cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Securing NetBackup using RBAC

gregsih
Level 4

‎12-22-2009 05:47 AM

Has anybody managed to implement RBAC, on solaris, to secure NetBackup ? We are attempting to allow our backup admins to run some of the root only functions but do not want to give them the root password or implement sudo. The configuration files have ben created as follows: root# tail /etc/passwd nbadmin:x:1118:1::/home/NetBackup:/usr/bin/pfksh nbadmin1:x:1119:1:NetBackup Admin:/home/nbadmin1:/usr/bin/pfksh root# tail /etc/user_attr nbadmin::::type=role;profiles=NetBackup nbadmin1::::type=normal;roles=nbadmin root# tail /etc/security/prof_attr NetBackup:::NetBackup Administrator: root# tail /etc/security/exec_attr NetBackup:suser:cmd:::/usr/openv/netbackup/bin/bpadm:uid=0 User should login as nbadmin1 and su to nbadmin. This results in the standard error message for the bpadm utility - 'must be superuser to run'. Any suggestions would be most welcome.
0 Kudos
1 REPLY 1

gregsih
Level 4

‎12-23-2009 06:04 AM

The problem is now solved.

The solution proved to be very simple:

The rbac utility does not like links so changing the path in exec_attr from /usr/openv to /opt/openv was the solution.

Hope this will be of help to others.
0 Kudos