Duh. Maybe I should read more thoroughly. If your machine runs under VM, runlevel 1 will work if you can get LOGON BY authority.
If you're LPAR'd and you're tcp wrappered, all you should need to do is set hosts.allow & hosts.deny properly to only allow YOUR client in (most PAMs won't permit telnet as root, but nothing's stopping you from su'ing to root after you've telnet'd in), effectively making you single-user. You're going to need to manually (or by runlevel script) shut down all the possible fs users: sshd, httpd, etc until your backups are done. Then just do the inverse when you're done: unset hosts.* and bring all the services back up. Either this or train your operators to do it in runlevel 1. At my site, the operators don't wanna know. Of course, I have VM, so grabbing the console is no big deal; and nobody tells me whether any backup method is appropriate or not. All I have to do is come up with one that works (done). --Jim-- James S. Tison Senior Software Engineer TPF Laboratory / Architecture IBM Corporation "If I wanna hear the pitter-patter of little feet, I'll put shoes on my dog."
