SLES OES 2018 trustees backup script, for multiple NSS volumes


My experience is that some customers do not have any backups of there trustee information. If you already do have an rsync. backup script in place, on your OES 2018 servers, ( see my Coolsolution URL /collaboration/oes/w/oes_tips/16522/sles-oes-2018-rsync-backup-script-for-multiple-nss-volumes )

 you can add the under-mentioned trustee script on your OES 2018 servers, which will automatically make a trustee backup when your rsync backup runs daily, weekly, or monthly without any human interference.

You need to achieve the steps mentioned below with the trustee backup script:


  •  Use the rsync backup script to make data backups of multiple NSS Volumes to your destination backup server.

  •  Use the trustee script that will make a backup of all your multiple NSS Volumes trustees.

  •   Schedule the trustee script in remote manager (NRM) to run every hour, day, week or month to make backups of the trustees to the multiple NSS Volumes.

  •  A mail will be sent to the recipient's email address if the trustees were backed up successfully or if it failed.


    Step 1: Create your trustee script

    For the backup of the trustees of the NSS Volumes use metamig as in the under-mentioned example. Metamig is a NSS File System Metadata Migration Utility. Also, see the man page for metamig.

    Create the trustee script under the /sbin directory.

    Here is an example of the complete trustee script :

    /sbin/metamig save DATA1 > /media/nss/DATA1/trustee-bck.txt

    if [ $? -eq 0 ] then mail -s "trustee backup completed successfully" < /etc/HOSTNAME # trustee backup completed successfully @ $(date) for $(hostname) else /usr/bin/mail -s "trustee backup failed" < /etc/HOSTNAME # trustee backup failed @ $(date) for $(hostname) fi

    Save the name you want e.g.

    Sections of the script are explained below:

     - metamig save NSSVOL > unfiltered.xml

     - This command exports the settings of all the files under the volume NSSVOL.

     - if [ $? -eq 0 ]
    A basic if statement effectively says, if a particular test is true, then perform a given set of actions. $? will contain the exit status of the last command executed.-eq 0 - string1 = string2 is true if the two strings are equal.

    - mail -s "trustee backup completed successfully" < /etc/HOSTNAME - /usr/bin/mail -s "trustee backup failed" < /etc/HOSTNAME
    mail to recipient mail address if backup was successful or failed. You can add any detail in the title of the mail message.

    Give the script executable permissions with the command - chmod x as in Figure1.

    Figure 1



    Test the trustee script by running the .sh script ./ Change to the /media/nss/DATA1 NSS Volume to confirm that the trustees were backup as in Figure 2.

    Figure 2                                                                               Screenshot_20191025_153702.png


  • Step 2: Schedule a time for the trustee-bck script to run

 Schedule a time for the trustee-bck script to run in Novell Remote Manager (NRM). Login to your OES 2018 server using your eDirectory credentials or root username and password, to connect to Novell Remote Manager (NRM) using the URL https://server_ipaddress:8009 as in Figure 3.

        Figure 3


Select the tab Manage Linux and then Schedule Tasks. Add the hour, minute, day of the week and day of the month you want the script to run. See Figure 4.

Figure 4


See crontab or cronjobs explained below :

- Minutes specified as a number from 0 to 59.
- Hours specified as numbers from 0 to 23.
- Days of the month, specified as numbers from 1 to 31.
- Months specified as numbers from 1 to 12.
- Days of the week, specified as numbers from 0 to 7.

You will see your script being added by NRM under the directory/etc/cron.d/.

The example mentioned below shows that the trustee script will run every day at 18H00. See Figure 5.

Figure 5


Your trustee script is now complete.



How To-Best Practice
Comment List
  • Hi Val

    Sorry for only responding now.

    You change directory to the NSS Volume that you want to the restore the trustees from. In this example  it is /media/nss/DATA1/

    and type in the metamig command

    metamig restore DATA1 -m  t  -r edir<trustee-bck.txt

    You can test to verify that the triustees where restored by using the command rights show,  or even better browse to the NSS Volume on a Windows workstation, right click on the folders or home directories, and do spot checks by right click and select properties and OES rights to see if the Trustee rights were restored.

    You may also use the man pages for metamig.

  • So this is an interesting article, I assumed Trustees were backed up as part of the normal backup!  My question, after reading this, is how to you restore the trustees from a backup file?  Is it just like doing any other restore from backup?

    Is there an official TID or other documentation to tell you how to do this?

    Kind regards,