Chapter 1 HPSS Basics
36 September 2002 HPSS Installation Guide
Release 4.5, Revision 2
Logging Policy.The logging policy controls the types of messages to log. On a per server
basis, the message types to write to the HPSS log may be defined. In addition, for each
server, options to send Alarm, Event, or Status messages to SSM may be defined.
SecurityPolicy. Site security policy defines the authorization and access controls to be used
forclient access to HPSS. Site policy managers were developed for controlling access from
FTPand/or Parallel FTP using either Ident or Kerberos credentials. These access methods
are supported by request using thehpss_pftpd_amgr and an appropriate authentication
manager. The Policy Manager is no longer supported. The Non-DCE Client Gateway
provides three Security Policies: none, Kerberos, and DCE.
HPSS server authentication and authorization use DCE authentication and authorization
mechanisms. Each HPSS server has configuration information that determines the type
and level of DCE security services available/required for the individual server. HPSS
software uses DCE services to determine a caller’s identity via credentials passed by the
caller to the server. Once the identity and authorization information has been obtained,
eachHPSS server grants/denies the caller ’s request based on the access controllist (ACLs)
attachedto the Security object in the server ’s Cell Directory Service (CDS) entry.Access to
the interfaces that modify a server’s internal metadata, generally require control
permission. HPSS security is only as good as the security employed in the DCE cell!
HPSS provides facilities for recording information about authentication and object (file/
directory)creation, deletion, access, and authorization events. The security audit policy for
each server determines the records that each individual server will generate. All servers
can generate authentication records, while only the Name and Bitfile Servers generate
other object event records.
AccountingPolicy. The accounting policy provides runtime information to the accounting
report utility and to the Account Validation service of the Gatekeeper. It helps determine
what style of accounting should be used and what level of validation should be enforced.
The two types of accounting are site-style and UNIX-style. The site-style approach is the
traditional type of accounting in use by most mass storage systems. Each site will have a
site-specifictable (Account Map) that correlates the HPSS account index number with their
localaccount charge codes. The UNIX-style approach allows a site to use the user identifier
(UID)for the account index. The UID is passed along in UNIX-style accounting just as the
account index number is passed along in site-style accounting. Thehpss_Chown API or
FTPquote site chown command can be used to assign a file to a new owner.
AccountValidation allows a site to perform usage authorization of an account for a user. It
isturned on by enabling the Account Validation field. If Account Validationis enabled, the
accountingstyle in use at the site is determined by the Accounting Style field. A site policy
module may be implemented by the local site to perform customized account validation
operations. The default Account Validation behavior is performed for any Account
Validation operation that is not overridden by the site policy module.
IfAccount Validation is not enabled, as in previous versions of HPSS, the accounting style
touse is determined by the GECOS field on the user's DCE account in the DCE registry or
by the HPSS.gecos Extended Registry Attribute (ERA) on the DCE principal in the DCE
registry.
Location Policy. The location policy defines how Location Servers at a given site will
perform, especially in regards to how often server location information is updated. All
local, replicated Location Servers update information according to the same policy.