VIO Server


 
Thread Tools Search this Thread
Operating Systems AIX VIO Server
# 1  
Old 07-31-2012
VIO Server

Hi,

I am facing an issue in vio server. When I run
Code:
bosboot -ad /dev/hdisk0

I am getting an error
Code:
trustchk: Verification of attributes failed: /usr/sbin/bootinfo 
: accessauths

regards,

vjm

Moderator's Comments:
Mod Comment Please use code tags next time for your code and data.

Last edited by zaxxon; 07-31-2012 at 09:12 AM.. Reason: code tags
# 2  
Old 07-31-2012
the file /usr/sbin/bootinfo has wrong attributes (user/group/permissions/size) as it should have for trusted computing base

maybe try to copy the permissions from another server, default permissions are

Code:
-r-xr-x---    1 bin      bin           13852 Aug 15 2011  /usr/sbin/bootinfo

size changes of course with your AIX release and technology level

Edit:
check out this link

http://www.ibm.com/developerworks/ai...ron/index.html


the command that might solve your issue is:

Code:
trustchk -y /usr/sbin/bootinfo



of course someone could have manipulated this command, but more obvious, bootinfo is a command with nice outputs for monitoring tools or configuration management databases, and these tools normally don't run as root user
so you might have changed the permission for this command, so it can be run as non root user (since most pvs on the vio server are not part of volume groups, lspv will not work, so you will most likely use bootinfo -s for example)

changing these attributes may lead to other errors in your environment


cheers
funksen

Last edited by funksen; 07-31-2012 at 11:25 AM..
# 3  
Old 08-01-2012
Hi,

I have newly installed this vio server from cd and have not enabled trust base.

So why its giving this error. No body has access to this server. Is it any bug in the os. vios 2.2.1.4

Regards,

vjm
# 4  
Old 08-02-2012
don't know if it's a bug in this release
did you try
Code:
trustchk -y

?
# 5  
Old 08-03-2012
Run "cksum /usr/sbin/bootinfo" and hopefully someone with a working 2.2.1.4 install can run it too and you can compare the results. I'd show you, but I'm on 2.2.1.3:
Code:
vio0:/home/padmin:# ioslevel
2.2.1.3
vio0:/home/padmin:# oem_setup_env
# cksum /usr/sbin/bootinfo
850554791 14276 /usr/sbin/bootinfo
#

# 6  
Old 08-08-2012
Same problem after upgrade VIO to 2.2.1.3, as we updated our SDDPCM driver under oem_setup_env (changes to root instead of padmin !) and smitty update_all:
Code:
...
Finished processing all filesets.  (Total time:  29 secs).

0503-409 installp:  bosboot verification starting...
installp:  bosboot verification completed.
0503-408 installp:  bosboot process starting...
trustchk: Verification of attributes failed: /usr/bin/tee : group mode
trustchk: Verification of attributes failed: /usr/sbin/bootinfo : accessauths

bosboot: Boot image is 49180 512 byte blocks.
0503-292 This update will not fully take effect until after a
        system reboot.
...

Since the bosboot worked in our case, we didn't call IBM support.

Moderator's Comments:
Mod Comment Please use code tags next time for your code and data.

Last edited by zaxxon; 08-08-2012 at 07:23 AM.. Reason: Reformat wrapped lines
# 7  
Old 10-10-2012
Here is a working server:
Code:
# /usr/ios/cli/ioscli ioslevel
2.2.1.4
# bosboot -ad /dev/hdisk0

bosboot: Boot image is 51228 512 byte blocks.
#  cksum /usr/sbin/bootinfo
3368613133 14276 /usr/sbin/bootinfo
#

Here is a non-working server:
Code:
#  /usr/ios/cli/ioscli ioslevel
2.2.1.4
# bosboot -ad /dev/hdisk0
trustchk: Verification of attributes failed: /usr/bin/tee
: group mode

bosboot: Boot image is 51228 512 byte blocks.
#  cksum /usr/sbin/bootinfo
3368613133 14276 /usr/sbin/bootinfo
#

Calling IBM to see what they say...

---------- Post updated at 02:07 PM ---------- Previous update was at 01:44 PM ----------

Make sure the permissions of the /usr/bin/tee file are correct, here they are after i updated them:

Code:
# ls -l /usr/bin/tee
-r-xr-xr-x    1 bin      bin            4318 May 10 2008  /usr/bin/tee
# bosboot -ad /dev/hdisk0

bosboot: Boot image is 51228 512 byte blocks.
#


Last edited by The_Moves; 10-10-2012 at 04:15 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How to identify the blade from VIO server?

Hello, I would like to identify the blade or/and bladecenter from the hosted VIO server. I prefer the "command line" solution. May be kdb. Like, I want to ask the child about his father. Thank you (1 Reply)
Discussion started by: x41
1 Replies

2. AIX

VSwitch not showing up on VIO Server

Want to run this by you all before opening a PMR with IBM Support. It's been a few weeks since I have done this so I can't be 100% sure of how I think it worked in the previous version. We upgraded our HMC's yesterday to 7.7.9 SP2 in hopes of fixing some issues we were having. Today I needed... (4 Replies)
Discussion started by: juredd1
4 Replies

3. AIX

network interfaces on vio server

Hi, I would like to know after the installation of vio server. how many logical network interfaces will be created on vio server if I am having two physical interfaces on vio server. I am asking this question because I would like know to on the basis of logical network interfaces creation on... (0 Replies)
Discussion started by: manoj.solaris
0 Replies

4. AIX

Mirroring vio server

Hi, I would like to know installing vio server on local disk and mirroring rootvg, if I am creating AIX VIO CLIENT(lpar), and any of single local hard disk failuare. will it affect lpars? will lpars able to boot. what needs to be done? (1 Reply)
Discussion started by: manoj.solaris
1 Replies

5. AIX

VIO server does not show new LPAR

Hi All, I've been trying to create a new LPAR for some days now but I can't get the VIO server to recognize the new LPAR. This is what I did: On HMC create new LPAR On HMC create new virtual scsi adapter for LPAR in VIO profile On HMC add new virtual scsi adapter for LPAR with DLPAR... (6 Replies)
Discussion started by: petervg
6 Replies

6. AIX

vio server ethernet to vio client ethernet(concepts confusing)

Hi In the vio server when I do # lsattr -El hdisk*, I get a PVID. The same PVID is also seen when I put the lspv command on the vio client partition. This way Im able to confirm the lun using the PVID. Similarly how does the vio client partition gets the virtual ethernet scsi client adapter... (1 Reply)
Discussion started by: newtoaixos
1 Replies

7. AIX

VIO server on p520

trying to put VIO server software into this p520, firmware upgraded to the latest and greatest..SF240_415_318 , I think a few questions, on this practice AIX machine on AIX 7.1 VIO can only be installed if ASMI or HMC is running ??? if so, perhaps ASMI is much simpler, since I will need to... (2 Replies)
Discussion started by: ppchu99
2 Replies

8. AIX

Identifying the vio server names

Hi My vio client is getting its virtual Ethernet services from dual vio servers. What command if I execute on the vio client will get me the names of the vio servers ? (2 Replies)
Discussion started by: samsungsamsung
2 Replies

9. AIX

Inherited VIO server an LPARs

Lucky me, someone has installed a server and got it running with the best intentions, but leaving me a headache. :wall: We have a simple p520 with 4 disks. 2x145Gb & 2x300Gb. The smaller disk pair have been built into a VIO mirrored rootvg, and quite right too. The other two disks form a... (3 Replies)
Discussion started by: rbatte1
3 Replies

10. AIX

vio server and vio client

Hi, I want to know wheather partition size for installation of vio client can be specified on vio server example If I am installing vio server on blade with 2*300gb hard disk,after that I want to create 2 vio client (AIX Operating system) wheather I can specify hard disk size while... (1 Reply)
Discussion started by: manoj.solaris
1 Replies
Login or Register to Ask a Question