AIX tricks

Unlock user account

Execute the following command to reset unsuccessful login attempts count

# chsec -f /etc/security/lastlog -a unsuccessful_login_count=0 -s <userid>

Execute the below command to reset the lock switch

# chuser account_locked=false <userid>

And then try to login...

Force reuse old password

Three simple commands

# echo "user:password" | chpasswd -c
# chsec -f /etc/security/lastlog -a unsuccessful_login_count=0 -s user
# chuser account_locked=false user

List deleted files

fuser -d  -V -c /tmp

How to truncate /var/adm/wtmp in AIX

/var/adm/wtmp contains login and logoff information in reverse chronological order.

The last command can be used to view the contents of wtmp.

An example of the output of last is shown below.

$ last
oracle    pts/2        200.254.1.207         Jun 29 15:36 - 15:44  (00:08)
oracle    pts/2        192.253.1.20          Jun 29 15:34 - 15:35  (00:01)
oracle    pts/2        192.252.1.20          Jun 29 15:32 - 15:34  (00:02)
oracle    pts/2        192.252.1.20          Jun 29 15:27 - 15:31  (00:04)
oracle    pts/0        192.252.1.14          Jun 29 15:16 - 18:08  (02:52)
root      pts/1        168.29.10.7           Jun 29 15:03 - 00:55  (09:51)
oracle    pts/0        211.251.1.14          Jun 29 14:50 - 15:15  (00:25)
oracle    pts/2        211.252.1.14          Jun 28 23:49 - 23:49  (00:00)
oracle    pts/2        211.252.1.14          Jun 28 23:48 - 23:48  (00:00)
oracle    pts/3        211.253.1.14          Jun 28 23:48 - 00:06  (00:18)
oracle    pts/2        211.251.1.14          Jun 28 23:46 - 23:48  (00:01)
oracle    pts/0        211.252.1.14          Jun 28 23:44 - 00:05  (00:20)
root      pts/0        176.29.10.7           Jun 28 23:00 - 23:01  (00:00)
root      pts/0        176.29.10.7           Jun 28 22:57 - 23:00  (00:02)
root      pts/0        176.29.10.7           Jun 28 21:44 - 22:55  (01:10)
root      pts/0        176.29.10.7           Jun 28 21:43 - 21:43  (00:00)
root      pts/0        176.29.10.7           Jun 28 21:41 - 21:41  (00:00)
oracle    pts/1        212.252.1.14          Jun 28 17:18 - 00:07  (06:48)

wtmp will need to be truncated periodically to prevent it from getting too big.

To do so use the fwtmp command as shown below.

/usr/lib/acct/fwtmp < /var/adm/wtmp > /tmp/wtmp.out
tail -500 /tmp/wtmp.out > /tmp/wtmp.small
/usr/lib/acct/fwtmp -ci < /tmp/wtmp.small > /var/adm/wtmp
rm /tmp/wtmp.out
rm /tmp/wtmp.small

[1]

View logs

Boot and console messages can be used to identify and fix problems. These messages are automatically stored on disk by AIX. To view the stored messages, use the alog command. Here are a couple examples of the alog command:

alog -L      		#  List the defined log types
alog -o -t boot	#  View the boot log
alog -o -t console	#  View the console log
errpt -a               #  View the error log

Check Total/Used/Available memory in AIX

#!/usr/bin/ksh
um=`svmon -G | head -2|tail -1| awk {'print $3'}`
um=`expr $um / 256`
tm=`lsattr -El sys0 -a realmem | awk {'print $2'}`
tm=`expr $tm / 1000`
fm=`expr $tm - $um`
echo "\n\n-----------------------";
echo "System : (`hostname`)";
echo "-----------------------\n\n";
echo "Memory Information\n\n";
echo "total memory = $tm MB"
echo "free memory = $fm MB"
echo "used memory = $um MB"
echo "\n\n-----------------------\n";

Convert epoch to standard date and time and vice-versa

$ perl -e 'print scalar(localtime(1399197721)), "\n"'
$ perl -e 'use Time::Local; print timelocal(1,2,3,4,04,2014), "\n"'

Where is timelocal($second,$minute,$hour,$day,$month,$year) and $month argument started from 0 to 11 (January and December accordingly), don't forget it

And get current date and time in epoch format

$ date +%s

Check if VG mirrored

LV need to met several conditions to check if it mirrored or not:

1. Have at least two PVs in it's configuration (Physical Volumes). However, more than 1 physical volume also possible if LV (Logical Volume) takes place of 2 PVs (for example if it's have amount of data). You can see that following output doesn't met requirements (notice LPs and PPs are same):

   LV NAME             TYPE       LPs     PPs     PVs  LV STATE      MOUNT POINT
   hd1                 jfs2       10      10      2    open/syncd    /

There are 10 LP's, 10 PP's and 2 PV's - isn't mirrored because PP's same count as LP's.

2. PPs and LPs need also to be checked. In a mirrored LV count of PP's (physical partitions) should be at least double the LP's (logical partitions). But actually it's possible that PP's double the LP's and actually not mirrored. For example if both copies placed on same disk:

  LV NAME             TYPE       LPs     PPs     PVs  LV STATE      MOUNT POINT
  hd1                 jfs2       10      20      1    open/syncd    /

There are 10 LP's and 20 PP's, but 1 PV - isn't mirrored because both copies of LV data placed on 1 PV.

3. Actually mirrored LV should have double PP's against LP's and at least 2 PV's:

  LV NAME             TYPE       LPs     PPs     PVs  LV STATE      MOUNT POINT
  hd1                 jfs2       4       8       2    open/syncd    /

There are 4 LP's and 8 PP's (double LP's) and 2 PV's, so one copy 4 PP's on one PV and 4 PP's on another PV. This volume actually mirrored.

Perl script to check LV mirror.

#!/usr/bin/perl
use strict;
my $vg = "rootvg";
if ($#ARGV == 0) { $vg = $ARGV[0]; }
my @vginfo = `lsvg -l $vg | egrep -v "livedump|fwdump|sysdump"`;
my $lv;
foreach $lv (@vginfo){
       if ($lv =~ /(\S+)\s+\S+\s+(\d+)\s+(\d+)\s+(\d+)\s+\S+\s+(\S+)/){
               if ($4 < 2){
                       printf "%-20s %-20s not mirrored (Only on 1 Physical Volume)\n", $5, $1;
               }elsif ( $3 < ($2 * 2) ){
                       printf "%-20s %-20s not mirrored (LP's=$2,PP's=$3) \n", $5, $1;
               }
       }
}

Actual resource - https://www.ibm.com/developerworks/community/blogs/brian/entry/make_sure_all_your_lv_s_are_mirrored_in_a_aix_volume_group20?lang=en