HP3000/HP 3000 FAQ

Last Updated: Thursday, February 01, 2007 02:38 PM

Updating an HP3000 to MPE/iX 5.0

3.5.3. Updating to MPE/iX 5.0

Note that MPE/iX version 5.0 has not been supported by HP for some time. Customers were recommended to update to a supported OS release - MPE/iX 6.5 or later.

3.5.3.1. Exactly what networking services come with 5.0?

Here is what you get:                                                 

  On the 5.0 PUSH (C.50.00), the lan link software is now included as
  part of FOS.

    The following is included as part of FOS:

      - HP36923A - THINLAN 3000/IX NETWORK LINK
            a. 802.3/Ethernet Lan Drivers
            b. TCP/IP Network Transport
            c. NETIPC Sockets
            d. BSD Sockets
            e. SNMP
            f. NS Services Inbound Virtual Terminal (VT) only.

      - HP36957A - HP ARPA FILE TRANSFER PROTOCOL (FTP)
            a. FTP
            b. NS Services Remote Process Management (RPM)

      - HP TELNET/IX CLIENT (32098-20097)
            a. Outbound Telnet Client (over TCP)
            b. Inbound Telnet Server (over TCP) - product available in future


  The following is NOT included as part of FOS:

      - HP36920A - NS3000/IX NETWORK SERVICES
            a. Remote Database access (RDBA)
            b. Remote File access (RFA)
            c. Remote peripheral access
            d. Network File Transfer (NFT/DSCOPY)
            e. Virtual Terminal access (VT) inbound and outbound.

      - HP2347A/HP2344A - HP ARPA Telnet Access / Express:
            a. Inbound Telnet Server via DTC & TAC card.

3.5.3.2. Will my DAT drive allow the 5.0 update?

If its a SCSI DDS drive, the required firmware is 10.7 (later firmware doesn't work either, at least for the moment). The firmware can be updated easily via a "special" tape by a CE. If its a HPIB DDS drive, the correct firmware is version C, but this requires actual disassembly of the drive to update.

Be sure to check this out well in advance. Nobody likes surprises.

3.5.3.3. How long does the update take?

3.5.3.4. Isn't the ability to jump around with CD in the posix shell a security problem?

It's a very common misunderstanding to associate your Current Working Directory (CWD) with your logon group, since in the past your logon group doubled as both the CWD and the logon group. The logon group is instrumental in determining what access you have to files (determining whether or not you belong to the group user (GU) class). It also is the location that your CPU and connect time account to when you log off. The CWD is a naming shortcut. It allows you to say FOO instead of FOO.GROUP.ACCOUNT. It has no bearing on security or access to a file, or the ability to create or purge a file.

From your message, it appears that you believe that allowing a user to place their CWD (via the :CHDIR command) to another group or account provides some type of additional access to the files there. Let me assure you that that is not the case! Placing your CWD into PUB.SYS (or /SYS/PUB - whichever way you prefer) makes no difference in the access that you have to files in that location. You cannot create files, purge files, read, write, or do anything else, unless you already had the ability to do that (i.e. you had SM capability). All it lets you do is say :PRINT CATALOG, rather than

:PRINT CATALOG.PUB.SYS.

The thing that makes this confusing is the :CHGROUP command. :CHGROUP makes it hard to see the difference between the logon group and the CWD. Whenever you do a :CHGROUP, it actually logs you off and then back on, very quickly. Check the CPU and connect times of the old group (via the :REPORT command) just after you do a :CHGROUP and you'll see that they were updated with the amount of time you spent in that group before you "moved" over to your new group. The :CHDIR command makes the difference between the CWD and logon group obvious by allowing you to shortcut your naming independently of changing your logon group. Of course, the logon group must stay within your logon account, and so the :CHGROUP command will (still) not allow you to move your logon group outside that realm. By the way, the :CHGROUP command still changes both the CWD and the logon group, so that if they were pointing to different locations before a :CHGROUP, afterwards they'd both be pointing to the same group.

3.5.3.5. Checklist for updating to 5.0

1. The check-off list that came from HP.

2. Make sure the HPSUSAN in the kit is the right one for your computer.

I updated my 927LX last month and found it was a relatively painless experience. A couple other suggestions, in no particular order:

3. Read Interact back issues. Besides a recent update checklist article, the ones from a year or more ago under the title "An MPE Programmer Looks at MPE 5.0 [or POSIX]" are good. Sorry, I don't remember dates or authors and my back issues are at the office :-)

4. Check the contents of the SUBSYS tape (not a formality, stuff can get left out)

5. Review the conventions for POSIX file naming and "MPE escaped syntax." Review your backup procedures to be sure everything you want backed up does get backed up. If you are using a third-party product like RoadRunner, make sure (a) it is MPE 5.0 compatible and (b) it can back up the HFS directories, not just the MPE accounts under 5.0. (A) and (b) aren't necessarily the same. For example, I received an MPE 5.0 compatible RoadRunner upgrade automatically in February but had to request an additional upgrade before I could back up the HFS directories.

6. Check the status of all your other third party software products. Packages like MPEX will handle 5.0 just fine but it is prudent to install the 5.0 compatible version of any utility you rely on before installing 5.0 itself.

7. Be aware that if you have software or files stored off a 5.0 system and restored to your 4.0 system, there may be access problems. For example, I received a QUIZ schema from a software vendor; the schema was created on the vendor's 5.0 system and I restored it to my 4.0 system and made it readable by ANY; after the 5.0 update, users couldn't access the schema anymore; I first had to RELEASE the schema (band-aid solution), then change the POSIX owner and group IDs (permanent solution). You may not know you have files of this kind unless you contact your vendors and ask.

8. If your system is low on disk space, reserve the required space in advance.

9. If your system has limited memory, review the patch documents and apply the patch for low-memory systems. There is also a patch to resolve a bug whereby STORE silently ignores tape write errors and can, under some circumstances, create a bad tape without telling you. If you depend on STORE, you should be sure to apply the patch at the same time you do the update.

10. Keep in mind that, the way 5.0 is installed by default, users without capability will not have access to the root / directory and non-MPE directories under root. This means you are pretty secure to start with. But users can _create_ POSIX directories within MPE accounts and you will need to monitor this. It isn't an installation issue, as such, but there are implications: unless your users are quite sophisticated, you can update without immediate security risk; longer term, you can't ignore POSIX even if you don't mean to use it.

As much as anything, preparing for the 5.0 update is a question of comfort level. I found that if you follow the installation instructions, it goes by the book and isn't much more involved than any other update. The difference is how much new stuff there is to to learn in order to stay on top of the system _after_ the update.

I have made three upgrades to 5.0 and will do the fourth this Saturday.

The only problem is disc-space. Use the time until the upgrade to get the free space on ldev 1 that you must have. I have created the AXLDEV1 file (see the upgrade manual) in advance so I don't have to bother about enough disc-space. If you are short of space you have plenty of time to get a new disc drive.