Remote Dump Host Control

Use the remote access control file to prevent remote dumps and loads, and execution of remote procedure calls (RPCs) from any client or server that is running on unauthorized servers.

Authorization to dump to, or load from, Backup Server is achieved by including the authorized hosts in the hosts.allow file. The default name of the file is hosts.allow, which is by default located in $SYBASE. You can change the location and file name using:

backupserver -h full_path_name/hosts.allow

When you start Backup Server, the location of the file is shown in the error log. For example:

Backup Server: 1.88.1.1: The hosts authentication file used by the backup server is '/remote/myServer/ase157x/SMP/release/hosts.allow'.

If you do not specify a file, $SYBASE/hosts.allow is used. If the location of the file is a relative path, the path is replaced by the absolute path using the directory in which the Backup Server has been started. For example, if you start Backup Server from /usr/u/myServer and Backup Server is started with:

backupserver -h./myhosts.allow

The error log shows:

Backup Server: 1.88.1.1: The hosts authentication file used by the backup server is '/usr/u/myServer/./myhosts.allow'.

If the file hosts.allow does not exist, dump or load commands, or remote procedures, fail.

Note: Local dumps are not affected by this feature.

File Format

The format for hosts.allow is:

host_name_running_backupserver [ \t*][,][ \t*] host_name_trying_to_connect 
host_name_running_backupserver: 
hostname | hostname.domain | ipv4 address | ipv6 address 
host_name_trying_to_connect: 
hostname | hostname.domain | ipv4 address | ipv6 address |+ 

The '+' sign can be used as a wildcard to allow remote 
dumps to, or loads from, any Backup Server running on 
the specified host. 
Example: 
# Example of hosts.allow file 
# Development machine imetsol1 allows access from everywhere 
imetsol1 +
 
# Group development machine marslinuxX allow access from other 
# marslinuxX machines only 
marslinux1 marslinux2 
marslinux1 marslinux3 
marslinux2 marslinux1 
marslinux2 marslinux3 
marslinux3 marslinux1 
marslinux3 marslinux2 

Permissions

The recommended file permission for UNIX is no greater than640. For Windows, ensure that only authorized users are granted access to the file.

Error and Warning Messages