[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference smurf::dec_mls_plus

Title:	dec_mls_plus

Moderator:	SMURF::BAT

Created:	Mon Nov 29 1993
Last Modified:	Fri Jun 06 1997
Last Successful Update:	Fri Jun 06 1997
Number of topics:	534
Total number of notes:	2544

516.0. "V4 restore root /usr procedure different than V3" by SMURF::BAT (Segui la tua beatitudine) Mon May 19 1997 20:27

From:	US2RMC::"Sowards@mail.dec.com" "Mark Sowards" 19-MAY-1997 05:04:56.59
To:	"'Barbara A. Thomson (ZKO3-2/X46 1-2955)'" <thomson@zk3.dec.com>, "'bat@smurf.enet.dec.com'" <smurf::bat>
CC:	"'Me@swarf'" <msowards@dwarf.wro.dec.com>
Subj:	Results of Encodings file swap

[excerpt]

    Has there been a reported problem with the dump/restore process?  Lenny 
has from scratch installed two systems, then dumped the disks to tape, but 
when he tries to restore from the dump tape important file restores fail 
due to permission denied.  This same process used to work fine now with two 
new changes (4.0A and the new Encodings file it fails).

T.R	Title	User	Personal Name	Date	Lines
516.1	depending on what they are doing	SMURF::BAT	Segui la tua beatitudine	`Mon May 19 1997 20:54`	77
	I spoke with Mark earlier today. There are two issues here: 1. The root and /usr radical restore procedure (restore a corrupted root and /usr partition) is different in V4 than in V3. This is the procedure you use when you boot the mini-root from the installation kit on CDROM or a RIS server and select the "System management" option of the installation script. In the next note, I'll post a short-hand guide to this procedure, which is fully documented in Section 6.4 of the Security Management Guide for V4.0A. 2. I think the customer is trying to "clone" systems by restoring root and /usr from one system on another, while the other is running. IOW, they really have two systems. On System A, they run dump to dump / and /usr to tape. On System B, on which MLS+ is already up and running, they have an empty disk on which they want to create a copy of A's / and /usr. There are two considerations here: a. You must run restore at syshi. If you are root, do a setlevel -s syshi before you run restore, else start a dxterm at syshi. b. You must copy System B's tags databases to the disk you are creating before you reboot "System A Clone", else you will get tag translation errors. Here's why: dump dumps the files with their IR's and the Encodings file in effect at the time of the dump. restore reads in the Encodings file on the tape and converts the IRs for the files on the tape into external representations using the Encodings file on the tape, and then does an ER-to-IR using the Encodings file on the system on which restore is running, and then an IR-to-tag using the MACILBDBASE (PACILBDBASE for ACLs) on the system on which it is running. The file thus gets a tag in its new file system for which the translation exists in the MACILBDBASE on the system on which it is running. So if you now boot the new / you created, it has an old tags database -- there are no tags in it for the tags that are resident with the files you just restored. So you must, before booting the new / you created, cp the current /tcb/files/MACILBDBASE (and PACLDBASE if you have ACLs) to the /mnt/tcb/files/MACILBDBASE (I'd rename the old one instead of overwriting it). If you wanted to run into as few of these tags as possible, then only restore / using this method, cp the current MACILBDBASE onto it, boot /, restore /usr. Note you will be propagating tags from system to system this way, which if you didn't want to do, you could restore root with -T and then boot / before restoring /usr/ Two cautions: 1. I'm making the above statement because I believe dump/restore and the tag translation mechanism works the same why in V4 as in V2, and I could be wrong -- I'll check with Rick. 2. Note that this latter design of SecureWare's tag database scheme was something that was scheduled for a redesign at some future time (the "universal tag database" feature). Whether it ever happens is one thing; but just in case you are reading this after it happens, this may not apply to you.
516.2	If restoring root using mini-root	SMURF::BAT	Segui la tua beatitudine	`Mon May 19 1997 20:57`	103
	Date: Thu, 14 Nov 1996 14:28:58 -0500 From: Rick Schofield <rds@zk3.dec.com> To: corwin, barron, milicia Cc: DEC - Lee Ternullo <lct@zk3.dec.com>, FRD - Mark May <may@zk3.dec.com> Subject: confirmed: disaster recovery procedure This is the procedure used to recover from a completely blowed-up disk. I have tested it successfully by booting from a CD and restoring from tape. The majority of the steps herein are taken directly from the 3.x disaster recovery document, and those steps that are new/different have been prefaced with '+++' below. ======================================================================== SINGLE DISK CD BOOT METHOD # Given: rz1 = disk being restored # tz5 = tape drive at scsi address 5 # rz4 = CDROM drive >>> boot DKA400 # Exit the install process by selecting Unix shell # make the devices for the disk and tape drive cd /dev ./MAKEDEV rz1 tz5 cd / # create the filesystems newfs -LS U /dev/rz1g +++ # save a copy of the contents of /etc/policy/macilb +++ mkdir /var/tmp/macilb +++ cp /etc/policy/macilb/* /var/tmp/macilb +++ # make a memory file system and mount it on /etc/policy +++ mfs -LS U -LI U -s 2048 /etc/policy +++ # restore the copies of the contents of /etc/policy/macilb +++ mkdir /etc/policy/macilb +++ cp /var/tmp/macilb/* /etc/policy/macilb +++ # make mfs's for /tcb/files and /etc/auth +++ mfs -LS U -LI U -s 2048 /tcb/files +++ mfs -LS U -LI U -s 4096 /etc/auth # restore (without Tags) the tag-related files # (Original procedure resumes here) restore -YTxf /dev/rmt0h /etc/policy /tcb/files /etc/auth # kill and restart the policy daemons /tcb/bin/spdkill /tcb/bin/spdinit # raise process clearances setlevel -c syshi +++ setlevel -s syshi # this was syslo in 3.x - incorrectly setlevel -i syslo # inewfs and mount the disk partition and restore root newfs -LS U /dev/rz1a mount /dev/rz1a /mnt cd /mnt restore -Yrf /dev/rmt0h # if the disk being restored to is at a different scsi address than # the original disk, edit /mnt/etc/fstab to reflect the changes now # then unmount the disk cd / umount /mnt # shutdown the system and reboot to single-user on the newly # restored root disk halt >>> boot -fl s DKA100 +++ # create a symbolic link between /bin and /sbin. Under V4.0, +++ # /bin is normally a symlink to /usr/bin, but since the /usr +++ # partition has not been restored yet, this will not work... +++ rm /bin +++ ln -s /sbin /bin # raise process clearances setlevel -c syshi -s syshi -i syslo # mount the usr disk partition newfs -LS U /dev/rz1g mount /dev/rz1g /mnt cd /mnt restore -Yrf /dev/rmt0h # /usr dump tape cd / umount /mnt +++ # replace the modified /bin symlink +++ rm /bin +++ ln -s usr/bin bin # be sure to make the link as shown here! # DO NOT make it as: "ln -s /usr/bin /bin" # or you will get messages like # "Can't exec /bin/sh" # reboot the newly restored system halt
516.2	from rick	SMURF::BAT	Segui la tua beatitudine	`Tue May 20 1997 21:59`	100
	From: Rick Schofield <rds@zk3.dec.com> This is the procedure used to recover from a completely blowed-up disk. I have tested it successfully by booting from a CD and restoring from tape. The majority of the steps herein are taken directly from the 3.x disaster recovery document, and those steps that are new/different have been prefaced with '+++' below. ======================================================================== SINGLE DISK CD BOOT METHOD # Given: rz1 = disk being restored # tz5 = tape drive at scsi address 5 # rz4 = CDROM drive >>> boot DKA400 # Exit the install process by selecting Unix shell # make the devices for the disk and tape drive cd /dev ./MAKEDEV rz1 tz5 cd / # create the filesystems newfs -LS U /dev/rz1g +++ # save a copy of the contents of /etc/policy/macilb +++ mkdir /var/tmp/macilb +++ cp /etc/policy/macilb/* /var/tmp/macilb +++ # make a memory file system and mount it on /etc/policy +++ mfs -LS U -LI U -s 2048 /etc/policy +++ # restore the copies of the contents of /etc/policy/macilb +++ mkdir /etc/policy/macilb +++ cp /var/tmp/macilb/* /etc/policy/macilb +++ # make mfs's for /tcb/files and /etc/auth +++ mfs -LS U -LI U -s 2048 /tcb/files +++ mfs -LS U -LI U -s 4096 /etc/auth # restore (without Tags) the tag-related files # (Original procedure resumes here) restore -YTxf /dev/rmt0h /etc/policy /tcb/files /etc/auth # kill and restart the policy daemons /tcb/bin/spdkill /tcb/bin/spdinit # raise process clearances setlevel -c syshi +++ setlevel -s syshi # this was syslo in 3.x - incorrectly setlevel -i syslo # inewfs and mount the disk partition and restore root newfs -LS U /dev/rz1a mount /dev/rz1a /mnt cd /mnt restore -Yrf /dev/rmt0h # if the disk being restored to is at a different scsi address than # the original disk, edit /mnt/etc/fstab to reflect the changes now # then unmount the disk cd / umount /mnt # shutdown the system and reboot to single-user on the newly # restored root disk halt >>> boot -fl s DKA100 +++ # create a symbolic link between /bin and /sbin. Under V4.0, +++ # /bin is normally a symlink to /usr/bin, but since the /usr +++ # partition has not been restored yet, this will not work... +++ rm /bin +++ ln -s /sbin /bin # raise process clearances setlevel -c syshi -s syshi -i syslo # mount the usr disk partition newfs -LS U /dev/rz1g mount /dev/rz1g /mnt cd /mnt restore -Yrf /dev/rmt0h # /usr dump tape cd / umount /mnt +++ # replace the modified /bin symlink +++ rm /bin +++ ln -s usr/bin bin # be sure to make the link as shown here! # DO NOT make it as: "ln -s /usr/bin /bin" # or you will get messages like # "Can't exec /bin/sh" # reboot the newly restored system halt