Chapter 4. Parallel System Support Program 3.5 enhancements 77
Example 4-7 Eprimary forced true example
root $ spmon -p off node13
root $ Eprimary
9 - primary
1 - oncoming primary
3 - primary backup
13 - oncoming primary backup
1 - autounfence
root $ Eprimary -e
Primary enabled nodes
1
9
13
Primary enabled nodes with a value of forced_true
3
4.4 Supper user (supman) password management
PSSP uses the supman user ID to distribute file collections through supper. The
user.admin collection contains sensitive data, such as the /etc/security/passwd
file. To reduce that security risk, the supman password should be managed like
any other password in your system. Management from the control workstation
has been enabled by the addition of several commands to allow management of
the password. Previously, passwords on each node had to be managed
manually.
The commands are as follows:
setsuppwd Sets the password for the supman user. It must be run by
the root user on the control workstation. The password is
stored in the /spdata/sys1/sup/sysman.key file. A
checksum is also created in the same directory so that
nodes can check when they receive the key if it was
transmitted correctly. The file is ASCII text, but it is root
read/write only and protected in a root owned read/write
only directory.
usesuppwd This command tells the control workstation to use the
password set with the
setsuppwd command. It also sets
the
supman_passwd_enabled attribute to true in the SP
class within the SDR. This enables additional password
checking in the file management system. Again, this
command must be run by root on the control workstation.
78 IBM ^ Cluster 1600 Managed by PSSP 3.5: What’s New
updsuppwd This command only runs on the nodes in your SP system.
It collects the /spdata/sys1/sup/sysman.key generated
with the
setsuppwd command. After the password is
collected, the /etc/security/passwd file is updated with the
new password setting for supman.
If for any reason one of the commands fails, the error will be output to stderr and
stored in the /var/adm/SPlogs/filec/suppwd.log log file.
A procedure for updating the supman password and updating all the nodes is in
Chapter 7 of the
PSSP for AIX: Administration Guide
, SA22-7348. An example of
setting the supper password is shown in Figure 4-1 and Example 4-8 on
page 79.
Figure 4-1 Setting the supper password chart
Attention: This feature has been fitted to all supported PSSP releases.
Control Workstation
setsuppwd usesuppwd
Node1
[...]
Node2 NodeN
updsuppwd updsuppwd updsuppwd
Get IBM eServer Cluster 1600 Managed by PSSP 3.5: What's New now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.