Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 06-Software Upgrade Commands | 71.13 KB |
Software upgrade commands
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide.
boot-loader
Use boot-loader to specify a startup system software image for the next reboot.
Syntax
boot-loader file file-url { main | backup }
Views
User view
Default command level
3: Manage level
Parameters
file file-url: Specifies the file path, a string of 1 to 63 characters. If you enter a relative path, the system automatically converts it to an absolute path. The absolute path can contain up to 63 characters. The file name uses the drive:/file-name format or the file-name format, where:
· The drive argument specifies the storage medium where the file is saved. The device has only one storage medium for storing files, so you can omit the storage medium name.
· The file-name argument specifies the file name, which must use the .bin extension.
main: Specifies the file as the main system software image. The main system software image has higher priority than the backup system software image at startup.
backup: Specifies the file as the backup system software image. The backup system software image is used at startup only if the main system software image is unavailable.
Usage guidelines
To execute the boot-loader command successfully, make sure the image file has been saved to the root directory of the storage medium on the device.
In FIPS mode, the file must pass authenticity verification before it can be set as a startup system software image file.
Examples
# Specify test.bin as the main startup system software image file. This example assumes that this file is saved in the root directory of the storage medium.
<Sysname> boot-loader file test.bin main
This command will set the boot file. Continue? [Y/N]:y
The specified file will be used as the main boot file at the next reboot on slot 1!
display boot-loader
bootrom
Use bootrom to read, restore, back up, or upgrade the BootWare image.
Syntax
bootrom { backup | read | restore | update file file-url } [ all | part ]
Views
User view
Default command level
3: Manage level
Parameters
backup: Backs up the BootWare image in the Normal area of memory to the Backup area.
read: Backs up the BootWare image in the Normal area of memory to the storage medium.
restore: Replaces the BootWare image in the Normal area with the BootWare image in the Backup area for image restoration or version rollback.
update file file-url: Loads a BootWare image in the storage medium to the Normal area of memory. The file-url argument specifies the image file path, a string of 1 to 63 characters. For more information about file path naming, see "boot-loader."
all: Applies the action to the entire BootWare image, including the basic segment and the extended segment. If neither all nor part is specified, the action applies to the entire BootWare image.
part: Applies the action to the extended BootWare segment.
Usage guidelines
To execute the bootrom command successfully, make sure the upgrade image file has been saved to the root directory of the storage medium on the device.
In FIPS mode, the image file must pass authenticity verification before the bootrom update file file-url command can be executed.
Examples
# Read the BootWare image.
<Sysname> bootrom read all
Now reading bootrom, please wait...
Read bootrom completed! Please check the file!
After the BootWare image is read, you will find that files extendbtm.bin and basicbtm.bin are generated on the storage medium.
<Sysname> dir
Directory of cfa0:/
0 drw- - Jul 07 2009 21:09:12 logfile
1 -rw- 15074620 Aug 08 2008 13:03:44 wx6103.bin
2 -rw- 139 Sep 24 2008 06:51:38 system.xml
3 -rw- 524288 Aug 13 2008 17:07:18 extendbtm.bin
4 -rw- 524288 Aug 13 2008 17:07:18 basicbtm.bin
5 -rw- 4232 Sep 24 2008 06:51:40 startup.cfg
1020068 KB total (830624 KB free)
File system type of cfa0: FAT32
# Back up the BootWare image.
<Sysname> bootrom backup all
Now backuping bootrom, please wait...
Backup bootrom completed!
# Restore the BootWare image.
<Sysname> bootrom restore all
This command will restore bootrom file, Continue? [Y/N]:y
Now restoring bootrom, please wait...
Restore bootrom completed!
# Use the wx6103.bin file to upgrade the BootWare image.
<Sysname> bootrom update file wx6103.bin
This command will update bootrom file, Continue? [Y/N]:y
Now updating bootrom, please wait...
Update bootrom success!
display boot-loader
Use display boot-loader to display system software image information, including the current system software image and the startup system software images.
Syntax
display boot-loader [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
2: System level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display system software images.
<Sysname> display boot-loader
The boot file used at this reboot:cfa0:/test.bin attribute: main
The boot file used at the next reboot:cfa0:/test.bin attribute: main
The boot file used at the next reboot:cfa0:/test.bin attribute: backup
Failed to get the secure boot file used at the next reboot!
Table 1 Command output
|
Field |
Description |
|
The boot file used at this reboot |
System software image that has been loaded. |
|
attribute |
System software image attribute: · main—The image is the primary image. The system always attempts to load the main image at startup in preference to the backup image. · backup—The image is the backup image. It is used only if the primary image is corrupted or not available. |
|
The boot file used at the next reboot |
System software image to be used at the next startup. |
|
Failed to get the secure boot file used at the next reboot! |
If both the main and backup system software images are not available or corrputed, the secure system software image is used for startup. If no secure system software image is available, the system starts up with the factory-default configuration. You can set the secure system software image from the Boot menu. |
Related commands
boot-loader
display patch
Use display patch to display patch files that have been installed.
If a patch file is loaded from a patch package file, this command also displays the package file version.
Syntax
display patch [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
3: Manage level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display patch files that have been installed.
<Sysname> display patch
cfa0:/patch_mpu.bin, MPU004, loaded on slot(s):0
Table 2 Command output
|
Field |
Description |
|
cfa0:/patch_mpu.bin |
File directory. |
|
MPU004 |
Patch package file version. |
|
loaded on slot(s):0 |
Indicates the current device. The value for this field is always 0 for all WX devices except for the WX6103. For WX6103, this field displays 1 or 2. |
display patch information
Use display patch information to display patch information.
Syntax
display patch information [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
3: Manage level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display patch information.
<Sysname> display patch information
The location of patches: cfa0:
Slot Version Temporary Common Current Active Running Start-Address
----------------------------------------------------------------------
1 MPU004 0 1 1 0 1 0x310bd74
Table 3 Command output
|
Field |
Description |
|
The location of patches |
Patch file location. You can use the patch location command to change the location. |
|
Slot |
Indicates the current device. The value for this field is always 0 for all WX devices except for the WX6103. For WX6103, this field displays 1 or 2. |
|
Version |
Patch version. The first three characters represent the suffix of the PATCH-FLAG. The subsequent three digits represent the patch number. (The patch number can be read after the patch is loaded.) |
|
Temporary |
Number of temporary patches. These patches are interim solutions for fixing critical bugs. They are not formally released. |
|
Common |
Number of common patches. These patches are formally released to users. A common patch always includes the functions of its previous temporary patches. |
|
Current |
Total number of patches. |
|
Running |
Number of patches in RUNNING state. |
|
Active |
Number of patches in ACTIVE state. |
|
Start-Address |
Start address of the patch memory area in the memory. |
patch active
Use patch active to activate patches.
Syntax
patch active [ patch-number ]
Views
System view
Default command level
3: Manage level
Parameters
patch-number: Specifies the sequence number of a patch. Values available for this argument depend on the patch file that has been loaded. If no sequence number is specified, this command validates all INACTIVE patches. If a sequence number is specified, this command activates the specified patch and all its previous INACTIVE patches.
Usage guidelines
Before executing this command, you must use the patch load command to load patches.
The patch active command changes the state of DEACTIVE patches to ACTIVE state and runs the patches. To continue to run these patches after a reboot, use the patch run command to change their state to RUNNING. If you do not change their state to RUNNING, the state of ACTIVE patches changes back to DEACTIVE at a reboot.
Examples
# Activate patch 3 and all its previous DEACTIVE patches.
<Sysname> system-view
[Sysname] patch active 3
# Activate all DEACTIVE patches.
<Sysname> system-view
[Sysname] patch active
patch deactive
Use patch deactive to stop running patches.
Syntax
patch deactive [ patch-number ]
Views
System view
Default command level
3: Manage level
Parameters
patch-number: Specifies the sequence number of a patch. Values available for this argument depend on the patch file that has been loaded. If no sequence number is specified, this command deactivates all ACTIVE patches. If a sequence number is specified, this command deactivates the specified patch and all its subsequent ACTIVE patches.
Usage guidelines
This command is not applicable to patches in RUNNING state.
Examples
# Stop running patch 3 and all its subsequent ACTIVE patches.
<Sysname> system-view
[Sysname] patch deactive 3
# Stop running all ACTIVE patches.
<Sysname> system-view
[Sysname] patch deactive
patch delete
Use patch delete to remove patches from the patch memory area.
Syntax
patch delete [ patch-number ]
Views
System view
Default command level
3: Manage level
Parameters
patch-number: Specifies the sequence number of a patch. Values available for this argument depend on the patch file that has been loaded. If no sequence number is specified, this command removes all patches in the patch memory area. If a sequence number is specified, this command removes the specified patch and all its subsequent patches.
Usage guidelines
This command does not delete patches from the storage medium. After being removed from the patch memory area, the patches changes to the IDLE state.
Examples
# Remove patch 3 and all its subsequent patches from the patch memory area.
<Sysname> system-view
[Sysname] patch delete 3
# Remove all patches from the patch memory area.
<Sysname> system-view
[Sysname] patch delete
patch install
Use patch install to install and run patches in one step.
Use undo patch install to remove all ACTIVE and RUNNING patches from the patch memory area.
Syntax
patch install { patch-location | file filename }
undo patch install
Views
System view
Default command level
3: Manage level
Parameters
patch-location: Specifies the patch file path, a string of 1 to 64 characters. The file must be saved in the root directory of the storage medium. Provide this argument if the patch file is not packaged in a patch package file, and make sure the file name is correct.
file filename: Specifies a patch package file name.
Usage guidelines
Before installing patches, save the patch file or patch package file to the root directory of the storage medium.
The patch install command changes the state of installed patches from IDLE to ACTIVE or RUNNING, depending on your choice during the command execution process. If you choose to have installed patches continue to run after a reboot, the installed patches are set in RUNNING state and remain in this state after a reboot. If not, the installed patches are set in ACTIVE state and change to the DEACTIVE state at a reboot.
The undo patch install command changes the state of ACTIVE and RUNNING patches to IDLE, but it does not delete the patches from the storage medium.
The patch install patch-location command can change the patch file location that has been specified with the patch location command. In contrast, the patch install file filename does not.
In FIPS mode, the patch file or patch package file must pass authenticity verification before the patch install command can be executed.
Examples
# Install patch files from the storage medium.
<Sysname> system-view
[Sysname] patch install cfa0:
Patches will be installed. Continue? [Y/N]:y
Do you want to run patches after reboot? [Y/N]:y
Installing patches…
Installation completed, and patches will continue to run after reboot.
[Sysname]
# Install patches from a patch package file.
<Sysname> system-view
[Sysname] patch install file:/patch_packeg.bin
Patches will be installed. Continue? [Y/N]:y
Do you want to run patches after reboot? [Y/N]:y
Installing patches…
Installation completed, and patches will continue to run after reboot.
[Sysname]
patch load
Use patch load to load patches from the storage medium to the patch memory area.
Syntax
patch load [ file filename ]
Default
The system loads patch files from the root directory of the storage medium.
Views
System view
Default command level
3: Manage level
Parameters
file filename: Specifies a patch package file name. If a package file is specified, the system loads patch files from the patch package. If no package file is specified, the system loads patch files from the root directory of the storage medium.
Usage guidelines
Before loading patches, save the patch file or patch package file to the root directory of the storage medium.
In FIPS mode, the patch file or patch package file must pass authenticity verification before the patch load command can be executed.
Examples
# Load patches from patch files.
<Sysname> system-view
[Sysname] patch load
# Load patches from a patch package file.
<Sysname> system-view
[Sysname] patch load file cfa0:/patchpackege.bin
patch location
Use patch location to configure the patch file location.
Syntax
patch location patch-location
Default
The patch file location is the root directory of the storage medium.
Views
System view
Default command level
3: Manage level
Parameters
patch-location: Specifies the patch file location, a string of 1 to 64 characters. It must be the root directory of the storage medium.
Usage guidelines
This command does not take effect for patch package files.
The patch install patch-location command can change the patch file location that has been specified with the patch location command. In contrast, the patch install file filename does not.
Examples
# Specify the root directory of the CF card as the patch file location.
<Sysname> system-view
[Sysname] patch location cfa0:
patch run
Use patch run to confirm ACTIVE patches.
Syntax
patch run [ patch-number ]
Views
System view
Default command level
3: Manage level
Parameters
patch-number: Specifies the sequence number of a patch. Values available for this argument depend on the patch file that has been loaded. If no sequence number is specified, this command confirms all ACTIVE patches and changes their state to RUNNING. If a sequence number is specified, this command confirms the specified ACTIVE patch and all its previous patches, and changes their state to RUNNING.
Usage guidelines
After being confirmed, ACTIVE patches are set in RUNNING state and can continue to run after a reboot. If not being confirmed, ACTIVE patches are set in DEACTIVE state at a reboot.
Examples
# Confirm patch 3 and all its previous ACTIVE patches.
<Sysname> system-view
[Sysname] patch run
# Confirm all ACTIVE patches.
<Sysname> system-view
[Sysname] patch run
Password recovery control commands
password-recovery enable
Use password-recovery enable to enable password recovery capability.
Use undo password-recovery enable to disable password recovery capability.
Syntax
password-recovery enable
undo password-recovery enable
Default
Password recovery capability is enabled.
Views
System view
Default command level
3: Manage level
Usage guidelines
Password recovery capability controls console user access to the device configuration and SDRAM from BootWare menus.
If password recovery capability is enabled, a console user can access the device configuration without authentication to reconfigure new passwords.
If password recovery capability is disabled, a console user must restore the factory-default configuration before configuring new passwords. Restoring the factory-default configuration deletes the startup configuration file.
To enhance system security, disable password recovery capability.
Examples
# Disable password recovery capability.
<Sysname> system-view
[Sysname] undo password-recovery enable
