-
- Expert
- Posts: 237
- Liked: 37 times
- Joined: Aug 06, 2013 10:40 am
- Full Name: Peter Jansen
- Contact:
default execute directory /tmp for Linux servers
probably I will create a supportcase on this matter but in advance, I noticed that when adding a Linux server to the managed servers view some kind of agent or software is started from /tmp on that server. Is there a possibility to have that changed to another path?
Because of implementing various hardening rules, of which one is put "noexec" on the /tmp fs, adding a linux server fails, at least it cannot get all the info of the Linux server. Anybody ran into this and had it solved?
btw, It is a good thing to put noexec on /tmp, intruders like to make use of /tmp to have unwanted things running.
thanks, Peter
Because of implementing various hardening rules, of which one is put "noexec" on the /tmp fs, adding a linux server fails, at least it cannot get all the info of the Linux server. Anybody ran into this and had it solved?
btw, It is a good thing to put noexec on /tmp, intruders like to make use of /tmp to have unwanted things running.
thanks, Peter
-
- VP, Product Management
- Posts: 6040
- Liked: 2867 times
- Joined: Jun 05, 2009 12:57 pm
- Full Name: Tom Sightler
- Contact:
Re: default execute directory /tmp for Linux servers
Hi Peter. Yes, it is possible to change this behavior via LinAgentFolder registry key. The key should be placed in HKLM\Software\Veeam\Veeam Backup and Replication registry branch.
Note that if you set this key all communications with Linux servers will attempt to use this folder. This can lead to some strange errors messages if the folder doesn't exist, for example, if you forget to create it on a host. I provision my systems with a veeam_svcs account which has permissions to /opt/veeam (which it uses as the home folder for the service account) and I also restrict operations of sudo to that folder (and in some cases specific commands in that folder).
Note that if you set this key all communications with Linux servers will attempt to use this folder. This can lead to some strange errors messages if the folder doesn't exist, for example, if you forget to create it on a host. I provision my systems with a veeam_svcs account which has permissions to /opt/veeam (which it uses as the home folder for the service account) and I also restrict operations of sudo to that folder (and in some cases specific commands in that folder).
-
- Expert
- Posts: 237
- Liked: 37 times
- Joined: Aug 06, 2013 10:40 am
- Full Name: Peter Jansen
- Contact:
Re: default execute directory /tmp for Linux servers
Hi Tom,
thanks, it works.
thanks, it works.
-
- Lurker
- Posts: 2
- Liked: 1 time
- Joined: Jun 08, 2021 3:53 am
- Full Name: Thomas Lee
- Contact:
Change the default execute directory /tmp for Linux Servers to /opt/veeam (Support case number is 04850197)
Hi , i would like to change the default execute directory /tmp for Linux Servers to /opt/veeam. How do i go about doing this? I came across an article however i would like to enquire the details in creating the LinAgent Folder registry key(Details that are needed to be set etc). Thanks.
vmware-vsphere-f24/default-execute-dire ... 65091.html
vmware-vsphere-f24/default-execute-dire ... 65091.html
-
- Expert
- Posts: 164
- Liked: 57 times
- Joined: Mar 22, 2021 11:19 am
- Contact:
Re: default execute directory /tmp for Linux servers
Hi Thomas,
I moved your topic here since it covers the same subject.
The registry key should be a standard String value (REG_SZ) with the appropriate path specified in the Value data form. You should create it in the HKEY_LOCAL_MACHINE\Software\Veeam\Veeam Backup and Replication registry branch.
Let us know if you need more info on the matter.
Thanks!
I moved your topic here since it covers the same subject.
The registry key should be a standard String value (REG_SZ) with the appropriate path specified in the Value data form. You should create it in the HKEY_LOCAL_MACHINE\Software\Veeam\Veeam Backup and Replication registry branch.
Let us know if you need more info on the matter.
Thanks!
-
- Lurker
- Posts: 2
- Liked: 1 time
- Joined: Jun 08, 2021 3:53 am
- Full Name: Thomas Lee
- Contact:
Re: default execute directory /tmp for Linux servers
Hi Nikolaj,
Thanks and appreciate the prompt reply, will do so as advice. Have a great day.
Thanks and appreciate the prompt reply, will do so as advice. Have a great day.
-
- Expert
- Posts: 237
- Liked: 37 times
- Joined: Aug 06, 2013 10:40 am
- Full Name: Peter Jansen
- Contact:
Re: default execute directory /tmp for Linux servers
I have changed the LinAgentFolder to /var/opt/veeam a long time ago and worked with that. When I now add or rescan a linux server (virtual) to the managed server tree, I observe that Veeam tries to use /opt/veeam (/var is gone..). Have there been any changes (after upgrading to V11) ? Imo it ignores the LinAgentFolder setting. At least, for installing the transport service it uses /opt/veeam to create an upload folder. This again results in errors adding the managed server as there is no access to /opt/veeam. Any idea?
thanks, Peter
thanks, Peter
-
- Enthusiast
- Posts: 93
- Liked: 54 times
- Joined: Dec 28, 2017 3:22 pm
- Full Name: Michael Weissenbacher
- Contact:
Re: default execute directory /tmp for Linux servers
Hello Peter!
We are facing the same issue. We changed the LinAgentFolder to /opt/VeeamBackup/veeam-cc long ago. But the current version seems to ignore this setting and always tries to install the Transport Service under /opt/veeam, which fails.
Seems to be a bug, at least in the current Version P20210525.
Have you opened a support ticket?
We are facing the same issue. We changed the LinAgentFolder to /opt/VeeamBackup/veeam-cc long ago. But the current version seems to ignore this setting and always tries to install the Transport Service under /opt/veeam, which fails.
Seems to be a bug, at least in the current Version P20210525.
Have you opened a support ticket?
-
- Expert
- Posts: 237
- Liked: 37 times
- Joined: Aug 06, 2013 10:40 am
- Full Name: Peter Jansen
- Contact:
Re: default execute directory /tmp for Linux servers
Hello Michael,
no I haven't opened a support ticket (yet). I think I will. So you see the same issue, and indeed same as you the transport installation fails which one only observes happening when rescanning/re-editing a linux machine. In my console the linux machines look good within the infrastructure but the transport is missing and I guess this is causing some strange errors for those linux machines as desired transport mechanism is missing.
no I haven't opened a support ticket (yet). I think I will. So you see the same issue, and indeed same as you the transport installation fails which one only observes happening when rescanning/re-editing a linux machine. In my console the linux machines look good within the infrastructure but the transport is missing and I guess this is causing some strange errors for those linux machines as desired transport mechanism is missing.
-
- Veteran
- Posts: 643
- Liked: 314 times
- Joined: Aug 04, 2019 2:57 pm
- Full Name: Harvey
- Contact:
Re: default execute directory /tmp for Linux servers
As far as I know, Veeam changed how the handling of linux servers goes; previously it loaded the components at the runtime which is what the referenced registry value controlled -- where the temporary components were loaded and executed from.
v11 has a service now, so I wouldn't expect that the service be deployed in the same location or be influenced in the same way.
v11 has a service now, so I wouldn't expect that the service be deployed in the same location or be influenced in the same way.
-
- Expert
- Posts: 237
- Liked: 37 times
- Joined: Aug 06, 2013 10:40 am
- Full Name: Peter Jansen
- Contact:
Re: default execute directory /tmp for Linux servers
opened a case. Case #05007905. Wait to see what it will bring up.
-
- Enthusiast
- Posts: 93
- Liked: 54 times
- Joined: Dec 28, 2017 3:22 pm
- Full Name: Michael Weissenbacher
- Contact:
Re: default execute directory /tmp for Linux servers
we have case #02362269 open. although we initially started with another problem (which is still unsolved) we stumbled upon this problem and maybe they are related
-
- Enthusiast
- Posts: 93
- Liked: 54 times
- Joined: Dec 28, 2017 3:22 pm
- Full Name: Michael Weissenbacher
- Contact:
Re: default execute directory /tmp for Linux servers
Well I have other V11 servers where this setting is still honored and working correctly. As long as i don't want to change the server's configuration which then tries to install the Transport service, which fails.soncscy wrote: ↑Sep 07, 2021 11:42 am As far as I know, Veeam changed how the handling of linux servers goes; previously it loaded the components at the runtime which is what the referenced registry value controlled -- where the temporary components were loaded and executed from.
v11 has a service now, so I wouldn't expect that the service be deployed in the same location or be influenced in the same way.
Who is online
Users browsing this forum: AdsBot [Google], Bing [Bot] and 9 guests