Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ sec_salvage_db(1m) — HP-UX 10.20

Media Vault

Software Library

Restoration Projects

Artifacts Sought

sec_salvage_db(1m)

NAME

sec_salvage_db - Recover a corrupted registry database

0 The sec_salvage_db -check and -fix options are not currently available. 

SYNOPSIS

sec_salvage_db -print [-dbpath db_pathname] [-prtpath print_pathname]
[print_options] [−verbose] [-sort] [-dce1.0.3] sec_salvage_db -reconstruct [-dbpath db_pathname] [-prtpath print_pathname]
[reconstruct_options] [-verbose] sec_salvage_db -check [-dbpath db_pathname] [db_options] [-verbose] sec_salvage_db -fix [-dbpath db_pathname] [db_options] [-force] [-verbose]
 

OPTIONS

-checkCheck the database elements specified by db_options for inconsistencies.  This option sends a list to standard output of all bad list links, internal id references, and database keys and any detectable data inconsistencies.  The -check option does not check fields for legal values. 

db_optionsSpecify the database elements to be acted on by the -check or -fix options.  If no db_options are specified, all are selected.  The db_options are

•-princ — Principals

•-group — Groups

• -org — Organizations

•-acct — Accounts

• -acl — ACLs

•-policy — Policy

•-state — Database State

•-replicas — Replicas

0 The .mkey.prt file and the princ.prt file contain unencrypted authentication keys.  Ensure that only the privileged account can access these files and that they are never transferred over a network for viewing or backup. 

-fixCheck the database for inconsistencies and prompt for whether to fix each inconsistency.  After all inconsistencies have been processed, the option prompts for whether to save all fixes. 

-forceCheck the database for inconsistencies and fix each one without prompting.  After all inconsistencies have been processed, the option prompts for whether to save all fixes.   This option is valid only when used with the -fix option. 

-printCreate files containing ASCII-formatted database records.  These files are used by the -reconstruct option as a source for recreating the database.  You can also manually edit the files to change information or fix problems.  A separate file is created for each  of the print_options specified.  By default the -print option stores the master key file in the current directory and the database files in the rgy_print directory in the current directory.  The −prtpath option lets you specify a different directory. 

-dce1.0.3Supports backwards conversion of a registry database from DCE 1.1 to DCE 1.0.3. 

print_options
Specify the database elements to be acted on by the -print option. If the files exist, they are overwritten. If no print_options are specified, all are selected. The print_options and the files they create are

•-princ — Put principal records in the file princ.prt and master key information in the file .mkey.prt. 

•-group — Put group records in the file group.prt. 

•
 -org — Put organization records in the file org.prt.

•-policy — Put policy records in the file policy.prt. 

•-state — Put information about the state of the database in the file rgy_state.prt. 

•-replicas — Put replica information in the file replicas.prt. 

-reconstructReconstruct the registry database from the ASCII-formatted print files created by the −print option.  The reconstruct_options specify the print files to use. 

reconstruct_options

0 The reconstruct_options  options are not available in Release 1.0.3.  For this release, sec_salvage_db reconstructs all elements of the registry database. 

Specifies which elements of the registry database to reconstruct.  If no reconstruct_options are specified, all are selected.  The reconstruct_options are

•-pgo — Use data in the princ.prt, group.prt, org.prt, and .mkey.prt files to reconstruct:

—Principals, groups, organizations

—Principal’s accounts

—ACL’s on database objects

—The master key file

•-policy — Use data from the policy.prt file to reconstruct registry policies. 

•-state — Use data from the rgy_state.prt file to reconstruct information about the state of the database. 

•-replicas — Use data from the replicas.prt file to reconstruct the master replica list. 

-dbpath db_pathname
For the -print and -check options, -dbpath specifies the directory in which the registry database and the master key file are located. For the −reconstruct and −fix options, -dbpath specifies the directory in which to store the reconstructed or salvaged database. The -print and -check options expects to find the master key file, .mkey, in the directory above the directory that holds the database files. For example, if db_pathname is dcelocal/var/security/new_rgy, the options look for the master key file in dcelocal/var/security and the database files in dcelocal/var/security/new_rgy. If this option is not specified, the default pathname is dcelocal/var/security/rgy_data. db_pathname can be a global pathname or a cell-relative name.

-prtpath print_pathname
For the print and -reconstruct options only, -prtpath specifies the directory in which to create (-print) the print files, or find (-reconstruct) the print files from which to reconstruct the database. By default the -print option creates and the -reconstruct option looks for the master key file in the current directory and the database files in the rgy_print subdirectory of the current directory. -prtpath lets you specify the directory that should be used instead of the current directory.  For example, if you specify print_pathname as dcelocal/var/security/registry, the master key print file will be created in that directory and the database print files in dcelocal/var/security/registry/rgy_print. If any or all of the print files exist in print_pathname or the default directory, their contents are overwritten. print_pathname can be a global pathname or a cell-relative name.

DESCRIPTION

The sec_salvage_db tool is an aid to database administration and troubleshooting.  Although day-to-day administration is handled by the rgy_edit command, sec_salvage_db can be useful for listing registry data, reconstructing databases, and salvaging corrupted databases.  The sec_salvage_db command supports two methods of operation: the check and fix method and the print and reconstruct method.   These methods can be used in tandem. 

Check and Fix Method

0 The -check and -fix options are not currently available. 

The check and fix method recovers data from a corrupted database, fixing corrupted data links, data retrieval keys, and other internal references.  You can use it on a database so corrupted that it prevents the Security Server (secd) from running or registry clients from operating correctly.  The check and fix method repairs the database structure so that secd can run.  (Note that data may be lost if corrupted pointers in the registry data files irreversibly sever the links between records.)  The check and fix method uses the sec_salvage_db -check, -fix, and -force options.  The -check option accesses each record in the database and reports all errors, but makes no fixes.  Although you can run it to see the state of the database before you run the -fix option, it is not required to be run.  The -fix option also accesses each record in the database and reports all errors, but as it finds each error, it prompts for whether or not to fix the error.  When processing is complete, sec_salvage_db prompts for whether or not to save the changes.  The -force option can only be used with the -fix option.  If you use it, sec_salvage_db does not prompt for confirmation before it fixes each error it finds.  sec_salvage_db will still prompt for confirmation before it saves the changes. 

The Print and Reconstruct Method

The print and reconstruct method allows you to reconstruct a database.  It first creates ASCII files, called print files, that contain all accessible data in the database.  Then, it reads the data in these files to construct a new database.  If you cannot start a Security Server on the database host machine, you cannot use the print and reconstruct method, but must use the check and fix method.  (Note that before you run sec_salvage_db with the −print and −reconstruct options, you must stop the Security Server.)  In addition to reconstructing the database, the print and reconstruct method has other uses.  You can use it to

•Make changes to the database by manually editing the print files created by the -print option and then reconstructing them from the changed print files.  This can be especially useful for changing many user passwords, which may be necessary if the master key file is corrupted. 

•Obtain a listing of database contents. 

•Copy databases between different platforms. 

To use the print and reconstruct method run sec_salvage_db first with the -print option and then with the -reconstruct option.  The -print option creates the ASCII print files from the registry database files.  These files can be reviewed and edited to correct faulty information, such as name-to-UNIX ID mismatches or missing data, or to update existing data.  The -reconstruct option recreates the registry database files from the print files.  Because the -print option creates files containing all data in the database and the -reconstruct option recreates the database based on these files, you can use this method to move a database to another machine or even another cell.  For example, if you run sec_salvage_db -print on an uncorrupted database, you can then run sec_salvage_db -reconstruct and specify a pathname on a different machine for where the database should be created. 

Converting a DCE 1.1 Registry Database to a DCE 1.0.3 Database

The sec_salvage_db -dce1.0.3  option supports backwards conversion of a registry database from DCE 1.1 to DCE 1.0.3.  To convert a DCE 1.1 registry database to a DCE 1.0.3 database perform the following procedure:

     1.Stop all DCE 1.1 servers. 

     2.Run the sec_salvage_db command with the -print and -dce1.0.3 options (and any other options you need) to create ASCII print files of the Registry database. 

Note that for polymorphous objects (that is, an object that can be both a directory and a person, group, or organization), sec_salvage_db creates a print file entry for a directory as as default.  It then stores the information related to the person, group, or organization in a file named info.prt.  To recreate a person, group, or organization instead of a directory, manually add the information in the info.prt file to the appropriate ASCII print files. 

     3.Clean up the remnants of the Registry database by deleting the /opt/dcelocal/var/rpc/rpcdep.dat file and all files in the following directories:

•/opt/dcelocal/var/security/rgy_data

•/opt/dcelocal/var/security/rcache

•/opt/dcelocal/var/security/creds

     4.Reload the DCE 1.0.3 bits. 

     5.Run the sec_salvage_db command with the -reconstruct option (and any other options you need) to create the database from the ASCII print files. 

     6.Restart DCE 1.0.3 servers. 

EDITING THE PRINT FILES

To edit the print files, your entries must be in the following format

field_name optional_white_space=optional_white_space value

Although you can leave spaces between the field name, the equals sign, and the value, field names and values cannot contain white space.  A sample org.prt file follows. 

Record_Number = 2
Object_Type = ORG
Name = org/none
UUID = 0000000C-D751-21CA-A002-08001E039D7D
Unix_ID = 12
Is_Alias_Flag = false
Is_Required_Flag = false
Fullname =
Member_Name = nobody
Member_Name = root
Member_Name = daemon
Member_Name = uucp
Member_Name = bin
Member_Name = dce-ptgt
Member_Name = dce-rgy
Member_Name = krbtgt/abc.com
Member_Name = hosts/zebra/self
Obj_Acl_Def_Cell_Name = /.../abc.com
Obj_Acl_Entry = unauthenticated:r-t-----
Obj_Acl_Entry = user:root:rctDnfmM
Obj_Acl_Entry = other_obj:r-t-----
Obj_Acl_Entry = any_other:r-t-----

To update existing entries, simply supply a new value.  For example, to update a principal’s full name, the entry in the princ.prt file is

Fullnsme = fullname

The fullname variable is the principal’s full name.  The princ.prt file contains the following entry that allows you to update a principal’s password in plain text:

Plaintext_Passwd =

This field does not display the principal’s password.  To update the password, simply enter the new one in plain text after the equals sign.  When the database is reconstructed, the password is encrypted and any keys derived from that password are regenerated and used to overwrite any existing encryption key entries.  To specify a NULL value, delete the existing value.  For example, to specify a NULL value for a fullname in the princ.prt file, the entry is

Fullname =

PRINT FILE FIELDS AND VALUES

The fields in the princ.prt, group.prt, org.prt, .mkey.prt, policy.prt, rgy_state.prt and replicas.prt files are described in the following tables. 

Table 0−0.   princ.prt File Fields

Table 0−0.   group.prt File Fields

Table 0−0.   org.prt File Fields

Table 0−0.   .mkey.prt File Fields

Table 0−0.   policy.prt File Fields

Table 0−0.   rgy_state.prt File Fields

Table 0−0.   replica.prt File Fields

NOTES

This reference page is the version that was included in the DCE 1.0.3 Command Reference, updated with information about the -dce1.0.3 option.  It is not guaranteed to correspond exactly to the DCE 1.1 usage. 

ERROR CONDITIONS

You will receive the following error message if the default rgy_data directory is being used and there is an advisory lock on the rgy_state data file:

Registry: Error - database is locked.  Put secd into maintenance mode
    or clear advisory lock on rgy_state file in db_pathname

The existence of the advisory lock implies that secd is in service.  Use the sec_admin command to put secd in maintenance mode.  If secd is not running, the advisory lock may be the result of an ungraceful shutdown of secd.  To remove the advisory lock, use mv to rename the dcelocal/var/security/rgy_data/rgy_state file, change it back to the original name.  Then, re-run the sec_salvage_db command. 

Hewlett-Packard Company  —  OSF DCE 1.1/HP DCE 1.5

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026