IBM - HMC V6 Readme

Hardware Management Console

HMC V6 Readme

Cumulative history and Readme for use with HMC V6.1.

[ Last updated: November 21, 2008 ]

Special upgrade instructions for HMC 6.1.0

You cannot use the Install Corrective Service task to update to HMC V6.1.0. Instead, you must use one of the following upgrade methods. In addition, the only method by which any Version 4 HMC can be upgraded is the "Local media - DVD-RAM Upgrade Data" method.

HMC upgrade methods

Remote upgrade

Network upgrade

Local media - Hard drive Upgrade Data

Local media - DVD-RAM Upgrade Data

NOTE: This method is the only method that can be used to upgrade directly from HMC Version 4 to HMC Version 6.

BIOS updates

If you have the following HMC machine types, you are required to obtain and install the latest BIOS, prior to upgrading to HMC V6R1.0:

In addition, IBM strongly recommends upgrading to the latest BIOS for your HMC model, regardless of the version of the HMC code in use.

To obtain the latest BIOS for the above machine types, please see the HMC Support for HMC BIOS updates pages.

PTF-specific information

This section lists the PTFs released for HMC V6 R1.x. The information for each PTF includes sections for enhancements and fixes, known issues (if applicable), and package information. The Package information section provides information to use during the download, installation and verification procedures for HMC corrective service/upgrade packages. You can also access this PTF-specific information by clicking on the "View" link for any package on the "Downloads" pages of the HMC web site.

PTF MH01168

Fix for HMC Version 6 Release 1.3.0 Service Pack 0.

This package includes fixes for HMC V6R1.3.0 SP 0 (PTF MH01012). You must install MH01012, along with PTFs MH01082, MH01110, MH01128 and MH01127 before installing this fix. You can also reference this package by APAR MB02896.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH01168.iso
MH01168.zip
1103872
702724
03795
21079
MB02896 MH01168
Splash panel information (lshmc -V command output)
"version= Version: 6
Release: 1.3
HMC Build level 20070910.1
MH01168: Duplicate LPAR ID's when using HACMP failover (01-28-2009)
","base_version=V6.1.0
"

Fixes

This package includes the following fix:

Duplicate LPAR IDs when using HACMP Failover

PTF MH01127

HMC V6R1.3 upgrade fix

HMC V6R1.3 (MH01012) must be installed before you can install MH01127. In addition, you must install PTFs MH01082, MH01110, and MH01128 before installing MH01127. You can also reference this package by APAR MB02828.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH01127.iso
MH01127.zip
423936
10228
46694
43648
MB02828 MH01127
Splash panel information (lshmc -V command output)
MH01127: Enable Upgrading to V7R3.4.0 (09-22-2008)

Fixes

This package includes the following fix:

Fix to enable the ability to upgrade the HMC from V6R1.3 to V7R3.4.0.

PTF MH01128

Security fix for HMC V6R1.3

You must install HMC V6R1.3 (PTF MH01012) and PTF MH01082 before installing this fix. A reboot of the HMC is required after you install this fix.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH01128.iso
MH01128.zip
382976
2104
54639
51381
MB02829 MH01128
Splash panel information (lshmc -V command output)
MH01128: Disable HTTP trace

Fixes

This package includes the following fix:

CVE-2004-2320: Disable http trace

The Apache server on HMC V6.1.3 responds to the HTTP TRACE request, which can allow remote attackers to steal information by using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting. This PTF disables HTTP trace.

PTF MH01110

Security fixes for HMC V6R1.3

You must install HMC V6R1.3 and PTF MH01082 before installing this fix. A reboot of the HMC is required after you install this fix.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH01110.iso
MH01110.zip
6866944
6444155
44265
56147
MB02311 MH01110
Splash panel information (lshmc -V command output)
MH01110: Security fixes for HMC 6.1.3 (05-22-2008)

Fixes

This package includes the following fixes:

PTF MH01082

New DST updates and Code Update fix for E302F842, B1818A0D and B1818A0E. This PTF replaces MH01064. You must install HMC V6R1.3 before installing this fix.

This package includes the following fixes:

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH01082.iso
MH01082.zip
48015360
47371595
61791
07239
MB02237 MH01082
Splash panel information (lshmc -V command output)
MH01082: New DST updates and Code Update fix for E302F842, B1818A0D, B1818A0E failures. (01-12-2008)

PTF MH01064

HMC Security: Privilege escalation by some HMC commands for HMC V6R1.3. You must install HMC Version 6 Release 1.3 before installing this fix.

This package includes the following fixes:

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH01064.iso
MH01064.zip
26355712
25721129
26838
35693
MB02223 MH01064
Splash panel information (lshmc -V command output)
MH01064: HMC Security: privilege escalation by some HMC commands (11-12-2007)

PTF MH01012 HMC 6.1.3 Update Package

This package updates your HMC from HMC V6R1.0 or HMC V6R1.1 or HMC V6R1.2 to HMC V6R1.3. You can also reference this package by APAR MB02024. MH01012 replaces MH01018, MH01031, MH00985 and MH00946.

Package information
Package name Size (bytes) Checksum APAR # PTF#
HMC_Update_V6R1.3_1.zip
HMC_Update_V6R1.3_2.zip
HMC_Update_V6R1.3_3.zip
HMC_Update_V6R1.3_4.zip
HMC_Update_V6R1.3_1.iso
HMC_Update_V6R1.3_2.iso
HMC_Update_V6R1.3_3.iso
HMC_Update_V6R1.3_4.iso
671341970
661736543
679035648
670897605
673880064
667478016
679974912
672733184
17179
23068
20933
09741
30409
29155
47130
35069
MB02024 MH01012
Splash panel information (lshmc -V command output)
version= Version: 6
Release: 1.3
HMC Build Level 20070910.1
","base_version=V6R1.2

Enhancements and fixes

Platform Management

Remote WebSM Client

System Plan

Command Line

Server and Partition Management

Repair and Verify

SFP

Code Update

National Language Support

Fix for displaying/selecting key lock position for partition properties panel in Simplified Chinese.

Problem Analysis

Scheduled Operations

Service Agent

Changed Service Agent e-mail to conform to SMTP RFC and specify complete domain names in the "from" address.

Remote Support

Corrected a problem that prevented a VPN session from being established on i5/OS pass through using the Customize Inbound Connectivity task.

Networking

PTF MH01031

Concurrent code update fix for HMC V6.

Description

During concurrent code update, Hypervisor (PHYP) and Partition Firmware (PFW) updates are normally activated dynamically without the need to power the system off and back on. However, due to an error in HMC processing, PHYP and PFW updates might not be activated during concurrent code update. This problem could happen if concurrent code update was performed using HMC V6R1.0, V6R1.1 or V6R1.2 on systems that have Bulk Power Controllers (BPC). This includes i5 model 9406-595 and p5 models 9118-575, 9119-590, 9119-595. No action is needed for other system types.

There are three scenarios where the problem is corrected automatically.

Recovery procedure

Firmware can be activated concurrently by using this procedure.

  1. First update the HMC:

    Install PTF MH01031 if running HMC V6R1.0, V6R1.1 or V6R1.2.

  2. Next, select one of the following methods to activate firmware:
  1. Log into HMC with hscroot id and password.
  2. Go to the HMC restricted shell command prompt.
  3. Minimize the graphical management window if necessary.
  4. Right click the desktop. Select terminal, then rshterm from pull down.
  5. Enter the following command: lssyscfg -r sys
  6. Make note of the "name=Server-9119-595_020004A," which is Server name (after the "=" sign) to be used in the command for the next step.
  7. Enter the following command:
    updlic -o v -m <name of server from previous command>

    This command will concurrently activate the PHYP and PFW updates. This command can be run safely for all managed systems. It will have no effect on systems where PHYP and PFW updates have already been activated. Therefore, it is recommended that the command be run for all managed systems which might be affected to ensure that all firmware has been properly activated.

    If no output is generated, then no further action is necessary. Firmware has been activated successfully.

    Note: If you get an error and are not sure how to proceed, contact your next level of support.
Package information
Package name Size (bytes) Checksum APAR # PTF#
MH01031.zip
MH01031.iso
25990475
28088320
00774
00618
MB02046 MH01031
Splash panel information (lshmc -V command output)
MH01031: Concurrent Code update fixes for HMC V6 (06-25-07)

PTF MH00985

Miscellaneous fixes for HMC V6

Description

This PTF replaces PTF MH00971.

If your HMC is running Version 6 Release 1.0 or Version 6 release 1.1, then you must install MH00912 before installing MH00985. If your HMC is running Version 6 Release 1.2, then MH00912 is already installed.

The first code fix deals with a MES (Manufacturing Engineering Service) upgrade of memory or CPU. This fix must be installed prior to the MES upgrade to prevent damage to the managed system profile data. If this fix is not installed, then after the MES upgrade the managed system state may show Incomplete or Recovery. Attempts to use the Recover Partition Data task may result in error.

The second code fix deals with a backup restore problem. This intermittent problem sometimes results in the failure of the Restore of the backed-up data.

This PTF includes an enhancement to the system plan deployment function for support of future products.

Notes:

  1. If you install MH00985 on top of HMC Version 6 Release 1.0, and then upgrade to either HMC Version 6 Release 1.1 or HMC Version 6 Release 1.2, you must reinstall MH00985.
  2. If you install MH00985 on top of HMC Version 6 Release 1.1, and then upgrade to HMC Version 6 Release 1.2, you must reinstall MH00985.
Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00985.zip
MH00985.iso
25987820
28090368
34919
05939
MB02019 MH00985
Splash panel information (lshmc -V command output)
MH00985: Miscellaneous fixes for HMC V6 (04-15-2007)

PTF MH00971

Fix Virtual Ethernet MAC address change after upgrade

Problem description

This PTF has been replaced by PTF MH00985.

If your HMC is running Version 6 Release 1.0 or Version 6 release 1.1, then you must install MH00912 before installing MH00971. If your HMC is running Version 6 Release 1.2, then MH00912 is already installed.

This optional corrective service provides a fix for customers who experience a problem with the MAC address of the Virtual Ethernet adapter after an upgrade from HMC Version 5 to HMC Version 6. Only customers who were using virtual Ethernet before the upgrade, and then re-activate their partitions after the upgrade will experience this problem.

For this scenario, the MAC address on the virtual Ethernet adapter in HMC Version 6 will be different from the MAC address that was used in HMC Version 5. For example, if you use the MAC address of the virtual Ethernet adapter for NIM, then you will need this corrective service. This corrective service will not affect you if you do not use virtual Ethernet or do not care about the change in the MAC address of the virtual Ethernet adapter.

NOTE: If you install MH00971 on top of HMC Version 6 Release 1.0, and then upgrade to either HMC Version 6 Release 1.1 or HMC Version 6 Release 1.2, then you must reinstall MH00971. Likewise, if you install MH00971 on top of HMC Version 6 Release 1.1, and then upgrade to HMC Version 6 Release 1.2, then you must reinstall MH00971.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00971.zip
MH00971.iso
25209970
27082752
57995
28645
MB02018 MH00971
Splash panel information (lshmc -V command output)
MH00971: Fix Virtual Ethernet MAC address change after upgrade (03-19-2007)

PTF MH00946

Fix for Cluster Ready Hardware Server issues after upgrade

Customer impact

IBM recommends that all System p cluster customers using Cluster Ready Hardware Server on their HMC apply this interim fix when upgrading from Version 5 or early Version 6 levels to Version 6.1.2. This recommendation also includes anyone with the IBM High Performance Switch Network Management component who is upgrading to HMC V6.1.2.

This fix only applies to systems at HMC V6.1.2. Do not attempt to install this interim fix package with any other HMC level.

This fix will be included in a future HMC V6.1.x corrective service update package. This package can also be referenced by APAR MB02086.

Problem description

The HMC, when running in cluster ready hardware server mode, will lose its hardware configuration after upgrading from Version 5.x or early Version 6.x to Version 6.1.2 because the IBM.HWSVRRM resource manager core dumps.

With this fix, IBM.HWSVRRM does not core dump and allows the HMC to successfully display its configuration.

Defects fixed

This HMC update contains the following fix:

MB02086: Fix Cluster Ready Hardware Server issues after upgrade

Known issues and workarounds

None

Installation notes

Follow one of the standard corrective service installation instructions for applying this fix:

After applying the fix, use the following information to verify the success of the update.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00946.zip
MH00946.iso
9221022
9615360
03644
39523
MB02086 MH00946
Network Manager - Management Properties panel RPM information
The RPM in the NM Version column on the panel should be:

1.1.0.2-7

PTF MH00915 HMC 6.1.2 Update package

This package updates your HMC from HMC V6 R1 to HMC V6 R1.2. You can also reference this package by APAR MB01930. All enhancements and fixes included in this package are the same as for PTF MH00919

Package information
Package name Size (bytes) Checksum APAR # PTF#
HMC_Update_V6R1.2_1.zip
HMC_Update_V6R1.2_2.zip
HMC_Update_V6R1.2_3.zip
512735142
464600854
539662865
21967
41469
57832
MB01935 MH00915
HMC_Update_V6R1.2_1.iso
HMC_Update_V6R1.2_2.iso
HMC_Update_V6R1.2_3.iso
514146304
470571008
541949952
13669
30504
16487
Splash panel information (lshmc -V command output)
"version = Version: 6
Release: 1.2
HMC Build level 20070201.1
","base_version=V6.1.2
"

PTF MH00919 HMC 6.1.2 Recovery media

This package represents the Recovery images that can be used to upgrade your HMC to HMC V6 R1.2 or to install a clean version of HMC V6 R1.2. You can also reference this package by APAR MB01938.

Package information
Package name Size (bytes) Checksum APAR # PTF#
HMC_Recovery_V6R1.2_1.iso
HMC_Recovery_V6R1.2_2.iso
1658890240
1162096640
03562
47136
MB01938 MH00919
Splash panel information (lshmc -V command output)
"version = Version: 6
Release: 1.2
HMC Build level 20070201.1
","base_version=V6.1.2
"

Enhancements and fixes

This package provides the following enhancements and fixes:

Hardware support

Support for new HMC hardware 7310-CR4

Server and Partition Management

Command line

Security fixes
NameDescription
CVE-2004-0113
CVE-2004-0885
CVE-2005-2728
CVE-2006-3747
Apache vulnerabilities
CVE-2005-2970Memory leak in Apache2
CVE-2005-3352Cross-site vulnerability in mod_map module of Apache
CVE-2006-0225OpenSSH vulnerability with scp
CVE-2005-2728Apache Byte Range Denial of Service
CA-2001-35SSH Protocol 1 Weaknesses and Vulnerabilities
CVE-2004-0493Input Header Memory Allocation Denial-of-Service
CVE-2004-0488
CVE-2004-0747
CVE-2004-0748
CVE-2004-0751
CVE-2004-0786
Apache mod_ssl FakeBasicAuth Buffer Overflow
CVE-2004-0809Apache 2.0.x Multiple Denial-of-Service Vulnerabilities
CVE-2004-0942Apache MIME Header Memory Consumption
CVE-2005-2798OpenSSH GSSAPIDelegateCredentials Enabled
CVE-2005-2088Apache HTTP Request Smuggling (Apache 1.3.29 / 2.0.54 and earlier)
OpenSSHFix for OpenSSH issue with login grace time
CVE-2005-2700
CVE-2005-3357
CVE-2006-3918
Apache2 Cryptographic problems
CVE-2006-2934
CVE-2006-2935
CVE-2006-2451
CVE-2006-2448
CVE-2006-2444
CVE-2006-1858
CVE-2006-1857
CVE-2006-1528
Kernel local privileges escalation
VU#697164
VU#915404
BIND remote denial of service problems
CVE-2006-2274
CVE-2006-2272
CVE-2006-2271
CVE-2006-1527
SCTP remote vulnerabilities
CVE-2006-1242 ipv4 remote vulnerability
CVE-2006-4339 bind DNSSEC RSA signature checking
CVE-2006-5794 OpenSSH security fixes

User Management

Platform Management

Problem Analysis

Scheduled Operation

Corrected a problem with Scheduled Operations to maintain scheduled times over daylight savings time changes.

Code update/System information

Service Agent

Corrected a problem where PM data is collected by Service Agent and xmitted to the SDR, the partition-name field in the XML is populated from the DNS hostname of the partition. In some customer scenarios, this data is missing or invalid, causing the partition-name to be null, making subsequent data correlation difficult or impossible.

Network settings

Enhanced Configure Network Settings to handle different media speeds.

Repair and Verify

PTF MH00927

This package is critical for customers in China that connect to the IBM service provider using a modem for remote service and support.

The phone numbers used to connect to the IBM service provider from China have changed. You must make configuration changes and install this package prior by January 31, 2007, to avoid a disruption in remote service and support from China. Refer to Enhancements and Fixes for a full description of the steps required to make this change.

You can also reference this package by APAR MB01940.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00927.zip
MH00927.iso
36,576,140
38,090,752
48630
02862
MB01940 MH00927
Splash panel information (lshmc -V command output)
MH00927: Update Modem Connectivity to the IBM service provider in China (01-15-2007)

Enhancements and fixes

This package provides the following fix:

Update Modem Connectivity to the IBM service provider in China

As of February 1, 2007, the existing phone numbers used by the HMC to connect to the IBM service provider within China will be discontinued. Effective immediately a new, expanded set of phone numbers are available to connect to IBM in China.

Before your HMC can successfully connect to the IBM service provider using these new numbers, this package must be installed on your HMC. We recommend that you configure a minimum of two phone numbers.


The new North China phone number 16970 can be dialed from the following cities.

The new South China phone number 4006 744444 can be dialed from the following cities.

The following phone numbers will be accessible throughout China.

  1. Beijing

    10 64690167

  2. Chongqing

    23 86304802

  3. Chengdu

    28 66001617

  4. Fuzhou

    591 28305594

  5. Guangzhou

    20 22235744

  6. Hangzhou

    571 28887167

  7. Hefei551

    551 7126504

  8. Kunming

    871 8099004

  1. Nanchang

    791 2174400

  2. Qingdao

    532 85765558

  3. Shanghai

    21 61006167

  4. Shenzhen

    755 33380169

  5. Suzhou

    512 85180144

  6. Tianjin

    86 22 83310772

  7. Wuhan

    86 27 59708844

  8. Xiamen

    86 592 3196244

You may continue to connect to the IBM service provider electronically from China without installing this package if you can do either of the following:

Use an existing broadband connection to connect to IBM.  You can configure either the Internet VPN or Internet SSL option.

OR

Configure your HMC to call home using an international call to an AT&T access point outside of China. The following numbers may be convenient alternatives. Note that international dialing codes must be added to call them from China.

  1. Hong Kong

    3001-1700

  2. Singapore

    6825-1800

  3. Seoul

    02-3018-3073

Steps required to change phone numbers used to connect to the IBM service provider

  1. Before you begin, install this package.
  2. Log on the Hardware Management Console. In the navigation area,  open Service Applications.  Select the Remote Support Option, and then click Configure Outbound Connectivity.
  3. Within the Customize Outbound Connectivity Pane, click the Local Modem Tab.  Within the Local Modem tab, locate the Telephone Number box, and then select Add.
  4. From the Add Telephone Number pane, make sure that China is selected as the Country or Region.  Compare the phone numbers displayed to the list shown above.  If the new numbers are displayed in the list, select a number from the list, and then click Add. 
  5. If the newer numbers are not yet on your list, you may type the numbers in the Telephone Number field instead of selecting of one of the numbers displayed. Note that if you manually enter these numbers, there is an additional requirement that the System Address, as specified in the Customize Customer Information Pane, is set to China. 
  6. IBM recommends that a minimum of two phone numbers be configured for each Call Home server.  You may test your connectivity to each phone number from the Customize Outbound Connectivity Pane.
  7. Once you have successfully tested your connectivity using the new numbers, you should remove the older numbers from the list of Telephone numbers.   From the Customize Outbound Connectivity Pane, select the phone number you wish to remove, and then click Remove.
  8. After you have completed all your changes, click OK from the Customize Outbound Connectivity Pane.

PTF MH00912

This package provides remote support and cold repair fixes for HMC V6. You can also reference this package by APAR MB01907.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00912.zip
MH00912.iso
16829019
18382848
36452
07147
MB01907 MH00912
Splash panel information (lshmc -V command output)
MH00912: Fix remote support and cold repair problems (12-07-2006)

Enhancements and fixes

This package provides the following fixes:

PTF MH00839 (Required maintenance)

Description

HMC Maintenance Package Version 6, Release 1.1. This package includes fixes previously provided in MH00833 and MH00856. If you are upgrading to HMC Version 6 Release 1.0, you must install this maintenance package.

You can also reference this package by APAR MB01797.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00839.zip
MH00839.iso
536,077,500
538,357,760
06924
09671
MB01797 MH00839
Splash panel information (lshmc -V command output)
The Version is: 6
The Release is: 1.1
HMC Build level 20061103.1
","base_version=V6.1.0

Enhancements and fixes

This package provides the following enhancements and fixes:

Server and partition management

Command line

Platform management

System plan

Enhanced mksysplan and cpsysplan to check and enforce System Plan file naming conventions.

Security fixes
NameDescription
CVE-2006-3738/VU#547300 Fix buffer overflow condition.
CVE-2006-4343/VU#386964 OpenSSL SSLv2 client code fails to properly check for NULL which could lead to a server program using openssl to crash.
CVE-2006-2937 Fix mishandling of an error condition in parsing of certain invalid ASN1 structures, which could result in an infinite loop which consumes system memory.
CVE-2006-2940 Certain types of public keys can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack to cause the remote side top spend an excessive amount of time in computation.
CVE-2006-4924 Denial of service problems have been fixed in OpenSSH which could be used to cause lots of CPU consumption on a remote openssh server.
CVE-2006-4925 Fix problem where remote attacker is able to inject network traffic that could cause a client connection to close.

Repair and Verify

Access control

Fix for access control that causes the authentication token to be removed during logout.

Code update

Problem Analysis

Service Agent

Corrected a problem with user interface to display error messages.

Networking

Corrected a problem where the Customize Outbound Connectivity and Customize Inbound Connectivity panels were always disabled when accessed remotely.

Miscellaneous

PTF MH00856 (Security fixes)

Description

This package provides OpenSSL and Apache2 security fixes for HMC V6R1.0. You can also reference this package by APAR MB01869.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00856.zip
MH00856.iso
8809763
9197568
48316
49877
MB01869 MH00856
Splash panel information (lshmc -V command output)
MH00856: OpenSSL and Apache2 security fixes for HMC V6R1.0 (10-06-2006)

Enhancements and fixes

This package provides the following security fixes:

  1. CVE-2005-2700, CVE-2005-3357, CVE-2006-3918, CVE-2006-3747: Apache2 security fixes
  2. CVE-2006-4339: OpenSSL RSA signature evasion

PTF MH00816 (InfoCenter update)

Description

The PTF MH00816 corrective service package contains updates to the InfoCenter that pertain to HMC Version 6 Release 1.0. This package is also referenced by APAR MB01647.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00816_1.zip
MH00816_2.zip
MH00816_1.iso
MH00816_2.iso
512735099
464600889
514146304
470571008
32498
61120
38063
30768
MB01647 MH00816
Splash panel information (lshmc -V command output)
MH00816: InfoCenter updates for HMC V6R1.0 (08-11-2006)

Enhancements and fixes

This package contains InfoCenter updates for HMC 6.1.

PTF MH00841

Description

This PTF provides a command monkacpid, that allows processor usage of the kacpid kernel daemon. This PTF can be referenced by APAR MB01845.

This PTF can only be applied on HMC V6R1.0. It must be applied before applying the required maintenance package.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00841.zip
MH00841.iso
4195
389120
24297
38322
MB01845 MH00841
Splash panel information displayed after installation
MH00841: monkacpid to monitor acpi events (09-14-2006)

Enhancements and fixes

A number of internal modems, when installed in HMC Machine Type 7310-C04, are affecting the performance of the HMC. If you have such an HMC configuration, install this PTF, and then run the monkacpid command from either

This command produces output similar to the following. The output is refreshed every 4 seconds.

 Every 4.0s: /usr/bin/top -s -b -n 1 -p 6                Thu Sep 14 20:29:30 2006

  top - 20:29:31 up 1 day,  5:14,  5 users,  load average: 0.04, 0.01, 0.00
  Tasks:   1 total,   0 running,   1 sleeping,   0 stopped,   0 zombie
  Cpu(s):  1.6% us,  0.3% sy,  0.0% ni, 97.2% id,  0.9% wa,  0.0% hi,  0.0% si
  Mem:   1032992k total,  1005644k used,    27348k free,    36820k buffers
  Swap:  2040244k total,        0k used,  2040244k free,   192952k cached

 PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
   6 root      15 -10     0    0    0 S  0.0  0.0   0:00.00 kacpid

If the number in the %CPU column is greater than 10.0, please contact IBM Hardware support to order a replacement modem. Please reference Retain Tip H187630.

PTF MH00833 (HMC V6 R1.0 required maintenance)

Description

The PTF MH00833 corrective service package is a required Maintenance fix that must be installed on HMC Version 6 Release 1.0. It replaces the previously released PTF MH00781.

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00833.zip
MH00833.iso
63004295
65204224
22854
11917
MB01795 MH00833
Splash panel information (lshmc -V command output)
Version: 6
Release: 1.0
HMC Build level 20060801.1
MH00833: Required fixes for V6R1.0 (09-01-2006)
","base_version=V6.1.0

Enhancements and fixes

This package addresses the following issues:

PTF MH00781 (HMC V6 R1.0 required maintenance)

Description

The PTF MH00781 corrective service package has been replaced by PTF MH00833, which is now the required Maintenance fix that must be installed on HMC Version 6 Release 1.0

Package information
Package name Size (bytes) Checksum APAR # PTF#
MH00781.zip
MH00781.iso
54635620
56342528
52745
00261
MB01624 MH00781
Splash panel information (lshmc -V command output)
Version: 6
Release: 1.0
HMC Build level 20060801.1
MH00781: Required fixes for V6R1.0 (08-03-2006)
","base_version=V6.1.0

Enhancements and fixes

This package addresses the following issues:

PTF MH00752 (HMC V6 R1.0 Recovery)

HMC 6.1 Recovery Media images.

Description

The HMC 6.1 Recovery Media images can be used to upgrade your HMC to 6.1, or to perform a clean installation of HMC 6.1.

Updating to HMC V6 R1.0 requires an Upgrade by means of Recovery Media or the Network. There are no updates to be used with the Install Corrective Service task. An upgrade from HMC Version 4 to HMC Version 6 can only be done by first saving the upgrade data to DVD-RAM media, re-installing the HMC with HMC V6 R1.0 without selecting the Upgrade option, and then using the new rstupgdata command to copy upgrade data onto the HMC. The data copied will be automatically restored on the next reboot.

Package information
Package name Size (bytes) Checksum APAR # PTF#
HMC_Recovery_V6R1.0_1.iso
HMC_Recovery_V6R1.0_2.iso
1635698688
1319110656
36800
16863
MB01575 MH00752
Splash panel information (lshmc -V command output)
Version: 6
Release: 1.0
HMC Build level 20060719.1
","base_version=V6.1.0

Enhancements and changes in HMC 6.1.0

HMC 6.1.0 enhancements for the Hardware Management Console include:

Server and Partition Management

System plans

Platform management

HMC Command Line

Licensed Internal Code (LIC) update

Scheduled Operations

Repair and verify

Save Upgrade Data/Backup

Network connectivity

Problem analysis/Call Home

RMC

RIO Topology

Enhanced the View RIO Topology tool to include the Leading and Trailing Port status.

Service Focal Point (SFP)

National Language Support in HMC 6.1.0

The following table lists the languages and locales supported in HMC 6.1.

Supported languages
Languages Locales
English en_US, en_GB, en_GB@euro, en_AU, en_BE, en_BE@preeuro, en_CA, en_HK, en_Ne, en_IE, en_IE@preeuro, en_NZ, en_PH, en_PK, en_ZA, en_SG
German de_DE, de_DE@preeuro, de_CH, de_AT, de_AT@preeuro, de_LU, de_LU@euro
French fr_FR, fr_FR@preeuro, fr_CH, fr_CA, fr_BE, fr_BE@euro, fr_LU, fr_LU@euro
Italian it_IT, it_IT@preeuro, it_CH
Spanish es_ES, es_ES@preeuro, es_AR, es_BO, es_CL, es_CO, es_CR, es_DO, es_EC,es_SV, es_GT, es_HN, es_MX, es_NI, es_PA, es_PY,es_PE, es_PR, es_US, es_UY,es_VE
Brazilian Portuguese pt_BR
Japanese ja_JP
Simplified Chinese zh_CN, zh_SG
Traditional Chinese zh_TW, zh_HK
Korean ko_KR
Hungarian hu_HU
Dutch nl_NL, nl_NL@preeuro, nl_BE, nl_BE@preeuro
Russian ru_RU
Czech cs_CZ
Slovakian sk_SK

Known issues in HMC 6.1.0

Server and Partition

LIC Code Update

Scheduled Operations

Scheduled Operations requires that the targeted object (CEC, HMC, Image) has been initialized with user defined names.

National Language Support

Miscellaneous Functions

Security fixes in HMC 6.1.0
Reference Abstract
CAN-2005-0109 OpenSSL update
CAN-2005-2969 OpenSSL fix for potential SSL 2.0 Rollback vulnerability
CVE-2004-0175 OpenSSH SCP Client File Corruption Vulnerability
CVE-2002-0839
CVE-2002-0840
CVE-2002-0843
Apache HTTPD Multiple Vulnerabilities
CVE-2001-0572 SSHv1 Protocol Available
CAN-2003-0989 tcpdump remote DOS
CAN-2004-0078 mutt remote buffer overflow
CAN-2004-0110 libxml2 URI Parsing Remote Buffer Overflow
CAN-2004-0109
CAN-2004-0181
Linux kernel ISO9660/JFS local privilege escalation, info leak
CAN-2004-0183 tcpdump ISAKMP remote DOS
CAN-2004-0427
CAN-2004-0424
CAN-2004-0229
CAN-2004-0228
CAN-2004-0394
Linux kernel privilege escalation, local DoS
CAN-2004-0174
CAN-2003-0020
CAN-2003-0993
CAN-2003-0542
apache - multiple vulnerabilities
CAN-2004-0554 Linux kernel "__clear_fpu()" Macro local DoS
CAN-2004-0523 kerberos aname_to_localname remote root compromise
CAN-2004-0492 apache: remote overflow in mod_proxy
CAN-2004-0460
CAN-2004-0461
VU#317350
VU#654390
dhcp-server: remote system compromise
CVE-2002-1363 libpng remote DoS
CAN-2004-0590 Certificate chain authentication in Openswan pluto
CAN-2004-0649 L2tpd: remote execution of arbitrary files w/ privs of l2tpd user
VU#388984
VU#236656
VU#160448
VU#477512
VU#817368
VU#286464
CAN-2004-0597
CAN-2004-0598
CAN-2004-0599
libpng: multiple vulnerabilities
CAN-2004-0415 kernel: local privilege escalation, race condition in file offset pointer handling
VU#550464
CAN-2004-0644
krb5: remote unauthenticated DoS
CAN-2004-0817 imlib: local execution via heap overflow
CAN-2004-0687
CAN-2004-0688
xf86: multiple buffer overflows with malformed xpm images
CAN-2004-0966 gettext: Insecure temporary file handling
CAN-2004-0804
CAN-2004-0886
tiff: Buffer overflows in image decoding
CAN-2004-0884 Cyrus-sasl2: (ver2.1.7)Insecure handling of environment variable
CAN-2004-0971 krb5: krb5-workstation: Possible symlink attack, priv escalation via temporary file mishandling
CAN-2004-0989 libxml: remote code execution, buffer overflow
CAN-2004-0975 Openssl: possible symlink attack via temp file mishandling
CAN-2004-0940 Apache: local buffer overflow in get_tag function in mod_include
SuSE-SA:2004:041 xf86: SuSE security updates for libxpm
CAN-2004-0782 mlib: SuSE xpm security updates in imlib
CAN-2004-1010 zip: buffer overflow in info-zip when using recursive folder compression
CAN-2004-1308 tiff: multiple buffer overflows
CAN-2004-0986 iptables: variable init failure can cause failure to load firewall rules
CAN-2004-0883
CAN-2004-0949
CAN-2004-1070
CAN-2004-1071
CAN-2004-1072
CAN-2004-1073
CAN-2004-1074
kernel: SuSE update for multiple local and remote DoS vulnerabilities
CAN-2005-0155

CAN-2004-0452
CAN-2005-0077
Perl: SuSE security update to address two priv escalation and a buffer overflow condition
CAN-2005-0449
CAN-2005-0209
CAN-2005-0529
CAN-2005-0530
CAN-2005-0532
CAN-2005-0384
CAN-2005-0210
CAN-2005-0504
CAN-2004-0814
CAN-2004-1333
CAN-2005-0003
SuSE updates for multiple issues on 2.4-2.6.11 kernels
CAN-2005-1993 sudo: vulnerabilities allow execution of arbitrary commands
CAN-2005-1267
CAN-2005-1278
CAN-2005-1279
CAN-2005-1280
tcpdump: fix for several DOS vulnerabilities
CAN-2005-1151
CAN-2005-1152
CAN-2005-1349
CAN-2005-0103
CAN-2005-0104
CAN-2005-1455
CAN-2005-1454
CAN-2004-1456-CAN-2004-1470
tiff: buffer overflow allows execution of arbitrary code

Hints and Tips for the HMC Desktop

eServer i5 and p5 Education available on Resource Link

The following customer courses will be available from Resource Link for the Product Announce on May 4, 2004.

Access to these courses requires an IBM Registration ID and Resource Link Access.

To obtain an IBM Registration ID

  1. Go to http://www.ibm.com/servers/resourcelink
  2. Select "Register" under New users
  3. On the My IBM Registration, fill in an e-mail address for IBM ID and password, and the Security question and answer and the Country of residence and then click Continue and fill in the rest of the User information and click Submit.

Resource Link Access for New Users

  1. Go to http://www.ibm.com/servers/resourcelink
  2. Select "Sign in" enter the IBM ID and password you used to register above
  3. Select "Customer"
  4. Click "Submit" Once submitted it will take an hour before the access takes effect

To view a course

  1. Sign in to Resource Link
  2. Select Education in the navigation bar on the left
  3. From the Education page, select "eServer i5 and p5 courses"
  4. Select "How to Use the eServer i5 and p5 Hardware Management Console"
  5. Select "Performing Licensed Internal Code Maintenance"
  6. Double-click the link to open the course.

Notes:

  1. The courses are browser based. For optimal viewing, we recommend Microsoft Internet Explorer 6.0 or higher with your display set at 1024 x 768. To set your display, go to My Computer -> Display -> Settings
  2. Course pages can be book marked for easy retrieval.
  3. Course simulations open in a separate window. Use the X in the upper right corner of the window to close the simulation.
  4. If there are Quick Time videos in the course, you need to have the Quick Time viewer installed. A link to the free viewer is on each Resource Link course page and on the related page within each course.

HMC documentation

Documentation, installation guides, cumulative PTF history, best practices, and related support information:

Translate this page