db_archive - displays security database log files no
longer involved in active transactions (Enhanced Security)
/usr/tcb/bin/db_archive [-alsv] [-h home]
Write all pathnames as absolute pathnames, instead of relative
to the database home directories. Specify a home
directory for the database. The correct directory for
enhanced security is /var/tcb/files. Write out the pathnames
of all of the database log files, whether or not
they are involved in active transactions. Write the pathnames
of all of the database files that need to be
archived in order to recover the database from catastrophic
failure. If any of the database files have not
been accessed during the lifetime of the current log
files, db_archive does not include them in this output. It
is possible that some of the files referenced in the log
have since been deleted from the system. In this case,
db_archive ignores them. When db_recover is run, any files
referenced in the log that are not present during recovery
are assumed to have been deleted and are not be recovered.
Run in verbose mode, listing the checkpoints in the log
files as they are reviewed.
A customized version of the Berkeley Database (Berkeley
DB) is embedded in the operating system to provide highperformance
database support for critical security files.
The DB includes full transactional support and database
recovery, using write-ahead logging and checkpointing to
record changes.
The db_archive utility is provided for maintenance of the
log files associated with the security database. It
writes the pathnames of log files that are no longer in
use (that is, no longer involved in active transactions),
to the standard output, one pathname per line. These log
files should be written to backup media to provide for
recovery in the case of catastrophic failure (which also
requires a snapshot of the database files), but they may
then be deleted from the system to reclaim disk space. You
should perform a db_checkpoint -1 before using db_archive.
The secconfig utility can create a cron job that periodically
checks the security log files and deletes those no
longer in use, as determined by db_archive. Be sure to
coordinate this with the site backup schedule.
The db_archive utility attaches to one or more of the
Berkeley DB shared memory regions. In order to avoid
region corruption, it should always be given the chance to
detach and exit gracefully. To cause db_archive to clean
up after itself and exit, send it an interrupt signal
(SIGINT).
The db_archive utility exits 0 on success, and >0 if an
error occurs.
ENVIRONMENT VARIABLES [Toc] [Back] If the -h option is not specified and the environment
variable DB_HOME is set, it is used as the path of the
database home. The home directory for security is
/var/tcb/files.
/var/tcb/files/auth.db
/var/tcb/files/dblogs/*
Commands: db_checkpoint(8), db_dump(8), db_load(8),
db_printlog(8), db_recover(8), db_stat(8), secconfig(8)
db_archive(8)
[ Back ] | 