点击这里下载
advertisement
Application Development on Power System (IBM i) Application Development on Power System (IBM i) School of Software Engineering Tongji University HUANGJie Syllabus No Subject Hours Abstract Instructor Server, Power System and Power System IBM i Huangjie iOS fundamental 2 4 i OS & Basic Operation Huangjie 3 File system & object management 4 Object management concept and integrated file system Huangjie 4 Message management 2 Message & Its management Huangjie 5 Work management 4 Concepts of job, subsystem and library, job routing Huangjie 6 Administration ABC 2 Security, Storage & Restore Management Huangjie 7 Application Development 6 ILE development enviroment , RPG programming Huangjie 8 Database Development 4 Database on IBM i Huangjie 9 IBM i & SOA 2 SOA approach on IBM i Huangjie 10 Case Study 2 Csae Study Huangjie 11 Examination 2 Examination 1 Overview of IBM i 2 2015/4/13 Huangjie 2 Unit 2 IBM i Administration ABC Chapter 6 Security, Storage & Restore Management 2015/4/13 3 Outline • 信息安全基础 • System i安全设计 – 访问控制(Access control) – 资源安全(Resource Security) – 管理控制(Administrative Control) • 备份与恢复 – – – – – – 备份介质 备份示例 备份面临的挑战 备份策略 恢复示例 课堂练习 Information Security Information Security is the protection of information assets from accidental or intentional (but authorized) disclosure, modification, or destruction and from inability to process that information. Information Forms Written on paper Stored electronically ⁻On disks of server, notebooks, … ⁻Backup medias Transmitted by post Films Spoken word 5 Threats • • • • • 6 Force majeure risk(不可抗力) Organizational deficiencies Human mistakes Technical problems Intentional actions Security Threats and Business Risks • • • • • Unauthorized use of resources Inappropriate disclosure of information Modification or destruction of information Denial(拒绝) of service Failure of accountability(问责) 7 What is Security? Reduction of risk RISK RISK RISK RISK RISK RISK RISK RISK RISK Protection against threats 8 Security concepts and relationships value wish to minimise Owners impose to reduce Countermeasures 对策 that may be reduced by may be aware of that may possess Vulnerabilities 漏洞 leading to that exploit Threat agents give rise to risk that increase threats to to assets wish to abuse and/or may damage Source: Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and general model 9 Basic Components of Computer Security Confidentiality Integrity 10 Availability Some Other Terms Frequently Used • Authentication(身份认证): when a person logs on to a system, authentication means checking and verifying the identity of the person logging on. The term is also used where the identity of IT components or application is checked. • Authorization(授权): authorization entails checking whether a person, IT component or application has permission to carry out a particular action. • Data protection: data protection refers to the protection of person-related data against misuse by third parties (not to be confused with data security). • Data security: data security refers to the protection of data in relation to the pertinent confidentiality, availability and integrity requirements. Another term for this is "IT security". • Data backup: during a backup, copies of existing data sets are created to protect against loss of data. • Penetration testing(渗透性测试): a penetration test is a deliberate, normally simulated, attempted attack on an IT system. It is used to check the effectiveness of existing security measures. Source: Federal Office for Information Security (BSI), IT Security Guidelines. 11 IT Security Costs 12 Risks The Main Ingredients of Success • Common sense • Well-thought out organizational procedures • Reliable, well informed staff who independently and expertly observe security requirements in a disciplined manner • Creation and implementation of an effective IT security concept does not have to be prohibitively expensive. The most effective safeguards are surprisingly simple and often do not actually cost anything! * Source: Federal Office for Information Security (BSI), IT Security Guidelines. 13 Common Sources for Security Problems • • • • • • • Lack of resources Tight budgets Increasing complexity of IT systems Uneducated staff Lack of awareness of potential problems Undocumented security objectives Standard settings of the manufacturer 14 Security is not a static condition but an ongoing process – Most of the tasks have to be repeated regularly • Updates of anti-virus software or firewall software – Monitoring and Maintaining IT Security • Security checks – Security Policies (out of date, incomplete or not practicable?) – Log files? Policy Implementation – Using independent experts? • New Security threats • New Standards – Should be considered at the start of each project – Application development – New software deployment Security Process Risk Administration Audit 15 Aspects of Security Policies • Risk Analysis – Assets (IT systems, data, know-how, etc.) – Evaluation of threats – Probability of security incident • Business and IT Requirements – – – – – – Organizational charts Password Rules Application (“need to use”) Data security (“need to know”) User Roles Network Security • Business Contingency(意外事故) Plan 16 Security Policies 1. General security objectives as organization‘s goals 2. Detailed security objectives, technical requirements and associated safeguards 3. Security requirements formulated in product settings Easier to update! 17 Outline • 信息安全基础 • System i安全设计 – 访问控制(System i Access control) – 资源安全(Resource Security) – 管理控制(Administrative Control) • 备份与恢复 – – – – – – 备份介质 备份示例 备份面临的挑战 备份策略 恢复示例 课堂练习 System i Access Control 19 Access control rules are implemented to determine the access privileges of a subject – a person – to an object, such as a file or other system resource. 20 Physical Control 21 Types of Physical Controls • Preventive controls – used to prevent unauthorized access to computing equipment – Examples: • • • • • • badge systems biometric access controls double door systems fences locks and keys security guards • Detective controls – alert security and system personnel to events that are damaging to the information system or system data – Examples: • • • • 22 alarms and sensors closed-circuit television (CCTV) motion detectors smoke and fire detectors Physical Access Control Computer Room Off Limits! System Display Stations Backup Tapes 23 System Keylock* Low Manual Use Dedicared Service Tools Load system from CD/tape Change IPL** source IPL via switch Remote IPL PWRDWNSYS - workstation Off via power switch Y Y Y Y No Y Y High Normal No No No Y Y Y No Automatic No No No No Y Y No Secure No No No No No Y No * not all models ** Initial Program Load 24 Technical Access Control 25 Types of Technical Control • Preventive technical controls – protect software resources from unauthorized access and modification, include access control software – Examples: • antivirus software • library control systems • encryption • Detective technical controls – alert system administrators to system intrusion or attempted intrusion. – Examples: • Audit trails – monitor network activity and uncover instances of unauthorized system access, attempted access by unauthorized parties, and breaches of system security policy. • Intrusion detection systems (IDSs) monitor user activity. – can terminate a user's session if that user's activity violates the system security policy 26 System-level Security 27 QSECURITY Level 50 Enhanced Integrity Level 40 System Integrity Level 30 Resource Level 20 Password Recommended value = Level 40 20 30 40 50 Password required to sign on Y Y Y Y Initial program/menu active * Y Y Y Y Limit capabilities support active Y Y Y Y Access to all objects Y Y Y Y Y Y Resource security active Unsupported Interfaces fail * When LMTCPB(*YES) is specified in the user profile 28 Security System Values 29 Security Wizard and Planner eServer Security Planner: http://publib.boulder.ibm.com/infocenter/eserver/v1r1/en_US/index.htm?info/secplanr/securwiz.htm 30 Identification and Authentication 鉴别与身份认证 31 User Profile No need for a passwd file! 32 Group Profiles • Allows users with similar jobs to share permissions without having to share the same password • Should choose a naming convention which makes groups easily recognizable • Create with No password (sign-on not allowed) • Users can be a member of up to 16 group profiles • Should assign groups in order of use 33 Initial Program and Menus Sign-On Display User signs on with user password and user name. Initial Program Initial program (if any) in user profile is called. Initial Menu Signoff 34 Initial menu in user Profile or *SIGNOFF is called. Limited Capabilities Users' capability to change their initial program, menu, current library and attention program and prohibit them from running most iSeries commands. Limit initial program/menu capabilities Initial Program Initial Menu Current Library Attention Program Execute Commands Do not limit Yes Yes Yes Yes Yes Limit some capabilities No Yes No No Yes Limit capabilities No No No No No Users can still run commands created or changed with parameter ALWLMTCPB(*YES) 35 New User – Capabilities – Privileges 36 Defining Roles Security administration (*SECADM) Create/change/delete user profiles; manage OfficeVision for objects and users All object access (*ALLOBJ) Access to all system resources Auditing control (*AUDIT) Control audit system values Spool control (*SPLCTL) Manage all users' spooled files Job control (*JOBCTL) Manage output queues, job queues and printers; change job attributes; stop subsystems; IPL System configuration (*IOSYSCFG) Change system configuration System service access (*SERVICE) Display and alter service function Save/restore (*SAVSYS) Save, restore and free storage for all system objects System Privileges Privilege Classes Security officer Security administrator System operator Programmer User All object access X 20 20 20 20 Auditing control X Job control X 20 X 20 Save/restore X 20 X 20 Security administration X X Spool control X System configuration X System service access X 20 37 IBM Supplied User Profiles 38 User profile Privilege Classes QSECOFR QPGMR QSYSOPR QUSER QDFTOWN QSRV QSRVBAS Security officer Programmer System operator User User Programmer Programmer Internet User and Validation Lists Validation lists (*VLDL) • are lists of Internet user names and passwords used in conjunction with an authentication protocol type to limit access to server resources • validation lists are case-sensitive and reside in iSeries libraries • cannot be used as user profiles for executing a job on OS/400 39 Service Tools Dedicated service tools (DST) and system service tools (SST) are both used to access service tools and service functions. DST is available when the Licensed Internal Code has been started, even if i5/OS has not been loaded. SST is available from i5/OS. Service tools are used to do any of the following: – – – – – – – – – – 40 Diagnose server problems Add hardware resources to the server Manage disk units Manage logical partition (LPAR) activities, including memory Review the Licensed Internal Code and product activity logs Trace Licensed Internal Code Perform main storage dumps Manage system security Manage other service tools user IDs … SST/DST User Profiles 41 HMC User Roles HMC HMC • • Task roles define what tasks an HMC account may perform – One role is assigned to each user account when the user account is created Set of predefined user roles can be customized 42 Resource Security 43 User Owned Objects • Each object has one owner • When an object is created, an owner is assigned. The ownership may be transferred later • The owner initially has all object and data permission • The authority may be removed, but the owner may grant any authority back to himself at anytime • It is not possible to delete a user who owns objects. Two solutions are offered: – Transfer ownership – Delete owned objects 44 QDFTOWN • QDFTOWN is an IBM-supplied user profile used when: – An object has no owner – The object ownership might pose security exposure • The object ownership is assigned to QDFTOWN in the following case: – The owning profile becomes damaged and is deleted. The RCLSTG command assigns ownership of objects to QDFTOWN – An object is restored and the owner profile does not exist – A program that needs to be created again is restored, but program creation is not successful – The maximum storage limit is exceeded for the user profile that owns an authority holder that has same name as file being moved, renamed, or whose library is being renamed • Consider the following recommendations: – QDFTOWN should not normally own objects – Ownership can be transferred with the WRKOBJOWN command or by iSeries navigator 45 Specific Object Permissions Private and Public permissions consist of one or more of the following: Specific Object Authorities Exclude Object Management Operational Read Management Add Existence Update Alter Delete Reference Execute Authorization list 46 Data Authority Object Management Permissions Permission 47 Definition Operational (*OBJOPR) Look at the description of an object and use the object as determined by the data authorities the user has. To open a file, the user must have *OBJOPR. Management (*OBJMGT) Authorize users to the object, move or rename the object and add members to database files. All functions defined for *OBJALTER and *OBJREF. Existence (*OBJEXIST) Change ownership and delete the object, free storage for the object, perform save and restore operations for the object Alter (*OBJALTER) Add, clear, initialize and reorganize members of database files, alter and add attributes of database files, add and remove triggers, change attributes of SQL packages. Reference (*OBJREF) Specify database file as the parent in a referential constraint. Authorization List (*AUTLMGT) Add and remove users and their authorities from an authorization list. Data Permissions Definition Permission 48 Read (*READ) Display the contents of an object, such as viewing the records in a file. Add (*ADD) Add entries to an object, such as adding messages to a message queue, or records to a file. Update (*UPD) Change entries in an object, such as changing records in a file. Delete (*DLT) Remove entries from an object, such as removing messages from a message queue or deleting records from a file. Execute (*EXECUTE) Run a program, or search a library or directory. Exclude (*EXCLUDE) Object access prevented Commonly Used Permissions Object Control Operation Management *All X X *Change *Use *Exclude 49 Existence X Data Authority Alter X Reference X Read Add Update Delete Execute X X X X X X X X X X X X X X Specifying Specific Authority for Objects In the Integrated File System • *RWX: • *RX: • *RW: • *WX: • • • • 50 *R: *W: *X: *EXCLUDE object operational authority, and all the data authorities object operational authority, read and execute object operational authority, read add, update and delete object operational authority, add, update, delete and execute object operational authority and read object operational, add, update, and delete object operational and execute prevents access to object Authorization List 51 Authorization List vs. Group Profile BILL WAYNE GUNNAR FRANK Use All Use Change FINDEPT/FILE3 LIB23 DSP05 Objects Authorization List BILL WAYNE GROUP Use All Change FINDEPT/FILE3 LIB23 DSP05 GUNNAR FRANK Group Profile 52 Objects Groups and AUTLs Compared AUTHORIZATION LISTS GROUPS Can secure multiple objects Can secure multiple objects A user can be on multiple lists A user can be a member of 16 groups Users can have different authority All users in a group have the same authority Same authority for different objects Different authority for different objects using same list An object can be secured by only one authorization list 53 An object can be authorized to many groups Adopted Authority Everything you've shown me deals with PERMANENT grants of authority. I'd like to give a user TEMPORARY access to several objects, without a lot of grants and revokes. What can I do? You need to use ADOPTED AUTHORITY •When a program created with USRPRF(*OWNER) is run, objects are accessed with the authority of the user running the program plus the program owner's authority •Authority is in effect as long as the program that originally adopts is still in the stack •Used to temporarily give authority to objects the user normally would not have •Both object authorities and special authorities are adopted •Program owner's groups are not used for adopted authority 54 Column Level Security •Column Level Security enforcement primarily occurs during the Update operation on the file •No new enforcement during open of the file •Column level authorities are stored in the database file object and managed by DB2 •Object authorities are stored in the user profile and managed by the system security manager 55 Permission Search Order 56 Where Object Permissions Come From To access or use an object you must have the appropriate authority. This authority may come from: All object access (*ALLOBJ) special authority A "private" or explicit authority to the object Public authority (*PUBLIC) All objects have "Public" authority This is the authority you get when you do not have any other authority to the object Authorization list Primary group authority Adopted authority 57 Example: Authority to Workstation (1/2) QLMTSECOFR = 1 Whether *ALLOBJ and *SERVICE users are limited to specific devices QSECOFR, QSRV and QSRVBAS can always sign on at the console. QCONSOLE system value is used to determine which device is console. Determine user's authority to workstation *CHANGE or greater Is QSECURITY => 30? No Yes Less than *CHANGE Does user have *ALLOBJ or *SERVICE? Sign-on fails No Yes Is QLMTSECOFR = 1? No A 58 Allow Sign-on Example: Authority to Workstation (2/2) A Less than *CHANGE Test user's authority to workstation *CHANGE or greater No Authority Less than *CHANGE Test groups' authority to workstation No Authority Yes Does user have *SERVICE but not *ALLOBJ' No No Does QSECOFR have *CHANGE or greater Yes Sign-on fails 59 Allow sign-on *CHANGE or greater Exit Programs Exitprogramm Additional zusä tzliche checks Prü fungen Exitpoint please use: example: “exit z. point fü r OpNav existiert B.:for iSeries Navigator” 60 QIBM - QSYS - OPNAVCLIENT Output Queue – Security Attributes Beyond Resource Security CRTOUTQ OUTQ(ADM) DSPDTA(*NO) OPRCTL(*YES) AUTCHK(*OWNER) DSPDTA: Additional restriction. Display any spooled file or only their own. (*YES, *NO, or *OWNER) OPRCTL: Allow users with SPCAUT(*JOBCTL) to manage queue's spooled files (*YES or *NO) AUTCHK: Allow users with *CHANGE authority to the output queue to change and delete spooled files owners by other users (*OWNER or *DTAAUT) 61 Administrative Control 62 Types of Administrative Controls • Preventive administrative controls – managing and monitoring the system activity of personnel – Examples: • • • • • • supervision of personnel, policies for hiring and dismissing personnel, security procedures, registration of users before system access, disaster recovery plans emergency procedures • Detective administrative controls – investigate the extent to which system security policies are implemented. • can be conducted through audit trails and reviews that detect lapses in security procedures. – monitor personnel activity to detect potential security risks 63 Audit? WHY? Keep System at Planned Security Level HOW? Implement at any Security Level or Use System Functions DSPUSRPRF DSPOBJAUT 64 DSPPGMADP . . . Status Auditing – SECTOOLS • Additional i5/OS commands to help you manage security – – – – Available through Individual command Menu SECTOOLS (commands run interactively) Menu SECBATCH (report commands submitted or scheduled) • Work with profiles (SECTOOLS) – – – – Disable users during specified periods Delete or disable a user on a specific date Disable profile after certain inactivity period Analyze profile for default passwords • Work with auditing (SECTOOLS) – One-step set-up – Display auditing system values •65 Security reports (SECTOOLS and SECBATCH) Using the History Log • Used to monitor for: – – – – Start and completion of jobs Device status messages System operator messages and responses Failed sign-on attempts • To display the contents: – DSPLOG LOG(QHST) .... • To display a specific message range: – DSPLOG LOG(QHST) MSGID(CPF2200) 66 Event Auditing • Audit journal monitors events – Save/Restore information – Authorization failures and references to objects through interfaces not supported – Deleted objects – Security related functions – Action auditing information – … • The levels of auditing : – – – – 67 System wide auditing Auditing by specific user Auditing by specific object Combination of the above Security will be continued … • Internet and TCP/IP Security – NAT, IP Filter, SSL, VPN, … • Encryption • Object Signing • Enterprise Identity Mapping • Virus Scanner • …. 68 Outline • 系统管理基础 • System i安全设计 – 访问控制(Access control) – 资源安全(Resource Security) – 管理控制(Administrative Control) • 备份与恢复 – – – – – – 备份介质 备份示例 备份面临的挑战 备份策略 恢复示例 课堂练习 备份与恢复 • 可用性 – 例:灾难类型与停机时间 类型 频度 停止工作时间频度 系统失败 非常少 天 硬盘失败 非常少 天 程序错误 少 小时 用户错误 少 小时 比较多 未知 未知 未知 数据文件错误 电源失效 • 可用性评价指标 – 可用性 = (计划的系统工作时间–故障停机时间)/系统计划工作时间*100% 存储分类 • 连接位置 – 内置存储 – 外置存储 • 介质类型 – – – – 磁带 光盘:只读光盘、读写光盘 磁盘 软盘 • 连接方式 – 直连存储 – 存储网络 SAN – 网络存储 NAS • 智能程度 – JBOD:一堆裸磁盘 – RAID磁盘阵列 – 智能存储 备份介质 • 磁带的特点 – – – – – 容量:随着备份数据的增长,可以随时追加磁带进行新的备份,从而扩大备份的容量。 安全:存储备份数据的磁带可以异地存放,以保证备份数据的安全。 成本:磁带的容量一般比较大,比较其他存储介质,每GB数据的存储成本更低。 可复用性:可以重复、循环使用。 加密:若使用可加密型磁带设备对磁带进行加密,可防止未经授权的非法访问。 • 光盘的特点 – 数据读写率:光盘存储设备具有随机存取功能,访问数据的循序不依赖于存储顺序。 多个用户可以同时访问一个光盘。而磁带则是顺序读写。 – 数据传输率:磁带的数据传送速率通常要比光盘的数据传送速率高。 – 耐久性:光盘介质可以保存50年的数据。 – 归档:只能一次写入的光盘适合用于数据归档。 – 可移植性:使用多次可擦写光盘介质备份的数据,可以被其他任何支持相同文件格式 的系统读取。 • 磁带 vs 光盘 谁优? 备份介质 • 备份文件 – 在系统硬盘中建立的一块和磁带结构完全一致的顺序存储区域,他是一个系统对象 (*FILE),属性是*SAVF。 – 由于备份文件建立在硬盘上,用它进行备份和恢复速度非常快,适用于短时间内备份 大量数据的情况。 – 可通过网络使用备份文件,将数据从一个系统传送到另一个系统中。 – 注意:备份文件不能用作长期保存数据的介质,应当在系统工作负载较轻时将数据从 备份文件保存至其他外部存储介质上。 • 虚拟设备 – 虚拟设备包括虚拟磁带设备和虚拟光盘设备。 – 特点:适合进行无须人工干预的自动备份操作。 当映像目录(Image Catalog)为虚拟设备分配的容量不足以完成备份操作时,系统 还能自动创建额外的虚拟设备来进行数据备份。 – 操作方法:使用IMGCLG(映像目录)菜单,用户可以完成对虚拟设备的操作,包括创建 映像目录、添加映像目录、安装或者卸载映像目录等。访问命令 GO IMGCLG。 备份与恢复 • 系统备份方法:普通备份与备份辅助存储器(Save Storage) – 普通备份,使用Save命令按顺序备份系统信息和用户数据。Save使用灵活,占用 存储介质少,还可以有选择地进行恢复。 – 备份辅助存储器,使用SAVSTG命令备份整个辅助存储器。SAVSTG直接按照扇区顺 序写入磁带,有快速、高效的特点,可用于紧急情况下备份和恢复整个系统,但 是在恢复时磁带结构应与备份时一致。 • 增量备份 – 增量备份只备份指定日期之后发生变化的数据。节约备份时间和存储介质。 • 即时备份(Save-while-active) – 当系统备份时,数据不能被其他程序修改。对于一些不能停止的业务来讲,会造 成数据与备份数据的不一致。i/OS操作系统的所有备份命令都有一个SAVACT参数, 设置这个参数可以将正在被修改的数据备份下来,同时保持了数据的一致性。 • BACKUP菜单 – 该菜单提供了系统自动定时备份功能,允许用户对备份的时间、备份内容及存储 介质的使用进行定制,可以在不干扰用户使用的情况下自动备份。 • 存取路径备份(Access Path) – 对于数据库文件,备份存取路径,可以减少重建存取路径的消耗。系统提供了在 备份数据的同时备份存取路径的功能,可以减少40%左右的恢复时间。 备份示例 • IBM Power System i/OS操作系统 – 用户可以使用备份SAVE菜单或者调用CL命令来执行备份命令。 – 条件:备份策略。 – 若使用最简单的备份策略,可以直接使用备份菜单中的选项21、22和23即可。 • 示例演示 – – – – GO SAVE 21:全系统备份 22:系统数据备份 23:用户数据备份 • 备份任务菜单 – – – – GO BACKUP 执行周期性的备份操作并进行相关性的设置。 在第一次运行周期性备份任务之前,需要设置和启用备份调度计划。 GO SETUPBCKUP 或选择备份任务菜单的选项 “10”。 备份示例 • 全系统备份 – – – – 立即或者在指定时间开始备份; 将系统操作员(QSYSOPR)消息队列的传送方式更改为*BREAK 或*NOTIFY; 结束所有子系统; 备份如下内容: • 许可内码; • 系统库QSYS; • 安全对象,包括用户概要文件; • 设备配置对象; • 所有由IBM提供的库,包括包含用户数据的库; • 所有用户库; • 所有邮件; • 所有文件夹; • 所有文档; • 目录中的所有对象。 – 启动控制子系统。 • 注意:备份时系统要处于受限的状态。即备份开始后,用户不能访问系统,系 统只执行备份这一项作业。 备份示例 • 全系统备份代码示例 – – – – – – – ENDSBS SBS(*ALL) OPTION(*IMMED) CHGMSGQ MSGQ(QSYSOPR) DLVRY(*BREAK or *NOTIFY) SAVSYS SAVLIB LIB(*NONSYS) ACCPTH(*YES) SAVDLO DLO(*ALL) FLR(*ANY) SAV OBJ((‘/*’)(‘/QSYS.LIB’ *OMIT)(‘/QDLS’ *OMIT)) UPDHST(*YSE) STRSBS SBSD (controlling subsystem) 备份面临的挑战 • 日志管理(Journal management) – 备份及恢复仅对数据进行,但是从最后一次备份到灾难发生时刻之间的数据并没有备 份下来。可以用日志管理和提交控制解决这一问题。 – 日志管理是是数据库的基本功能之一。在程序对数据进行操作的同时,系统将操作的 数据内容按照时间先后顺序,写入一个日志接收器(*JRNRCV, Journal Receiver)。 一旦数据库被破坏了,只要保留了日志接收器,通过相应的日志管理命令,可以将数 据恢复到灾难发生前的状态。 • 关键业务可用性解决方案 – 双活,Active-Active 备份策略 • 备份策略取决于业务能够承受的最长停止工作时间(Save Window) 。 • 简单备份策略 – 每周备份整个系统 – 每天备份所有用户数据 • 中等备份策略 – 每周备份整个系统 – 每半周备份所有用户数据 – 每天备份改变了的数据或者日志接收器 • 复杂备份策略 – – – – 每周备份整个系统 每半周备份所有用户数据 每天备份改变了的数据或者日志接收器 必要时使用即时备份功能(SAVACT) 备份策略(i/OS默认策略) • 每日备份 – 只备份列表中定义的用户库中已更改的目标 – 备份列表中定义的文件夹 – 备份所有的目录 • 每周备份 – 备份所有的用户库 – 备份所有的文件夹 – 备份所有的目录 • 每月备份 – – – – 备份所有的用户库 备份所有的文件夹 备份所有的目录 备份安全数据和配置数据 恢复示例 • IBM Power System i/OS操作系统 – 用户可以使用恢复RESTORE菜单或者调用CL命令来执行恢复操作。 – 恢复菜单:GO RESTORE • 可以直接使用备份菜单中的选项21、22和23即可。 – 全系统恢复 – 系统数据恢复 – 用户数据恢复 恢复示例 • 全系统恢复 – 将系统操作员(QSYSOPR)消息队列的传送方式更改为*BREAK 或*NOTIFY; – 结束所有子系统; – 恢复如下内容: • 用户概要文件; • 配置对象; • 所有由IBM提供的库,包括包含用户数据的库; • 所有用户库; • 所有邮件; • 所有文件夹; • 所有文档; • 目录中的所有对象; • 专用权限。 – 启动控制子系统。 常用CL备份命令 • IBM Power System i/OS操作系统常用备份命令 – – – – SAVSYS:用于保存许可内码、QSYS库、安全对象和配置对象的内容。 SAVSECDTA:用于保存系统全部的安全信息。 SAVCFG:用于保存所有配置对象和系统资源管理对象。 SAVLIB:备份一个或多个库,包括库描述、对象描述和库中对象的内容。对 于作业队列、消息队列和逻辑文件,则只保存对象定义,不保存内容。 – SAVOBJ:用于备份位于同一个库中的一个或多个对象。 当参数“对象OBJ”被指定为“*ALL”时,可以保存参数“库LIB”中所列 出的多个库中的所有对象。当保存到备份文件SAVF时,则只能指定一个库。 – SAVCHGOBJ:用于备份已经被更改的对象。 使用该命令能够备份自参考日期起 被修改过的一个或者多个被更改的对象。 当参数“对象OBJ”被指定为“*ALL”时,可以保存所有用户库或库列表中的对象。 当保存到备份文件SAVF时,则只能指定一个库。对于数据库文件,则只保存已经更改 的成员。 – SAV:用于保存在集成文件系统中使用的一个或多个对象。 – SAVSTG:用于将许可内码和辅助存储器的内容保存至磁带。该功能可用于灾 难恢复备份和恢复安装整个系统。单个的库或对象不能从该备份磁带中恢复。 – SAVDLO:用于保存指定的文档、文件夹或者分发对象(邮件)。 常用CL恢复命令 • IBM Power System i/OS操作系统常用的恢复命令 – RSTLIB:将由SAVLIB命令保存的一个库或一组库恢复到系统中,包括库描述、 对象描述和库中对象的内容。对于作业队列、消息队列、用户队列和逻辑队 列文件,则仅恢复对象描述。为什么? – RSTOBJ:用于恢复备份在备份介质上的位于同一个库中的一个或多个对象。 – RST:用于恢复在集成文件系统中使用的一个或多个对象。 – RSTUSRPRF:用于恢复用户概要文件的基本部分,以及由SAVSYS命令或 SAVSECDTA命令保存的一组用户概要文件。 – RSTAUT:用于将专用权限恢复至用户概要文件。 – RSTCFG:用于将通过SAVSYS或SAVCFG命令保存的配置对象恢复到系统上。 – RSTDLO:用于恢复文档、文件夹和分发对象(邮件)。 课堂练习 Saving a library to and restoring it from a save file Questions & Answers?
