11-23-2021 01:54 AM
I'm deploying the NB agent v8 and v9 to RHEL 7.7 and 7.9. I'm wondering what priviledge it requires to run on the target RHEL server. Our backup team are saying it needs to run as the root user but our security team would naturally prefer that not be the case.
Solved! Go to Solution.
11-23-2021 01:13 PM
Hi @shocko
Sudo would not work for the NetBackup services (bpcd, vnetd etc.) that the client runs (sudo implies a shell of some kind and is not suitable for daemon processes).
At present the services need to run as the root user in order to perform the various operatiaons required.
David
11-23-2021 07:28 AM
Hello,
starting with NBU 9.1.0.1, most of Master Server services can run under non-root user. More detail here: https://www.veritas.com/content/support/en_US/doc/103228346-147321331-0/v149908342-147321331.
However this is not the case of Media Servers and clients.
Take into account that backup and especially restore activities on a systems are one of the most powerful, so the services should run under privileged account. Without this, you could get into problems especially during restores.
Regards
Michal
11-23-2021 08:28 AM
Thanks for the reply. Would sudo not suffice though? We have other agents that require root priviledge but do not actually run under the root user.
11-23-2021 01:13 PM
Hi @shocko
Sudo would not work for the NetBackup services (bpcd, vnetd etc.) that the client runs (sudo implies a shell of some kind and is not suitable for daemon processes).
At present the services need to run as the root user in order to perform the various operatiaons required.
David
11-23-2021 02:31 PM
Thanks for the info. We only need to backup some files that a non-root user has access to so hence security have asked why we need root. If that's the requirement then so be it.