Managing Systems and Workgroups: A Guide for HP-UX System Administrators

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU

771

772

773

774

775

776

777

778

779

780

Administering a System: Managing System Security

Guidelines for Running a Secure System

Chapter 8778

• Daily incremental and full weekly backups are recommended.

Synchronize your backup schedule with the information ﬂow in your

organization. For example, if a major database is updated every

Friday, you might want to schedule your weekly backup on Friday

evenings.

• If all ﬁles must be backed up on schedule, request that all users log

off before performing the backup. However, fbackup warns you if a

ﬁle is changing while the backup is being performed.

• Examine the log ﬁle of latest backups to identify problems occurring

during backup. The backup log ﬁle should have restrictive

permissions set.

• frecover allows you to overwrite a ﬁle. However, the ﬁle retains the

permissions and ACLs set when the ﬁle was backed up.

• You must test your recovery process beforehand to make sure you

can fully recover data in the event of an emergency.

• When recovering ﬁles from another machine, you might have to

execute the chown command to set the user ID and group ID for the

system on which they now reside, if the user and group do not exist

on the new system. If ﬁles are recovered to a new system that does

not have the speciﬁed group, the ﬁles will take on the group

ownership of the person running frecover. If owner and group

names have different meanings on different systems, recovery

results might be unexpected.

• Power failure should not cause ﬁle loss. However, if someone reports

a lost ﬁle after a power failure, look for it in /lost+found before

restoring it from a backup tape.

• To verify contents of the tape being recovered, use the -I option of

frecover to preview the index of ﬁles on the tape. Note, however,

that existing permissions of a ﬁle system are kept intact by the

backup; frecover prevents you from reading the ﬁle if the

permissions on the ﬁle forbid it.

• Never recover in place any critical ﬁles such as /etc/passwd, or

those in /tcb/files. Instead, restore the ﬁle to a temporary

directory (do not use /tmp) and give this directory permissions

drwx------, preventing anyone else from using it. Compare the

restored ﬁles with those to be replaced. Make any necessary changes.