WHAT IS THE BEST WAY TO BACKUP ALL THE ACL'S IN

ITEM: RTA000037588



QUESTION:                                                                       
What is the best way to backup all the ACL's in my filesystem?                  
                                                                                
---------- ---------- ---------- --------- ---------- ----------                
A:       The "backup" and "restore" commands will retain ACLs (access           
   control lists), although "tar" and "cpio" do not retain ACLs.  There         
   is a package in AIXSERV on TOOLCAT called MKSYSB.  Inside the MKSYSB         
   package there is a section called "Backup and Restore of Access              
   Control Lists" for a mksysb backup.  (mksysb used the "tar" command          
   which does not save ACLs)  I tested the provided script in the package       
   and found a few minor syntax bugs.  Below, I have taken a section of         
   the script and fixed the bugs as well.  This short script will allow         
   you to backup and restore ACLs for desired directories or filesystems.       
                                                                                
      ¢#/bin/ksh                                                               
      #                                                                         
      #   Shell script should be called something like "keep-acls"              
      #                                                                         
                                                                                
      DIRS="/dir1 /dir2 ..."   #Directories, all subdirs will be included       
                                                                                
      umask 077                                                                 
      find $DIRS -xdev -perm -200000000 -print | \                              
      ( while read FILE                                                         
        do                                                                      
           ls -ld $FILE | awk '{ printf ("chown  s. s  s\n",$3,$4,$9) }'        
           echo aclput $FILE '<< END'                                           
           aclget $FILE                                                         
           echo 'END'                                                           
           echo                                                                
        done )  /.acl.save                                                     
      chown root.system /.acl.save                                              
      chmod 500 /.acl.save                                                      
                                                                                
      LEGEND:  { is the left curly bracket                                      
               } is the right curly bracket                                     
               \ is the backslash                                               
                                                                                
   Make "keep-acls" executable, and run it before backing up the desired        
   filesystems or directories.  Be sure to modify the DIRS variable to          
   contain the filesystems or directories that will be backed up (the           
   subdirectories will be included).  You can specify a relative                
   pathname with ./directory instead of /directory.  Then include               
   /.acl.save in the backup procedure (for example, by moving it to one         
   of the directories that will be backed up).  Upon a restore, run the        
   .acl.save script to restore the ACLs.                                        
                                                                                
   If you plan to use the entire script given in the MKSYSB package for         
   a mksysb, these changes should be added to the script:                       
   o  "echo aclput $FILE '<< \EOF'" should be on its own line                   
   o  There should be a closing parenthesis after "$9" on the awk line          
   o  Place an open parenthesis before the "while read FILE" and a              
      close parenthesis after the "done"                                        
                                                                                
---------- ---------- ---------- --------- ---------- ----------                
                                                                                
                                                                                
This item was created from library item Q650467      CNVBX                      
                                                                                
Additional search words:                                                       
ACL BACKUP BEST CNVBX FILESYSTEM IX JAN94 MANAGEMENT OP OZIBM OZNEW             
RECOVERY RISCMGMT RISCSYSTEM SOFTWARE SYS SYSTEM                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                                
                                                                               

HR
CENTER
FONT size=2WWQA: ITEM: RTA000037588 ITEM: RTA000037588
BRDated: 03/1996 Category: RISCMGMT
BRThis HTML file was generated 99/06/24~12:43:14
BRComments or suggestions?
A href="../../../../feedback.html"BContact us/B/ABR
/FONT
/CENTER
/BODY
/HTML