AIX Version 7.1 Expansion Pack Release Notes

Contents

AIX Version 7.1 Expansion Pack Release Notes

Read this before installation

Note: This software may contain errors that could result in critical business impact. It is highly recommended that you install the latest available fixes prior to using this software. Fixes can be obtained from IBM® System p® support at the following website: 
http://www-933.ibm.com/eserver/support/fixes/fixcentral

This CD or DVD contains programs provided by IBM and other program suppliers. Each program is licensed under the terms and conditions of that specific program. These terms and conditions can vary depending on the specific program or the program supplier. Specific information on the content of this CD or DVD and the terms and conditions under which these programs are licensed are contained in a readme file on Volume 1 of the media.

To obtain the Content and Terms and Conditions information:
  1. Log in as the root user.
  2. Insert the Volume 1 CD or DVD into the media drive. If your media drive is not /dev/cd0, substitute the correct device name and type the following commands:
         mount -v cdrfs -o ro /dev/cd0 /mnt
     cp /mnt/README*  /tmp
     unmount  /mnt

    The /tmp/README and /tmp/README.html files contain the content or the terms and conditions under which these programs are licensed. View this information using your Web browser or the more or pg command.

Softcopy documentation for each product is included with the product. This document supplements the product documentation by outlining the steps for getting started and pointing you to additional product information.

Installation, migration, upgrade, and configuration information

These release notes are provided for AIX® Version 7.1 Expansion Pack.

The AIX Version 7.1 Expansion Pack release notes include information that helps you install the products that are included on the AIX Version 7.1 Expansion Pack. To view the most current version of the Release Notes®, go to the online Release Notes in the System p and AIX Information Center. The information center is located at the following website:

http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.resources/61relnotes.htm

The AIX Version 7.1 Expansion Pack is shipped with AIX Version 7.1 as a vehicle for delivering new IBM and non-IBM products. Most Expansion Pack products are installed using normal installation methods. Because some Expansion Pack products cannot be installed using normal installation methods, their installation procedures are provided under their product descriptions.

The AIX Version 7.1 Expansion Pack might include products that contain a cryptographic function that is subject to special export-licensing requirements by the U.S. Department of Commerce. Import restrictions can also apply to certain countries. Different packages of the AIX Version 7.1 Expansion Pack accommodate varying country export or import restrictions. Refer to “Ordering Information” located in the Expansion Pack announcement to determine which package is appropriate for you. Contact your IBM representative or IBM Business Partner to determine what encryption you are entitled to receive.

The contents of the Expansion Pack vary over time. New software products can be added, changed, or removed. Changes to the content of the AIX Version 7.1 Expansion Pack are announced either as part of an AIX announcement or independently of the release announcement.

Unless otherwise indicated, products can be installed from the CD or DVD using the Web-based System Manager or System Management Interface Tool (SMIT). For detailed instructions, see AIX Version 7.1 Installation and Migration, available through the System p and AIX Information Center.

Listing and previewing installation software

You can list the available software products, packages, and file sets on AIX media, which can be a CD, DVD, tape, diskette, or directory. The output shows the available packages and file sets on the media. The descriptions are provided at the file set level.

You can perform a preview installation before doing the actual installation. A preview installation provides the pre-installation information that occurs during a regular installation, except that no software is installed.

When you select a package or file set to be installed with the preview installation process, you see a list that contains all the requisite packages and file sets needed by the selected package or file set to be successfully installed.

Other information generated during the preinstallation process concerns file system-size checking. The file systems are checked to ensure that there is enough free space available to install the selected package or file set.

You can list the software and use the previewing software functions from the command line, the SMIT interface, or the Web-based System Manager interface.

Listing and previewing software from the command line

  1. Log in as the root user.
  2. To list the software on the first CD or DVD of the base media, insert the Volume 1 disk in the media drive, and type: 
    installp -ld/dev/cd0 | pg
    A list similar to the following is displayed:
      fileset Name                Level                     I/U Q Content
  ====================================================================
  ICU4C.adt                   2.8.0.0                    I  N usr
#   ICU Application Developer's Toolkit

  ICU4C.man.en_US             2.8.0.0                    I  N usr
#   ICU Manual Pages - U.S. English

       ...
  3. To perform a preview installation at the command line, use the -p flag with the installp command. For example, to preview the installation of the ICU4C.adt file set, type: 
    installp -aXgq -p -d/dev/cd0 ICU4C.adt
    The preview option shows the file sets selected to be installed, the file sets that are pulled in by requisites, and the system resources that are used.

Listing and previewing software from the ASCII SMIT interface

  1. Log in as the root user.
  2. Use the smitty install_update fast path.
  3. Select Install Software.
  4. Press the F4 (List) to list the available input devices and select the appropriate one, or type the input device name in the blank field. Press Enter to continue.
  5. To list all available software on the selected media, press the F4 (List) at the SOFTWARE to Install field.
  6. Scroll through the list of software by using the arrow keys or the Page Up or Page Down keys.
    Note: The following listing shows the available software packages and file sets for that software product.

    If the file set is preceded by a plus sign (+), then it is available to be installed. If the file set is preceded by an at sign (@), then the file set is already installed.

    For example, in the following output example, the software product is ICU4C:

         ICU4C.adt                                                          ALL
      + 2.8.0.0  ICU Application Developer's Toolkit

     ICU4C.man.en_US                                                    ALL
      + 2.8.0.0  ICU Manual Pages - U.S. English

     ICU4C.rte                                                          ALL
      + 2.8.0.0  International Components for Unicode
    The three packages are ICU4C.adt, ICU4C.man.en_US, and ICU4C.rte. The file set in the ICU4C.adt package is the ICU Application Developer's Toolkit at the 2.8.0.0 level. The descriptions for the software product are provided at the file set level. There is often more than one file set per package.
  7. Select the package or file set you want to install by scrolling to that package or file set and press the F7 (Edit) to make the selection. Press Enter to continue.
  8. To preview the installation of the package or file set that you selected, press the Tab key to select yes in the PREVIEW only? field. Press Enter.
    Note: To obtain detailed information about the installation, select yes in the DETAILED output? field. The file sets being installed are displayed in parentheses.

Listing and previewing software using the Web-based System Manager interface

  1. Log in as the root user.
  2. To initialize the environment, type wsm & at the command prompt.
  3. In the Navigation Area, click on the plus sign (+) to the left of the client you want to manage.
  4. Expand Software.
  5. Click Installed Software.
  6. At the top of the Web-based System Manager window in the menu bar, click Software to display the Software menu.
  7. Click New Software (Install/Update).
  8. Click Install Additional Software.
  9. Click Advanced Method.
  10. Specify or select a software source.
  11. To list available software, click Browse to display a tree view of all the software on the media. The tree can be expanded by clicking the plus sign (+) to the left of the icon.
    Note: If the software is already installed, you will see a small check mark to the left of the file set description.
  12. Select the packages or file sets you want to install by clicking the package or file set.
  13. To preview the installation of the selected package or file set, press the Preview button.
Additional information about AIX-supported products is available from the following website:

http://www.ibm.com/servers/aix/products/ibmsw/list/

IBM 32-bit and 64-bit SDK for AIX, Java 2 Technology Edition, Version 1.4.2.175

IBM 32-bit and 64-bit SDK for AIX, Java 2 Technology Edition, Version 1.4.2.175 is released in Java1.4.2.175.* file sets. To see if a more recent service refresh is available, complete the following steps:
  1. Go to the developerWorks® website at http://www.ibm.com/developerworks/java/jdk/aix.
  2. Click Downloads, User Guides, and Service information.
  3. Click Fix Info in the Java 1.4 64-bit column.

IBM 64-bit SDK for AIX, Java 2 Technology Edition, Version 5

IBM 64-bit SDK for AIX, Java 2 Technology Edition, Version 5 is released in Java5.* file sets. For more information about this version, see the /usr/java5_64/docs/sdkguide.aix64.htm file. To see if a more recent service refresh is available, do the following:
  1. Go to the developerWorks website at http://www.ibm.com/developerworks/java/jdk/aix.
  2. Click Downloads, User Guides, and Service information.
  3. Click Fix Info in the Java 5 64-bit column.

IBM Directory Server

To access the latest IBM Directory Server Lightweight Directory Access Panel (LDAP) product information, go to the following website:

http://www-306.ibm.com/software/tivoli/resource-center/security/index.jsp

Installation and configuration

For information specific to IBM Tivoli® Directory Server installation and configuration, go to the following website: 
http://www.ibm.com/software/tivoli/products/directory-server/
From the IBM Tivoli Directory Server category on this website, click Technical Documentation. Read the following documents:
  • Readme Addendum
  • Server Readme
  • Client Readme
  • Installation and Configuration Guide for Multiplatforms

You can use the Web Administration Tool on AIX 4.3.3, 5.1, or 5.2. You can install the Web Administration Tool on a system with or without the client or server.

If you are using IBM DB2® 8.1, you must enable asynchronous I/O before you begin the configuration. To enable asynchronous I/O, type the following at the command prompt:
smitty aio

IBM HTTP Server for AIX, Version 2.0.47.1

This section provides information about installing the IBM HTTP Server (IHS) and its documentation.

Limitations

The license restriction for IBM HTTP Server, Version 2.0.47.1 states that when it is used outside of the IBM WebSphere® Application Server (WAS), IHS can only be used in conjunction with AIX Web-based System Manager. AIX 5L™ Version 5.3 Expansion Pack customers do not receive fix support.

Documentation

The IBM HTTP Server (IHS) product website includes the latest version of the software, documentation, and installation instructions. Go to the following website to get the most recent information:

http://www.ibm.com/software/webservers/httpservers/

IBM HTTP Server, Version 2.0.47.1, is available in InstallShield installation format only. Previous versions of IHS for AIX were built using the installp format. To properly install the latest version, you must first remove the previous installation of IHS and then install the new version.

The instructions in the following section will guide you through this process.

IBM HTTP Server installation instructions

Due to the license restrictions for IHS 2.0.47.1, the following installation instructions apply only to the use of IHS with the Web-based System Manager outside of a WebSphere Application Server environment:

  1. Back up your web server configuration files in the conf directories, and back up the website created under the cgi-bin and htdocs directories by copying them to the /tmp directory or another temporary backup directory structure.
  2. Uninstall any previous versions of IHS by doing the following steps:
    1. Log in as the root user.
    2. Stop the server by changing the directory to /usr/HTTPServer/bin, and then type the following command:
      ./apachectl stop
    3. Type smitty remove.
    4. From the Remove Installed Software panel, select SOFTWARE name to list the software, and press F4.
    5. Select every file set name that begins with http_server from the list by highlighting each file set name and pressing F7 (Edit), and press Enter.
    6. Change the Preview only option to No, and press Enter to remove the software.
    7. Press F10 (Exit) to exit smitty and return to the AIX command line.
  3. If you obtained the IBM HTTP Server, Version 2.0.47.1 from the following IBM HTTP Server product website, the wsm_remote Software Bundle allows you to install IHS from the hard disk by specifying the directory path name that contains your copy of the software installation images.

    http://www.ibm.com/software/webservers/httpservers/

    To install IHS on AIX using the wsm_remote Software Bundle, manually complete the setup as follows:
    1. The installation directory path name must be in the format ./ismp/ppc/package_name. For example, downloaded installation images can be copied to the /usr/sys/inst.images/ismp/ppc/IHS2 directory. In this example, the installation source name is /usr/sys/inst.images, and the package name is IHS2.
    2. The response file named silent.res must be linked to the name IHS2.response for AIX to detect automatic responses during a silent installation, such as specifying the -P ihs.installLocation=/usr/HTTPServer preferred AIX installation location and a language other than the default en (English) language.
  4. Type smitty install_bundle.
  5. On the Install Software Bundle panel, do one of the following actions:
    • Press F4 (List) to select CD-ROM or DVD-RAM (per the system configuration) if you are using AIX Expansion Pack media.
    • Type the path name of the directory that contains the downloaded IHS images.
  6. In the Select a fileset Bundle list, select the wsm_remote bundle, and press Enter.
  7. Change ACCEPT new license agreements from no to yes, and press Enter to complete the installation and the remote configuration for Web-based System Manager.
  8. Press F10 (Exit) to exit smitty and return to the AIX command line.
  9. The response file specifies the /usr/HTTPServer directory as the base directory and uses English as the default language. Additional message file sets for the other country codes are available with the software. To install additional languages, run the following command from an aixterm or dtterm window to start the InstallShield window:
    geninstall -d install_images_pathname J:IHS2
    Using the example above, the command is as follows:
    geninstall -d /usr/sys/inst.images J:IHS2
  10. To verify that the installation is complete, type the following from the AIX command line:
    lslpp -L IHS2
    The results show that IHS2 is installed in the /usr/HTTPServer directory. The postinstallation script completes the remote management environment configuration and starts the HTTP Server. Documents and files are served from the /usr/HTTPServer/htdocs directory.
  11. After you install IHS, remove the world writeable permissions from the /usr/HTTPServer/conf/httpd.conf.sample.afpa file by typing the following command as the root user:
    chmod o-w /usr/HTTPServer/conf/httpd.conf.sample.apfa

Third-party license terms and conditions, notices and information

The terms and conditions, notices and other information are provided in a license file located in the /usr/HTTPServer/license directory. Any non-English version of the information in this file is provided to you for your convenience only. The English version of the file is the official version. The license agreement for this product refers you to this file, or to a file referenced by this file, for details concerning terms and conditions applicable to third-party software code included in this product, and for certain notices and other information that IBM must provide to you under its license to certain software code.

IBM HTTP SERVER AND THE APACHE HTTP SERVER: The IBM HTTP Server component of the Program includes software developed by The Apache Group for use in the Apache HTTP Server project (http://www.apache.org/). Portions of the IBM HTTP Server are based on software developed by The Apache Group. The software developed by The Apache Group is Copyright (c) 2000-2002. All rights reserved.

OPENSSL: The IBM HTTP Server component of the Program includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/) and software developed by Eric Young (eay@cryptsoft.com). The copyright notices, lists of conditions and disclaimers related to OpenSSL can be found in the readme.txt file located in the icc subdirectory of the SSL component.

Open Secure Shell, Version 5.0.0.5300

Open Secure Shell (OpenSSH) requires Open Secure Sockets Layer (OpenSSL) Version 0.9.8.4 for encryption. The OpenSSL package is available as installp in the AIX Version 7.1 Expansion Pack. The package name is Openssl-0.9.8.4, and it can be installed using SMIT. You must use the OpenSSL Version 0.9.8.8 before installing OpenSSH.

After OpenSSH is installed, you can find the readme file in the /usr/openssh/ directory.

This version of OpenSSH supports PAM authentication on AIX 7.1. You can find the details in the readme file in the /usr/openssh/ directory.

Note: OpenSSH installation uses the AIX electronic license feature. When you are installing OpenSSH through SMIT, you must view and accept the license text provided with OpenSSH.

OpenSSH 4.3 and later versions use Kerberos 5 authentication and authorization through the Network Authentication Service (NAS), Version 1.4.0.7. You must migrate from previous versions of NAS (Kerberos) Version 1.4.0.5 before updating OpenSSH.

IBM Text-to-Speech, Version 6.7.4.0

IBM Text-to-Speech (TTS) is a speech engine that allows applications to produce speech.

Hardware Requirements:
Audio card
Software Requirements:
  • AIX 5L for POWER® Version 5.1 with the 5100-04 Recommended Maintenance package (APAR IY39794) or later
  • AIX 5L Version 5.2
  • AIX 5L Version 5.3
  • xlC.rte 5.0.2.1 or later
  • xlC.aix50.rte 5.0.2.5 or later
TTS includes the following installp packages:
tts_access.base
IBM TTS runtime base
tts_access.base.en_US
IBM TTS runtime (U.S. English)
Note: Install both of the listed packages. Selecting the tts_access.base package automatically installs the tts_access.base.en_US package.

TTS is installed in the /usr/opt/ibmtts directory.

For more information, see the /usr/opt/ibmtts/docs/readme.htm file or the /usr/opt/ibmtts/docs/readme.txt file.

IBM Network Authentication Service, Version 1.4.0.7 for AIX

IBM Network Authentication Service, Version 1.4.0.7 for AIX is a network-authentication protocol based on the IETF RFC 1510 standards protocol for the Kerberos V5 IBM Network Authentication Service. The IBM Network Authentication Service includes the Generic Security Service Application Programming Interface (GSS-API), the Key Distribution Center (KDC) server, and the server. IBM Network Authentication Service allows AIX middleware and external application writers to use authenticated and optionally encrypted message flow between their respective components.

Documentation

Read the README.lang file for IBM Network Authentication Service, Version 1.4 before configuring or using the program, where lang specifies one of the following language locales:
  • Chinese (Simplified)
  • Chinese (Traditional)
  • English
  • Korean
  • Portuguese (Brazilian)

The README.lang file for AIX is located in the /usr/lpp/krb5 directory after the krb5.client.rte file set is installed from the krb5.client client installation package. The README.lang file can also be viewed using the SMIT list_media_info command to list supplemental file set information on the installation media for the krb5.client.rte file set.

Documentation for IBM Network Authentication Service is available in the krb5.doc.lang installation packages, where lang specifies one of the following language locales:
  • en_US (U.S. English)
  • Ja_JP (Japanese)
  • ko_KR (Korean)
  • zh_CN (Simplified Chinese)

The documentation is in both HTML and PDF formats. Install the krb5.doc.lang.html file set for access to HTML documents and the krb5.doc.lang.pdf file set for access to PDF documents.

The IBM Network Authentication Service Version 1.4 Administrator's and User's Guide is installed in the following directories:
  • HTML

    /usr/lpp/krb5/doc/html/lang/ADMINGD

  • PDF

    /usr/lpp/krb5/doc/pdf/lang/ADMINGD

The IBM Network Authentication Service Version 1.4 Application Development Reference is installed in the following directories:
  • HTML

    /usr/lpp/krb5/doc/html/lang/APDEVREF

  • PDF

    /usr/lpp/krb5/doc/pdf/lang/APDEVREF

Installation and configuration

The IBM Network Authentication Service Version 1.4 Administrator's and User's Guide details the installation and configuration procedures for the product.

AIX Certificate and SSL Base Runtime, Version 7.0

The GSKit.README file for AIX Certificate and SSL Base Runtime (GSKIT), Version 7.0 is located in the root directory of the AIX Version 7.1 Expansion Pack CD or DVD, Volume 2.

DES encryption kernel extension 64-bit

With the DES encryption kernel extension, nfs_kdes_full.ext, you can now use 64-bit kernels. This extension is used to enable Secure NFS by encrypting time stamps sent between the client and the server that allow each remote procedure call (RPC) message to be authenticated. For more information, see the "Network File Systems Security" section in the AIX Version 7.1 Security Guide topic collection.

The DES encryption kernel extension is available from the des file set on the AIX Expansion Pack.

Certificate Authentication Services

Certificate Authentication Services are not included with the AIX Version 7.1 operating system.

IP Filters porting to AIX

IP Filter, Version 5.3.0.0 open source software has been ported to AIX. The IP Filters software package can be used to provide Network Address Translation (NAT) or firewall services. Licensing information can be found at the following website:

http://coombs.anu.edu.au/~avalon/

Network security options TCP Wrapper 1.1.0.0

TCP Wrapper is a simple open source tool to monitor and control incoming network traffic. The TCP Wrapper home page is located at:
ftp://ftp.porcupine.org/pub/security/index.html

Pegasus CIM Server Version 2.6.1.0, OS Base Providers Version 1.2.7.0, and SMI-S Providers Version 1.1.0.20

The Pegasus CIM Server is an implementation of the Web-Based Enterprise Management (WBEM) standards as defined by the Distributed Management Task Force (DMTF). Pegasus CIM Server, OS Base Providers, and SMI-S Providers for an AIX operating system are contained in the sysmgt.pegasus.cimserver, sysmgt.pegasus.osbaseproviders, and sysmgt.pegasus.smisproviders file sets. The smisproviders file set has a corequisite on the devices.common.IBM.fc.hba-api file set. The smisproviders file set should be at Technology Level 5.3.0.50 or later to have the full SMI-S provider functions. The version of Pegasus CIM Server being delivered on the AIX Version 7.1 Expansion Pack is the 2.6.1.0 version from the Open Pegasus project at the following website:

http://www.openpegasus.org

The new 2.6.1.0 version of Open Pegasus has support for:
  • PAM (Pluggable Authentication Modules) Authentication
  • SLP (Service Location Protocol)
Note: Previously, if you installed CIM Server, the OS Base Providers would also be automatically installed. Now, if you need to upgrade, both must be installed.

Documentation

Documentation for Pegasus CIM Server and OS Base Providers is available in the Common Information Model Guide.

For information specific to Pegasus CIM Server, see the following website:

http://www.openpegasus.org

After installation, the Pegasus CIM Server readme file is located in the /opt/freeware/cimom/pegasus/README directory.

The OS Base Providers readme file is located in the /usr/pegasus/provider/README directory.

The SMI_S Providers readme file is located in the /usr/pegasus/provider/README_SMIS directory.

Requirements

OpenSSL

The Pegasus CIM Server is delivered with SSL ready. Therefore, it requires the libssl.a library to be available on the system before you can start the Pegasus CIM Server. The libssl.a library is a part of the OpenSSL rpm, which is available on the AIX Toolbox for Linux Applications CD or DVD. It can also be downloaded from the AIX Toolbox for Linux Applications website at:

http://www.ibm.com/servers/aix/products/aixos/linux/download.html

The package name is openssl-0.9.7XXX.aix5.1.ppc.rpm, where XXX indicates the build level. Install OpenSSL before starting the Pegasus CIM Server.

For more information about the OpenSSL rpm and Pegasus CIM Server, see the readme file in the /opt/freeware/cimom/pegasus directory after you install the Pegasus CIM Server.

AIX Network Data Administration Facility

The AIX Network Data Administration Facility (AIX NDAF) for AIX Version 7.1 has been moved from the Expansion Pack media to the base media.

Web-based System Manager Security

The Remote Client Security support in the Web-based System Manager Security sysmgt.websm.security and sysmgt.websm.security-us file sets has been enhanced for recent versions of the Linux operating systems. This enhancement corrects a problem where the Remote Client Security package, setupsecl.exe, fails to install on SLES 9 and other recent Linux releases because the version of InstallShield that was used to build the package (IEMP) is not supported on these releases. The Remote Client Security is repackaged using IEMP 5.02 to alleviate this problem.

RSCT CIM Resource Manager, Version 2.5.0.0

The CIM resource manager (CIM RM) is an RMC resource manager that enables RMC to be used to query system configuration through CIM classes. CIM RM is contained in the package rsct.exp.

This release adds the following new functions:
  • The ability to monitor changes in CIM properties and run user-defined responses.
  • New command line tools to list and explore associations among CIM resources.
The RSCT CIM Resource Manager supports Base Providers for AIX available in the sysmgt.pegasus file sets.

Documentation

For more information about the CIM Resource Manager, see the IBM Reliable Scalable Cluster Technology Administration Guide. After installation, the CIM RM README is found in /usr/sbin/rsct/README/rsct.exp.README.