Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX System Administrator's Guide: Routine Management Tasks: HP-UX 11i Version 3 > Chapter 2 Booting and Shutdown

Shutting Down Systems


Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

For additional information on shutting down systems, see HP-UX System Administrator’s Guide: Overview.

Types of Shutdown

There are various types of shutdown, both planned, and unplanned. This section covers several common situations:

Normal (Planned) Shutdown

Hopefully, most of your system shutdowns will be of this type. With a normal shutdown, you have time to prepare the system and its users so that the system can be restarted and work can continue with no loss of data, and as little disruption as possible.

As mentioned in the overview to this section, it is important not to simply turn off your computer (as you might be able to do with a personal computer).

In order to maximize system performance, recently used data from disk files is kept and updated in memory. Periodically (by default, every 30 seconds), a program called sync is run to make sure the file systems on disk are kept up to date in the event of an unplanned shutdown (the on-disk file systems are synchronized with the memory-based changes). But, if it’s been 29 seconds since the last run of sync, there are probably memory based changes that are not yet reflected on disk. If the system crashes now, this can cause inconsistencies in file system structures on disk (which, although not usually the case, can cause corrupt files or loss of data).

Also, users of both your system and other systems in the network that depend on your system for some resource will be affected. It is always best to notify them in advance of any planned shutdown so that they can plan for the shutdown and minimize the impact to their work.

The basic procedure for a planned shutdown of your system is:

  1. Notify anyone who is likely to be affected by the shutdown of your system. You can do this by:

    • e-mail

    • the wall command (see wall(1M)) — only notifies users of your system, not users of other systems that are likely to be affected by a shutdown of your system

    • calling them on the phone, or speaking to them in person

    However you do it, the critical thing is to notify them as far in advance as possible of your planned shutdown. If you notify them far in advance of the planned shutdown, it is also a good idea to give them a reminder as the time for the shutdown approaches.

  2. Once everyone has been notified and had a chance to prepare for the shutdown, execute the shutdown command to initiate an ordered shutdown of your system.

    There are basically three types of system shutdown:

    1. Shutdown with immediate reboot (useshutdown’s -r option)

    2. Shutdown with system halt (use shutdown’s -h option)

    3. Put system in single-user mode for system maintenance (use neither the -r nor the -h option)

    Common Variations of the shutdown Command. Here are some examples of shutdown commands to show you each type of system shutdown. shutdown is by default an interactive program. Other than telling shutdown whether or not you want to halt or reboot the system, information omitted from the command line will be prompted for. If you do not tell shutdown that you want to halt or reboot the computer, it will assume that you want to bring the system to single-user mode.

    Example 2-26 Shutdown and Reboot

    To immediately shut down the system and reboot it:

    /sbin/shutdown -r 0

    Example 2-27 Shutdown and Reboot with Wait

    To shut down the system and immediately reboot it after first giving the users of the system three minutes (180 seconds) to clean up their work-in-progress and log out:

    /sbin/shutdown -r 180

    Example 2-28 Shutdown and Halt

    To immediately shut down the system and halt it so that it can safely be powered off:

    /sbin/shutdown -h 0

    Example 2-29 Shutdown to Single-User Mode

    To shut the system down to single-user mode, use neither the -h or the -r options to the shutdown command. A grace period is allowed: in this example seven minutes (420 seconds):

    /sbin/shutdown 420

    NOTE: You must have permission to shut down an HP-UX system! Obviously, this command can have serious consequences and is therefore to be used with caution. It is not a command that everyone should be able to use.

    Permission to shut down the system is normally reserved for superusers only. However, there is a mechanism that you can use to assign permission to other users so that they can shut down the system should the need arise when a superuser is not around. The /etc/shutdown.allow file enables superusers to specify who has permission to shut down the system in their absence. For details, see the shutdown(1M) manpage.

When run, shutdown ensures an orderly shutdown of the system by doing the following:

  • Resets the PATH environment variable to the value:


  • Resets the IFS environment variable to the value:

    space tab newline

  • Verifies that the user attempting to shut down the system has permission to do so (checks the /etc/shutdown.allow file).

  • Changes the current working directory to the root directory (/).

  • Runs the sync command to be sure that file system changes still in memory are updated in the superblocks and file system structures on disk. This is one of shutdown’s most important functions!

  • Sets the real user ID to that of the superuser (see setuid(2) for information on user IDs).

  • Sends a broadcast message to all users currently logged in to the system telling them that the system is about to be shut down. There is a default broadcast message, but you can specify your own if you prefer.

  • /sbin/rc is executed to shut down subsystems, unmount file systems, and perform other tasks to bring the system to run level 0, where it is safe to power off your system if you do not plan to immediately reboot it.

  • Finally, if you are not shutting down your system down to single-user mode (see Example 2-29), the program /sbin/reboot is executed to halt your system or reboot it if the -h or -r option (respectively) was specified.

Power Failure

Not every shutdown can be planned for. An unexpected power failure is an example of an unplanned shutdown.

Many HP-UX systems can be equipped with uninterruptible power supplies (UPSs) to allow you to maintain power to your systems for a short while following the failure of your computer’s primary power source. If the power failure is brief, systems equipped with UPSs will not be affected by the power failure at all. If the power failure appears as though it will last for a long time, you can use the buffer period provided by an uninterruptible power supply to perform a normal shutdown. See “Normal (Planned) Shutdown”.

Computers equipped with HP PowerTrust uninterruptible power supplies can also be monitored by a special daemon called upsmond, which, when running, always resides in memory (is not swappable). upsmondcommunicates with the power supplies, and when power has been off for longer than a pre-configured time period, upsmond will perform a clean shutdown of your system automatically.

Not all HP-UX systems are equipped with uninterruptible power supplies. If yours is not, an unclean shutdown is the likely result of a power failure. No memory dump will be performed, and it is possible that buffers of recent disk changes still reside in memory, and have not been written to disk by the sync program. See “Unclean Shutdowns” for details.

When a power failure occurs, it is good practice to turn off the power switches to your computer and its peripherals. This will reduce the chances of a power surge harming your equipment when the power comes back on. After the power is restored, follow normal boot procedures. See “A Standard Boot ”.

Unclean Shutdowns

When a system is properly shut down, all memory-based file system changes are written to disk and the file systems on disk are marked as being clean. However, if an improper shutdown (for example, a power failure) occurs, the memory-based information might not be written to disk and therefore certain file systems will not have their “clean” flag set (because, in fact, they might have structural problems as a result of the memory-based information not being written to disk).

When this happens, a special activity occurs during the boot process. The file system consistency checker (fsck), when checking for clean flags on all file systems represented in the file /etc/fstab, will detect that file systems exist that do not have clean flags set. For these file systems, fsck will perform a check/repair operation to locate and fix any problems that resulted from the improper shutdown. In nearly all cases, fsck can find and fix all of the structural problems and the file system can then be marked clean.

On rare occasions, the file system corruption is beyond what fsck can automatically correct. In these cases fsck will terminate with an error message indicating that you need to use it in an interactive mode to fix the more serious problems. In these cases data loss is likely. Before using fsck in interactive mode, try to back up any critical files by moving them to another file system or backing them up to tape, if a backup copy of them does not already exist.

For a more detailed discussion of using fsck to repair file systems, refer to the following manpages:

System Crashes / HP-UX Panics

Although rare, sometimes systems can shut themselves down unexpectedly in an event known as a system crash or system panic. For a detailed description of what to do if this happens, and an explanation of what takes place following a system crash, see “Configuring Dump Devices”.

Single-User Mode

A special operating mode, called single-user mode, is available on HP-UX systems. While your system is in single-user mode only the console is active, and a lot of the subsystems for HP-UX are not running. This mode is usually used for system maintenance. There are two ways to put your system into single-user mode:

  1. Boot the system into single-user mode (for information on booting Itanium Server systems into single-user mode see “Booting into Single-User Mode”, or for information about booting PA-RISC servers into single-user mode see“Booting into Single-User Mode”).

  2. Shut the system down into single-user mode from a higher running mode (see “Normal (Planned) Shutdown”).

Special Considerations for Shutting Down Certain Systems

In today’s world of networked computers, people who are not direct users of your system can still be affected by its absence from the network (when it has been shut down). If your system is serving one or more of the following functions, you need to at least consider the impact to users of other systems when you plan to take your system down; and, if possible, you should try to let them know in advance that they will be affected, so that they can prepare for the event.

Mail Server

If your system is a mail server, it receives e-mail on behalf of its users, and is often the computer handling the outgoing e-mail for them too. When your system is down, incoming mail is usually held by other computers in the network for delivery when your system is back on line. If your computer will be down for an extended period of time, it is possible that others sending e-mail to your computer’s users will have their e-mail returned as being undeliverable.

And, of course, users receiving e-mail through your system will not be able to do so while your system is down.

Name Server

If your computer is a network name server (for example, a DNS name server), it is responsible for translating computer alias names into IP addresses for its own users and those who have configured their systems to use your computer as their name server. Usually systems are configured to use multiple sources for name switch information so if your system is down, they can use an alternate name server, a local hosts file, or directly use IP addresses to access remote machines until your system is back on line.

You can configure which systems (or other sources) a computer will use to map computer names to IP addresses by editing the file /etc/resolv.conf.

Network Gateway

If your computer is serving as a network gateway computer: that is, it has several network interface cards in it, and is a member of multiple networks (subnets), your computer’s absence on the network can have a huge impact on network operations. An example of this is the computer called flserver in the Sample Network. While such a computer is down, computers on one of the subnets are unable to communicate with computers on other subnets, unless other gateway computers exist that can handle the traffic.

Plan very carefully for such shutdowns and make sure users of the network are notified as far in advance as possible that they will be unable to communicate with computers on the other subnets.

TIP: If you have multiple subnets in your network, try whenever possible to build redundancy into the network so that you can freely take a computer off line without prohibiting network traffic flow.

NFS File Server

If your computer is an NFS file server, other computers in the network may have mounted one or more of your computer’s file systems to be a part of their own directory trees. When your system goes down, attempts to access the files or directories of your system by users on the other systems will result in those accesses hanging if the file systems have been hard mounted, or returning an error if they have been soft mounted. After your system reboots the client systems may operate normally or return a stale file handle error. If a stale file handle error occurs, you can unmount then remount the file system, the other systems will likely require a reboot once your system is back on line before those systems will again be able to access your computer’s file systems.

The best course of action is to alert the administrators of systems who have NFS-mounted file systems from your computer to unmount the NFS-mounted file systems before you shut down your system! By doing this, they will simply need to re-mount the NFS file systems from your computer when your computer is back on line. No reboot of the other systems will be required.

Refer to the mount_nfs(1m) manpage for information on mount options like “hard” and “soft”.

NOTE: This can have a cascading effect. For example, if computer A has NFS-mounted a file system from computer B, and computer B needs to be rebooted because it had NFS-mounted a different file system from computer C, which was shut down without notice. It is important for the administrator of computer B to warn the administrator of computer A to unmount any NFS-mounted file systems from computer B, or computer A will also need to be rebooted as an indirect consequence of computer C being shut down.

NFS Client

Provided that NFS clients are not also acting as NFS servers for other computers (computer B in the preceding note is acting as both NFS client and server), it is safe to shut them down without affecting the NFS server. It will simply be necessary to remount the file system from the NFS server when the NFS client has rebooted. This is probably done automatically during the boot-up process.

Avoiding a Shutdown When Possible

As described earlier, there are times when a normal, planned shutdown is appropriate. But as server downtime becomes less desired and accepted, on-line addition and replace functionality can help you to avoid shutting down a server in many cases.

On-line Addition and Replacement of PCI Cards (OLA/R)

HP-UX’s On-line Addition and Replacement of PCI Cards (OLA/R) features enable you to replace a faulty interface card or add a new interface card to a running system, without impacting the system’s users.

Refer to the book Configuring HP-UX for Peripherals for detailed OLA/R concepts and procedures.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2008 Hewlett-Packard Development Company, L.P.