Manualshelf

Encrypted Volume and File System v1.1 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
71727374757677787980
Optionally, configure the autostart feature, as described in “Step 5: (Optional) Configuring the
Autostart Feature” (page 62). Finally, backup your EVFS configuration and user keys, as described
in “Step 6: Backing Up Your Configuration” (page 64).
Korn Shell Script for Creating an EVFS Volume and File System
The following Korn shell (ksh) script configures an EVFS volume and creates and mounts a file
system on the volume. This script is a basic script, and HP recommends that you enhance it to
perform error checking. The script does not use file locking when editing /etc/evfs/evfstab
or /etc/fstab. This script assumes the administrator has already performed the following
tasks:
Created an alternate recovery user account, if necessary.
Created EVFS owner and recovery key pairs for the EVFS volume using the evfspkey
keygen command.
Created a new LVM or VxVM volume for the EVFS volume using the lvcreate or
vxassist command or SAM.
The script takes the following four arguments as input:
1. Block volume device file name.
2. Character (raw) volume device file name.
3. Name of the owner key pair for the EVFS volume.
4. Mount point for the new file system.
#! /bin/ksh
block_volume=$1
raw_volume=$2
owner_key=$3
mount_point=$4
evolume=/dev/evfs/${block_volume#/dev/}
raw_evolume=/dev/evfs/${raw_volume#/dev/}
# Create the EVFS volume
evfsadm map $block_volume
evfsvol create -k $owner_key $evolume
# Add the recovery key
evfsvol add -r $evolume
# Enable the volume
evfsvol enable $evolume
# create and mount the file system
newfs -F vxfs $raw_evolume
mkdir $mount_point
mount -F vxfs $evolume $mount_point
echo "$evolume $mount_point vxfs defaults 0 2" >> /etc/fstab
Option 2
In the following example, there is existing data on a 96 MB LVM volume (e.g. /dev/vg00/lvol10)
with a file system (e.g. /home) configured on it:
# umount /home
# vgdisplay /dev/vg00
# lvextend -L 100 /dev/vg00/lvol10
(The existing size is 96 MB; we now extend it by 4 MB, to 100 MB)
# evfsadm map /dev/vg00/lvol10
# evfsvol iencrypt /dev/evfs/vg00/lvol10
# evfsvol enable /dev/evfs/vg00/lvol10
# mount /dev/evfs/vg00/lvol10 /home
# evfsadm stat a
# evfsvol display /dev/evfs/vg00/lvol10
In the following example, there is existing data on a 96 MB VXVM volume (e.g.
/dev/vx/dsk/rootdg/lvol10) with a file system (e.g. /home) configured on it:
76 Configuring an EVFS Volume