Manualshelf

Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
81828384858687888990
The syntax for the evfsvol raw command is as follows:
evfsvol raw evfs_volume_path
where evfs_volume_path is the absolute pathname for the EVS volume device file.
For example:
# evfsvol raw /dev/evfs/vg01/lvol5backup
7. Use a block device utility such as dd to copy data from the EVFS backup volume to the target
device. For example:
# dd bs=64k if=/dev/evfs/vg01/lvol5backup of=/dev/rmt/0m
8. Close raw access to the backup EVS volume using the evfsvol close command to begin
the procedure to return the backup volume to its original state. For example:
# evfsvol close /dev/evfs/vg01/lvol5backup
9. Unmap the backup EVS volume using the evfsadm unmap command. For example:
# evfsadm unmap /dev/evfs/vg01/lvol5backup
10. Merge the backup volume back with the original LVM volume using the lvmerge command.
For example:
# lvmerge /dev/vg01/lvol5backup /dev/vg01/lvol5
Example
In the following example, the administrator splits the /dev/vg01/lvol5 mirror volume and
creates the /dev/vg01/lvol5backup volume. The target is the /dev/rmt/0m tape device.
The dd command receives encrypted text from the source EVS volume because the volume is open
for raw access.
# lvsplit s backup /dev/vg01/lvol5
# evfsvol map /dev/vg01/lvol5backup
# evfsvol check -r /dev/evfs/vg01/lvol5backup
# evfsvol raw /dev/evfs/vg01/lvol5backup (EVFS prompts if you want to continue.)
# dd bs=64k if=/dev/evfs/vg01/lvol5backup of=/dev/rmt/0m
# evfsvol close /dev/evfs/vg01/lvol5backup
# evfsadm unmap /dev/evfs/vg01/lvol5backup
# lvmerge /dev/vg01/lvol5backup /dev/vg01/lvol5
Creating encrypted backup media on a second EVS volume using a block device utility (LVM
mirrored volumes)
If you have LVM mirrored volumes, use the following procedure to perform online encrypted backups
to a second (target) EVS volume using a block device backup utility, such as dd.
To use this backup procedure, you must have the appropriate file permissions to access the EVS
volume device file and meet at least one of the following criteria:
You are the volume owner.
You are an authorized user for the volume.
A stored passphrase exists for one of the volume's user key pairs, and you know the key ID
for the key pair.
CAUTION: Encryption and decryption must be enabled on both the source volume and target
volume. The backup utility will receive cleartext data from the source EVS volume, and EVFS will
encrypt the data when writing it to the target EVS volume.
Do not back up data from a volume with EVFS encryption and decryption disabled to a volume
with EVFS encryption and decryption enabled. If you do, the data will be encrypted twice.
82 Backing up and restoring data on EVS volumes