evfsvol.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

evfsvol(1M) evfsvol(1M)

(EVFS Software Required)

You must disable encrypted/decrypted access to an EVFS volume using the

evfsvol dis-

able command before opening the volume for raw access.

Caution: Writing data to an EVFS volume when it is opened for raw access will cause data

corruption and may leave the volume in an unusable state. HP recommends that you use

this operation only when creating encrypted backup media and restoring encrypted backup

media.

restore If the EMD area of a volume is corrupted, this operation restores the EMD from its backup

ﬁle in the EMD backup directory. The location of the EMD backup directory is speciﬁed in

the emd_backup attribute in the ﬁle /etc/evfs/evfs.conf

. EVFS creates a new

EMD backup ﬁle each time the EMD is modiﬁed, such as when a authorized user key pair is

added or deleted, or the volume owner changes.

Only users with superuser capability or appropriate privileges can execute this command.

scan Scans the LVM (Logical Volume Manager), VxVM (Veritas Volume Manager), or physical

volume for an EMD area.

Options

evfsvol recognizes the following options and parameters:

evfs_volume_path The absolute pathname of the EVFS volume device ﬁle, such as

/dev/evfs/vg01/lvol1

, /dev/evfs/vx/dsk/rootdg/vol01,or

/dev/evfs/dsk/c2t0d1

volume_path The absolute pathname of the block device ﬁle for the underlying LVM, VxVM, or

physical volume, such as

/dev/vg01/lvol1

, /dev/vx/dsk/rootdg/vol01,

/dev/dsk/c2t0d1.

-a Speciﬁes all maps in the /etc/evfs/evfstab

conﬁguration ﬁle.

-c cipher The cipher suite to use for volume data encryption. Valid values are:

aes-128-

cbc, aes-192-cbc, and aes-256-cbc.

The default value is extracted from the conﬁguration ﬁle (set to

aes-128-cbc at

install time). The other supported option is aes-256-cbc.

-f Forces the operation without prompting the user.

-k keyname The name of the public/private key pair. If no key name is speciﬁed, EVFS uses the

user name as the key pair name.

-p Non-interactive mode. EVFS will use the key ID from the

/etc/evfs/evfstab

ﬁle and use a stored passphrase. To use this option, you must add a key ID to the

entry in the /etc/evfs/evfstab

ﬁle for this volume and have a stored

passphrase for the private key. If you do not specify this option,

evfsvol will

prompt you for the passphrase for the private key.

-r When used with the evfsvol add or evfsvol delete subcommand, the -r

option indicates that the key pair being added or deleted is a recovery key pair.

You can conﬁgure a maximum of two recovery key pairs per volume.

When used with the

evfsvol assign subcommand, the -r option is used to

specify the name of the ﬁle containing the private key of a Recovery User.

When used with the

evfsvol check subcommand, the -r option speciﬁes that

you want to reset the EMD dirty bit.

-u user The name of the user. By default, EVFS uses the name of the user executing the

command.

RETURN VALUE

evfsvol returns one of the following values:

0 Success

<>0 Failure

ERRORS

Error numbers will be returned by each routine.

HP-UX 11i Version 3: September 2010 − 3 − Hewlett-Packard Company 3