In this example, the system administrator, Susan,
is setting up a new HP-UX system to run a database server called Prophet. It has just finished booting after the initial
install.
GenericSysName [HP Release B.11.31] (see /etc/issue)
Console Login: root
Password:
...
WARNING: YOU ARE SUPERUSER !! |
The first thing Susan does is save a copy of the
initial kernel configuration, in case she needs it later. She puts
comments on all of her changes (with -C). She also
puts a title on the saved configuration (with -t)
to remind herself of what it contains.
# kconfig -C "Save initial installation config" -s installed
* The currently running configuration has been saved as
’installed’. |
# kconfig -t installed "Initial installation”
* The title of the configuration ’installed’ has been set to
”Initial installation”. |
The document for Prophet tells Susan to set the maxdsiz tunable to at
least 0.5 TB, to set the semmni tunable to 3000,
and to add 50 to whatever value she’s using for shmmni. She also decides to add 1000 to the current value of nproc. Susan starts by looking at the current values of these tunables,
and the descriptions of the ones she’s unfamiliar with.
# kctune nproc maxdsiz
Tunable Value Expression Changes
maxdsiz 1073741824 Default Immed
nproc 4200 Default Immed
# kctune -d semmni shmmni
Tunable Value Expression Changes
Description
semmni 2048 Default
Maximum number of semaphore sets on the system
shmmni 400 Default Immed
Maximum number of shared memory segments on the system |
Having done that, she sets the values as directed.
She sets them all on the same command line so that they will all take
effect at the same time. Since one of the changes cannot be made immediately,
all of the changes are held for next boot.
# kctune -C ”Tunable settings for Prophet" "nproc+=1000" "maxdsiz>=512000000" \
"semmni=3000" "shmmni+=50"
NOTE: The requested changes could not be applied to the currently
running system, for the following reasons:
- The tunable ’semmni' cannot be changed without a reboot.
* The requested changes have been saved, and will take effect at
next boot.
NOTE: No change to the tunable 'maxdsiz' was needed.
Tunable Value Expression Changes
maxdsiz 1073741824 Default Immed
nproc (now) 4200 Default Immed
(next boot) 5200 5200
semmni (now) 2048 Default
(next boot) 3000 3000
shmmni (now) 400 Default Immed
(next boot) 450 450 |
Susan also decides to remove an unused LAN driver.
First, she verifies which drivers are currently in use.
# nwmgr
Name/ Interface Station Sub- Interface Related
ClassInstance State Address system Type Interface
============== ========= ============== ======== ============== =========
lan0 UP 0x00306E4949FD gelan 1000Base-T |
Then she verifies that the modules are installed.
# kcmodule -d gelan iether
Module State Cause Notes
Description
gelan static best loadable, unloadable
Gigabit Ethernet (gelan) LAN Driver
iether static best loadable, unloadable
Intel 8254X Ethernet Driver (for 100BT and Gigabit Cards) |
Finally, she removes the iether driver.
# kcmodule -C "removing unneeded iether Ethernet driver" iether=unused
Building a new kernel for the configuration to be used at next boot... done.
NOTE: The requested changes could not be applied to the currently
running system, for the following reasons:
- Moving a module into or out of the 'static' state requires a
kernel rebuild.
* The requested changes have been saved, and will take effect at
next boot.
Module State Cause Notes
iether (now) static best loadable, unloadable
(next boot) unused |
Since iether is static, a new
kernel is built, and marked for use at next boot.
Susan checks a summary of all of her changes that
will take effect when she reboots.
# kconfig -D
Module State Cause Notes
iether (now) static best loadable, unloadable
(next boot) unused
Tunable Value Expression Changes
nproc (now) 4200 Default Immed
(next boot) 5200 5200
semmni (now) 2048 Default
(next boot) 3000 3000
shmmni (now) 400 Default Immed
(next boot) 450 450 |
Satisfied, she reboots.
# shutdown -r
...
GenericSysName [HP Release B.11.31] (see /etc/issue)
Console Login: root
Password:
...
WARNING: YOU ARE SUPERUSER !! |
After the reboot, Susan verifies the configuration
status.
# kconfig
Configuration Title
backup Automatic Backup
installed Initial installation
last_install Created by last OS install |
# kconfig -w
* The currently running configuration was created on Fri Dec 15
17:39:39 2006 by root as a copy of 'last_install'.
* It was last saved on Fri Dec 15 17:45:11 2006 by root.
* It was last modified on Fri Dec 15 18:04:58 2006 by root. |
Then, she saves the new kernel configuration under
the name good, so that she can go back to it,
if needed. She gives it a title to help recognize it later.
# kconfig -C "Good configuration for Prophet" -s good
* The currently running configuration has been saved as 'good'. |
# kconfig -t good "Good configuration for Prophet"
* The title of the configuration 'good' has been set to "Good
configuration for Prophet". |
After some time, one of her users asks her to
increase the size of the buffer cache, hoping to speed up the application.
She complies — after all, it doesn’t need a reboot,
so she can do it without disturbing anyone. Since it’s the
first change after a boot, the system asks whether to make automatic
backups.
# kctune -C "Bigger file cache for better performance" filecache_max=20%
==> Update the automatic 'backup' configuration first? yes
* The automatic 'backup' configuration has been updated.
* Future operations will update the backup without prompting.
* The requested changes have been applied to the currently
running configuration.
Tunable Value Expression Changes
filecache_max (before) 1017118720 Default Imm (auto disabled)
(now) 406847488 20% |
It’s a good thing she said yes. The larger buffer cache actually slowed things down — but
all she has to do is restore the automatic backup.
# kconfig -C "Putting file cache back; performance was worse." -l backup
* The automatic 'backup' configuration has been updated.
* The requested changes have been applied to the currently
running configuration.
* The automatic 'backup' configuration has been loaded and is now
in use. |
# kctune filecache_max
Tunable Value Expression Changes
filecache_max 1017118720 Default Auto |
While Susan is on vacation, her colleague, Fred,
decides to use the machine for billing software during the night.
This software needs to execute code on the stack (a security risk),
so he enables that behavior (which is prohibited by default). No reboot
is needed to do so.
# kctune -d executable_stack
Tunable Value Expression Changes
Description
executable_stack 0 Default Immed
Enables execution of code on a stack (0 = no, 1 = yes, 2 = yes but warn) |
# kctune -C "Nightly billing s/w needs execute-on-stack" executable_stack=1
* The automatic 'backup' configuration has been updated.
* The requested changes have been applied to the currently
running configuration.
Tunable Value Expression Changes
executable_stack (before) 0 Default Immed
(now) 1 1 |
The billing software also uses the kernel Random
Number Generator module. Fred checks and sees that it’s not
in use, but since it’s loadable he doesn’t need to reboot
to use it.
# kcmodule -d rng
Module State Cause Notes
Description
rng unused loadable, unloadable
Strong Random Number Generator |
He goes ahead and loads the module.
# kcmodule -C "Random Number Generator needed for nightly billing jobs" rng=best
* The automatic 'backup' configuration has been updated.
* The requested changes have been applied to the currently
running configuration.
Module State Cause Notes
rng (before) unused loadable, unloadable
(now) loaded best
(next boot) loaded explicit |
Fred saves these new configuration settings under
the name night, with a descriptive title.
# kconfig -C "Settings for nightly billing jobs" -s night
* The currently running configuration has been saved as 'night'. |
# kconfig -t night "Nightly billing jobs"
* The title of the configuration 'night' has been set to "Nightly
billing jobs". |
Since good isn’t a
very helpful name for Susan’s configuration anymore, Fred renames
it to day. He checks the list of configurations
to make sure everything looks OK.
# kconfig -r good day
* The configuration 'good' has been renamed to 'day'. |
# kconfig
Configuration Title
backup Automatic Backup
day Good configuration for Prophet
installed Initial installation
last_install Created by last OS install
night Nightly billing jobs |
Finally, he tries loading first the day configuration, and then the night configuration, to make sure he can move back and forth at will.
# kconfig -l day
* The automatic 'backup' configuration has been updated.
* The requested changes have been applied to the currently
running configuration.
* The configuration 'day' has been loaded and is now in use. |
# kconfig -l night
* The automatic 'backup' configuration has been updated.
* The requested changes have been applied to the currently
running configuration.
* The configuration 'night' has been loaded and is now in use. |
When Susan returns from her vacation, the first
thing she does is check the automatically maintained log file to see
what Fred has done.
 |
# kclog 5
======================================================================
2006-12-15 18:28:45 MST root:
kconfig -C 'Settings for nightly billing jobs' -s night
* The currently running configuration has been saved as 'night'.
======================================================================
2006-12-15 18:29:07 MST root:
kconfig -t night 'Nightly billing jobs'
* The title of the configuration 'night' has been set to "Nightly
billing jobs".
======================================================================
2006-12-15 18:30:07 MST root:
kconfig -r good day
* The configuration 'good' has been renamed to 'day'.
======================================================================
2006-12-15 18:30:55 MST root:
kconfig -l day
* The configuration 'day' has been loaded and is now in use.
======================================================================
2006-12-15 18:31:20 MST root:
kconfig -l night
* The configuration 'night' has been loaded and is now in use. |
|
She can see that Fred has put a new application
on her server, and worse, an insecure one. At least he tested and
documented his changes.
Susan doesn’t want to leave her system
the way Fred changed it, so she moves the nightly billing job to another
system. First, she exports his night configuration
to a text file.
# kconfig -e night /tmp/system.night
* The configuration 'night' has been exported to
'/tmp/system.night'. |
Moving the file over to another machine, she imports
the configuration there, using the -V option to ensure
that exactly the same kernel software is in use. Then she loads the
configuration. Something about the configuration can’t be changed
immediately — probably a tunable setting — so she has
to reboot the machine. As intended, the machine uses Fred’s night configuration when it comes back up.
# kconfig -C "Move nightly billing jobs here from Prophet" -iV night \
/tmp/system.night
* The configuration 'night' has been imported from
'/tmp/system.night'. |
# kconfig -l night
ERROR: The requested changes could not be applied to the currently
running system, for the following reasons:
- Moving a module into or out of the 'static' state requires a
kernel rebuild.
* The configuration 'night' has been marked for use at next boot. |
Printable version
