Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
31323334353637383940
7 Backup and restore considerations
7.1 Overview
This section describes how WLI-protected files are read from and written back to their original
locations when the WLI security mode is restricted. Maintenance mode is necessary for some files
to backup and restore. Because backup and restore procedures vary considerably across HP-UX
installations, no specific commands or procedures are recommended.
With WLI installed and configured, backup and restore procedures depend on the WLI security
mode, as described in wlisyspolicy(1M). In maintenance mode, WLI access restrictions are completely
disabled. Backup and restore operations are the same as if WLI is not installed. Files produced
or installed by WLI can be read or written with only file ownership and permissions bits restricting
access.
The security downgrade from switching to maintenance mode even temporarily might be
unacceptable. To maintain a highly secure environment, both administrators and users might
need to backup and restore files with the server online and mode set to restricted only.
In restricted mode, access restrictions on WLI protected files and directories inhibits typical backup
and restore operations. Additional actions are necessary for backup and restore operations on
WLI database files and policy protected files. The system administrator needs to create new or
adjust existing backup and restore procedures.
Changing the passphrase of a WLI key, either administrator or user, does not affect any files
covered in the following sections. Guidelines for systems with high security often include
passphrase change requirements. Such requirements do not imply more frequent WLI file backups.
Symantec NetBackup is required for backup and restore operations if the value of the wmdstoretype
attribute is auto and WLI protected files exist on a VxFS file system at revision 5.0.1 or later. This
attribute and file system combination causes policy protected file metadata to be stored in a
named data stream. A named data stream is associated with a file inode, but is not accessible to
traditional HP-UX commands. For more details and syntax on setting wmdstoretype, see wlisys(1M).
The fundamental operations are reading protected files for backup commands and writing these
same files back to their original locations for restore commands. Difficulties encountered are
essentially the same whether traditional UNIX commands like tar and cpio are used or
proprietary tools like Symantec NetBackup.
HP recommends that administrators implement or modify backup and restore procedures that
include all files with WLI protection. For discussion of backup and restore operations, WLI
protected files can be divided into the following categories:
WLI database files—managed through WLI administrator commands
Policy protected and metadata files—managed through WLI user commands
7.2 WLI database files
The WLI database is described in (page 16). Files comprising this database are managed by
commands that require an administrator key:
wliadm
wlicert
wlisys
wlisyspolicy
WLI database files can have following protection classes:
write protected
read/write protected
7.1 Overview 33