12-19-2018 06:27 AM - edited 12-19-2018 06:28 AM
Since an Oracle backup runs a script as root, NetBackup is now securing these scripts.
When we upgrade to 8.1.2, all oracle backup scripts must be run from a defined area. If the script/directory is not authorized, the backup will fail with error (5449) The script is not approved for execution.
What does this mean to us?
We should determine a standard script path and protect those scripts so only DBA can update them
As we update clients, we need to add a line in each bp.conf listing the script directory path, like “DB_SCRIPT_PATH = /oracle/rman/” Based on script path in policies.
https://www.veritas.com/support/en_US/article.100039639.html
Best Practices for script authorized location management
Solved! Go to Solution.
12-19-2018 06:41 AM
Correct.
This was introduced in NBU 8.1:
https://www.veritas.com/content/support/en_US/doc/16226115-126559565-0/v125208570-126559565
12-19-2018 06:41 AM
Correct.
This was introduced in NBU 8.1:
https://www.veritas.com/content/support/en_US/doc/16226115-126559565-0/v125208570-126559565
01-31-2019 09:11 AM
On Windows S.O. I found another way to solve this problem. It may help in some cases:
I identifyed the parameter DB_SCRIPT_PATH:
mymasterserver:/usr/openv/netbackup # bpgetconfig -M myclient DB_SCRIPT_PATH
DB_SCRIPT_PATH
I created a file txt and added the 2 lines below:
mymasterserver:/usr/openv/netbackup # vi myclient.txt
DB_SCRIPT_PATH = F:\oracle
DB_SCRIPT_PATH = F:\oracle\product\10.2.0\admin\SP2D\scripts\backup\scrRootRmanTapeArchive.bat
Then I run the following command:
bpsetconfig -h myclient myclient.txt
The results:
nbu1-master-ne:/usr/openv/netbackup # bpgetconfig -M s6060db18 DB_SCRIPT_PATH
DB_SCRIPT_PATH = F:\oracle
DB_SCRIPT_PATH = F:\oracle\product\10.2.0\admin\SP2D\scripts\backup\scrRootRmanTapeArchive.bat
Finally, I reprocessed the job and it ended perfectly