C H A P T E R 13

SMS Utilities

This section discusses the SMS backup, configuration, restore, and version utilities. For more information and examples of these utilities, refer to the System Management Services (SMS) 1.6 Reference Manual and online man pages.

This chapter includes the following sections:

SMS Backup Utility

SMS Restore Utility

SMS Version Utility

SMS Configuration Utility

SMS Backup Utility

The smsbackup creates a cpio(1) archive of files that maintain the operational environment of SMS.

Note - This utility runs on the SC and does not replace the need for routine and timely backups of SC and domain OSs and domain application data.

Whenever changes are made to the SMS environment (for example, by adding boards to or removing boards from a domain), you must run smsbackup again to maintain a current backup file for the system controller.

The name of the backup file is smsbackup.X.X.cpio, where X.X represents the active version from which the backup was taken.

The smsbackup utility saves all configuration, platform configuration database, SMS, and log files. In other words, SMS saves everything needed to return SMS to the working state it was in at the time the backup was made.

Backups are not performed automatically. Whenever changes are made to the SMS environment, a backup should be performed. This process can be automated by making it part of a root cron job run at periodic intervals depending on your site requirements.

The backup log file resides in /var/sadm/system/logs/smsbackup. You must specify the target location when running smsbackup.

Note - The target location must be a valid UNIX file system (UFS) directory. You cannot perform smsbackup to a tmp file system directory.

Whenever you run smsbackup, you receive confirmation that it succeeded or are notified that it failed.

You must have superuser privileges to run smsbackup. For more information and examples, refer to the smsbackup man page.

Restore SMS backup files using the smsrestore(1M) command.

SMS Restore Utility

The smsrestore utility restores the operational environment of the SMS from a backup file created by smsbackup(1M). You can use smsrestore to restore the SMS environment after the SMS software has been installed on a new disk or after hardware replacement or addition. Failover should be disabled and SMS stopped before smsrestore is performed. Refer to the "Stopping and Starting SMS" section of the System Management Services (SMS) 1.6 Installation Guide.

If any errors occur, smsrestore writes error messages to /var/sadm/system/logs/smsrestore.

Note - This utility runs on the SC and does not restore SC OS, domain OS, or domain application data.

The smsrestore utility cannot restore what you have not backed up. Whenever changes are made to the SMS environment (for example, by shutting down a domain), you must run smsbackup to maintain a current backup file for the system controller.

You must have superuser privileges to run smsrestore. For more information and examples, refer to the smsrestore man page.

SMS Version Utility

The smsversion(1M) utility administers adjacent, co-resident installations of SMS under the same OS. Adjacent versions of SMS are versions with sequential version numbers, such as SMS 1.4.1 and SMS 1.6. In other words, you cannot use smsversion to switch directly between SMS 1.2 and SMS 1.6 or 1.5 to 1.6.

Note - Switching versions from SMS 1.6 to an earlier installed version has SC security implications. Refer to "Switching SMS Versions" in the System Management Services (SMS) 1.6 Installation Guide.

The smsversion utility permits two-way SMS version-switching between sequential co-resident installations on the same OS. TABLE 13-1 notes the conditions for use.

TABLE 13-1 Table describing the effects of switching between versions of SMS, with respect to new features and flash PROM differences. Switching Between SMS Versions

Condition	Explanation
New features	Features supported in the newer version of SMS (for example, SC Secure by Default functionality), might not be supported in the older version. Switching to an older version of SMS can result in the loss of those features. Also, the settings for the new features might be erased.
Flash PROM differences	Switching versions of SMS requires reflashing the CPU flash PROMs with the correct files. These files can be found in the `/opt/SUNWSMS/`SMS_version`/firmware` directory. Use `flashupdate`(1M) to reflash the PROMs after you have switched versions. Refer to the `flashupdate` man page and System Management Services (SMS) 1.6 Installation Guide for more information on updating flash PROMs.

When you switch between sequential releases of SMS (for example, 1.6 to 1.4.1), SMS must be stopped before running smsversion. Refer to "Stopping and Starting SMS" in the System Management Services (SMS) 1.6 Installation Guide. The smsversion utility backs up important system and domain information and switches to the target SMS version. You can switch back to the next sequential SMS version (for example, 1.6 to 1.5) at a later time.

Note - Switching between sequential SMS versions across Solaris OSs (for example, Solaris 8 and 9 OSs) is not supported. Once you upgrade from a Solaris 8 version of SMS to a Solaris 9 version, you cannot go back without also reinstalling the earlier version of the OS. Using the smsversion command to switch from Solaris 10 with SMS 1.6 back to SMS 1.5 is not supported unless the previous OS is reinstalled. Refer to the System Management Services (SMS) 1.6 Installation Guide for more information.

Without options, smsversion displays the active version and exits when only one version of SMS is installed.

If any errors occur, smsversion writes error messages to /var/sadm/system/logs/smsversion.

You must have superuser privileges to run smsversion. For more information and examples, refer to the smsversion man page.

Version Switching

Note - Switching from SMS 1.6 to an earlier installed version of SMS has SC security implications. Refer to the System Management Services (SMS) 1.6 Installation Guide for more information.

To Switch Between Two Adjacent, Co-resident Installations of SMS

On the main SC:

1. Make certain your configuration is stable and backed up using smsbackup.

Being stable means the following commands should not be running: smsconfig, poweron, poweroff, setkeyswitch, cfgadm, rcfgadm, addtag, deletetag, addboard, moveboard, deleteboard, setbus, setdefaults, setobpparams, setupplatform, enablecomponent, or disablecomponent.

2. Deactivate failover using setfailover off.

On the spare SC:

3. Run /etc/init.d/sms stop.

4. Run smsversion.

5. Run smsrestore.

6. If necessary, run smsconfig -m and reboot.

Run only smsconfig -m if you changed your network configuration using smsconfig -m after creating the smsbackup you just restored.

On the main SC:

7. Stop SMS using /etc/init.d/sms stop.

On the spare SC:

8. If smsconfig -m was run, reboot; otherwise, run /etc/init.d/sms start.

When the SC comes up, it becomes the main SC.

9. If necessary, update the CPU flash PROMs using flashupdate.

On the former main SC:

Repeat Steps 4-6 and 8.

On the new main SC:

Activate failover using setfailover on.

For more information refer to the System Management Services (SMS) 1.6 Installation Guide.

SMS Configuration Utility

The smsconfig utility configures the MAN networks, modifies the hostname and IP address settings used by the MAN daemon mand(1M), and administers domain directory access control lists (ACLs). It also displays the current configuration.

UNIX Groups

The smsconfig utility configures the UNIX groups used by SMS to describe user privileges. SMS uses a default set of UNIX groups installed locally on each SC. The smsconfig utility allows you to customize those groups using the -g option. You can also add users to groups using the -a option and remove users from groups using the -r option.

For information and examples on adding, removing, and listing authorized users, refer to the System Management Services (SMS) 1.6 Installation Guide and the smsconfig(1M) man page.

Access Control List (ACL)

Traditional UNIX file protection provides read, write, and execute permissions for the three user classes: file owner, file group, and other. To provide protection and isolation of domain information, access to each domain's data is denied to all unauthorized users. SMS daemons, however, are considered authorized users and have full access to the domain file systems. For example:

sms-esmd needs to read the blacklist files in each domain directory:
$SMSETC/config/[A-R]

sms-osd needs to read from and write to the bootparamdata file in each domain: $SMSVAR/data/[A-R]

sms-dsmd needs to write to hpost logs for every domain:
$SMSVAR/adm/[A-R]/post

The smsconfig utility sets the ACL entries associated with the domain directories so that the domain administrator has full access to the domain. A plus sign (+) to the right of the mode field indicates the directories that have ACL defined.

domain-id:sms-user:> ls -al

total 6

drwxrwxrwx   2 root     bin          512 May 10 12:29 .

drwxrwxr-x  23 root     bin         1024 May 10 12:29 ..

-rw-rw-r--+  1 root     bin          312 May  4 16:15 blacklist

To add a user account to the ACL, the user must already belong to a valid SMS group as described in the System Management Services (SMS) 1.6 Installation Guide.

Note - UFS attributes, such as the ACL, are supported in UFS file systems only. If you restore or copy directories with ACL entries into the /tmp directory, all ACL entries are lost. Instead, use the /var/tmp directory for temporary storage of UFS files and directories.

Network Configuration

For each network, smsconfig can set one or more interface designations within that network. By default, smsconfig steps through the configuration of all three internal, enterprise networks (MAN, I1, and I2).

To configure an individual network, append the net-id to the command line. MAN net-ids are designated I1, I2, and C.

Configure a single domain within an enterprise network by specifying both the desired domain and its net-id. A domain can be excluded from the I1 MAN by using the word NONE as the MAN hostname.

Note - Once you have configured or changed the configuration of the MAN network, you must reboot the SC for the changes to take effect.

You must have superuser privileges to run smsconfig. For more information and examples, refer to the System Management Services (SMS) 1.6 Installation Guide and smsconfig man page, and see Management Network Services.

MAN Configuration

Typing smsconfig -m does the following:

1. Creates /etc/hostname.scman[01].

2. Creates /etc/hostname.hme0 and /etc/hostname.eri1 according to inputs to the external network prompts of smsconfig.

3. Updates /etc/netmasks and /etc/hosts.

4. Sets OpenBoot PROM variable local-mac-address?=true (default is false).

For more information on smsconfig, refer to the smsconfig(1M) man page and see Management Network Services.