| Title: | VAX and Alpha VMS |
| Notice: | This is a new VMSnotes, please read note 2.1 |
| Moderator: | VAXAXP::BERNARDO |
| Created: | Wed Jan 22 1997 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 703 |
| Total number of notes: | 3722 |
A security conscious customer posed a couple of questions about backup that I couldn't answer. Any input about the following sure would be appreciated... He's interested in using an image mode backup of a disk to transfer files from one system to another but wants to be sure that additional information isn't being brought along with the files. Here's his scenario: Let's say I'm moving a file with a length of 1436 bytes from a disk with a cluster size of 4 blocks. I want to be sure that only the 1436 bytes in the file are actually being put to tape during the image backup - not the additional 100 bytes that it would take to pad the third block in the cluster and, certainly none of the 4th block in the cluster. That way, when I do my restore to the new system, I can be assured that nobody on the new system will be able to scavage any old data that used to be on my old system - they'll only be getting files, not extraneous data. I suggested that he enable high-water marking on his current system to insure that any additional bytes that might be transferred would be unusable but he doesn't want to take the performance hit. Can anybody provide some insight on exactly what gets written to tape during an image backup? As always, thanks in advance. tim moffitt sales support, Denver
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 581.1 | /trunc | STAR::EVERHART | Mon May 12 1997 16:09 | 8 | |
It is certainly possible to use /truncate on both write and read to
avoid writing extra stuff. Backup accepts this on /image mode
copies, though I can't say with certainty that nothing extra gets
on the tape. Certainly when restoring a tape made with /trunc
to a disk with cluster factor 1, the extra blocks are not there.
Extra stuff in the last block is less clear. One of the backup
designers/maintainers will need to reply on that.
| |||||
| 581.2 | This is "Highwater Marking"... | XDELTA::HOFFMAN | Steve, OpenVMS Engineering | Mon May 12 1997 17:47 | 26 |
With highwater marking enabled on the source file(s) or source volume(s), the answer to the question should be obvious -- there is no "scavenging" permissible without correspondingly powerful user privileges... As a general rule, if the customer has the access for image mode or standalone operations, then by definition, the user has full-privileged volume access -- the entire volume can be read. If the target system has file highwater marking, only privileged users there can see any data between the EOF and the end of allocated space. The overhead of highwater marking is very minor, save for the case when an access is regularly performed well beyond the current end of file, when the endof-file has to be moved out by a large value, and erasure of the intervening space must occur. Or when there is file-level sharing going on, when the XQP switches over to a more conservative erase-on-allocate scheme. As an option here, keep one volume around with highwater marking and erase-on-delete, etc, enabled, and COPY files to this area for staging for later transference to the remote (less-trusted) system. And, to answer your question, BACKUP honors the highwater marking setting on the file or volume -- if highwater marking is not enabled, then I would not expect BACKUP to enforce it... | |||||
| 581.3 | Thanks! | DECIDE::MOFFITT | Mon May 12 1997 18:43 | 9 | |
Two great answers in exactly two hours - I love notes. Thank you both for your input - I'll pass it along to the customer this afternoon. Steve, the idea of keeping a spare volume around with highwater marking enabled (and initted with a cluster size of 1) is great! I wish I'd have thought of that. Thanks again, tim moffitt | |||||
| 581.4 | AUSS::GARSON | DECcharity Program Office | Mon May 12 1997 20:04 | 20 | |
re .0
>Let's say I'm moving a file with a length of 1436 bytes from a disk with a
>cluster size of 4 blocks. I want to be sure that only the 1436 bytes in the
>file are actually being put to tape during the image backup - not the
>additional 100 bytes that it would take to pad the third block in the
>cluster and, certainly none of the 4th block in the cluster.
At a quick look with BACK/ANA it would seem that BACKUP always saves
complete 512 byte blocks but does not save beyond the block containing
EOF. [BACKUP will store on the saveset the ALQ and by default when
restoring the file will allocate this amount but any scavenging caused by
this occurs on the target system.]
I have never seen data to scavenge beyond EOF in the last block but if
it's there I wouldn't be confident that it is not being saved unless
Mr BACKUP says otherwise. You could test it out for yourself of course.
P.S. It is near impossible to find a disk to initialise with cluster size 1
these days. Disks are too big for this.
| |||||
| 581.5 | working from the other end | GIDDAY::GILLINGS | a crucible of informative mistakes | Mon May 12 1997 22:47 | 6 |
re .0: If the customer is parinoid enough about extra bits left around the place to worry about backups, perhaps he should consider setting the volume to ERASE-ON-DELETE ($ SET VOLUME/ERASE_ON_DELETE disk). That way they won't have stray information left on the disk at all. John Gillings, Sydney CSC | |||||