IBM Books

Administration Guide


Granting permission to obtain a file collection

Permission to obtain file collections that are standard with the SP system software is automatically granted to SP nodes. You can choose to grant permission for these file collections to non-SP hosts as well. You can also create your own file collections and control distribution of them.

Automatic permissions for SP nodes

During the configuration of file collections, a per-collection host file is created to limit access for the IBM-defined collections to the nodes of the SP system. The file resides in the directory /var/sysman/sup/file_collection/host, where file_collection is the unique name of a file collection. The file collections server, supfilesrv, uses this file when checking whether a host has been granted access to obtain the collection in which the host file resides. The file collections server runs on the control workstation. If your SP system uses boot-install servers, the file collections server also runs on each node that is a boot-install server. Therefore, the per-collection host file is created and maintained on the control workstation and any boot-install servers you have defined.

The host file is updated with the hostnames of the adapters in the SP system as found in the SDR. The file is updated during the following events:

The filec_host command is run periodically to update the per-collection host file. Only the host names of the adapters in the SP system are automatically maintained in the file. They can be distinguished by the special comment:

#generated_entry_donot_edit

These generated entries should not be deleted. You can add names of other non-SP hosts to the host file to permit those hosts access to the SP file collections. It is your responsibility to set up the proper client on the non-SP hosts using the SUP public code that comes with the SP software.

The filec_host command reads the /var/sysman/collection.host.list file to obtain a list of the collections for which the host file must be created or updated. The collection.host.list file contains the names of the IBM-delivered collections by default. If you have collections in the /var/sysman path that you want to define and distribute to SP nodes, you need to add their names to the collection.host.list file so that the host file gets created and updated for the SP nodes to be granted access to them. The collection.host.list file is distributed through the SP sup.admin file collection.

The host file is not automatically distributed. Distributing the host file through the file collections server would place the file on the nodes as well as any boot-install servers. Although this is not a security risk since the file collections server does not normally run on the nodes, whether you want to distribute the host file is up to you. If you do want it distributed, see Distributing the per-collection host file.

Granting permissions to non-SP hosts

To grant permission for obtaining a file collection to a non-SP host, edit the /var/sysman/sup/file_collection/host file and add the name of the host to which permission is granted. The file should be updated on the host that services the requests for the respective collections. This could be the control workstation or an SP node that is a boot-install server. Depending on the number of host names (one per adapter) on the host being granted permission, you might need to add more than one host name for the host.

Since the host file grants permissions to only one collection, the collection of which it is part, you might need to edit the host file for each collection to add the non-SP hosts so that the non-SP host can obtain all collections.

Do not remove the entries with the specially generated comments. They are automatically generated to grant the SP nodes access to the IBM-delivered file collections. You can add your own entries anywhere in the per-collection host file. However, when the file is automatically updated, all customer entries are placed at the top of the file and are followed by all the SP-generated entries.

Distributing the per-collection host file

If you plan to distribute the per-collection host file using the file collections server, you must make all updates to these per-collection host files on the control workstation. They get distributed to all boot-install servers (as well as the nodes and other hosts you might have added), overwriting any host files that might reside there. If you have edited the host file on a boot-install server rather than on the control workstation, you will lose those changes when the file gets distributed from the control workstation.

The per-collection host file can be distributed through the file collections server by adding the following to the /var/sysman/sup/sup.admin/list file:

      always ./var/sysman/sup/*/host


[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]