Haha! I just thought of this one. It might be morbidly attractive. On TSM Server: 1. Create a node. I'll use TEMPNODE.
On a workstation/server of similar OS where you have root: 2. Write the script to bounce the scheduler process (bounce.script). 3. Write and compile the C wrapper that runs the script to bounce the scheduler (bounce.wrapper). 4. SUID on that wrapper so it runs as root. 5. Back up wrapper and script as TEMPNODE. On TSM Server: 6. Create a CMD client schedule. cmd="dsmc -virtualnodename=tempnode -password=tempnodepw restore /wherever/bounce.*" 7. Associate all appropriate nodes with this schedule. 8. After all nodes restore these files, shouldn't take more than longest schedule poll period, they should all have bounce.script and SUID bounce.wrapper. 9. Telnet/rlogin/ssh in and run the SUID wrapper whenever you like. Note, I haven't tried this, and I'm not even sure if TSM restores the SUID bit, but it might be worth a try seeing as how it keeps other security attributes and you don't have any other options. Alex Paschal Storage Administrator Freightliner, LLC (503) 745-6850 phone/vmail -----Original Message----- From: Alex Paschal Sent: Friday, February 08, 2002 1:23 PM To: 'ADSM: Dist Stor Manager' Subject: RE: root required to kill TSM daemons? WELL, if you can't use sudo, and you can't write a C wrapper for the SUID bit, and if PowerBroker can't just allow root privilage for a single script/command/operation, I'd say your organization really needs to rethink the services they provide to their IT customers. Try cron as root a script that kills the scheduler process every day at noon. -----Original Message----- From: Cheryl Miller [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 1:16 PM To: [EMAIL PROTECTED] Subject: Re: root required to kill TSM daemons? Our company uses Powerbroker access instead of sudo and they don't want to give us pbrun su-root privileges. Any other ideas? -----Original Message----- From: PINNI, BALANAND (SBCSI) [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 11:47 AM To: [EMAIL PROTECTED] Subject: Re: root required to kill TSM daemons? Pl look at sudo command acts as proxy for root only for that cmd. BALANAND -----Original Message----- From: Cheryl Miller [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 12:41 PM To: [EMAIL PROTECTED] Subject: root required to kill TSM daemons? We just converted to TSM 4.2.1.9 from NetBackup. We are finding that our group needs to be able to stop the TSM daemons and start the start up script, instead of always having the system admin. do this. Right now I am told that there is no work around for root privileges being needed to kill the TSM daemons. I'm wondering how other shops get around this problem? When our TSM server crashes, all of the clients that are getting backed up are getting hung schedulers and need to be bounced to resume working. The fact that root privileges are needed to bounce the daemons is adding on days to our resolution, since we have to open a problem ticket with the system admin. group and wait for them to bounce the daemons. We have ids on most of the unix servers and could do it, if the permissions allowed. Any ideas?? Do any of you have a work around for this problem? Tivoli had me open an enhancement request. ....Cheryl Cheryl Miller Wells Fargo Bank Distributed Storage Management (DSM) 916-774-2073