We have /tmp set noexec for security purposes (following CIS benchmark recommendations - https://www.cisecurity.org/cis-benchmarks/). The Veeam Linux agent now seems to be creating some randomly-named subdirectories under /tmp and executing things from there when it tries to do an agent upgrade or rescan, and it fails with a permission error as a result.
Is this behavior new? I don't recall seeing any problems until recently. Is there some way to tell it to use a different directory for its temporary files?
-
dsegel
- Influencer
- Posts: 21
- Liked: never
- Joined: Aug 09, 2017 3:51 pm
- Full Name: Daniel Segel
- Contact:
-
PTide
- Product Manager
- Posts: 6551
- Liked: 765 times
- Joined: May 19, 2015 1:46 pm
- Contact:
Re: Agent upgrade or rescan tries to execute out of /tmp now
Hi,
Yes, VBR deploys some binaries in /tmp in order to obtain a unique ID for each machine, however it has been working like that for a long time. What are the versions of the agent and VBR that you use?
Thanks
Yes, VBR deploys some binaries in /tmp in order to obtain a unique ID for each machine, however it has been working like that for a long time. What are the versions of the agent and VBR that you use?
Have any upgrades occured recently?don't recall seeing any problems until recently.
Thanks
-
dsegel
- Influencer
- Posts: 21
- Liked: never
- Joined: Aug 09, 2017 3:51 pm
- Full Name: Daniel Segel
- Contact:
Re: Agent upgrade or rescan tries to execute out of /tmp now
Agent and VB&R are all the latest versions available (released). It's possible it's been failing for a while and I just never noticed until now.
-
PTide
- Product Manager
- Posts: 6551
- Liked: 765 times
- Joined: May 19, 2015 1:46 pm
- Contact:
Re: Agent upgrade or rescan tries to execute out of /tmp now
We need to confirm the described behaviour in our QA lab. Please stay tuned.
Thanks
Thanks
Who is online
Users browsing this forum: No registered users and 7 guests