09-30-2011 01:56 AM
Team,
NetBackup Versions 7.0 and 6.0.
The security team is pushing for changes of each and every file and folder level permissions for the folders /usr/openv and /opt/VRTSperl/lib/site_perl/ICS5.0 to 755.
I tried to check if Symantec provides any documentation for same and other forums but failed to find any other then the permissions for logs folders in NetBackup.
I am sure this can cause havoc to a production environment but I am looking for specific issues that will be caused due to this.
I understand due the process of backups and restores a lot of files are created, appended, accessed, deleted .
What level of permissions are required for each file and folder at the owner,group,other level without impacting any funstioning of NetBackup to protect environments.
TIA
Rgds
VM
09-30-2011 08:53 AM
as per my knowlegde 755 should work on the netbackup enviornmnet... as the netbackup try to access as a root user...
but not sure... I will have to check.. how my enviornment setup has the permission.. that will give more idea.. I will let you know.. once i verified those..
09-30-2011 12:21 PM
We put out a TechNote on the /opt/VRTSperl stuff:
http://www.symantec.com/docs/TECH154600
Other than I believe the logs directories as you have previously mentioned, I'm not sure we really need 777 anywhere else. (With each new version, we're trying to get closer to completely eradicating the need for 777 ANYWHERE, for the obvious reasons.)