Computer Drive User Manual
Table Of Contents
- Chapter 1. HPSS 7.1 Configuration Overview
- Chapter 2. Security and System Access
- Chapter 3. Using SSM
- 3.1. The SSM System Manager
- 3.2. Quick Startup of hpssgui
- 3.3. Configuration and Startup of hpssgui and hpssadm
- 3.4. Multiple SSM Sessions
- 3.5. SSM Window Conventions
- 3.6. Common Window Elements
- 3.7. Help Menu Overview
- 3.8. Monitor, Operations and Configure Menus Overview
- 3.9. SSM Specific Windows
- 3.10. SSM List Preferences
- Chapter 4. Global & Subsystem Configuration
- 4.1. Global Configuration Window
- 4.2. Storage Subsystems
- 4.2.1. Subsystems List Window
- 4.2.2. Creating a New Storage Subsystem
- 4.2.3. Storage Subsystem Configuration Window
- 4.2.3.1. Create Storage Subsystem Metadata
- 4.2.3.2. Create Storage Subsystem Configuration
- 4.2.3.3. Create Storage Subsystem Servers
- 4.2.3.4. Assign a Gatekeeper if Required
- 4.2.3.5. Assign Storage Resources to the Storage Subsystem
- 4.2.3.6. Create Storage Subsystem Fileset and Junction
- 4.2.3.7. Migration and Purge Policy Overrides
- 4.2.3.8. Storage Class Threshold Overrides
- 4.2.4. Modifying a Storage Subsystem
- 4.2.5. Deleting a Storage Subsystem
- Chapter 5. HPSS Servers
- 5.1. Server List
- 5.1. Server Configuration
- 5.1.1. Common Server Configuration
- 5.1.1. Core Server Specific Configuration
- 5.1.2. Gatekeeper Specific Configuration
- 5.1.3. Location Server Additional Configuration
- 5.1.4. Log Client Specific Configuration
- 5.1.1. Log Daemon Specific Configuration
- 5.1.2. Migration/Purge Server (MPS) Specific Configuration
- 5.1.3. Mover Specific Configuration
- 5.1.3.1. Mover Specific Configuration Window
- 5.1.3.1. Additional Mover Configuration
- 5.1.3.1.1. /etc/services, /etc/inetd.conf, and /etc/xinetd.d
- 5.1.3.1.2. The Mover Encryption Key Files
- 5.1.3.1.3. /var/hpss/etc Files Required for Remote Mover
- 5.1.3.1.1. System Configuration Parameters on IRIX, Solaris, and Linux
- 5.1.3.1.1. Setting Up Remote Movers with mkhpss
- 5.1.3.1.2. Mover Configuration to Support Local File Transfer
- 5.1.1. Physical Volume Repository (PVR) Specific Configuration
- 5.1.1. Deleting a Server Configuration
- 5.1. Monitoring Server Information
- 5.1.1. Basic Server Information
- 5.1.1. Specific Server Information
- 5.1.1.1. Core Server Information Window
- 5.1.1.1. Gatekeeper Information Window
- 5.1.1.1. Location Server Information Window
- 5.1.1.2. Migration/Purge Server Information Window
- 5.1.1.3. Mover Information Window
- 5.1.1.1. Physical Volume Library (PVL) Information Window
- 5.1.1.2. Physical Volume Repository (PVR) Information Windows
- 5.1. Real-Time Monitoring (RTM)
- 5.2. Starting HPSS
- 5.1. Stopping HPSS
- 5.2. Server Repair and Reinitialization
- 5.1. Forcing an SSM Connection
- Chapter 6. Storage Configuration
- 6.1. Storage Classes
- 6.2. Storage Hierarchies
- 6.3. Classes of Service
- 6.4. Migration Policies
- 6.5. Purge Policies
- 6.6. File Families
- Chapter 7. Device and Drive Management
- Chapter 8. Volume and Storage Management
- 8.1. Adding Storage Space
- 8.2. Removing Storage Space
- 8.3. Monitoring Storage Space
- 8.4. Dealing with a Space Shortage
- 8.5. Volume Management
- 8.6. Monitoring and Managing Volume Mounts
- 8.7. New Storage Technology Insertion
- Chapter 9. Logging and Status
- Chapter 10. Filesets and Junctions
- Chapter 11. Files, Directories and Objects by SOID
- Chapter 12. Tape Aggregation
- Chapter 13. User Accounts and Accounting
- Chapter 14. User Interfaces
- Chapter 15. Backup and Recovery
- Chapter 16. Management Tools
obtained from the foreign site's administrator. An example would be:
"ldap://theirldapserver.foreign.com/cn=FOREIGNREALM.FOREIGN.COM"
• Deleting a trusted foreign realm
To delete an entry for a trusted foreign realm, use the following hpss_ldap_admin command:
trealm delete [-id <realmID>] [-name <realmName>]
Any of the arguments listed can be supplied to select the trusted realm entry that will be deleted.
2.2. HPSS Server Security ACLs
Beginning with release 6.2, HPSS uses a table of access control information stored in the DB2
configuration database to control access to HPSS servers. This is the AUTHZACL table. HPSS
software uses the configured authentication mechanism (e.g. Kerberos) to determine a caller's identity via
credentials provided by the caller, then uses the configured authorization mechanism to retrieve the
details of the caller that determine the access granted. Once the identity and authorization information
have been obtained, each HPSS server grants or denies the caller's request based on the access control list
information stored in the database.
The default ACLs for each type of server are as follows:
Core Server:
r—-c--- user ${HPSS_PRINCIPAL_FTPD}
rw—c--- user ${HPSS_PRINCIPAL_DMG}
rw-c-dt user ${HPSS_PRINCIPAL_MPS}
r--c--- user ${HPSS_PRINCIPAL_NFSD}
rw-c-d- user ${HPSS_PRINCIPAL_SSM}
r--c--- user ${HPSS_PRINCIPAL_FS}
------t any_other
Gatekeeper:
rw----- user ${HPSS_PRINCIPAL_CORE}
rw-c--- user ${HPSS_PRINCIPAL_SSM}
r-----t any_other
Location Server:
r--c--t user ${HPSS_PRINCIPAL_SSM}
r-----t any_other
Mover:
rw-c--t user ${HPSS_PRINCIPAL_SSM}
r-----t any_other
PVL:
rw---dt user ${HPSS_PRINCIPAL_CORE}
HPSS Management Guide November 2009
Release 7.3 (Revision 1.0) 25