jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-19 07:20:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4f7d192bcb
openafs/doc/man-pages/pod8/buserver.pod
Cheyenne Wills 5069c697c7 Add command line support for multiple audit logs 
Gerrits #13774 (audit: Support multiple audit interfaces and interface
options) and #13775 (audit: Add cmd helper for processing audit options)
added support in the audit facility for multiple audit logs.

Add command line support to use multiple audit logs for daemons that use
libcmd for command line processing: bosserver, buserver, butc,
fileserver, volserver, ptserver, and vlserver.

Update the daemons to add a call to audit_open, and where possible add a
call to audit_close when shutting down the daemon.

Update help message and manpage entries for -auditlog and
-audit-interface

Change-Id: I4356e1aa84f580897a0e788e2a2829685be891aa
Reviewed-on: https://gerrit.openafs.org/13776
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
2020-12-04 19:04:12 -05:00

175 lines
6.2 KiB
Plaintext
Raw Blame History

=head1 NAME
buserver - Initializes the Backup Server
=head1 SYNOPSIS
=for html
<div class="synopsis">
B<buserver> S<<< [B<-database> <I<database directory>>] >>>
S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>>
S<<< [B<-audit-interface> <I<default interface>>] >>>
S<<< [B<-cellservdb> <I<cell configuration directory>>] >>> [B<-resetdb>]
[B<-noauth>] [B<-smallht>]
S<<< [B<-servers> <I<list of ubik database servers>>+] >>>
[B<-rxbind>]
[B<-p> <I<number of threads>>] [B<-ubikbuffers> <I<# of buffers>>]
[B<-help>]
=for html
</div>
=head1 DESCRIPTION
The B<buserver> command initializes the Backup Server, which runs on
database server machines and maintains the Backup Database. In the
conventional configuration, the binary file is located in the
F</usr/afs/bin> directory on a file server machine.
The B<buserver> command is not normally issued at the command shell
prompt, but rather placed into a database server machine's
F</usr/afs/local/BosConfig> file with the B<bos create> command. If it is
ever issued at the command shell prompt, the issuer must be logged onto a
file server machine as the local superuser C<root>.
As it initializes, the Backup Server process creates the two files that
constitute the Backup Database, F<bdb.DB0> and F<bdb.DBSYS1>, in the
F</usr/afs/db> directory if they do not already exist. The Backup Database
houses information about volume sets and entries, the dump hierarchy, Tape
Coordinators, and previously performed dump sets. Use the commands in the
B<backup> suite to administer the database.
The Backup Server records a trace of its activity in the
F</usr/afs/logs/BackupLog> file. Use the B<bos getlog> command to display
the contents of the file.
This command does not use the syntax conventions of the AFS command
suites. Provide the command name and all option names in full.
=head1 CAUTIONS
The B<buserver> process reserves port 7021 for its use. Unexpected
behavior can occur if another process tries to reserve this port while the
B<buserver> process is running.
=head1 OPTIONS
=over 4
=item B<-database> <I<database directory>>
Specifies the pathname of an alternate directory for the Backup Database
files, ending in a final slash (C</>). If this argument is not provided,
the default is the F</usr/afs/db> directory.
=item B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]
Turns on audit logging, and sets the path for the audit log. The audit
log records information about RPC calls, including the name of the RPC
call, the host that submitted the call, the authenticated entity (user)
that issued the call, the parameters for the call, and if the call
succeeded or failed. See L<fileserver(8)> for an explanation of the audit
facility.
=item B<-audit-interface> <I<default interface>>
Sets the default audit interface used by the B<-auditlog> option. The
initial default is the C<file> interface. See L<fileserver(8)> for
an explanation of each interface.
=item B<-cellservdb> <I<cell configuration directory>>
Specifies the pathname of the directory from which the Backup Server reads
in an alternate version of the F<CellServDB> file. This argument is
mandatory for correct functioning when the Backup Server is running on a
subset of the cell's database server machines that is not a majority of
the machines listed in the standard F</usr/afs/etc/CellServDB> file (which
the Backup Server consults if this argument is not provided). It is not
appropriate in any other circumstances.
=item B<-resetdb>
Removes all of the information in the Backup Database files in the
F</usr/afs/db> directory, leaving zero-length versions of them. The
backup operator must recreate the configuration entries in the database
(for volume sets, the dump hierarchy and so on) before performing backup
operations.
=item B<-noauth>
Turns off all authorization checks, and allows all connecting users to act as
administrators, even unauthenticated users. The use of this option is
inherently insecure, and should only be used in controlled environments for
experimental or debug purposes. See L<NoAuth(5)>.
=item B<-smallht>
Directs the Backup Server to use smaller internal hash tables for the
Backup Database, which reduces memory requirements but can make data
access take longer.
=item B<-servers> <I<list of ubik database servers>>+
Specifies the database server machines on which to start the Backup
Server. Use this argument if running the Backup Server on a subset of the
database server machines that is not a majority of the machines listed in
the F</usr/afs/etc/CellServDB> file.
=item B<-rxbind>
Bind the Rx socket to the primary interface only. (If not specified, the
Rx socket will listen on all interfaces.)
=item B<-p> <I<number of threads>>
Sets the number of server lightweight processes (LWPs or pthreads) to run.
Provide a positive integer from the range 3 to 16. The default value is 3.
=item B<-ubikbuffers> <I<# of buffers>>
Sets the number of internal buffers used for maintaining the ubik database.
The default is 400. If the buserver runs out of free buffers, errors can occur
while trying to modify ubik data. It is not recommended to change this setting.
=item B<-help>
Prints the online help for this command. All other valid options are
ignored.
=back
=head1 EXAMPLES
The following example B<bos create> command creates a C<buserver> process
on the file server machine C<fs3.example.com>. It appears here on two lines
only for legibility.
% bos create -server fs3.example.com -instance buserver \
-type simple -cmd /usr/afs/bin/buserver
=head1 PRIVILEGE REQUIRED
The issuer must be logged in as the superuser C<root> on a file server
machine to issue the command at a command shell prompt. It is conventional
instead to create and start the process by issuing the B<bos create>
command.
=head1 SEE ALSO
L<BackupLog(5)>,
L<BosConfig(5)>,
L<CellServDB(5)>,
L<bdb.DB0(5)>,
L<backup(8)>,
L<bos_create(8)>,
L<bos_getlog(8)>
=head1 COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Reference in New Issue View Git Blame Copy Permalink