Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)
1. For data consistency, suspend or stop all applications accessing the data on both volumes.
You can use the fuser -cu command to determine the processes accessing files, and the
fuser -cku command to terminate the processes. For more information, see fuser(1M).
If the data is used by system processes, you might need to terminate the processes by changing
the system runlevel to single-user level with the shutdown utility. For more information, see
shutdown(1M).
2. If file systems are mounted on the EVS volumes and you did not use a file-based utility to
backup the data, use the umount command to unmount the file systems and prevent any new
I/O requests to the volume. For more information, see umount(1M).
3. Do not disable encryption and decryption on the source or target volumes. Use the evfsadm
stat -a to verify that EVFS is enabled on both the source and target volume.
4. Use the same utility that you used to create the backup media to restore the media (or an
equivalent utility). If you used a file-based utility to create the backup media, use a file-based
utility to restore the data; if you used a block device utility to create the backup media, use a
block device utility to restore the data. After you restore the data, the target volume now
contains the data from the backup (source) EVS volume, encrypted using the target volume's
EVFS data key.
Example
In the following example, /dev/evfs/vg01/lvol5 is the original volume, with /opt/
encrypted_data mounted on it. The /dev/evfs/vg01/lvol6 volume contains backup data,
with /opt/evfs_backup mounted on it. The cp command receives cleartext from the backup
EVS volume and the original EVS volume re-encrypts the data.
# fuser -cku /dev/evfs/vg01/lvol5
# fuser -cku /dev/evfs/vg01/lvol6
# evfsadm stat -a (verify that EVFS is enabled on the source and target volumes)
# cp -r /opt/backup_evfs /opt/encrypted_data
Restoring backup media 99