HP UX Whitelisting 7.3 Policy protected and metadata files, 7.2.1 Write protected, 7.2.2 Read/write protected files, 7.2.3Recommendations, wmd, wmd, B-2, B-3, B-4, wliadm

7.2.1 Write protected

WLI does not inhibit reading of write protected files. Files in this class can be read and backed up in accordance with the file ownership and permission bits. Files in this class are:

/etc/wli/certificates/*/etc/wli.wlicert.conf

/etc/wli/wlisys.conf

/etc/wli/wlisyspolicy.conf

For backup procedures, these files can be treated the same as other directories and regular files.

Restoration of backup archives for these files is only recommended if the WLI database is corrupted. WLI protects against writes to these file locations in restricted mode. If the WLI database is corrupted, the entire database should be restored from the most recent archive, for internal consistency.

For an example of the procedure for restoring files in this class using wmd capability, see “Administration examples” (page 49).

7.2.2 Read/write protected files

Files in this class have WLI read and write protection. Even with wmd capability granted to a command, these files cannot be backed up or restored. Files in this class are:

/etc/wli/keys/*

These files include encrypted administrator keys that are read/write protected for security reasons. HP recommends that all WLI administrator keys are generated during initialization, followed by a backup, while the system is in maintenance mode. Authorizing new administrator keys should be very uncommon. Only the wliadm command updates keys in this class.

Except for files in this class, backups can be generated in restricted mode. The recovery key, or any administrator key can have its passphrase changed without affecting the WLI database.

7.2.3Recommendations

•Avoid adding and deleting administrator keys as much as possible because this obsoletes a WLI database backup. A backup archive can only be refreshed in maintenance mode if administrator keys are added or deleted. Only the wliadm command can add or delete administrator keys.

•Refresh WLI database backups when the wlisys, wlisyspolicy, and wlicert commands are executed. Updates from these commands can be backed up in restricted mode.

•Do not attempt to restore a WLI database backup in restricted mode. Restoring a WLI Database is only possible in maintenance mode. Backup in restricted mode should only be considered as a disaster recovery operation.

•Do not restore a WLI Database on a system different than the one for which the archive was created. Restoring a WLI database backup on a different system results in unpredictable behavior and WLI failure.

•Do not partially restore a WLI database. Restore the archive entirely to maintain its internal consistency. The database maintains internal relationships between different files that must be intact for WLI to operate correctly.

7.3 Policy protected and metadata files

Files in this class include files with access protection policies and files created by WLI to store metadata. The WLI protections are in effect only in restricted mode. For more detail on backing up and restoring policy protected files and metadata, see Example B-2 (page 49) and Example B-3 (page 50). For more detail on backing up policy protected files and metadata without wliwrap, Example B-4 (page 51).

34 Backup and restore considerations