HP c3700 - Workstation Supplementary Manual

HP Enterprise File System

Planning and Configuring HP DCE/9000

Enhanced DFS Version 3.0

HP Part No. B6863-IE002-E0302

Edition 1

2

Legal Notices

The information in this document is subject to change without notice.

Hewlett-Packard makes no warranty of any kind with regard to this

document, including, but not limited to, the implied warranties of

merchantability and fitness for a particular purpose. Hewlett-Packard shall

not be held liable for errors contained herein or direct, indirect, special,

incidental or consequential damages in connection with the furnishing,

performance, or use of this material.

Warranty. A copy of the specific warranty terms applicable to your Hewlett-

Packard product and replacement parts can be obtained from your local Sales

and Service Office.

Restricted Rights Legend. Use, duplication or disclosure by the U.S.

Government is subject to restrictions as set forth in subparagraph (c) (1) (ii)

of the Rights in Technical Data and Computer Software clause at DFARS

252.227-7013 for DOD agencies, and subparagraphs (c) (1) and (c) (2) of the

Commercial Computer Software Restricted Rights clause at FAR 52.227-19

for other agencies.

HEWLETT-PACKARD COMPANY

3000 Hanover Street

Palo Alto, California 94304 U.S.A.

Use of this document and the CD-ROM(s) supplied for this pack is restricted

to this product only. Additional copies of the programs may be made for

security and back-up purposes only. Resale of the programs in their present

form or with alterations, is expressly prohibited.

rights reserved.

Reproduction, adaptation, or translation of this document without prior

written permission is prohibited, except as allowed under the copyright laws.

California

3

Legal Notices

This software is based in part on the Fourth Berkeley Software Distribution

under license from the Regents of the University of California.

Trademark Notices UNIX is a registered trademark in the United States and

other countries, licensed exclusively through X/Open Company Limited.

X Window System is a trademark of the Massachusetts Institute of

Technology.

MS-DOS and Microsoft are U.S. registered trademarks of Microsoft

Corporation.

OSF/Motif is a trademark of the Open Software Foundation, Inc. in the U.S.

and other countries.

4

Legal Notices

Contents

5

Planning and Configuring HP DCE/9000 Enhanced DFS Version 3.0 1

1 About HP DCE/9000 Enhanced DFS

Overview of HP DCE/9000 Enhanced DFS Version 3.0 12

Benefits 13

Features 14

Restriction of RPC Addresses 14

DCE/DFS TCL Configuration Functions 15

Global Variables 15

System Tuning Variables 15

Administration Tools for Enhanced DFS 3.0 16

HP Enterprise File System Admin Web 17

Compatibility Information and Installation Requirements 18

Enhanced DFS 3.0 Interoperability 18

NIS and Integrated Login Interoperability 18

What Manuals are Available for This Version 19

2 Installing and Configuring Enhanced DFS 3.0

Planning for Enhanced DFS 3.0 Installation and Configuration 22

Preparing to Administer DFS 24

Considerations for Enhanced DFS 3.0 Installation and Configuration 25

6

Contents

Before Installing and Configuring Enhanced DFS 3.0 27

To Install and Configure Enhanced DFS 28

Enhanced DFS 3.0 Filesets 29

Migrating root.dfs from UFS to Episode 31

Replicating root.dfs Using “Cheap Replication” 34

Handling of setuid Programs and Device Files in DFS 36

setuid Script 36

Additional DFS Cache Manager Commands 38

Stopping Enhanced DFS 43

Removing Enhanced DFS Configuration Information and DFS Cache

Files 44

Restricting RPC Addresses 45

Setting Global Variables 46

Using Tuning Variables 48

3 Running dce_config to Configure Enhanced DFS

Configuring a System Control Server 50

Configuring a DFS Fileset Location Database 52

Configuring a File Server and a Private File Server 55

Contents

7

Configuring a DFS Client 57

dfs_config Environment Variables 60

A TCL Functions

DCE TCL Functions 64

Configuration Functions 64

Unconfiguration Function 75

Cleanup Functions 76

Miscellaneous Functions 84

DCE TCL Examples 112

Configuring a DCE Client 112

Configuring a Single-machine DCE Server 112

Configuring dced 113

Configuring secd 113

Configuring cdsd 114

Configuring dtsd 114

Configuring a Security Replica 114

Configuring a CDS Replica 115

Unconfiguring a Client (only) Machine from an Existing Cell 115

Removing a Machine from an Existing Cell 116

DFS TCL Functions 117

Configuration Functions 117

Unconfiguration Functions 124

Miscellaneous Functions 131

Examples of Primary DFS Functions 136

8

Contents

B The DFS/NFS Secure Gateway

Overview of the DFS/NFS Gateway 140

Configuring Gateway Server Machines 143

Configuring a Gateway Server Without Enabling Remote Authentication 144

Configuring a Gateway Server and Enabling Remote Authentication 145

Configuring the BOS Server Process 146

Configuring the Gateway Server Process 148

Configuring NFS Clients to Access DFS 150

Configuring a Client Without Enabling Remote Authentication 151

Configuring a Client and Enabling Remote Authentication 152

Accessing DFS from an NFS Client 154

Unauthenticated Access to DFS 154

Authenticated Access to DFS 155

Authenticating to DCE from an NFS Client 157

Authenticating to DCE from a Gateway Server Machine 159

Determining Whether a Specific User is Authenticated to DCE 161

Displaying Information About All Users Who Are Authenticated to DCE 162

9

About this document

This document describes features of HP DCE/9000 Enhanced DFS Version 3.0

specific to Hewlett-Packard. For features of standard DFS, see the OSF

documentation.

This book is organized as follows:

• Chapter 1 describes the benefits and features of HP DCE/9000 Enhanced DFS

and provides important compatibility information and installation requirements.

• Chapter 2 describes installing HP DCE/9000 Enhanced DFS.

• Chapter 3 describes configuring HP DCE/9000 Enhanced DFS.

• Appendix A provides information on DCE and DFS TCL functions, and provides

examples.

• Appendix B provides and overview of the DFS/NFS Secure Gateway and

describes how to configure a gateway server machine.

10

11

1

About HP DCE/9000 Enhanced DFS

HP DCE/9000 Enhanced DFS Version 3.0 is a distributed file system

functionally equivalent to Version 1.2.2 of The Open Group (formerly Open

Software Foundation) DCE Distributed File Service (DFS). Enhanced DFS

is one component of the HP Enterprise File System product family.

12

About HP DCE/9000 Enhanced DFS

Overview of HP DCE/9000 Enhanced DFS Version 3.0

HP DCE/9000 Enhanced DFS 3.0 is a distributed client/server application

that presents DCE with a global view of a set of files and directories,

independent of machine boundaries. This global view is called the Enhanced

DFS filespace. Within this filespace, users can share files stored on any of

the computers that are part of this global view.

Enhanced DFS requires the HP-UX 11.0 operating system and the

HP DCE/9000 Version 1.7 product. Enhanced DFS supports all

HP DCE/9000 DFS 1.7 functionality and protocols, and interoperates fully

with other DFS servers.

The client and server components of Enhanced DFS 3.0 are available as

separately orderable components.

NOTE: For this version of Enhanced DFS 3.0, only the client is available.

13

About HP DCE/9000 Enhanced DFS

Benefits

Enhanced DFS 3.0 provides a number of benefits, including the following:

• Allows faster restarts after abnormal system shutdowns using the DCE LFS log-

based file system

• Uses tokens to ensure that users are working with the most-recent copy of a file

and to track who is working on the file

• Allows administrators to replicate commonly used DCE LFS filesets on multiple

File Server machines

• Allows easier recovery from severe system failures

• Provides increased availability of files through replication and caching

• Improves load balancing of data

• Tracks the location of every fileset

• Extends the UNIX permissions to provide more precise definitions of access

permissions for directories and files using ACLs

• Allows the use of data from non-LFS file systems

• Allows the addition of server and client machines to an

HP DCE/9000 DFS

configuration with little impact on other servers or clients and with few additional

administrative responsibilities

• Supports enhanced administration and security

• Stores central copies of system configuration and binary files on designated

machines and distributes these files to other server machines in the network

• Backs up and restores system and user data as needed

Enhanced DFS 3.0 operates on top of and interacts with the following HP

DCE 1.7 components:

• DCE Security Service

• DCE Directory Service

• DCE Distributed Time Service

• DCE Remote Procedure Call facility

14

About HP DCE/9000 Enhanced DFS

Features

Enhanced DFS 3.0 offers complete HP DCE/9000 1.7 DFS server

functionality for distributed computing environments, which can include:

• Server machines

• Client machines

• Data access management

• Administrative domains

• Administrative lists and groups

• Local file system

• Database distribution

• The scout program

• Authenticated access from NFS via the gateway

In addition, Enhanced DFS 3.0 includes all extended DFS features.

Restriction of RPC Addresses

Enhanced DFS 3.0 includes restricting RPC addresses with the use of the

environment variable, RPC_SUPPORTED_NETADDRS. See the HP

DCE 1.7 planning and configuration guide for a description of this

environment variable.

The runtime looks for a RPC_SUPPORTED_NETADDRS environment

variable, which allows a user or administrator to restrict the network

addresses that a DFS host advertises in the name-space or endpoint-map.

If you set this environment variable, only addresses in the list will be

advertised in the namespace or endpoint map. Addresses not found on the

list are excluded from the server’s list of available addresses.

For information on using this feature, see “Restricting RPC Addresses” in

Chapter 2.

15

About HP DCE/9000 Enhanced DFS

Features

DCE/DFS TCL Configuration Functions

Enhanced DFS 3.0 offers a number of configuration, unconfiguration,

cleanup, and miscellaneous TCL functions for DCE and DFS. For more

information, see Appendix A.

Global Variables

Enhanced DFS 3.0 offers a number of global variables including directory

variables, execution variables, and security server variables. For more

information, see “Setting Global Variables” in Chapter 2.

System Tuning Variables

Enhanced DFS 3.0 includes variables that allow system administrators to

specify startup parameters for DFS daemons. For more information, see

“Using Tuning Variables” in Chapter 2.

16

About HP DCE/9000 Enhanced DFS

Administration Tools for Enhanced DFS 3.0

Enhanced DFS 3.0 provides several tools, in addition to the standard tools

and commands provided with OSF DFS 1.2.2, to help you monitor and

administer your DFS 3.0 file servers. These tools are provided in the

EFS-ResourceKit installation product.

• Sentinel — a graphical file server monitoring tool that displays free disk space on

DFS file servers and a summary of DFS files server statistics. It also detects

server problems (when a free space threshold is exceeded or when a server cannot

be reached). It is provided in the EFS-CNTRB-SNTL fileset and installed as

/opt/dce/bin/sentinel. Sentinel requires X-Windows display capability. Sentinel

has online help accessible from its graphical interface.

• EfsStatus — a dcecp script that displays status information about the DCE and

DFS servers in your cell. It is provided in the EFS-CNTRB-SNTL fileset and

installed as /opt/dce/efsadmin/bin/efsstatus.dcp.

• Tkm_adjust — a utility that allows you to examine and modify various token

manager parameters. Use this command with extreme caution, as it is capable of

corrupting the state of the Enhanced DFS client. Tkm_adjust does not have an

associated man page. It is provided in the EFS-CNTRB-TKMAJ fileset and

installed as /opt/dce/bin/tkm_adjust.

You can run Sentinel and EfsStatus from the Enterprise File System (EFS)

Admin web. The EFS Admin web is a group of HTML files and CGI scripts

shipped with the Enhanced DFS product (see "HP Enterprise File System

Admin web" in this chapter). You can run the EfsStatus tool directly from a

command line by entering /opt/dce/efsadmin/bin/efsstatus.dcp.

NOTE: You can either run the efsstatus.dcp or sentinel command from the directory

where that tool is installed, or explicitly specify the full pathname to where that tool

is installed.

17

About HP DCE/9000 Enhanced DFS

HP Enterprise File System Admin Web

The Enterprise File System (EFS) Admin web is a group of HTML files and

CGI scripts shipped with the Enhanced DFS product. You can use these files

to create your own EFS web server site, or integrate them into an existing

web server. The files are contained in the installation fileset EFS-WEB and

get installed in the directory /opt/dce/usr/contrib/efsadmin.

Once you have the EFS Admin web up, it allows you to:

• run Sentinel, a graphical file server monitoring tool

• run EfsStatus, a dcecp script that prints status information about DCE and

Enhanced DFS servers in your cell

• view DCE and Enhanced DFS log information for a specified node

• access the HP Corporate and HP EFS home pages

• view Information on product updates and new additions to the Resource Kit via

the HP EFS home page

• send mail about Enhanced DFS to HP

Note that you can access a copy of the HP DCE/9000 Enhanced DFS

Version 3.0 Release Note (in HTML format) from the

HP EFS home page.

The HTML Release Note is the same as the printed Release Note, except it

may contain post-product-release updates to the printed version. See the

“What Manuals are Available for This Version” section in this manual for

complete information about the documentation provided with HP DCE/9000

Enhanced DFS 3.0.

18

About HP DCE/9000 Enhanced DFS

Compatibility Information and Installation Requirements

Compatibility Information and Installation

Requirements

This chapter describes the hardware, software, operating system, memory,

and swap space requirements for HP DCE/9000 Enhanced DFS Version 3.0

on HP-UX 11.0.

Enhanced DFS 3.0 Interoperability

Enhanced DFS 3.0 clients and servers are completely interoperable with HP

DCE/9000 Version 1.4x, 1.5.x, EFS 1.0, DFS 2.0, and 1.7 DFS clients and

servers. Enhanced DFS 3.0 servers can "serve" HP DCE/9000 Version 1.4x

and 1.7 DFS clients; conversely, HP DCE/9000 Version 1.4x and 1.7 DFS

servers can serve Enhanced DFS 3.0 clients.

NIS and Integrated Login Interoperability

NIS, Integrated Login, and DCE/DFS should interoperate without any

problems because they do not have any knowledge of one another.

Both Integrated Login and NIS attempt to solve the problem of creating a

common /etc/passwd and /etc/group file on multiple nodes. Integrated

Login does this by using /opt/dce/bin/passwd_export to pull the contents of

the DCE registry (basically the global /etc/passwd and /etc/group files)

onto each node. NIS, on the other hand, gets the global /etc/passwd and

/etc/group files through a hook in the getpwent() system call. DCE/DFS

uses this functionality primarily to print a username and group when you

perform an ls -l within DFS.

The second function of Integrated Login, which NIS does not provide, is to

obtain a user’s DCE credentials when a user performs a standard UNIX login

through telnet, ftp, CDE, and so on. If Integrated Login obtains the

credentials successfully, the user accesses DFS in an authenticated manner,

and without having to perform a dce_login. When DCE is not available,

Integrated Login falls back to using the /etc/passwd file; upon successful

login, the user does not have DCE credentials, gains unauthenticated access

to DFS, and thus can only access entries with an any_other ACL entry.

19

About HP DCE/9000 Enhanced DFS

What Manuals are Available for This Version

Documentation for HP DCE/9000 Enhanced DFS Version 3.0 consists of

online documentation. The online documentation is available in various

formats: ASCII text, HTML files, and Portable Document Format (readable

with the freely available Adobe Systems Acrobat Reader software).

The Enhanced DFS 3.0 online documentation consists of the following:

• HP DCE/9000 Enhanced DFS Version 3.0 Release Note — available online via

the World Wide Web at HP’s EFS home page web site. See the “HP Enterprise

File System Admin Web” section in Chapter 1 for details about accessing this

file.

This document is available at the following pathnames:

/opt/dce/efs_docs/html/EnhDFSRelNote/index.html

/opt/dce/efs_docs/pdf/EnhDFSRelNote.pdf

/opt/dce/efs_docs/text/EnhDFSRelNote.text

• Planning and Configuring HP DCE/9000 Enhanced DFS Version 3.0 —

available at the following pathnames:

/opt/dce/efs_docs/html/PlanConfigEFS/index.html

/opt/dce/efs_docs/pdf/PlanConfigEFS.pdf

/opt/dce/efs_docs/text/PlanConfigEFS.text

• OSF DCE DFS Administration Guide, Revision 1.2.2 — available at the

following pathnames:

/opt/dce/efs_docs/html/Admin_Guide/index.html

/opt/dce/efs_docs/text/OSFDFS1.2.2Admin.txt

This manual is a detailed, comprehensive description of OSF DCE DFS Version

1.2.2, the software upon which Enhanced DFS 3.0 is based.

• OSF DCE DFS Reference Guide, Revision 1.2.2 — available at the following

pathnames:

/opt/dce/efs_docs/html/Reference_Manual/index.html

/opt/dce/efs_docs/text/OSFDFS1.2.2Ref.txt

This document describes the configuration files and administrative commands of

OSF DCE DFS Version 1.2.2, the software upon which Enhanced DFS 3.0 is

based.

20

About HP DCE/9000 Enhanced DFS

What Manuals are Available for This Version

Page is loading ...

HP c3700 - Workstation Supplementary Manual

HP c3700 - Workstation Supplementary Manual

Related papers

Other documents