[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]

Distributed SMIT 2.2 for AIX: Guide and Reference


Modifying DSMIT Security Configuration

DSMIT allows you to modify the DSMIT security configuration by adding or removing DSMIT administrators, managed machines, or managing machines.

Note: You must be a registered DSMIT administrator to modify the DSMIT security configuration.

To start DSMIT security configuration, follow these steps:

  1. At the command prompt, enter:

    dsmit--init
    

    A screen appears with options to initialize or modify the DSMIT security configuration.

  2. Select Modify DSMIT Security Configuration.

    A menu will appear providing the following options:

    Change / Show Administrators

    Change / Show Managed Machines

    Change / Show Managing Machines
  3. Make your modifications.

    Note: If you add a new administrator, you will be prompted for the DSMIT administrator's password. Enter the password for the new administrator you are adding.
  4. OFF-LINE ACTIONS appears. A list of offline actions will appear after you make the modifications and exit these menus. You must perform the specified tasks to complete the modifications to the DSMIT security configuration.
  5. Erase the files in /tmp/dsmit on the system where you are running the dsmit-init command when you have successfully completed the offline actions.

    Note: The offline actions are saved in /tmp/dsmit.offline.

System Configuration for Sun OS and HP

DSMIT requires specific conventions on the Sun Microsystems and Hewlett-Packard (HP) systems to assist the configuration and management of devices, subsystems, and system builds. These conventions are used to reconfigure the system's /etc/rc.* files and system-configuration files.

On both the Sun Microsystems and Hewlett-Packard (HP) systems, restructure the /etc/rc.* files to resemble the standard System V Release 3 /etc/rc.* files by following these steps:

  1. Create your clients. See Defining Clients.
  2. Use the dsmit command to start DSMIT with the desired clients:

    dsmit -W DomainOfClients
    
  3. Select the System Management option from the initial menu.
  4. Select the System Configuration option from the System Management menu.
  5. Select the Reorganize RC Boot Files option from the System Configuration menu.
  6. Use the Tab key to select the yes option. Press the Enter key.
  7. Restart the client systems and exit DSMIT.

The restructuring of the /etc/rc.* files requires the definition of the /etc/rc0.d, /etc/rc1.d, /etc/rc2.d, and /etc/rc3.d directories. These directories contain shell scripts that perform the functions normally found in the system's /etc/rc.* files. The shell programs perform specific tasks and are named with a leading sequential number to provide task-sequencing. When you start the system, the tasks in the /etc/rc*.d directories are run sequentially.

Reconfiguring the /etc/rc.* files allows DSMIT to add and remove NFS and TCP/IP tasks from the startup procedure.

The system-configuration files are designed to emulate the customized database and to provide a single source for system hardware and software configuration. The Sun or HP user supplies the information used to construct these files. For HP systems, use the /etc/conf/d file without modifications. For Sun systems, construct the configuration files with information from the configuration files used to build the operating system and with the information found and reported by the autoconfiguration process during system startup.

After the system has restarted, build the configuration files.

For Sun systems, follow these steps:

  1. Use the dsmit command to start DSMIT with the desired clients:

    dsmit -W DomainOfClients
    
  2. Select the System Management option from the initial menu.
  3. Select the System Configuration option from the System Management menu.
  4. Select the Build Configuration Database option from the System Configuration menu.
  5. Press the F4 key to get the path name for the directory containing the system configuration. The following is an example of the path name:

    /usr/share/sys/sun4c/conf
    

    Press the Enter key.

  6. Press the F4 key at the Get configuration filename : Enter Configuration Filename option to display a list of selections.

    The configuration files usually have an all-uppercase name, such as GENERIC. The file used to build the current operating system can be recovered from the version string within the operating system. The output from the dmesg program for a name enclosed in parenthesis following the string SunOS Release 4.1.3. The Sun configuration-file syntax is not in a form that can be easily parsed with a shell script, so it is reformatted to make configuration information easier to find and update.

    Note: In most cases, selecting GENERIC from the list will work. However, selecting GENERIC won't work when software products have been installed that do not use a generic kernel. Refer to the documents supplied from other vendors on the type of configuration file needed for their product. For more information on Sun systems configuration files, refer to the /usr/share/sys/arch -k/conf/README file.
  7. Select GENERIC and press the Enter key.
  8. Press the F4 key at the Get devices filename : Enter Devices Filename option to display the list of selections. In most cases, selecting devices from the list will work.
  9. Press the F4 key at the Get files filename : Enter Files Filename option to display the list of selections. In most cases, selecting files from the list will work.
  10. At the Get loadable modules directory pathname : Enter Loadable Modules Directory Pathname option, press the Enter key to create the configuration database using the default value. Once the command completes, you are able to run DSMIT commands on the configured Sun system clients.

DSMIT uses the dmesg program during the /etc/rc.* file startup sequence to recover the information reported by the autoconfiguration process at system startup and saves it in the /etc/dmesg.boot file. DSMIT processes this information to determine which adapters were installed by the autoconfiguration process. This information, along with the information from the system configuration file, is formatted and placed in the /usr/share/SMIT/configdb file.

For HP machines, building the configuration files is optional. If you want to build the configuration files, follow these steps:

  1. Use the dsmit command to start DSMIT with the desired clients:

    dsmit -W DomainOfClients
    
  2. Select the System Management option from the initial menu.
  3. Select the System Configuration option from the System Management menu.
  4. Select the Build Configuration Database option from the System Configuration menu.
  5. Press the Enter key to run the command using the /hp-ux default value.

When DSMIT changes information found in the configdb file, it writes a confgdb update record in the file named /usr/share/SMIT/configdb_XXXX, where XXXX is a date stamp constructed with the date command.

Related Information

Chapter 1, Distributed System Management Interface Tool.


[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]