File: CONFIG.in

package info (click to toggle)
afbackup 3.3.6pl4-1
links: PTS
area: main
in suites: woody
size: 3,872 kB
ctags: 3,143
sloc: ansic: 44,316; tcl: 4,189; sh: 2,263; csh: 2,077; makefile: 566; sed: 93; perl: 80
file content (898 lines) | stat: -rw-r--r-- 36,297 bytes


Configuration of AF's backup system
===================================

The parameters for the client side can be found in a 
file named 
@clientconf@ 
and for the server side in 
@serverconf@, 
that resides in the
directory @clientconfdir@ 
or @serverconfdir@,
respectively. Comments in those files are lines starting
with the pound symbol # as the first non-blank character.

These two files need not be edited by hand with an editor,
instead the programs @serverbindir@/afserverconfig [ configfile ]
and @clientbindir@/afclientconfig [ configfile ]
can be used. If you are 
running X, the programs are the same, but start with an 'x';
(Tcl/Tk must be installed): 
@serverbindir@/xafserverconfig [ configfile ]
and @clientbindir@/xafclientconfig [ configfile ] .
The parameters described below are the same for both versions.


Server configuration parameters
-------------------------------

 ServerIdentifier

  The identifier for the server. Default: The official hostname,
  followed by a colon and the full path to the configuration file.
  The server identifier can be used to become independent of the
  server machine name. This might be helpful, if the backup server
  should move to another machine. Whitespace characters may be
  used in this identifier, but they are replaced with asterisks *
  before comparing, so they are not significant


 Backup-Device

  This is the device the backup is written to. It can be any
  tape device with the capability to distinguish between several
  files on the media. It is mandatory to supply the no-rewind 
  device here, otherwise this package won't work properly. 

  Suitable device names for some OS-es:
  AIX:          /dev/rmt0.1
  Solaris:      /dev/rmt/0bn
  IRIX:         /dev/rmt/tps0d4nr
  HP-UX:        /dev/rmt/0hn
  Linux:        /dev/nst0
  Digital UNIX: /dev/nrmt0h
  FreeBSD:      /dev/nsa0

  If the drive has a media handler attached, a specifier for this
  may follow the device name. The format for this is
   =<drive-count>@<device>#<num-slots>^<num-loadbays> , for example
  =1@/dev/sg0#6^2 . Whitespace before and following the special
  characters = @ and # is allowed for readability. The example
  means: The drive is number 1 in the changer, /dev/sg0 is the
  changer device, that has 6 media slots and 2 loadbays. The
  parts =<drive-count> and ^<num-loadbays> are optional

 Tape-Blocksize

  The blocksize of the tape device. This value specifies how many
  bytes are written to tape or read from it with one system call.
  Usually this value is at least 512 or a multiple of it.
  It is not very important if the blocksize is set to 2048
  or 1024. The main thing to keep in mind is that if there is a
  minimum, it should be respected (e.g. 1024 on AIX), otherwise
  media space is wasted.


 Cartridge-Handler

  This value must be 1 or 0, which means, that you either have a
  cartridge handling system (i.e. some kind of robot) (1) or
  not (0). If you don't have a robot, you may nonetheless maintain
  a set of cartridges, that you will have to manually number. 
  The backup server side will inform you via email or console output,
  whenever another cartridge has to be inserted into the drive and what
  number it requires it is.


 Number Of Cartridges

  This number specifies, how many cartridges you are maintaining.
  If you have a cartridge handling system (some kind of robot),
  this is usually the number of cartridges, your system is juggling.


 Cartridge-Sets

  Several cartridge sets can be used. Here they can be specified.
  The specifiers for the cartridge sets must be separated by
  whitespace. Each specifier may consist of digits, commas and
  dashes. Examples for cartridge set specifiers: 1-5 7-9,12 6,10,11
  This example shows how to specify three cartridge sets. If the
  access to a cartridge set should be allowed only for certain
  clients, this may specified with a colon immediately following
  the set specifier without whitespace, followed by one of three
  forms: Either a list of hostnames, separated by commas and no
  whitespace inbetween, or the full path to a file containing the
  hostnames one per line, or by a command to be executed. The
  command must start with a bar | and must be enclosed in double
  quotes, if it is containing whitespace. If %H occurres in the
  command it will be replaced with the client name, who wants to
  gain access to the cartridge set. The command must exit with a
  status of 0, if access is to be granted, otherwise with an exit
  status unequal to 0. The name of the host to be checked is also
  written to standard input of this command, so %H needs not to
  be used. Examples specifying cartridge sets with restricted
  access:  1-5:apollo,localhost,taurus
           6-8,16:/usr/local/backup/etc/set2clients
           9-15:"| fgrep .my.domain.com"
  Remember, that grep will exit with 0, if a match has been found,
  otherwise 1. Note, that localhost and the network name of the
  machine should be both given, if the server is also a client.
  The names to be supplied here are not the client IDs configured
  on the client side, but the network names of the machines.
  If this parameter is not given, there is only the default set
  number 1 with all available cartridges, access is permitted to
  any client. Not all cartridges need to be included in a set and
  sets must not overlap.


 Max Bytes Per File

  The stream of data, that represents your backup, is divided into
  pieces (files on tape). This is done to find the files faster
  during a restore. This value determines, how large the pieces on
  tape may be in bytes. Some good values for a few tape technologies:

    QIC:              20000000
    DAT:              30000000
    Exabyte:          50000000
    DLT:             100000000


 Max Bytes Per Tape

  With this entry the number of bytes written to a single tape
  can be limited. Serveral entries with a leading range specifier
  allow to handle certain tapes differently. The range specifier
  must end in a colon : and may contain lists of ranges and numbers.
  A given number without a leading range specifier will be valid for
  all tapes not explicitly described. Default is use of full tape
  capacity. Several entries must be separated by whitespace and may
  look like the following examples:
    4000000000  1,3-5:3500000000  7,9-:5000000000
  This means: 3.5 GB for cartridges 1 and 3 through 5, 5 GB
  for cartridges 7 and 9 up to the last cartridge, 4 GB for the
  rest


 Full Append Mode

  Normally, when the insert (writing) position is forced to
  another tape with the cartis command or with the clientside
  option -G, the rest of the current tape remains unused. When
  this option is set to 1, it will nonetheless be used to write
  data on, if there is no free tape left


 Variable Append Mode

  In default mode, the place (tape and tapefile), where the next data
  will be written, is fix and can only manipulated using the command
  cartis or the clientside option -G. When the server wants to write
  with variable append mode enabled, any cartridge, that is in the
  drive, is belonging to the right cartridge set and is allowed to be
  written, will be accepted and appended to. Note, that this will also
  override the settings of cartis or option -G.


 Reject Unlabeled Tapes

  Default is to accept an unlabeled tape as the requested one and
  to label it automatically. If this behaviour is unwanted and only
  tapes with a recognized label should be permitted for writing,
  this parameter should be set.


 PreferCartInChanger

  When a tape gets full and another one must be chosen to continue
  writing, the server does not make a difference, whether a tape
  is available in a changer or not, if this flag is not set. This
  is the default. If this parameter is set, the next cartridge is
  chosen from those, that are available in the slots of a changer,
  if present and configured. If there is no tape found inside the
  changer, that is allowed to be overwritten, manual administrator
  interaction is nonetheless required.


 Cart-Insert-Gracetime

  This is the time in seconds, the program waits after another
  cartridge has been put into the drive. Normal devices need a
  certain time span to mount the tape to get it ready for use.
  Normally this value is not critical. If you estimate it too
  low, the ioctl-system-call will wait until the device becomes 
  available. This time is sometimes longer than two minutes,
  so if you want to proceed quickly after a cartridge
  change, you may measure the maximum time your system needs.
  Some tried values for a few tape technologies:

    QIC:         20
    DAT:         30
    Exabyte:     70
    DLT:         70


 Device-Unavailable-Send-Mail-After-Min

  If the streaming device is not accessible (i.e. an open or a
  tape handling command fails) or another backup server process
  is still running, the server process re-tries his attempts
  regularly. If it fails longer than the time in minutes
  supplied here, an e-mail is sent to the configured user in
  charge (see: User To Inform). Supplying 0 means: never send mail.


 Device-Unavailable-Give-Up-After-Min

  Same as Device-Unavailable-Send-Mail-After-Min, but this time
  not an e-mail is sent, but the server process exits silently
  leaving a warning in the log file. Supplying 0 means: try
  forever, never exit.


 Device-Probe Interval

  This is the interval in seconds, after that regularly the device
  is probed to be ready for reading. Thus after having ejected a
  cartridge it is automatically recognized, if a new cartridge has
  been inserted. For other media (e.g. exchangeable disks) this may
  not be suitable. Supply a 0 in these cases for no probing.


 SetFile-Command

  This is the (shell-) command to run to position the tape to a
  certain file. Usually this is something like a combination
  of:  mt -f <device> rewind  and  mt -f <device> fsf <number>.
  If the command you are supplying here starts to count with
  1 for the first file on tape, you should insert %n for the
  <number>. If it starts with 0, replace <number> with %m. If
  you don't want to type the devicename again here, you may
  write %d instead. For more pattern replacements see: Status-file


 SkipFile-Command

  This is the (shell-) command to run to skip over to a file
  later on tape. Usually this is something like
   mt -f <device> fsf <number>
  Insert %n, where the number of files to skip over must be
  supplied in the command, in the example instead of <number>,
  and %d, where the device should appear (here: <device>).
  For more pattern replacements see: Status-file


 Setcart-Command

  This is the (shell-) command to run to put a certain
  cartridge into the device. If the command you are supplying
  here starts to count with 1 for the first cartridge, you
  should insert %n in the place, where the cartridge number
  must appear. If it starts with 0, replace it with %m. If
  you don't want to type the devicename again here, you may
  write %d instead. If you don't have a command to perform
  this task, don't supply anything here. In this case you must
  set your cartridge handling system to sequential mode
  (automatically putting the next cartridge in, when the
  current one is ejected).
  For pattern replacements see: Status-file
  

 Changecart-Command

  This is the (shell-) command to run to eject a cartridge
  currently placed inside the streamer device. This is normally
  something like  mt -f <device> rewoffl  (but better consult
  your man-pages). You have to supply this either if you have
  no cartridge handling system (robot) or if you have no
  command to set the cartridge directly by number. In the latter
  case this package tries to maintain the number of the current
  cartridge in a file and to (hopefully) keep it consistent
  with the reality. In this case the cartridge handling system
  must be configured to sequential mode (automatically putting
  the next cartridge in, when the current one is ejected). The
  pattern %c, if used in this command, will be replaced with
  number of the current cartridge, %n with the number of the
  next one, that is expected to be put into the streamer by a
  robot in sequential mode. %b can be used instead of %c if
  counting of cartridges starts with 0 and not with 1. The
  same applies for %m, what means %n minus 1. %d is replaced
  with the device name.


 Init-Media-Command

  The (shell-) command, the server runs before accessing the
  storage media for the first time or after changing it. %d
  will be replaced with the device. This command can be used
  e.g. to automatically mount a removable disk after inserting.
  This command might be called several times on the same media,
  this has to kept in mind when configuring it. For more
  pattern replacements see: Status-file


 Erasetape-Command

  The (shell-) command to run, if the tape must be erased.
  (currently not needed).
  For pattern replacements see: Status-file


 Tape-Full-Command

  The (shell-) command to run, when a tape is full. %d is
  replaced with the device name, %c with the number of the
  cartridge, that became full, %n with the number of cycles,
  the cartridge has become full until now and %C with the
  full path to the configuration file. For more pattern
  replacements see: Status-file


 User To Inform

  If you don't have a cartridge handling system (robot), a
  human maintainer must put the appropriate cartridge into the
  tape device. If you supply a mail program, an e-mail is sent
  to the user given here, which informs him, that and which
  cartridge (by number) must be put into the tape device.
  If a timespan is configured, after that an automatic e-mail
  should be sent due to an unaccessible tape device, it is
  directed to this user (see Device-unavail-send-mail-after-min)


 Mail-Program

  The mail program used to send messages to a human maintainer.
  This is done, whenever another cartridge must be put into the
  tape device and it can't be done automatically (by a robot or
  whatever). If you don't want to type the username again here,
  you can instead write %u . The pattern %U will be replaced with
  the login name of a current user on the client side, %H with
  the name of the client host. If none could be figured out, the
  entire word containing %U or %H is deleted from the command.
  If you don't want mails to be sent, you may instead supply any
  other command, that reads the standard input and does something
  reasonable with it, e.g. redirects it to the console:
   cat > /dev/console
  For more pattern replacements see: Status-file


 Var-Directory

  The directory, where varying files should be put in. These
  files should not be deleted. The information they contain is
  necessary for the server to work properly


 Tape-Pos-File

  In this file some values are stored, e.g. the number of the
  cartridge currently placed inside the streamer device. For
  pattern replacements see: Status-file


 Logging-file

  Logging information concerning errors or other notable events
  is redirected to this file. If the first word of this entry
  is starting with @, then logging is directed to the syslog as
  well. If there are characters immediately following the @,
  this word is used as the syslog identifier, otherwise the
  identifier is afbackup. If writing to the syslog is configured,
  the rest of the entry is used as additional logging file, if
  present. For more pattern replacements see: Status-file


 Status-file

  The current status of the server is written to this file. If
  it starts with >>, then the file is created and status messages
  will be appended to it. Otherwise the file is removed before
  writing.
  %L will be replaced with the full path of the lib-directory
  of the server, %B with the bin-directory, %C with the config
  directory and %V with the var-directory.


 Lock-file

  To prevent the server program from being started several times
  a lock file is created and this is it's name. For pattern
  replacements see: Status-file


 Encryption-Key-Files

  Entries specifying files, that contain encryption keys for
  authenticating backup clients to the server. Each entry
  consists of a filename, optionally followed by a colon : and
  a specifier for client selection. If an entry lacks a client
  selector, this one will apply for all clients, that are not
  matched by any other entry. The client selector is either a
  list of comma-separated hostnames, a filename starting with
  a slash / containing hostnames one per line, or a command
  starting with a bar, that is stripped off before starting
  the command. The command gets the current client name as
  input on stdin, aside from arguments containing patterns
  (see below). If the command returns an exit status of 0,
  the client name will match the entry. Entries are separated
  by whitespace. If an entry must contain whitespace, it must
  be enclosed by double quotes. If colons are needed within
  the filenames, they must be escaped using a backslash. Each
  key file must contain at least 5 characters and must not
  have read permission for group or world. The pattern %H is
  replaced with the client name resolved from the IP-address.
  %h is similar to %H, but everything from and including the
  first dot is stripped off. For more pattern replacements see:
  Status-file. 


 Program-Directory

  If you are using the remote start option for backing up
  clients, this is the directory, where programs must reside,
  that can be started remotely. No other programs can be
  started remotely (for security reasons). For pattern
  replacements see: Status-file


 Init-Command

  Here you may supply a (shell-) command to be run, when the
  backup server side wakes up, i.e. the server process starts.
  A %p appearing in this command is replaced with the name
  of the client, that connected the backup service.
  For more pattern replacements see: Status-file


 Exit-Command

  Here you may supply a (shell-) command to be run, when the
  backup server side goes to sleep, i.e. the server process ends.
  A %p appearing in this command is replaced with the name
  of the client, that connected the backup service.
  For more pattern replacements see: Status-file


Client configuration parameters
-------------------------------

 BackupHosts

  These are the hostnames of the machines where a server side
  of the backup service resides. Some kind of streamer device
  must be connected to these machines. The files and directories,
  that should be saved, are packed, eventually processed somehow,
  and then sent to the named machines, who writes them to the
  connected device. The named machines are tested for service
  availability. If a server is busy, the next one is tried.
  BackupPorts can be configured in the same order as the host
  entries supplied here. The servers in this list may be
  separated by whitespace and/or commas. If a backup server
  is the same host as the client, the use of the name localhost
  is encouraged.


 BackupPorts

  These are the port numbers on the backup server machines, where
  the backup server processes listen. The default is 2988 or the
  number found in the file /etc/services (or in NIS if it is
  configured). Several ports can be supplied, positionally according
  to the backup server hosts supplied in the BackupHosts parameter.
  The numbers can be separated by whitespace and/or commas. If
  fewer numbers are supplied than backup servers, the default port
  2988 applies for the rest. If more port numbers are given, the
  superfluous ones are ignored.


 CartridgeSets

  The cartridge sets on the server side to use for backups.
  They must bes legal number between 1 and the number of cartridge
  sets configured on the appropriate server side. Several sets can
  be supplied, positionally according to the backup server hosts
  supplied in the BackupHosts parameter. The numbers can be separated
  by whitespace and/or commas. If fewer numbers are supplied than
  backup servers, the default set # 1 applies for the rest. If more
  cartridge set numbers are given, the superfluous ones are ignored.


 RootDirectory

  This is the directory, the backup client changes to before
  packing the files and directories. Their names should be
  supplied relative to this directory, e.g. ./home .


 DirsToBackup

  These are the names of files and directories, that should be
  saved. Wildcards in the usual manner are allowed (shell-
  style or glob-style). They should be supplied relative to
  the working directory, the client changes to when starting.
  Descending into directories can be limited to the current
  filesystem by preceding the filename with the four characters
  .//. or the option -m (and a space). The prefix .//. is
  stripped off the name before saving. Supplying a filename
  preceded with the four characters /../ (what makes no sense
  normally) or the option -r (and a space) forces the file
  contents to be saved regardless of the file type. This way
  raw partitions or similar things can be saved. The prefix
  /../ is stripped off the name before saving. These file
  contents are by default never processed for safety reasons.
  If you want to force processing nonetheless, use //../ as
  prefix or precede the name with the option -R (and a space).
  To save the output of a command, supply (in double quotes) a
  triple bar |||, followed by a space and the command. Another
  triple bar must follow, after that another command doing the
  opposite of the first one. This command gets the data written
  by the first one as input at restore time. A triple sharp ###
  and a comment may follow.
  A command can be supplied here, whose output is read and used
  as if it were written here literally. If this is desired, the
  entry must start with a bar |, followed by a mandatory space
  and the shell-command to execute. If the pattern %T appears
  in this command, it is replaced with a specifier for the type
  of backup: F, if it's a full backup; F<N>, if the full backup
  is split into several parts with <N> being the part number,
  e.g. F2; I, if it's an incremental backup; L<N> for a level <N>
  backup e.g. L5
  

 DirsToBackupX

  These are the names of files and directories, that should
  be saved as part X. Wildcards in the usual manner are
  allowed (shell-style or glob-style). They should be
  supplied relative to the working directory the client
  changes to when starting (See: RootDirectory). Descending
  into directories can be limited to the current filesystem by
  preceding the filename with the four characters .//. or
  the option -m (and a space). The prefix .//. is stripped
  off the name before saving. Supplying a filename preceded
  with the four characters /../ (what makes no sense normally)
  or the option -r (and a space) forces the file contents to
  be saved regardless of the file type. This way raw
  partitions or similar things can be saved. The prefix /../
  is stripped off the name before saving. These file contents
  are by default never processed for safety reasons. If you
  want to force processing nonetheless, use //../ as prefix
  or precede the name with the option -R (and a space). To
  save the output of a command, supply (in double quotes) a
  triple bar |||, followed by a space and the command. Another
  triple bar must follow, after that another command doing the
  opposite of the first one. This command gets the data written
  by the first one as input at restore time. A triple sharp ###
  and a comment may follow.
  A command can be supplied here, whose output is read and used
  as if it were written here literally. If this is desired, the
  entry must start with a bar |, followed by a mandatory space
  and the shell-command to execute. If the pattern %T appears
  in this command, it is replaced with a specifier for the type
  of backup: F, if it's a full backup; F<N>, if the full backup
  is split into several parts with <N> being the part number,
  e.g. F2; I, if it's an incremental backup; L<N> for a level <N>
  backup e.g. L5
  These parameters may only be supplied if the parameter
  NumBackupParts is set greater than 1 (!). Otherwise they must
  be commented out to prevent a mismatch.


 FilesToSkip

  These are the names of files, that should not be saved.
  Wildcards in the usual manner are allowed (shell-style or
  glob-style, furthermore path-patterns in the style of GNU's
  find program with option -path. Note, that e.g. a*d matches
  ab/cd). E.g. it does not usually make much sense to back up
  object files, as they can be easily reproduced from existing
  program sources.


 DirsToSkip

  These are the names of directories, that should not be saved.
  Wildcards in the usual manner are allowed (shell-style or
  glob-style, furthermore path-patterns in the style of GNU's
  find program with option -path. Note, that e.g. a*d matches
  ab/cd). E.g. it does not usually make much sense to back up
  the lost+found directory or such only containing object files,
  as they can be easily reproduced from existing program sources.


 FilesystemTypes

  A list of filesystem types, separated by whitespace and/or
  commas. The type names can be prefixed with a plus, what is
  identical with no prefix, with a dash - or a slash / . No
  prefix or a plus means, that only files in filesystems of
  the given type are saved, no others. A minus means, files in
  a filesystem of the named type are not saved, nonetheless
  such filesystems are traversed to search for filesystems of
  other types probably mounted underneath. The slash means,
  that such filesystems are not even entered or traversed


 ExcludeListFile

  A file with the name supplied here can be present in any
  directory. It should contain a list of file-/directory-names
  (or glob-style patterns), that should be skipped during backup.
  Each entry must be in an own line. The given names/patterns are
  valid only in the same directory, where the file resides. Thus
  each directory can have it's individual exclusion list.


 WriteChecksums

  This flag specifies whether CRC32 checksums are written to
  the backup or not. Checksumming costs performance but might
  be desired to achieve additional safety, that recovered the
  files are intact


 UseCTime

  When this flag is set, not only a filesystem entry's modification
  time (mtime) is evaluated when selecting objects to store during
  incremental or a level X backup, but also the inode change time
  (ctime). In this mode the filesystem entries access time (atime)
  is not restored to the value it had before saving it, because
  that would again change the ctime, thus each incremental backup
  would result in a full backup


 NumBackupParts

  If you have to backup a large amount of files and the
  full backup can't be done during one run (e.g. over a
  weekend), you can divide the full backup into pieces.
  This number determines how many pieces you need. If
  this number is not equal to 1, you have to supply which
  files and directories you want to save in which piece.
  You do so by setting the parameters DirsToBackupX with X
  equal to the number of the backup part the files belong
  to.


 ProcessCmd

  If you want your files to be processed during save (e.g.
  compressed), you can supply the name of the program that
  should perform the desired processing here. If you do so,
  you MUST also supply the appropriate unprocess- program.
  Note that this program may be specified with options but
  no shell-like constructions such as pipes, variables or
  wildcards. This program must read standard input and write
  to standard output. For pattern replacements see Logging File


 UnprocessCmd

  The counterpart to the processing program. You must either
  supply both process- and unprocess-program or neither of
  them. Like the process program, the unprocess-program must
  read standard input and write to standard output. For pattern
  replacements see Logging File.


 BuiltinCompressLevel

  A number, that specifies the level of built-in compression, if
  present, otherwise no built-in compression will be performed.
  If a process program is also specified, the order of processing
  is: First the data is piped through the external program and
  then built-in compression is done. Uncompressing works the other
  way round.


 IndexFilePart

  The name of the file where the names of the saved files
  are stored. The current number is appended to this filename.
  The number is incremented each time a full backup starts.
  For pattern replacements see LoggingFile.


 IndexProcessCmd

  The program to preprocess the index file, in most cases some
  kind of compression. If this parameter is not set, it defaults
  to the setting of the ProcessCmd. If you set it, you MUST also
  supply the appropriate unprocess- program. Note that this program
  may be specified with options but no shell-like constructions
  such as pipes, variables or wildcards. This program must read
  standard input and write to standard output. For pattern
  replacements see LoggingFile


 IndexUnprocessCmd

  The counterpart to the index processing program. If not given,
  it defaults to the setting of the UnprocessCmd. You must either
  supply both process- and unprocess-program or neither of them.
  Like the index process program, the unprocess-program must read
  standard input and write to standard output. For pattern
  replacements see LoggingFile


 ProcessBackupedFiles

  This flag specifies whether the files that are saved,
  should be processed by the configured program.


 ProcessLogfiles

  This flag specifies whether the filename logging files
  should be processed by the configured program.


 DoNotProcess

  These patterns or filenames specify files, that no processing
  is attempted on. Normally this is done for all files. This
  might be inefficient, e.g. compressing files, that are already
  compressed, so their compression can be suppressed with this
  parameter. The value of this parameter must be a list separated
  by whitespace. Double quotes may enclose list elements.


 NumIndexesToStore

  This number determines how many log files of previous full
  backups are saved. These files may serve for the restore
  of older files than those present in the current backup.
  Of course there must be sufficient space to hold all the
  data for the backups. It doesn't help to save all the saved
  filenames but not to have them available on tape.


 DaysToStoreIndexes

  Instead of the number of index files to be kept (previous
  parameter), their maximum age can be configured in days
  (floating point number allowed). Older index files will
  be automatically removed. If this parameter is configured
  and the previous one at the same time, the longer duration
  will be applied to avoid accidental removal of indexes on
  configuration errors.


 NumIndexesToScan

  This is the maximum number of index files, that will be
  scanned during restore. This can be helpful, if it takes
  too much time to scan through all index files, what is
  done, if restrictions are given, such as before time, after
  time or certain tapes. This parameter can be overridden by
  option -N of afrestore.


 DaysToScanIndexes

  Instead of configuring the maximum number of index files
  to be scanned (previous parameter), their maximum age in
  days can be configured (floating point number allowed).
  This parameter can be overridden by option -O of afrestore.


 CheckRestoreAccessPerms

  When this flag is set, during restore started by a normal
  user (not the superuser) it is checked, whether the user
  has sufficient access permissions in the directory, where
  the files are recovered. When relocating using option -C
  this is default behaviour. With this flag set it will be
  enforced also when not relocating. This has pros and cons.
  It might be desirable, that users can also restore their
  own files in directories owned by root (e.g. at-job files
  or the CDE calendar stuff). On the other side this might
  be considered a security problem.


 LoggingFile

  The name of a file error messages or other notable events
  are written to. A dash - stands for no logging. The pattern
  %V will be replaced with the full path to the var-directory,
  %B with the bin directory, %L with the lib directory, %C with
  the configuration directory and %I with the logging directory
  (usually == %V)


 ClientIdentifier

  The identifier for the client. Default: The official hostname.
  This entry is required, it several afbackup clients reside on
  one host and the multi stream server is used. In this case the
  multi stream server must be able to distinguish the clients to
  distribute the pieces of backup data on tape correctly.
  Otherwise the data would be mixed up and be unusable for the
  reading client.
  The multi-stream server writes the data to backup piecewise to
  tape, each chunk preceded with an identifier. This identifier
  is by default the official hostname of the connected client.
  If several client programs are running on the same client
  host, this procedure must fail. Any data prefixed with the
  name of the client would be delivered to the client program
  when reading (restore, verify, ...) and thus be a mixture of
  data previously sent to the server by both client programs
  with the same identifier (official hostname by default).
  For this reason the server denies to serve several connected
  clients with the same identifier. If several afbackup clients
  should be installed on one host, different client identifiers
  must be set in their configuration files.


 VarDirectory

  The directory, where varying files should be put in.
  These files must not be deleted. The information they
  contain is necessary for restore.


 Lock-file

  To prevent client programs from being started several times
  a lock file is created and this is it's name. For pattern
  replacements see: LoggingFile


 EncryptionKeyFile

  The file containing the encryption key for authenticating
  the backup client to the server. This file must contain at
  least 5 characters and must not have read permission for
  group or world. For pattern replacements see LoggingFile.


 StartupInfoProgram

  This is the (shell-) command to run to save the startup
  information of an incremental or full backup, sometimes
  called bootstrap information. This program should read the
  standard input and do something reasonable with it, e.g.
  append it to some file. The produced information can be
  used to recover from a hard crash, when the files are
  lost, that are containing the names of the saved files.
  Therefore this information should not be saved locally on
  the client host, but e.g. on an NFS-mounted filesystem, a
  floppy disc or in a mail-file (then this command should
  be sth. like: mail someuser). For pattern replacements
  see LoggingFile.


 InitProgram

  A (shell-) command to be run before a backup is attempted.
  If this program returns an exit status unequal to 0, no
  backup is performed. This parameter makes only sense when
  backup is started remotely, cause in that case no shell-
  command can be supplied. If backup is started locally, there
  is no problem to run whatever is necessery before the backup
  explicitly. For pattern replacements see LoggingFile.


 ExitProgram

  This parameter may specify a (shell-) command to run at
  exit time of a full or incremental backup. The following
  patterns are replaced as explained:
   %l  by the name of the file containing the filelists
   %r  by the name of the file containing statistics (this
       file is automatically removed after execution of this
       program)
   %e  by the overall exit status
   %i  with the minimum restore information
  For more pattern replacements see LoggingFile.
  Under very troublesome circumstances (e.g. several clients are
  trying to connect a busy single stream server and timeout, or a
  client program is killed) it might happen, that the ExitProgram
  is not executed. If you rely on the actions of the ExitProgram
  you better implement the desired functionality outside of the
  afbackup system.