C H A P T E R 13

SMS Utilities

This section discusses the SMS backup, configuration, restore, and version utilities. For information and examples of these utilities, refer to the System Management Services (SMS) 1.5 Reference Manual and online man pages.

This chapter includes the following sections:

SMS Backup Utility

SMS Restore Utility

SMS Version Utility

SMS Configuration Utility

SMS Backup Utility

smsbackup creates a cpio(1) archive of files that maintain the operational environment of SMS.

Note - This utility runs on the SC and does not replace the need for routine and timely backups of SC and domain operating systems and domain application data.

Whenever changes are made to the SMS environment, for example, by adding boards to or removing boards from a domain, you must run smsbackup again in order to maintain a current backup file for the system controller.

The name of the backup file is smsbackup.X.X.cpio, where X.X represents the active version from which the backup was taken.

smsbackup saves all configuration, platform configuration database, SMS, and log files. In other words, SMS saves everything needed to return SMS to the working state it was in at the time the backup was made.

Backups are not performed automatically. Whenever changes are made to the SMS environment, a backup should be performed. This process can be automated by making it part of root cron job run at periodic intervals depending on your site requirements.

The backup log file resides in /var/sadm/system/logs/smsbackup. You must specify the target location when running smsbackup.

Note - The target location must be a valid UNIX File System (UFS) file system directory. You cannot perform smsbackup to a tmp file system directory.

Whenever you run smsbackup, you receive confirmation that it succeeded or are notified that it failed.

You must have superuser privileges to run smsbackup. For more information and examples, refer to the smsbackup man page.

Restore SMS backup files using the smsrestore(1M) command.

SMS Restore Utility

smsrestore restores the operational environment of the SMS from a backup file created by smsbackup(1M). You can use smsrestore to restore the SMS environment after the SMS software has been installed on a new disk or after hardware replacement or addition. Failover should be disabled and SMS stopped before smsrestore is performed. Refer to the "Stopping and Starting SMS" section of the System Management Services (SMS) 1.5 Installation Guide.

If any errors occur, smsrestore writes error messages to /var/sadm/system/logs/smsrestore.

Note - This utility runs on the SC and does not restore SC operating system, domain operating system, or domain application data.

smsrestore cannot restore what you have not backed up. Whenever changes are made to the SMS environment, for example, by shutting down a domain, you must run smsbackup in order to maintain a current backup file for the system controller.

You must have superuser privileges to run smsrestore. For more information and examples, refer to the smsrestore man page.

SMS Version Utility

smsversion(1M) administers adjacent, co-resident installations of SMS under the same operating system. Adjacent versions of SMS are versions with sequential version numbers, such as SMS 1.4.1 and SMS 1.5. In other words, you cannot use smsversion to switch directly between SMS1.2 and SMS 1.5.

Note - Switching versions from SMS 1.5 to an earlier installed version has SC security implications. Refer to "Switching SMS Versions" in the System Management Services (SMS) 1.5 Installation Guide.

smsversion permits two-way SMS version-switching between sequential co-resident installations on the same operating system but with the following understanding:

TABLE 13-1 Table describing the effects of switching between versions of SMS, with respect to new features and flash PROM differences. Switching Between SMS Versions

Condition	Explanation
New features	Features supported in the newer version of SMS (for example, SC secure by default functionality), might not be supported in the older version. Switching to an older version of SMS can result in the loss of those features. Also, the settings for the new features might be erased.
Flash PROM differences	Switching versions of SMS requires reflashing the CPU flash PROMs with the correct files. These files can be found in the `/opt/SUNWSMS/<SMS_version>/firmware` directory. Use `flashupdate`(1M) to reflash the PROMs after you have switched versions. Refer to the `flashupdate` man page and System Management Services (SMS) 1.5 Installation Guide for more information on updating flash PROMs.

When you switch between sequential releases of SMS (for example, 1.5 to 1.4.1), SMS must be stopped before running smsversion. Refer to "Stopping and Starting SMS" in the System Management Services (SMS) 1.5 Installation Guide. smsversion backs up important system and domain information and switches to the target SMS version. You can switch back to the next sequential SMS version (for example, 1.4.1 to 1.5) at a later time.

Note - Switching between sequential SMS versions across Solaris operating systems (for example, Solaris 8 and Solaris 9) is not supported. Once you upgrade from a Solaris 8 version of SMS to a Solaris 9 version, you cannot go back without also reinstalling the earlier version of the OS.

Without options, smsversion displays the active version and exits when only one version of SMS is installed.

If any errors occur, smsversion writes error messages to /var/sadm/system/logs/smsversion.

You must have superuser privileges to run smsversion. For more information and examples, refer to the smsversion man page.

Version Switching

Note - Switching from SMS 1.5 to an earlier installed version of SMS has SC security implications. Refer to the System Management Services (SMS) 1.5 Installation Guide for more information.

To Switch Between Two Adjacent, Co-resident Installations of SMS

On the Main SC:

1. Make certain your configuration is stable and backed up using smsbackup.

Being stable means the following commands should not be running: smsconfig, poweron, poweroff, setkeyswitch, cfgadm, rcfgadm, addtag, deletetag, addboard, moveboard, deleteboard, setbus, setdefaults, setobpparams, setupplatform, enablecomponent, or disablecomponent.

2. Deactivate failover using setfailover off.

On the Spare SC:

3. Run /etc/init.d/sms stop.

4. Run smsversion.

5. Run smsrestore.

6. If necessary, run smsconfig -m and reboot.

Only run smsconfig -m if you changed your network configuration using smsconfig -m after creating the smsbackup you just restored.

On the Main SC:

7. Stop SMS using /etc/init.d/sms stop.

On the Spare SC:

8. If smsconfig -m was run, reboot; otherwise, run /etc/init.d/sms start.

When the SC comes up, it becomes the main SC.

9. If necessary, update the CPU flash PROMs using flashupdate.

On the Former Main SC:

Repeat steps 4-6 and 8.

On the New Main SC:

Activate failover using setfailover on.

For more information refer to the System Management Services (SMS) 1.5 Installation Guide.

SMS Configuration Utility

smsconfig configures the MAN networks, modifies the hostname and IP address settings used by the MAN daemon mand(1M), and administers domain directory access control lists (ACLs). It will also display the current configuration.

UNIX Groups

smsconfig configures the UNIX groups used by SMS to describe user privileges. SMS uses a default set of UNIX groups installed locally on each SC. smsconfig allows you to customize those groups using the -g option. You can also add users to groups using the -a option and remove users from groups using the -r option.

For information and examples on adding, removing, and listing authorized users, refer to the System Management Services (SMS) 1.5 Installation Guide and the smsconfig(1M) man page.

Access Control List (ACL)

Traditional UNIX file protection provides read, write, and execute permissions for the three user classes: file owner, file group, and other. In order to provide protection and isolation of domain information, access to each domain's data is denied to all unauthorized users. SMS daemons, however, are considered authorized users and will have full access to the domain file systems. For example:

sms-esmd needs to read the blacklist files in each domain directory
$SMSETC/config/[A-R]

sms-osd needs to read from and write to the bootparamdata file in each domain: $SMSVAR/data/[A-R]

sms-dsmd needs to write to hpost logs for every domain
$SMSVAR/adm/[A-R]/post

smsconfig sets the ACL entries associated with the domain directories so that the domain administrator has full access to the domain. A plus sign (+) to the right of the mode field indicates the directories that have ACL defined.

domain_id:sms-user:> ls -al

total 6

drwxrwxrwx   2 root     bin          512 May 10 12:29 .

drwxrwxr-x  23 root     bin         1024 May 10 12:29 ..

-rw-rw-r--+  1 root     bin          312 May  4 16:15 blacklist

To add a user account to the ACL, the user must already belong to a valid SMS group as described in the System Management Services (SMS) 1.5 Installation Guide.

Note - UFS file system attributes, such as the ACL, are supported in UFS file systems only. If you restore or copy directories with ACL entries into the /tmp directory, all ACL entries will be lost. Instead, use the /var/tmp directory for temporary storage of UFS files and directories.

Network Configuration

For each network, smsconfig can set one or more interface designations within that network. By default, smsconfig steps through the configuration of all three internal, enterprise networks (MAN, I1, and I2).

To configure an individual network, append the net_id to the command line. Management networks net_ids are designated I1, I2, and C.

Configure a single domain within an enterprise network by specifying both the desired domain and its net_id. A domain can be excluded from the I1 management network by using the word NONE as the MAN hostname.

Note - Once you have configured or changed the configuration of the MAN network you must reboot the SC in order for the changes to take effect.

You must have superuser privileges to run smsconfig. For more information and examples, refer to the System Management Services (SMS) 1.5 Installation Guide and smsconfig man page, and see Management Network Services.

MAN Configuration

smsconfig -m does the following:

1. Creates /etc/hostname.scman[01].

2. Creates /etc/hostname.hme0 and/or /etc/hostname.eri1 according to inputs to the External Network prompts of smsconfig.

3. Updates /etc/netmasks and /etc/hosts.

4. Sets OpenBoot PROM variable local-mac-address?=true (default is false).

For more information on smsconfig, refer to the smsconfig(1M) man page and see Management Network Services.