IBM AIX 7.2 with Technology Level 5 Release Notes
Read before installing
Before you use this software, you should go to the Fix Central website and install the latest available fixes that address security vulnerabilities and other critical issues.
The latest installation hints and tips are available at the IBM® Power® server bulletins website.
Software License Agreements
There are instances where the Software License Agreements (SLA) might not be displayed correctly. In this event, the License Agreements can be viewed for all languages at the Software license agreements website.
Software Maintenance Agreement
In AIX® 7 with 7200-05, a separate Software Maintenance Agreement (SWMA) acceptance window displays during installation immediately after the license acceptance window. The response to the SWMA acceptance (accept or decline) is stored on the system, and either response allows the installation to proceed, unlike license acceptance, which requires an accept to proceed.
The SWMA acceptance window is displayed during a New Overwrite or Preservation installation from base CD media.
For base CD media New Overwrite or Preservation installations, if a non-prompted installation is
wanted, the ACCEPT_SWMA field in the control_flow stanza of the bosinst.data file
should be set to
yes (to accept the SMWA terms) or
no (to decline
the SWMA terms). The ACCEPT_SWMA field is set to blank by default.
For NIM installations, if licenses have been accepted either from the choices made when initializing the installation, or by using the ACCEPT_LICENSES field in a customized bosinst.data file, then this will constitute SWMA acceptance.
Fixes and problem-solving databases
You can download AIX fixes and search technical databases
Tips for AIX
administrators), at the Fix Central website.
Security subscription services are available at My notifications website.
After you subscribe to the AIX security advisories, you will receive the advisories by email as soon as they are published.
AIX 7 with 7200-05 includes support for enhancing AIX software with mitigations against speculative-execution vulnerabilities. AIX applications and kernel extensions may use the new cpu_context_barrier and cpu_speculation_barrier services to protect against attacks from untrusted sources. For more information about these services, view their description on the IBM Documentation Technical Reference topic.
Review the following information to determine the minimum and recommended system requirements that are needed to run AIX 7 with 7200-05.
Only 64-bit Common Hardware Reference Platform (CHRP) machines that are running selected POWER7®, POWER8®, POWER9™, and Power10 processors that implement the Power Architecture® Platform Requirements (PAPR) are supported.
prtconf | grep 'Processor Type'
I/O devices IPL limitation
Because of a firmware memory size limitation, only I/O devices in the first 144 I/O slots that are assigned to a logical partition or single system image partition can be used as an IPL (boot) source.
- Select .
- Click the Bus column to sort the I/O devices in ascending order.
The first 144 I/O devices in the sorted list are in the bootable adapter slots.
If you are using a partition or single-system image partition with more than 144 assigned I/O slots, the following scenarios and their results and resolutions are possible.
|Attempting to boot from a device beyond the first 144 I/O slots for installation or diagnostic purposes.||The device is not selectable as a boot source from the SMS menus.||Use a device in the first 144 I/O slots.|
|Booting from a device in the first 144 I/O slots, and then attempt to select a target installation device in a slot beyond the first 144 I/O slots.||The boot will succeed to the installation menus, but devices beyond the first 144 I/O slots will not be listed as bootable installation targets in the AIX menus.||Select a device that is available and marked as bootable.|
|Using an MPIO configuration where one adapter is in the first 144 I/O slots and another adapter is in a slot beyond the first 144 I/O slots. Both adapters are present at boot time.||The boot will succeed to the installation menus, and the device will be listed
as bootable in AIX installation menus. The installation will
proceed, but it will fail with the bootlist command failure
unable to set bootpath for all paths.
|Use a device in the first 144 I/O slots for all paths.|
|Using DLPAR to add an adapter in a slot beyond the first 144 I/O slots, and then attempting to run the alt_disk_install command for the newly added device.||The device will not be listed as bootable.||Use a device in the first 144 I/O slots.|
|Using DLPAR to add an adapter in a slot beyond the first 144 I/O slots, and using the bootlist command to add the device as a bootable device (for example, by dynamically adding a redundant path to a current boot device or setting up for a network boot). Then removing the original adapter and rebooting.||The bootlist command succeeds, but the boot fails from the specified device, and AIX will not receive control.||Use a device in the first 144 I/O slots.|
|Using DLPAR to add an adapter whose probe order will make it displace a current bootable device, and then rebooting.||The boot fails, and AIX will not receive control.||Move the boot device to one of the first 144 I/O slots or remove the previously added device.|
|Selecting a device in a slot beyond the first 144 I/O slots as a dump device for a firmware-assisted dump.||The sysdumpdev command does not allow devices in slots beyond the first 144 I/O slots to be selected as firmware-assisted dump storage devices. An error occurs during the firmware-assisted dump configuration, and a traditional AIX dump automatically becomes available.||Use a device in the first 144 I/O slots for firmware-assisted dumps.|
|Using DLPAR to add an adapter whose probe order will make it displace a currently valid firmware-assisted dump target device, and then rebooting after the dump.||The firmware-assisted dump process fails during the boot process and displays an error message. The traditional AIX dump still runs to retrieve the dump image.||Avoid displacing the selected firmware-assisted dump target device or reconfiguring the sysdumpdev command for the firmware-assisted dump target device selection, and specify a device within the first 144 I/O slots.|
|Using DLPAR to add an adapter whose probe order will make it displace a currently valid firmware-assisted dump target device, and then rebooting.||The sysdumpdev command does not allow devices in slots beyond the first 144 I/O slots to be selected as firmware-assisted dump storage devices. An error occurs during the firmware-assisted dump configuration, and a traditional AIX dump automatically becomes available.||Use a device in the first 144 I/O slots for firmware-assisted dumps.|
AIX 7 with 7200-05 minimum current memory requirements vary, based on the configuration.
A minimum current memory requirement for AIX 7 with 7200-05 is 2 GB.
AIX 7 with 7200-05 requires the minimum current memory requirement to increase as the maximum memory configuration or the number of devices scales upward, or both. Larger maximum memory configurations or extra devices scale up the minimum current memory requirement. If the minimum memory requirement is not increased along with the maximum memory configuration, the partition hangs during the initial program load (IPL).
Host Ethernet Adapter memory requirements
Configurations containing a Host Ethernet Adapter (HEA) require more memory than the 2 GB minimum. Each logical HEA port that is configured requires an extra 102 MB of memory. The minimum memory requirement for configurations with one or more HEA ports that are configured, where n is the number of HEA ports, is 512MB + n*102MB.
Paging space requirements
AIX 7 with 7200-05 creates a 512 MB paging space (in the /dev/hd6 directory) for all new and complete overwrite installations.
Large page (16 MB/16 GB) zeroing enhancements
pgz_modetunable that is available with the vmo command to reduce the time that is needed to zero the pages by zeroing the pages in a nonuniform memory access (NUMA) aware parallel manner by using multiple kernel threads. You can specify the following values for the
- Serial mode
- The default option for previous release of the AIX operating system.
- Synchronous parallel mode
- Pages are deleted in parallel and in context of the thread that initiated the deletion.
- Asynchronous parallel mode
- The thread that initiated the deletion, offloads the work of zeroing the pages in parallel to a kernel process and continues with the deletion process.
Large page (16 MB) pool creation and resizing enhancements
lgpg_sizetunable and the
lgpg_regionstunable that are part of the vmo command. You can use the
pgz_lpgrowtunable that is available with the vmo command to reduce the time that is needed to create or resize the 16 MB page pool by zeroing the large pages in parallel and by using multiple kernel threads. You can specify the following values for the
- Serial mode
- The default option for previous release of the AIX operating system.
- Synchronous parallel mode
- Pages are zeroed in parallel and in context of the vmo command.
- Asynchronous parallel mode
- The vmo command offloads the work of zeroing the pages in parallel to a kernel process and continues to the next step in the pool creation or resizing process.
AIX Version 7.2 requires a minimum of 20 GB of physical disk space for a default installation that includes all devices, the Graphics bundle, and the System Management Client bundle.
|/||128 MB (49 MB)|
|/usr||2368 MB (2061 MB)|
|/var||192 MB (34 MB)|
|/tmp||128 MB (2 MB)|
|/admin||128 MB (1 MB)|
|/opt||64 MB (17 MB)|
|/var/adm/ras/livedump||256 MB (1 MB)|
- If the /tmp directory has less than 64 MB, it is increased to 64 MB during a migration installation so that the AIX 7 with 7200-05 boot image is successfully created at the end of the migration.
- The boot logical volume must be of size 32 MB. The pre-migration script in the usr/lpp/bos directory on your media or in your NIM Shared Product Object Tree (SPOT) will check the storage space. During the migration operation, hd5 (the boot logical volume) will be increased if necessary. The logical partitions must be contiguous and must be located within the first 4 GB of the disk.
You must format the SCSI disk properly before you install the AIX operating system on it. The AIX operating system requires the disk to be formatted to a sector size supported by the attached SCSI controller. All AIX SCSI controllers support 512 byte sector SCSI disks. The 522 byte sector SCSI disks are supported only when they are attached to SCSI RAID controllers. If the disk has been formatted for SCSI RAID, but is not attached to a SCSI RAID controller, the disk might not configure. If the disk does configure, it might be unreadable in the AIX environment. In some instances, the certify function and the format function in AIX diagnostics can be used to reformat the disk for the attached SCSI controller.
If any existing file system has a mount point in the /opt directory, or a mount point of /opt itself, the new logical volume, and file system are not created.
The AIX_FCPARRAY driver is not supported in AIX 7 with 7200-05. Before you migrate to AIX 7 with 7200-05, you must use the manage_disk_drivers command to convert any FCP array disks from the AIX_FCPARRAY driver to the AIX_AAPCM driver. The AIX_AAPCM driver supports Multiple Path I/O (MPIO) devices.
SAS RAID controllers and Fibre Channel controllers support attached arrays and disks with capacities, which exceed 2 TB. The maximum supported capacity (beyond 2 TB) is limited by either the attached storage subsystem or the higher level logical storage management.
For additional information about SAS RAID controllers, see the SAS RAID controller for AIX topic.
For information about AIX capacity limitations for logical storage, see the Limitations for logical storage management topic.
VPM throughput mode changes for Power10
When Power10 systems run in shared processor mode, the default value of the throughput mode for the virtual processor management (VPM) is 2. When you migrate the system to or from a Power10 system, and later, the AIX operating system automatically changes the default value of the throughput mode for the VPM. During boot operation, the AIX operating system selects the default value of the vpm_throughput_mode tunable parameter of the schedo command based on the type of server on which the LPAR is running. The value of the vpm_throughput_mode tunable parameter that is selected by the AIX operating system is preserved and used on the destination server. On Power10 systems, you can switch to the recommended value of 2 for the vpm_throughput_mode tunable parameter by using the following command:
schedo -d vpm_throughput_mode
This section contains information about installing AIX 7.2 that supplements the information that is contained in the Installation and Migration topic.
Installing AIX 7 with 7200-05
- Complete overwrite installation
- Preservation installation
- Migration installation
# installp -e /tmp/install.log -agXd software_source bos.dsc. If you use the base media to update, some ODM settings (such as SRC subsystems settings) might be lost. If you use base media, or a software source create from base media, for an update_all operation, previous history of your software installation will be removed. Whenever a base image is installed, the history of the fileset installations are reset. The history is maintained when service updates are used for an update_all operation.
The minimum size of the boot logical volume is 24 MB. If your current boot logical volume is 16 MB or less, the installation process tries to increase it. However, partitions in a boot logical volume must be contiguous, and within the first 4 GB on the disk. If your system does not have free space that meets these requirements, a message indicates that there is not enough space to expand hd5 (the boot logical volume).
To install AIX 7 with 7200-05, follow the instructions in the Installing the base operating system topic.
Installing AIX using a USB flash memory stick
AIX 7 with 7200-05 supports installation
using a USB flash memory stick on POWER8 systems, and
later. A USB flash memory stick containing an AIX installation
image can be created by first downloading the AIX installation
image from the IBM Entitled System Support website. A
single volume installation image of AIX 7 with 7200-05 is made available on the IBM Entitled System Support website for writing to USB flash
memory. After downloading the AIX installation image, the
image can be written to a USB flash memory stick. IBM
recommends using a recently manufactured USB flash memory stick. The minimum capacity requirements
of the USB flash memory stick for AIX installation is 16 GB.
On an AIX or a Linux®
based system, the image can be written to a USB flash memory stick using the
$ dd if=/dev/cd0 of=/dev/usbms0 bs=4k
Comparable commands exist on Windows-based machines for writing the installation image to a USB flash memory stick.
bootlistcommand can only recognize the USB flash memory stick (usbmsX) as a bootable device if the USB flash memory stick was present during IPL of the AIX partition. On POWER8 systems, and later, the SMS menus can always be used to assign the USB flash memory stick as the boot source.
AIX and IBM Power Systems USB implementation is compliant with relevant USB standards. In the unlikely event a USB flash memory stick is not properly recognized by AIX, IBM recommends using a different brand of device.
NIM installations with updated LPP_SOURCE
NIM installations by using an LPP_SOURCE directory that contains base images from a prior release and that contains updates to the current release require that you use an image_data resource during operating system installations.
When you use an LPP_SOURCE directory that contains base images from a prior release and updates to the current release, create an image_data resource to use for any operating system installations. The SPOT must be updated with the updates added to the LPP_SOURCE directory, or a new SPOT must be created. In that SPOT, copy the image.template file that is found at <SPOT_LOCATION>/lpp/bosinst/image.template to a new location outside of the SPOT. Create a new NIM image_data resource that points to that location. Use that NIM image_data resource for all operating system installations.
Certain file systems have grown in size, and the default image.data file that is used during an operating system installation comes from the bos image in your LPP_SOURCE directory, which is the prior release image.data file.
Update Access Keys on Power10
IBM Power10, or later processor-based servers include an AIX update access key (UAK) that is checked when you update the AIX operating system. UAKs include an expiration date. Informational messages are generated when the release date for this AIX operating system has passed the expiration date of the UAK. Informational messages are also generated when the server boots or during the live partition mobility (LPM) operation and the current AIX operating system level has passed the expiration date of the UAK. Additionally, the server periodically checks and informs the administrator about UAKs that are about to expire, UAKs that have expired, or UAKs that are missing.
Support for Update Access Keys on Power10 processor-based servers is included in IBM AIX 7.2 with Technology Level 5 and Service Pack 7200-05-03-2136, or later, and AIX Version 7.1 with the 7100-05 Technology Level and Service Pack 7100-05-09-2136, or later.
Network Installation Management
Network Installation Management (NIM) includes a readme file that is installed with the NIM Master bos.sysmgt.nim.master file set. The path name of the file is /usr/lpp/bos.sysmgt/nim/README.
Java Technology Edition
IBM software development kit (SDK) and Java™ Runtime Environment (JRE) for AIX, Java
Technology Edition is released in JavaV.x
filesets, where V represents the version of Java, such
as Java 8, and x is the individual file set, such as
|Java Version||Base media DVD1||Base media DVD2||Expansion pack|
|Java Version 5 (32 bit)||None||None||None|
|Java Version 5 (64 bit)||None||None||None|
|Java Version 6 (32 bit)||None||None||All|
|Java Version 6 (64 bit)||None||None||All|
|Java Version 7 (32 bit)||None||None||All|
|Java Version 7 (64 bit)||
|Java Version 7.1 (32 bit)||None||None||All|
|Java Version 7.1 (64 bit)||None||None||All|
|Java Version 8 (32 bit)||None||None||All|
|Java Version 8 (64 bit)||All except non-Japanese message filesets||Remaining message filesets||None|
Only Java Version 8 will be installed for new overwrite or
preservation operating system installation. For these installations, the PATH
variable in the /etc/environment file will point to
If you upgrade to AIX 7 with 7200-05 or
perform an operating system migration, all previous levels of Java remain on the system, and the /etc/environment
PATH variable is not changed. Later, if you remove the previous levels of Java (Java Version 5, Java Version 6, and Java
Version 7), then you must change the /etc/environment
PATH variable to point to
- By default, Java Version 5 software is removed when you
migrate to AIX 7 with 7200-05. However, you
can keep Java 5 by changing the selection in the base
operating system installation menus, or in the NIM bosinst_data resource.
After the migration is complete and Java 5 is removed, you
must change the PATH variable to java8_64 in the
/etc/environment file. Note: Java 5 is not available on the AIX Version 7.2 base media or Expansion Pack media. Other versions of Java are available on the AIX Expansion Pack media.
- Java Version 6: No support for security vulnerabilities.
It is recommended to use
java8_64. There is no support for security
vulnerabilities in Java Version 5 and Java Version 6.
To check whether a more recent service refresh is available for a version of Java, see the AIX Download and service information website.
- This fileset contains a new library called libxerces.a in the /usr/lib directory. While installing the AIX operating system, you must first install the bos.xerces.lib fileset before installing the bos.net.ipsec.keymgt and bos.aixpert.cmds filesets because the libxerces.a library of the box.xerces.lib fileset is used by the IP Security (IPsec) and AIXPert technologies. To include the box.xerces.lib fileset in the LPP_SOURCE directories, you must use the bos.sysmgt.nim fileset.
- bos.decrypt, bos.kmip_client
- This filesets are required for logical volume encryption. These filesets are not installed automatically when you run the smit update_all command or during an operating system migration operation. You must install it separately from your software source such as a DVD or an ISO image.
- This fileset contains new commands cdpd and cdpctl that are used to receive Cisco Discovery Protocol (CDP) messages for discovering other Cisco devices that are directly connected to the AIX logical partition. The cdpd command runs as a daemon to receive CDP packets that are sent by the resource controller. The cdpctl command controls the CDP daemon by configuring the network interface that is physically connected to the Cisco device.
- This fileset contains BIND 9.16 support for AIX operating system that is available in AIX 7.2, Technology Level 5 Expansion Pack. For more information, see AIX 7.2 with Technology Level 5 Expansion Pack Release Notes.
bos.net.tcp.*filesets are shipped as individual images, instead of including them with the
bos.netimage. You can now remove unwanted filesets from a NIM installation that uses an
The core code for each original fileset is in the bos.net.tcp.client_core and bos.net.tcp.server_core filesets. Requisites for software that is shipped with the AIX operating system (the bos.net.tcp.client and bos.net.tcp.server filesets) are changed to the bos.net.tcp.client_core and bos.net.tcp.server_core filesets. Additional requisites are added to the other new fileset as needed.
The original filesets still exist to satisfy any requisites from other software. The original filesets have requisites to all the new filesets to ensure that all the requirements are met.
To remove any of the new filesets, you must first remove either the bos.net.tcp.client fileset or the bos.net.tcp.server fileset. To remove the bos.net.tcp.client fileset, the bos.net.tcp.server fileset, or a new fileset, run the lslpp -d fileset_name command. If no other software has requisites to the fileset that you want to remove, the removal is possible.
During an operating system migration, code changes occur, so that all the system configuration and user configurable files, which were owned by the bos.net.tcp.client and bos.net.tcp.server filesets, are merged by the new filesets that now own the files.
The list of new filesets follow:
The encoded software in the bos.net.uucp fileset moved to the bos.net.uucode fileset.
You can do an operating system migration to AIX 7 with 7200-05 from any level of the AIX operating system, on a system that supports AIX 7.2 boot. Installing any new level of AIX requires more disk space than previous levels. Verify that you have enough free space in the file systems, or that you have free partitions in the rootvg. Migrating requires slightly more free space than a basic installation.
If you are using a NIM lpp_source created with a prior level base media and later levels of updates added, you should initially create the lpp_source with the base media at the same release date or later than the level of AIX 5.3, AIX 6.1, or AIX 7.1 that you are migrating from. The last 4 digits of the output of the oslevel -s command represent the year and week of the service pack currently installed (YYWW).
ioo -p -o j2_inodeCacheSize=400 -o j2_metadataCacheSize=400
If the issues are not fixed after you change the values for the j2_inodeCacheSize and the j2_metadataCacheSize tunable parameters, you can contact IBM Support.
- Run the installp command to upgrade from AIX 7.2.4 to AIX 7.2.5.
- Run the hmcauth command to authenticate with the HMC.
- Run the Live Update operation to check for upcoming interim fixes.
IBM License Metric Tool
The IBM License Metric Tool (ILMT) version 7.2 is no longer supported. To learn more about the replacement version of ILMT Version 9.x, go to IBM License Metric Tool 9.2.
IBM PowerSC Trusted Surveyor
IBM PowerSC Trusted Surveyor is not supported in AIX 7 with 7200-05. If you are migrating to AIX 7 with 7200-05, you must remove the powersc.ts fileset before you start the migration process. If you have WPARs that you are migrating, you must verify that the powersc.ts fileset is not installed on the WPARs.
Reliable Scalable Cluster Technology (RSCT)
When you upgrade to AIX 7 with 7200-05, RSCT Version 126.96.36.199 is installed and replaces the previous version of RSCT. For more information about RSCT, see the IBM Docs for RSCT 3.2.
AIX 7.2 and RSCT Version 188.8.131.52 no longer support the Virtual Shared Disk (VSD) and Low-level Application Programming Interface (LAPI) products. If these products are already installed from an older code level, both the rsct.vsd and rsct.lapi.rte filesets must be removed before migrating to AIX 7 with 7200-05. If you have third-party products that use VSD, you must review the current Spectrum Scale product offerings for a replacement.
The dsm.core ships a /etc/ibm/sysmgt/dsm/overrides/dsm.properties file, which allows the user to override SSH configuration. If this file was modified, the file needs to be backed up manually before an update or a migration, as it is overwritten.
If you migrate any previous version of the AIX Common Operating System Image (COSI) and associated AIX Thin Servers to the AIX 7 with 7200-05, it is recommended that you delete any dump device that is associated with the migrated Thin Servers and re-create the Thin Servers.
Additionally, you must install the devices.tmiscsw.rte fileset on the NIM master for the AIX 7 with 7200-05 Thin Server to create a dump device. The devices.tmiscsw.rte fileset is available in the AIX Expansion Pack.
IBM Subsystem Device Driver
AIX Version 7.2 does not support the IBM Subsystem Device Driver (SDD) for IBM TotalStorage Enterprise Storage Server®, the IBM TotalStorage DS family, and the IBM System Storage® SAN Volume Controller. If you are using SDD, you must transition to Subsystem Device Driver Path Control Module (SDDPCM) or AIX Path Control Module (PCM) for the multipath support on AIX for IBM SAN storage. SDD to SDDPCM migration scripts are available to help you with the transition.
Contact IBM storage technical support to request access to the migration scripts.
For more information about the available multipath I/O solutions and supported AIX versions for IBM SAN storage products, see the IBM System Storage Interoperation Center (SSIC) website.
IBM Db2® Version 11.1 with FP5 is available on the AIX base media. You can upgrade your Db2 environment from Db2 Version 10.5, 10.1, or 9.7 to Db2 Version 11.1. For more information about upgrading to Db2 Version 11.1, see the Upgrade to Db2 Version 11.1 topic.
This section contains information about configuring the AIX operating system.
Dynamic queue depth for MPIO devices
A dynamic change occurs when you change a device attribute while the device is in the opened
state. In the AIX operating system, you can
change certain device attributes while the device is in the opened state by running the
chdev command with the -U flag. In AIX 7 with 7200-05, you can dynamically change the
queue_depth attribute for MPIO devices.
For each device that the AIX scsidisk
device driver manages, a separate command queue is created. This queue is used as a buffer for the
SCSI commands that are sent to the device. The
queue_depth attribute represents the
maximum number of SCSI commands that are allowed in the queue. The initial setting for the
queue_depth attribute is configured in the ODM when the device is installed. In
previous releases of the AIX operating
queue_depth attribute was static when a device was in the opened state.
In AIX 7 with 7200-05, you can change the
queue_depth attribute while the disk is in an opened state by running the
chdev -U -l hdiskX -a queue_depth=NEW_VALUE command, where
NEW_VALUE is the new queue depth.
- IBM DS8000®
- IBM XIV®
- EMC Symmetric family
- IBM Spectrum® Virtualize
AIX 7 with 7200-05 supports scheduling periodic diagnostics multiple times a day instead of only once per day. To schedule periodic diagnostics multiple times a day, run the diag command and select and specify a time interval between each test.
AIX 7 with 7200-05 supports formatting and certifying up to 10 disks in parallel instead of a single at a time. To format or certify multiple disks, run the diag command and from the Task Selection menu, select Certify Media in Parallel or Format Media in Parallel. All eligible resources are displayed in a list. You can select up to 10 disks from the list. The status of the operation is updated every 5 seconds. The time the operation takes to complete for each disk is based on various factors such as disk type, size, and speed.
Limitations and restrictions
This section lists restrictions and limitations that apply to AIX 7 with 7200-05.
Upgrading IBM Security Directory Server
IBM Security Directory Server Version 6.4 is available on the AIX base media. To upgrade to Security Directory Server Version 6.4, you must upgrade from Security Directory Server Version 6.3. For instructions about upgrading to Security Directory Server Version 6.4, see the Upgrade an instance of IBM Security Directory Server topic.
You might have to manually accept the license terms when you install IBM Security Directory Server version 184.108.40.206, or later, with the AIX operating system. The installation process stops until the license terms are accepted, which prevents an unattended installation when the license is not already installed. For more information, see the License acceptance required for Security Directory Server 220.127.116.11 (or later) topic.
AIX 7.2 Enterprise Edition 1.1, or later
Previous versions of AIX Enterprise Edition included IBM® Tivoli® Monitoring Version 6.2.3 and Version 6.3.0. However, AIX 7.2 Enterprise Edition 1.1, or later, includes only Tivoli Monitoring Version 6.3.0. To use AIX 7.2 Enterprise Edition 1.1, or later, you must upgrade to Tivoli Monitoring Version 6.3.0.
OpenSSL version 1.0.2
OpenSSL 0.9.8 shared objects (libcrypto.so.0.9.8 and libssl.so.0.9.8) are also included in the OpenSSL 18.104.22.1680 fileset libraries for compatibility with earlier versions of OpenSSL.
OpenSSL versions 0.9.8 and 1.0.1 are no longer supported by IBM. The OpenSSL 0.9.8 shared objects are retained in the libraries as is. You should update your applications to use the newer version of the OpenSSL libraries.
Applications must use OpenSSL version 1.0.2 shared objects (libcrypto.so or libcrypto.so.1.0.0, and libssl.so or libssl.so.1.0.0) that are included in libraries of OpenSSL 22.214.171.1240 fileset to continue using the supported version of OpenSSL.
Hardware cryptography capability and OpenSSL version 126.96.36.1990
- Any existing applications that use an older version of the OpenSSL fileset must be recompiled with the latest headers and relinked to the newer 1.0.2 libraries that are included with the OpenSSL 188.8.131.520 fileset.
- Applications that use the dlopen function to load the 0.9.8 version of the OpenSSL shared objects must be reconfigured to load the 1.0.2 version of the OpenSSL shared object.
- A future OpenSSL release that is incompatible must be recompiled with the latest headers and relinked with the newer binaries.
To download the latest version of the OpenSSL fileset, go to the AIX Web Download Pack Programs website.
OpenSSH Version 8.1p1
- The OpenSSH file set includes the patch for GSSAPI Key Exchange feature.
- The OpenSSH file set has been compiled with openSSL 1.0.2u version.
- All of the vulnerabilities reported in the higher version of openSSH (including 8.3p1 release) have been back ported to this file set.
OpenSSH 6.0p1 with VRMF 184.108.40.20604, or earlier, OpenSSH 7.1p1 with VRMF 220.127.116.110, or earlier, and OpenSSH 7.5p1 with VRMF 18.104.22.1680 or earlier are no longer supported. To download the latest version of the OpenSSH fileset, go to the AIX Web Download Pack Programs website.
GSKit version requirement for NIST compliance
GSKit version 22.214.171.124 is provided on the AIX 7 with 7200-05 Expansion Pack media.
You must use GSKit version 126.96.36.199, or later, when you use IP Security with Rivest-Shamir-Adleman (RSA) key lengths that are greater than 2048 bits. The minimum RSA key length of 2048 bits is a requirement for complying with the National Institute of Standards and Technology (NIST) standard as defined in Special Publication 800-131A. When you generate certificates for IP securiy (IPSec), consider the requirements listed in Installing the IP security feature.
nmon command changes
The behavior of the nmon recordings for the PCPU and SCPU sections are not recorded by default in AIX Version 7.2. To enable the recording of the PCPU and SCPU sections, run the nmon recording with the -y PCPU=on,SCPU=on options. When the PCPU and SCPU sections are enabled, the recorded format is the same as the format in previous versions of the AIX operating system. For more information about the nmon command, see the nmon command topic.
The previous version of Perl was upgraded to Perl Version 5.28.1 in IBM AIX 7.2 with Technology Level 5. Perl is a separate 3rd-party open source package that is not owned by IBM. The Perl package might not preserve full compatibility across all versions. If you are moving Perl scripts to version 5.28.1, you must complete an evaluation of the scripts to verify that they continue to work as expected. For more information about Perl, see the Perl Programming Documentation website.
Code removed from AIX Version 7.2
- Fcparrayhead driver
- graPHIGS programming interface
- Network Computing System 1.5.1 (bos.net.ncs fileset)
- Network Data Administration Facility (NDAF)
- Network Information Services + (NIS+)Note: NIS is still available.
- IBM Systems Director Console for AIX
- IP over Fibre Channel (FC) driver
Licensed programs not supported in AIX Version 7.2
- AIX Fast Connect
- Performance Toolbox for AIX
- IBM PowerSC Trusted Surveyor
- AIX Profile Manager
CIFS client fileset
The bos.cifs_fs software package has moved to the AIX Version 7.2 Expansion Pack media. The Common Internet File System (CIFS) client is provided as-is (without support).
Shared processor partition virtual CPU limit
The shared processor partitions in the AIX operating system are limited to a maximum of 128 virtual processors. Each virtual processor contains up to eight hardware threads and allows up to 1024 logical processors for POWER8 systems that run in SMT8 mode. If your configuration requires more AIX LPAR processors, you must use dedicated processors.
IBM AIX Version 7.2 Documentation
To view the most current version of the AIX Version 7.2 information, see the IBM Documentation for AIX website.
IBM Hyperconverged Systems
AIX on IBM Hyperconverged Systems that are powered by Nutanix provides simplified management through a hyperconverged infrastructure. You can run AIX Version 7.2.2 with Service Pack 2, or later, and APAR IJ05283 on IBM Hyperconverged Systems with POWER8 based CS821 and CS822 nodes.
AIX Version 7.2.2 with Service Pack 2, or later, runs fully virtualized on the Nutanix Acropolis Hypervisor and the corresponding virtual machine (VM) lifecycle is managed by the Nutanix PRISM graphical user interface (GUI). IBM Hyperconverged Systems support is integrated into the same version of the AIX 7.2.2 operating system that runs on IBM PowerVM® platforms. IBM Hyperconverged Systems are binary compatible with the AIX operating system running on PowerVM per the AIX binary compatibility guarantee.
For more information on IBM Hyperconverged Systems, see the IBM Hyperconverged Systems topic.
AIX Dynamic System Optimizer
The IBM AIX Dynamic System Optimizer (DSO) extends the features that are provided by the Active System Optimizer (ASO) to automatically adjust some system settings to maximize the efficiency of your system. This automates the difficult job of manually tuning those system settings to optimize eligible workloads. The additional features that are provided by DSO are large page optimization and data stream prefetch optimization.
DSO is no longer a stand-alone feature and is included in AIX Version 7.2, or later, as part of ASO. For more information about DSO and ASO, see the AIX Dynamic System Optimizer topic.
Linux SHA-256 and SHA-512 password cryptographic algorithm
A Loadable Password Algorithm (LPA) model is available that supports the Linux SHA-256 and SHA-512 password cryptographic algorithm. The Linux SHA-256 and SHA-512 password cryptographic algorithm is supported by other operating systems and was published in the public domain by Ulrich Drepper (https://www.akkadia.org/drepper/SHA-crypt.txt).
The LPA model is included in the pwmod Licensed Program Product (LPP) package. You can get the pwmod package from the AIX Web Download Pack website.
Server-side support for new Unicode locales
For information about server-side support for new Unicode locales, see the Supported languages and locales topic.
Common Criteria administration guide
The Common Criteria administration guide for AIX 188.8.131.52 is available for use.
Visit the following URL to access the document that provides instructions to configure and operate AIX 7.2 Technology Level 5 (TL5) Service Pack 3 (SP3) in the Common Criteria evaluated configuration to meet the National Information Assurance Partnership (NIAP) Protection Profile for General Purpose Operating Systems version 4.2.1 (also known as OSPP) and Extended Package for Secure Shell v1.0.
- Certification by BSI (Bundesamt für Sicherheit in der Informationstechnik), also known as
Federal Office for Information Security.
- Certification by Common Criteria Portal. You can check the certification under the operating system section.