About restoring the files that have Access Control Lists (ACLs)
An Access Control List (ACL) is a table that conveys the access rights users need to a file or directory. Each file or directory can have a security attribute that extends or restricts users' access.
By default, the nbtar (/usr/openv/netbackup/bin/nbtar) restores ACLs along with file and directory data.
However, in some situations the ACLs cannot be restored to the file data, as follows:
Where the restore is cross-platform.
When a restore utility (tar) other than nbtar is used to restore files.
In these instances, NetBackup stores the ACL information in a series of generated files in the root directory using the following naming form:
.SeCuRiTy.nnnn
These files can be deleted or can be read and the ACLs regenerated by hand.
Note:
If performing an alternate restore where the original directory was ACL-enabled, the alternate restore directory must also be ACL-enabled. If the alternate restore directory is not ACL-enabled, the restore is not successful.
The NetBackup client interface on Windows is available to administrators to restore data without restoring the ACLs. Both the destination client and the source of the backup must be Windows systems.
To restore files without restoring ACLs, the following conditions must be met:
The policy that backed up the client is of policy type MS-Windows.
An administrator performs the restore and is logged into a NetBackup server (Windows or UNIX). The option is set at the server by using the client interface. The option is unavailable on standalone clients (clients that do not contain the NetBackup server software).
The destination client and the source of the backup must both be systems running supported Windows OS levels. The option is disabled on UNIX clients.
Use the following procedure to restore files without restoring ACLs.
To restore files without restoring ACLs
- Log on to the NetBackup server as administrator.
- Open the Backup, Archive, and Restore client interface.
- From the client interface, initiate a restore.
- Select the files to be restored, then select Actions > Start Restore of Marked Files.
- In the Restore Marked Files dialog box, place a check in the Restore without access-control attributes check box.
- Make any other selections for the restore job.
- Click Start Restore.