ENCINA(8) — Maintenance
NAME
sfs - starts an SFS server
SYNOPSIS
sfs -n servername -v vol_restart_files [-a] [-b buffer_pool_size] [-c collating_lang] [-d idle_timeout] [-h] [-i checkpoint_interval] [-l log_info] [-p principal_id [-k keytab_file] ] [-A exclusive_authority] [-N min_authn_level] [-P thread_pool_sizes] [-t component:trace_mask [:component:trace_mask]...] [-T trace_class[=trace_class...]=[[option . . .]]destination_type:destination] [-Z authorization]
ARGUMENTS
-n servername Specifies the name of the SFS server that is registered with the DCE Cell Directory Service. (The name is registered the first time the server is started). The argument servername should be a complete DCE cell-relative name. This option is required.
-v vol_restart_files Specifies the files to be used by the SFS server to store volume restart information. The argument vol_restart_files specifies a volume restart file and its mirror. The two file names must be separated by an operating system-specific path separator (the colon in UNIX) and the entire string must be enclosed in quotes. The specified restart files are automatically created when the server is started for the first time. On subsequent restarts, the SFS uses these files to recover configuration information about volumes. This option is required.
[-a] Starts a server in administrative mode. A server must be started in administrative mode for certain administrative or diagnostic tasks, such as restoring or relocating volumes. After such tasks are completed, you must recover volumes and enable the server for full operation. If the -a option is not specified, the server is started normally.
[-b buffer_pool_size] Specifies the size of the memory buffer pool used for disk I/O. The size is expressed in blocks of 1024 bytes (kilobytes). If the -b option is not specified, the default value is 1000 kilobytes.
[-c collating_lang] Specifies the collating language to be used for record fields of type nlsString. If the -c option is not specified, any field of type nlsString type is treated as invalid.
[-d idle_time_out] Specifies the time in seconds that an OFD may be permitted to be idle while waiting for an SFS call. After this time period elapses, if an operation using another OFD requests a lock held by the idle OFD, any transaction associated with the idle OFD is aborted, the OFD is closed, and the lock is released. The maximum value of idle_time_out is approximately 68 years (231seconds). A value of 0 disables idle timeouts. If the -d option is not specified, the default value of 60 seconds is used.
[-h] Displays a brief help message about the available options for the sfs command. Using this option does not start the SFS server. The help message is also displayed when an invalid option is entered on the command line.
[-i checkpoint_interval]
Specifies the interval of time between checkpoints to be made by the SFS server. The argument checkpoint_interval is specified as 3 numbers separated by colons - seconds:minimum records:maximum records. At the end of every interval of seconds, a checkpoint is taken if the number of log records written since the previous checkpoint exceeds the value of minimum records. Further, a checkpoint will be taken as soon as the number of log records written since the previous checkpoint exceeds maximum records, regardless of the value of seconds. The default values are 60, 5000, and 100000, respectively. To change one or more of the values, you must specify all three values. For example, 60:10000:100000 changes the value of minimum records to 10000.
[-l log_info] Specifies the volume name and log file name used by the SFS server to store log data. The volume and file are created after initial server start-up using tkadmin commands. The -l option is used for a normal restart of a server. Using this option automatically recovers volumes and enables the server. The log_info argument takes the form log_volume/log_filename, where log_volume is the logical volume on which the file resides and log_filename is the log file name. A server may need to be restarted in administrative mode in order to repair damaged log volumes. In this case, log information is omitted on the command line. After repairs are completed, tkadmin commands must be used to recover volumes and enable the server.
[-p principal_id [-k keytab_file]]
Specifies the DCE principal identifier of the server. The principal identifier must be registered with the DCE Registry Database to be used for authentication purposes. The -k option names the file containing the password of the principal identifier specified with the -p option. The file named as argument keytab_file must be on (or accessible from) the local node. If the -k option is not specified, the DCE default keytab file is used.
[-A exclusive_authority]
Specifies a principal to be granted exclusive authorization to administer the server and to modify ACLs. This option is required the first time a secure server is started so that a principal has access to the server ACL. Permissions granted on ACLs are not checked until exclusive authorization is cleared using the tkadmin clear exclusiveauthority command. An exclusive authority may also be specified in emergency cases in which ACLs are inaccessible due to system problems.
[-N min_authn_level] Specifies the minimum protection level at which client RPCs are considered to be authenticated. An incoming RPC with a protection level below the specified minimum is treated by the SFS server as unauthenticated. The default value of min_authn_level is 2. Possible values for the protection level are: 0 (default), 1 (none), 2 (connect), 3 (call), 4 (packet), 5 (packet integrity), 6 (packet security). See the reference page for the tkadmin set minprotectlevel command for a complete description of these levels.
[-P thread_pool_sizes]
Specifies the sizes of thread pools to be used by the server. The argument thread_pool_sizes is used to indicate the sizes of the two thread pools: processing and emergency. The processing pool is used for normal processing and administrative operations. The emergency pool is used for operations that query and free resources. Examples of these operations are: sfs_AbortOperation, sfs_CloseServerOfd, sfs_ListServerOfds, sfs_ListTransactionLocks, and sfs_GetServerOfdInfo.
The thread_pool_sizes argument is specified as a single value or two colon-separated values (processing:emergency). If a single value is specified, that value indicates the size of the processing pool. If no processing size is specified, the processing calls will be handled by the default thread pool. The size of the default thread pool is determined by the value of ENCINA_TPOOL_SIZE. If that variable is not defined, the default is 5. If no emergency size is specified, the default value is 0.
[-t component:trace_mask [:component:trace_mask]...]
Enables tracing for the specified component and trace class. Specify component as the SFS component to be traced, and trace_mask as the trace class or hexadecimal trace mask representing the bits that activate the different trace events for the SFS server. This option can be used multiple times on the command line, or all components and trace masks can be specified together on the command line with colons separating each component:trace_mask pair (for example, sfs_svr:0x01000000:sfs_btree:0x00000800). This option can be used in conjunction with the -T option (which specifies the destination for the trace class). Once an SFS server is running, tkadmin commands can be used to enable or disable tracing.
[-T trace_class [=trace_class...]=[[option,option]] destination_type:destination]
Directs tracing of the specified trace_class to the specified destination. The trace_class can be one or more of the following: fatal, error, audit, dump, entry, event, or param. The optional [option . . .] can be one or more of the following: buffered, unbuffered, formatted, or unformatted. If an option is not specified, output will be buffered and formatted. The destination_type must appear in upper case and can be one of the following: FILE, STREAM, AIX, or RPC. The destination can be one of the following:
A complete or relative pathname of a file (for the FILE destination type).
The stdout or stderr stream (for the STREAM destination type).
The trace or errlog destination (for the AIX destination type).
A DCE RPC binding string or a DCE Directory Service name (for the RPC destination type).
By default, the output of the fatal, error, and audit trace classes is automatically directed from the ring buffer to stderr. The alias critical can be used to indicate the combination of fatal, error, and audit trace classes. The -T option is used in conjunction with the -t option (which specifies the component and trace class to be traced). The -T option may be used multiple times on the command line, where it is processed from left to right. For example, -T event=STREAM:stderr sends all event output to stderr. Once a server is running, tkadmin commands can be used to redirect trace output.
[-Z authorization] Specifies whether authorization is enabled in the server. A value of 1 (the default) means that authorization is enabled - ACLs will be checked. In the case of an initial start of a server with DCE security, it means that the exclusive authority principal has sole authorization to the server. A value of 0 means that authorization is disabled. Once a server is running, authorization can be enabled or disabled using the tkadmin set authorization command.
DESCRIPTION
The sfs command starts an SFS server. The options specifying the server name (the -n option) and volume restart files (the -v option) are required. Other information may be required depending on whether the server is being started for the first time and whether DCE security is being used.
For an initial start. The server name and volume restart files are required. If the server is being started with DCE security, an exclusive authority principal, server principal, and keytab file must also be specified (the -A, -p, and -k options).
For a restart. The server name and volume restart files are required. If the server was initially started with DCE security, the server principal and keytab file must also be specified. In addition, the log volume and log file name created at initial start must be specified (using the -l option) so that the server can automatically recover volumes and enable full operation.
The following list summarizes the sfs command options. Each item lists the option, description, environment variable, and the default value. If there is no corresponding environment variable or default, none is listed.
-a Administrative mode
-b buffer_pool_size; Buffer pool size (in blocks of 1024 bytes); 1000 kb
-c collating_lang; Collating language
-d idle_timeout; Idle timeout for OFDs; 60
-h Help
-i checkpoint_interval; Checkpoint interval; 60:5000:100000
-l log_info; Name of log volume and log file
-n servername; Name of the SFS server; ENCINA_SFS_SERVER
-p principal_id [-k keytab_file ]; Principal id of the server and name of the keytab file; ENCINA_PRINCIPAL and ENCINA_KEY_FILE
-t component:trace_mask [ component:trace_mask ] . . . ]; SFS component and trace mask; ENCINA_TRACE
-v vol_restart_files; Name of restart files
-A exclusive_authority; Principal identifier to be granted exclusive authorization to server
-N min_authn_level; Minimum protection level; 2
-P thread_pool_sizes; Size of thread pools; ENCINA_TPOOL_SIZE; 5:0
-T trace_class...destination; Destination of trace output for a trace class; stderr for error, fatal, and audit trace classes; ring buffer for all classes
-Z authorization; Whether authorization is enabled; 1
The sfs command looks for argument values in the following order:
Command line - Values specified on the command line are evaluated first and take precedence over values defined as environment variables.
Environment variable - If no command-line value is specified and the appropriate environment variable is defined, the value is obtained from the variable.
Default value - If a value is neither specified on the command line nor through an environment variable and a default value exists, the default value is used.
It is recommended that you use command-line options instead of environment variables when starting a server. The command used to start a server can be saved for use when restarting the server. This preserves an exact record of which command options were used when the server was initially started. Using environment variables to specify command options may cause confusion during later restarts, since the value of a variable can be changed in the interim.
EXAMPLES
The following command starts an SFS server named /.:/branch1/server/sfs1 for the first time. The example assumes the following:
The directory /opt/encinalocal/branch1/server/sfs1 is the working directory for the server. The server is started in this directory.
A secondary working directory /opt/encinamirror/branch1/server/sfs1 has the same structure as the working directory. The secondary directory is a mirror for certain files in the working directory and is located on a separate mounted file system.
The volume restart file is /opt/encinalocal/branch1/server/sfs1/restart . This file is mirrored as /opt/encinamirror/branch1/server/sfs1/restart.bak .
The exclusive authority principal is encina_admin.
The server principal identifier is branch1/server/sfs1.
The keytab file /opt/encinalocal/branch1/server/sfs1/keyfile contains the password for branch1/server/sfs1.
% sfs -n /.:/branch1/server/sfs1 -v "restart:/opt/encinamirror/branch1/server/sfs1/restart.bak" -A encina_admin -p branch1/server/sfs1 -k keyfile -N 2 -Z 1
After the initial start of a server, volumes must be created and enabled for storing log and user data. The encina_admin principal must create ACLs for the server and then clear exclusive authorization using the tkadmin clear exclusiveauthority command.
The following command restarts the server of the previous example. The log volume and log file are sfsLogVol and sfsLogfile, respectively:
% sfs -n /.:/branch1/server/sfs1 -l sfsLogVol/sfsLogfile -v "restart:/opt/encinamirror/branch1/server/sfs1/restart.bak" -p branch1/server/sfs1 -k keyfile -N 2 -Z 1
— March 1997