| Sun StorageTek NAS OS Administration Guide |    
|
| Sun StorageTek NAS OS Administration Guide |
|
| C H A P T E R 9 |
This chapter describes system options you can purchase for the NAS appliance or gateway system:
This chapter includes the following discussions:
|
Activating System Options |
Activating the File Replicator or Compliance Archiving system option requires purchase of one or more licenses. As necessary, contact Sun Services to obtain the required licenses.
To activate an option, specify the license information. In a cluster configuration, you must do this on both servers.
1. From the navigation panel, choose System Operations > Activate Options and click Add to add the license.
2. In the Add License window, type the module name provided by Sun (for example, Sun StorageTek File Replicator).
3. Type the origination date provided by Sun, in the format YYYYMMDD.
This is the date on which the license becomes active, starting at 0000:00 hours. The date 00000000 means the license is active immediately.
4. Type the expiration date provided by Sun, in the format YYYYMMDD.
This is the date on which the license expires at 2359:59 hours. The date 00000000 means the license does not expire.
Note: When a compliance license expires or is removed, the system will maintain compliance rules, but no new compliance file volumes can be created. Refer to About Compliance Archiving Software for more information about the Compliance Archiving software.
5. Type the license key provided by Sun.
6. Click Apply to activate the option.
7. If activating the File Replicator software, enter separate licensing information to the mirrored server, as described under Activating File Replicator Software on the Remote Server.
8. If you have never set the time and date, type the correct time, date, and time zone information.
This will set the system time and the secure clock. The license manager software and the Compliance Archiving software use the secure clock for sensitive time-based operations.
Note: The secure clock can only be set once. Make sure you set it accurately.
9. Confirm that the new time and date are accurate.
If the new time and date are correct, click Yes. If not, click No and set the time and date correctly.
|
About the Sun StorageTek File Replicator Option |
This section provides information about the File Replicator option. The following subsections are included:
The File Replicator option provides for remote asynchronous replication of file systems, sometimes referred to as mirroring:
When mirroring is configured, you can duplicate any or all of the file volumes from one appliance or gateway system onto another. You control which volumes are mirrored. The source server is called the "active server" and the target server is called the "mirror server."
If the active server fails, you can break the mirror on the mirror server, and then make the mirrored file volume available for users, switching from the active server to the mirror server. This operation is called promoting a mirror volume.
Mirroring is accomplished through a large mirror buffer to queue file-system transactions for transfer to the mirror system. In practice, the mirror server lags the active server by a short time period, but because the processing is transaction-oriented, the integrity of the mirror file system is guaranteed, even during network interruptions or system outages.
File volumes on the mirror server have a partition type of NBD (Network Block Device), which identifies the software module that provides the network transport for file replication. If a mirror file volume is promoted, its partition type is SFS2 (Server File System version 2, a proprietary NAS file system), or SFS2EXT for a segment, like all other file volumes.
When checkpoints are created on the active server, the checkpoints get copied to the mirror server. This can be useful for scheduled backups, or to provide a read-only checkpoint to specific users or applications.
Before you begin mirroring, review the following system requirements:
The following requirements and limitations apply with the Sun StorageTek File Replicator software, when you are mirroring in a cluster configuration.
Caution:When the cluster is in failover mode (that is, one server is in the ALONE state and the other server is in the QUIET state) or any degraded state, do not perform any mirror management operations. Bring the cluster to the NORMAL state before doing any of the mirror management operations.
When setting up your systems, designate the roles of the ports connecting the mirroring servers to one another. Then configure mirroring on the active and mirror servers using the Web Administrator interface (see About Mirroring the Mirror Buffer). Configure each system independently.
To configure the dedicated network ports:
1. From the navigation panel of the active server, choose Network Configuration > Configure TCP/IP > Configure Network Adapters.
2. If you have not done so already, assign the Internet Protocol (IP) addresses and a port role of Primary for the ports that are connected to a local network or subnet.
The active and mirror systems' ports can be on different local subnets. For more information about configuring Transmission Control Protocol/Internet Protocol (TCP/IP), see About Configuring Network Ports.
3. Assign the IP address for the port used for the mirroring connection between the active and mirror systems.
Note: Do not use the subnet containing the primary interface for mirroring.
If you have created an isolated network to carry the mirroring traffic, use addresses in the range reserved for private use, such as 192.1xx.x.x. For example, assign the active system's mirror link interface to 192.1xx.1.1, and assign the mirror system's mirror link interface to 192.1xx.1.2.
4. In the Role field of the port used for the connection between the active and mirror servers, select Mirror.
5. If the mirror interfaces of the active and mirror servers are not connected on the same subnet, you must set up a static route between them, using the command-line interface.
This enables the servers to communicate with each other over networks that are not directly connected to their local interfaces. For more information about completing this process, see Managing Routes.
6. Click Apply to save changes.
This section provides information about configuring mirrored file volumes. The following subsections are included:
Mirroring is performed on a per-volume basis. You can mirror some or all of your file volumes.
Note: File volumes must be greater than 1 gigabyte, a minium of 1046 megabytes, to be mirrored. A file volume of exactly 1 gigabyte (1024MB) does not have enough available capacity to enable mirroring.
The mirror buffer stores file-system write transactions while they are being transferred to the mirror server. The file volume free space on the active server is reduced by the allocation size of the mirror buffer.
The size of the mirror buffer depends on a variety of factors, but must be at least 100 megabytes, and the mirror buffer can never be more than half of the remaining free space on any given file volume.
In a normal scenario, create a mirror buffer that is approximately 10 percent of the size of the file volume you are mirroring. The size you specify depends on how much information is being written to the file volume rather than the size of the file volume. As a rule of thumb, the size of mirror buffer is directly proportional to the frequency of writes to the file volume and inversely proportional to the speed of the network connection between the two servers.
If there is high write activity to the file volume and a slow network connection between the two mirror servers, create a mirror buffer that is approximately 25 to 30 percent of the size of the file volume you are mirroring.
The size of the mirror buffer cannot be dynamically increased. To increase the size of the mirror buffer, you have to break the existing mirror and create the mirror again with the new mirror buffer size.
After you have activated the Sun StorageTek File Replicator option (see Activating System Options), you must also activate the option on the remote server that contains file volumes you want to mirror.
To activate Sun StorageTek File Replicator option on the remote server:
1. Log in to Web Administrator on the server containing the file volumes you want to mirror.
2. In the Add License window, type the module name provided by Sun (Sun StorageTek File Replicator).
3. Type the origination date provided by Sun, using the format yyyymmdd.
This is the date on which the license becomes active, starting at 0000:00 hours. The date 00000000 means the license is active immediately.
4. Type the expiration date provided by Sun, using the format yyyymmdd.
This is the date through which the license is valid. The date 00000000 means that the license never expires.
5. Type the license key provided by Sun.
6. Click Apply to activate the Sun StorageTek File Replicator.
To add a file-volume mirror to the configuration:
1. From the navigation panel, choose File Replicator > Manage Mirrors.
3. From the Volume drop-down menu, select the file volume to be mirrored.
The file volume to be mirrored must be larger than 1 gigabyte.
4. Type the name of the mirror server in the Mirror Host field.
5. Type the Internet Protocol (IP) address of the mirror server.
This must be the IP address defined for the mirroring network interface card (NIC) on the mirror server.
6. (Optional) Type the alternate IP address for the mirror server.
In the event that the first IP address becomes unavailable, the mirror will be accessed through the alternate IP address.
7. If an administrative password is required to access the mirror server, type the Password field.
It is a good idea to protect your servers with passwords.
8. Type the size (in megabytes) allocated for file volume's mirror buffer.
This reduces the file volume's free space on the active server by the size specified.
9. Click Apply to create the mirror for the file volume.
During this process, there can be no I/O activity to the mirror volume. The volume is taken offline to avoid transient file system errors and inconsistencies while the mirror is being created.
When the mirror reaches an In Sync status in the Manage Mirrors panel, the mirrored file volume is mounted as read-only. I/O activity can resume when the mirror reaches In Sync status.
You can add to some of the properties of a mirror file volume that is not in the In Sync state. You cannot change the values that were specified when the mirror file volume was created. You canonly specify information that was not specified when the mirror file volume was created. For example, you can add a password if no password was set, but you cannot modify a password.
1. From the navigation panel, choose File Replicator > Manage Mirrors.
2. Select the mirror that you want to edit from the table. It must not be in the In Sync state.
4. Add the alternate IP address, if this field is empty.
5. Add the administrator password required for accessing the mirror host server, if this field is empty.
6. Click Apply to save your changes.
If the connection between the two servers is down for some time, or the mirror buffer is too small to handle the number of writes to the master file volume, the mirror might show signs of cracking. You can recognize this when the mirror begins replicating again, and the Sync Status on the File Replicator > Manage Mirrors panel is no longer In Sync.
The mirror file volume will go off-line until the replication is finished. View the Sync Status field in the Manage Mirrors panel to view the replication percentage completed (Initializing Mirror Buffer percent-complete).
If the replication completes successfully, the mirror did not crack. Take these precautionary steps to minimize the possibility that the mirror will crack in the future:
1. Establish a faster network connection between the two servers.
2. Periodically, quiesce or reduce the I/O activity to the active file system, and allow the mirror to reach the In Sync state.
If the replication cannot complete (typically because the original server died, or a logical unit number (LUN) was lost), the mirror is cracked. Contact Sun Services to step through the process of rebuilding the mirror.
This section provides information about setting warning thresholds. The following subsections are included:
In the File Replicator > Set Threshold Alert panel, you can set the threshold alert for all mirrored file volumes. The threshold alert is the percentage of mirror buffer use at which a warning is sent to designated recipients.
The mirror buffer stores file-system write transactions while they are being transferred to the mirror server. Increases in write activity to the active server or a damaged network link can cause the transference of write transactions to the mirror server to "back up" in the mirror buffer. If the mirror buffer overruns because of this process, the mirror is cracked and no further transactions occur between the active server and the mirror server until the mirror is re-established. When full communication is restored, the system begins the mirror resync process until the mirrored file volume is back in sync.
There can be no I/O activity to the mirror volume during the resync. The volume is taken offline to avoid transient file system errors and inconsistencies.
To avoid overrunning the buffer, the system sends warnings through email notification, the system log file, Simple Network Management Protocol (SNMP) traps, and the LCD panel when the mirror buffer is filled to certain threshold percentages.
To set up the threshold alert:
1. From the navigation panel, choose File Replicator > Set Threshold Alert.
2. Select the Mirroring Buffer Threshold 1.
This is the percentage of mirror buffer usage that triggers the first alert. The default value is 70 percent. This means that when the mirror buffer is 70 percent full, an alert is issued.
3. Select the Mirroring Buffer Threshold 2.
This is the percentage of mirror buffer usage that triggers the second alert. The default value is 80 percent.
4. Select the Mirroring Buffer Threshold 3.
This is the percentage of mirror buffer usage that triggers the third alert. The default value is 90 percent.
5. Select the Alert Reset Interval (Hours).
This is the amount of time the system waits before re-issuing an alert if the condition re-occurs within the interval.
For example, if you set the Mirroring Buffer Threshold 1 to be 10 percent and the Alert Reset Interval to two hours, the first alert is issued when the mirror buffer is 10 percent full. The system will not issue the Threshold 1 alert again for the next two hours. If at that time the mirror buffer usage is still beyond the 10 percent threshold (but not beyond Thresholds 2 or 3), the Threshold 1 alert is issued again.
The default value for this field is 24 hours.
6. Click Apply to save your changes.
To promote a file volume on the mirror server, you must first break the mirror connection. This section describes how to break the connection and promote a file volume. It contains these discussions:
To promote a file volume on the mirror server (for example, if the file volume on the active server is unavailable), you must first break the mirror connection. Break the mirror connection on the active server rather than on the mirror server as described in the following procedure. However, if the active server is down and you cannot access it to break the connection, you can break the mirror connection from the mirror server instead.
To break a mirror connection between mirror servers:
1. From the navigation panel of the active server, choose File Replicator > Manage Mirrors.
2. Select the mirror from the table and click Break.
You are prompted to confirm that you want to break the mirror connection. After the mirror connection is broken, it disappears from the mirroring table in this panel. To promote the file volume, you must access the Manage Mirrors panel on the mirror server. For more information, see Promoting a Mirrored File Volume.
If the active server fails, the mirror server provides high availability for mirrored file volumes. To make a mirrored file volume available to network users, you must promote the file volume. You must first break the mirror connection, then promote the mirrored file volume and configure its access rights. After a mirror connection is broken and the mirrored file volume promoted, the original and mirrored file volumes are completely independent.
Note: There is no difference between promoting a compliance-enabled file volume and a non-compliance-enabled volume. The processing is identical.
Note: If the file volume being promoted contains iSCSI logical unit numbers (LUNs), you must promote each iSCSI LUN after promoting the file volume itself.
To promote a file volume on the mirror server, you must first break the mirror connection. See Breaking the Connection and Promoting a Mirrored File Volume for instructions. Then:
1. From the navigation panel of the mirror server, choose File Replicator > Manage Mirrors.
3. In the Promote Volume window, select the file volume to promote.
4. (Optional) To change the name of the promoted file volume, specify the new name for the volume at the bottom of the window.
This feature is particularly useful for compliance-enabled file volumes, which can be renamed only at the time of promotion. Volumes that are not mirrored (in other words, that are not compliance-enabled) can be renamed at any time.
Unless you rename a compliance-enabled file volume when you promote it, you cannot mirror that volume back onto the original active server, because the original file (by the same name) will already be on that server.
It might take several minutes to complete this process. A status message is displayed when the process is complete. For the mirrored file volume to be promoted, the volume must have reached an In Sync state at some point. If the mirrored file volume was out of sync when it is successfully promoted, the volume will be mounted as a read-only volume. Before write-enabling the volume, run the fsck command to make any necessary repairs.
After you break the mirror connection, the system performs a file-system check. If the system finds errors during this check, the file volume promotion process could take longer to complete. Data integrity is not guaranteed if the mirror is out of sync during the promotion process.
After you promote the file volume, you might need to reconfigure access rights. Microsoft Server Message Block (SMB) share information is carried over, but you must configure any Network File System (NFS) file volume access and NFS exports for this file volume again. For more information on setting up NFS exports, see About Setting Up NFS Exports.
6. If the promoted file volume contains iSCSI LUNs, promote each iSCSI LUN after completing the file-volume promotion (above).
After promoting a file volume that contains iSCSI logical unit numbers (LUNs), you must promote each iSCSI LUN on that file volume. To do this:
1. Define the access list for each iSCSI LUN you want to promote, referring to Creating an iSCSI Access List for instructions.
2. From the navigation panel, choose iSCSI Configuration > Configure iSCSI LUN.
4. In the Promote iSCSI LUN panel, specify the iSCSI target IQN identifier for the LUN to be promoted (Name field), the name of the file volume where the promoted LUN resides (that is, the name of the file volume as it was promoted), and the access list used for the LUN. Refer to Promote iSCSI LUN Window for further details.
The Alias field is filled in according to the original iSCSI LUN definition, but you can edit it.
5. Each iSCSI LUN must only be advertised once on the network. After promoting the iSCSI LUN, therefore, make sure its iSCSI Qualified Name (IQN) is only visible from the promoted-to volume.
6. Click Apply to promote the iSCSI LUN.
This section provides information about reestablishing mirror connections. The following subsections are included:
This procedure describes how to reestablish a mirror connection after the active server fails and you promote the file volume on the mirror server. The promoted file volume is now the most up-to-date version and functions completely independently of the out-of-date file volume on the active system. To recreate the mirror connection, you must mirror the up-to-date file volume back to the active server, and then mirror the file volume back to the mirror server as you did originally.
Note: If the mirrored file volume was not promoted, do not follow these instructions. The active system brings the mirror back to an In Sync state when it comes back online.
In the examples that follow, Server 1 is the original active server that failed and contains the out-of-date volume, and Server 2 is the original mirror server that now contains the up-to-date volume.
Reestablishing a mirror connection entails the following steps:
1. Make sure the mirror on Server 1 is broken, referring to Breaking the Mirror Connection on the Active Server.
2. Delete the out-of-date file volume on Server 1, as detailed under Deleting the Out-of-Date File Volume From Server 1.
3. Mirror the up-to-date file volume from Server 2 back to Server 1, described under Mirroring the Up-to-Date File Volume From Server 2 to Server 1.
4. Change the role on Server 2 (see Changing Volume Roles).
This makes Server 1 active, and Server 2 the mirroring target.
To break the mirror connection on the active server:
1. Open a web browser window to Server 1.
2. From the navigation panel, choose File Replicator > Manage Mirrors.
3. Select the mirror connection you want to break.
After a file volume on the mirror server is promoted, it becomes the current version of the file volume. The file volume on the active server is out of date and must be deleted, as follows:
1. From the navigation panel of Server 1, choose File Volume Operations > Delete File Volumes.
2. Select the file volume that was being mirrored (and is now out of date).
Caution:Before completing the following step, make sure you selected the out-of-date file volume on the active server. Also make sure that the up-to-date file volume on the mirror server has been verified and promoted.
3. Click Apply to delete the out-of-date file volume.
To mirror the up-to-date file volume from Server 2 to Server 1:
1. Open a web browser window to Server 2.
2. From the navigation panel, choose File Replicator > Manage Mirrors.
4. From the Volume drop-down menu., select the file volume to be mirrored
5. Type the mirroring name of Server 1 in the Mirror Host field.
6. Type the Internet Protocol (IP) address of the Server 1 port used for the mirroring connection.
7. Type the alternate IP address.
8. If you need an administrative password to access Server 1, type it in the Password field.
If there is no administrative password, leave this field blank.
9. Type the size of the mirror buffer.
For more information about the mirror buffer, see About Mirroring, and About Mirroring the Mirror Buffer
10. Click Apply to create the mirror.
The mirror creation process begins. When the mirror reaches an In Sync state, an identical copy of the file volume exists on both Server 1 and Server 2.
There can be no I/O activity to the mirror volume during synchronization. The volume is taken offline to avoid transient file system errors and inconsistencies while the mirror is being created.
11. In the Manage Mirrors panel on Server 1, select the promoted file volume then click Change Roles.
See Changing Volume Roles for more information.
You have reestablished the original mirroring connection.
An administrator can switch roles between an active file volume and the mirror volume. Changing volume roles enables the active volume to function as the mirror volume and vice versa; however, the original configuration on each volume remains unchanged. Changing roles is not a disaster recovery function.
Note: Make sure the file volumes are in sync before changing roles.
You can request the change in roles from the active or mirror server. To do this:
1. From the navigation panel, click File Replicator > Manage Mirrors.
2. Select a file volume in the Volume column.
|
About the Compliance Archiving Option |
This section provides information about the Sun StorageTek Compliance Archiving Software option. The following subsections are included:
The Compliance Archiving software helps a company address business practices and regulatory compliance rulings regarding the retention and protection of information. Such rulings and frameworks for records retention and protection include the Security and Exchange (SEC) Regulation 17 CFR § 240.17a-4 (17a-4), Sarbanes Oxley Act, BASEL II, and numerous data protection and privacy directives.
The Compliance Archiving software was designed in consultation with information-management compliance and enterprise content management industry experts to help address the most stringent requirements for electronic storage media retention and protection. Compliance Archiving software uses WORM (write once, read many) files in accordance with compliance rules.
Note: Gateway configurations support compliance with advisory enforcement but not mandatory enforcement.
Note: Compliance archiving (WORM storage) is not supported on iSCSI LUNs.
To ensure the strongest possible enforcement of your data retention policies, it is essential that you provide for the physical security of your NAS device. Software-controlled data retention is no stronger than the physical safeguards used to control access to the system's hardware.
For a technical overview of the features and programming interface for the Compliance Archiving software, see Appendix C.
To change compliance archiving settings, see Configuring the Compliance Archiving Software.
The Compliance Archiving software enforces compliance archiving guidelines for data retention and protection, on NAS appliances and gateway systems. Compliance archiving can be enforced in both a less stringent form (referred to as "advisory enforcement") and in a stringent form (referred to as "mandatory enforcement").
You enable the enforcement of compliance archiving guidelines separately for each file volume, and you must do so when the file volumes is initially created. Follow the instructions under Creating a File Volume or Segment Using the Create File Volumes Panel to create a compliance-enabled volume.
Caution: Do not enable compliance archiving on file volumes that will be used by applications and users that are not aware of the different data retention rules enforced by the Compliance Archiving software.
When enabling the Compliance Archiving software, be sure that the NAS server's system clock and the client system's server clock are synchronized. You can synchronize the NAS server to an external time source using NTP, as described in About Time Synchronization. A time difference between a client and the NAS server could cause the server to apply the default retention period when a client requests a retention time shorter than the clock skew.
For Sun StorageTek 5310 and Sun StorageTek 5320 NAS appliances and gateway systems, proper operation of the Compliance Archiving software requires the correct physical configuration of the NAS appliance hardware. In particular, the redundant array of independent disks (RAID) controller must not be connected to any device or network, other than a private Fibre Channel connection to the NAS server, and (for non-gateway configurations), connections to any expansion units. There are no such requirements for Sun StorageTek 5210 NAS appliances.
Compliance with mandatory enforcement adheres to data protection, retention, and privacy directives, including the following:
Note: Gateway configurations do not support compliance with mandatory enforcement.
Caution: After you enable compliance archiving with mandatory enforcement on a file volume, that volume cannot be deleted, renamed, or have compliance archiving disabled or downgraded to advisory enforcement.
In contrast to compliance with mandatory enforcement, compliance with advisory enforcement includes the following:
Note: Before deleting a file volume, copy the audit logs for that volume to a different file system; otherwise, those logs will be lost.
Note: Decreasing the retention time and removing retained files before the retention period has expired must be performed by the root user from a trusted host.See Managing Trusted Hosts.
When a compliance-enabled file volume with advisory enforcement is upgraded to mandatory enforcement, the default retention period for that volume becomes permanent. This can be changed on the Edit Properties panel.
Note: Changing a compliance-enabled file volume with advisory enforcement to mandatory enforcement is not supported for gateway configurations.
Compliance auditing provides a text-based log for attempted efforts to modify or delete data (with or without proper authority) and is enabled through the use of the Data Retention Audit Service (DRAS) API, which includes the following features:
The set of auditable events are as follows:
Note: A request to write to a retained file might not be written to the audit log. This can occur if you use an application that attempts to determine the access permissions before writing to a file. The application does not issue a write request if write permission is not available for a retained file.
The audit logs for each compliance-enabled file volume reside in a hidden directory called .audit$ in that volume's root directory. The audit log must be accessed by a root user from a trusted host, or by a Windows domain administrator if you are running CIFS in domain mode. See Managing Trusted Hosts for more information.
Audit log records are text-based and can be accessed through network protocols, including Network File System (NFS) and Common Internet File System (CIFS). The .audit$ directory must be included in the share path for the contents to be viewed by clients running Windows 2000 or XP. Refer to About Shares for details about creating shares.
The following table describes the fields in the audit log.
Compliance file volumes reserve an amount of free space to guarantee that auditable operations on the volume can be logged. When the free space remaining on a compliance file volume falls below this limit, auditable operations will not be executed. A message will be logged indicating that there is not enough space to execute both the operation and the audit, and a warning email will be sent, if email has been configured on the system.
|
About the Assured Delete Option |
This section provides information about the Assured Delete option. The following subsections are included:
The Assured Delete feature, also referred to as data shredding, secure delete, or true delete, provides a secure way of deleting data. When it is enabled, files that are removed cannot be recovered by searching through the storage on the disks.
In volumes without the Assured Delete feature, deleting a file does not actually remove any data. Instead, deleting a file only unlinks the file from its parent directory. The file system then reuses the pages when needed. The data on those pages remains on the disk until overwritten when the pages are reused. Until this occurs, sensitive data can be recovered with efforts such as examination of the disks.
When a system is configured to use Assured Delete, deleting a file causes the file system to first overwrite the file's data pages several times with data patterns before unlinking them from the parent directory. The data pages are released for reuse but no longer contain the original data.
The Assured Delete feature can be configured for any volume except for system volumes. When it is enabled, a hidden directory is created called the shredder. When a user deletes a file from that volume, the file is placed in the shredder and the data blocks for the file are overwritten a specified number of times. When the overwrite operations are complete, the file is moved to the attic directory where it is then unlinked and the data pages can be reclaimed for use by the file system.
The number of times the data blocks are overwritten can be specified, from the default of three times to the maximum of seven times. The data patterns used in the overwrite operation are the following: first pass is 0x00, the last is 0x55, and all passes between the first and last are random patterns.
To enable Assured Delete for a volume, use the following command:
> fsctl shredding enable <volume>
where <volume> is the name of a volume.
To change the number of overwrite operations from the default of three overwrite operations, use the following command:
> fsctl shredding enable n <volume>
where n is the number of operations, from 3 to 7.
To view the status of shredding operation, use the following command:
> fsctl shredding status <volume>
The status subcommand displays whether Assured Delete is enabled for the volume, and if so, the number of overwrite operations performed on shredded files. Also, the status subcommand displays the current number of files in the shredder directory for the specified volume.
To disable the Assured Delete feature for a volume, make sure the shredder directory is empty and then use the following command:
> fsctl shredding disable <volume>
The use of the Assured Delete feature has the following restrictions and effects on other functions:
| Sun StorageTek NAS OS Administration Guide | 819-4284-11 |
|
Copyright © 2007, Sun Microsystems, Inc. All Rights Reserved.