Content-type: text/html
Man page of NSR
NSR
Section: Maintenance Commands (8)
Updated: Dec 11, 01m
Index
Return to Main Contents
NAME
nsr - introduction and overview of NetWorker
DESCRIPTION
NetWorker facilitates the backup and recovery of files on a network of
computer systems. Files and filesystems may be backed up on a
scheduled basis. Recovery of entire filesystems and single files is
simplified by use of an on-line index of saved files.
NetWorker uses a client-server model to provide the file backup and
recover service. At least one machine on the network is designated as
the NetWorker
server,
and the machines with disks to be backed up are NetWorker
clients.
Six daemons provide the NetWorker service, control access to the
system, and provide index and media support. On the clients, there
are special programs to access the file systems and communicate with
the NetWorker server.
The NetWorker system has several parts. Commands and files are only
briefly mentioned here; see the appropriate reference manual page for
more detailed information. Each command has a manual page entry in
section 8. The files and their formats are explained in section 5
manual pages.
The
NetWorker Administrator's Guide
provides information on
configuring and administering a NetWorker system. It includes many
examples and rationales for setting up and running a successful backup
operation.
INSTALLATION
How NetWorker is installed depends on the architecture of the
machine upon which you are installing. For detailed installation
instructions, see the
NetWorker Installation Guide
for your specific platform.
- nsr_layout(5)
-
Describes where NetWorker programs, files, and manual pages are
installed.
SERVER DAEMONS
NetWorker uses a client-server model to provide a backup and recover
service. The following daemons encompass the server side of
NetWorker.
- nsrd(1m)
-
The main NetWorker daemon.
nsrd
handles initial communication with clients, and starts and stops the
other NetWorker server daemons.
- ansrd(1m)
-
The
agent
nsrd process, spawned by
nsrd
in response to a recovery, clone, or other session.
The
ansrd
daemon is invoked on an as-needed basis and is only present when there are
sessions active to the NetWorker server.
Modern versions of
save(1m)
do not require use of an
ansrd
daemon.
- nsrindexd(1m)
-
This server daemon provides access to the NetWorker on-line index.
The index holds records of saved files. The index allows clients to
selectively browse and choose files to recover without having to
access the backup media.
- nsrmmdbd(1m)
-
The media management database daemon provides an index of save sets
and media.
The
nsrmmdbd
daemon provides a much coarser view of the saved files than does
nsrindexd,
and therefore the resultant index is usually much smaller.
- nsrjobd(1m)
-
The jobs daemon provides for the centralized monitoring and control of
remote execution "jobs", typically save and directed recover. It manages
the parallelism when spawning remote jobs and monitors the status for
reporting and storing execution information. All scheduled backups are
initiated from
nsrjobd.
- nsrmmd(1m)
-
The media multiplexor daemon provides device support for NetWorker.
When more than one client is saving files, the data from each client
is multiplexed. During recovery operations, the data is demultiplexed
and sent back to the requesting clients.
When the multiple devices are enabled,
several of these daemons may be active simultaneously.
ADMINISTRATION
NetWorker is administered via
resources
and
attributes.
Every resource has one or more attributes associated with it. For
example, a device is a NetWorker resource type; an attribute of
devices is the device
type,
for example, 4mm or 8mm.
The NetWorker resource format is documented in
nsr_resource(5).
There is also a manual page for each NetWorker resource in section 5
of the manual.
Resource files are not normally edited by hand. Rather, a NetWorker
tool (usually
NetWorker Management Console
or
nsradmin(1m))
is used to modify resource files dynamically so that values can be
checked and changes can be propagated automatically to the interested
programs. The following are tools that are used to administer various
aspects of NetWorker.
- NetWorker Management Console
-
Monitors the activity of and administers NetWorker servers.
NetWorker Management Console
is a Java based application and is most users' primary interface to NetWorker.
- nsradmin(1m)
-
A
curses(3)
based tool for the administration of NetWorker servers.
- nsrwatch(1m)
-
A
curses(3)
based tool to monitor the activity of NetWorker servers.
- nsrmm(1m)
-
Media manager command.
The
nsrmm
command is used to label, mount, unmount, delete and purge volumes.
Mount requests are generated by
nsrmmd,
and displayed by
NetWorker Management Console
or
nsrwatch.
The size of the on-line user file indexes may be controlled by
deleting and purging volumes.
- nsrjb(1m)
-
The NetWorker jukebox-controlling command. When dealing with a jukebox,
nsrjb,
rather than
nsrmm,
should be used to label, load, and unload the volumes contained within
a jukebox.
- nsrim(1m)
-
Automatically manages the on-line index. It is usually run periodically by
savegrp.
- mminfo(1m)
-
Provides information about volumes and save sets.
- nsrck(1m)
-
Checks and repairs the NetWorker on-line index. It is run
automatically when
nsrd
starts up if the databases were not closed cleanly due to a system
crash.
- nsr_render_log(1m)
-
Creates a human readable version of the Networker logs.
- nsr_shutdown(1m)
-
A shell script used to safely shut down the local NetWorker server.
The
nsr_shutdown
script can only be run by the super user.
SAVING FILES
NetWorker supports both scheduled and manual saving of files and
filesystems. Each client may be scheduled to save all or part of its
filesystems. Different clients may be scheduled to begin saving at
different times.
- save(1m)
-
A command-line-based tool used to back up a specified file or group of
files.
The
save
command may be run manually by users and administrators, or automatically by
savegrp.
- savegrp(1m)
-
Used to initiate the backup of a group of client machines.
Usually started automatically by the NetWorker server.
The
savegrp
command also backs up the clients' on-line file indexes,
which are stored on the server.
When backing up the server itself, a
bootstrap
save set is also created.
- nsrexec(1m)
-
The
agent
savegrp process, spawned by
savegrp.
The
nsrexec
command monitors the progress of NetWorker commands.
- nsrclone(1m)
-
The NetWorker save set/volume cloning command. Using
nsrclone,
clones,
or exact replicas, of save sets or entire volumes can be made. Clone
data is indistinguishable from the original data, except for the
NetWorker media volumes upon which the data reside.
- nsrexecd(1m)
-
NetWorker-specific remote execution service which runs on NetWorker
clients. Used by
savegrp
to start
save
and
savefs
on client machines.
- savefs(1m)
-
Used by
savegrp
to determine characteristics of a client, and to map the save set
All
to the current list of all save sets on a client.
RECOVERING FILES
NetWorker maintains an on-line index of user files that have been
saved. Users may browse the index and select files for recovery.
This information is used to build a representation of the file
heirarchy as of any time in the past.
NetWorker then locates the correct volume and recovers the requested
files.
- recover(1m)
-
Browses the on-line user file index and selects files and filesystems
to recover.
- nwrecover(1m)
-
A Motif-based tool for recovering files.
The
nwrecover
command is the graphical equivalent of
recover.
- mmrecov(1m)
-
Used only for disaster recovery.
Recovers the special
bootstrap
index and the server's on-line file index.
The
recover
or
nwrecover
commands are used to recover other on-line file indexes.
- scanner(1m)
-
Verifies correctness and integrity of NetWorker volumes. Can also
recover complete save sets and rebuild the on-line file and media
indexes.
- nsr_crash(1m)
-
A man page describing crash recovery techniques.
- nsrinfo(1m)
-
Used to generate reports about the
contents of a client's file index.
APPLICATION SPECIFIC MODULES
In order to process user files in an optimal manner, NetWorker
provides the
ASM
mechanism. Pattern matching is used to select files for processing by
the different ASMs. The patterns and associated ASMs
are described in
nsr(5).
The
save
command keeps track of which ASMs were used to process a file so that
recover
may use the same ASMs to recover the file.
- uasm(1m)
-
UNIX filesystem specific save/recover module.
The
uasm
man page documents the general rules for all ASMs.
The
uasm
command and its man page actually comprise several additional ASMs,
including
compressasm,
mailasm,
and
xlateasm,
to name a few.
- nsrindexasm(1m)
-
Processes the on-line user file indexes.
- nsrmmdbasm(1m)
-
Processes the on on-line media database.
SERVER LOCATION
On large networks there may be several NetWorker servers installed.
Each NetWorker client command must select a server to use.
For server selection, the client commands are classified into two
groups:
administration
and
operation.
The administration commands include
NetWorker Management Console,
nsrwatch,
and
mminfo.
The operation commands include
save,
savefs,
and
recover.
Both groups of commands accept a
-s
server
option to explicitly specify a NetWorker server.
When a server is not explicitly specified, the operation commands use
the following steps to locate one. The first server found is used.
- 1)
-
The local machine is examined to see if it is a NetWorker server.
If it is, then it is used.
- 2)
-
The machine where the current directory is actually located is
examined to see if it is a NetWorker server. If it is, then it is
used.
- 3)
-
The machine specified with the
-c
option is examined to see if it is a NetWorker server.
If it is, then it is used.
- 4)
-
The list of trusted NetWorker servers is obtained from the local machine's
nsrexecd(1m).
Each machine on the list is examined
to see if it is a NetWorker server.
The first machine determined to be a NetWorker server is used.
- 5)
-
A broadcast request is issued.
The first NetWorker server to respond to the request is used.
- 6)
-
If a NetWorker server still has not been found, then the local machine
is used.
The administrative commands only use step 1.
SECURITY
Before a save is allowed, there must be
an
NSR client
resource created for the given client. Before a recovery is allowed,
the server validates client access by checking the
remote access
attribute in the
NSR client
resource (see
nsr_client(5)).
The
savegrp(1m)
command initiates the
save(1m)
command on each client machine in an NSR group by using the
nsrexecd(1m)
remote save execution service.
See the
nsrexecd(1m)
man page for details. For backward compatibility with older versions
of NetWorker,
savegrp(1m)
will fall back on using the
rsh(1)
protocol for remote execution if
nsrexecd
is not running on a particular client.
Access to the NSR resources through the
nsradmin(1m)
command or
NetWorker Management Console
is controlled by the
administrator
attribute on the NSR server resource (see
nsr_service(5)).
This attribute has a list of names of the
users who have permission to administer that resources. Names that
begin with an ampersand (&) denote netgroups (see
netgroup(5)).
Also names can be of the form user@host or
user=user,host=host to authorize
a specific user on a specific host.
ROOT PRIVILEGES
The system administrator can grant root privileges to specific
groups of users by changing the mode of a NetWorker program to setuid-root
and setgid-group.
(See
chgrp(1)
and
chmod(1)
for more details.)
When a user invokes a program that is both setuid-root and
setgid-group, he may retain root privileges if one of the following
is true:
- 1.
-
The user's name and the program's group name are identical.
- 2.
-
One of the process's supplementary group id names is identical
to the program's group name.
(See
getgroups(2)
for more details.)
- 3.
-
The user's name is an element of the netgroup whose name is
identical to the program's group name.
(See
getgrnam(3)
for more details.)
For example, the mode and group owner of the
recover
command can be changed
such that the
ls
output looks like:
-
-rws--s--x 1 root staff 548808 Apr 18 16:04 recover
A user invoking this command will retain root privileges if
(1) his name is ``staff'', or
(2) he is a member of the group ``staff'', or
(3) his name appears as an element of the netgroup ``staff''.
Granting root privileges may be applied to the following NetWorker
programs:
nsrexec(1m),
nsrports(1m),
recover(1m),
nwretrieve(1m),
nwrecover(1m),
nsrclone(1m),
nsrssc(1m),
nsrmm(1m),
mmpool(1m),
mmlocate(1m),
nsrjb(1m),
nsrinfo(1m),
nsrstage(1m),
nsrcap(1m),
save(1m),
nsrpmig(1m),
nsrck(1m),
nsrim(1m),
jbconfig(1m),
nsrcnct(1m),
and
scanner(1m).
NAMING AND AUTHENTICATION
As described above, the NSR server only accepts connections
initiated from the machines listed as clients or listed in the
remote access
list (for recovering). Since machines may be connected to more than
one physical network and since each physical network connection may
have numerous aliases, the policies below are used as a compromise
between security and ease of use. For further information about
naming in the UNIX environment, refer to
gethostent(3)
or other documentation on name services.
A client determines its own name as follows. First the client's UNIX
system name is acquired via the
gethostname(2)
system call. The UNIX system name is used as a parameter to the
gethostbyname(3)
library routine. The client declares its name to be the official (or
``primary'') name returned by
gethostbyname.
This name is passed to the NetWorker server during connection
establishment.
A server authenticates a client connection by reconciling the
connection's remote address with client's stated name. The address is
mapped to a list of host names via the
gethostbyaddr(3)
library function. Next, the client's stated name is used as a
parameter to
gethostbyname
to acquire another list of host names. The client is successfully
authenticated only if a common name between the two lists exists.
The NetWorker server maps a client's name to an on-line index database
name by resolving the client's name to the official name returned by
gethostbyname.
This mapping takes place both at client creation time and at
connection establishment time.
To ensure safe and effective naming, the following rules should be
employed:
- 1)
-
The NetWorker clients and servers should access consistent host
name databases. NIS (YP) and the Domain Name System (DNS) are naming
subsystems that aid in host name consistency.
- 2)
-
All hosts entries for a single machine should have at least one
common alias among them.
- 3)
-
When creating a new client, use a name or alias that will map back
to the same official name that the client machine produces by backward
mapping its UNIX system name.
SEE ALSO
rsh(1),
gethostname(2),
gethostent(3),
netgroup(5),
nsr(5),
nsr_layout(5),
nsr_resource(5),
ypfiles(5),
ypmake(5),
mminfo(1m),
nsr_crash(1m),
nsr_service(5),
nsr_render_log(1m),
nsr_shutdown(1m),
nsradmin(1m),
nsrck(1m),
nsrclone(1m),
nsrd(1m),
nsrexecd(1m),
nsrim(1m),
nsrindexasm(1m),
nsrindexd(1m),
nsrinfo(1m),
nsrjb(1m),
nsrls(1m),
nsrmm(1m),
nsrmmd(1m),
nsrmmdbasm(1m),
nsrmmdbd(1m),
nsrwatch(1m),
nwrecover(1m),
recover(1m),
mmrecov(1m),
save(1m),
savefs(1m),
savegrp(1m),
scanner(1m),
uasm(1m).
The
NetWorker Administrator's Guide
Index
- NAME
-
- DESCRIPTION
-
- INSTALLATION
-
- SERVER DAEMONS
-
- ADMINISTRATION
-
- SAVING FILES
-
- RECOVERING FILES
-
- APPLICATION SPECIFIC MODULES
-
- SERVER LOCATION
-
- SECURITY
-
- ROOT PRIVILEGES
-
- NAMING AND AUTHENTICATION
-
- SEE ALSO
-
This document was created by
man2html,
using the manual pages.
Time: 02:37:09 GMT, October 02, 2010