Host-based backup of VMware vSphere VMs.
Post Reply
Peejay62
Expert
Posts: 237
Liked: 37 times
Joined: Aug 06, 2013 10:40 am
Full Name: Peter Jansen
Contact:

default execute directory /tmp for Linux servers

Post by Peejay62 »

probably I will create a supportcase on this matter but in advance, I noticed that when adding a Linux server to the managed servers view some kind of agent or software is started from /tmp on that server. Is there a possibility to have that changed to another path?
Because of implementing various hardening rules, of which one is put "noexec" on the /tmp fs, adding a linux server fails, at least it cannot get all the info of the Linux server. Anybody ran into this and had it solved?
btw, It is a good thing to put noexec on /tmp, intruders like to make use of /tmp to have unwanted things running.

thanks, Peter
tsightler
VP, Product Management
Posts: 6040
Liked: 2867 times
Joined: Jun 05, 2009 12:57 pm
Full Name: Tom Sightler
Contact:

Re: default execute directory /tmp for Linux servers

Post by tsightler »

Hi Peter. Yes, it is possible to change this behavior via LinAgentFolder registry key. The key should be placed in HKLM\Software\Veeam\Veeam Backup and Replication registry branch.

Note that if you set this key all communications with Linux servers will attempt to use this folder. This can lead to some strange errors messages if the folder doesn't exist, for example, if you forget to create it on a host. I provision my systems with a veeam_svcs account which has permissions to /opt/veeam (which it uses as the home folder for the service account) and I also restrict operations of sudo to that folder (and in some cases specific commands in that folder).
Peejay62
Expert
Posts: 237
Liked: 37 times
Joined: Aug 06, 2013 10:40 am
Full Name: Peter Jansen
Contact:

Re: default execute directory /tmp for Linux servers

Post by Peejay62 »

Hi Tom,

thanks, it works.
Thomas_Lee
Lurker
Posts: 2
Liked: 1 time
Joined: Jun 08, 2021 3:53 am
Full Name: Thomas Lee
Contact:

Change the default execute directory /tmp for Linux Servers to /opt/veeam (Support case number is 04850197)

Post by Thomas_Lee »

Hi , i would like to change the default execute directory /tmp for Linux Servers to /opt/veeam. How do i go about doing this? I came across an article however i would like to enquire the details in creating the LinAgent Folder registry key(Details that are needed to be set etc). Thanks.

vmware-vsphere-f24/default-execute-dire ... 65091.html
nikolaj
Expert
Posts: 164
Liked: 57 times
Joined: Mar 22, 2021 11:19 am
Contact:

Re: default execute directory /tmp for Linux servers

Post by nikolaj » 1 person likes this post

Hi Thomas,

I moved your topic here since it covers the same subject.
The registry key should be a standard String value (REG_SZ) with the appropriate path specified in the Value data form. You should create it in the HKEY_LOCAL_MACHINE\Software\Veeam\Veeam Backup and Replication registry branch.

Let us know if you need more info on the matter.

Thanks!
Thomas_Lee
Lurker
Posts: 2
Liked: 1 time
Joined: Jun 08, 2021 3:53 am
Full Name: Thomas Lee
Contact:

Re: default execute directory /tmp for Linux servers

Post by Thomas_Lee » 1 person likes this post

Hi Nikolaj,

Thanks and appreciate the prompt reply, will do so as advice. Have a great day.
Peejay62
Expert
Posts: 237
Liked: 37 times
Joined: Aug 06, 2013 10:40 am
Full Name: Peter Jansen
Contact:

Re: default execute directory /tmp for Linux servers

Post by Peejay62 »

I have changed the LinAgentFolder to /var/opt/veeam a long time ago and worked with that. When I now add or rescan a linux server (virtual) to the managed server tree, I observe that Veeam tries to use /opt/veeam (/var is gone..). Have there been any changes (after upgrading to V11) ? Imo it ignores the LinAgentFolder setting. At least, for installing the transport service it uses /opt/veeam to create an upload folder. This again results in errors adding the managed server as there is no access to /opt/veeam. Any idea?

thanks, Peter
mweissen13
Enthusiast
Posts: 93
Liked: 54 times
Joined: Dec 28, 2017 3:22 pm
Full Name: Michael Weissenbacher
Contact:

Re: default execute directory /tmp for Linux servers

Post by mweissen13 »

Hello Peter!
We are facing the same issue. We changed the LinAgentFolder to /opt/VeeamBackup/veeam-cc long ago. But the current version seems to ignore this setting and always tries to install the Transport Service under /opt/veeam, which fails.
Seems to be a bug, at least in the current Version P20210525.
Have you opened a support ticket?
Peejay62
Expert
Posts: 237
Liked: 37 times
Joined: Aug 06, 2013 10:40 am
Full Name: Peter Jansen
Contact:

Re: default execute directory /tmp for Linux servers

Post by Peejay62 »

Hello Michael,

no I haven't opened a support ticket (yet). I think I will. So you see the same issue, and indeed same as you the transport installation fails which one only observes happening when rescanning/re-editing a linux machine. In my console the linux machines look good within the infrastructure but the transport is missing and I guess this is causing some strange errors for those linux machines as desired transport mechanism is missing.
soncscy
Veteran
Posts: 643
Liked: 314 times
Joined: Aug 04, 2019 2:57 pm
Full Name: Harvey
Contact:

Re: default execute directory /tmp for Linux servers

Post by soncscy »

As far as I know, Veeam changed how the handling of linux servers goes; previously it loaded the components at the runtime which is what the referenced registry value controlled -- where the temporary components were loaded and executed from.

v11 has a service now, so I wouldn't expect that the service be deployed in the same location or be influenced in the same way.
Peejay62
Expert
Posts: 237
Liked: 37 times
Joined: Aug 06, 2013 10:40 am
Full Name: Peter Jansen
Contact:

Re: default execute directory /tmp for Linux servers

Post by Peejay62 »

opened a case. Case #05007905. Wait to see what it will bring up.
mweissen13
Enthusiast
Posts: 93
Liked: 54 times
Joined: Dec 28, 2017 3:22 pm
Full Name: Michael Weissenbacher
Contact:

Re: default execute directory /tmp for Linux servers

Post by mweissen13 »

we have case #02362269 open. although we initially started with another problem (which is still unsolved) we stumbled upon this problem and maybe they are related
mweissen13
Enthusiast
Posts: 93
Liked: 54 times
Joined: Dec 28, 2017 3:22 pm
Full Name: Michael Weissenbacher
Contact:

Re: default execute directory /tmp for Linux servers

Post by mweissen13 »

soncscy wrote: Sep 07, 2021 11:42 am As far as I know, Veeam changed how the handling of linux servers goes; previously it loaded the components at the runtime which is what the referenced registry value controlled -- where the temporary components were loaded and executed from.

v11 has a service now, so I wouldn't expect that the service be deployed in the same location or be influenced in the same way.
Well I have other V11 servers where this setting is still honored and working correctly. As long as i don't want to change the server's configuration which then tries to install the Transport service, which fails.
Post Reply

Who is online

Users browsing this forum: No registered users and 28 guests