swverify(1M)swverify(1M)NAMEswverify - verify software products
SYNOPSIS
session_file] software_file] jobid] date] session_file] target_file]
option=value] option_file] [software_selections] target_selec‐
tions]
Remarks
· This command supports operations on remote systems. See
below.
· For an overview of all SD commands, see the sd(5) man page by
typing on the command line.
DESCRIPTION
The command verifies the software_selections at one or more tar‐
get_selections (for example, root filesystems). When verifying
installed software, checks software states, dependency relationships,
file existence and integrity, in addition to executing vendor-supplied
verification scripts.
The command also verifies software_selections at one or more target
depots. For target depots, performs all of the checks listed above,
but does not execute verification scripts.
does support operations on a tape depot.
The command also supports these features:
· Verifies whether installed or configured software is compati‐
ble with the hosts on which that software is installed.
· Verifies that all dependencies (prerequisites, corequisites,
exrequisites) are being met (for installed software) or can
be met (for available software).
· Executes vendor-specific scripts that check if the software
products is correctly configured.
· Executes vendor-specific scripts that correct and report spe‐
cific problems.
· Reports missing files, check all file attributes (ignoring
volatile files). These attributes include permissions, file
types, size, checksum, mtime, link source and major/minor
attributes.
Remote Operation
You can enable SD to manage software on remote systems. To let the
root user from a central SD controller (also called the central manage‐
ment server or manager node) perform operations on a remote target
(also called the host or agent):
1) Set up the root, host, and template Access Control Lists (ACLs) on
the remote machines to permit root access from the controller sys‐
tem. To do this, run the following command on each remote system:
NOTES:
· controller is the name of the central management server.
· If remote system is 11.00, make sure SD patch PHCO_22526 or a
superseding patch is installed on remote system before running
· If remote system is older than 11.00 or for some other reason
does not have in place, copy script from an 11.11 or higher sys‐
tem to the remote system.
2) and have enhanced GUI interfaces for remote operations. Enable the
enhanced GUIs by creating the file on the controller. Use this
command:
See sd(5), swinstall(1M), swcopy(1M), swjob(1M), swlist(1M), or
swremove(1M) for more information on interactive operations.
NOTE: You can also set up remote access by using directly on the remote
machines to grant root or non-root access to users from the controller
system.
Options
supports the following options:
Operate on a depot rather than installed software.
Runs vendor-specific
scripts to correct and report problems on
installed software. The fix script can create
missing directories, correct file modifications
(mode, owner, group, major, and minor), and
recreate symbolic links.
Operates on an alternate root directory, which must be specified
in the
option. Verify scripts are not run when verify‐
ing software in an alternate root directory.
(This option is not required for alternate root
operations but is maintained for backward compat‐
ibility. See the heading in sd(5) for more
information.)
Turns on verbose output to stdout.
(The logfile is not affected by this option.)
Verbose output is enabled by default; see the
option below.
Save the current options and operands only to the
session_file. You can enter a relative or abso‐
lute path with the file name. The default direc‐
tory for session files is Without this option, by
default, the session file is saved only in the
default directory
You can recall a session file with the option.
Read the list of
software_selections from software_file instead of
(or in addition to) the command line.
Executes the previously scheduled job.
This is the syntax used by the daemon to start
the job.
Schedules the job for this
date. You can change the date format by editing
the
Execute based on the options and operands saved from a
previous session, as defined in session_file.
You can save session information to a file with
the option.
Read the list of
target_selections from target_file instead of (or
in addition to) the command line.
Set the session
option to value and override the default value
(or a value in an alternate options_file speci‐
fied with the option). Multiple options can be
specified.
Read the session options and behaviors from
options_file.
Operands
Most SD commands support two types of operands: followed by These oper‐
ands are separated by the "at" character. This syntax implies that the
command operates on "software selections at targets".
Software Selections
The command supports the following syntax for each software_selection:
· You can specify selections with the following shell wildcard
and pattern-matching notations:
· Bundles and subproducts are recursive. Bundles can contain
other bundles and subproducts can contain other subproducts.
· The software specification selects all products. Use this
specification with caution.
The component has the form:
· location applies only to installed software and refers to
software installed to a location other than the default prod‐
uct directory.
· and apply only to filesets.
· and apply only to bundles and products. They are applied to
the leftmost bundle or product in a software specification.
· The <op> (relational operator) component can be of the form:
or
which performs individual comparisons on dot-separated
fields.
For example, chooses all revisions greater than or equal to
The system compares each dot-separated field to find matches.
· The (equals) relational operator lets you specify selections
with the shell wildcard and pattern-matching notations:
For example, the expression returns any revision in version
10 or version 11.
· All version components are repeatable within a single speci‐
fication (for example, If multiple components are used, the
selection must match all components.
· Fully qualified software specs include the and version compo‐
nents even if they contain empty strings. For installed
software, is also included.
· No space or tab characters are allowed in a software selec‐
tion.
· The software can take the place of the version component. It
has the form:
[instance_id]
within the context of an exported catalog, where is an inte‐
ger that distinguishes versions of products and bundles with
the same tag.
Target Selections
The command supports the following syntax for each target_selection.
A host may be specified by its host name, domain name, or Internet
address. If host is specified, the directory must be an absolute path.
To specify a relative path when no host is specified, the relative path
must start with or otherwise, the specified name is considered as a
host.
Target Selection with IPv6 Address
The command also supports specifying the host as an IPv6 address on HP-
UX Release 11i v3, as shown below.
If both the hostname and the path are specified, then the first occur‐
rence of a slash is treated as the separator.
The IPv6 address can optionally be enclosed in a pair of square brack‐
ets and
EXTERNAL INFLUENCES
Default Options
In addition to the standard options, several SD behaviors and policy
options can be changed by editing the default values found in:
the system-wide default values.
the user-specific default values.
Values must be specified in the defaults file using this syntax:
The optional prefix denotes one of the SD commands. Using the prefix
limits the change in the default value to that command. If you leave
the prefix off, the change applies to all commands.
You can also override default values from the command line with the or
options:
The following section lists all of the keywords supported by the com‐
mand. If a default value exists, it is listed after the The commands
that this option applies to are also specified.
The location for SD logfiles and the default par‐
ent directory for the
installed software catalog. The default
value is for normal SD operations. When
SD operates in nonprivileged mode (that
is, when the default option is set to
· The default value is forced to
· The path element is replaced with the
name of the invoking user, which SD
reads from the system password file.
· If you set the value of this option
to path, SD replaces with the invok‐
ing user's home directory (from the
system password file) and resolves
path relative to that directory. For
example, resolves to the directory in
your home directory.
· If you set the value of the default
option to a relative path, that path
is resolved relative to the value of
this option.
SD's nonprivileged mode is intended only
for managing applications that are spe‐
cially designed and packaged. This mode
cannot be used to manage the HP-UX oper‐
ating system or patches to it. For a
full explanation of nonprivileged SD,
see the available at the web site.
See also the and options.
Causes the target agent to automatically exit
after Execute phase, or after
a failed Analysis phase. This is forced
to when the controller is using an
interactive UI, or when (preview) is
used. This enhances network reliability
and performance. The default value of
causes the target agent to automatically
exit when appropriate. When set to the
target agent will not exit until the
controller ends the session.
Causes a target agent to exit if it has been inac‐
tive for the
specified time. This can be used to
make target agents more quickly detect
lost network connections since RPC can
take as long as 130 minutes to detect a
lost connection. The recommended value
is the longest period of inactivity
expected in your environment. For com‐
mand line invocation, a value between 10
minutes and 60 minutes is suitable. A
value of 60 minutes or more is recom‐
mended when the GUI will be used. The
default of 10000 is slightly less than 7
days.
Requires that the software products which are
being installed be
"compatible" with the target selections.
(All of the target selections must match
the list of supported systems defined
for each selected product.) If set to
target compatibility is not enforced.
Prevents the installation or configuration of
another, independent
version of a product when a version
already is installed or configured at
the target.
If set to another version of an existing
product can be installed into a new
location, or can be configured in its
new location. Multiple versions can
only be installed if a product is locat‐
able. Multiple configured versions will
not work unless the product supports it.
Controls automatic job removal of completed jobs.
If the job is automatically removed, job
information (job status or target log
files) cannot be queried with
Controls the automatic selection of prerequisite,
corequisite, and
exrequisite software that is not explic‐
itly selected by the user. When set to
the requisite software is automatically
selected for configuration. When set to
requisite software which is not explic‐
itly selected is not automatically
selected for configuration.
The option is ignored when this option
is set to
Controls the automatic selection
of the first left-most dependency in a
list of OR dependencies that satisfies a
requisite when another dependency in the
list that also satisfies the requisite
is explicitly selected by the user.
When set to the first left-most depen‐
dency in a list of OR dependencies that
satisfies a requisite is not automati‐
cally selected when another dependency
in the list that also satisfies the req‐
uisite is explicitly selected. If set
to the first left-most dependency in a
list of OR dependencies that satisfies a
requisite is automatically selected even
when another dependency in the list that
also satisfies the requisite is explic‐
itly selected.
This option is ignored when the option
is set to
Causes to verify the time stamp, size, and
checksum attributes of files. If set to
these attributes are not verified.
(This option is ignored if
is set to Controls whether or not vali‐
dates the size and checksum for com‐
pressed files. In the default state of
checks only the mtime, size and cksum
attributes of the compressed file. If
set to uncompresses the file in memory
and verifies the size and cksum
attributes of the uncompressed contents.
Only files compressed with SD's internal
compressor can be uncompressed during a
operation. See the option of the
swpackage(1M) command for more informa‐
tion.
(This option is ignored if
is set to Controls whether or not com‐
putes a checksum on the contents of the
file. In the default state of checks
all file attributes including the check‐
sum. If set to checks only the file
timestamp and size.
Causes to verify the mode, owner, UID, group,
and GID attributes of installed files.
If set to these attributes are not veri‐
fied.
Causes to verify that the prerequisite, coreq‐
uisite, and exrequisite dependencies of
the software selections are being met.
If set to these checks are not per‐
formed.
Causes to run the fileset/product verify
scripts for installed software. If set
to these scripts are not executed.
Causes to not verify those files marked as
volatile (that is, can be changed). If
set to volatile files are also checked
(for installed software).
Specifies the location of a depot for the con‐
troller to access to
resolve selections. Setting this option
can reduce network traffic between the
controller and the target. Use the tar‐
get selection syntax to specify the
location:
This option has no effect on which
sources the target uses.
Defines the default distribution directory of the
target depot.
The target_selection operand overrides
this default.
Requires that all dependencies specified by the
software_selections be resolved either
in the specified source, or at the tar‐
get_selections themselves.
If set to dependencies will still be
checked, but not enforced. Corequisite
dependencies, if not enforced, may keep
the selected software from working prop‐
erly. Prerequisite or exrequisite
dependencies, if not enforced, may cause
the installation or configuration to
fail.
(Currently,
recognizes this option, but the option
has no associated behavior. See swin‐
stall(1M) or sd(5) for more informa‐
tion.) Controls the handling of errors
when relocating a non-locatable fileset.
If an error is generated when an attempt
is made to locate a non-locatable file‐
set. If an attempt is made to locate
the fileset in any case.
Controls the behavior of
command by checking the available.
If set to command proceeds if one or
more software selections are available.
If set to the command proceeds only if
all the software selections are avail‐
able.
If runs vendor-specific scripts to correct
and report problems on installed soft‐
ware. Fix scripts can create missing
directories, correct file modifications,
(mode, owner, group, major, minor), and
recreate symbolic links. If fix scripts
are not run.
Defines the directory path where the Installed
Products Database (IPD)
is stored. This information describes
installed software. When set to an
absolute path, this option defines the
location of the IPD. When this option
contains a relative path, the SD con‐
troller appends the value to the value
specified by the option to determine the
path to the IPD. For alternate roots,
this path is resolved relative to the
location of the alternate root. This
option does not affect where software is
installed, only the IPD location.
This option permits the simultaneous
installation and removal of multiple
software applications by multiple users
or multiple processes, with each appli‐
cation or group of applications using a
different IPD.
Caution: use a specific to manage a spe‐
cific application. SD does not support
multiple descriptions of the same appli‐
cation in multiple IPDs.
See also the and options, which control
SD's nonprivileged mode. (This mode is
intended only for managing applications
that are specially designed and pack‐
aged. This mode cannot be used to man‐
age the HP-UX operating system or
patches to it. For a full explanation
of nonprivileged SD, see the available
at the web site.)
This is an ASCII string giving a title to a job.
It is displayed along with the job ID to
provide additional identifying informa‐
tion about a job when is invoked.
Controls the handling of corequisites in determin‐
ing the order in
which filesets are loaded.
If promotes the corequisite of a prereq‐
uisite to prerequisite. If corequisites
are not used in determining load order.
Controls the amount of detail written to the log‐
file.
When set to this option adds detailed
task information (such as options speci‐
fied, progress statements, and addi‐
tional summary information) to the log‐
file. This information is in addition
to log information controlled by the
option.
Defines the default log file for each SD command.
(The agent log files are always located
relative to the target depot or target
root, for example, and
Controls the log level for the events logged to
the command logfile, the
target agent logfile, and the source
agent logfile. This information is in
addition to the detail controlled by the
option. See above, and the sd(5) manual
page (by typing for more information. A
value of:
provides no information to the logfile.
enables verbose logging to the logfiles.
enables very verbose logging to the log‐
files.
Adds numeric identification numbers at the begin‐
ning of SD logfile
messages:
(default) No identifiers are attached
to messages.
Adds identifiers to ERROR messages only.
Adds identifiers to ERROR and WARNING
messages.
Adds identifiers to ERROR, WARNING, and
NOTE messages.
Adds identifiers to ERROR, WARNING,
NOTE, and certain other
informational messages.
Controls the time in minutes to cache and re-use
the results of hostname
or IP address resolution lookups. A
value of 0 disables the facility to
cache and re-use lookup results. The
maximum value allowed is 10080 minutes,
which is one week.
A value of:
disables the lookup caching mechanism.
is the maximum value allowed.
By default, the SD
commands attempt to mount all filesys‐
tems in the file at the beginning of the
analysis phase, to ensure that all
listed filesystems are mounted before
proceeding. This policy helps to ensure
that files are not loaded into a direc‐
tory that may be below a future mount
point, and that the expected files are
available for a remove or verify opera‐
tion.
If set to the mount operation is not
attempted, and no check of the current
mounts is performed.
This option controls the exit code returned by
SD's controller commands.
This option is applicable only for a
single target operation, and ignored
when multiple targets are used.
When set to the default value of swver‐
ify returns:
0 If there were no errors, with or
without warnings.
1 If there were errors.
When set to swverify returns :
0 If there were no warnings and no
errors.
1 If there were errors.
2 If there were warnings but no errors.
Defines the protocol sequence(s) and endpoint(s)
on which the daemon
listens and which the other commands use
to contact the daemon. If the connec‐
tion fails for one protocol sequence,
the next is attempted. SD supports both
the tcp and udp protocol sequence on
most platforms. See the sd(5) man page
by typing for more information.
Relative length of the communications timeout.
This is a value in the range from 0 to 9
and is interpreted by the DCE RPC.
Higher values mean longer times; you may
need a higher value for a slow or busy
network. Lower values will give faster
recognition on attempts to contact hosts
that are not up, or are not running Each
value is approximately twice as long as
the preceding value. A value of 5 is
about 30 seconds for the protocol
sequence. This option may not have any
noticeable impact when using the proto‐
col sequence.
This option controls SD's nonprivileged mode.
This option is ignored (treated as true)
when the invoking user is super-user.
When set to the default value of true,
SD operations are performed normally,
with permissions for operations either
granted to a local super-user or set by
SD ACLs. (See swacl(1M) for details on
ACLs.)
When set to false and the invoking user
is local and is not super-user, nonpriv‐
ileged mode is invoked:
· Permissions for operations are based
on the user's file system permis‐
sions.
· SD ACLs are ignored.
· Files created by SD have the uid and
gid of the invoking user, and the
mode of created files is set accord‐
ing to the invoking user's umask.
SD's nonprivileged mode is intended only
for managing applications that are spe‐
cially designed and packaged. This mode
cannot be used to manage the HP-UX oper‐
ating system or patches to it. For a
full explanation of nonprivileged SD,
see the available at the web site.
See also the and options.
If no target_selections are specified, select
the default of the local host as the
target_selection for the command.
Defines the default
software_selections. There is no sup‐
plied default. If there is more than
one software selection, they must be
separated by spaces. Software is usu‐
ally specified in a software input file,
as operands on the command line, or in
the GUI.
Defines the default
target_selections. There is no supplied
default (see above). If there is more
than one target selection, they must be
separated by spaces. Targets can be
specified in a target input file or as
operands on the command line.
Controls the verbosity of a non-interactive com‐
mand's output:
disables output to stdout.
(Error and warning messages are
always written to stderr).
enables verbose messaging to stdout.
for and enables very verbose messaging
to stdout.
The option overrides this default if it
is set to 0.
Session File
Each invocation of the command defines a verify session.
The invocation options, source information, software
selections, and target hosts are saved before the instal‐
lation or copy task actually commences. This lets you
re-execute the command even if the session ends before
proper completion.
Each session is saved to the file This file is overwrit‐
ten by each invocation of
You can also save session information to a specific file
by executing with the session_file option.
A session file uses the same syntax as the defaults
files. You can specify an absolute path for the session
file. If you do not specify a directory, the default
location for a session file is
To re-execute a session file, specify the session file as
the argument for the session_file option of
Note that when you re-execute a session file, the values
in the session file take precedence over values in the
system defaults file. Likewise, any command line options
or parameters that you specify when you invoke take
precedence over the values in the session file.
Environment Variables
SD programs that execute control scripts set environment
variables for use by the control scripts.
The environment variables that affect the command are:
Determines the language in which messages are dis‐
played.
If is not specified or is set to the
empty string, a default value of is
used. See the lang(5) man page by
typing for more information.
NOTE: The language in which the SD
agent and daemon log messages are
displayed is set by the system con‐
figuration variable script, For exam‐
ple, must be set to or to make the
agent and daemon log messages display
in Japanese.
Determines the locale to be used to override any
values for locale
categories specified by the settings
of or any environment variables
beginning with
Determines the interpretation of sequences of
bytes of text data as
characters (for example, single ver‐
sus multibyte characters in values
for vendor-defined attributes).
Determines the language in which messages should
be written.
Determines the format of dates
(create_date and mod_date) when dis‐
played by Used by all utilities when
displaying dates and times in and
Determines the time zone for use when displaying
dates and times.
Environment variables that affect scripts:
Holds the path to the Installed Products Database
(IPD), relative to
the path in the environment variable.
Note that you can specify a path for
the IPD using the default option.
Defines the current directory of the script being
executed, either
a temporary catalog directory, or a
directory within in the Installed
Products Database (IPD). This vari‐
able tells scripts where other con‐
trol scripts for the software are
located (for example, subscripts).
Holds the tag name of the
control_file being executed. When
packaging software, you can define a
physical name and path for a control
file in a depot. This lets you
define the control_file with a name
other than its tag and lets you use
multiple control file definitions to
point to the same file. A con‐
trol_file can query the variable to
determine which tag is being exe‐
cuted.
Defines the location of the product, which may
have been changed from
the default product directory. When
combined with the this variable tells
scripts where the product files are
located.
A variable which defines a minimum set
of commands available to for use in a
control script (for example,
Defines the root directory in which the session is
operating, either
or an alternate root directory. This
variable tells control scripts the
root directory in which the products
are installed. A script must use
this directory as a prefix to to
locate the product's installed files.
The configure script is only run when
is
Contains the pathname of a file containing the
value of every option
for a particular command, including
software and target selections. This
lets scripts retrieve any command
options and values other than the
ones provided explicitly by other
environment variables. For example,
when the file pointed to by is made
available to a request script, the
targets option contains a list of
software_collection_specs for all
targets specified for the command.
When the file pointed to by is made
available to other scripts, the tar‐
gets option contains the single soft‐
ware_collection_spec for the targets
on which the script is being exe‐
cuted.
This variable contains the fully qualified soft‐
ware specification of
the current product or fileset. The
software specification allows the
product or fileset to be uniquely
identified.
Signals
The command catches the signals SIGQUIT, SIGINT, and
SIGUSR1. If these signals are received, the command
prints a message, sends a Remote Procedure Call (RPC) to
the agents to wrap up after completion, and then exits.
The agent ignores SIGHUP, SIGINT, and SIGQUIT. It imme‐
diately exits gracefully after receiving SIGTERM,
SIGUSR1, or SIGUSR2. Killing the agent may leave corrupt
software on the system, and thus should only be done if
absolutely necessary. Note that when an SD command is
killed, the agent does not terminate until completing the
task in progress.
The daemon ignores SIGHUP, SIGINT and SIGQUIT. It imme‐
diately exits gracefully after receiving SIGTERM and
SIGUSR2. After receiving SIGUSR1, it waits for comple‐
tion of a copy or remove from a depot session before
exiting, so that it can register or unregister depots if
necessary. Requests to start new sessions are refused
during this wait.
RETURN VALUES
The command returns:
The software_selections were successfully veri‐
fied.
The verify operation failed on
all target_selections.
The verify operation failed on
some target_selections.
DIAGNOSTICS
The command writes to stdout, stderr, and to specific
logfiles.
Standard Output
The command writes messages for significant events.
These include:
· a begin and end session message,
· selection, analysis, and execution task mes‐
sages for each target_selection.
Standard Error
The command also writes messages for all WARNING and
ERROR conditions to stderr.
Logging
The command logs summary events at the host where the
command was invoked. It logs detailed events to the log‐
file associated with each target_selection.
Command Log
The command logs all stdout and stderr messages to
the the logfile (The user can specify a different
logfile by modifying the option.)
Target Log
A process performs the actual verify operation at
each target_selection. When verifying installed
software, the logs messages to the file beneath
the root directory (for example, or an alternate
root directory). When verifying available soft‐
ware (within a depot), the logs messages to the
file swagent.log beneath the depot directory (for
example,
Command and target log files can be viewed using
the command.
swagentd Disabled
If the daemon has been disabled on the host, it can be
enabled by the host's system administrator by setting the
entry in to and executing
EXAMPLES
Verify the C and Pascal products installed at the local
host:
Verify a particular version of HP Omniback:
Verify the entire contents of a local depot:
Verify the entire contents of a system:
Verify the C and Pascal products on remote hosts:
Verify the entire contents of a local depot from the
directory depot while in the directory
FILES
Contains the user-specific default values for some or all
SD options.
Contains session files automatically saved by the SD com‐
mands, or
explicitly saved by the user.
Contains the master list of current SD options with their
default values.
The directory which contains all the configurable
and non-configurable data for SD. This directory
is also the default location of logfiles.
Contains the active system-wide default values for some
or all SD options.
Contains the set of date/time templates used when sched‐
uling jobs.
The Installed Products Database (IPD), a catalog of all
products
installed on a system.
The default location of a target software depot.
AUTHOR
was developed by the Hewlett-Packard Company.
SEE ALSOinstall-sd(1M), swacl(1M), swagentd(1M), swask(1M),
swconfig(1M), swcopy(1M), swinstall(1M), swjob(1M),
swlist(1M), swmodify(1M), swpackage(1M), swreg(1M), swre‐
move(1M), sd(4), swpackage(4), sd(5).
available at
SD customer web site at
swverify(1M)