evfsadm.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

evfsadm(1M) evfsadm(1M)

(EVFS Software Required)

NAME

evfsadm - manage encrypted volumes and EVFS subsystem

SYNOPSIS

evfsadm map -a |[-f] volume_path

evfsadm unmap -a | evfs_volume_path

evfsadm start [-n number]

evfsadm stop

evfsadm stat -a | -s | -z evfs_volume_path

evfsadm trace [ -b | -e | -i

][-c |[-m modules [-l levels ] ] ]

DESCRIPTION

The

evfsadm command enables users to manage the HP-UX EVFS subsystem. With

evfsadm, users

can map LVM, VxVM, or physical volumes to EVFS, start the kernel threads required for EVFS operation,

and display EVFS encryption and decryption statistics. Users can also unmap EVFS volumes and stop

EVFS kernel threads.

This command does not require any EVFS user keys, but does require superuser capabilities or appropri-

ate privileges. See the privileges (5) manpage for more information.

The

evfsadm command requires the optional HP-UX Encrypted Volume and File System (EVFS)

software.

Subcommands

evfsadm recognizes the following subcommands:

map Maps an LVM, VxVM, or physical volume to the EVFS subsystem. Default mode is volume-

level encryption. Option -f is used to specify ﬁle-level encryption mode. The map command

takes the name of a block device ﬁle as input and creates block and character (raw) device ﬁles

for the EVFS volume and adds them to the kernel registry.

EVFS stores the new device ﬁles using the same ﬁle names as the underlying LVM, VxVM, or

physical device ﬁle names, but in subdirectories under the

/dev/evfs/ directory. For exam-

ple, if the user enters the command

evfsadm map /dev/vg01/lvol1

, EVFS creates the

ﬁles

/dev/evfs/vg01/lvol1

and /dev/evfs/vg01/rlvol1.

The

map command also adds an entry for the EVFS volume in the EVFS volume conﬁguration

ﬁle, /etc/evfs/evfstab

You must have superuser capabilities or appropriate privileges to run this command.

start Initializes the encryption pseudo-driver by creating a kernel thread pool for EVFS. This com-

mand does not enable encryption/decryption access to EVFS volumes. You must enable

encryption/decryption access to EVFS volumes using the evfsvol enable command.

stat Displays statistics and activity information about EVFS volumes. Statistics displayed are the

number of blocks read, written, encrypted, decrypted, as well as the encryption and decryption

rate of the EVFS subsystem.

Any user with appropriate ﬁle permissions can execute this command.

stop Terminates encryption threads and shuts down EVFS. Access must be disabled for all EVFS

volumes for this operation to succeed.

trace For support use only.

unmap Removes the EVFS device special ﬁles from the /dev/evfs directory, deletes the appropriate

entries from the kernel registry, and comments out the appropriate entry from the

/etc/evfs/evfstab ﬁle.

Note that this operation does not remove the EMD area. This command fails if the EVFS

volume is not disabled.

You must have superuser capabilities or appropriate privileges to run this command.

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (4 pages)

PAGE 1
evfsadm(1M) evfsadm(1M) (EVFS Software Required) NAME evfsadm - manage encrypted volumes and EVFS subsystem SYNOPSIS evfsadm map -a | [-f] volume_path evfsadm unmap -a | evfs_volume_path evfsadm start [-n number] evfsadm stop evfsadm stat -a | -s | -z evfs_volume_path evfsadm trace [ -b | -e | -i ] [ -c | [-m modules [-l levels ] ] ] DESCRIPTION The evfsadm command enables users to manage the HP-UX EVFS subsystem.
PAGE 2
evfsadm(1M) evfsadm(1M) (EVFS Software Required) Options evfsadm recognizes the following options and parameters: evfs_volume_path The absolute pathname of /dev/evfs/vg01/lvol1, /dev/evfs/dsk/c2t0d1. A eA the EVFS volume device file, such /dev/evfs/vx/dsk/rootdg/vol01, as or volume_path The absolute pathname of the block device file for the underlying LVM, VxVM, or physical volume, such as /dev/vg01/lvol1, /dev/vx/dsk/rootdg/vol01, or /dev/dsk/c2t0d1.
PAGE 3
evfsadm(1M) evfsadm(1M) (EVFS Software Required) For a whole disk (physical) volume in file-level encryption mode, the command would be: % evfsadm map -f /dev/dsk/c1t0d0 The following command will delete the EVFS device special file /dev/evfs/vg01/lvol1 and remove its entry from the kernel registry (if EVFS is enabled for /dev/evfs/vg01/lvol1, this command will fail): % evfsadm unmap /dev/evfs/vg01/lvol1 The following command will shut down the EVFS subsystem if all EVFS volumes are disabled: % evfsadm
PAGE 4
evfsadm(1M) evfsadm(1M) (EVFS Software Required) bpe Number of data blocks encrypted. kbpsr Read rate in kilobytes per second (kbps). This statistic is based on the time it takes the EVFS pseudo-driver to complete a read request, and includes the time it takes to read data from the physical disk and the underlying LVM or VxVM volume (if applicable), and to decrypt the data. kbpsw Write rate in kilobytes per second (kbps).