Contains the administrative list for the Backup Server
Description
The admin.bak file is an administrative list of all users and groups that can issue commands in the bak command suite. Most commands in the
bak command suite are used to communicate with the Backup Server. The commands are used to modify information in the Backup Database and to dump and restore data, as necessary.
A master copy of the Backup Database resides on one server machine; other server machines (optimally two) house replicated copies of the database. Any machine that houses a copy of the Backup Database is referred to as a Backup Database machine. The Backup Server, or bakserver process, must run on all Backup Database machines.
An admin.bak file must reside on each Backup Database machine. For the most part, the admin.bak file contains the UUIDs of users and groups. However, it must also contain the abbreviated DFS server principals of all Backup Database machines in the local cell to allow the synchronization site for the Backup Database to distribute changes to the secondary sites. The server principals can be present as members of a group included in the list.
Each time the Backup Server is started on any machine, it automatically creates the dcelocal/var/dfs/admin.bak file if the file does not already exist. You can also create the file by including the -createlist option with the bos addadmin command. Once the admin.bak file exists, principals and groups can be added to it with the bos addadmin command, and they can be removed from it with the bos rmadmin command. The bos lsadmin command can be used to list the principals and groups currently in the file. Because administrative lists are stored as binary files, you must use these commands to modify them; you cannot edit them directly.
The admin.bak file should be stored in the directory named dcelocal/var/dfs on each Backup Database machine. If it is stored in a different directory, the full pathname of the file must be specified when the Backup Server is started. Do not create multiple copies of the admin.bak file and store them in different directories on the same machine; unauthorized users may be able to use the extraneous copies to access the Backup Server.
A single version of the admin.bak file should be created and maintained on a System Control machine. The upclient processes running on the cell's Backup Database machines can then update their local copies of the file via the upserver process running on the System Control machine.
Independent versions of the admin.bak file should not be maintained on each Backup Database machine in a cell. Because the Backup Database is a Ubik database, any of the secondary sites may be obliged to assume the role of synchronization site for the Backup Database at any time. A system administrator who is listed in the admin.bak file on the machine housing the former synchronization site may not be listed in the admin.bak file on the machine housing the new synchronization site; the administrator, who could issue commands that affect the Backup Database on the former machine, may not be able to issue commands that affect the database on the new machine.
Related Information
Commands: bakserver(8dfs)