swverify(1M) swverify(1M)
NAME
swverify - verify software products
SYNOPSIS
session_file] software_file] jobid] date] session_file] target_file] option=value] option_file] [software_selections] target_selections]
Remarks
o This command supports operations on remote systems. See below.
o For an overview of all SD commands, see the sd(5) man page by typing on the command line.
DESCRIPTION
The command verifies the software_selections at one or more target_selections (for example, root filesystems). When verifying installed
software, checks software states, dependency relationships, file existence and integrity, in addition to executing vendor-supplied verifi-
cation scripts.
The command also verifies software_selections at one or more target depots. For target depots, performs all of the checks listed above,
but does not execute verification scripts.
does support operations on a tape depot.
The command also supports these features:
o Verifies whether installed or configured software is compatible with the hosts on which that software is installed.
o Verifies that all dependencies (prerequisites, corequisites, exrequisites) are being met (for installed software) or can be met
(for available software).
o Executes vendor-specific scripts that check if the software products is correctly configured.
o Executes vendor-specific scripts that correct and report specific problems.
o Reports missing files, check all file attributes (ignoring volatile files). These attributes include permissions, file types,
size, checksum, mtime, link source and major/minor attributes.
Remote Operation
You can enable SD to manage software on remote systems. To let the root user from a central SD controller (also called the central manage-
ment server or manager node) perform operations on a remote target (also called the host or agent):
1) Set up the root, host, and template Access Control Lists (ACLs) on the remote machines to permit root access from the controller sys-
tem. To do this, run the following command on each remote system:
NOTES:
o controller is the name of the central management server.
o If remote system is 11.00, make sure SD patch PHCO_22526 or a superseding patch is installed on remote system before running
o If remote system is older than 11.00 or for some other reason does not have in place, copy script from an 11.11 or higher system to
the remote system.
2) and have enhanced GUI interfaces for remote operations. Enable the enhanced GUIs by creating the file on the controller. Use this
command:
See sd(5), swinstall(1M), swcopy(1M), swjob(1M), swlist(1M), or swremove(1M) for more information on interactive operations.
NOTE: You can also set up remote access by using directly on the remote machines to grant root or non-root access to users from the con-
troller system.
Options
supports the following options:
Operate on a depot rather than installed software.
Runs vendor-specific
scripts to correct and report problems on installed software. The fix script can create missing directories, correct
file modifications (mode, owner, group, major, and minor), and recreate symbolic links.
Operates on an alternate root directory, which must be specified in the
option. Verify scripts are not run when verifying software in an alternate root directory. (This option is not
required for alternate root operations but is maintained for backward compatibility. See the heading in sd(5) for
more information.)
Turns on verbose output to stdout.
(The logfile is not affected by this option.) Verbose output is enabled by default; see the option below.
Save the current options and operands to
session_file. You can enter a relative or absolute path with the file name. The default directory for session files
is You can recall a session file with the option.
Read the list of
software_selections from software_file instead of (or in addition to) the command line.
Executes the previously scheduled job.
This is the syntax used by the daemon to start the job.
Schedules the job for this
date. You can change the date format by editing the
Execute based on the options and operands saved from a previous session, as defined in session_file. You can save session
information to a file with the option.
Read the list of
target_selections from target_file instead of (or in addition to) the command line.
Set the session
option to value and override the default value (or a value in an alternate options_file specified with the option).
Multiple options can be specified.
Read the session options and behaviors from
options_file.
Operands
Most SD commands support two types of operands: followed by These operands are separated by the "at" character. This syntax implies that
the command operates on "software selections at targets".
Software Selections
The command supports the following syntax for each software_selection:
o You can specify selections with the following shell wildcard and pattern-matching notations:
o Bundles and subproducts are recursive. Bundles can contain other bundles and subproducts can contain other subproducts.
o The software specification selects all products. Use this specification with caution.
The component has the form:
o location applies only to installed software and refers to software installed to a location other than the default product direc-
tory.
o and apply only to filesets.
o and apply only to bundles and products. They are applied to the leftmost bundle or product in a software specification.
o The <op> (relational operator) component can be of the form:
or
which performs individual comparisons on dot-separated fields.
For example, chooses all revisions greater than or equal to The system compares each dot-separated field to find matches.
o The (equals) relational operator lets you specify selections with the shell wildcard and pattern-matching notations:
For example, the expression returns any revision in version 10 or version 11.
o All version components are repeatable within a single specification (for example, If multiple components are used, the selection
must match all components.
o Fully qualified software specs include the and version components even if they contain empty strings. For installed software, is
also included.
o No space or tab characters are allowed in a software selection.
o The software can take the place of the version component. It has the form:
[instance_id]
within the context of an exported catalog, where is an integer that distinguishes versions of products and bundles with the same
tag.
Target Selections
The command supports the following syntax for each target_selection. The colon is required if both a host and directory are speci-
fied.
Target Selections with IPv6 Address
The command also supports specifying the host as an IPv6 address on HP-UX Release 11i v3, as shown below.
If both the hostname and the path are specified, then the first occurrence of a slash is treated as the separator.
The IPv6 address can optionally be enclosed in a pair of square brackets and
EXTERNAL INFLUENCES
Default Options
In addition to the standard options, several SD behaviors and policy options can be changed by editing the default values found in:
the system-wide default values.
the user-specific default values.
Values must be specified in the defaults file using this syntax:
The optional prefix denotes one of the SD commands. Using the prefix limits the change in the default value to that command. If you leave
the prefix off, the change applies to all commands.
You can also override default values from the command line with the or options:
The following section lists all of the keywords supported by the command. If a default value exists, it is listed after the The commands
that this option applies to are also specified.
The location for SD logfiles and the default parent directory for the
installed software catalog. The default value is for normal SD operations. When SD operates in nonprivileged mode (that
is, when the default option is set to
o The default value is forced to
o The path element is replaced with the name of the invoking user, which SD reads from the system password file.
o If you set the value of this option to path, SD replaces with the invoking user's home directory (from the system pass-
word file) and resolves path relative to that directory. For example, resolves to the directory in your home direc-
tory.
o If you set the value of the default option to a relative path, that path is resolved relative to the value of this
option.
SD's nonprivileged mode is intended only for managing applications that are specially designed and packaged. This mode
cannot be used to manage the HP-UX operating system or patches to it. For a full explanation of nonprivileged SD, see the
available at the web site.
See also the and options.
Causes the target agent to automatically exit after Execute phase, or after
a failed Analysis phase. This is forced to when the controller is using an interactive UI, or when (preview) is used.
This enhances network reliability and performance. The default value of causes the target agent to automatically exit
when appropriate. When set to the target agent will not exit until the controller ends the session.
Causes a target agent to exit if it has been inactive for the
specified time. This can be used to make target agents more quickly detect lost network connections since RPC can take as
long as 130 minutes to detect a lost connection. The recommended value is the longest period of inactivity expected in
your environment. For command line invocation, a value between 10 minutes and 60 minutes is suitable. A value of 60 min-
utes or more is recommended when the GUI will be used. The default of 10000 is slightly less than 7 days.
Requires that the software products which are being installed be
"compatible" with the target selections. (All of the target selections must match the list of supported systems defined
for each selected product.) If set to target compatibility is not enforced.
Prevents the installation or configuration of another, independent
version of a product when a version already is installed or configured at the target.
If set to another version of an existing product can be installed into a new location, or can be configured in its new
location. Multiple versions can only be installed if a product is locatable. Multiple configured versions will not work
unless the product supports it.
Controls automatic job removal of completed jobs.
If the job is automatically removed, job information (job status or target log files) cannot be queried with
Controls the automatic selection of prerequisite, corequisite, and
exrequisite software that is not explicitly selected by the user. When set to the requisite software is automatically
selected for configuration. When set to requisite software which is not explicitly selected is not automatically selected
for configuration.
The option is ignored when this option is set to
Controls the automatic selection
of the first left-most dependency in a list of OR dependencies that satisfies a requisite when another dependency in the
list that also satisfies the requisite is explicitly selected by the user.
When set to the first left-most dependency in a list of OR dependencies that satisfies a requisite is not automatically
selected when another dependency in the list that also satisfies the requisite is explicitly selected. If set to the
first left-most dependency in a list of OR dependencies that satisfies a requisite is automatically selected even when
another dependency in the list that also satisfies the requisite is explicitly selected.
This option is ignored when the option is set to
Causes to verify the time stamp, size, and checksum attributes of files. If set to these attributes are not verified.
(This option is ignored if
is set to Controls whether or not validates the size and checksum for compressed files. In the default state of checks
only the mtime, size and cksum attributes of the compressed file. If set to uncompresses the file in memory and verifies
the size and cksum attributes of the uncompressed contents.
Only files compressed with SD's internal compressor can be uncompressed during a operation. See the option of the swpack-
age(1M) command for more information.
(This option is ignored if
is set to Controls whether or not computes a checksum on the contents of the file. In the default state of checks all
file attributes including the checksum. If set to checks only the file timestamp and size.
Causes to verify the mode, owner, UID, group, and GID attributes of installed files. If set to these attributes are not veri-
fied.
Causes to verify that the prerequisite, corequisite, and exrequisite dependencies of the software selections are being met. If
set to these checks are not performed.
Causes to run the fileset/product verify scripts for installed software. If set to these scripts are not executed.
Causes to not verify those files marked as volatile (that is, can be changed). If set to volatile files are also checked (for
installed software).
Specifies the location of a depot for the controller to access to
resolve selections. Setting this option can reduce network traffic between the controller and the target. Use the target
selection syntax to specify the location:
This option has no effect on which sources the target uses.
Defines the default distribution directory of the target depot.
The target_selection operand overrides this default.
Requires that all dependencies specified by the
software_selections be resolved either in the specified source, or at the target_selections themselves.
If set to dependencies will still be checked, but not enforced. Corequisite dependencies, if not enforced, may keep the
selected software from working properly. Prerequisite or exrequisite dependencies, if not enforced, may cause the instal-
lation or configuration to fail.
(Currently,
recognizes this option, but the option has no associated behavior. See swinstall(1M) or sd(5) for more information.)
Controls the handling of errors when relocating a non-locatable fileset. If an error is generated when an attempt is made
to locate a non-locatable fileset. If an attempt is made to locate the fileset in any case.
If runs vendor-specific scripts to correct and report problems on installed software. Fix scripts can create missing direc-
tories, correct file modifications, (mode, owner, group, major, minor), and recreate symbolic links. If fix scripts are
not run.
Defines the directory path where the Installed Products Database (IPD)
is stored. This information describes installed software. When set to an absolute path, this option defines the location
of the IPD. When this option contains a relative path, the SD controller appends the value to the value specified by the
option to determine the path to the IPD. For alternate roots, this path is resolved relative to the location of the
alternate root. This option does not affect where software is installed, only the IPD location.
This option permits the simultaneous installation and removal of multiple software applications by multiple users or mul-
tiple processes, with each application or group of applications using a different IPD.
Caution: use a specific to manage a specific application. SD does not support multiple descriptions of the same applica-
tion in multiple IPDs.
See also the and options, which control SD's nonprivileged mode. (This mode is intended only for managing applications
that are specially designed and packaged. This mode cannot be used to manage the HP-UX operating system or patches to it.
For a full explanation of nonprivileged SD, see the available at the web site.)
This is an ASCII string giving a title to a job.
It is displayed along with the job ID to provide additional identifying information about a job when is invoked.
Controls the amount of detail written to the logfile.
When set to this option adds detailed task information (such as options specified, progress statements, and additional
summary information) to the logfile. This information is in addition to log information controlled by the option.
Defines the default log file for each SD command.
(The agent log files are always located relative to the target depot or target root, for example, and
Controls the log level for the events logged to the command logfile, the
target agent logfile, and the source agent logfile. This information is in addition to the detail controlled by the
option. See above, and the sd(5) manual page (by typing for more information. A value of:
provides no information to the logfile.
enables verbose logging to the logfiles.
enables very verbose logging to the logfiles.
Adds numeric identification numbers at the beginning of SD logfile
messages:
(default) No identifiers are attached to messages.
Adds identifiers to ERROR messages only.
Adds identifiers to ERROR and WARNING messages.
Adds identifiers to ERROR, WARNING, and NOTE messages.
Adds identifiers to ERROR, WARNING, NOTE, and certain other
informational messages.
Controls the time in minutes to cache and re-use the results of hostname
or IP address resolution lookups. A value of 0 disables the facility to cache and re-use lookup results. The maximum
value allowed is 10080 minutes, which is one week.
A value of:
disables the lookup caching mechanism.
is the maximum value allowed.
By default, the SD
commands attempt to mount all filesystems in the file at the beginning of the analysis phase, to ensure that all listed
filesystems are mounted before proceeding. This policy helps to ensure that files are not loaded into a directory that
may be below a future mount point, and that the expected files are available for a remove or verify operation.
If set to the mount operation is not attempted, and no check of the current mounts is performed.
Defines the protocol sequence(s) and endpoint(s) on which the daemon
listens and which the other commands use to contact the daemon. If the connection fails for one protocol sequence, the
next is attempted. SD supports both the tcp and udp protocol sequence on most platforms. See the sd(5) man page by typ-
ing for more information.
Relative length of the communications timeout.
This is a value in the range from 0 to 9 and is interpreted by the DCE RPC. Higher values mean longer times; you may need
a higher value for a slow or busy network. Lower values will give faster recognition on attempts to contact hosts that
are not up, or are not running Each value is approximately twice as long as the preceding value. A value of 5 is about 30
seconds for the protocol sequence. This option may not have any noticeable impact when using the protocol sequence.
This option controls SD's nonprivileged mode.
This option is ignored (treated as true) when the invoking user is super-user.
When set to the default value of true, SD operations are performed normally, with permissions for operations either
granted to a local super-user or set by SD ACLs. (See swacl(1M) for details on ACLs.)
When set to false and the invoking user is local and is not super-user, nonprivileged mode is invoked:
o Permissions for operations are based on the user's file system permissions.
o SD ACLs are ignored.
o Files created by SD have the uid and gid of the invoking user, and the mode of created files is set according to the
invoking user's umask.
SD's nonprivileged mode is intended only for managing applications that are specially designed and packaged. This mode
cannot be used to manage the HP-UX operating system or patches to it. For a full explanation of nonprivileged SD, see the
available at the web site.
See also the and options.
If no target_selections are specified, select the default of the local host as the target_selection for the command.
Defines the default
software_selections. There is no supplied default. If there is more than one software selection, they must be separated
by spaces. Software is usually specified in a software input file, as operands on the command line, or in the GUI.
Defines the default
target_selections. There is no supplied default (see above). If there is more than one target selection, they must be
separated by spaces. Targets can be specified in a target input file or as operands on the command line.
Controls the verbosity of a non-interactive command's output:
disables output to stdout.
(Error and warning messages are always written to stderr).
enables verbose messaging to stdout.
for and enables very verbose messaging to stdout.
The option overrides this default if it is set to 0.
Session File
Each invocation of the command defines a verify session. The invocation options, source information, software selections, and target hosts
are saved before the installation or copy task actually commences. This lets you re-execute the command even if the session ends before
proper completion.
Each session is saved to the file This file is overwritten by each invocation of
You can also save session information to a specific file by executing with the session__file option.
A session file uses the same syntax as the defaults files. You can specify an absolute path for the session file. If you do not specify a
directory, the default location for a session file is
To re-execute a session file, specify the session file as the argument for the session__file option of
Note that when you re-execute a session file, the values in the session file take precedence over values in the system defaults file.
Likewise, any command line options or parameters that you specify when you invoke take precedence over the values in the session file.
Environment Variables
SD programs that execute control scripts set environment variables for use by the control scripts.
The environment variables that affect the command are:
Determines the language in which messages are displayed.
If is not specified or is set to the empty string, a default value of is used. See the lang(5) man page by typing for
more information.
NOTE: The language in which the SD agent and daemon log messages are displayed is set by the system configuration vari-
able script, For example, must be set to or to make the agent and daemon log messages display in Japanese.
Determines the locale to be used to override any values for locale
categories specified by the settings of or any environment variables beginning with
Determines the interpretation of sequences of bytes of text data as
characters (for example, single versus multibyte characters in values for vendor-defined attributes).
Determines the language in which messages should be written.
Determines the format of dates
(create_date and mod_date) when displayed by Used by all utilities when displaying dates and times in and
Determines the time zone for use when displaying dates and times.
Environment variables that affect scripts:
Holds the path to the Installed Products Database (IPD), relative to
the path in the environment variable. Note that you can specify a path for the IPD using the default option.
Defines the current directory of the script being executed, either
a temporary catalog directory, or a directory within in the Installed Products Database (IPD). This variable tells
scripts where other control scripts for the software are located (for example, subscripts).
Holds the tag name of the
control_file being executed. When packaging software, you can define a physical name and path for a control file in a
depot. This lets you define the control_file with a name other than its tag and lets you use multiple control file
definitions to point to the same file. A control_file can query the variable to determine which tag is being executed.
Defines the location of the product, which may have been changed from
the default product directory. When combined with the this variable tells scripts where the product files are located.
A variable which defines a minimum set of commands available to for use in a control script (for example,
Defines the root directory in which the session is operating, either
or an alternate root directory. This variable tells control scripts the root directory in which the products are
installed. A script must use this directory as a prefix to to locate the product's installed files. The configure
script is only run when is
Contains the pathname of a file containing the value of every option
for a particular command, including software and target selections. This lets scripts retrieve any command options and
values other than the ones provided explicitly by other environment variables. For example, when the file pointed to
by is made available to a request script, the targets option contains a list of software_collection_specs for all tar-
gets specified for the command. When the file pointed to by is made available to other scripts, the targets option
contains the single software_collection_spec for the targets on which the script is being executed.
This variable contains the fully qualified software specification of
the current product or fileset. The software specification allows the product or fileset to be uniquely identified.
Signals
The command catches the signals SIGQUIT, SIGINT, and SIGUSR1. If these signals are received, the command prints a message, sends a Remote
Procedure Call (RPC) to the agents to wrap up after completion, and then exits.
The agent ignores SIGHUP, SIGINT, and SIGQUIT. It immediately exits gracefully after receiving SIGTERM, SIGUSR1, or SIGUSR2. Killing the
agent may leave corrupt software on the system, and thus should only be done if absolutely necessary. Note that when an SD command is
killed, the agent does not terminate until completing the task in progress.
The daemon ignores SIGHUP, SIGINT and SIGQUIT. It immediately exits gracefully after receiving SIGTERM and SIGUSR2. After receiving
SIGUSR1, it waits for completion of a copy or remove from a depot session before exiting, so that it can register or unregister depots if
necessary. Requests to start new sessions are refused during this wait.
RETURN VALUES
The command returns:
The software_selections were successfully verified.
The verify operation failed on
all target_selections.
The verify operation failed on
some target_selections.
DIAGNOSTICS
The command writes to stdout, stderr, and to specific logfiles.
Standard Output
The command writes messages for significant events. These include:
o a begin and end session message,
o selection, analysis, and execution task messages for each target_selection.
Standard Error
The command also writes messages for all WARNING and ERROR conditions to stderr.
Logging
The command logs summary events at the host where the command was invoked. It logs detailed events to the logfile associated with each
target_selection.
Command Log
The command logs all stdout and stderr messages to the the logfile (The user can specify a different logfile by modifying the
option.)
Target Log
A process performs the actual verify operation at each target_selection. When verifying installed software, the logs messages to
the file beneath the root directory (for example, or an alternate root directory). When verifying available software (within a
depot), the logs messages to the file swagent.log beneath the depot directory (for example,
Command and target log files can be viewed using the command.
swagentd Disabled
If the daemon has been disabled on the host, it can be enabled by the host's system administrator by setting the entry in to and executing
EXAMPLES
Verify the C and Pascal products installed at the local host:
Verify a particular version of HP Omniback:
Verify the entire contents of a local depot:
Verify the entire contents of a system:
Verify the C and Pascal products on remote hosts:
FILES
Contains the user-specific default values for some or all SD options.
Contains session files automatically saved by the SD commands, or
explicitly saved by the user.
Contains the master list of current SD options with their default values.
The directory which contains all the configurable
and non-configurable data for SD. This directory is also the default location of logfiles.
Contains the active system-wide default values for some or all SD options.
Contains the set of date/time templates used when scheduling jobs.
The Installed Products Database (IPD), a catalog of all products
installed on a system.
The default location of a target software depot.
AUTHOR
was developed by the Hewlett-Packard Company.
SEE ALSO
install-sd(1M), swacl(1M), swagentd(1M), swask(1M), swconfig(1M), swcopy(1M), swinstall(1M), swjob(1M), swlist(1M), swmodify(1M), swpack-
age(1M), swreg(1M), swremove(1M), sd(4), swpackage(4), sd(5).
available at
SD customer web site at
swverify(1M)