Tivoli Storage Manager users can delete archive retention protected files prior to expiration
Problem: A file archived using event-based retention on a retention protected server can be deleted prior to expiration, even if the event has not occurred. Event-based retention is specified by RETINIT (Retention Initiation) being set to EVENT. Files can only be deleted when both the RETVER (Retain Version) and the RETMIN (Minimum Retention) number of days has elapsed since the file was created. Files can be deleted using the Tivoli Storage Manager backup archive command line client DELETE ARCHIVE command or using similar capability in the graphical user interface or application programming interface. Files may also be deleted using the Tivoli Storage Manager server commands DELETE FILESPACE and DELETE VOLUME. Note that the server expiration process will NOT delete files until all retention criteria are met.
For example, consider a copygroup with RETINIT=EVENT, RETVER=30, and RETMIN=90, meaning files are to be kept for 30 days after the event occurs or 90 days after the file is created, whichever is longer. After 90 days has elapsed since the file was created, the file can be deleted, even if the event has not occurred.
Who is Affected: Tivoli Storage Manager Version 6.1 users with archive retention protection and event-based retention. To determine if you are using archive retention protection, use QUERY STATUS and check if "Archive Retention Protection" is set to "On." To determine if you are using event-based retention, use QUERY COPYGROUP TYPE=ARCHIVE and check if any copygroup has "Retention Initiation" set to "Event."
The TSM server version shipped with the IBM Information Archive (IA) product is NOT affected.
Recommendation: This problem is fixed in APAR IC65589. Apply the fixing level, either Tivoli Storage Manager Version 6.1.3 or 188.8.131.52. Please see Flash 1417521 for additional information on using 6.1.3. http://www-01.ibm.com/support/docview.wss?uid=swg21417521
Circumventions: Do not attempt to delete retention protected archive objects prior to expiration. For example, you can use the UPDATE NODE <nodename> ARCHDELETE=NO command to prevent the client from being able to delete archive files.
|Storage Management||IBM System Storage Archive Manager||AIX, HP-UX, Linux, Solaris, Windows||6.1||Edition Independent|