Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ cell(8dce) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

cell(8dce)  —  Maintenance

NAME

cell  — A dcecp task object that operates on a DCE cell

SYNOPSIS

cell backup  [cell_name]

cell catalog  [cell_name]

cell help  [operation | verbose  ]

cell operations

cell ping  [cell_name]  [clients ]  [replicas ]

cell show  [cell_name]  [simplename ]

Arguments

cell_nameThe name of a single cell to operate on.  The name must be a fully qualified cell name such as either of the following:

/.../their_cell.goodco.com
/.:

operationThe name of the cell  operation for which to display help information. 

Description

The cell  task object represents a single DCE cell as a whole, including all machines, services, resources, principals, and so on.  The optional cell_name argument is a single cell name (not a list of cell names).  If omitted, the local cell (/.:) is the default. 

Attributes

secservers
Each value is the name of a security server in the cell.

cdsservers
Each value is the name of a machine running a Cell Directory Service (CDS) server in the cell.  The name is the simple name found under /.:/hosts. 

dtsservers
Each value is the name of a Distributed Time Service (DTS) server in the cell.

hostsEach value is the name of a host in the cell, including machines mentioned previously as servers; for example, hosts/machine1. 

See the OSF DCE Administration Guide for more information about attributes. 

Errors

A representative list of errors that might be returned is not shown here.  Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages. 

Operations

cell backup

Backs up the master security database and each clearinghouse with master replicas in the cell.  The syntax is as follows:

cell backup [cell_name]

The cell backup  command backs up the master security database and each clearinghouse with master replicas in the cell.  It requires that dced  be running on each of the server hosts.  It takes no arguments or options. 

Prepare a cell for regular backup operations by changing the access control lists (ACLs) on two of the dced  objects on the local machine and setting up an extended registry attribute (ERA) that can specify a backup destination (typically a tape archive).  Then add the new attribute to the principals for the master DCE Security Service registry database and all CDS clearinghouses with master replicas that you want to back up.  To do this, follow these steps:

   1.Put the DCE daemon into partial service mode by sending the dced  process the correct signal:

# kill -SIGUSR1 pid_of_dced
#

   2.Invoke dcecp  with the local  option:

# dcecp -local
dcecp>

   3.Modify ACLs on the local hostdata  and srvrconf objects to allow the subsys/dce/dced-admin group access by using the following dcecp acl  operations:

dcecp> acl modify hostdata -add {group subsys/dce/dced-admin -riI} -local
dcecp> acl modify srvrconf -add {group subsys/dce/dced-admin -riI} -local
dcecp> acl modify srvrconf -add {group subsys/dce/dced-admin -d-rwx} -io -local
dcecp>

   4.Put the DCE daemon back into full service mode with the following command:

# kill -SIGUSR1 pid_of_dced
#

   5.Create an ERA as a string that specifies a backup destination.  Name the ERA /.:/sec/xattrschema/bckp_dest and the type printstring.  Select the ACL manager named principal  and set its four permission bits to r (read), m (manage), r (read), and D (Delete) as shown in the following command:

dcecp> xattrschema create /.:/sec/xattrschema/bckp_dest \
> -encoding printstring -aclmgr {principal r m r D}
dcecp>

   6.Add the new ERA (bckp_dest) to the principal dce-rgy (the DCE Security Service registry database).  Set the value to be the tar filename or the device that is the backup destination, as follows:

dcecp> principal modify dce-rgy -add {bckp_dest tarfilename_or_device}
dcecp>  

   7.Add the new ERA (bckp_dest) to the principal /.:/hosts/hostname/cds-server (the CDS server).  Set the value to be the tar  filename or the device that is the backup destination, as follows:

dcecp> principal modify /.:/hosts/hostname/cds-server
> -add {bckp_dest tarfilename_or_device}
dcecp> 

Now, whenever you want to back up your registry database or CDS database, you can simply invoke a cell backup  command. 

You can back up another cell by including the cell name as an argument to the cell backup  command.  Note that you need the necessary permissions in the remote cell.  (Refer to the registry  object reference page for the required privileges.)  This command returns an empty string on success. 

Privileges Required

The cell backup  command requires that the administrator be logged in as the local superuser (root).  It also requires the user to be authenticated to the security service as the cell administrator. 

Examples

dcecp> cell backup
dcecp> 

cell catalog

Lists the foreign cells that are known by the specified cell.  The syntax is as follows:

cell catalog [cell_name]

The catalog  operation returns a list of the names of all cells currently registered in the specified cell.  The list includes the name of the specified cell itself and of any registered foreign cells.  If no cell_name is provided, the operation returns cells registered in the local cell. 

Privileges Required

You must have r (read) permission to the /.:/sec/principal directory and r (read) permission to the specified cell principals. 

Examples

dcecp> cell catalog /.:
/.../gumby_cell
/.../pokey_cell
/.../barney_cell
dcecp>

cell help

Returns help information about the cell  task object and its operations.  The syntax is as follows:

cell help [operation | verbose ]

Options

verboseDisplays information about the cell  task object. 

Used without an argument or option, the cell help  command returns brief information about each cell  operation.  The optional operation argument is the name of an operation about which you want detailed information.  Alternatively, you can use the verbose  option for more detailed information about the cell  task object itself. 

Privileges Required

No special privileges are needed to use the cell help command. 

Examples


dcecp> cell help
backup              Backs up master security database and master clearinghouses.
catalog             Returns the names of the cells known to a cell.
ping                Shows the current server status of the cell.
show                Shows attributes describing the configuration of a cell.
help                Prints a summary of command-line options.
operations          Returns a list of the valid operations for this command.
dcecp>  

cell operations

Returns a list of the operations supported by the cell task object.  The syntax is as follows:

cell operations

The list of available operations is in alphabetical order except for help  and operations, which are listed last. 

Privileges Required

No special privileges are needed to use the cell operations command. 

Examples

dcecp> cell operations
backup catalog ping show help operations
dcecp> 

cell ping

Performs quick checks to test whether a cell is running.  The syntax is as follows:

cell ping [cell_name] [clients ] [replicas ]

Options

clientsThis option causes the command to ping every machine in the cell.  It does this by looping though /.:/hosts and doing a host ping  on each host name.  In case of failure, it generates an error and returns a list of hosts that could not be contacted.  On success, it returns DCE clients available. 

replicasThis option causes the command to ping the master security server, each security replica in the cell, all the CDS servers in the cell, and all the DTS servers in the cell.  In case of failure, it generates an error and returns a list of servers that could not be contacted.  On success, it returns DCE servers available . 

The ping  operation performs a quick check to test whether a cell is running. 

If called with no option, it pings (using server ping ) the master security server, the CDS server that currently holds the write copy of the the cell root directory (/.:), and all the DTS servers in the cell.  In case of failure, it generates an error and returns a list of servers that could not be contacted.  On success, it returns DCE services available. 

The replicas  option causes the command to ping each security replica and CDS server as well as those mentioned above.  In case of failure, it generates an error and returns a list of servers that could not be contacted.  On success, it returns DCE servers available. 

The clients  option causes the command to ping every machine in the cell.  It does this by looping though /.:/hosts and doing a host ping  on the host name.  In case of failure, it generates an error and returns a list of hosts that could not be contacted.  On success, it returns DCE clients available . 

Privileges Required

You must have r (read) permission to the following directories: /.:/hosts, /.:/hosts/hostname, and /.:/subsys/dce/sec. 

Examples

The following command tests whether the core services master servers are available:

dcecp> cell ping /.../blue.cell.osf.org
DCE services available
dcecp>

The following command tests whether the core services and their replicas are available:

dcecp> cell ping -replicas
DCE servers available
dcecp> 

The following command tests the presence of all DCE hosts in a cell:

dcecp> cell ping -clients
DCE clients available
dcecp>  

cell show

Returns attributes describing the configuration of the specified cell.  The syntax is as follows:

cell show [cell_name] [simplename ]

Options

simplename
Returns the cell information without prepending the cell name.

The show  operation returns attributes describing the configuration of the specified cell.  The returned attributes are as follows:

secservers
Each value is the name of a security server.

cdsservers
Each value is the name of a machine running a CDS server.  The name is the simple name found under /.:/hosts. 

dtsservers
Each value is the name of a DTS server in the cell.

hostsEach value is the name of a host in the cell, including machines mentioned previously as servers; for example, hosts/machine1. 

See the OSF DCE Administration Guide for more information about attributes. 

Privileges Required

You must have r (read) permission to the following directories in the CDS namespace: /.:/hosts, /.:/hosts/hostname, and /.:/susbys/dce/sec/master

Examples

dcecp> cell show  /.../dcecp.cell.osf.org
{secservers
 /.../dcecp.cell.osf.org/subsys/dce/sec/ice
 /.../dcecp.cell.osf.org/subsys/dce/sec/fire}
{cdsservers
 /.../dcecp.cell.osf.org/hosts/frick}
{dtsservers
 /.../dcecp.cell.osf.org/hosts/frick
 /.../dcecp.cell.osf.org/hosts/ice
 /.../dcecp.cell.osf.org/hosts/ninja}
{hosts
 /.../dcecp.cell.osf.org/hosts/frick
 /.../dcecp.cell.osf.org/hosts/ice
 /.../dcecp.cell.osf.org/hosts/ninja}
 dcecp>
 dcecp>  dcecp> cell show -simplename
{secservers
 subsys/dce/sec/ice}
{cdsservers
 hosts/frick}
{dtsservers
hosts/frick
hosts/ice
hosts/ninja}
{hosts
hosts/frick
hosts/ice
hosts/ninja}
dcecp>

Related Information

Commands: dcecp(8dec0, directory(8dce), host(8dce), server(8dce). 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026