Documente Academic
Documente Profesional
Documente Cultură
HP-UX 1 Systems 1i
Abstract
This administration guide is for system administrators who maintain the security of HP-UX systems. Administrators are assumed to have in-depth knowledge of HP-UX operating system concepts, commands, and configurations. It assumes familiarity with installing HP computer hardware and software, upgrading software, applying patches, and troubleshooting system problems.
Copyright 2007, 201 Hewlett-Packard Development Company, L.P. 1 Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.21 and 12.212, Commercial 1 Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Acknowledgements Intel Itanium Logo, Intel, Intel Inside and Itanium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation. Java is a US trademark of Sun Microsystems, Inc. UNIX is a registered trademark of The Open Group. Revision History
Contents
1 Introducing HP-UX Software Assistant............................................................5
HP-UX SWA overview................................................................................................................5 Release notes...........................................................................................................................5 Capabilities.............................................................................................................................5 Command structure...................................................................................................................5 The major modes.................................................................................................................6 Extended options.................................................................................................................7 Help..................................................................................................................................7
3 Quick Start..............................................................................................11
Steps to using SWA................................................................................................................11 Create a config file.................................................................................................................11 Run the initial report................................................................................................................11 Review recommended actions...................................................................................................12 Download patches and make a depot.......................................................................................12 Read the readBeforeInstall.txt file and take appropriate actions.....................................................13 Install the depot......................................................................................................................13 Generate a second report........................................................................................................13 Put appropriate actions in the ignore file....................................................................................13
Contents
5 Networking options..................................................................................23
Using SWA in secure network environments...............................................................................23 Using proxy servers with Software Assistant................................................................................23 Using the download_cmd extended option.................................................................................23 Running SWA on a system without access to the Internet..............................................................24
Glossary....................................................................................................47 Index.........................................................................................................49
Contents
Release notes
For information on what's new with the latest version of SWA, see the HP-UX Software Assistant Release Notes available at http://www.hp.com/go/swa-docs.
Capabilities
SWA's major functions are briefly outlined below.
Analyze
SWA runs as a client-side patch and security analysis tool. An HP-supplied catalog file with known problems and fixes is downloaded from the HP Support Center (HPSC) and compared to the software installed on the system. Depots used for full-system installation, such as the installation depot on an OE DVD, may also be analyzed. Systems are analyzed for patch warnings, critical defects, security bulletins, missing Quality Pack (QPK) patch bundles, and user-specified patches and supersession chains. SWA optimizes the automatic selection of patch dependencies by assessing the quality of the dependency, providing the best case scenario for the dependency, minimizing changes to the system, and assessing future patch dependency changes.
Report
SWA is able to generate a variety of reports based on its analysis. Action, Issue, and Detail reports are available. A consolidated HTML report with links to the technical knowledge base is always created. The SWA reports provide information for downloading software from HP and for actions that need to be taken manually.
Command structure
HP-UX Software Assistant is a tool that uses a major mode style interface.
# swa <major mode>
SWA has the following major modes: report, get, step, and clean. Extended options modify each SWA command. They can be specified on the command line or saved in a configuration file.
# swa <major mode> -x <extended_option>
HP-UX SWA overview 5
Context sensitive help is available for all SWA commands with the -? option.
# swa <major mode> -?
The following sections give a brief overview of SWA commands. For detailed information, see the HP-UX Software Assistant Reference, available at http://www.hp.com/go/swa-docs.
Report
# swa report The swa report command is comprised of the following steps, and executes them in the order listed. Inventory The swa report command first does an inventory of the installed software. The inventory is written to $HOME/.swa/cache/swa_inventory_n.xml. Catalog Then, swa report downloads an HP-supplied catalog file from the HPSC website that contains known security issues and other defects along with their solutions. The catalog file is saved to $HOME/.swa/cache/swa_catalog.xml. Analyze The inventory file is then compared with the catalog file to see what issues need to be resolved on the system, and the resulting analysis file is written to $HOME/.swa/cache/ swa_analysis.xml. Report A summary of recommended actions are written to standard output and comprehensive results are written to $HOME/.swa/report/swa_report.html.
Get
# swa get The swa get command is comprised of the steps download and depot, and executes them in the order listed. Prerequisites to the swa get command are the steps inventory, catalog, and analyze. Download The swa get command uses the results file generated by the analysis step of swa report to download the necessary software from HP. Write access to the swcache directory is required for this step. Depot The downloaded software is then packaged in a depot. You must be a privileged user for this step.
Step
# swa step {inventory | catalog | analyze | report | download | depot} The swa report and swa get commands are made up of steps. The swa report command is comprised of the steps inventory, catalog, analyze, and report. The swa get command is comprised of the steps download and depot. With the swa step command, you can execute one discrete step of the swa report or swa get command, such as: swa step inventory.
Clean
# swa clean {usercache | swcache | all}
When the swa command runs, it produces a cache of files for its use. Run swa clean to free up disk space after your swa session is complete. The swa clean command has modifiers that specify the caches to clean. The modifiers are: usercache, swcache, and all. The usercache holds the files created by swa report, and the swcache holds the patches and patch bundles downloaded by swa get or swa step download. The swcache directory can be set with the extended option swcache. NOTE: The usercache generally does not consume much disk space, but the swcache can consume a significant amount of disk space. There is a trade-off between keeping software in the swcache directory and having to repeat a software download.
Extended options
Extended options allow you to tailor SWA behavior to your own specifications as each phase is performed: analysis, reporting, and downloading HP software. SWA commands are capable of accepting extended options via command line or in an extended options configuration file. Precedence of extended options sources are given in the manpages. To specify an extended option via command line, use the syntax swa_command -x option. To use a configuration file, there are three options: Specify a file on the command line with swa_command -X option_file. Use the $HOME/.swa.conf file. Use the /etc/opt/swa/swa.conf file.
The SWA manpages document applicable extended options for a command, and the /etc/opt/ swa/swa.conf.template file outlines the usage and syntax of each extended option. Be sure to read the manpages so you are aware of the extended options' default values associated with each command.
Help
Use the -? option at any level of a command to get context sensitive information regarding usage and available options. For example:
# swa report -? Usage: swa report [options] Where options include: -a analyzer Analyze and report issues and new software
One of the analyzers to use <multiple -a options can be specified> -q Decrease verbosity of output -r report_type Set the type of the stdout report -s System, depot or existing local inventory file to analyze. -v Increase verbosity of output -x ext_option=value Set the extended option to value <multiple -x options can be specified> -X option_file Read extended option settings from this file
Use "swa report -<option> -?" <e.g. "swa report -x -?"> to get a description of options that have arguments
Command structure
Status Required. Required. Required. It is included on the OE and AR media. Required for HP-UX 1 v1 1i (B.1 1) only. 1.1
Java is only required for SWA analysis functionality. If you do not want Java on a system, you have the following alternatives: Install Java and the full SWA tool on a single system and do all analysis from that system. The SwaMin product may be installed on clients that have no network connectivity to the analysis system. Use the SwaMin product to gather inventory and upload to the HP Support Center web site at http:// www.hp.com/go/hpsc for analysis (currently patches only).
SWA software is available from the following places: Software Assistant on the HP Software Depot: for Windows, HP-UX 1 v1 (B.1 1), HP-UX 1i 1.1 1 v2 (B.1 1i 1.23), HP-UX 1 v3 (B.1 1i 1.31). From http://www.hp.com/go/swa-download, click Installation for installation instructions. The newest version of SWA is available on the Software Depot.
On HP-UX
To use SWA within HP SIM on an HP-UX system, you should have a current version of HP SIM installed on your Central Management System (CMS).
What version of SWA should I use? 9
SWA will be available within HP Systems Insight Manager (HP SIM) if you install SWA while HP SIM is running. If SWA is installed before HP SIM is initially configured via mxinitconfig, SWA will automatically be included for use within HP SIM. See mxinitconfig(1M) for more information. If you install SWA when HP SIM is installed but not running, you must run the /opt/swa/lbin/configHPSIM script once HP SIM is running again to configure HP SIM for SWA. The following error indicates HP SIM is not properly configured to run SWA. Use the information outlined above to determine whether to run mxinitconfig or configHPSIM.
NOTE: Cannot configure HP SIM. Add SWA to HP SIM by running mxinitconfig (1M) or /opt/swa/lbin/configHPSIM
NOTE: HP SIM servers might require significant space in /var/opt/swa/HPSIM to support client systems' analysis, catalog, inventory, and report files. You should consider the number of client systems you intend to support and adjust file system sizes accordingly.
Uninstalling SWA
From a Windows system
To uninstall SWA from a Windows system, select All ProgramsHP-UX Software AssistantUninstall HP-UX Software Assistant from the Windows Start menu.
If you do not use the -x enforce_dependencies=false option with the swremove command, you will receive error messages regarding dependencies.
10
3 Quick Start
Steps to using SWA
To get started using Software Assistant right away, follow these steps: 1. Make sure you have your active HP support agreement that includes Software Updates linked to your HPSC profile to access patch content and services. 2. Create a config file that contains your HPSC login information. 3. Run the initial report with the command swa report. 4. Review recommended actions, especially the manual actions, written to standard output. 5. Download patches and make a depot with the command swa get. 6. Read the readBeforeInstall.txt file and take appropriate actions. 7. Install the depot. 8. Generate a second report. 9. Put appropriate actions in the ignore file.
Set the file permissions appropriately so the configuration file is not readable by others. Edit your configuration file and add your HPSC user ID and password. The syntax will be
hp_id = <HPSC user ID> hp_pw = <HPSC password>
SWA first builds an inventory of the software currently installed on the system. Then, the catalog is downloaded from HPSC.
======= 02/05/08 15:52:35 MST BEGIN Report on Issues and New Software <user=username> <jobid=systemname> * Gathering Inventory * Getting Catalog of Recommended Actions and Software
NOTE: If the system does not have direct access to the web, you can specify a proxy server with the swa report extended option proxy. For more information, see Appendix B (page 45) and swa-report(1M). SWA supports HTTP basic authentication only. If you do not have a standard proxy, you can also specify an arbitrary command for downloading files. See the extended option download_cmd. After the catalog is downloaded, the analysis is performed and reports are generated. An HTML report is written to the file indicated in the standard output messaging, and an Actions Summary Report is written to standard output. (Use the -r option to swa report and swa step report to specify the report type written to standard output: action (default), issue, detail, html or none.)
* Using existing local catalog file * Performing Analysis * Generating Reports See HTML-formatted report "$HOME/.swa/report/swa_report.html"
NOTE:
1 1
The Actions Summary Report begins with the Assessment Profile. The exact catalog and inventory files used in the analysis are identified. Detailed analysis information follows.
Software Assistant Actions Summary Report ASSESSMENT PROFILE Catalog Information Catalog File: $HOME/.swa/cache/swa_catalog.xml Catalog Date: dd month year hh:mm:ss Inventory Source Name: systemname OS: HP-UX B.11.xx Model: model info Inventory File: $HOME/.swa/cache/swa_inventory_n.xml Inventory Date: dd month year hh:mm:ss
Analysis Information Analysis File: $HOME/.swa/cache/swa_analysis.xml Analysis Date: dd month year hh:mm:ss Ignore File(s): $HOME/.swa/ignore Issues Ignored: n Selected Analyzers QPK: latest Quality Pack patch bundle SEC: security bulletins PCW: patches with critical warnings
The analysis depends on the Selected Analyzers. Default analyzers are quality pack (QPK), security (SEC), and critical patch warnings (PCW) because these watch HP's default patch and bulletin recommended actions. You can specify the analyzers used with the -a option on the command line, or by using the analyzers extended option. See swa-report(1M) for more information. The report then goes on to report the recommended actions.
Manual actions that result in the installation or removal of software might cause changes to the list of recommended patches. After resolving the product changes identified as manual actions, it is recommended a new analysis is run to create the most accurate patch recommendations.
You are required to specify the depot. By default, a new depot is created. NOTE: The swa get command requires superuser privileges. See swa-get(1M) for more information. The swa get command uses the analysis file created by swa report to determine what software to download from HP.
12 Quick Start
As each patch is downloaded into the swcache, a notice is displayed on standard output.
. . . NOTE: . . . * Downloading Software from HP to Local Cache Estimated total download size: x bytes. * Downloading PHCO_n (1 of x)
Once the patches have been downloaded to the swcache directory, they are processed into the depot. SWA automatically uses MD5 cryptographic hash to verify patch integrity before unpacking downloaded patches. For more information on the location of the swcache directory, see Appendix A (page 43).
Note that this command should only be used within a maintenance window as the system might require a reboot. Any reboot will be performed automatically when required.
HP advises you include comments in the ignore file explaining who added an issue, why, and when. Auditors are likely to want this information documented and traceable. The ignore file, $HOME/.swa/ignore, includes comments with instructions regarding syntax and how to add an issue. You must use the Issue ID given in the Detail report to identify issues in an ignore file. It is possible to use more than one ignore file with the following syntax:
# swa report -x ignore_file="file1 file2"
13
If no analyzers are specified, the PCW, QPK, and SEC analyses are performed. For detailed information on QPK patch bundles and types of patches, see the Patch Management User Guide for HP-UX 1 Systems, available at http://www.hp.com/go/patchmgmt-docs. 1.x
14
Report overview
After the analysis is complete, SWA reports its findings. The types of reports follow. Table 3 Report Overview
Report type HTML What it reports How to generate it Where to find it Use this report for... Interpreting analyses as recommended by HP All the information SWA has on the analysis Links to full descriptions of security bulletins, patches, and bundles Links to download patches A comprehensive to-do list Patch bundles and patches recommended for installation A list of recommended manual actions Issue Summary of issues -r issue for display to standard output Included in HTML report Standard output when selected with -r Included in HTML report Standard output when selected with -r A list of exposed problems, including those with no SWA recommended solution A cross-reference of actions to resolved issues Issue IDs Dependencies Issues detected with no SWA recommendation for resolution Web addresses for relevant patch and security issue information Web addresses to download patches
Comprehensive Always $HOME/.swa/report/ includes the generated and swa_report.html by Action, Issue, and written to a file default Detail reports. -r html for The file specified by the display of HTML html_report extended source to option standard output Standard output when selected with -r Summary of recommended actions Generated by default to standard output Standard output by default Included in HTML report
Action
Detail
Recommended -r detail for actions with issue display to justification standard output
Issues in ignore files are excluded from all reports. For more information, see Put appropriate actions in the ignore file (page 13). The contents of all reports are dependent on the analyzers selected. Report excerpts in this chapter are HTML; the same information is reported in text-based reports.
The HTML report begins with a table of contents, which includes links to all sections of the report.
Inventory Source This information describes the system being analyzed and the inventory information for that system. The Model: information will only be available if the system is local or accessed with a secure shell connection (ssh). The Inventory Date: is the date the inventory was run on the system with the swa report or swa step inventory command. Catalog Information This is the file downloaded from HPSC with the swa report or swa step catalog command. The Catalog Date: is a data timestamp indicating when the catalog was created. Analysis Information This is the file created when the swa report or swa step analysis command was run. The Analysis Date: is the date the analysis was run. The ignore files used in the analysis are indicated. The Issues Ignored: indicate the number of issues ignored during this analysis. Selected Analyzers These are the analyzers the reports are based on. Although not listed, the automatically invoked analyzer (AUTO) is always run and cannot be deselected. The AUTO analyzer detects problems such as missing dependent patches and unrecognized patches. If your analysis has detected AUTO issues, you will see an Automatically invoked analyzers section in the Issue report. Options to analyzers are not included in the Assessment Profile, such as the patches specified with the CHAIN and PATCH analyzers.
16
Patch bundles
Bundles listed here are Quality Pack (QPK) bundles. Quality pack bundles include stable patches for core HP-UX, graphics, and networking drivers. Depending on your release, there are two possible QPK bundles, QPKAPPS and QPKBASE. Both bundles are included in the QPK depot. If the QPK bundles include patches with warnings, the fix patches will be listed in the Patches section of this report and the patch bundles will be identified as an issue in the Issue report. The listed bundles are not found on the target system, but no information is provided as to what bundle contents are missing. The bundle equivalency of the QPK contents can be detected with the CHAIN and PATCH analyzers.
Patches
The patches listed in this section are required in addition to those in a QPK bundle they are available individually on the HPSC website. Software Assistant will recommend the newest patch in the chain to resolve the issue. If unexpected patches are seen in the list, they are usually included as dependencies or to address warnings. The patches included as dependencies are flagged in the Dep column. An asterisk indicates a patch that must be installed, and a plus sign indicates a patch dependency that is satisfied by either being installed or by having a superseding patch installed. The Detail report can provide the rationale for all patches. SWA creates all depots with all requisites included. This allows installation on any system but might include patches that can't be installed on a specific system. For example, if a there is a patch in the depot for a product that is not installed on a system, that patch will not get installed. If you have a QPK bundle listed under Patch Bundles, this will not be a complete list of patches to install since QPK patches are not included in this list.
17
Manual actions
These actions require direct administrator response and include product (non-patch) updates, product removal, manually updating files, and other manual actions, such as direct file system changes. Security bulletins are listed only if manual actions are required. If a patch satisfies a security bulletin, it will be included in the QPK patch bundle or listed explicitly in the Patches section. The date listed for security bulletins is the date the bulletin was posted or last updated. A detection confidence rating is included with the action. Note that SWA can only detect software that has been installed with swinstall. The ratings are: D Definite. The recommendation is based on specific revisions of installed software. SWA has determined that this fix has not been done. R Relevant. The recommendation is based on installed software. For some recommendations rated R, SWA cannot determine if the action has already been taken. If SWA cannot detect if an action has been taken, that issue will always be listed until it is entered in an ignore file. U Unknown. The recommendation is based only on operating system version. SWA cannot detect if recommendations rated U have been taken. Issues rated U will always be listed until they are entered in an ignore file.
Manual actions that result in the installation or removal of software might cause changes to the list of recommended patches. After resolving the product changes identified as manual actions, it is recommended a new analysis is run to create the most accurate patch recommendations. The following example illustrates how one issue, a required Security Bulletin 02284r4, can generate multiple manual actions. See the Detail report for a detailed cross-reference of actions to issues.
Five manual actions are associated with the one Security Bulletin 02284r4.
18
The Security Bulletin 02284r4 generates five actions in the Action report (see the associated Action report), and a single issue in the Issue report.
A security bulletin usually has a number of identifiers associated with it. The following example explains the identifiers associated with security bulletin 02284r4.
19
1 2 3 4
The short form of the external HP security identifier. It is comprised of the numeric portion of the HPSBUX identifier, 02284, plus the revision number, r4. The long form of the external HP security identifier, also called the HPSBUX identifier. The software security response team number, which is used internally to HP. The revision number. A security bulletin revision can be issued for minor or significant changes.
NOTE: The Common Vulnerabilities and Exposures (CVE) identifier, if there is one associated with the bulletin, is available with the detailed information on the HPSC. Follow the hyperlink in the HTML report to access this information.
1 2
This is the posting date of the most recent patch warning. Patches with critical warnings are identified here.
20
The Patch PHKL_31500 is a special patch for HP-UX 1 v2, in that new dependencies may 1i be introduced after its release.
1 2 3
This is the only report that includes the full SWA Issue ID, which is required in an ignore file. The URL is a link to the security bulletin. The dependencies listed are supporting patches or patch bundles that must be installed. The patches will be listed as action items in the Action report unless they are included in a QPK targeted for installation. Note that it is not uncommon for HP-UX to have patches that are mutually dependent. For more information on patch dependencies, see the Patch Management User Guide for HP-UX 1 Systems, available at http://www.hp.com/go/patchmgmt-docs. 1.x
The following example illustrates how one issue, a required Security Bulletin 02284r4, can generate multiple manual actions. The Detail report expands on each of the actions.
21
Sometimes one action will resolve more than one issue. In the following example, installing PHCO_36506 will resolve both a critical issue and a patch warning. Both patches, PHCO_36506 and PHCO_31562, will appear in the Issue report. Only PHCO_36506 will appear in the Action report. The Detail report below shows the cross-reference of the action to both issues.
The Detail report might include the section, Unresolved Issues. These are issues that SWA detected but has no action to recommend. An unrecognized patch installed on the target system is an example of an unresolved issue. Select this report for display to standard output with the -r detail option to the swa report command or the swa step report command.
22
5 Networking options
Using SWA in secure network environments
SWA is able to adapt to a secure network environment where one or more of the default protocols SWA uses are blocked. When customizing SWA for your environment, you must keep security concerns in mind. When SWA runs an analysis of a system, it relies on the integrity of the catalog file and the inventory file. The integrity of the catalog file and the analysis file controls the security properties of SWA. Depot creation relies on the integrity of the patches within the swcache directory. The validity of the catalog file is of primary importance, since it contains all the data for identifying issues, recommending solutions, and downloading and verifying content. Because the integrity of SWA files must be maintained, use either a secure shell (ssh) connection or media when accessing a remote system for the inventory, catalog, analysis, and swcache files.
23
2. 3.
Review the recommended actions and issues. Download patches using the gateway system and make a depot on the local system:
# swa get -t target_depot -x download_cmd='/usr/local/bin/myGetScript.sh'
4.
Continue with the patch installation procedure as outlined in Chapter 3 (page 11).
TIP: In SWA C.02.85 and later, you can use the extended option url_target to change the target string from %url to something else. For more information on download_cmd, see swa-get(1M), swa-report(1M), and swa-step(1M).
24
Networking options
1.
Using a system with Internet access (this system may be running Linux or Windows), download the catalog from the HPSC. 1. Get /opt/swa/lbin/swaFetch.jar from an HP-UX system running SWA version C.02.80 or later and transfer the file to the system that will be running the download. 2. On the system to do the download, run the following command:
# java -jar swaFetch.jar -x hp_id=uname \ -x hp_pw=pw -x proxy=http://user:pass@web-proxy.mycompany.com:8088 \ -x file=/export/patches/swa_catalog.xml.gz
3. 2.
When swaFetch.jar has completed, the current directory will contain the catalog swa_catalog.xml.gz.
Transfer the catalog to the system to be analyzed using ssh or media. The catalog's default location is $HOME/.swa/cache. Uncompress the file with
# gunzip swa_catalog.xml.gz
3.
Create an inventory, run an analysis, and generate a report on the system with
# swa report -x catalog_max_age=-1
4. 5.
The catalog_max_age=-1 extended option setting instructs SWA to skip the catalog download step. Note that you can use the extended option catalog to specify the catalog location if it is other than the default $HOME/.swa/cache/swa_catalog.xml. Evaluate the reports and determine the patches to be downloaded. Contact the HPSC from a system connected to the Internet and select the patches you wish to install. Once you have a selected patch list, download them in your desired format. HP recommends using the depot creation script included with the patches since it will make installation easier. Note that when using media or other means to relocate the swcache files to a new system (the swa get and swa step download commands are not used), the MD5 cryptographic hash validation of the patches is not repeated.
6.
Continue with the patch installation procedure as outlined in Chapter 3 (page 11).
25
Launching SWA
Options on the HP SIM menu for SWA are under ToolsSoftware Assistant: Generate report Launch analyses that result in a comprehensive report. You may run SWA now, schedule a job, or both. Review jobs View a list of SWA jobs, past and present. See overview information and easily view the comprehensive report for a job. : Viewing All Scheduled Tasks Manage your scheduled tasks. Viewing Task Results See if your jobs completed successfully, and if not, what errors were generated.
HP SIM options for monitoring and maintaining your SWA tasks are available under
4. 5.
Generate report
To run an SWA analysis and generate reports, from the HP SIM toolbar, select ToolsSoftware AssistantGenerate Report.... Use this menu item if you want to run an analysis immediately or if you want to schedule the analysis for a later time.
26 Running SWA from within HP SIM
NOTE: HP SIM servers might require significant space in /var/opt/swa/HPSIM to support client systems' analysis, catalog, inventory, and report files. You should consider the number of client systems you intend to support and adjust file system sizes accordingly.
To select individual systems from a collection: 1. Select the Collection radio button in the Add targets by selecting from: box. 2. Select the desired collection from the pull-down menu. 3. Deselect the Select collection itself check box. 4. Click View Contents. 5. Select the check boxes of desired systems. Selecting the check box in the top title row will toggle between selecting and deselecting all listed systems. 6. Click Apply. To search for individual systems to select: 1. Select the Search radio button in the Add targets by selecting from: box. 2. Type the search text in the text box. The top six search matches appear in a popup box for quick selection.
Generate report 27
3. 4. 5.
Click Search. Select the check boxes of desired systems. Selecting the check box in the top title row will toggle between selecting and deselecting all listed systems. Select Apply.
TIP: Clicking in a column header area will sort the systems alphabetically by that column. Click again to reverse-order the list.
28
Select Remove Targets... and select the check box next to systems you wish to remove from analysis. Select Apply. Selecting the check box in the top title row will select all systems for removal. You can click Cancel to close the Remove Targets... interface and retain the original list of selected systems. Once you have finalized the systems to be analyzed, select Run Now to either run an analysis immediately or to schedule an analysis.
NOTE: The Add Event Filter... selection provided by HP SIM is not a valid selection for HP-UX Software Assistant.
Generate report
29
HPSC Account Information Patch access is through the HPSC portal. You need to have a valid HPSC user ID and password. You will also need an active HP support agreement that includes Software Updates. This support agreement must be linked to your HPSC profile to access patch content and services. User ID Use this to specify your HPSC user ID to gain access to the HPSC patch database. Password Use this to specify your HPSC password. HP recommends using a configuration file to specify your HPSC user ID and password. Values entered via the GUI are not automatically saved. Analyzers Select the checkbox for all analyzers you want used in this report. If no analyzers are selected, SWA will run with the default analyzers: QPK, SEC, and PCW. Quality Pack (QPK) The Quality Pack analyzer detects the revision of the current QPK bundle and selects available updates. Security Bulletins (SEC) The Security Bulletins analyzer will list all detected security bulletins that might apply to your system. These are announcements from HP regarding potential security issues and recommended actions to resolve them. Patches that Fix Critical Issues (CRIT) This analyzer detects patches that fix critical problems. Problems are categorized as critical based on the severity of the problem, not how likely the
30
problem might occur. Critical problems include system panics or hangs, process failures, data corruption, severe performance degradation, and application-specific critical issues. Patches with Critical Warnings (PCW) This analyzer detects installed, active patches with critical warnings. These patches might cause or expose a critical problem. The newest recommendable patch in the supersession chain will be reported. Patches with Warnings (PW) The PW analyzer detects installed, active patches with warnings. These patches might cause or expose adverse behavior. This category includes patches with critical warnings (PCW) and those with noncritical warnings (PNW). The newest recommendable patch in the supersession chain will be reported. Enable user ignore file Checking this option will cause SWA to use the $HOME/.swa/ ignore file on the CMS when running its report. If you select this option and no user ignore file exists, SWA will create a template ignore file for you. Other ignore files It is possible to use more than one ignore file when running a report. Enter as many ignore files as you like in the text box, delimited by any white space. If you enter a file that doesn't exist, SWA will display an error message. It might make sense for you to ignore the following types of issues: Manual actions SWA can't detect if security bulletin manual actions (other than installing specific versions of patches or software) have been taken, so after applying a manual action, add it to an ignore file to track that the action has been taken. Deferred actions If you've made a decision to defer addressing a particular issue for some period of time, after taking into account the risk of not addressing it, you might wish to add it to an ignore file until the issue is revisited or fixed. Be careful not to forget about these types of issues, since SWA will stop warning about them.
Ignore Files All ignore files indicated here correspond to the ignore_file extended option.
HP advises you to include comments in ignore files explaining who added an issue, why, and when. Auditors are likely to want this information documented and traceable. The ignore file template includes comments with instructions regarding syntax and how to add an issue. You must use the Issue ID given in the Detail report to identify issues in an ignore file. Configuration Files SWA commands are capable of accepting extended options from configuration files. You may specify additional configuration files in this text field, separated by white space. See Extended options (page 7) for more information. The Load button accesses the specified configuration files to populate the HPSC Account Information fields User ID and Password, and the Networking proxy under Advanced Options. HP recommends using a configuration file to specify your HPSC user ID and password. Values entered via the GUI are not automatically saved. The Windows configuration file template is located at
C:\Program Files\HP\HP-UX Software Assistant\swa.conf.template
This location assumes the C drive is your root drive and you used the default installation directory. Copy the configuration file template to a new location for editing, then add that file to the User Config Files text box.
Advanced Options
Display and hide the Advanced Options section using the expander buttons .
Generate report
31
Catalog Disable catalog update This option corresponds to the catalog_max_age extended option value of 1. By selecting this box, you are instructing SWA to skip the catalog download step. If this option is not checked, the behavior is for SWA to download a new catalog if the current catalog was created on the HPSC more than 24 hours ago. The creation date is based on the timestamp recorded inside the file. Because it's important to use the most current catalog from HP, this selection must be explicitly selected each time you want to disable the catalog download. Networking Disable crl check When downloading the catalog, SWA requires the Certificate Revocation List (CRL) to be updated and checked for the trusted Certificate Authority (CA) certificate being used to validate the remote server. This is the default behavior. You can skip the CRL check by selecting this box. Checking the CRL requires regular downloads from the CA, which can lengthen the SWA run time. Also, disabling the CRL check can sometimes be a workaround for errors. See Appendix B (page 45) for more information. Specify proxy With this, you may specify a proxy host and port (with optional HTTP basic authentication username and password) for accessing content using the relevant protocol. The following format is used:
http://[user:password@]proxy-server[:port]
For example,
http://web-proxy.mycompany.com:8088
If a username and password are specified as authentication credentials to your proxy server, HTTP basic authentication is used, which is a clear-text protocol (your password might be visible to others on your network). If you do not have a standard proxy, you can also specify an arbitrary command for downloading files use the download_cmd extended option. The HTTPS protocol is used for catalog download and the HTTP protocol is used to download the CRL. This proxy setting controls the default for all proxies. URL Target The url_target extended option is used in conjunction with download_cmd. It allows you to change the target string from %url to something else. See Example: Use SWA With a Gateway (page 24) for details on using %url. Download Command The download_cmd extended option can be used to override the default methods used by SWA to acquire content such as catalogs and patches. See Using the download_cmd extended option (page 23) for detailed information on this option.
32
NOTE:
The URL Target and Download Command options are disabled for non-privileged users.
To run this task at a later time, select . You must use a configuration file to specify your HPSC user ID and password when running scheduled jobs. Specify the configuration file on the SWA Options page. Values entered via the GUI are not automatically saved.
Task name This identifies the SWA task. You can choose any name you like. Use this name to find the task in the Viewing All Scheduled Tasks page. When would you like this task to run? Periodically when this option is selected, you can create a recurring task. Define the recurrence with the options available in the Refine Schedule area.
Generate report
33
Once This task will be run one time on the date and time specified in the Refine Schedule area. Not Scheduled By default, this task will not be run now or on a schedule. It will appear in the Viewing All Scheduled Tasks list where it can be managed. If you have selected Run now from the In Addition menu, it will be run immediately.
In addition: Use this area to augment the task information set above. You can add a task that runs when the SIM server reboots or make an immediate run. With the Disable this task check box, you can create a task with scheduling information that will not run until it is enabled from the View All Scheduled Tasks page. Once you have defined your recurring SWA task, select Done. Your task will then be scheduled and the All Scheduled Tasks page will be displayed. You might have to scroll to see your SWA task. You will be able to identify the task by the name you gave it and by the Tool identifier SWA Scheduled Task. You can manage the task from this page as described in Viewing All Scheduled Tasks (page 36).
34
To view the comprehensive analysis report for a specific system, select that system's radio button by clicking anywhere in its row. The full results include hyperlinks to detailed information on the HPSC for every patch and security bulletin issue found by SWA, plus direct links to download patches. See The HTML report (page 15) for information on interpreting the comprehensive report. To get SWA online help, select HelpFor This Page from the HP SIM toolbar, or select the question mark icon.
Review jobs
The Review Jobs page is available from the HP SIM menu bar via ToolsSoftware AssistantReview Jobs.... From here you can check the completeness of your jobs, view reports, and download the results for a single job to your local system. Select the Job ID radio button to see the multisystem summary report, and then the individual system name to access the comprehensive report. See The multisystem summary report (page 35) for more information. When you select a job to view its results or its comprehensive report, a new page opens. You can close the browser window when you are done reviewing the job results and return to the Review Jobs page. Download information about a job to your local system by selecting the Export button for that Job ID. A zip file is then created containing the table data from the Multisystem Summary Report (index.html), plus the HTML report for all systems. You can either save the zip file to your system or open it. By default, the zip file is named SwaReport.zip. NOTE: Depending on the number of systems included in a job, the creation of the Export zip file could take some time.
Review jobs
35
36
Task Instance Results information is available on this page for each run of the scheduled task. Selecting the SWA task you scheduled will allow a number of options: Run Now Regardless of the scheduling, run this task immediately. Disable Keep this task and its scheduling information, but do not run the task. This selection is only available for enabled tasks. Enable Allow this task to run as determined by its schedule. This selection is only available for disabled tasks. Edit Selecting Edit will take you to the SWA Scheduled Task page as shown below. On this page you can change the target systems. After your target systems are set, select Next > and then Schedule to change the scheduling information for this task as described in Running your SWA job in HP SIM (page 33).
Delete Removes the scheduled task completely. If you are not sure you want to permanently delete a task, you can instead Disable it until you are sure.
Requirements
In order to allow a non-privileged user to run SWA via HP SIM, that user must have: A login account for HP SIM. Login access to the target systems by either certificate or password. A home directory on each target system to hold temporary files.
Select New... From the New Authorizations section of the Users and Authorizations page, select the Manually assign toolbox and system/system group authorizations: radio button.
38
In the Select Toolbox(es): area, there are two possible selections for SWA: SWA Privileged and SWA Tools. SWA Tools will give the user access to all the SWA tools except the Download Command option. SWA Privileged allows the authorized user access to all the SWA tools plus the Download Command functionality. The Download Command functionality will be run with elevated privileges. Care must always be taken when giving this authorization to a user. See the Advanced Options Networking section in Setting report options for SWA in HP SIM (page 29) for more information on how to access the Download Command extended option in HP SIM, and Using the download_cmd extended option (page 23) for an overview. Selecting both SWA Tools and SWA Privileged is the equivalent of selecting SWA Privileged.
In the Select Systems: area, the CMS check box must be selected if you want the user to run the ToolsSoftware AssistantReview Jobs... tool, since that tool runs on the CMS. Use the Add... button to make collections, systems, or both available for selection. Then, select the collections and systems the user will be allowed to run SWA on.
Select OK
NOTE: The ability to schedule jobs as described in Using the SWA scheduling under HP SIM (page 26) is not available for authorized users.
39
HP contact information
For the name of the nearest HP authorized reseller: See the Contact HP worldwide (in English) webpage (http://welcome.hp.com/country/us/ en/wwcontact_us.html). In the United States, for contact options see the Contact HP United States webpage (http:// welcome.hp.com/country/us/en/contact_us.html). To contact HP by phone: Call 1-800-HP-INVENT (1-800-474-6836). This service is available 24 hours a day, 7 days a week. For continuous quality improvement, calls may be recorded or monitored. If you have purchased a Care Pack (service upgrade), call 1-800-633-3600. For more information about Care Packs, refer to the HP website (http://www.hp.com/hps).
In other locations, see the Contact HP worldwide (in English) webpage (http:// welcome.hp.com/country/us/en/wwcontact_us.html).
Subscription service
HP recommends you register your product at the Subscriber's Choice for Business website: http:// www.hp.com/united-states/subscribe/gateway After registering, you will receive email notification of product enhancements, new driver versions, firmware updates, and other product resources.
Documentation feedback
HP welcomes your feedback. To make comments and suggestions about product documentation, send a message to http://www.hp.com/bizsupport/feedback/ww/webfeedback.html. Include the document title and manufacturing part number. All submissions become the property of HP.
40
Related information
Documents
HP-UX Software Assistant Administration Guide HP-UX Software Assistant Reference HP-UX Software Assistant Frequently Asked Questions Patch Management User Guide for HP-UX 1 Systems 1.x HP-UX 1 Version 3 Release Notes 1i HP-UX 1 v3 Installation and Update Guide 1i The SWA manpages describe the commands and provide examples. The manpages are available from the HP-UX command line using the man command and are presented in the HP-UX Software Assistant Reference. swa(1M) swa-clean(1M) swa-get(1M) swa-report(1M) swa-step(1M)
Websites
HP-UX Software Assistant home page: http://www.hp.com/go/swa Download HP-UX Software Assistant: http://www.hp.com/go/swa-download HP-UX Software Assistant documentation: http://www.hp.com/go/swa-docs HP Support Center website: http://www.hp.com/go/hpsc. HP_UX_Docs Twitter account: http://www.twitter.com/HP_UX_Docs HP SIM support matrix: http://h18013.www1.hp.com/products/servers/management/hpsim/ supportmatrix.html
Typographic conventions
The following conventions are used in this document: Table 4 Typographic Conventions
Typeface Italics Book Title glossary term Key Bold Command File name Usage Emphasis Book titles Glossary term A keyboard key (Return and Enter refer to the same key) A selectable GUI or TUI item. Commands entered via the keyboard Files and directories Examples The VxVM components in the Ignite-UX install environment and the installation must be version 5.0. Ignite-UX Reference configuration clause Esc Go! bootsys -R /dev/dsk/c0t0d0
Related information
41
15.1.54.117 IP Address cfg "HP-UX b.11.23 Default" { } Seconds left until autoboot - 0 AUTOBOOTING...
Screen
[ ]
The contents are command options. If the ls [ -a ] contents are a list separated by |, choose mount [suid | nosuid ] one of the items. Extensive computer output or an excerpt source_type="NET" . . . } CAUTION: Any data on the client disks that are used for installation, including the operating system, are removed entirely as part of this installation process. IMPORTANT: You must select Save to enable the new boot menu option before selecting OK to exit. NOTE: Depending on your server, this screen might look slightly different.
. . .
CAUTION
An alert that calls attention to important information that if not understood or followed can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information. An alert that contains additional or supplementary information.
IMPORTANT
NOTE
42
$HOME/.swa/report/swa_report.html $HOME/.swa/swa.log
C:\Users\<username>\HP\HP-UX Software Job-specific log file when running HP SIM with an Windows Assistant\<username>\job_<ID>\swa-web.log CMS. C:\Users\<hpsc_user>\HP\HP-UX Software Assistant\swa_hpsim.log C:\Program Files\HP\HP-UX Software Assistant\swa.conf.template /etc/opt/swa/swa.conf /etc/opt/swa/swa.conf.template /opt/swa/lbin/configHPSIM SWA log file when running HP SIM on a Windows CMS. The default location for the configuration file template when using HP SIM on a Windows CMS. The system-wide SWA configuration file. An example configuration file outlining the usage of each extended option. Script to configure HP SIM for SWA. Only required if SWA is installed when HP SIM is installed but not running. HP SIM must be running when configHPSIM is run. Manpages. The default directory for downloading software before it is packaged in a depot. This directory can be set with the extended option swcache. Note that this directory can consume a significant amount of disk space. Directory that holds all clients' files generated from SWA within HP SIM. Files are kept in user and job-specific subdirectories. This directory might require significant space to support clients' analysis, catalog, inventory, and report files. The SWA log file when running HP SIM with an HP-UX CMS.
/opt/swa/share/man /var/opt/swa/cache
/var/opt/swa/HPSIM
/var/opt/swa/HPSIM/swa_hpsim.log
43
/var/opt/swa/HPSIM/user/job_<ID>/swa-web.log Job-specific log file when running HP SIM with an HP-UX CMS. /var/opt/swa/swa.log download.contents readBeforeInstall.txt SwaReport.zip Default log file. Lists all files downloaded from HP to the swcache. It is located in the swcache directory. Lists special installation instructions and dependencies for the patches in the depot. It is located in the depot directory. The default name for the file created by the Export button on the HP SIM Review Jobs page. It contains the table data from the Multisystem Summary Report, plus the HTML report for the selected system.
44
B Troubleshooting SWA
Log files
The HP-UX command line SWA log file details each SWA session. Its default location for root users is /var/opt/swa/swa.log. If you do not have permissions to write to the default file, the log file is written to $HOME/.swa/swa.log. Each action in the log file can be verified by looking in the swcache, the usercache, or the reports generated by SWA. Table 6 HP SIM log file locations
CMS Log files HP-UX Windows Job-specific log files HP-UX Filename /var/opt/swa/HPSIM/swa_hpsim.log C:\Users\<hpsc_user>\HP\HP-UX Software Assistant\swa_hpsim.log /var/opt/swa/HPSIM/<username>/job_<ID> /swa-web.log C:\Users\<username>\HP\HP-UX Software Assistant\<username>\job_<ID>\swa-web.log
Windows
Common errors
CRL checking error when getting catalog
Because of some changes in catalog acquisition, you might see an error like this:
* Getting Catalog of Recommended Actions and Software Certificate issued to VeriSign Class 3 Secure Server CA was not signed by the same certificate as the certificate revocation list (CRL) "http://crl.verisign.com/RSASecureServer.crl", specified by the "crl_url" extended option. It may be necessary to disable the CRL checking with the "crl_check" option.
This problem has been fixed in version C.02.1 HP recommends upgrading to the latest SWA 1. version to avoid this error. Download SWA from HP Software Depot at https://www.hp.com/go/ swa-download. You can also avoid this error by setting the crl_check option to false.
Log files
45
Proxy errors
A proxy server is sometimes required. If this is the case, and proxy settings are absent or incorrect, you might see an error like this:
ERROR: Failed to access authorization service.
You can specify a proxy server with the swa report extended option proxy. For more information, see swa-report(1M). If you do not have a standard proxy, you can specify an arbitrary command for downloading files. See the extended option download_cmd.
This note means HP SIM has not been configured to run SWA. See Installing SWA to use within HP SIM (page 9) for information on installing SWA for use within HP SIM, and the use of the mxinitconfig and configHPSIM commands.
46
Troubleshooting SWA
Glossary
A glossary term appears in boldface when used for the first time in the text of this manual. Italicized terms in the following glossary refer to other terms in the glossary.
A analysis analyzer A comparison of the inventory and the catalog to determine the recommended actions and applicable patches for installation. An option of the swa report and swa step analyze commands used to specify the type of analyses to run. Available analyzers are: CRIT, PCW, PW, QPK, SEC, CHAIN, and PATCH. If no analyzers are specified, the QPK, SEC, and PCS analyses are performed.
B bulletin bundle equivalency C-D cache catalog command line interface (CLI) E-G extended option Customizations for a major mode. They can be specified on the command line, in an option file, or in a configuration file. Inventory, catalog, analysis, and downloaded software stored by SWA on the target system. A list of known problems with HP-UX software and their fixes, located at the HP Support Center (HPSC). Text formatted commands and options entered at an HP-UX command line prompt or executed by a script. See security bulletin. The state of a system where all patches in a bundle that are capable of being installed are present or superseded by newer components.
H HP Support Center (HPSC) An HP support portal, http://www.hp.com/go/hpsc, with access to personalized support, forums, support case submittal, drivers, software downloads, firmware downloads, patch management, product pages, guided troubleshooting, top issues, warranty information, contract details, and software updates.
I-L inventory IT Resource Center (ITRC) M-O major mode MD5 A style of CLI of the format command <major mode>. SWA has the following major modes: report, get, clean, and step. Message Digest-5. Authentication algorithm developed by RSA. MD5 generates a 128-bit message digest using a 128-bit key. IPSec truncates the message digest to 96 bits. A list of all the software installed on a system. A deprecated HP portal, replaced by the HP Support Center (HPSC) in June 201 1.
P patch Software designed to update specific bundles, products, subproducts, filesets, or files on a system.
47
Guided patch analysis and selection software available on the HP Support Center that ensures your systems meet the HP recommended patch configuration. HP-UX Software Assistant has all the capabilities of the HPSC Patch Assessment Tool and more. See supersession chain.
A bundle of HP-UX defect-fix patches for proactive patching. QPK bundles are targeted for a particular version of HP-UX. The patches are tested as thoroughly as an operating system release.
R report S-T security bulletin Security Patch Check (SPC) Software Assistant (SWA) step The mechanism used by Hewlett-Packard to announce the presence of potential security issues and lists actions recommended to resolve the issue. SPC is superseded by HP-UX Software Assistant. Full support of SPC ended November 1, 2008. A tool that consolidates and simplifies patch management and security bulletin management on HP-UX systems. The SWA tool is new for HP-UX releases as of January 2007. One discrete action of the swa report or swa get command. SWA steps are initiated with the swa step command. Valid steps are: inventory, catalog, analyze, report, download, and depot. A series of patches for a software product, beginning with the nonpatched software product and progressing from the oldest patch to the newest patch. Newer patches completely replace the older ones. In general, patch numbers increase along a patch supersession chain. Files containing the software downloaded from the HP Support Center during the swa get or the swa step download command. These files are stored in the swcache directory. A summary of actions to take based on the analysis.
supersession chain
swcache
U-Z usercache Files created by swa report, such as the inventories of the systems or depots, the catalog, and the analysis file. These files are stored in the cache subdirectory.
48
Glossary
Index
Symbols
%url, 24 swa report, 6 swa step, 6 configHPSIM, 9 in error message, 46 configuration file adding HPSC login information, 1 1 HP SIM, 31 hp-ux, 7 CRIT analyzer in the Issue report, 20 overview, 14 CRL disabling crl_check in HP SIM, 32 error downloading, 46 error getting catalog, 45
A
Action report explained, 17 overview, 15 analyze depot, 5 overview, 5 analyze step, 6 analyzers, 14 see also automatic analyzers (AUTO) see also CHAIN analyzer see also CRIT analyzer see also PATCH analyzer see also PCW analyzer see also PW analyzer see also QPK analyzer see also SEC analyzer default, 14 overview, 14 setting in HP SIM, 29 specifying, 12 assessment profile explained, 16 overview, 12 automatic analyzers (AUTO) in the Issue report, 20 overview, 16
D
dependent applications, 8 depot analyzing, 5 and the Action report, 17 creating, 12 installing, 13 depot step, 6 Detail report explained, 21 overview, 15 detection confidence, 18 documentation release notes, 5 download patches overview, 5 download step, 6 download_cmd, 23
B
bundle equivalency, 17
C
catalog and analysis, 14 and the assessment profile, 16 downloading, 5, 1 1 failed to read error, 45 location, 43 out-of-date, 20 catalog step, 6 CHAIN analyzer in the assessment profile, 16 in the Issue report, 20 overview, 14 clean major mode, 6 commands configHPSIM, 9, 46 help, 7 mxinitconfig, 9, 46 overview, 5 swa clean, 6 swa get, 6
E
errors, common, 45 examples using SWA with a gateway, 24 using SWA without Internet access, 24 exporting reports from HP SIM, 35 extended options, 7
F
files .swa.conf, 7, 43 analysis, 6, 43 caches, 6, 12 catalog, 5, 6, 1 43 1, comprehensive report, 6 configHPSIM, 43 configuration, 7, 43 download contents, 44 downloading, 1 12 1, example configuration, 43 HP SIM directory, 43
49
HP SIM log, 45 HP SIM log file for HP-UX CMS, 43 HP SIM log file for Windows CMS, 43 HP SIM root directory, 44 HP-UX log, 45 HPSIM config file template, 43 HPSIM configuration, 43 ignore, 13, 21, 43 inventory, 6, 43 job-specific HP SIM log file for HP-UX CMS, 44 job-specific HP SIM log file for Windows CMS, 43 list of useful files, 43 log, 43, 44 manpages directory, 43 options, 7 readBeforeInstall.txt, 13, 44 report, 15, 43 swa.conf, 7, 45 swa.conf.template, 7 swa_analysis.xml, 6 swa_catalog.xml, 6, 45 swa_report.html, 6 SwaReport.zip, 35, 44 swcache, 43
I
ignore file adding actions, 13 issue id, 21 using more than one, 13 installing SWA, 8 for HP SIM, 9 getting the software, 8 requirements for HP-UX, 8 requirements for Windows, 8 inventory file and analysis, 14 and the assessment profile, 16 forcing an update, 13 location, 43 inventory step, 6 issue ID, 21 Issue report explained, 19 overview, 15
G
gateway server, 24 get major mode, 6 glossary, 47
J
Java requirements, 8
H
help, 7 HP SIM allowing non-privileged users to run SWA, 37 client directory, 43 configHPSIM command, 9 errors related to SWA, 46 exporting reports, 35 how to run jobs, 26 HPSC login information, 30 installing SWA, 9 job-specific log file for HP-UX CMS, 44 job-specific log file for Windows CMS, 43 log file for HP-UX CMS, 43 log file for Windows CMS, 43 managing tasks, 36 menu options, 26 mxinitconfig command, 9 reviewing past jobs, 35 root directory, 44 scheduling jobs, 26, 33 setting analyzers, 29 setting options, 29 specifying configuration files, 31 HP-UX Software Assistant see SWA HPSC getting access to patch download, 8, 1 1 login information, 1 1 login information and scheduled jobs, 26
50 Index
L
log files alternative, 43 default, 44 HP-UX, 45 Windows, 45
M
major modes, 6 clean, 6 get, 6 report, 6 step, 6 manpages directory, 43 manual actions in the Action report, 18 in the ignore file, 13 overview, 12 MD5, 5, 13 media, 8 menu options in HP SIM, 26 mxinitconfig, 9 in error message, 46
O
options file, 7 overview, 5
P
PATCH analyzer in the assessment profile, 16 in the Issue report, 20 overview, 14 PCW analyzer overview, 14 proxy errors, 46 using, 23 using in HP SIM, 31, 32 PW analyzer in the Issue report, 20 overview, 14
major modes, 6 media, 8 overview, 5 recommended version, 8, 9 software, 8 troubleshooting, 45 uninstalling, 10 SwaReport.zip file, 35, 44 swcache default directory, 43 downloading software, 12 freeing disk space, 6 write access, 6
U
uninstalling SWA, 10 url_target in HP SIM, 32 in HP-UX, 24 usercache freeing disk space, 6
Q
QPK analyzer in the Issue report, 19 overview, 14 QPK bundles in the Action report, 17 with warnings, 19
V
version of SWA to use, 9 required for HPSC access, 8
R
readBeforeInstall.txt file, 13, 44 report major mode, 6 report step, 6 reports Action, 17 Detail, 21 detailed overview, 15 HTML, 15 Issue, 19 overview, 5 requirements, 8 reviewing past jobs, 35
W
websites list, 41 SWA download webpage, 9 Windows installation requirements, 8 installing SWA, 9
S
scheduling jobs GUI walkthrough, 33 HPSC login information, 26 procedure, 26 SEC analyzer in the Issue report, 19 overview, 14 software, 8 step major mode, 6 steps analyze, 6 catalog, 6 depot, 6 download, 6 inventory, 6 report, 6 using the step major mode, 6 SWA command structure, 5 installing, 8 latest version, 5, 9
51