IBM AIX 7.2 with Technology Level 5 Release Notes

Edit online

Read before installing

Edit online

Before you use this software, you must go to the Fix Central website and install the latest available fixes that address security vulnerabilities and other critical issues.

Software license agreements

Edit online

There are instances where the software license agreements (SLA) might not be displayed correctly. In this event, the license agreements can be viewed for all languages at the Software license agreements website.

Software Maintenance Agreement

Edit online

In AIX® 7 with 7200-05, a separate Software Maintenance Agreement (SWMA) acceptance window displays during installation immediately after the license acceptance window. The response to the SWMA acceptance (accept or decline) is stored on the system, and either response allows the installation to proceed, unlike license acceptance, which requires an acceptance to proceed.

The SWMA acceptance window is displayed during a New Overwrite or Preservation installation from base CD media.

For base CD media New Overwrite or Preservation installations, if a nonprompted installation is wanted, the ACCEPT_SWMA field in the control_flow stanza of the bosinst.data file must be set to yes (to accept the SMWA terms) or no (to decline the SWMA terms). The ACCEPT_SWMA field is set to blank by default.

For NIM installations, if licenses are accepted either from the choices that are made when initializing the installation, or by using the ACCEPT_LICENSES field in a customized bosinst.data file, SWMA acceptance is constituted.

Fixes and problem-solving databases

Edit online

You can download AIX fixes and search technical databases (including APARS and Tips for AIX administrators) at the Fix Central website.

Security advisories

Edit online

Security subscription services are available at the My notifications website.

After you subscribe to the AIX security advisories, you will receive the advisories by email when they are published.

Speculative-execution mitigation

Edit online

AIX 7 with 7200-05 includes support for enhancing AIX software with mitigations against speculative-execution vulnerabilities. AIX applications and kernel extensions might use the new cpu_context_barrier and cpu_speculation_barrier services to protect against attacks from untrusted sources. For more information about these services, view their description on the IBM Documentation Technical Reference topic.

System requirements

Edit online

Review the following information to determine the minimum and recommended system requirements that are needed to run AIX 7 with 7200-05.

Required hardware

Edit online

Only 64-bit Common Hardware Reference Platform (CHRP) machines that are running selected POWER7®, POWER8®, POWER9™, and Power10 processors that implement the Power Architecture® Platform Requirements (PAPR) are supported.

To see whether you have a supported machine, log in to the machine as the root user, and run the following command: 
prtconf | grep 'Processor Type'

Firmware

Edit online

I/O devices IPL limitation

Edit online

Because of a limitation on firmware memory size, only I/O devices in the first 144 I/O slots that are assigned to a logical partition or single system image partition can be used as an IPL (boot) source.

You can use the HMC to identify which devices are in the first 144 I/O slots by performing the following steps:
  1. Select Partition Properties > Hardware > I/O.
  2. Click the Bus column to sort the I/O devices in ascending order.

    The first 144 I/O devices in the sorted list are in the bootable adapter slots.

If you are using a partition or single-system image partition with more than 144 assigned I/O slots, the following scenarios and their results and resolutions are possible.

Table 1. Scenarios for partitions with more than 144 assigned I/O slots
Scenario Result Resolution
Attempting to boot from a device beyond the first 144 I/O slots for installation or diagnostic purposes. The device is not selectable as a boot source from the SMS menus. Use a device in the first 144 I/O slots.
Booting from a device in the first 144 I/O slots, and then attempt to select a target installation device in a slot beyond the first 144 I/O slots. The boot succeeds to the installation menus, but devices beyond the first 144 I/O slots are not listed as bootable installation targets in the AIX menus. Select a device that is available and marked as bootable.
Using an MPIO configuration where one adapter is in the first 144 I/O slots and another adapter is in a slot beyond the first 144 I/O slots. Both adapters are present at boot time. The boot succeeds to the installation menus, and the device is listed as bootable in the AIX installation menus. The installation proceeds, but it fails with the bootlist command failure unable to set bootpath for all paths. Use a device in the first 144 I/O slots for all paths.
Using DLPAR to add an adapter in a slot beyond the first 144 I/O slots, and then attempting to run the alt_disk_install command for the newly added device. The device is not listed as bootable. Use a device in the first 144 I/O slots.
Using DLPAR to add an adapter in a slot beyond the first 144 I/O slots, and by using the bootlist command to add the device as a bootable device (for example, by dynamically adding a redundant path to a current boot device or setting up for a network boot). Then removing the original adapter and rebooting. The bootlist command succeeds, but the boot fails from the specified device, and AIX does not receive control. Use a device in the first 144 I/O slots.
Using DLPAR to add an adapter whose probe order makes it displace a current bootable device, and then rebooting. The boot fails, and AIX does not receive control. Move the boot device to one of the first 144 I/O slots or remove the previously added device.
Selecting a device in a slot beyond the first 144 I/O slots as a dump device for a firmware-assisted dump. The sysdumpdev command does not allow devices in slots beyond the first 144 I/O slots to be selected as firmware-assisted dump storage devices. An error occurs during the firmware-assisted dump configuration, and a traditional AIX dump automatically becomes available. Use a device in the first 144 I/O slots for firmware-assisted dumps.
Using DLPAR to add an adapter whose probe order makes it displace a currently valid firmware-assisted dump target device, and then rebooting after the dump. The firmware-assisted dump process fails during the boot process and displays an error message. The traditional AIX dump still runs to retrieve the dump image. Avoid displacing the selected firmware-assisted dump target device or reconfiguring the sysdumpdev command for the firmware-assisted selection of dump target device, and specify a device within the first 144 I/O slots.
Using DLPAR to add an adapter whose probe order makes it displace a currently valid firmware-assisted dump target device, and then rebooting. The sysdumpdev command does not allow devices in slots beyond the first 144 I/O slots to be selected as firmware-assisted dump storage devices. An error occurs during the firmware-assisted dump configuration, and a traditional AIX dump automatically becomes available. Use a device in the first 144 I/O slots for firmware-assisted dumps.

Memory requirements

Edit online

AIX 7 with 7200-05 requirements for minimum current memory vary, based on the configuration.

A minimum current memory requirement for AIX 7 with 7200-05 is 2 GB.

AIX 7 with 7200-05 requires the minimum current memory requirement to increase as the maximum memory configuration or the number of devices scales upward, or both. Larger maximum memory configurations or extra devices scale up the minimum current memory requirement. If the minimum memory requirement is not increased along with the maximum memory configuration, the partition hangs during the initial program load (IPL).

Host Ethernet Adapter memory requirements

Edit online

Configurations containing a Host Ethernet Adapter (HEA) require more memory than the 2 GB minimum. Each logical HEA port that is configured requires an extra 102 MB of memory. The minimum memory requirement for configurations with one or more HEA ports that are configured, where n is the number of HEA ports, is 512 MB + n*102 MB.

Paging space requirements

Edit online

AIX 7 with 7200-05 creates a 512 MB paging space (in the /dev/hd6 directory) for all new and complete overwrite installations.

Large page (16 MB/16 GB) zeroing enhancements

Edit online
The contents of a large page (16 MB/16 GB) in shared memory regions are zeroed when the region is deleted. You can use the pgz_mode tunable that is available with the vmo command to reduce the time that is needed to zero the pages by zeroing the pages in a nonuniform memory access (NUMA) aware parallel manner by using multiple kernel threads. You can specify the following values for the pgz_mode tunable:
Serial mode
The default option for previous releases of the AIX operating system.
Synchronous parallel mode
Pages are deleted in parallel and in the context of the thread that initiated the deletion.
Asynchronous parallel mode
The thread that initiated the deletion, offloads the work of zeroing the pages in parallel to a kernel process and continues with the deletion process.

Large page (16 MB) pool creation and resizing enhancements

Edit online
A 16 MB page pool is created and resized dynamically. This 16 MB pool is created by using the lgpg_size tunable and the lgpg_regions tunable that are part of the vmo command. You can use the pgz_lpgrow tunable that is available with the vmo command to reduce the time that is needed to create or resize the 16 MB page pool by zeroing the large pages in parallel and by using multiple kernel threads. You can specify the following values for the pgz_lpgrow tunable:
Serial mode
The default option for previous releases of the AIX operating system.
Synchronous parallel mode
Pages are zeroed in parallel and in context of the vmo command.
Asynchronous parallel mode
The vmo command offloads the work of zeroing the pages in parallel to a kernel process and continues to the next step in the pool creation or resizing process.

Disk requirements

Edit online

AIX Version 7.2 requires a minimum of 20 GB of physical disk space for a default installation that includes all devices, the Graphics bundle, and the System Management Client bundle.

Disk usage

The following table displays disk usage statistics:
File system Allocated (Used)
/ 128 MB (49 MB)
/usr 2368 MB (2061 MB)
/var 192 MB (34 MB)
/tmp 128 MB (2 MB)
/admin 128 MB (1 MB)
/opt 64 MB (17 MB)
/var/adm/ras/livedump 256 MB (1 MB)
Note:
  1. If the /tmp directory has less than 64 MB, it is increased to 64 MB during a migration installation so that the AIX 7 with 7200-05 boot image is successfully created at the end of the migration.
  2. The boot logical volume must be of size 32 MB. The pre-migration script in the usr/lpp/bos directory on your media or in your NIM Shared Product Object Tree (SPOT) checks the storage space. During the migration operation, hd5 (the boot logical volume) is increased if necessary. The logical partitions must be contiguous and must be located within the first 4 GB of the disk.

Format the SCSI disk properly before you install the AIX operating system on it. The AIX operating system requires the disk to be formatted to a sector size supported by the attached SCSI controller. All AIX SCSI controllers support 512-byte sector SCSI disks. The 522-byte sector SCSI disks are supported only when they are attached to SCSI RAID controllers. If the disk is formatted for SCSI RAID, but is not attached to a SCSI RAID controller, the disk might not configure. If the disk does configure, it might be unreadable in the AIX environment. In some instances, the certify function and the format function in AIX diagnostics can be used to reformat the disk for the attached SCSI controller.

If any existing file system has a mount point in the /opt directory, or a mount point of /opt itself, the new logical volume, and file system are not created.

The AIX_FCPARRAY driver is not supported in AIX 7 with 7200-05. Before you migrate to AIX 7 with 7200-05, you must use the manage_disk_drivers command to convert any FCP array disks from the AIX_FCPARRAY driver to the AIX_AAPCM driver. The AIX_AAPCM driver supports Multiple Path I/O (MPIO) devices.

Disk capacity

Edit online

SAS RAID controllers and Fibre Channel controllers support attached arrays and disks with capacities, which exceed 2 TB. The maximum supported capacity (beyond 2 TB) is limited by either the attached storage subsystem or the higher-level logical storage management.

For more information about SAS RAID controllers, see the SAS RAID controller for AIX topic.

For more information about AIX capacity limitations for logical storage, see the Limitations for logical storage management topic.

VPM throughput mode changes for Power10

Edit online
When Power10 systems run in shared processor mode, the default value of the throughput mode for the virtual processor management (VPM) is 2. When you migrate the system to or from a Power10 system, and later, the AIX operating system automatically changes the default value of the throughput mode for the VPM. During boot operation, the AIX operating system selects the default value of the vpm_throughput_mode tunable parameter of the schedo command based on the type of server on which the LPAR is running. The value of the vpm_throughput_mode tunable parameter that is selected by the AIX operating system is preserved and used on the destination server. On Power10 systems, you can switch to the recommended value of 2 for the vpm_throughput_mode tunable parameter by using the following command: 
schedo -d vpm_throughput_mode
Note: When you migrate to or from a Power10 system, and later, it is recommended to move the operating system level to 7300-00, 7200-05-03-2147, 7200-04-05-2148, 7100-05-09-2148 or later. Without this feature that enables you to change the vpm_throughput_mode tunable parameter by using the schedo command, updating the operating system levels to 7200-05-00-2037, 7200-04-03-2038, and 7100-05-07-2037 might override the value set for the vpm_throughput_mode tunable parameter.

Installing

Edit online

This section contains information about installing AIX 7.2 that supplements the information that is contained in the Installation and Migration topic.

Installing AIX 7 with 7200-05

Edit online
The following methods can be used to install AIX 7 with 7200-05:
  • Complete overwrite installation
  • Preservation installation
  • Migration installation
Note: After you install or migrate a system to AIX 7 with 7200-05, you can install a previous level of AIX by restoring a system backup or by performing a new and complete overwrite with base media. Preservation installations from AIX 7 with 7200-05 to a previous level of AIX are not supported.
Note:
Using the update media is recommended for updates. If you use the base media to update, install the bos.dsc fileset first by using the following command: 
# installp -e /tmp/install.log -agXd software_source bos.dsc

If you use the base media to update, some ODM settings (such as SRC subsystems settings) might be lost. If you use base media, or a software source that is created from base media, for an update_all operation, previous history of your software installation is removed. Whenever a base image is installed, the history of the fileset installations is reset. The history is maintained when service updates are used for an update_all operation.

The minimum size of the boot logical volume is 24 MB. If your current boot logical volume is 16 MB or less, the installation process tries to increase it. However, partitions in a boot logical volume must be contiguous, and within the first 4 GB on the disk. If your system does not have free space that meets these requirements, a message indicates that there is not enough space to expand hd5 (the boot logical volume).

To install AIX 7 with 7200-05, follow the instructions in the Installing the base operating system topic.

Installing AIX by using a USB flash drive

Edit online

AIX 7 with 7200-05 supports installation by using a USB flash drive on POWER8 systems, and later. A USB flash drive that contains an AIX installation image can be created by first downloading the AIX installation image from the IBM Entitled System Support website. A single volume installation image of AIX 7 with 7200-05 is made available on the IBM Entitled System Support website for writing to USB flash memory. After downloading the AIX installation image, the image can be written to a USB flash drive. IBM recommends using a recently manufactured USB flash drive. The minimum capacity requirement of the USB flash drive for AIX installation is 16 GB. On an AIX or a Linux® based system, the image can be written to a USB flash drive by using the dd command.

Additionally, it is possible to create an installable USB flash drive by copying the image directly from AIX DVD installation media by using the dd command: 
$ dd if=/dev/cd0 of=/dev/usbms0 bs=4k

Comparable commands exist on Windows-based machines for writing the installation image to a USB flash drive.

After the USB flash drive AIX installation media is created, the media can be used on POWER8 systems, and later, similar to the DVD install media.
Note: The AIX bootlist command can recognize only the USB flash drive (usbmsX) as a bootable device if the USB flash drive was present during IPL of the AIX partition. On POWER8 systems, and later, the SMS menus can always be used to assign the USB flash drive as the boot source.

AIX and IBM Power Systems USB implementation is compliant with relevant USB standards. In the unlikely event when a USB flash drive is not properly recognized by AIX, IBM recommends using a different brand of device.

NIM installations with updated LPP_SOURCE

Edit online

NIM installations by using an LPP_SOURCE directory that contains base images from a prior release and that contains updates to the current release require that you use an image_data resource during operating system installations.

When you use an LPP_SOURCE directory that contains base images from a prior release and updates to the current release, create an image_data resource to use for any operating system installations. The SPOT must be updated with the updates that are added to the LPP_SOURCE directory, or a new SPOT must be created. In that SPOT, copy the image.template file that is found at <SPOT_LOCATION>/lpp/bosinst/image.template to a new location outside of the SPOT. Create a NIM image_data resource that points to that location. Use that NIM image_data resource for all operating system installations.

Certain file systems might grow in size, and the default image.data file that is used during an operating system installation comes from the bos image in your LPP_SOURCE directory, which is the prior release image.data file.

start of change

Update Access Keys on Power10

Edit online

IBM Power10, or later processor-based servers include an AIX update access key (UAK) that is checked when you update the AIX operating system. UAKs include an expiration date. Informational messages are generated when the release date for this AIX operating system passed the expiration date of the UAK. Informational messages are also generated when the server boots or during the live partition mobility (LPM) operation and the current AIX operating system level passed the expiration date of the UAK. Also, the server periodically checks and informs the administrator about UAKs that are about to expire, UAKs that expired, or UAKs that are missing.

Support for Update Access Keys on Power10 processor-based servers is included in IBM AIX 7.2 with Technology Level 5 and Service Pack 7200-05-03-2136, or later, and AIX Version 7.1 with the 7100-05 Technology Level and Service Pack 7100-05-09-2136, or later.

end of change

Network Installation Management

Edit online

Network Installation Management (NIM) includes a readme file that is installed with the NIM Master bos.sysmgt.nim.master file set. The path name of the file is /usr/lpp/bos.sysmgt/nim/README.

Java Technology Edition

Edit online

IBM software development kit (SDK) and Java™ Runtime Environment (JRE) for AIX, Java Technology Edition is released in JavaV.x filesets, where V represents the version of Java, such as Java 8, and x is the individual file set, such as Java8_64.sdk.

The following versions of Java Technology Edition are available on the AIX 7.2.5 base media:
Table 2. Java versions
Java Version Base media DVD1 Base media DVD2 Expansion pack
Java Version 5 (32 bit) None None None
Java Version 5 (64 bit) None None None
Java Version 6 (32 bit) None None All
Java Version 6 (64 bit) None None All
Java Version 7 (32 bit) None None All
Java Version 7 (64 bit) Java7_64.jre and Java7_64.sdk Remaining Java7_64 software None
Java Version 7.1 (32 bit) None None All
Java Version 7.1 (64 bit) None None All
Java Version 8 (32 bit) None None All
Java Version 8 (64 bit) All except non-Japanese message filesets Remaining message filesets None

Only Java Version 8 is installed for new overwrite or preservation operating system installation. For these installations, the PATH variable in the /etc/environment file points to java8_64. If you upgrade to AIX 7 with 7200-05 or perform an operating system migration, all previous levels of Java remain on the system, and the /etc/environment PATH variable is not changed. Later, if you remove the previous levels of Java (Java Version 5, Java Version 6, and Java Version 7), then you must change the /etc/environment PATH variable to point to java8_64.

  • By default, Java Version 5 software is removed when you migrate to AIX 7 with 7200-05. However, you can keep Java 5 by changing the selection in the base operating system installation menus, or in the NIM bosinst_data resource. After the migration is complete and Java 5 is removed, you must change the PATH variable to java8_64 in the /etc/environment file.
    Note: Java 5 is not available on the AIX Version 7.2 base media or Expansion Pack media. Other versions of Java are available on the AIX Expansion Pack media.
  • There is no support for security vulnerabilities in Java Version 6.

It is recommended to use java8_64. There is no support for security vulnerabilities in Java Version 5 and Java Version 6.

To check whether a more recent service refresh is available for a version of Java, see the AIX Download and service information website.

New filesets

Edit online
bos.xerces.lib
This fileset contains a new library that is called libxerces.a in the /usr/lib directory. While installing the AIX operating system, you must first install the bos.xerces.lib fileset before installing the bos.net.ipsec.keymgt and bos.aixpert.cmds filesets because the libxerces.a library of the box.xerces.lib fileset is used by the IP Security (IPsec) and AIXPert technologies. To include the box.xerces.lib fileset in the LPP_SOURCE directory, you must use the bos.sysmgt.nim fileset.
bos.decrypt, bos.kmip_client
These filesets are required for logical volume encryption. These filesets are not installed automatically when you run the smit update_all command or during an operating system migration operation. You must install it separately from your software source such as a DVD or an ISO image.
bos.net.tcp.cdp
This fileset contains new commands cdpd and cdpctl that are used to receive Cisco Discovery Protocol (CDP) messages for discovering other Cisco devices that are directly connected to the AIX logical partition. The cdpd command runs as a daemon to receive CDP packets that are sent by the resource controller. The cdpctl command controls the CDP daemon by configuring the network interface that is physically connected to the Cisco device.
start of changebind.rteend of change
start of changeThis fileset contains BIND 9.16 support for AIX operating system that is available in AIX 7.2, Technology Level 5 Expansion Pack. For more information, see AIX 7.2 with Technology Level 5 Expansion Pack Release Notes®.end of change

Fileset changes

Edit online
To provide you with more control over the software that is installed on your system, the bos.net.tcp.client and bos.net.tcp.server filesets are split into 34 new filesets. Beginning with AIX 7 with 7200-05, each of the bos.net.tcp.* filesets are shipped as individual images, instead of including them with the bos.net image. You can now remove unwanted filesets from a NIM installation that uses an LPP_SOURCE directory.
Note: Requisites for installing filesets are unchanged so you must be sure when you remove an image. This image might be required by other filesets that you might want to install.

The core code for each original fileset is in the bos.net.tcp.client_core and bos.net.tcp.server_core filesets. Requisites for software that is shipped with the AIX operating system (the bos.net.tcp.client and bos.net.tcp.server filesets) are changed to the bos.net.tcp.client_core and bos.net.tcp.server_core filesets. More requisites are added to the other new fileset as needed.

The original filesets still exist to satisfy any requisites from other software. The original filesets have requisites to all the new filesets to ensure that all the requirements are met.

To remove any of the new filesets, you must first remove either the bos.net.tcp.client fileset or the bos.net.tcp.server fileset. To remove the bos.net.tcp.client fileset, the bos.net.tcp.server fileset, or a new fileset, run the lslpp -d fileset_name command. If no other software has requisites to the fileset that you want to remove, the removal is possible.

During an operating system migration, code changes occur, so that all the system configuration and user configurable files, which were owned by the bos.net.tcp.client and bos.net.tcp.server filesets, are merged by the new filesets that now own the files.

The list of new filesets follow:

  • bos.net.tcp.client_core
  • bos.net.tcp.server_core
  • bos.net.tcp.bind
  • bos.net.tcp.bind_utils
  • bos.net.tcp.bootp
  • bos.net.tcp.dfpd
  • bos.net.tcp.dhcp
  • bos.net.tcp.dhcpd
  • bos.net.tcp.ftp
  • bos.net.tcp.ftpd
  • bos.net.tcp.gated
  • bos.net.tcp.imapd
  • bos.net.tcp.mail_utils
  • bos.net.tcp.ntp
  • bos.net.tcp.ntpd
  • bos.net.tcp.pop3d
  • bos.net.tcp.pxed
  • bos.net.tcp.rcmd
  • bos.net.tcp.rcmd_server
  • bos.net.tcp.sendmail
  • bos.net.tcp.slip
  • bos.net.tcp.slp
  • bos.net.tcp.snmp
  • bos.net.tcp.snmpd
  • bos.net.tcp.syslogd
  • bos.net.tcp.tcpdump
  • bos.net.tcp.telnet
  • bos.net.tcp.telnetd
  • bos.net.tcp.tftp
  • bos.net.tcp.tftpd
  • bos.net.tcp.timed
  • bos.net.tcp.traceroute
  • bos.net.tcp.x500
  • bos.net.tcp.cpd

The encoded software in the bos.net.uucp fileset moved to the bos.net.uucode fileset.

Note: After upgrading the operating system to AIX 7.2, Technology Level 5 or later, the /etc/mail directory contains the new /etc/mail/sendmail.cf and /etc/mail/submit.cf files. The existing /etc/mail/sendmail.cf and /etc/mail/submit.cf files from the earlier versions of AIX are copied to the /lpp/save.config/etc/mail directory.

Migrating

Edit online

You can do an operating system migration to AIX 7 with 7200-05 from any level of the AIX operating system, on a system that supports AIX 7.2 boot. Installing any new level of AIX requires more disk space than previous levels. Verify that you have enough free space in the file systems, or that you have free partitions in the rootvg. Migrating requires slightly more free space than a basic installation.

If you are using a NIM LPP_SOURCE created with a prior level base media and later levels of updates that are added, you must initially create the LPP_SOURCE with the base media at the same release date or later than the level of AIX 5.3, AIX 6.1, or AIX 7.1 that you are migrating from. The last 4 digits of the output of the oslevel -s command represent the year and week of the service pack currently installed (YYWW).

The default value of the j2_inodeCacheSize tunable parameter was changed from 400® to 200. The j2_inodeCacheSize tunable parameter allows approximately 50,000 open files per gigabyte (GB) of main memory, and improves system performance. However, the j2_inodeCacheSize tunable parameter value of 200 can cause issues in systems that have a small amount of main memory (4 GB or less) and many concurrent users or many concurrent open files. To fix these issues, you can change the values for the j2_inodeCacheSize and the j2_metadataCacheSize tunable parameters from 200 to the previous value of 400 by running the following command:
Note: When you run the following command, the current value and boot value of both the tunable parameters are reset.
ioo -p -o j2_inodeCacheSize=400 -o j2_metadataCacheSize=400

If the issues are not fixed after you change the values for the j2_inodeCacheSize and the j2_metadataCacheSize tunable parameters, you can contact IBM Support.

Restriction:
If you are upgrading from AIX 7.2.4 to AIX 7.2.5 by using HMC V10 R1 M1010, the Live Update operation might result in errors. In this scenario, complete the following steps:
  • Run the installp command to upgrade from AIX 7.2.4 to AIX 7.2.5.
  • Run the hmcauth command to authenticate with the HMC.
  • Run the Live Update operation to check for upcoming interim fixes.

IBM License Metric Tool

Edit online

The IBM License Metric Tool version 7.2 is no longer supported. To learn more about the replacement version of IBM License Metric Tool Version 9.x, go to IBM License Metric Tool 9.2.

IBM PowerSC Trusted Surveyor

Edit online

IBM PowerSC Trusted Surveyor is not supported in AIX 7 with 7200-05. If you are migrating to AIX 7 with 7200-05, you must remove the powersc.ts fileset before you start the migration process. If you have WPARs that you are migrating, you must verify that the powersc.ts fileset is not installed on the WPARs.

Reliable Scalable Cluster Technology (RSCT)

Edit online

When you upgrade to AIX 7 with 7200-05, RSCT Version 3.2.5.0 is installed and replaces the previous version of RSCT. For more information about RSCT, see the IBM Docs for RSCT 3.2.

AIX 7.2 and RSCT Version 3.2.5.0 no longer support the Virtual Shared Disk (VSD) and Low-level application programming interface (LAPI) products. If these products are already installed from an older code level, both the rsct.vsd and rsct.lapi.rte filesets must be removed before migrating to AIX 7 with 7200-05. If you have third-party products that use VSD, you must review the current Spectrum Scale product offerings for a replacement.

DSM

Edit online

The dsm.core ships a /etc/ibm/sysmgt/dsm/overrides/dsm.properties file, which allows the user to override SSH configuration. If this file was modified, the file needs to be backed up manually before an update or a migration, as it is overwritten.

Thin Servers

Edit online

If you migrate any previous version of the AIX Common Operating System Image (COSI) and associated AIX Thin Servers to the AIX 7 with 7200-05, it is recommended that you delete any dump device that is associated with the migrated Thin Servers and re-create the Thin Servers.

Also, you must install the devices.tmiscsw.rte fileset on the NIM master for the AIX 7 with 7200-05 Thin Server to create a dump device. The devices.tmiscsw.rte fileset is available in the AIX Expansion Pack.

IBM Subsystem Device Driver

Edit online

AIX Version 7.2 does not support the IBM Subsystem Device Driver (SDD) for IBM TotalStorage Enterprise Storage Server®, the IBM TotalStorage DS family, and the IBM System Storage® SAN Volume Controller. If you are using SDD, you must transition to Subsystem Device Driver Path Control Module (SDDPCM) or AIX Path Control Module (PCM) for the multipath support on AIX for IBM SAN storage. SDD to SDDPCM migration scripts are available to help you with the transition.

Contact IBM storage technical support to request access to the migration scripts.

For more information about the available multipath I/O solutions and supported AIX versions for IBM SAN storage products, see the IBM System Storage Interoperation Center (SSIC) website.

Db2 migration

Edit online

IBM Db2® Version 11.1 with FP5 is available on the AIX base media. You can upgrade your Db2 environment from Db2 Version 10.5, 10.1, or 9.7 to Db2 Version 11.1. For more information about upgrading to Db2 Version 11.1, see the Upgrade to Db2 Version 11.1 topic.

Configuring

Edit online

This section contains information about configuring the AIX operating system.

Dynamic queue depth for MPIO devices

Edit online

A dynamic change occurs when you change a device attribute while the device is in the opened state. In the AIX operating system, you can change certain device attributes while the device is in the opened state by running the chdev command with the -U flag. In AIX 7 with 7200-05, you can dynamically change the queue_depth attribute for MPIO devices.

For each device that the AIX scsidisk device driver manages, a separate command queue is created. This queue is used as a buffer for the SCSI commands that are sent to the device. The queue_depth attribute represents the maximum number of SCSI commands that are allowed in the queue. The initial setting for the queue_depth attribute is configured in the ODM when the device is installed. In previous releases of the AIX operating system, the queue_depth attribute was static when a device was in the opened state. In AIX 7 with 7200-05, you can change the queue_depth attribute while the disk is in an opened state by running the chdev -U -l hdiskX -a queue_depth=NEW_VALUE command, where NEW_VALUE is the new queue depth.

libusb library

Edit online
The libusb library is an open source C library that is supported on AIX 7 with 7200-05. The libusb library provides generic access to USB devices. You can run libusb applications on AIX 7 with 7200-05 by recompiling the applications with this new libusb package. You can download the libusb RPM Package Manager (RPM) from the https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/libusb/ website. For more information about using the libusb library, see the following topics:

Thin provisioning

Edit online
AIX 7 with 7200-05 includes space reclamation support for thin provisioned disks that were added by using the Logical Volume Manager (LVM). When a sufficiently large amount of disk space from a physical volume is available, LVM releases this disk space back to the storage device. This function is enabled by default and can be turned off by using the ioo command. The space reclamation function is supported on only disks that are exposed to the AIX operating system with N_Port ID virtualization (NPIV) or direct attached FC adapters. Thin provisioning is available on the following storage products that support SCSI thin provisioning (Logical Block Provisioning) commands:
  • IBM DS8000®
  • IBM XIV®
  • EMC Symmetric family
  • IBM Spectrum® Virtualize
For more information about displaying space reclamation information, see the lvmstat command.

Diagnostics tasks

Edit online

AIX 7 with 7200-05 supports scheduling periodic diagnostics multiple times a day instead of only once per day. To schedule periodic diagnostics multiple times a day, run the diag command and select Task Selection > Periodic Diagnostics and specify a time interval between each test.

AIX 7 with 7200-05 supports formatting and certifying up to 10 disks in parallel instead of a single at a time. To format or certify multiple disks, run the diag command and from the Task Selection menu, select Certify Media in Parallel or Format Media in Parallel. All eligible resources are displayed in a list. You can select up to 10 disks from the list. The status of the operation is updated every 5 seconds. The time the operation takes to complete for each disk is based on various factors such as disk type, size, and speed.

Limitations and restrictions

Edit online

This section lists the restrictions and limitations that apply to AIX 7 with 7200-05.

Upgrading IBM Security Verify Directory

Edit online

Starting with AIX 7.3 Technology Level 2, IBM Security Directory Server (ISDS) is upgraded and is renamed as IBM Security Verify Directory (ISVD). The fileset for ISDS Version 6.4.0.25 is upgraded to ISVD Version 10.0.0.1. The fileset version and the name change for the directory have no impact on how the ISVD functions. The ISVD Version 10.0.0.1 fileset is shipped with AIX 7.3 Technology Level 2 and AIX 7.2 Technology Level 5 base packs. The AIX 7.3 with Technology Level 2 base pack also includes the latest and stable Lightweight Directory Access Protocol (LDAP) filesets that provide fixes for the earlier issues.

Note: To support clients who are using AIX 7.2 with supported Technology Levels, ISVD version 10.0 will be provided as part of AIX 7.2 base pack as ISDS version 6.4 reaches end of support (EOS) in September 2024.
If you have ISDS Version 6.4, you must upgrade to ISVD Version 10.0. For more information about upgrading to ISVD version 10.0, see Upgrade an instance of IBM Security Verify Directory page.
Note: For ISVD Version 10.0 to function properly, you must complete the entire process, starting with Setting the environment before you upgrade an instance to Links to client and server utilities.

AIX 7.2 Enterprise Edition 1.1, or later

Edit online

Previous versions of AIX Enterprise Edition included IBM® Tivoli® Monitoring Version 6.2.3 and Version 6.3.0. However, AIX 7.2 Enterprise Edition 1.1, or later, includes only Tivoli Monitoring Version 6.3.0. To use AIX 7.2 Enterprise Edition 1.1, or later, you must upgrade to Tivoli Monitoring Version 6.3.0.

OpenSSL version 3.0

Edit online

Starting with AIX 7.2 Technology Level 5, Open Source Secure Sockets Layer (OpenSSL) is updated from version 1.0.2 to 3.0.10. As a result of new updates in AIX 7.2 Technology Level 5, a few APIs are deprecated, weak ciphers are removed, support for Transport Layer Security (TLS) version 1.3 is introduced, and provider concepts are introduced. The OpenSSL version 3.0.10.1001 contains performance optimization for Advanced Encryption Standard (AES) with Galois/Counter Mode (AES-GCM) cipher and ChaCha20 stream cipher on Power10 systems.

Note: Starting with AIX 7.2 Technology Level 5, header files are OpenSSL version 3.0 based. Any new applications that are to be compiled must be compiled with OpenSSL version 3.0.
The AIX operating system ensures that the existing applications do not get impacted by the version update. Hence, the shared objects of OpenSSL 1.0.2 and OpenSSL 1.1 are retained in the OpenSSL library. The applications that depend on OpenSSL libraries must migrate to OpenSSL 3.0 before the end of support for the previous versions.
Note: The support for OpenSSL 1.0.2 ends by the end of year 2023 and the support for OpenSSL 1.1 ends by the end of year 2024. Shared objects of OpenSSL 1.0.2 will be retained beyond the year 2023 for compatibility with earlier OpenSSL versions. The shared objects of OpenSSL version 0.9.8 are no longer supported and the libcrypto_compat.a and libssl_compat.a libraries are removed since they contain only 0.9.8 shared object. Also the libraries libcrypto.a and libssl.a does not have 0.9.8 shared objects in them. As a mitigation, customers who depend on these shared objects are now recommended to compile their applications against the latest supported shared objects. OpenSSL 1.1 shared objects that are provided in the OpenSSL 3.0 library are from the corresponding latest release of the library that is provided with strong-cipher support. Customers who prefer to use this shared object are requested to compile applications by using the 1.1 library with strong-cipher support that is provided in AIX Web Download Pack Programs.
The command line tool openssl and openssl64 are linked with the shared object of OpenSSL 3.0. Due to compatibility issues, the commands might not function properly.
Note: Many options are added to OpenSSL 3.0; hence, it is mandatory to validate the command line tools (openssl and openssl64) before using them.
The OpenSSL 3.0 is compiled by using the following configuration options:
  • no-idea
  • no-rc5
  • no-weak-ssl-ciphers
  • no-psk
  • no-srp
  • no-deprecated

The new symbols that are introduced in the OpenSSL 3.0 configuration file are stored in the /var/ssl/openssl.cnf file. It is recommended to backup and save the changes in the old configuration file because the old OpenSSL configuration file is not retained for the use.

To use the legacy providers that are built inside the application, make the following changes in the new configuration file: 
openssl_conf = openssl_init

 [openssl_init]
 providers = provider_sect

 [provider_sect]
 default = default_sect
 legacy = legacy_sect

 [default_sect]
 activate = 1

 [legacy_sect]
 activate = 1
Note: Native AIX applications that used OpenSSL version 1.0.2 shared object are updated to use OpenSSL version 1.1.1 and the preceding shared objects.

For more information about updates between OpenSSL 1.0.2 and OpenSSL 3.0, see the community migration guide (https://www.openssl.org/docs/man3.0/man7/migration_guide.html).

To raise any queries, see IBM AIX support website.

OpenSSH Version 8.1p1

Edit online
The OpenSSH file set is updated to the open source community 8.1p1 release with VRMF 8.1.112.2000 in AIX.
  • The OpenSSH file set includes the patch for GSSAPI Key Exchange feature.
  • The OpenSSH file set is compiled with OpenSSL 1.1.1t version.
  • All the vulnerabilities reported in the higher version of OpenSSH (including the 8.7p1 release) are back ported to this fileset.
Note: All OpenSSH versions with VRMF 8.1.102.xxxx are no longer supported as support for OpenSSL 1.0.2 version ended in the year 2023. You must update to OpenSSH versions with VRMF 8.1.112.2000 or a later version. You can download the latest version of the OpenSSH fileset from the AIX Web Download Pack Programs website.

OpenSSH 6.0p1 with VRMF 6.0.0.6204, or earlier, OpenSSH 7.1p1 with VRMF 7.1.102.1100, or earlier, and OpenSSH 7.5p1 with VRMF 7.5.102.1600 or earlier are no longer supported. You can download the latest version of the OpenSSH fileset from the AIX Web Download Pack Programs website.

GSKit version requirement for NIST compliance

Edit online

GSKit version 8.0.55.11 is provided on the AIX 7 with 7200-05 Expansion Pack media.

Use GSKit version 8.0.50.10, or later, when you use IP Security with Rivest-Shamir-Adleman (RSA) key lengths that are greater than 2048 bits. The minimum RSA key length of 2048 bits is a requirement for complying with the National Institute of Standards and Technology (NIST) standard as defined in Special Publication 800-131A. When you generate certificates for IP securiy (IPsec), consider the requirements that are listed in Installing the IP security feature.

nmon command changes

Edit online

The behavior of the nmon recordings for the PCPU and SCPU sections are not recorded by default in AIX Version 7.2. To enable the recording of the PCPU and SCPU sections, run the nmon recording with the -y PCPU=on,SCPU=on options. When the PCPU and SCPU sections are enabled, the recorded format is the same as the format in previous versions of the AIX operating system. For more information about the nmon command, see the nmon command topic.

Perl

Edit online

The previous version of Perl was upgraded to Perl Version 5.28.1 in IBM AIX 7.2 with Technology Level 5. Perl is a separate 3rd-party open source package that is not owned by IBM. The Perl package might not preserve full compatibility across all versions. If you are moving Perl scripts to version 5.28.1, you must complete an evaluation of the scripts to verify that they continue to work as expected. For more information about Perl, see the Perl Programming Documentation website.

Code removed from AIX Version 7.2

Edit online
The following code and functions were removed from AIX Version 7.2, or later:
  • Fcparrayhead driver
  • graPHIGS programming interface
  • Network computing System 1.5.1 (bos.net.ncs fileset)
  • Network Data Administration Facility (NDAF)
  • Network Information Services + (NIS+)
    Note: NIS is still available.
  • IBM Systems Director Console for AIX
  • IP over Fibre Channel (FC) driver

Licensed programs not supported in AIX Version 7.2

Edit online
The following licensed programs are not supported in AIX Version 7.2:
  • AIX Fast Connect
  • Performance Toolbox for AIX
  • IBM PowerSC Trusted Surveyor
  • AIX Profile Manager

CIFS client fileset

Edit online

The bos.cifs_fs software package is moved to the AIX Version 7.2 Expansion Pack media. The Common Internet File System (CIFS) client is provided as-is (without support).

Note: AIX Version 7.2 supports SMB client file system that is based on Server Message Block (SMB) protocol version 2.1. The SMB client file system is a replacement of the CIFS client. The CIFS client is based on SMB protocol version 1. For more information, see SMB client file system.

Shared processor partition virtual CPU limit

Edit online

The shared processor partitions in the AIX operating system are limited to a maximum of 128 virtual processors. Each virtual processor contains up to eight hardware threads and allows up to 1024 logical processors for POWER8 systems that run in SMT8 mode. If your configuration requires more AIX LPAR processors, you must use dedicated processors.

Additional information

Edit online

IBM Hyperconverged Systems

Edit online

AIX on IBM Hyperconverged Systems that are powered by Nutanix provides simplified management through a hyperconverged infrastructure. You can run AIX Version 7.2.2 with Service Pack 2, or later, and APAR IJ05283 on IBM Hyperconverged Systems with POWER8 based CS821 and CS822 nodes.

AIX Version 7.2.2 with Service Pack 2, or later, runs fully virtualized on the Nutanix Acropolis Hypervisor and the corresponding virtual machine (VM) lifecycle is managed by the Nutanix PRISM graphical user interface (GUI). IBM Hyperconverged Systems support is integrated into the same version of the AIX 7.2.2 operating system that runs on IBM PowerVM® platforms. IBM Hyperconverged Systems are binary compatible with the AIX operating system that runs on PowerVM per the AIX binary compatibility guarantee.

Note: AIX Version 7.3 is not supported on IBM Hyperconverged Systems.

For more information about IBM Hyperconverged Systems, see the IBM Hyperconverged Systems topic.

AIX Dynamic System Optimizer

Edit online

The IBM AIX Dynamic System Optimizer (DSO) extends the features that are provided by the Active System Optimizer (ASO) to automatically adjust some system settings to maximize the efficiency of your system. This optimizer automates the difficult job of manually tuning those system settings to optimize eligible workloads. The additional features that are provided by DSO are large page optimization and data stream prefetch optimization.

DSO is no longer a stand-alone feature and is included in AIX Version 7.2, or later, as part of ASO. For more information about DSO and ASO, see the AIX Dynamic System Optimizer topic.

Linux SHA-256 and SHA-512 password cryptographic algorithm

Edit online

A Loadable Password Algorithm (LPA) model is available that supports the Linux SHA-256 and SHA-512 password cryptographic algorithm. The Linux SHA-256 and SHA-512 password cryptographic algorithm is supported by other operating systems and was published in the public domain by Ulrich Drepper (https://www.akkadia.org/drepper/SHA-crypt.txt).

The LPA model is included in the pwmod licensed program product (LPP) package. You can get the pwmod package from the AIX Web Download Pack website.

Common Criteria administration guide

Edit online

The Common Criteria administration guide for AIX 7.2.5.3 is available for use.

Visit the following URL to access the document that provides instructions to configure and operate AIX 7.2 Technology Level 5 (TL5) Service Pack 3 (SP3) in the Common Criteria evaluated configuration to meet the National Information Assurance Partnership (NIAP) Protection Profile for General Purpose Operating Systems version 4.2.1 (also known as OSPP) and Extended Package for Secure Shell v1.0.

https://www.ibm.com/support/pages/common-criteria-administration-guidance-aix-7253

Use the following links to view the certificate that has an expiration date of 7 July 2027.