Commands Reference, Volume 5

sysck Command

Purpose

Checks the inventory information during installation and update procedures.

Syntax

sysck { -i | -u } [ -R RootPath ] [ -N ] [ -v ] [ -s SaveFile ] [ -O { r | s | u } ] -f File ProductName { tcbck Flags }

1All of the tcbck command flags are valid with this command.

Description

Attention: The sysck command DOES NOT support checking files that are greater than 2 gigabytes. If a product needs to ship a file that is greater than 2 gigabytes, set size and checksum values in their Fileset.inventory to VOLATILE, so the sysck command will not try to access the file.

Note: All of the tcbck command flags are valid with the sysck command. This feature provides compatibility with Version 3.1. For more information on the tcbck command and a complete listing of its flags, refer to AIX 5L Version 5.2 Commands Reference.

The sysck command checks file definitions against the extracted files from the installation and update media and updates the Software Vital Product Data (SWVPD) database. The sysck command does not recognize the following special characters in file names: `, ', \, ", ^, ( ), |, {}, [], <>,and : . If a file name contains one of these characters, the sysck command fails.

The sysck command is primarily used during the installation and update of software products.

When invoked with the -i flag, the sysck command checks the attributes of an extracted file with its file definitions, updates the SWVPD, and attempts to fix some errors if they exist.

The File parameter is the name of the stanza file that contains the file definitions. An example of such a file is the /etc/security/sysck.cfg file, although the syschk command does not use this file. The sysck command checks the size, links, symlinks, owner, group, and mode attributes of a file for which the type attribute is set to FILE. When invoked with the -v flag as well as the -i flag, sysck also checks the checksum value of a file.

The sysck command updates the file name, product name, type, checksum, and size of each file in the SWVPD database.

To fix errors, the sysck command resets the attribute of the installed or updated file to the defined value in the File stanza file, except for some attributes as described in "Fixing Errors".

When invoked with the -u flag, the sysck command removes the entry from the SWVPD database for each file that is part of the software product ProductName. The sysck command also deletes any hard links and symbolic links for each file, as defined in the SWVPD database.

Flags

-f File	Specifies the name of the stanza file that contains the file definitions.
-i	Checks for the correct installation of a software product's files. Updates the SWVPD database with the file definitions, and attempts to fix some errors if found.
-N	Specifies that the SWVPD database should not be updated.
-O {r\|s\|u}	Specifies which part of the SWVPD is to be updated, as follows: r Specifies the root part of the SWVPD. s Specifies the /usr/share part of the SWVPD. u Specifies the /usr part of the SWVPD (default).

-R RootPath	Use RootPath as root instead of "/".
-s SaveFile	Takes a snapshot of what is currently in the VPD and saves it in stanza format to the file specified by SaveFile. Called with the -u option. No action is taken in the database with this flag. Must be used with the -f option. For example: sysck -i -s /tmp/save.inv -f /tmp/real.inv bos.rte.shell
-u	Deletes file entries from the SWVPD and deletes hard links and symbolic links.
-v	Verifies that the checksum is correct.
ProductName	Specifies the installable software product or option that is being checked.

Environment Variables

INUTREE

The environment variable INUTREE has only the following four valid values:

NULL: Same as INUTREE not being set.
M: Specifies the root part of the SWVPD.
S: Specifies the /usr/share part of the SWVPD.
U: Specifies the /usr part of the SWVPD (default).

INUTREE can be used instead of the -O Tree flag.

INUNOVPD

The environment variable INUNOVPD can be null or can be set to 1. If it is set to 1 then sysck does not update the SWVPD. INUNOVPD can be used instead of the -N flag.

INUVERIFY

If the environment variable INUVERIFY is set to 1 sysck verifies that the checksum attributes in the stanza file are correct. INUVERIFY can be used instead of the -v flag.

File Definitions

acl	The access control list for the file. If the value is blank, the acl attribute is removed. If no value is specified, the command computes a value, according to the format described in Access Control Lists. This attribute should grant x (execute) access only to the root user and members of the security group. The command should setuid to the root user and have the trusted computing base attribute.
class	The logical group of the file. A value must be specified because it cannot be computed. The value is ClassName [ClassName].
checksum	The checksum of the file. If the value is blank, the checksum attribute is removed. If no value is specified, the command computes a value, according to the format given in the sum command. The value is the output of the sum -r command, including spaces.
group	The file group. If the value is blank, the group attribute is removed. If no value is specified, the command computes a value, which can be a group ID or a group name.
mode	The file mode. If the value is blank, the mode attribute is removed. If no value is specified, the command computes a value, which can be an octal number or a string (rwx), and have the TCB, SUID, SGID, and SVTX attributes.
owner	The file owner. If the value is blank, the owner attribute is removed. If no value is specified, the command computes a value, which can be a user ID or a user name.
size	The size of the file in bytes. If the value is blank, the size attribute is removed. A VOLATILE value in the size field indicates that the file size will change (so no checksum value can be given). A NOSIZE value indicates that the file has 0 length. If no value is specified, the command computes a value, which is a decimal number.
target	Allows symbolic links and hard links to exist as separate stanzas in the inventory. The target file definition refers to the full path name of the source of the link, for example: /etc/foo --> /usr/bar The target is `/usr/bar`.
type	The type of file. This value cannot be blank. If no value is specified, the command computes a value, which can be the FILE, DIRECTORY, FIFO, BLK_DEV, CHAR_DEV, LINK, MPX_DEV, and SYMLINK keywords.
xacl	An addition to the extended-access control list. A value must be specified as a single entry in an extended-access control list because the value cannot be computed. This attribute is valid only if the -i flag is used. For information about the format, see the acl file definition above.

Fixing Errors

To fix errors, the sysck command resets the attribute of the installed or updated file to the defined value defined in the File stanza file except for the following attributes, for which the sysck command acts as described:

links	Creates any missing hard links. If a link exists to another file that is not listed in this definition, the link is deleted.
program	If this attribute is included in the File stanza file, sysck invokes the program. A message is printed if an error occurs, but no additional action is taken.
symlinks	Creates any missing symbolic links. If a link exists to another file that is not listed in this definition, the link is deleted.

Security

Privilege Control: Only the root user can run this command.

Examples

A product that uses the installp command to install ships an inventory file in its image. To add the definitions to the inventory database and check permissions, links, checksums, etc., enter:
sysck -i -f dude.rte.inventory dude.rte
where dude.rte.inventory would look like the following:
```
/usr/bin/dude.exec:
   class = apply,inventory,dude.rte
   owner = bin
   group = bin
   mode = 555
   type = FILE
   size = 2744
   checksum = "04720        3"
```
To remove any links to files for a product that has been removed from the system and remove the files from the inventory database, enter:
sysck -u -f dude.rte.inventory dude.rte

Files

/etc/objrepos/inventory	Specifies names and locations of files in a software product on the root.
/usr/lib/objrepos/inventory	Specifies names and locations of files in a software product on the /usr file system.
/usr/share/lib/objrepos/inventory	Specifies names and locations of files in a software product on the /usr/share file system.

Related Information

The installp command, sum command, tcbck command.