PTF HMC V8 R8.6.0 Service Pack 1 Readme Hardware Management Console Readme For use with Version 8 Release 8.6.0 Updated: 24 April 2017 (C) Copyright International Business Machines Corp., 2017 All rights reserved. Contents The information in this Readme contains fix list and other package information about the Hardware Management Console. * Description <#descrip> * Package Information <#package> * Known Issues <#known> * General fixes <#fixes> * JNLP (VTERM) Details <#jnlp> * Installation <#install> * PowerVM in Social Media <#powervmsm> PTF HMC V8 R8.6.0 Service Pack 1 This package represents a service pack image that can be used to update your HMC from HMC V8 R8.6.0 to HMC V8 R8.6.0 Service Pack 1. You can also reference this package by PTF MH01656 and APAR MB04041. This image can be installed on top of HMC Version 8 Release 8.6.0 Recovery installation (PTF MH01654) with or without additional PTFs installed. *Note:* Service packs are cumulative and as such will include all the fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V8R860_SP1.iso 2874312704 2e9623114d032513a787617d86d5e35612db0e6a MB04041 MH01656 Splash Panel information (or lshmc -V output) "version= Version: 8 Release: 8.6.0 Service Pack: 1 HMC Build level 20170302.1 ","base_version=V8R8.6.0 " Enhancements and New Functions * Changed the default behaviour of partition migration operations to maintain the processor and memory affinity group of each migrating partition. Also, added support to the *migrlpar* command to allow users to override the processor and memory affinity group of each migrating partition. * Added support for JNLP based Virtual Terminal Console (VTERMs) on the following browsers: IE, Mozilla Firefox, Chrome, Safari Details provided in the section - JNLP (VTERM) Details. * *HMC New login pagei* The pre-login and login panels have been consolidated into one single page with the following features o New design o Welcome text integrated into the Sign-in box o Monitoring section, including resources states, Attention LEDs and Serviceable events o Social networks links (not available on local HMC) o DeveloperWorks feeds summary section (not available on local HMC) Known Issues * Live Kernel Update may fail if any partition on any server managed by the HMC has one or more virtual NICs configured. * The All Systems view in the enhanced GUI may be unresponsive and eventually display the error "The HMC information could not be displayed because of an error while retrieving the information." when there is an RMC issue between the HMC and one or more Mover Service Partitions managed by the HMC. Back to top <#ibm-content> Command Line Changes * The *migrlpar* command has been enhanced to allow the user to specify which processor and memory affinity group a migrating partition will participate in on the destination managed system Security Fixes * Fixed BIND vulnerabilities: CVE-2016-9778, CVE-2016-9131, CVE-2016-9444, CVE-2016-9147, and CVE-2017-3135 * Fixed glibc vulnerability: CVE-2016-3075 * Fixed NTP vulnerabilities: CVE-2016-7426, CVE-2016-7429, CVE-2016-7433, CVE-2016-9310, and CVE-2016-9311 * Fixed OpenSSL vulnerabilities: CVE-2016-8610 and CVE-2017-3731 * Fixed OpenSSH vulnerability: CVE-2015-8325 General Fixes This package provides the following fixes: * Installing this PTF will remove the user with the name operator, which was automatically created as a system user when HMC V8 R8.6.0 was installed. If you had an HMC user with the name operator prior to upgrading to HMC V8 R8.6.0, that HMC user will also be removed. After installing this PTF, you can create an HMC user with the name operator again. * Fixed an issue where disabling remote command execution was reset to enabled every HMC reboot. After applying this fix, users can disable remote command execution and the setting will be persisted. * Fixed a problem that caused the WWPN and WWNN information for Fibre Channel adapters to be missing from system plans created on the HMC. This problem only occurs for quad port Fibre Channel adapters. * Fixed a problem that caused HMC network configuration issues when the Guided Setup wizard was used to configure the HMC to obtain an IP address automatically from a DHCP server. * Fixed a rare hardware server failure causing the HMC connection to all managed systems to go down for several seconds. No user action was required as the hardware server restarts automatically after the failure. * Prevented another occurrence of the generation and call home of SRC E3550925. ?This SRC is generated when creating a Kerberos user and no remote user ID is specified or the remote user ID specified is not valid. * Fixed a problem that caused the following error to be displayed when trying to open the Virtual Storage Management GUI window:? "There was a problem running the VIOS command. HSCL2970 The IOServer Command has failed because of the following reason: hdisk1,[VG NAME],???????,???????,???????,[PVID] Volume group must be activated; use activatevg command." This error occurs when a volume group on the Virtual I/O Server being queried is varied off. . * Prevent the generation and call home of SRC E355104B when a GUI session is disconnected while a GUI task is still running that tries to update the GUI. * Changed the lshmcldap command to show an empty string for the LDAP search scope attribute instead of "one" when it is not configured on the HMC. When the scope attribute is not configured on the HMC, it could default to either "one" or "sub", which may lead to unexpected behaviour. * Improved the error message returned for a DLPAR error that occurs when the trunk priority or VLAN configuration of the virtual Ethernet trunk adapter being created is not compatible with the configuration of an existing trunk adapter. * Fixed a problem that caused the chhmcldap command to sometimes falsely report success (a return code of 0 and no error message) when setting an attribute when the actual result was that the command did not set the specified attribute. This problem only occurs when the specified attribute is missing from the LDAP configuration file on the HMC. * Fixed a problem that caused the right parenthesis character ")" to look the same as the right curly brace character "}" in vterm console windows on the local HMC console. * Fixed a problem with the View Network Topology GUI task that always caused the IP address and managed system information to be missing for the configured HMC Ethernet interfaces. * Fixed an intermittent problem that caused IBM.LparCmdRMd to terminate abnormally and restart during a partition mobility operation that used redundant MSPs with IPv6 addresses. This caused the partition mobility operation to fail. PowerVC error messages may include "The migration command issued to the HMC failed. Ensure that source and target Virtual I/O Servers are running and with an RMC status of Active. For detailed information about the failure, see the nova compute log file." ?Messages logged in /var/log/messages on the HMC may include "0513-035 The IBM.LparCmdRM Subsystem ended abnormally. SRC will try and restart it." * Fixed a problem that caused extra mobile resources to appear in a Power enterprise pool following a pool update operation. This problem only occurs if an automatic permanent to mobile resource conversion on a server is successfully done during the update operation and when the total pool resource code had already been successfully entered on a previous pool update operation. The extra mobile resources in the pool cannot be corrected until this fix is applied to all of the HMCs managing the pool. Once this fix is applied, updating the pool with the latest pool configuration file will correct the mobile resources in the pool. * Changed the server firmware activation process to report an error when the activation of platform firmware of a partition fails due to an RMC error. Prior to this fix, the server firmware activation process appeared to finish successfully. * Fixed a problem that caused the following error to be displayed when running a repair and verify procedure against a frame component: "Could not register as primary owner of server " * Fixed a race condition to prevent the generation and call home of SRC E3551172. * Remove predefined NTP servers, which were added during a scratch installation of HMC V8 R8.6.0, from the HMC's NTP configuration. * Fixed a problem where, on the local HMC console session, the HMC Management > Lock Management Console Screen and HMC Management > Launch Remote Hardware Management Console GUI tasks are not displayed for any HMC user except hscroot. * Fixed the false reporting of SRC B3030007 after some HMC reboots. * Corrected the functioning of the PgUp and PgDn keys on Japanese keyboards when used in a virtual terminal window when the HMC is set to the Japanese locale. * Fixed an issue where serviceable event problem data upload failed and generated SRC E3550421 when HMC A tried to call home a problem through HMC B and the HMCs were at different fix levels. Applying this fix to the originating HMC (HMC A) allows successful transmission of problem data even if the callhome HMC (HMC B) is downlevel. Note that IBM recommends all HMCs participating as a callhome server be at the same fix level. * Added another fix to prevent various intermittent PowerVC failures due to an HMC REST API "ChunkedEncodingError". * Fixed a rare issue that caused the generation and call-home of SRC E35A0007 due to too many open files. * Changed the enhanced GUI to display all memory values in gigabytes. Prior to this change, memory values greater than 1 terabyte were shown in terabytes in some windows. * Added a new warning message to the enhanced GUI partition properties Processors and Memory panels that will be displayed when there is no RMC connection to the partition of "You cannot perform any action as the RMC connection is inactive. Ensure that the RMC connection is active to modify the properties of the logical partition." * Fixed an issue that sometimes caused the following error messages to be displayed when restoring database files: "[] systemd-journald[]: Failed to write entry ( items, bytes), ignoring: Invalid argument" during a restore management console data operation. These messages can be ignored. They will not cause the restore management console data operation to fail. * Fixed an issue that caused a change to the Performance and Capacity Monitoring (PCM) data collection state for a managed system made just prior to performing an HMC upgrade to no longer be in effect following the HMC upgrade. * Fixed a problem that caused the deployment of a system template which has virtual I/O Servers (VIOSs) with SR-IOV logical ports to fail with the error "Too much capacity configured for the selected physical port" even when too much capacity was not configured. Also, corrected the calculation of available capacity shown for a physical port on the VIOS logical port assignment page of the deploy system template task. * Fixed a problem preventing Performance and Capacity Monitoring (PCM) data from being displayed. Error messages may include "The data cannot be retrieved for the selected timer interval. Please choose a different refreshing interval or wait for sometime." This problem only occurs if there is a shared storage pool name greater than 64 characters in length. To circumvent this problem, reduce the shared storage pool name to 64 characters or less. Back to top <#ibm-content> JNLP (VTERM) Details *Note: * To launch JNLP VTERM from HMC Remote console, the domain name must be configured in the HMC Network Settings. Otherwise the VTERM launch will fail. There is no browser configuration required in the HMC Local Console. *Follows the browser behaviour when JNLP is launched from HMC’s Remote Console: * *Firefox (Version 45.7.0):* When VTERM is launched using “Open Terminal Window”, a pop-up will be shown to open the jnlp extension file for which the user can select “Open with” – “Java Web Start Launcher” or ‘Save’ file to proceed with VTERM opening. *Internet Explorer (Version 11.0):* When VTERM is launched using “Open Terminal Window”, select one of the option - Open or Save option for the jnlp file in order to launch the VTERM. *Chrome (Version 56.0):* When VTERM is launched using “Open Terminal Window”, a pop-up will be shown to save as the jnlp extension file. ‘Save’ the file and open the saved file to launch the VTERM. *Safari (Version 9.1.2):* When VTERM is launched using “Open Terminal Window”, the jnlp extension file is downloaded. Open the Download location in Finder or click on show downloads location icon on the downloads list on Safari browser. To Open the file, ‘Control’ click on the file and select ‘Open with’ Java Web Start (if it is already configured to run jnlp files as default). To set JWS as default application to open jnlp files, click on Others and navigate to “System > Library > CoreServices” scroll the list and pick ‘Java Web Start’ and check the box. There will be a warning message for which click Open to Launch the JNLP VTERM application. *Note*: Any plugin must be enabled by user manually per website or default to all site. Automatic launch of JNLP files was removed due to security and malware issue and it also required that the JNLP should contain a signature block from Apple, as an Apple identified developer to run the JNLP files else would show a security restriction for the user. The VTERM applet will download once it finds the Java plugin for Safari is enabled for all or for the HMC web page that is visited. This is a onetime setting for Applets to launch. Back to top <#ibm-content> Installation Installation instructions for HMC Version 8 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 8 Installation methods for HMC Version 8 fixes Instructions and images for upgrading via a remote network install can be found here: HMC V8 network installation images and installation instructions PowerVM in Social Media Find recent updates and information about IBM PowerVM in the following DeveloperWorks Wiki and LinkedIn Group: * PowerVM DeveloperWorks Wiki: ibm.biz/powervmwiki * PowerVM LinkedIn Group: ibm.biz/powervmgrp The PowerVM DeveloperWorks Wiki and the PowerVM LinkedIn Group facilitate direct communication between the user and the PowerVM development team. Please post your queries and comments in the IBM PowerVM LinkedIn Group . We are creating a set of FAQs based on all the queries we receive. Back to top <#ibm-content>