Skip Navigation Links | |
Exit Print View | |
Sun QFS and Sun Storage Archive Manager 5.3 Installation Guide Sun QFS and Sun Storage Archive Manager 5.3 Information Library |
1. About Sun QFS and Sun Storage Archive Manager
4. Release Package Contents, Directories, and Files
5. Installing Sun QFS and SAM-QFS
6. Installing and Configuring SAM-QFS Manager
Verifying SAM-QFS Manager Requirements
Minimum Hardware Requirements for SAM-QFS Manager
Browser Requirements for SAM-QFS Manager
How to Install SAM-QFS Manager
How to Mount an ISO Image for Installing the SAM-QFS Manager
How to Access the SAM-QFS Manager
How to Set the SAM-QFS Manager Session Timeout
How to Add an Additional Server for SAM-QFS Manager Access
Adding and Modifying User Accounts
How to Manually Create Additional SAM-QFS User Accounts
How to Manually Grant Privileges to SAM-QFS Users
How to Create a SAM-QFS Manager Account to be Used by Multiple Users
7. Configuring the File System Environment
8. Setting Up Mount Parameters and Initializing the File System Environment
9. Backing Up SAM-QFS Data and Files
10. Upgrading Sun QFS and SAM-QFS
11. Uninstalling the SAM-QFS Manager Software
12. Installing Sun QFS and Sun Storage Archive Manager -- Quick Start
Use the SAM-QFS Manager to configure, monitor, control, and reconfigure the devices in your SAM-QFS Manager environment. Only the SAM-QFS Manager administrator should log in using the root login. All other users should log in using another user name.
By default, SAM-QFS Manager manages the server on which it is installed. It can also be used to manage other servers that run SAM-QFS Manager software. However, those additional servers must first be configured to allow SAM-QFS Manager access.
For example:
# fsmadm add management_station.sample.com
Use the fsmadm list command to verify that your SAM-QFS management station is listed in the output.
# fsmadm list management_station.sample.com
The Add Server window appears.
You can create additional administrator and guest accounts at any time after the initial SAM-QFS Manager configuration. These guest accounts are local to the management station. Each user account that you add in this way has read-only viewing privileges for SAM-QFS Manager functions.
Because multiple users with the same privilege level can be logged in to the software concurrently, one user's changes could potentially overwrite another user's previous changes. To prevent this situation, develop policies about who can make changes and how to notify others.
If you uninstall the SAM-QFS Manager software, the removal scripts do not remove the additional accounts that you created manually.
For example, to add a user with account name bobsmith, type the following:
# /usr/sbin/useradd bobsmith # /usr/bin/passwd bobsmith
You can grant users full or partial access to SAM-QFS Manager functions.
Add the following line to the /etc/user_attr file:
account-name*::::auths=*privilege-level
account-name is the name of the user's account and privilege-level is one of the following levels of authorization to grant a user.
The available administrative privilege levels are:
User has unlimited access.
User can add or remove libraries, add or remove stand-alone drives, reserve volume serial names (VSNs), import VSNs, load and unload VSNs, export VSNs, and so on.
User can start, stop, or idle archiving operations.
User can start or stop staging, and can restore a file system.
User can mount or unmount a file system, edit mount options, and perform file system checks (fsck).
Example 6-1 Granting Full Privileges to a User
To grant full privileges (com.sun.netstorage.fsmgr.config) for user account bobsmith, add the following line to the /etc/user_attr file:
bobsmith::::auths=com.sun.netstorage.fsmgr.config
To grant bobsmith privileges only for staging and restoring file systems (com.sun.netstorage.fsmgr.operator.file) and exporting, importing, and assigning VSNs (com.sun.netstorage.operator.media), add the following line to the /etc/user_attr file:
bobsmith::::auths=com.sun.netstorage.fsmgr.operator.file, com.sun.netstorage.fsmgr.operator.media
You can create a generic SAM-QFS Manager account that can be used by multiple users. You can then add a role with privileges that only some of those users can access to perform additional operations.
For example, to add a user account called guest for multiple users, you would type the following:
# /usr/sbin/useradd guest # /usr/bin/passwd guest
To create a role called admin that has special privileges within the guest account, you would type the following:
# /usr/sbin/roleadd admin # /usr/bin/passwd admin
Example 6-2 Assigning Role Privileges
To assign the admin role privileges to restore and stage file systems, add the following lines to the /etc/user_attr file:
admin::::auths=com.sun.netstorage.fsmgr.operator.file guest::::type=normal;roles=admin
In this example, when a user logs in as guest, SAM-QFS Manager prompts the user to select either No Role or Admin. If a user knows the Admin role password, they can select Admin, provide the Admin password, and obtain privileges to restore and stage file systems. All other users must select No Role and have read-only privileges.