Forum Discussion

Alaaeddine's avatar
Alaaeddine
Level 2
4 years ago

bppllist: must be superuser to execute

Hi All,

I have a problem with setting a new account with superuser authontifictaion to execute commands on netbackup!

The new account is srv-ctlm

[srv-ctlm@******** admincmd]$ /usr/openv/netbackup/bin/admincmd/bppllist
bppllist: must be superuser to execute

here down, you will find how i set the new acount in the auth.conf file : 

[srv-ctlm@********* netbackup]$ cd /usr/openv/java/
[srv-ctlm@********* java]$ cat auth.conf
#Pas de tab dans ce fichier, seulement des espaces
root ADMIN=ALL JBP=ALL
srv-ctlm ADMIN=ALL JBP=ALL
* ADMIN=JBP JBP=ENDUSER+BU+ARC

i need your help please :(

 

Best Regards 
Alaaeddine

8.1.2
Linux
  • Nicolai's avatar
    Nicolai
    4 years ago

    hi Alaaeddine 

    I think there is a optiion, it is called Enhanced Auditing

    Taken from the Security and Encryption Guide:

    This feature allows a non-root user or a non-administrator to perform all the NetBackup operations through a command-line interface or the NetBackup Administration Console. The user is authorized to either perform all operations or no operations. This feature does not offer role-based access control.

    https://www.veritas.com/support/en_US/doc/21733320-132525226-0/v101261421-132525226

    Best Regards
    Nicolai

5 Replies

Sort By
  • RamNagalla's avatar
    RamNagalla
    Moderator
    4 years ago

    auth.conf file is only to  provide admin access on Netbackup java console, it does not provide the admin/super user access for command line, you need to be root user or sudo root privilages user to run some of the admin related command in netbackup CLI.

    • Alaaeddine's avatar
      Alaaeddine
      Level 2
      4 years ago

      Hi RamNagalla,

      Thanks for the feedback but is there anoter way without using the root user ?

      the root user is for administration and we want to keep it just for that.

      I find it strange that we can't be free to use other users to run app commands like "bppllist"  :(

      Best Regards 

      Alaaeddine BELLARADH

      • Nicolai's avatar
        Nicolai
        Moderator
        4 years ago

        hi Alaaeddine 

        I think there is a optiion, it is called Enhanced Auditing

        Taken from the Security and Encryption Guide:

        This feature allows a non-root user or a non-administrator to perform all the NetBackup operations through a command-line interface or the NetBackup Administration Console. The user is authorized to either perform all operations or no operations. This feature does not offer role-based access control.

        https://www.veritas.com/support/en_US/doc/21733320-132525226-0/v101261421-132525226

        Best Regards
        Nicolai