This enables the utility you use in the next step to write data to the EVFS volume without encrypting the data.

CAUTION: After you open the volume for raw access, any entity reading data from the EVFS volume receives encrypted data. Any entity writing data to the EVFS volume writes directly to the underlying disk; EVFS does not encrypt the text. HP recommends that you use the evfsvol raw command only when creating encrypted backup media or restoring encrypted backup media.

6.Use a block device utility, such as dd, to copy the encrypted data from the source device, such as the /dev/rmt/0m tape device file, to the target EVFS volume.

7.Use the evfsvol close evfs_volume_path command to close raw access to the EVFS volume.

8.Use the evfsvol enable evfs_volume_path command to re-enable encryption and decryption on the volume.

9.If a file system exists on the volume, use the mount command to remount the file system. See mount(1M) for more information.

Example

In the following example, the tape device /dev/rmt/0m has a tape with encrypted backup data created from the /dev/evfs/vg01/lvol5 EVFS volume.

#fuser -cku /dev/evfs/vg01/lvol5

#umount /dev/evfs/vg01/lvol5

#evfsvol disable -k my_key /dev/evfs/vg01/lvol5(evfsvol prompts for a passphrase if there is no stored passphrase)

#evfsvol raw /dev/evfs/vg01/lvol5 (EVFS prompts if you want to continue)

#dd bs=64k if=/dev/rmt/0m of=/dev/evfs/vg01/lvol5

#evfsvol close /dev/evfs/vg01/lvol5

#evfsvol enable -k my_key /dev/evfs/vg01/lvol5

#mount -F vxfs /dev/evfs/vg01/lvol5 /opt/encrypted_data

Restoring Backup Data from an EVFS Volume to an EVFS Volume

Use the following procedure to restore backup data when the source volume and the target device are both EVFS volumes. You must also have the appropriate file permissions to access the EVFS volume device file.

CAUTION: EVFS must be enabled on the source and target volumes.

1.For data consistency, suspend or stop all applications accessing the data on both volumes. You can use the fuser -cucommand to determine the processes accessing files, and the fuser -ckucommand to terminate the processes. See fuser(1M) for more information.

If the data is used by system processes, you might need to terminate the processes by changing the system runlevel to single-user level with the shutdown utility. See shutdown(1M) for more information.

2.If file systems are mounted on the EVFS volumes and you did not use a file-based utility to backup the data, use the umount command to unmount the file systems and prevent any new I/O requests to the volume. See umount(1M) for more information.

3.Do not disable encryption and decryption on the source or target volumes. Use the evfsadm

stat -ato verify that EVFS is enabled on both the source and target volume.

126 Backing Up and Restoring Data on EVFS Volumes

Page 126
Image 126
HP UX Encrypted Volume and Filesystem (EVFS) manual Restoring Backup Data from an Evfs Volume to an Evfs Volume, Example