PreviousNext

Backing Up the Security Service Registry and CDS

As organizations increasingly depend on DCE cells for their day-to-day operations, they cannot afford to lose the cell's directory and security data. Organizations generally rely on regular backup schemes to prevent the loss of this and other critical data. But backing up these DCE databases by using traditional backup methods can cause security holes in your cell if the archives are not properly protected.

Fortunately, DCE includes features that let you back up these essential databases to destinations of your choosing. Once you've begun using the DCE mechanism to back up CDS and security data, you can redirect your traditional backup program to ignore these DCE databases.

The cell backup operation backs up the master security database and each clearinghouse with master replicas in the cell. This operation requires that a dced is running on each of the server hosts being backed up.

Prepare a cell for regular backup operations by setting up an Extended Registry Attribute (ERA) that can specify a backup destination (typically a tape archive). Then add the new attribute to the principals for the master DCE Security Service registry database and all CDS clearinghouses with master replicas that you want to back up. To do this, follow these steps:

1. Put the DCE daemon into partial service mode by sending the dced process the correct signal:

# kill -SIGUSR1 pid_of_dced
#

2. Invoke dcecp with the -local option:

% dcecp -local
dcecp>

3. Modify ACLs on the local hostdata and srvconf objects to allow the subsys/dce/dced-admin group access by using the following dcecp acl operations:

dcecp> acl modify hostdata -add {group subsys/dce/dced-admin riI} -local
dcecp> acl modify srvconf -add {group subsys/dce/dced-admin riI} -local
dcecp> acl modify srvconf -add {group subsys/dce/dced-admin -d rwx} -io local
dcecp>

4. Put the DCE daemon back into full service mode with the following command:

kill -SIGUSRI pid_of_dced
%

5. Create an ERA as a string that specifies a backup destination. Name the ERA /.:/sec/xattrschema/bckp_dest and the type pringstring. Select the ACL manager named principal and set its four permission bits to r (read), m (manage), r (read), and D (Delete) as shown in the following command:

dcecp> xattrschema create /.:/sec/xattrschema/bckp_dest -encoding printstring \
> -aclmgr {principal r m r D}
dcecp>

6. Add the new ERA (bckp_dest) to the principal dce-rgy (the DCE Security Service registry database). Set the value to be the tar filename or the device that is the backup destination:

dcecp> principal modify dce-rgy -add {bckp_dest tarfilename_or_device}
dcecp>

7. Add the new ERA (bckp_dest) to the principal /.:/hosts/hostname/cds-server (the CDS server). Set the value to be the tar filename or the device that is the backup destination:

dcecp> principal modify /.:/hosts/hostname/cds-server -add {bckp_dest tarfilename_or_device}
dcecp>

Now, whenever you want to back up your registry database or CDS database, just invoke a cell backup operation as follows:

dcecp> cell backup
dcecp>

You can back up another cell by including the cellname as an argument to the cell backup operation. Note that you need the necessary permissions in the remote cell. (Refer to the cell(8dce) Part 1. The DCE Control Program reference page for the required privileges.)