig on HP-UX 11i to see the revised dialog.
The http://docs.hp.com/hpux/diag/ web site also has tutorials, FAQs, Release Notes, and manuals documenting the Support Tools. Although some documentation is also available through other means, such as through the Support Plus CD, the web pages provide the latest information.
For changes since the initial release of HP-UX 11i, see the March 2001, June 2001, December 2001, March 2002, June 2002, September 2002, or December 2002 documents at the following URLs:
For EMS Release Notes, see http://docs.hp.com/hpux/onlinedocs/diag/ems/ems_rel.htm
For STM Release Notes, see http://docs.hp.com/hpux/onlinedocs/diag/stm/stm_rel.htm
The Judy product is a C language library that enables an unbounded array capability. Judy Libraries provide a state-of-the-art core technology that replaces many traditional data structions and algorithms (such as arrays, sparse arrays, hash tables, B-trees, binary trees, linear lists, skip lists, and counting functions).
The Judy technology is now an Open Source product that is available from SourceForge at http://sourceforge.net/projects/judy.
The Judy Libraries product has been updated to incorporate improved manpages, minor defect fixes, and minor code improvements.
New functionality has been added to the Judy libraries to search for the next available (empty) location in a Judy array. Functions include the following:
FirstEmpty
NextEmpty
LastEmpty
PrevEmpty
See the information library for details at: http://www.hp.com/go/judy.
As of September 2001, the Judy Libraries product was removed as a selectable application and is now installed with the OEs.
The Judy product delivers:
Very easy-to-use API
Improved overall performance and better memory management
Scalable arrays that can grow dynamically to very large populations while maintaining excellent performance
Judy offers three types of arrays:
Judy1 functions provide a way to store, retrieve, and locate Boolean values (bit maps) in a Judy array.
JudyL functions provide a way to store, retrieve, and locate long-word values in a Judy array.
JudySL functions provide a way to store, retrieve, and locate strings as indexes (similar to associative arrays in awk, Perl, and Java).
The following table shows the location of the libraries that are provided with the Judy technology on the HP-UX system:
Table 6-4 Locations of Judy Libraries
Hardware Architecture | Type | Location on system (from root) | |
|---|---|---|---|
32-bit | 64-bit | ||
HP-PA 1.1 | archive | /usr/lib/libJudy.a | N/A |
shared | /usr/lib/libJudy.sl | N/A | |
HP-PA 2.0 | archive | none | /usr/lib/pa20_64/libJudy.a |
shared | /usr/lib/pa20_32/libJudy.sl | /usr.lib/pa20_64/libJudy.sl | |
| |
| |
| |
| NOTE: The 32-bit HP-PA 1.1 shared library (/usr/lib/libJudy.sl) is provided for compatibility only. For best performance on 32-bit machines, use the HP-PA 2.0 shared library (/usr/lib/pa20_32/libJudy.sl). |
| |
| |
| |
For more information about the Judy technology, refer to the Judy(3x) manpages (installed
with the product) or visit the Judy web site at http://www.hp.com/go/judy.
Netscape Communicator includes Netscape's popular Web browser, Navigator, as well as Messenger and Composer. Communicator offers the complete set of tools for browsing dynamic Web content, plus complete e-mail capability.
Netscape provides periodic maintenance releases for enterprise customers that include minor feature enhancements as well as improvements to overall stability.
With the June 2002 release, Netscape Communicator has been updated from version 4.7x (B.11.11.05) to version 4.79 (B.11.11.09). (See also “Japanese Language Pack for Netscape 4.79”.)
| |
| |
| |
| NOTE: This is last version of Netscape Communicator that HP will be distributing on media. One more version will be made available online at http://www.hp.com/go/netscape. In the future, Netscape Communicator will be replaced by the Mozilla-based product Netscape 7. |
| |
| |
| |
Included as of the September 2001 release, Perl programming language version 5.6.1 is a release of ActivePerl, a product of ActiveState Tool Corporation.
For more information see the following:
Perl Programming, Third Edition, by Larry Wall, Tom Christiansen, and Jon Orwant. O'Reilly and Associates, Inc. USBN 0-596-00027-8
the perl(1) manpage (points you to related perl manpages)
the /opt/perl/bin/perldoc program
For further information, see the following URLs:
Pluggable Authentication Module (PAM) Kerberos version 11i is a service for authenticating users or services across an open network. HP-UX 11i provides Kerberos authentication through a Kerberos-Client product which is a part of the HP-UX base operating system. Kerberos, the primary authentication mechanism for Windows 2000, is integrated with Active Directory Service to provide enterprise-wide account management. This necessitates the implementation of the Kerberos authentication mechanism on HP-UX as a Pluggable Authentication Module.
Pluggable Authentication Module (PAM) [OSF RFC 86.0] is the standard framework, and is easily configurable to support multiple authentication technologies on HP-UX.
PAM Kerberos provides the PAM mechanism using Kerberos.
The PAM service module was implemented as a shared library, libpam_krb5.1. This library is built by linking with libkrb5.sl, and is therefore not dependent on the libsys.sl library.
The HP-UX 11i implementation of Kerberos version 5 protocol provides enterprise-wide strong user authentication. Using encryption during the user authentication process, Kerberos infrastructure provides privacy and integrity of user login information since passwords are no longer communicated in clear text over the network.
HP-UX system entry services can work with any Kerberos v5 Server, namely, MIT Kerberos and Microsoft Windows 2000. Thus, passwords can be effectively unified in an Intranet with heterogeneous systems such as UNIX and Microsoft Windows 2000. Furthermore, support of password change protocol has been implemented. These two features can significantly reduce user administration complexity in a heterogeneous environment.
The HP-UX applications using PAM include telnet, login, remsh, ftp, rexec, rlogin, dtlogin, and rcp. PAM Kerberos interoperates with a Key Distribution Center (KDC) operating on either a UNIX or a Microsoft Windows 2000 server.
The PAM Kerberos module is compliant with IETF RFC 1510 and Open Group RFC 86.0. PAM Kerberos is also available under the product number J5849AA on the Applications Software CD. This product provides a libpam_krb5.1 library, a pam_krb5(1) manpage, and a release note document.
Now included with PAM Kerberos is the pamkrb5val tool, which will help administrators validate the PAM Kerberos setup. The tool validates the following files for PAM Kerberos-related entries:
/etc/pam.conf
/etc/pam_user.conf
/etc/krb5.conf
/etc/krb5.keytab
Also included is a sample pam.conf file.
The minimum disk space required to install the product is 1MB. Additional disk space of about 1KB per user in the system /tmp file is required to store initial Ticket Granting Tickets in the credential cache file.
HP-UX PAM Kerberos is implemented under the PAM framework, which allows the new authentication service module to be plugged in and made available without modifying the application or rebooting the system.
PAM Kerberos works on HP servers and workstations with a minimum of 32MB of memory and sufficient swap space (a minimum of 50MB is recommended).
| |
| |
| |
| NOTE: PAM Kerberos is not thread safe. |
| |
| |
| |
PAM Kerberos (libpam_krb5.1) and PAM DCE (libpam_dce.1) plug-in modules can not be stacked together in the pam.conf file because of different principal styles and credential file paths. If so stacked, the results will be unpredictable.
If the password has expired on a Microsoft Windows 2000 KDC, you will not be asked for a new password and will not be allowed to log in. When changing passwords on a MIT KDC with a version prior to 1.1, up to 45 seconds may elapse before the password is actually changed due to the selection mechanism of the change password protocol.
The following documentation is available:
The newly created manpage for pam_kerberos is available at /usr/share/man/man5.Z/pam_krb5.5.
New for September 2002 is the manpage for pamkrbval.
The white paper, Network Security Features of HP-UX 11i, is available at http://www.unix.hp.com/operating/hpux11i/infolibrary/.
The PAM Kerberos Release Notes for HP-UX 11i is available at http://docs.hp.com.
The Runtime Plug-in (JPI) for the Java 2 platform allows you to use a version of the runtime environment that differs from the runtime environment embedded with Netscape Navigator 4.61 or later.
For prerequisites, installation information, and documentation, read the release notes included in the Plug-in software. Or, for the most up-to-date information, go to the Web at http://www.hp.com/go/java.
Servicecontrol Manager provides a convenient, single point of administration for HP-UX systems and Linux managed nodes. Now bundled with every HP-UX 11 release (as well as being available for download), Servicecontrol Manager integrates the key products of the HP-UX Servicecontrol systems management tools suite. You can now manage Linux managed nodes from an HP-UX central management server.
Servicecontrol Manager has been updated to version A.2.05.01 to support changes to the HP-UX 11i Operating Environments.
Servicecontrol Manager version A.02.05 provides the following new features:
You can now manage Linux nodes from the HP-UX central management station (CMS). Supported distributions for Linux managed nodes are Debian 2.2 and Red Hat 6.2.
You now have new GUI tools to reconfigure managed nodes after software upgrades.
Integration with Partition Manager is now available for Superdome users.
As of Servicecontrol version A.02.05, the following Operating Systems are supported:
Central Management Servers
HP-UX 11.00
HP-UX 11i Operating Environment
HP-UX 11i Enterprise Operating Environment
HP-UX 11i Mission Critical Operating Environment
Managed Nodes
HP-UX 10.20 and 11.00
HP-UX 11i Operating Environment
HP-UX 11i Enterprise Operating Environment
HP-UX 11i Mission Critical Operating Environment
Linux, Debian 2.2 and Red Hat 6.2
PC Web Access to Central Management Server
Microsoft Windows 95, 98, and NT 4.0
Note that the Java Plug-in, required software for a PC Web Client, does not support Windows 2000.
Servicecontrol Manager version A.02.03 provides the following new management and security features:
Integration with HP TopTools 5.5 is now included. TopTools is a web-based tool that helps you to manage your computer assets, network devices, and HP printers, as well as track your network resources and performance.
When selecting nodes for managed clusters, you can now manage up to 999 nodes in one cluster instead of the previous limit of 64.
The Distributed Task Facility (DTF) now has a theoretical limit of 500 task executions, instead of the previous limit of 10, and a theoretical limit of 1000 agent connections, up from the previous limit of 16. Both limits may vary depending on such factors as the machine's kernel settings, memory capacity, tasks running, and the number of threads the system is set up to allow.
A Trusted User can now assign users' roles on node groups as well as individual nodes.
New public/private key authentication between the Central Management Server and the managed node is now available.
Digital signatures now provide tamper resistance between the CMS and the managed nodes; however, digital signatures do not provide encryption.
“On-the-wire” encryption with HP Praesidium IPSec/9000 cryptographic suites can be configured.
Servicecontrol Manager now provides an automated way to start, stop, and restart daemons, instead of having to kill daemons manually.
For HP-UX 11i, SCM includes the following enhancements:
HP-UX 11i support for the central management station (CMS) and managed nodes
HP-UX 10.20 support for managed nodes
support for workstations as CMS/Managed nodes
For more information, see the mxtool(1) manpage and the following documents available through Servicecontrol's web site at www.software.hp.com/products/SCMGR:
Servicecontrol Manager Technical Reference v.1.3 (MPN: B8339-90030)
Planning, Installing, and Updating Servicecontrol Manager Guide (MPN: B8339-90029)
Readme documents and Release Notes
[8] WebQos Peak has been deprecated (slated for future obsolescence).
[9] For further information about Ignite-UX's support of VxVM rootability, see “Ignite-UX (IUX)”.
 Printable version |
|
|
|
|
|
|||||||||||||||
|
|||||||||||||||
