Juliette Ponnet, profile picture
Uploaded byJuliette Ponnet
ODP, PDF579 views

Cl309

The document provides an overview of Novell Storage Services features and architecture when implemented on Linux using Novell Open Enterprise Server. It discusses features such as trustee models, quotas, compression. It describes the architecture which uses components like EVMS, NSS storage subsystem, NCP server, and VFS. It also covers tuning, troubleshooting, and clustering aspects of Novell Storage Services on Linux.

Embed presentation

Download to read offline
Novell Storage Services ™ File System Performance, Clustering and Auditing in Novell ® Open Enterprise Server on Linux Marcus Gould Premium Support Engineer Novell, Inc. [email_address] Bart Schoofs WorldWide Support Engineer Novell, Inc. [email_address] Adam Jerome Senior Software Engineer Novell, Inc. [email_address] Vijai Babu Madhavan Filesystem Engineer Novell, Inc. [email_address]
Agenda Novell Storage Services ™ Feature and Architecture Review
Novell Storage Services and NCP ™ Tuning and Troubleshooting
Novell Storage Services Auditing (Vigil)
Novell Storage Services ™ Feature and Architecture Review
Novell Storage Services ™ Features Trustee Model Inherited Rights
Visibility Salvage
Directory Quotas
User Quotas
Compression
Data Shredding
Immediate Flush
Novell Storage Services ™ Features Multiple Name Spaces
Distributed File Services (DFS)
Multiple Server Activation Prevention
Archive / Versioning enabled
Logical Volumes and Pools
Encryption
Pool Snapshot
File Snapshot (COW)
Architecture: Novell Storage Services ™ on Linux User Kernel Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
Architecture: Novell Storage Services ™ on Linux Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
EVMS (Enterprise Volume Management System) Allows NSS pools to be moved between NetWare ® and OES Linux Without modification
NetWare-created pools can mount on Linux
Linux-created pools can mount on NetWare
Must stick to iManager and nssmu Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
Novell Storage Services ™ NSS automatically mounted in NCP ™ Disable NCP via Remote Manager e.g. Shadow Volumes Mounted in Linux file system /media/nss/<Volume_Name> novell-nss kernel module
All features work as NetWare ® Except non-LUM modifier, archiver and deleter of files show as root Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
eDirectory ™ eDirectory users can access NSS
Local users require LUM NSS uses eDirectory GUIDs internally
Linux uses UIDs internally
Linux passes UIDs to NSS
LUM links GUID to UID via eDirectory NSS maintains multiple ID caches G2I, I2G and SEV caches Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
VFS (Virtual File Services) Registers NSS as a normal Linux file system POSIX rwx attributes represent NetWare ® attributes Read: NetWare Hidden attribute
Write: Set unless file is read-only
Execute: NetWare Execute attribute (cannot copy) or subdirectory Most access to NSS is via VFS (POSIX Layer)
Some access to NSS directly via zAPI e.g. SMS, AFP Trustee rights are enforced Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
VFS (Virtual File Services) Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 Client NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme Client LUM NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme (3) NSS requests security equivalence information for joe.acme – eDirectory returns a list of equivalent users and group memberships Client LUM eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme (3) NSS requests security equivalence information for joe.acme – eDirectory returns a list of equivalent users and group memberships (4) NSS does normal trustee checking based on users and groups returned by eDirectory Client LUM eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server Communicates with NSS Via VFS Runs as part of eDirectory ™ (ndsd)
No standalone NCP daemon /etc/opt/novell/ncpserv.conf
/var/opt/novell/log/ncpserv.log ncp2nss daemon /etc/opt/novell/ncp2nss.conf
/var/opt/novell/log/ncp2nss.log Also uses Extended Attributes and _admin
Processes NEB events from NSS Maintains own trustee store Synchronised with NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server Can make Linux volumes available via NCP Can mount native Linux file systems ncpcon create volume NCP does not require LUM, but... OES1 Owner, modifier, archiver and deleter are all root
User quotas and salvage will not work OES2 Owner will be correct and user quotas will work OES2 SP2 (& OES2SP1+Patches) Owner, modifier, archiver and deleter will work
User quotas and salvage will work Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server (1) User and Group information for the connection joe.acme is using NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using NCP Client NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection NCP Client NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection (4) Create foo.txt as root NCP Client NCP Server eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection (4) Create foo.txt as root (5) Change owner to joe.acme (by GUID) NCP Client NCP Server eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
Tuning Novell Storage Services ™
Linux Memory Recap Kernel Memory Low memory directly addressable by the kernel
Bottom 1GB on 32 Bit Linux (can be customised)
All memory on 64 Bit Linux User Memory aka HiMem High memory used by applications
Kernel has to map it to use it 0 1 4 GB 2 3 User Kernel
Novell Storage Services ™ Caching Files Objects in memory (Beasts / inodes)
Packed on disk in 4K Blocks (Metadata Blocks) Metadata 4K Pages in Memory
Unpacked into Objects User Data 4K Pages in Memory
Saved on disk as 4K Blocks (User data Blocks)
Novell Storage Services ™ Caching on Linux 32 Bit NSS Metadata cached in HiMem Private: Memory dedicated to, and managed by, NSS (default)
Linux: Memory shared with, and managed by, Linux
nss /HighMemoryCacheType=Private|Linux|None NSS User data integrated into Linux cache 64 Bit No HiMem memory constraints
Metadata cache configurable nss /MinBufferCacheSize NSS User data integrated into Linux cache
Previous Versions of Novell Storage Services ™ on Linux Open Enterprise Server (OES) All user and metadata in kernel memory OES SP1 NSS Metadata cached in kernel memory
NSS user data integrated into Linux cache OES SP2 NSS Metadata cached in HiMem nss /HighMemoryCacheType NSS User data integrated into Linux cache
Previous Versions of Novell Storage Services ™ on Linux OES2 64 bit OES2 SP1 Enhanced version of OES2 OES2 SP2 Improved Read-ahead algorithm (Stepping Window) OES2 SP3 Improved I/O Scheduler interactions

More Related Content

ODP
Cl219
byJuliette Ponnet
 
ODP
Cl115
byJuliette Ponnet
 
ODP
Cl116
byJuliette Ponnet
 
PPT
Cl107
byJuliette Ponnet
 
ODP
Cl310
byJuliette Ponnet
 
ODP
Cl207
byJuliette Ponnet
 
ODP
Cl221
byJuliette Ponnet
 
PPT
Active directory installation windows 2003 1
bytameemyousaf
 
Cl219
byJuliette Ponnet
 
Cl115
byJuliette Ponnet
 
Cl116
byJuliette Ponnet
 
Cl107
byJuliette Ponnet
 
Cl310
byJuliette Ponnet
 
Cl207
byJuliette Ponnet
 
Cl221
byJuliette Ponnet
 
Active directory installation windows 2003 1
bytameemyousaf
 

What's hot

PDF
Domain Services for Windows: Best Practices for Windows Interoperability
byNovell
 
DOC
Server interview[1]
bysourav nanda
 
PDF
GWAVACon 2013: Novell Open Enterprise Server - Roadmap and Future
byGWAVA
 
PDF
Novell Open Enterprise Server for Beginners
byNovell
 
PDF
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
byNovell
 
PPT
Distributed Filesystems Review
bySchubert Zhang
 
PDF
Preparing forfirstconnectionsinstall
byGabriella Davis
 
PPTX
New File Server Features Of Windows Server 2008
byMicrosoft TechNet
 
PPTX
Deep Dive Into Windows Server 2012 Hyper-V
byLai Yoong Seng
 
PPTX
MCSA Installing & Configuring Windows Server 2012 70-410
byomardabbas
 
DOC
Lesson 4 intro to advanced o perating systems
byJo Ko
 
PPTX
Failover cluster
byChinmoy Jena
 
PDF
Introduction to failover clustering with sql server
byEduardo Castro
 
PPT
OSCh16
byJoe Christensen
 
PPTX
Windows Server 2008 R2 Overview
bySteven Wilder
 
PPT
Coda file system tahir
byMohammad Faizan
 
PPTX
Windows Server 2008 R2
byRishu Mehra
 
PPTX
Upgrading AD from Windows Server 2003 to Windows Server 2008 R2
byAmit Gatenyo
 
PPTX
Windows Server 2008 Management
byHi-Techpoint
 
PDF
Server 2008 r2 ppt
byRaj Solanki
 
Domain Services for Windows: Best Practices for Windows Interoperability
byNovell
 
Server interview[1]
bysourav nanda
 
GWAVACon 2013: Novell Open Enterprise Server - Roadmap and Future
byGWAVA
 
Novell Open Enterprise Server for Beginners
byNovell
 
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
byNovell
 
Distributed Filesystems Review
bySchubert Zhang
 
Preparing forfirstconnectionsinstall
byGabriella Davis
 
New File Server Features Of Windows Server 2008
byMicrosoft TechNet
 
Deep Dive Into Windows Server 2012 Hyper-V
byLai Yoong Seng
 
MCSA Installing & Configuring Windows Server 2012 70-410
byomardabbas
 
Lesson 4 intro to advanced o perating systems
byJo Ko
 
Failover cluster
byChinmoy Jena
 
Introduction to failover clustering with sql server
byEduardo Castro
 
OSCh16
byJoe Christensen
 
Windows Server 2008 R2 Overview
bySteven Wilder
 
Coda file system tahir
byMohammad Faizan
 
Windows Server 2008 R2
byRishu Mehra
 
Upgrading AD from Windows Server 2003 to Windows Server 2008 R2
byAmit Gatenyo
 
Windows Server 2008 Management
byHi-Techpoint
 
Server 2008 r2 ppt
byRaj Solanki
 

Similar to Cl309

PDF
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
byNovell
 
PDF
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
byNovell
 
PDF
Life without the Novell Client
byNovell
 
ODP
Practical Tips for Novell Cluster Services
byNovell
 
PDF
File Access in Novell Open Enterprise Server 2 SP2
byNovell
 
PDF
Xen server storage Overview
byNuno Alves
 
PPTX
VMware Advance Troubleshooting Workshop - Day 4
byVepsun Technologies
 
PPTX
VMware vSphere 6.0 - Troubleshooting Training - Day 4
bySanjeev Kumar
 
PDF
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Securing Your Linux System
byNovell
 
PPT
Chapter 05
bycclay3
 
PPT
Vmware Command Line
bylifeit
 
PPT
Nfs
bytmavroidis
 
PPTX
Linux network file system (nfs)
byRaghu nath
 
PPT
NFS.ppt shshsjsjsjssjsjsksksksksksisisisisi
bymukul narayana
 
PDF
GWAVACon 2013: Novell Open Enterprise Server Best Practices
byGWAVA
 
PPT
Ch18 system administration
byRaja Waseem Akhtar
 
PPT
Distributed System by Pratik Tambekar
byPratik Tambekar
 
PDF
VMWare VSphere4 Documentation Notes
byGrit Suwa
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
byNovell
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
byNovell
 
Life without the Novell Client
byNovell
 
Practical Tips for Novell Cluster Services
byNovell
 
File Access in Novell Open Enterprise Server 2 SP2
byNovell
 
Xen server storage Overview
byNuno Alves
 
VMware Advance Troubleshooting Workshop - Day 4
byVepsun Technologies
 
VMware vSphere 6.0 - Troubleshooting Training - Day 4
bySanjeev Kumar
 
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Securing Your Linux System
byNovell
 
Chapter 05
bycclay3
 
Vmware Command Line
bylifeit
 
Nfs
bytmavroidis
 
Linux network file system (nfs)
byRaghu nath
 
NFS.ppt shshsjsjsjssjsjsksksksksksisisisisi
bymukul narayana
 
GWAVACon 2013: Novell Open Enterprise Server Best Practices
byGWAVA
 
Ch18 system administration
byRaja Waseem Akhtar
 
Distributed System by Pratik Tambekar
byPratik Tambekar
 
VMWare VSphere4 Documentation Notes
byGrit Suwa
 

More from Juliette Ponnet

ODP
Cl210
byJuliette Ponnet
 
ODP
Cl210 lab
byJuliette Ponnet
 
ODP
Cl302
byJuliette Ponnet
 
ODP
Cl212
byJuliette Ponnet
 
ODP
Cl306
byJuliette Ponnet
 
ODP
Cl105
byJuliette Ponnet
 
ODP
Cl117
byJuliette Ponnet
 
ODP
Cl104
byJuliette Ponnet
 
Cl210
byJuliette Ponnet
 
Cl210 lab
byJuliette Ponnet
 
Cl302
byJuliette Ponnet
 
Cl212
byJuliette Ponnet
 
Cl306
byJuliette Ponnet
 
Cl105
byJuliette Ponnet
 
Cl117
byJuliette Ponnet
 
Cl104
byJuliette Ponnet
 

Recently uploaded

PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
PPTX
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
PDF
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
December Patch Tuesday
byIvanti
 
PPTX
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
December Patch Tuesday
byIvanti
 
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 

Cl309

  • 1.
    Novell Storage Services™ File System Performance, Clustering and Auditing in Novell ® Open Enterprise Server on Linux Marcus Gould Premium Support Engineer Novell, Inc. [email_address] Bart Schoofs WorldWide Support Engineer Novell, Inc. [email_address] Adam Jerome Senior Software Engineer Novell, Inc. [email_address] Vijai Babu Madhavan Filesystem Engineer Novell, Inc. [email_address]
  • 2.
    Agenda Novell StorageServices ™ Feature and Architecture Review
  • 3.
    Novell Storage Servicesand NCP ™ Tuning and Troubleshooting
  • 4.
    Novell Storage ServicesAuditing (Vigil)
  • 5.
    Novell Storage Services™ Feature and Architecture Review
  • 6.
    Novell Storage Services™ Features Trustee Model Inherited Rights
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
    Novell Storage Services™ Features Multiple Name Spaces
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
    Architecture: NovellStorage Services ™ on Linux User Kernel Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 22.
    Architecture: NovellStorage Services ™ on Linux Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 23.
    EVMS (EnterpriseVolume Management System) Allows NSS pools to be moved between NetWare ® and OES Linux Without modification
  • 24.
  • 25.
    Linux-created pools canmount on NetWare
  • 26.
    Must stick to iManager and nssmu Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 27.
    Novell Storage Services™ NSS automatically mounted in NCP ™ Disable NCP via Remote Manager e.g. Shadow Volumes Mounted in Linux file system /media/nss/<Volume_Name> novell-nss kernel module
  • 28.
    All features workas NetWare ® Except non-LUM modifier, archiver and deleter of files show as root Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 29.
    eDirectory ™ eDirectoryusers can access NSS
  • 30.
    Local users requireLUM NSS uses eDirectory GUIDs internally
  • 31.
    Linux uses UIDsinternally
  • 32.
  • 33.
    LUM links GUIDto UID via eDirectory NSS maintains multiple ID caches G2I, I2G and SEV caches Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 34.
    VFS (VirtualFile Services) Registers NSS as a normal Linux file system POSIX rwx attributes represent NetWare ® attributes Read: NetWare Hidden attribute
  • 35.
    Write: Setunless file is read-only
  • 36.
    Execute: NetWareExecute attribute (cannot copy) or subdirectory Most access to NSS is via VFS (POSIX Layer)
  • 37.
    Some access toNSS directly via zAPI e.g. SMS, AFP Trustee rights are enforced Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 38.
    VFS (VirtualFile Services) Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 39.
    VFS (VirtualFile Services) (1) Create File foo.txt logged in as Joe with a UID of 705 Client NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 40.
    VFS (VirtualFile Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme Client LUM NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 41.
    VFS (VirtualFile Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme (3) NSS requests security equivalence information for joe.acme – eDirectory returns a list of equivalent users and group memberships Client LUM eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 42.
    VFS (VirtualFile Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme (3) NSS requests security equivalence information for joe.acme – eDirectory returns a list of equivalent users and group memberships (4) NSS does normal trustee checking based on users and groups returned by eDirectory Client LUM eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 43.
    NCP ™ Server Communicates with NSS Via VFS Runs as part of eDirectory ™ (ndsd)
  • 44.
    No standalone NCPdaemon /etc/opt/novell/ncpserv.conf
  • 45.
  • 46.
    /var/opt/novell/log/ncp2nss.log Also usesExtended Attributes and _admin
  • 47.
    Processes NEB eventsfrom NSS Maintains own trustee store Synchronised with NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 48.
    NCP ™ Server Can make Linux volumes available via NCP Can mount native Linux file systems ncpcon create volume NCP does not require LUM, but... OES1 Owner, modifier, archiver and deleter are all root
  • 49.
    User quotas andsalvage will not work OES2 Owner will be correct and user quotas will work OES2 SP2 (& OES2SP1+Patches) Owner, modifier, archiver and deleter will work
  • 50.
    User quotas andsalvage will work Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 51.
    NCP ™ Server Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 52.
    NCP ™ Server (1) User and Group information for the connection joe.acme is using NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 53.
    NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using NCP Client NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 54.
    NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection NCP Client NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 55.
    NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection (4) Create foo.txt as root NCP Client NCP Server eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 56.
    NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection (4) Create foo.txt as root (5) Change owner to joe.acme (by GUID) NCP Client NCP Server eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
  • 57.
  • 58.
    Linux Memory RecapKernel Memory Low memory directly addressable by the kernel
  • 59.
    Bottom 1GB on32 Bit Linux (can be customised)
  • 60.
    All memory on64 Bit Linux User Memory aka HiMem High memory used by applications
  • 61.
    Kernel has tomap it to use it 0 1 4 GB 2 3 User Kernel
  • 62.
    Novell Storage Services™ Caching Files Objects in memory (Beasts / inodes)
  • 63.
    Packed on diskin 4K Blocks (Metadata Blocks) Metadata 4K Pages in Memory
  • 64.
    Unpacked into ObjectsUser Data 4K Pages in Memory
  • 65.
    Saved on diskas 4K Blocks (User data Blocks)
  • 66.
    Novell Storage Services™ Caching on Linux 32 Bit NSS Metadata cached in HiMem Private: Memory dedicated to, and managed by, NSS (default)
  • 67.
    Linux: Memoryshared with, and managed by, Linux
  • 68.
    nss /HighMemoryCacheType=Private|Linux|None NSSUser data integrated into Linux cache 64 Bit No HiMem memory constraints
  • 69.
    Metadata cache configurablenss /MinBufferCacheSize NSS User data integrated into Linux cache
  • 70.
    Previous Versions of Novell Storage Services ™ on Linux Open Enterprise Server (OES) All user and metadata in kernel memory OES SP1 NSS Metadata cached in kernel memory
  • 71.
    NSS user dataintegrated into Linux cache OES SP2 NSS Metadata cached in HiMem nss /HighMemoryCacheType NSS User data integrated into Linux cache
  • 72.
    Previous Versions of Novell Storage Services ™ on Linux OES2 64 bit OES2 SP1 Enhanced version of OES2 OES2 SP2 Improved Read-ahead algorithm (Stepping Window) OES2 SP3 Improved I/O Scheduler interactions
  • 73.
  • 74.
    NSS File CachingNovell Storage Services ™ on NetWare ® nss /ClosedFileCacheSize Maximum Number of “notInUse” Files in memory
  • 75.
    Based on theavailable memory in the system
  • 76.
    NSS does itsown balancing Novell Storage Services on Linux nss /ClosedFileCacheSize
  • 77.
    Linux Memory Pressureinodes in memory
  • 78.
    /proc/slabinfo lsa_inode_cache Linuxwill influence the total number of files in memory
  • 79.
    Novell Storage Services™ ID Cache ID Cache Tuning Parameters Per server
  • 80.
    Reset various IDcaches nss /ResetIDCache Modify the reset intervals of ID caches nss /IDCacheResetInterval=value ( Default: 25 hours) Modify the size of ID caches Requires latest patches for SP1/SP2
  • 81.
    nss /IDCacheSize=value (Default: 16384) OES2SP3 Monitor ID cache statistics
  • 82.
    Performance Always applylatest OES2 patches New parameter: nss /noUnplugAlways XEN Guest Change default noop Scheduler to cfq Modify Read Ahead Blocks based on access pattern Default ReadAheadBlks on NetWare ® & OES1 was 2
  • 83.
    Higher is not necessarily better
  • 84.
  • 85.
  • 86.
  • 87.
    Can be setpersistently /opt/novell/nss/conf/nssstart.cfg
  • 88.
    ravsui Put Poolin maintenance state nsscon nss /poolMaintenance=<POOLNAME> ravsui verify <POOLNAME> Verify a pool
  • 89.
    ravview vbfn <POOLNAME>Parses xml log file and shows the results from verify ravsui rebuild <POOLNAME> Rebuild a pool
  • 90.
    ravview rtfn <POOLNAME>Parses xml log file and shows the results from rebuild
  • 91.
  • 92.
    NCP ™ Improvements NCP Server Engine Largely Rewritten No IPX Support
  • 93.
  • 94.
    NCP on Linuxcan outperform NCP on NetWare ®
  • 95.
    NCP Directory CacheTuning Monitor usage and evictions LOG_CACHE_STATISTICS /var/opt/novell/log/ncpserv.log Configure based on working set and available memory MAXIMUM_CACHED_FILES_PER_VOLUME (Default: 20000)
  • 96.
  • 97.
  • 98.
    Cache Entry memoryusage: ~216 bytes + Full path name Additional Information http://www.novell.com/documentation/oes2/file_ncp_lx/data/bc06ts8.html
  • 99.
    TID 7004888 –NCP Performance Tuning on OES2 Linux
  • 100.
  • 101.
    Performance Horses forCourses Do you need NSS functionality?
  • 102.
    Do you need all that metadata? Think It Through GroupWise ®
  • 103.
  • 104.
  • 105.
    Troubleshooting NovellStorage Services ™ and NCP ™ Slow File Access Apply ALL the SP1/SP2 Patches Optimized for NSS volumes mounted in LONG name space
  • 106.
    Optimized for bothLUM and non-LUM users access
  • 107.
    Reduced memory usageTune NSS ID Cache
  • 108.
  • 109.
    Process of elimination(NCP, NSS, etc...)
  • 110.
  • 111.
    Tracing and Debugging Novell Cluster Services ™ Edit /opt/novell/ncs/bin/ldncs Uncomment appropriate lines Use at command line e.g. echo -n &quot;TRACE CRM ON&quot; > /proc/ncs/cluster
  • 112.
    Output: /var/log/messagesSee TID 7005837 for more information # echo -n &quot;TRACE ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE SBD ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE GIPC ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE MCAST ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE CVB ON&quot; > /proc/ncs/cluster # echo -n &quot;TRACE CSS ON&quot; > /proc/ncs/cluster # echo -n &quot;TRACE CRM ON&quot; > /proc/ncs/cluster # echo -n &quot;TRACE CMA ON&quot; > /proc/ncs/cluster
  • 113.
    Troubleshooting NovellCluster Services ™ Resource Migration Hangs Check unload.out file /var/opt/novell/log/ncs/<resource_name>.unload.out Stack dump of user space processes (gstack) adminusd, ndsd, ncp2nss Stack dump of kernel threads echo 1 > /proc/sys/kernel/sysrq
  • 114.
    echo t >/proc/sysrq-trigger Core (user-space processes and kernel) if necessary
  • 115.
    Novell Storage Services™ Auditing (Vigil)
  • 116.
    NCP Handling ...(w/o auditing) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
  • 117.
    NCP Handling ...(vigil_nss.ko) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
  • 118.
    NCP Handling ...(vigil.ko) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko vigil.ko NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
  • 119.
    NCP Handling ...(vigil.ko API) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
  • 120.
    NCP Handling ...(libvigil) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
  • 121.
    NCP Handling ...(Auditing Client) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
  • 122.
    NCP Handling ...(Multiple Auditing Clients) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
  • 123.
    NCP Handling ...(Identity Issue) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream User=root
  • 124.
    NCP Handling ...(Process Metadata) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
  • 125.
    NCP Handling ...(Process Metadata Table) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream Process Metadata Table
  • 126.
    NCP Handling ...(Process Metadata Logging) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
  • 127.
    NCP Handling ...(Process Metadata Retrieval) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
  • 128.
    NCP Handling ...(Internal NCP Engine Event handling) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Lazy-Close Dup-Open Events Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
  • 129.
    NCP Handling ...(vigil_ncp.ko) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko vigil_ncp.ko sysfs sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Lazy-Close Dup-Open Events Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
  • 130.
    CIFS Handling User-addressspace Kernel-address space SIGIO POSIX System Call Table VFS NSS CIFS Engine pmd.ko Process Meta- data Table vigil_nss.ko vigil_cifs.ko sysfs sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Lazy-Close Dup-Open Events Linux Process NCP/NDS Client Metadata CIFS_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only CIFS_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
  • 131.
    AFP Handling User-addressspace Kernel-address space SIGIO POSIX System Call Table VFS NSS vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NSS zAPIs AFP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only AFP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream AFP Engine
  • 132.
    Auditing Client ApplicationsBlue Lance – LT Auditor+ 9 for SUSE ® Linux NetVision – NVMonitor Version 7.0 Novell ® Sentinel ™ – Log Manager Novell Open Enterprise Server – vlog
  • 133.
    <AUDIT vlogRecNo=&quot;2&quot; vigilRecNo=&quot;2&quot;pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.416900&quot; Type=&quot;3 NSS&quot;> <NSS Event=&quot;64 MODIFY&quot; TaskID=&quot;0&quot; Zid=&quot;1C2E&quot; ParentZid=&quot;9A&quot; OpRetCode=&quot;0&quot; FileType=&quot;3 NAMED_DATA_STREAM&quot; FileAttributes=&quot;0x40000021 0-READ_ONLY 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot;B87E55ADF559DE018000D7BDDBFE9C09&quot; VolDn=&quot;VOL1&quot; UserID=&quot;03000000000000000000000000000000&quot; UserDn=&quot;Supervisor&quot; Uid=&quot;0&quot; Uid_name=&quot;root&quot; Euid=&quot;0&quot; Euid_name=&quot;root&quot; Suid=&quot;0&quot; Suid_name=&quot;root&quot; Fsuid=&quot;0&quot; Fsuid_name=&quot;root&quot; Gid=&quot;0&quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot;0&quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot;ndsd&quot;> <PATH Type=&quot;1 target&quot; NameSpace=&quot;2 unicode&quot;>VOL1:/ajerome/myFile</PATH> <MODIFY_INFO ModifyInfoMask=&quot;0x00000021 0-FILE_ATTRIBUTES 5-METADATA_MODIFIED_TIME&quot; modifyTypeInfoMask=&quot;0x21&quot; /> <FILE_ATTRIBUTES FileAttributes=&quot;0x00000000&quot; FileAttributesModMask=&quot;0x4000000B&quot; /> <METADATA_MODIFIED_TIME Time=&quot;03/04/2010 09:46:25&quot; /> </NSS> </AUDIT> <AUDIT vlogRecNo=&quot;3&quot; vigilRecNo=&quot;3&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.417052&quot; Type=&quot;3 NSS&quot;> <NSS Event=&quot;4 OPEN&quot; TaskID=&quot;0&quot; Zid=&quot;1C2E&quot; ParentZid=&quot;9A&quot; OpRetCode=&quot;0&quot; FileType=&quot;3 NAMED_DATA_STREAM&quot; FileAttributes=&quot;0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot;B87E55ADF559DE018000D7BDDBFE9C09&quot; VolDn=&quot;VOL1&quot; UserID=&quot;03000000000000000000000000000000&quot; UserDn=&quot;Supervisor&quot; Uid=&quot;0&quot; Uid_name=&quot;root&quot; Euid=&quot;0&quot; Euid_name=&quot;root&quot; Suid=&quot;0&quot; Suid_name=&quot;root&quot; Fsuid=&quot;0&quot; Fsuid_name=&quot;root&quot; Gid=&quot;0&quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot;0&quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot;ndsd&quot;> <PATH Type=&quot;1 target&quot; NameSpace=&quot;2 unicode&quot;>VOL1:/ajerome/myFile</PATH> <OPEN key=&quot;0x9552AE6B440F959&quot; RequestedRights=&quot;0x00000013 0-READ_ACCESS 1-WRITE_ACCESS 4-SCAN_ACCESS&quot; Accessed=&quot;03/04/2010 09:46:25&quot; Created=&quot;02/05/2010 14:35:01&quot; Modified=&quot;02/05/2010 14:35:01&quot; MetaDataModified=&quot;03/04/2010 09:46:25&quot; /> </NSS> </AUDIT> <AUDIT vlogRecNo=&quot;4&quot; vigilRecNo=&quot;4&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.417154&quot; Type=&quot;3 NSS&quot;> <NSS Event=&quot;64 MODIFY&quot; TaskID=&quot;0&quot; Zid=&quot;1C2E&quot; ParentZid=&quot;9A&quot; OpRetCode=&quot;0&quot; FileType=&quot;3 NAMED_DATA_STREAM&quot; FileAttributes=&quot;0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot;B87E55ADF559DE018000D7BDDBFE9C09&quot; VolDn=&quot;VOL1&quot; UserID=&quot;03000000000000000000000000000000&quot; UserDn=&quot;Supervisor&quot; Uid=&quot;0&quot; Uid_name=&quot;root&quot; Euid=&quot;0&quot; Euid_name=&quot;root&quot; Suid=&quot;0&quot; Suid_name=&quot;root&quot; Fsuid=&quot;0&quot; Fsuid_name=&quot;root&quot; Gid=&quot;0&quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot;0&quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot;ndsd&quot;> <PATH Type=&quot;1 target&quot; NameSpace=&quot;2 unicode&quot;>VOL1:/ajerome/myFile</PATH> <MODIFY_INFO ModifyInfoMask=&quot;0x00000021 0-FILE_ATTRIBUTES 5-METADATA_MODIFIED_TIME&quot; modifyTypeInfoMask=&quot;0x21&quot; /> <FILE_ATTRIBUTES FileAttributes=&quot;0x00000001 0-READ_ONLY&quot; FileAttributesModMask=&quot;0x4000000B&quot; /> <METADATA_MODIFIED_TIME Time=&quot;03/04/2010 09:46:25&quot; /> </NSS> </AUDIT> <AUDIT vlogRecNo=&quot;5&quot; vigilRecNo=&quot;5&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.417323&quot; Type=&quot;2 NCP&quot;> <NCP Event=&quot;16 OPEN&quot;> <WHO_LINUX Uid=”0” UidName=”root” Euid=”0” EuidName=”root” Suid=”0” SuidName=”root” Fsuid=”0” FsuidName=”root” Gid=”0” GidName=”root” Egid=”0” EgidName=”root” Sgid=”0” SgidName=”root” Fsgid=”0” FsguidName=”root” Comm=”ndsd” /> <PMD_NCP ConnID=&quot;12&quot; TaskID=&quot;4&quot; Guid=&quot;A053F649CB3CD94AE5A3A053F649CB3C&quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__OPENFILE searchAttributes=&quot;0x26&quot; DesiredAccessRights=&quot;0x01&quot; LinuxPath=&quot;/media/nss/VOL1/ajerome/myFile&quot; Status=&quot;0&quot; FileHandle=&quot;000037623030&quot; FileAttributes=&quot;0x00000021 0-READ_ONLY 5-ARCHIVE&quot; FileExecuteType=&quot;00&quot; FileLen=&quot;14&quot; CreationDate=&quot; 5/02/2010&quot; LastAccessDate=&quot; 4/03/2010&quot; LastUpdateDate=&quot; 5/02/2010&quot; LastUpdateTime=&quot;14:35:00&quot; /> </NCP> </AUDIT> <AUDIT vlogRecNo=&quot;6&quot; vigilRecNo=&quot;6&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.423618&quot; Type=&quot;2 NCP&quot;> <NCP Event=&quot;32 CLOSE&quot;> <WHO_LINUX Uid=”0” UidName=”root” Euid=”0” EuidName=”root” Suid=”0” SuidName=”root” Fsuid=”0” FsuidName=”root” Gid=”0” GidName=”root” Egid=”0” EgidName=”root” Sgid=”0” SgidName=”root” Fsgid=”0” FsguidName=”root” Comm=”ndsd” /> <PMD_NCP ConnID=&quot;12&quot; TaskID=&quot;4&quot; Guid=&quot;A053F649CB3CD94AE5A3A053F649CB3C&quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__CLOSEFILE FileHandle=&quot;0x000089007B00&quot; Status=&quot;0&quot; /> </NCP> </AUDIT>
  • 134.
    <AUDIT VlogRecNo=&quot;3&quot; VigilRecNo=&quot;3 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.417052 &quot; Type=&quot; 3 NSS &quot; > <NSS Event=&quot; 4 OPEN &quot; TaskID=&quot; 0 &quot; Zid=&quot; 1C2E &quot; ParentZid=&quot; 9A &quot; OpRetCode=&quot; 0 &quot; FileType=&quot; 3 NAMED_DATA_STREAM&quot; FileAttributes=&quot; 0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot; B87E55ADF559DE018000D7BDDBFE9C09 &quot; VolDn=&quot;VOL1&quot; UserID=&quot; 03000000000000000000000000000000 &quot; UserDn=&quot;Supervisor&quot; Uid=&quot; 0 &quot; Uid_name=&quot;root&quot; Euid=&quot; 0 &quot; Euid_name=&quot;root&quot; Suid=&quot; 0 &quot; Suid_name=&quot;root&quot; Fsuid=&quot; 0 &quot; Fsuid_name=&quot;root&quot; Gid=&quot; 0 &quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot; 0 &quot; Sgid_name=&quot;root&quot; Fsgid=&quot; 0 &quot; Fsgid_name=&quot;root&quot; Comm=&quot; ndsd &quot; > <PATH Type=&quot; 1 target&quot; NameSpace=&quot; 2 unicode&quot;> VOL1:/ajerome/myFile </PATH> <OPEN Key=&quot; 0x9552AE6B440F959 &quot; RequestedRights=&quot; 0x00000013 0-READ_ACCESS 1-WRITE_ACCESS 4-SCAN_ACCESS&quot; Accessed=&quot; 03/04/2010 09:46:25 &quot; Created=&quot; 02/05/2010 14:35:01 &quot; Modified=&quot; 02/05/2010 14:35:01 &quot; MetaDataModified=&quot; 03/04/2010 09:46:25 &quot; /> </NSS> </AUDIT>
  • 135.
    <AUDIT VlogRecNo=&quot; 4&quot; VigilRecNo=&quot; 4 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.417154 &quot; Type=&quot; 3 NSS &quot; > <NSS Event=&quot; 64 MODIFY &quot; TaskID=&quot; 0 &quot; Zid=&quot; 1C2E &quot; ParentZid=&quot; 9A &quot; OpRetCode=&quot; 0 &quot; FileType=&quot; 3 NAMED_DATA_STREAM&quot; FileAttributes=&quot; 0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot; B87E55ADF559DE018000D7BDDBFE9C09 &quot; VolDn=&quot;VOL1&quot; UserID=&quot; 03000000000000000000000000000000 &quot; UserDn=&quot;Supervisor&quot; Uid=&quot; 0 &quot; Uid_name=&quot;root&quot; Euid=&quot; 0 &quot; Euid_name=&quot;root&quot; Suid=&quot; 0 &quot; Suid_name=&quot;root&quot; Fsuid=&quot; 0 &quot; Fsuid_name=&quot;root&quot; Gid=&quot; 0 &quot; Gid_name=&quot; root &quot; Egid=&quot; 0 &quot; Egid_name=&quot;root&quot; Sgid=&quot; 0 &quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot; ndsd &quot; > <PATH Type=&quot; 1 target&quot; NameSpace=&quot; 2 unicode&quot;> VOL1:/ajerome/myFile </PATH> <MODIFY_INFO ModifyInfoMask=&quot; 0x00000021 0-FILE_ATTRIBUTES 5-METADATA_MODIFIED_TIME&quot; ModifyTypeInfoMask =&quot; 0x21 &quot; /> <FILE_ATTRIBUTES FileAttributes=&quot; 0x00000001 0-READ_ONLY&quot; FileAttributesModMask=&quot; 0x4000000B &quot; /> <METADATA_MODIFIED_TIME Time=&quot; 03/04/2010 09:46:25 &quot; /> </NSS> </AUDIT>
  • 136.
    <AUDIT VlogRecNo=&quot;5&quot;VigilRecNo=&quot; 5 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.417323 &quot; Type=&quot; 2 NCP &quot; > <NCP Event=&quot; 16 OPEN &quot; > <WHO_LINUX Uid=” 0 ” UidName=”root” Euid=” 0 ” EuidName=”root” Suid=” 0 ” SuidName=”root” Fsuid=” 0 ” FsuidName=”root” Gid=” 0 ” GidName=”root” Egid=” 0 ” EgidName=”root” Sgid=” 0 ” SgidName=”root” Fsgid=” 0 ” FsguidName=”root” Comm=” ndsd ” /> <PMD_NCP ConnID=&quot; 12 &quot; TaskID=&quot; 4 &quot; Guid=&quot; A053F649CB3CD94AE5A3A053F649CB3C &quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__OPENFILE SearchAttributes=&quot; 0x26 &quot; DesiredAccessRights=&quot; 0x01 &quot; LinuxPath=&quot; /media/nss/VOL1/ajerome/myFile &quot; Status=&quot; 0 &quot; FileHandle=&quot; 000037623030 &quot; FileAttributes=&quot; 0x00000021 0-READ_ONLY 5-ARCHIVE&quot; FileExecuteType=&quot; 00 &quot; FileLen=&quot; 14 &quot; CreationDate=&quot; 5/02/2010 &quot; LastAccessDate=&quot; 4/03/2010 &quot; LastUpdateDate=&quot; 5/02/2010 &quot; LastUpdateTime=&quot; 14:35:00 &quot; /> </NCP> </AUDIT>
  • 137.
    <AUDIT VlogRecNo=&quot;6&quot; VigilRecNo=&quot;6 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.423618 &quot; Type=&quot; 2 NCP &quot; > <NCP Event=&quot; 32 CLOSE &quot;> <WHO_LINUX Uid=” 0 ” UidName=”root” Euid=” 0 ” EuidName=”root” Suid=” 0 ” SuidName=”root” Fsuid=” 0 ” FsuidName=”root” Gid=” 0 ” GidName=”root” Egid=” 0 ” EgidName=”root” Sgid=” 0 ” SgidName=”root” Fsgid=” 0 ” FsguidName=”root” Comm=” ndsd ” /> <PMD_NCP ConnID=&quot; 12 &quot; TaskID=&quot; 4 &quot; Guid=&quot; A053F649CB3CD94AE5A3A053F649CB3C &quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__CLOSEFILE FileHandle=&quot; 0x000089007B00 &quot; Status=&quot;0&quot; /> </NCP> </AUDIT>
  • 138.
    Reference NCP ™ Tuning http://www.novell.com/documentation/oes2/file_ncp_lx/data/bc06ts8.html Novell Storage Services ™ Tuning http://www.novell.com/documentation/oes2/stor_nss_lx_nw/data/btbkjyi.html Auditing http://developer.novell.com/wiki/index.php/NSS_Auditing_SDK TIDs TID#7004888 - NCP Performance Tuning
  • 139.
    TID#7004877 – NSStakes time to load and slow access
  • 140.
  • 141.
  • 142.
  • 143.
    Unpublished Work ofNovell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Editor's Notes

  • #48 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #49 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #50 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #51 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #52 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #53 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #54 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #55 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #56 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #57 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #58 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #59 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #60 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #61 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #62 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • #63 The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.