Administrator's Guide
• If all files must be backed up on schedule, request that all users log off before you
perform the backup. However, fbackup warns you if a file is changing while the
backup is being performed.
• Examine the log file of latest backups to identify problems occurring during backup.
Set restrictive permissions for the backup log file.
• The frecover command allows you to overwrite a file. However, the file retains
the permissions and ACLs set when the file was backed up.
• You must test the recovery process beforehand to make sure you can fully recover
data in the event of an emergency.
• When recovering files from another machine, you might have to execute the chown
command to set the user ID and group ID for the system on which they now reside,
if the user and group do not exist on the new system. If files are recovered to a new
system that does not have the specified group, the files will take on the group
ownership of the person running frecover. If owner and group names have
different meanings on different systems, recovery results might be unexpected.
• Power failure should not cause file loss. However, if someone reports a lost file after
a power failure, look for it in /lost+found before restoring it from a backup tape.
• To verify contents of the tape being recovered, use the -I option of frecover to
preview the index of files on the tape. Note, however, that existing permissions of
a file system are kept intact by the backup; frecover prevents you from reading
the file if the permissions on the file forbid it.
• Never recover in place any critical files such as /etc/passwd or the files in /tcb/
files. Instead, restore the file to a temporary directory (do not use /tmp) and give
this directory permissions drwx------, preventing anyone else from using it.
Compare the restored files with those to be replaced. Make any necessary changes.
• Auditing is not enabled automatically when you have recovered the system. Be sure
to turn auditing on with the audsys command.
198 Trusted Systems