hp-ux acl 사용하기

다중사용자간 권한을 주기위한 acl을 사용해보자

root@vm180   [/root]

# ll

-rw-r--r--   1 user1      class2           0 Feb 26 14:14 kjb.txt

root@vm180   [/root]

# setacl -m u:user3:rwx kjb.txt

root@vm180   [/root]

# ll kjb.txt

-rw-rwxr--+  1 user1      class2           0 Feb 26 14:14 kjb.txt

root@vm180   [/root]

# getacl kjb.txt

# file: kjb.txt

# owner: user1

# group: class2

user::rw-

user:user3:rwx

group::r--

class:rwx

other:r--

HP-UX runlevel에 관하여

Run level 확인

root@sanfran   [/root]

# who -r

   .       run-level 3  Feb 25 11:48    3    0    S

run level 변경 

root@sanfran   [/root]

# init 2

root@sanfran   [/root]

#

INIT: New run level: 2

/sbin/auto_parms: DHCP access is disabled (see /etc/auto_parms.log)

logout root

     Transition to run-level 2 in progress

     _____________________________________

Transition to run-level 2 is complete.

Value of TERM has been set to "vt100".

WARNING:  YOU ARE SUPERUSER !!

아래 서비스가 run level2에서는 없다.

root@sanfran   [/root]

# ps -ef | grep dtrc

run level3 으로 가서 확인해보자

root@sanfran   [/root]

# init 3

root@sanfran   [/root]

#

INIT: New run level: 3

/sbin/auto_parms: DHCP access is disabled (see /etc/auto_parms.log)

logout root

     Transition to run-level 3 in progress

     _____________________________________

Transition to run-level 3 is complete.

Value of TERM has been set to "vt100".

WARNING:  YOU ARE SUPERUSER !!

root@sanfran   [/root]

# ps -ef | grep dtrc

    root 13328     1  0 10:03:14 ?         0:00 /sbin/sh /usr/dt/bin/dtrc

위와 같이 올라가 있는 서비스가 다름을 알 수 있다.

Runlevel(실행수준) 0~3 # who –r

                           # init

Run level 0 (=halt state)

-OS 모든 프로세스가 종료된 상태

-init 0 # shutdown –hy 0

-power on

Run level s (=single user mode)

-안전모드

-장애처리가 목적 최소한의 자원으로 부팅만!!

-/,/stand 만 마운트

-로그인과정 생략 à root passwd 분실

Run level 1(=single user mode)

-파일시스템 마운트(ß----/etc/fstab)

-hostname 설정

Run level 2(=multi user mode)

-network 설정(ip/netmask/gateway/dns)

버퍼에 내용을 디스크에 쓰기 (2~3회 실행 한번에 70%정도 수행하기 때문)

root@sanfran   [/root]

# sync

현제 접속 상태

root@sanfran   [/root]

# tty

/dev/console

runlevel 다르게 부팅하기

Press Any Key to interrupt Autoboot

\EFI\HPUX\AUTO ==> boot vmunix

Seconds left till autoboot -  10

   Type 'help' for help

HPUX> boot vmunix –is (is or i1 or i2 or i3로 하면된다.)

INIT: Overriding default level with level 's'

INIT: SINGLE USER MODE

INIT: Running /sbin/sh

HP-UX 라우팅 테이블 편집 방법(routing table)

# route
usage: route [inet6] [ -n ] [ -f ] [ -p pmtu ] [ cmd [ net | host ]  args ]

# route -f  라우팅 테이블 삭제


                                                                               

# route add host 192.168.0.0 netmask 255.255.255.0 128.1.0.1 1  ---목적지에 직접 연결되지 않는 경우 hop count 1을 써준다. 그외에 동일네트워크 인 경우엔 생략

# route add net  128.1.0.0 netmask 255.255.0.0 128.1.1.1  ----- 동일네트워크임으로 홉카운트 생략

# route add default 128.1.0.1 1 ----  디폴트 게이트웨이 셋팅(약간 구문이 다르므로 헷갈릴수있다.)

영구 적용을 위해서는 vi /etc/rc.config.d/netconf를 열어서 편집해주면된다.

주의 

/sbin/init.d/net stop

/sbin/init.d/net start

시 기존 routing table이 삭제 되지 않으므로 

불필요한 라우팅 테이블은 한개씩 또는

route -f 로 전체를 날려준 후 작업을 해야 깔끔하게 적용할 수 있다.

HP-UX ARP 사용법

arp 테이블 조회

root@sanfran   [/root]

# arp -a

corp (128.1.0.1) at aa:bb:cc:0:1:89 ether

128.1.2.1 (128.1.2.1) at aa:bb:cc:0:1:81 ether

128.1.3.1 (128.1.3.1) at aa:bb:cc:0:2:82 ether

arp 테이블 삭제

root@sanfran   [/root]

# arp -d 128.1.0.1

128.1.0.1 (128.1.0.1) deleted

확인 

root@sanfran   [/root]

# arp -a

128.1.2.1 (128.1.2.1) at aa:bb:cc:0:1:81 ether

128.1.3.1 (128.1.3.1) at aa:bb:cc:0:2:82 ether

추가 

root@sanfran   [/root]

# arp 128.1.0.1

corp (128.1.0.1) at aa:bb:cc:0:1:89 ether

확인

root@sanfran   [/root]

# arp -a

corp (128.1.0.1) at aa:bb:cc:0:1:89 ether

128.1.2.1 (128.1.2.1) at aa:bb:cc:0:1:81 ether

128.1.3.1 (128.1.3.1) at aa:bb:cc:0:2:82 ether

HP-UX nwmgr 사용법 11.31

11.31에서 lanscan linkloop등을 통합하여 만든 커멘드이다.
추후 위에 명령어는 사라질 예정이라고 한다.

root@sanfran   [/root]
# nwmgr -g -A all -c lan0
lan0 current values:
   MTU = 1500
   MAC Address = 0xaabbcc000180
   TCP Packet Reassembly = On

root@sanfran   [/root]
# nwmgr -g --st -c lan0

***          lan0 64 bit MIB statistics:
Interface Name               = lan0
PPA Number                   = 0
Description                  = lan0 HP PCI 1000Base-T Release B.11.31.1003
Interface Type               = 1000Base-T
MTU Size                     = 1500
Speed                        = 1 Gbps
Station Address              = 0xAABBCC000180
Administration Status        = UP
Operation Status             = UP
Last Change                  = Tue Feb 25 11:47:45 2014
Inbound Octets               = 639517
Inbound Unicast Packets      = 5
Inbound Multicast Packets    = 1769
Inbound Broadcast Packets    = 2471
Inbound Discards             = 1178
Inbound Errors               = 0
Inbound Unknown Protocols    = 1783
Outbound Octets              = 4776
Outbound Unicast Packets     = 6
Outbound Multicast Packets   = 0
Outbound Broadcast Packets   = 0
Outbound Discards            = 0
Outbound Errors              = 0
Counter Discontinuity Time   = Tue Feb 25 15:40:05 2014
Physical Promiscuous Mode    = FALSE
Physical Connector Present   = TRUE
Interface Alias              =
Link Up/Down Trap Enable     = Enabled

linkloop를 대체한 명령어(linkloop가 훨 편하다 ㅡ.ㅡ;;)

root@sanfran   [/root]
# nwmgr --diagnose --attribute dest=0xAABBCC000499 -c lan0
lan0: Link check succeeded.

root@sanfran   [/root]
# nwmgr --diagnose --attribute dest=0xAABBCC100499 -c lan0
lan0: Link check failed.
lan0:
   Destination MAC address                                  = 0xAABBCC100499
   Number of test packets sent                              = 1
   Number of test packets received without errors           = 0
   Number of test packets received with invalid data        = 0
   Number of test packets received with invalid packet size = 0
   Number of test packets received with invalid header      = 0
   Number of missed test packets due to timeout             = 1

HP-UX linkloop 사용하기(heartbeat 연결시 유용)

heartbeat구성시 ip를 셋팅하지 않기 때문에 통신상태를 확인할때 

링크루프를 사용하게 된다.

root@sanfran   [/root]

# linkloop -i 0 0xAABBCC000480

Link connectivity to LAN station: 0xAABBCC000480

 -- OK

정상

root@sanfran   [/root]

# linkloop -i 0 0xAABBCC000410

Link connectivity to LAN station: 0xAABBCC000410

error:  get_msg2 getmsg failed, errno = 4

 -- FAILED

    frames sent               : 1

    frames received correctly : 0

    reads that timed out      : 1

비정상

HP-UX lanadmin 사용법(how to use lanadmin)

맥주소 확인

root@sanfran   [/root]

# lanadmin -a 0

Station Address                 = 0xaabbcc000180

스피드 확인 

root@sanfran   [/root]

# lanadmin -s 0

Speed                           = 1000000000

연결셋팅 확인 

root@sanfran   [/root]

# lanadmin -x 0

Speed = 1000 Full-Duplex.

Autonegotiation = On.

MTU 사이즈 확인 

root@sanfran   [/root]

# lanadmin -m 0

MTU Size                        = 1500

그냥 싹다 확인 (통계정보포함)

root@sanfran   [/root]

# lanadmin -g 0

                      LAN INTERFACE STATUS DISPLAY

                       Tue , Feb 25,2014  15:34:22

PPA Number                      = 0

Description                     = lan0 HP PCI 1000Base-T Release B.11.31.1003

Type (value)                    = ethernet-csmacd(6)

MTU Size                        = 1500

Speed                           = 1000000000

Station Address                 = 0xaabbcc000180

Administration Status (value)   = up(1)

Operation Status (value)        = up(1)

Last Change                     = 30

Inbound Octets                  = 18905821

Inbound Unicast Packets         = 2703

Inbound Non-Unicast Packets     = 127297

Inbound Discards                = 32606

Inbound Errors                  = 0

Inbound Unknown Protocols       = 54298

Outbound Octets                 = 263106

Outbound Unicast Packets        = 2694

Outbound Non-Unicast Packets    = 11

Outbound Discards               = 0

Outbound Errors                 = 0

Outbound Queue Length           = 0

Specific                        = 655367

Ethernet-like Statistics Group

Index                           = 1

Alignment Errors                = 0

FCS Errors                      = 0

Single Collision Frames         = 0

Multiple Collision Frames       = 0

Deferred Transmissions          = 0

Late Collisions                 = 0

Excessive Collisions            = 0

Internal MAC Transmit Errors    = 0

Carrier Sense Errors            = 0

Frames Too Long                 = 0

Internal MAC Receive Errors     = 0

통계정보 클리어

root@sanfran   [/root]

# lanadmin -c 0

Clearing LAN Interface statistics registers.

확인말고 값을 변경하고 싶다면?

옵션을 대문자로만 바꾸어 실행 하면 된다.