Link to home
Start Free TrialLog in
Avatar of sminfo
sminfo

asked on

policy set, management clases and node client relationship.

Hi,

This is part of 'q copyg' for a domain in our TSM 5.5 server:

DOMAIN_NAME            SET_NAME               CLASS_NAME             VEREXISTS     VERDELETED     RETEXTRA     RETONLY      DESTINATION
------------------     ------------------     ------------------     ---------     ----------     --------     --------     ------------------
BIBMD                  ACTIVE                 DB2D                   1             0              0            0            STGDENTL
BIBMD                  ACTIVE                 DB2ST                  1             0              0            0            STGDENTL
BIBMD                  ACTIVE                 DEFECTED               2             1              30           60           STGDENTL
BIBMD                  ACTIVE                 FTX365D                NOLIMIT       NOLIMIT        365          365          STG365DD
BIBMD                  ACTIVE                 MGC007D                NOLIMIT       NOLIMIT        7            10           STG007DD
BIBMD                  ACTIVE                 MGC040D                NOLIMIT       NOLIMIT        40           50           STG040DD
BIBMD                  ACTIVE                 MGCDENT                3             1              30           NOLIMIT      STGDENTL
BIBMD                  ACTIVE                 MGCDSYS                3             1              NOLIMIT      NOLIMIT      STGDSYSL
BIBMD                  ACTIVE                 MGDSYS1                1             1              NOLIMIT      NOLIMIT      STGPSYSD
BIBMD                  ALTAMIRAD              DB2D                   1             0              0            0            STGDENTL
BIBMD                  ALTAMIRAD              DB2ST                  1             0              0            0            STGDENTL
BIBMD                  ALTAMIRAD              DEFECTED               2             1              30           60           STGDENTL
BIBMD                  ALTAMIRAD              FTX365D                NOLIMIT       NOLIMIT        365          365          STG365DD
BIBMD                  ALTAMIRAD              MGC007D                NOLIMIT       NOLIMIT        7            10           STG007DD
BIBMD                  ALTAMIRAD              MGC040D                NOLIMIT       NOLIMIT        40           50           STG040DD
BIBMD                  ALTAMIRAD              MGCDENT                3             1              30           NOLIMIT      STGDENTL
BIBMD                  ALTAMIRAD              MGCDSYS                3             1              NOLIMIT      NOLIMIT      STGDSYSL
BIBMD                  ALTAMIRAD              MGDSYS1                1             1              NOLIMIT      NOLIMIT      STGPSYSD

Open in new window


First question here is which of the two policy sets (Active) or (ALTAMIRAD) is the policy all node client uses? Active?

Now,  we have a LPAR which is om this domain:
tsm: DOM_TSM>q node middledes

Node Name                     Platform     Policy Domain      Days Since     Days Since     Locked?
                                           Name               Last Acce-       Password
                                                                      ss            Set
-------------------------     --------     --------------     ----------     ----------     -------
MIDDLEDES                     AIX          DOMD                      <1          1,038       No

Open in new window


This LPAR has this inclexcl (only excludes, no includes)

exclude.dir     /SOFT
exclude.dir     /soft
exclude.dir     /CORES/
exclude.dir     /backups
exclude.dir     /BACKUPS
exclude.dir     /audit

Open in new window


But if I make a query backup of, '/usr/' or '/var/' or other filesystem it says it does not have any files backuped, see:

dsmc q ba "/usr/*"
IBM Tivoli Storage Manager
Command Line Backup-Archive Client Interface
  Client Version 6, Release 2, Level 5.0
  Client date/time: 09/13/13   12:01:23
(c) Copyright by IBM Corporation and other(s) 1990, 2013. All Rights Reserved.

Node Name: MIDDLEDES
Session established with server DOM_TSM: AIX-RS/6000
  Server Version 5, Release 5, Level 4.3
  Server date/time: 09/13/13   12:01:23  Last access: 09/13/13   11:43:02

ANS1092W No files matching search criteria were found

dsmc q ba "/var/*"
IBM Tivoli Storage Manager
Command Line Backup-Archive Client Interface
  Client Version 6, Release 2, Level 5.0
  Client date/time: 09/13/13   12:01:36
(c) Copyright by IBM Corporation and other(s) 1990, 2013. All Rights Reserved.

Node Name: MIDDLEDES
Session established with server DOM_TSM: AIX-RS/6000
  Server Version 5, Release 5, Level 4.3
  Server date/time: 09/13/13   12:01:36  Last access: 09/13/13   12:01:23

ANS1092W No files matching search criteria were found

Open in new window


Second question is, why is not backup any files on /usr or /var or any other filesystem of the LPAR?

Note: there's no error in incremental backup, indeed if I make a manual dsmc incre -ver is shows this:

dsmc incre -ver

Incremental backup of volume '/'
Incremental backup of volume '/usr'
Incremental backup of volume '/var'
Incremental backup of volume '/home'
Incremental backup of volume '/admin'
Incremental backup of volume '/opt'
Incremental backup of volume '/var/adm/ras/livedump'
Incremental backup of volume '/var/syslog'
Incremental backup of volume '/SOFT'
Incremental backup of volume '/LOGS'
Incremental backup of volume '/audit'
Incremental backup of volume '/CORES'
Incremental backup of volume '/admin_tools'
Incremental backup of volume '/backups'
Incremental backup of volume '/var/mqm/log'
Incremental backup of volume '/SNA_IP'
ANS1898I ***** Processed       500 files *****
Successful incremental backup of '/SNA_IP'

ANS1898I ***** Processed    10,000 files *****
Special File-->                0 /dev/pts/1 [Sent]
Successful incremental backup of '/'

ANS1898I ***** Processed    83,000 files *****
Successful incremental backup of '/usr'

ANS1898I ***** Processed   103,500 files *****
Successful incremental backup of '/var'

Normal File-->             1,814 /home/isga01s/.history.isga01s/.sh_history.isga01s.isga0 [Sent]
Normal File-->               126 /home/isga01s/.vi_history [Sent]

ANS1898I ***** Processed   115,500 files *****
<    1.00 KB> [ - ]
Successful incremental backup of '/home'

Successful incremental backup of '/admin'

Successful incremental backup of '/opt'

Successful incremental backup of '/var/adm/ras/livedump'

ANS1115W File '/SOFT' excluded by Include/Exclude list
Directory-->               4,096 /var/syslog/ [Sent]
Successful incremental backup of '/var/syslog'

Successful incremental backup of '/SOFT'

ANS1898I ***** Processed   121,500 files *****
ANS1115W File '/audit' excluded by Include/Exclude list
Successful incremental backup of '/LOGS'

Successful incremental backup of '/audit'

ANS1898I ***** Processed   122,000 files *****
Successful incremental backup of '/CORES'

ANS1115W File '/backups' excluded by Include/Exclude list
Successful incremental backup of '/admin_tools'

Successful incremental backup of '/backups'

Successful incremental backup of '/var/mqm/log'

Total number of objects inspected:  122,423
Total number of objects backed up:        4
Total number of objects updated:          0
Total number of objects rebound:          0
Total number of objects deleted:          0
Total number of objects expired:          0
Total number of objects failed:           0
Total number of bytes inspected:      10.27 GB
Total number of bytes transferred:     1.00 KB
Data transfer time:                    0.00 sec
Network data transfer rate:        500,488.28 KB/sec
Aggregate data transfer rate:          0.00 KB/sec
Objects compressed by:                   50%
Total data reduction ratio:          100.00%
Elapsed processing time:           00:02:33

Open in new window

SOLUTION
Avatar of woolmilkporc
woolmilkporc
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sminfo
sminfo

ASKER

ok with policy set...

ok with / on /CORES...;)

but, with dsmc -subdir=yes, now it showed only folders inside /usr ( see image attached) but /usr has tons of folders, see below:

ls -ltr /usr|grep  "^d"
drwxr-xr-x    4 bin      bin             256 Jan 01 1970  xlmass
drwxr-xr-x    2 root     security        256 Apr 27 2006  tcpwrapper
drwxr-xr-x    4 bin      bin             256 Mar 20 2010  suma
drwxrwxr-x    2 bin      bin             256 Apr 15 2010  usg
drwxr-xr-x    3 bin      bin             256 Apr 15 2010  sysv
drwxr-xr-x    4 bin      bin             256 Apr 15 2010  ccs
drwxrwxr-x    4 bin      bin             256 Apr 15 2010  sys
drwx------    2 root     system          256 Jul 07 2010  lost+found
drwxr-xr-x    3 bin      bin             256 Jul 07 2010  aix
drwxr-xr-x    6 root     system          256 Jul 07 2010  pmapi
drwxr-xr-x    5 root     system          256 Jul 07 2010  icu4c
drwxr-xr-x    3 root     system         4096 Jul 07 2010  etc
drwxr-xr-x    3 root     system          256 Jul 07 2010  perfagent
drwxrwxr-x    5 bin      bin             256 Jul 07 2010  websm
drwx------    4 root     system          256 Jul 07 2010  emgrdata
drwxr-xr-x   11 bin      bin            4096 Jul 13 2010  vac
drwxr-xr-x    4 bin      bin             256 Jul 13 2010  idebug
drwxr-xr-x   10 bin      bin            4096 Jul 13 2010  vacpp
drwxr-xr-x    5 bin      bin             256 Jul 13 2010  opt
drwxr-xr-x    5 root     system          256 Jul 28 2010  es
drwxrwxr-x   41 root     system         4096 Nov 04 2010  swlag
drwxr-xr-x    2 root     system          256 Dec 22 2010  src
drwxr-xr-x    5 root     system          256 Dec 22 2010  linux
drwxrwxrwx    8 root     system          256 Jan 31 2011  local
dr-x------    2 root     system          256 Aug 03 2011  openssh
drwxr-xr-x   34 bin      bin            4096 Aug 08 2011  samples
drwxr-xr-x    7 root     security        256 Aug 08 2011  krb5
drwxr-xr-x    4 root     system          256 Mar 22 2012  tivoli
drwxr-xr-x    2 root     system          256 Mar 22 2012  openssl
drwxrwxr-x    2 bin      bin            4096 Jan 07 2013  ucb
drwxr-xr-x    4 bin      bin            4096 Jan 07 2013  lbin
dr-xr-xr-x   17 mqm      mqm            4096 Jan 07 2013  mqm
drwxr-xr-x    7 bin      bin             256 Jan 11 2013  java5_64
drwxr-xr-x    7 bin      bin             256 Jan 11 2013  java5
drwxr-xr-x    2 bin      bin             256 Jan 16 2013  X11R7
drwxr-xr-x   33 bin      bin           16384 Jan 16 2013  include
drwxr-xr-x    8 bin      bin            4096 Jan 16 2013  share
drwxr-xr-x    2 bin      bin             256 Jan 16 2013  X11R6
drwxr-xr-x    9 bin      bin           53248 Sep 02 17:00 sbin
drwxr-xr-x  203 root     system        12288 Sep 02 17:00 lpp
drwxr-xr-x   37 bin      bin           32768 Sep 02 17:00 lib
drwxr-xr-x    3 bin      bin           53248 Sep 02 17:00 bin

Open in new window


Is it normal?
What is the default management class?

dsmc q mgmt

What do you see with

dsmc q ba "/usr/bin/*" -subdir=yes

and is there a huge difference to

dsmc q ba "/usr/bin/*" -subdir=yes -inact

?

Use "-scrollp=yes" to page the output if necessary. You can also add "|grep " I " | wc -l" to the second command to count the inactive versions (shouldn't be many, if at all).
Avatar of sminfo

ASKER

here is:

dsmc q mgmt
IBM Tivoli Storage Manager
Command Line Backup-Archive Client Interface
  Client Version 6, Release 2, Level 5.0
  Client date/time: 09/13/13   13:23:47
(c) Copyright by IBM Corporation and other(s) 1990, 2013. All Rights Reserved.

Node Name: MIDDLEDES
Session established with server BIBM_TSM: AIX-RS/6000
  Server Version 5, Release 5, Level 4.3
  Server date/time: 09/13/13   13:23:47  Last access: 09/13/13   13:04:17

Domain Name               : DOM
Activated Policy Set Name : ALTAMIRAD
Activation date/time      : 01/30/12   15:54:12
Default Mgmt Class Name   : DEFECTED
Grace Period Backup Retn. : 30 day(s)
Grace Period Archive Retn.: 365 day(s)

MgmtClass Name                  : DB2D
Description                     : Management Class DB2D

MgmtClass Name                  : DB2ST
Description                     : Management Class DB2ST

MgmtClass Name                  : DEFECTED
Description                     :

MgmtClass Name                  : FTX365D
Description                     : M.Class de fitxers amb retenció de 365 dies

MgmtClass Name                  : MGC007D
Description                     : Backup Fitxers (Retencio 7 dies)

MgmtClass Name                  : MGC040D
Description                     : Backup Fitxers (Retencio 40 dies)

MgmtClass Name                  : MGCDENT
Description                     : Management Class Entorn de desenvolupament

MgmtClass Name                  : MGCDSYS
Description                     : Management Class Desenvolupament SYS

MgmtClass Name                  : MGCDTMP
Description                     : Management Class Temporal

MgmtClass Name                  : MGDSYS1
Description                     : Backup indefinido (una sola copia por fichero)

Open in new window

dsmc q ba "/usr/bin/*" -subdir=yes
IBM Tivoli Storage Manager
Command Line Backup-Archive Client Interface
  Client Version 6, Release 2, Level 5.0
  Client date/time: 09/13/13   13:25:26
(c) Copyright by IBM Corporation and other(s) 1990, 2013. All Rights Reserved.

Node Name: MIDDLEDES
Session established with server BIBM_TSM: AIX-RS/6000
  Server Version 5, Release 5, Level 4.3
  Server date/time: 09/13/13   13:25:26  Last access: 09/13/13   13:23:47

           Size        Backup Date                Mgmt Class           A/I File
           ----        -----------                ----------           --- ----
            26  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/b2m
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/c++
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/cpp
            32  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/emacs-nox
            34  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/emacsclient
            28  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/etags
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/g++
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/gcc
            29  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/gccbug
            27  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/gcov
            29  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/gctags
            27  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/info
            30  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/infokey
            49  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-c++
            49  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-g++
            49  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-gcc
            55  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-gcc-4.2.4
            34  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/rcs-checkin

Open in new window


dsmc q ba "/usr/bin/*" -subdir=yes -inact
IBM Tivoli Storage Manager
Command Line Backup-Archive Client Interface
  Client Version 6, Release 2, Level 5.0
  Client date/time: 09/13/13   13:26:10
(c) Copyright by IBM Corporation and other(s) 1990, 2013. All Rights Reserved.

Node Name: MIDDLEDES
Session established with server BIBM_TSM: AIX-RS/6000
  Server Version 5, Release 5, Level 4.3
  Server date/time: 09/13/13   13:26:10  Last access: 09/13/13   13:25:26

           Size        Backup Date                Mgmt Class           A/I File
           ----        -----------                ----------           --- ----
            26  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/b2m
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/c++
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/cpp
            32  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/emacs-nox
            34  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/emacsclient
            28  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/etags
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/g++
            26  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/gcc
            29  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/gccbug
            27  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/gcov
            29  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/gctags
            27  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/info
            30  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/infokey
            49  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-c++
            49  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-g++
            49  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-gcc
            55  B  02/09/11   17:35:20             DEFAULT              A  /usr/bin/powerpc-ibm-aix6.1.0.0-gcc-4.2.4
            34  B  01/16/13   17:48:15             DEFAULT              A  /usr/bin/rcs-checkin

Open in new window


wmp.. why is the activated policy 'ALTAMIRAD' instead 'ACTIVE'?
Strange that you told me "... with dsmc "/usr/*" -subdir=yes, now it showed only folders ..."
but, as you can see, "dsmc "/usr/bin/*" -subdir=yes" does indeed show files.
Please check again "dsmc "/usr/*" -subdir=yes"

Forget "-inact", that's been a wrong track.

Now, check for the effective copygroup at this moment:

Q COPYG DOM ALTAMIRAD DEFECTED

What do you see?

Does the client in question have a Client Optionset? Run under dsmadmc

Q NODE MIDDLEDES F=D

and look for "Optionset".

The "Activated" policyset is the one you last copied over "Active" by means of "ACT POL DOM ALTAMIRAD".
Please distinct between "Active" and "Activated"!
Avatar of sminfo

ASKER

dsmc q b "/usr/*" -subdir=yes" shows the same output of the file I have attached before. Find the file attached as user-list2.txt

tsm: TSM>Q COPYG BIBMD ALTAMIRAD DEFECTED

Policy        Policy        Mgmt          Copy          Versions     Versions       Retain      Retain
Domain        Set Name      Class         Group             Data         Data        Extra        Only
Name                        Name          Name            Exists      Deleted     Versions     Version
---------     ---------     ---------     ---------     --------     --------     --------     -------
BIBMD         ALTAMIRAD     DEFECTED      STANDARD             2            1           30          60

Open in new window



tsm: BIBM_TSM>Q NODE MIDDLEDES F=D

                     Node Name: MIDDLEDES
                      Platform: AIX
               Client OS Level: 6.1
                Client Version: Version 6, release 2, level 5.0
            Policy Domain Name: BIBMD
         Last Access Date/Time: 09/13/13   13:50:19
        Days Since Last Access: <1
        Password Set Date/Time: 11/10/10   11:48:48
       Days Since Password Set: 1,038
         Invalid Sign-on Count: 0
                       Locked?: No
                       Contact: SISTEMES
                   Compression: Client
       Archive Delete Allowed?: Yes
        Backup Delete Allowed?: No
        Registration Date/Time: 11/10/10   11:48:48
     Registering Administrator: ADMIN
Last Communication Method Used: Tcp/Ip
   Bytes Received Last Session: 1.27 M
       Bytes Sent Last Session: 5.03 M
      Duration of Last Session: 153.26
   Pct. Idle Wait Last Session: 27.76
  Pct. Comm. Wait Last Session: 0.00
  Pct. Media Wait Last Session: 16.82
                     Optionset:
                           URL: http://middledes:1581
                     Node Type: Client
    Password Expiration Period: 0 Day(s)
             Keep Mount Point?: No
  Maximum Mount Points Allowed: 1
        Auto Filespace Rename : No
             Validate Protocol: No
                   TCP/IP Name: middledes
                TCP/IP Address: 172.16.32.33
            Globally Unique ID: 17.76.30.a2.8e.9e.11.df.81.2b.08.63.ac.10.20.03
         Transaction Group Max: 0
               Data Write Path: ANY
                Data Read Path: ANY
            Session Initiation: ClientOrServer
            High-level Address:
             Low-level Address:
        Collocation Group Name:
              Proxynode Target:
               Proxynode Agent:
                   Node Groups:

                 Email Address:

Open in new window

... the file I have attached before. Find the file attached as user-list2.txt ...

I can't see an attachment anywhere ...
Avatar of sminfo

ASKER

really sorryyyy ;)

That's the consequence to be working on two things at the same time..

forget user-list.txt file... find here user-list2.txt is from dsmc q b "/usr/*" -subdir=yes"
usr-list2.txt
I can see files there, but far too few. Is the list complete?

If it isn't, how many lines does the original list contain? Should be 100.000 or more!
Avatar of sminfo

ASKER

Yes..
[isga01s@middledes:/usr/tivoli/tsm/client/ba/bin64] dsmc q backup "/usr/*"  -subdir=yes|wc -l
    1282
[isga01s@middledes:/usr/tivoli/tsm/client/ba/bin64] cat /tmp/usr-list |wc -l
    1282

Open in new window


let me explain what I did in this client..
- I upgraded client to 6.2.5 version
- I changed dsm.opt, dsm.sys and inclexcl (believe me, all these files were bad configuration)

But I haven't touch the TSM side for any node, I mean, all setup on TSM is the same before migrate all clients to 6.2.5

don't really know what happen here...
Yes, that's far too few files. I never saw this before

Please run

dsmc i /usr -ve


The"***** Processed ..." lines and the stats at the end are of interest. What can you see?
Avatar of sminfo

ASKER

here is
ver.txt
Avatar of sminfo

ASKER

sorry  wmp.. got to leave now cause a personal problem.. we'll continue on monday

thanks for your patience... ;)
This is 100% normal behaviour. I really can't imagine why "q ba" shouldn't show the files!

Let's make a last try:

Run

dsmc

without parameter.

Then run

q ba /usr/ -subdir=yes

No asterisk, but "/" after "/usr"!

Does it look like huge output? If it does, run

q ba /usr/ -subdir=yes -scrollp=yes -scrollines=80

Do you have to hit <Enter> more than 30-40 times?

If so, terminate dsmc and try

dsmc q ba /usr/ -subdir=yes | wc -l

More than before?

If so, then the client seems to have a problem with the asterisk and your shell.

If nothing changes - well, let me think about it until Monday.

Have a nice weekend!
Avatar of sminfo

ASKER

back again...

OK, first q ba /usr/ -subdir=yes -scrollp=yes -scrollines=80 returned more than 40 screens

So, I run again dsmc q ba /usr/ -subdir=yes | wc -l and it seems to be the same as /usr/*, see below:

[isga01s@middledes:/usr/tivoli/tsm/client/ba/bin64] dsmc q ba /usr/ -subdir=yes | wc -l
    1282

Open in new window

So it looks as if with the dsmc shell everything looks fine, but with dsmc commandline there is something wrong.

Again:

dsmc | tee dsmc_shell.log
q ba /usr/ -subdir=yes -scrollp=no
quit

How big is dsmc_shell.log ?

And again

q ba /usr/ -subdir=yes -scrollp=no > dsmc_cmd.log

How big is dsmc_cmd.log ?

I just ran the above one one of my sytems and verified that both files do contain exactly the same number of lines (67269 FYI).
Avatar of sminfo

ASKER

wmp... I think I found the issue... the fact is all commands I have run on this thread were using my personal user with RBAC roles and not as root. See the same command as root:

[root@middledes:/]  dsmc q ba /usr/ -subdir=yes | wc -l
   75717

So, I believe this is normal.. what do you  think?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sminfo

ASKER

well... our role has this commands:

aix.fs
aix.fs.manage.backup
aix.fs.manage.restore
aix.fs.object.list
aix.fs.object.mode
aix.fs.object.owner
aix.lvm
aix.network
aix.proc
aix.security
aix.security.passwd
aix.security.role.list
aix.security.su
aix.security.user
aix.system
aix.system.boot.shutdown
aix.wpar
csia.sistemas.admin.scripts
csia.sistemas.admin.cmds
csia.explotacion.normal.scripts
csia.explotacion.normal.cmds
csia.operadores.normal.scripts
csia.operadores.normal.cmds
csia.desarrollo.internos.scripts
csia.desarrollo.internos.cmds
csia.desarrollo.externos.scripts
csia.desarrollo.externos.cmds

El role admincsia tiene como subroles:
rolelist=admincsia,rbaccsia,siscsia,ascsia,fscsia,permcsia,bascsia,shutcsia,killcsia,backcsia,restcsia,backrestcsia,db2csia,cicscsia,oraccsia,dcecsia,cluscsi
a,scropcsia,scrsistcsia,screxpcsia,scrdescsia,opcsia,expcsia,descsia


El autorizo aix.fs contiene los comandos:
/sbin/helpers/jfs2/backbyinode
/sbin/helpers/jfs2/chfs
/sbin/helpers/jfs2/chfs64
/sbin/helpers/jfs2/crfs
/sbin/helpers/jfs2/defragfs
/sbin/helpers/jfs2/diskusg
/sbin/helpers/jfs2/dumpfs
/sbin/helpers/jfs2/ff
/sbin/helpers/jfs2/fsck64
/sbin/helpers/jfs2/fscklog
/sbin/helpers/jfs2/fsdb
/sbin/helpers/jfs2/istat
/sbin/helpers/jfs2/logform
/sbin/helpers/jfs2/logredo64
/sbin/helpers/jfs2/lsfs
/sbin/helpers/jfs2/mkfs
/sbin/helpers/jfs2/mount
/sbin/helpers/jfs2/ncheck
/sbin/helpers/jfs2/quotacheck
/sbin/helpers/jfs2/rdump
/sbin/helpers/jfs2/restbyinode
/sbin/helpers/jfs2/rollback
/sbin/helpers/jfs2/rrestore
/sbin/helpers/jfs2/snapshot
/sbin/helpers/jfs2/statfs64
/sbin/helpers/nfsmnthelp
/sbin/helpers/stnfsmnthelp
/sbin/helpers/v3fshelper
/usr/bin/aclconvert
/usr/bin/acledit
/usr/bin/aclget
/usr/bin/aclgettypes
/usr/bin/aclput
/usr/bin/alog
/usr/bin/chgrp
/usr/bin/chmod
/usr/bin/chown
/usr/bin/compress
/usr/bin/cpio
/usr/bin/filemon
/usr/bin/fileplace
/usr/bin/find
/usr/bin/istat
/usr/bin/listvgbackup
/usr/bin/ls
/usr/bin/mkdir
/usr/bin/pax
/usr/bin/rm
/usr/bin/rmdir
/usr/bin/syscorepath
/usr/bin/tar
/usr/bin/touch
/usr/bin/uncompress
/usr/sbin/backbyinode
/usr/sbin/backbyname
/usr/sbin/backup
/usr/sbin/cfgvg
/usr/sbin/chfs
/usr/sbin/chps
/usr/sbin/chroot
/usr/sbin/chvfs
/usr/sbin/crfs
/usr/sbin/crvfs
/usr/sbin/defragfs
/usr/sbin/dfsck
/usr/sbin/diskusg
/usr/sbin/dumpfs
/usr/sbin/edquota
/usr/sbin/ff
/usr/sbin/fsck
/usr/sbin/fsdb
/usr/sbin/getea
/usr/sbin/inuwpar
/usr/sbin/j2edlimit
/usr/sbin/lechofile
/usr/sbin/logform
/usr/sbin/logredo
/usr/sbin/lsfs
/usr/sbin/mkfs
/usr/sbin/mknod
/usr/sbin/mkps
/usr/sbin/mkramdisk
/usr/sbin/mount
/usr/sbin/ncheck
/usr/sbin/phold
/usr/sbin/pshare
/usr/sbin/quot
/usr/sbin/quota
/usr/sbin/quotacheck
/usr/sbin/quotaoff
/usr/sbin/quotaon
/usr/sbin/rdump
/usr/sbin/repquota
/usr/sbin/restbyinode
/usr/sbin/restbyname
/usr/sbin/rmfs
/usr/sbin/rmps
/usr/sbin/rmramdisk
/usr/sbin/rmvfs
/usr/sbin/rrestore
/usr/sbin/setea
/usr/sbin/shrinkps
/usr/sbin/skulker
/usr/sbin/swap
/usr/sbin/swapoff
/usr/sbin/swapon
/usr/sbin/umount
/usr/sbin/umountall
/usr/sbin/unmount

El autorizo aix.fs.manage.backup contiene los comandos:
/sbin/helpers/jfs2/backbyinode
/sbin/helpers/jfs2/rdump
/usr/bin/compress
/usr/bin/cpio
/usr/bin/pax
/usr/bin/tar
/usr/sbin/backbyinode
/usr/sbin/backbyname
/usr/sbin/backup
/usr/sbin/rdump

El autorizo aix.fs.manage.restore contiene los comandos:
/sbin/helpers/jfs2/restbyinode
/sbin/helpers/jfs2/rrestore
/usr/bin/listvgbackup
/usr/bin/pax
/usr/bin/tar
/usr/bin/uncompress
/usr/sbin/restbyinode
/usr/sbin/restbyname
/usr/sbin/rrestore

El autorizo aix.fs.object.list contiene los comandos:
/sbin/helpers/jfs2/ff
/sbin/helpers/jfs2/istat
/sbin/helpers/jfs2/ncheck
/sbin/helpers/v3fshelper
/usr/bin/find
/usr/bin/istat
/usr/bin/ls
/usr/sbin/ff
/usr/sbin/getea
/usr/sbin/ncheck
/usr/sbin/setea

El autorizo aix.fs.object.mode contiene los comandos:
/usr/bin/chmod

El autorizo aix.fs.object.owner contiene los comandos:
/usr/bin/chown

El autorizo aix.lvm contiene los comandos:
/usr/bin/restvg
/usr/sbin/allocp
/usr/sbin/chlv
/usr/sbin/chlvcopy
/usr/sbin/chpv
/usr/sbin/chvg
/usr/sbin/copyrawlv
/usr/sbin/cplv
/usr/sbin/exportvg
/usr/sbin/extendlv
/usr/sbin/extendvg
/usr/sbin/getlvcb
/usr/sbin/getlvname
/usr/sbin/getlvodm
/usr/sbin/importvg
/usr/sbin/lchangelv
/usr/sbin/lchangepv
/usr/sbin/lchangevg
/usr/sbin/lchlvcopy
/usr/sbin/lcreatelv
/usr/sbin/ldeletelv
/usr/sbin/ldeletepv
/usr/sbin/lextendlv
/usr/sbin/lmigratepp
/usr/sbin/lmktemp
/usr/sbin/lrecreatelvcb
/usr/sbin/lrecreatevg
/usr/sbin/lreducelv
/usr/sbin/lresynclp
/usr/sbin/lresynclv
/usr/sbin/lresyncpv
/usr/sbin/lsplitvg
/usr/sbin/lvaryoffvg
/usr/sbin/lvaryonvg
/usr/sbin/lvgenmajor
/usr/sbin/lvgenminor
/usr/sbin/lvmo
/usr/sbin/lvmstat
/usr/sbin/lvrelmajor
/usr/sbin/lvrelminor
/usr/sbin/migfix
/usr/sbin/migratelp
/usr/sbin/mirrorvg
/usr/sbin/mirscan
/usr/sbin/mklv
/usr/sbin/mklvcopy
/usr/sbin/mkvg
/usr/sbin/putlvcb
/usr/sbin/putlvodm
/usr/sbin/readvgda
/usr/sbin/recreatevg
/usr/sbin/redefinevg
/usr/sbin/reducevg
/usr/sbin/reorgvg
/usr/sbin/replacepv
/usr/sbin/rmlv
/usr/sbin/rmlvcopy
/usr/sbin/splitlvcopy
/usr/sbin/splitvg
/usr/sbin/synclvodm
/usr/sbin/syncvg
/usr/sbin/tstresp
/usr/sbin/unmirrorvg
/usr/sbin/updatevg
/usr/sbin/varyoffvg
/usr/sbin/varyonvg

El autorizo aix.network contiene los comandos:
/etc/nfs.clean
/etc/rc.bsdnet
/etc/rc.net
/etc/rc.net.serial
/etc/rc.nfs
/etc/rc.nfs4ss
/etc/rc.qos
/etc/rc.tcpip
/etc/securetcpip
/etc/slip.login
/etc/slip.logout
/sbin/helpers/nfsmnthelp
/usr/bin/Mail
/usr/bin/anno
/usr/bin/bellmail
/usr/bin/burst
/usr/bin/comp
/usr/bin/dig
/usr/bin/domainname
/usr/bin/hostname
/usr/bin/mail
/usr/bin/mailx
/usr/bin/mark
/usr/bin/netpmon
/usr/bin/next
/usr/bin/nslookup
/usr/bin/pick
/usr/bin/prev
/usr/bin/prompter
/usr/bin/refile
/usr/bin/repl
/usr/bin/rmf
/usr/bin/rmm
/usr/bin/rpcinfo
/usr/bin/ruser
/usr/bin/scan
/usr/bin/send
/usr/bin/show
/usr/bin/sortm
/usr/bin/talk
/usr/bin/tcptraceroute
/usr/bin/traceroute
/usr/bin/whatnow
/usr/bin/whois
/usr/bin/whom
/usr/lib/methods/cfgif
/usr/lib/methods/cfginet
/usr/lib/methods/cfgqos
/usr/lib/methods/cfgrcnet
/usr/lib/methods/chgif
/usr/lib/methods/chginet
/usr/lib/methods/defif
/usr/lib/methods/definet
/usr/lib/methods/deftunnel
/usr/lib/methods/stpinet
/usr/lib/methods/sttinet
/usr/lib/methods/ucfgif
/usr/lib/methods/ucfginet
/usr/lib/methods/ucfgqos
/usr/lib/methods/udefif
/usr/lib/methods/udefinet
/usr/lib/mh/spost
/usr/sbin/aixmibd
/usr/sbin/arp
/usr/sbin/autoconf6
/usr/sbin/autofsmount
/usr/sbin/automountd
/usr/sbin/binld
/usr/sbin/biod
/usr/sbin/bootpd
/usr/sbin/bootptodhcp
/usr/sbin/chnamsv
/usr/sbin/chnfs
/usr/sbin/chnfsdom
/usr/sbin/chnfsim
/usr/sbin/chnfsrtd
/usr/sbin/chnfssec
/usr/sbin/chprtsv
/usr/sbin/chrctcp
/usr/sbin/chservices
/usr/sbin/chsubserver
/usr/sbin/clsnmpne
/usr/sbin/dadmin
/usr/sbin/dfpd
/usr/sbin/dhcpaction
/usr/sbin/dhcpaction8
/usr/sbin/dhcpcd
/usr/sbin/dhcpcd6
/usr/sbin/dhcprd
/usr/sbin/dhcpremove
/usr/sbin/dhcpremove8
/usr/sbin/dhcpsconf
/usr/sbin/dhcpsd
/usr/sbin/dhcpsdv6
/usr/sbin/dnssec-keygen
/usr/sbin/dnssec-makekeyset
/usr/sbin/dnssec-signkey
/usr/sbin/dnssec-signzone
/usr/sbin/dpid2
/usr/sbin/editmap
/usr/sbin/entstat
/usr/sbin/exportfs
/usr/sbin/ftpd
/usr/sbin/gated
/usr/sbin/gdc
/usr/sbin/gettable
/usr/sbin/gssd
/usr/sbin/hostent
/usr/sbin/hostid
/usr/sbin/hostmibd
/usr/sbin/htable
/usr/sbin/ifconfig.gre
/usr/sbin/inetd
/usr/sbin/ip_auditpr
/usr/sbin/ipreport
/usr/sbin/iptrace
/usr/sbin/krlogind
/usr/sbin/krshd
/usr/sbin/mailq
/usr/sbin/makemap
/usr/sbin/mkhosts
/usr/sbin/mknamsv
/usr/sbin/mknfs
/usr/sbin/mknfsexp
/usr/sbin/mknfsmnt
/usr/sbin/mkprtsv
/usr/sbin/mkqos
/usr/sbin/mktcpip
/usr/sbin/mmtu
/usr/sbin/mosy
/usr/sbin/mrouted
/usr/sbin/mtrace
/usr/sbin/named-checkconf
/usr/sbin/named-checkzone
/usr/sbin/named8
/usr/sbin/named8-xfer
/usr/sbin/named9
/usr/sbin/namerslv
/usr/sbin/ndb
/usr/sbin/ndp
/usr/sbin/ndpd-host
/usr/sbin/ndpd-router
/usr/sbin/netcd
/usr/sbin/netcdctrl
/usr/sbin/netstat
/usr/sbin/newaliases
/usr/sbin/nfs4cl
/usr/sbin/nfs4smctl
/usr/sbin/nfsd
/usr/sbin/nfshostkey
/usr/sbin/nfshostmap
/usr/sbin/nfso
/usr/sbin/nfsrgyd
/usr/sbin/nfsstat
/usr/sbin/no
/usr/sbin/nsupdate9
/usr/sbin/ntp3/xntpd
/usr/sbin/ospf_monitor
/usr/sbin/ping
/usr/sbin/pmtu
/usr/sbin/policyd
/usr/sbin/portmap
/usr/sbin/pwchange
/usr/sbin/pwtokey
/usr/sbin/pxed
/usr/sbin/qosadd
/usr/sbin/qoslist
/usr/sbin/qosmod
/usr/sbin/qosremove
/usr/sbin/qosstat
/usr/sbin/rexecd
/usr/sbin/ripquery
/usr/sbin/rlogind
/usr/sbin/rmnfsmnt
/usr/sbin/rmprtsv
/usr/sbin/rmqos
/usr/sbin/rmsock
/usr/sbin/rmtcpip
/usr/sbin/rndc
/usr/sbin/rndc-confgen
/usr/sbin/route
/usr/sbin/routed
/usr/sbin/rpc.lockd
/usr/sbin/rpc.mountd
/usr/sbin/rpc.rstatd
/usr/sbin/rpc.statd
/usr/sbin/rshd
/usr/sbin/rsvpd
/usr/sbin/rwhod
/usr/sbin/sendmail
/usr/sbin/sendmail_nonssl
/usr/sbin/sendmail_ssl
/usr/sbin/slp_srvreg
/usr/sbin/smrsh
/usr/sbin/snmpd64v1
/usr/sbin/snmpdv1
/usr/sbin/snmpdv3ne
/usr/sbin/snmpinfo
/usr/sbin/snmpmibd
/usr/sbin/snmpv3_ssw
/usr/sbin/sshd
/usr/sbin/stnfso
/usr/sbin/syslogd
/usr/sbin/talkd
/usr/sbin/tcpdump
/usr/sbin/telnetd
/usr/sbin/tftpd
/usr/sbin/timed
/usr/sbin/timedc
/usr/sbin/trpt
/usr/sbin/wol

El autorizo aix.proc contiene los comandos:
/usr/bin/ipcrm
/usr/bin/ipcs
/usr/bin/ps
/usr/bin/truss
/usr/sbin/bindprocessor
/usr/sbin/fuser
/usr/sbin/killall
/usr/sbin/renice

El autorizo aix.security contiene los comandos:
/etc/security/mkuser.sys
/usr/bin/chauth
/usr/bin/chdom
/usr/bin/chfn
/usr/bin/chgroup
/usr/bin/chpasswd
/usr/bin/chrole
/usr/bin/chsec
/usr/bin/chsh
/usr/bin/chuser
/usr/bin/domlist
/usr/bin/fpm
/usr/bin/lssec
/usr/bin/mkauth
/usr/bin/mkdom
/usr/bin/mkgroup
/usr/bin/mkrole
/usr/bin/mkuser
/usr/bin/paginit
/usr/bin/passwd
/usr/bin/pwck
/usr/bin/pwdadm
/usr/bin/pwdck
/usr/bin/setsecattr
/usr/bin/tcbck
/usr/bin/usrck
/usr/lib/methods/loadkclic
/usr/sbin/aixpert
/usr/sbin/audit
/usr/sbin/auditbin
/usr/sbin/auditcat
/usr/sbin/auditconv
/usr/sbin/auditmerge
/usr/sbin/auditselect
/usr/sbin/authqry
/usr/sbin/authrpt
/usr/sbin/chfilt
/usr/sbin/chtun
/usr/sbin/ckfilt
/usr/sbin/efskstoldif
/usr/sbin/expfilt
/usr/sbin/exptun
/usr/sbin/flush-secldapclntd
/usr/sbin/genfilt
/usr/sbin/gentun
/usr/sbin/grpck
/usr/sbin/ike
/usr/sbin/ikedb
/usr/sbin/impfilt
/usr/sbin/imptun
/usr/sbin/ipsec_logd
/usr/sbin/ipsecstat
/usr/sbin/ipsectrcbuf
/usr/sbin/ls-secldapclntd
/usr/sbin/lsaudit
/usr/sbin/lsauth
/usr/sbin/lsdom
/usr/sbin/lsfilt
/usr/sbin/lsgroup
/usr/sbin/lskst
/usr/sbin/lsldap
/usr/sbin/lsrole
/usr/sbin/lssecattr
/usr/sbin/lstun
/usr/sbin/mkfilt
/usr/sbin/mkkrb5clnt
/usr/sbin/mkkrb5srv
/usr/sbin/mkpasswd
/usr/sbin/mkprojldap
/usr/sbin/mkprtldap
/usr/sbin/mksecldap
/usr/sbin/mktun
/usr/sbin/mvfilt
/usr/sbin/nistoldif
/usr/sbin/rbactoldif
/usr/sbin/restart-secldapclntd
/usr/sbin/rmauth
/usr/sbin/rmdom
/usr/sbin/rmfilt
/usr/sbin/rmgroup
/usr/sbin/rmrole
/usr/sbin/rmsecattr
/usr/sbin/rmtun
/usr/sbin/rmuser
/usr/sbin/roleqry
/usr/sbin/secldapclntd
/usr/sbin/sectoldif
/usr/sbin/sedmgr
/usr/sbin/setkst
/usr/sbin/skeyd
/usr/sbin/start-secldapclntd
/usr/sbin/stop-secldapclntd
/usr/sbin/tetoldif
/usr/sbin/tncconsole
/usr/sbin/tnccsd
/usr/sbin/tncpmd
/usr/sbin/trustchk
/usr/sbin/unloadipsec
/usr/sbin/useradd
/usr/sbin/userdel
/usr/sbin/usermod
/usr/sbin/usrrpt
/usr/sbin/watch

El autorizo aix.security.passwd contiene los comandos:
/usr/bin/chpasswd
/usr/bin/chsec
/usr/bin/lssec
/usr/bin/passwd
/usr/bin/pwck
/usr/bin/pwdadm
/usr/bin/pwdck
/usr/sbin/mkpasswd

El autorizo aix.security.role.list contiene los comandos:
/usr/bin/lssec
/usr/sbin/lsrole

El autorizo aix.security.su contiene los comandos:

El autorizo aix.security.user contiene los comandos:
/etc/security/mkuser.sys
/usr/bin/chfn
/usr/bin/chsec
/usr/bin/chsh
/usr/bin/chuser
/usr/bin/lssec
/usr/bin/mkuser
/usr/bin/paginit
/usr/bin/usrck
/usr/sbin/rmuser
/usr/sbin/useradd
/usr/sbin/userdel
/usr/sbin/usermod
/usr/sbin/usrrpt

El autorizo aix.system contiene los comandos:
/usr/bin/acctctl
/usr/bin/acctras
/usr/bin/acctrpt
/usr/bin/amepat
/usr/bin/atrm
/usr/bin/attachrset
/usr/bin/bootlist
/usr/bin/chauthent
/usr/bin/chlang
/usr/bin/chlicense
/usr/bin/chserver
/usr/bin/chssys
/usr/bin/chtz
/usr/bin/confsrc
/usr/bin/cronadm
/usr/bin/date
/usr/bin/detachrset
/usr/bin/execrset
/usr/bin/genld
/usr/bin/gennames
/usr/bin/gensyms
/usr/bin/iostat
/usr/bin/lppchk
/usr/bin/lslicense
/usr/bin/lslpp
/usr/bin/lssrc
/usr/bin/mknotify
/usr/bin/mkrset
/usr/bin/mkserver
/usr/bin/mkssys
/usr/bin/mksysb
/usr/bin/mkszfile
/usr/bin/mpstat
/usr/bin/odmadd
/usr/bin/odmchange
/usr/bin/odmcreate
/usr/bin/odmdelete
/usr/bin/odmdrop
/usr/bin/odmget
/usr/bin/refresh
/usr/bin/rmnotify
/usr/bin/rmrset
/usr/bin/rmserver
/usr/bin/rmss
/usr/bin/rmssys
/usr/bin/setclock
/usr/bin/startsrc
/usr/bin/stopsrc
/usr/bin/svmon
/usr/bin/sysck
/usr/bin/tracesoff
/usr/bin/traceson
/usr/bin/uname
/usr/bin/xmwlm
/usr/lib/boot/bin/bootinfo_chrp
/usr/lib/boot/bin/machstat_chrp
/usr/lib/instl/bff_create
/usr/lib/instl/cleanup
/usr/lib/instl/deinstal
/usr/lib/instl/instal
/usr/lib/instl/inu_forbidden_paths
/usr/lib/instl/inubosboot
/usr/lib/instl/inuextendblv
/usr/lib/instl/inurid
/usr/lib/instl/libinst_mkworkdir
/usr/lib/instl/sm_inst
/usr/lib/instl/usilhelper
/usr/lib/methods/loadkclic
/usr/lib/perf/sm_getfield
/usr/lib/perf/sm_getrange
/usr/lib/perf/sm_setcurrent
/usr/lib/sa/sa1
/usr/lib/sa/sa2
/usr/lib/sa/sadc
/usr/lpp/diagnostics/bin/Dctrl
/usr/lpp/diagnostics/bin/diagela
/usr/pmapi/tools/hpmstat
/usr/sbin/aacct_stat
/usr/sbin/acct/acctcom
/usr/sbin/acct/runacct
/usr/sbin/bffcreate
/usr/sbin/bindintcpu
/usr/sbin/bootinfo
/usr/sbin/bosboot
/usr/sbin/chclass
/usr/sbin/chcons
/usr/sbin/chitab
/usr/sbin/chnlspath
/usr/sbin/chusil
/usr/sbin/chwebconfig
/usr/sbin/ckprereq
/usr/sbin/confsetcntrl
/usr/sbin/cron
/usr/sbin/diag
/usr/sbin/drmgr
/usr/sbin/emgr
/usr/sbin/epkg
/usr/sbin/exec_shutdown
/usr/sbin/fastboot
/usr/sbin/fasthalt
/usr/sbin/frcactrl
/usr/sbin/gencopy
/usr/sbin/geninstall
/usr/sbin/halt
/usr/sbin/init
/usr/sbin/install_all_updates
/usr/sbin/installp
/usr/sbin/instsecattr
/usr/sbin/inucp
/usr/sbin/inudocm
/usr/sbin/inulag
/usr/sbin/inurecv
/usr/sbin/inurest
/usr/sbin/inusave
/usr/sbin/inutoc
/usr/sbin/inuwpar
/usr/sbin/ioo
/usr/sbin/kdb_64
/usr/sbin/lscfg
/usr/sbin/lsclass
/usr/sbin/lsitab
/usr/sbin/lsusil
/usr/sbin/lsvpd
/usr/sbin/machstat
/usr/sbin/mailstats
/usr/sbin/mkcd
/usr/sbin/mkclass
/usr/sbin/mkitab
/usr/sbin/mkusil
/usr/sbin/monitord
/usr/sbin/nimclient
/usr/sbin/niminit
/usr/sbin/no
/usr/sbin/ntp3/ntpdate
/usr/sbin/ntp3/ntpq
/usr/sbin/ntp3/ntptrace
/usr/sbin/ntp3/sntp
/usr/sbin/ntp3/xntpdc
/usr/sbin/projdata
/usr/sbin/prtconf
/usr/sbin/pstat
/usr/sbin/raso
/usr/sbin/reboot
/usr/sbin/rmclass
/usr/sbin/rmitab
/usr/sbin/rmusil
/usr/sbin/sa
/usr/sbin/sar
/usr/sbin/savebase
/usr/sbin/schedo
/usr/sbin/setrunmode
/usr/sbin/setsecconf
/usr/sbin/shconf
/usr/sbin/shutdown
/usr/sbin/slibclean
/usr/sbin/smtctl
/usr/sbin/snap
/usr/sbin/srcmstr
/usr/sbin/strclean
/usr/sbin/strinfo
/usr/sbin/strload
/usr/sbin/swcons
/usr/sbin/swvpdmgr
/usr/sbin/syncroot
/usr/sbin/telinit
/usr/sbin/tunchange
/usr/sbin/tuncheck
/usr/sbin/tundefault
/usr/sbin/tunrestore
/usr/sbin/tunsave
/usr/sbin/vmo
/usr/sbin/vpdadd
/usr/sbin/vpddel
/usr/sbin/wlmcheck
/usr/sbin/wlmcntrl
/usr/sbin/wlmd
/usr/suma/bin/suma

El autorizo aix.system.boot.shutdown contiene los comandos:
/usr/sbin/exec_shutdown
/usr/sbin/shutdown

El autorizo aix.wpar contiene los comandos:
/usr/bin/listvgbackup
/usr/bin/mkszfile
/usr/bin/savewpar
/usr/lib/corrals/ckaccess
/usr/lib/corrals/ckrootaccess
/usr/lib/corrals/populate
/usr/lib/corrals/removeipc
/usr/lib/corrals/sm_par
/usr/lib/corrals/vinit
/usr/lib/corrals/wpar_gconfig
/usr/lib/corrals/wpardevmgr
/usr/lib/corrals/wparidata
/usr/lib/wpars/ckwpar
/usr/lib/wpars/loadwpar
/usr/lib/wpars/runwpar
/usr/lib/wpars/unloadwpar
/usr/lib/wpars/wparinstcmd
/usr/lib/wpars/wparkillpids
/usr/lib/wpars/wparlockctl
/usr/lib/wpars/wparlogevent
/usr/lib/wpars/wparquery
/usr/sbin/chwpar
/usr/sbin/clogin
/usr/sbin/inuwpar
/usr/sbin/lswpar
/usr/sbin/mcrk_admin
/usr/sbin/mkwpar
/usr/sbin/rebootwpar
/usr/sbin/restwpar
/usr/sbin/rmwpar
/usr/sbin/startwpar
/usr/sbin/stopwpar
/usr/sbin/syncwpar
/usr/sbin/wparerr
/usr/sbin/wparexec
/usr/sbin/wparprnterr

El autorizo csia.sistemas.admin.scripts contiene los comandos:

El autorizo csia.sistemas.admin.cmds contiene los comandos:
/usr/bin/cat
/usr/bin/cd
/usr/bin/cp
/usr/bin/du
/usr/bin/errpt
/usr/bin/grep
/usr/bin/kill
/usr/bin/ksh
/usr/bin/ksh93
/usr/bin/logger
/usr/bin/more
/usr/bin/mv
/usr/bin/procsig
/usr/bin/rpm
/usr/bin/smitty
/usr/bin/tail
/usr/bin/topas
/usr/bin/vi
/usr/sbin/auditpr
/usr/sbin/auditstream
/usr/sbin/ifconfig
/usr/tivoli/tsm/client/ba/bin/dsmadmc

Open in new window

Avatar of sminfo

ASKER

BTW. how can I set "e "-fromwner<username>"  option?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sminfo

ASKER

definitly wmp your the best!!

[root@middledes:/]  find /usr -user isga01s 2>/dev/null | wc -l
    1269

Just the same files I can restore if use dsmc from my sesion using RBAC.

To finish, these 'set access backup' commands are run on dsmadmc?

Thanks much!
Granting access is a client function, so "SET ACCESS ..." has to be run from dsmc.

And yes, it's "-user", not "-owner". I'm getting old ...

Thx for the points!

wmp