Hi, Richard Sims schrieb:
In TSM 5.3, the Virtualnodename mechanism has further evolved into a Proxy Node capability, described in the 5.3 Admin Guide, client manual, and the TSM 5.3 Technical Guide. This could address the NFS collective backup/restore issue, once both client and server are at the 5.3 level. I don't have experience with this, but it would be interesting to hear from any sites which have pursued it.
I think, there's a big security issue. I just granted proxy authority to one of our NFS clients. The backups are made on TSM node "nfsserver" and the node "nfsclient" acts as a proxynode. So I added the following lines to the dsm.sys on the client node: nodename nfsclient asnodename nfsserver But now, when I log on to the NFS client as a normal user, I am able to restore arbitrary files of other users to my home directory!!!! The other homedirectories are not readable for me, so an "ls /home/myboss" doesn't work. But using dsmc I get access to all files of all other users. With "dsmc q ba -subd=y /home/myboss/" I get a list of all files of my boss. And with "dsmc restore" I can restore all of his files to my home directory. IS THIS A BUG OR DOES IT WORK AS DESIGNED? I installed 5.3.3.0 clients on Linux. -- Regards, Dirk Kastens Universitaet Osnabrueck, Rechenzentrum (Computer Center) Albrechtstr. 28, 49069 Osnabrueck, Germany Tel.: +49-541-969-2347, FAX: -2470
