Requirements and need for database user with release 10.2 (or higher)

Article: 100053091
Last Published: 2023-04-07
Ratings: 0 0
Product(s): NetBackup & Alta Data Protection

Problem

With the NetBackup 10.2 release, the NetBackup database service on the primary server requires a non-root account to run on Linux systems.

  • On Linux, the user may see a new prompt for a database user during the primary server install or upgrade. This new prompt asks the user to provide a "database user". The user is not prompted if they opt to run NetBackup services as non-root user. Details about service user can be found in the following article:  https://www.veritas.com/support/en_US/article.100048220
  • On Windows, there is no prompt. By default the database service uses the Local Service built-in account.

Solution

Perform the following steps before the install or upgrade:

  •  Create the database user by running the following command:

             # sudo useradd -M <non-root-user>

  • When prompted, enter the account name.
  • For silent primary server installs or upgrades, in the file /tmp/NBInstallAnswer.conf add the following entry:
    DATABASE_USER = <your_user>

    Refer to the NBInstallAnswer-master.template file in your package for more details. See the following information for more details and requirements.

Database user description

The DATABASE_USER is the username of the account that will own the NetBackup database service on Linux systems. This user must already exist on the system before the installation or upgrade. This user cannot be a root account. The user also can not be part of sudoers list. If the database user resolves to root or is part of sudoers list, the install fails. 

The database user will own all directories under the directory /usr/openv/db/data.

Requirements for DATABASE_USER account

  • Account must be a non-root account and should not be part of sudoers list.
  • The length of the database username must be less than 32 characters
  • The database username must contain only English characters.
  • If the value is provided and the entry DATABASE_USER exists in bp.conf, this value must match the configured database user on the computer.
  • The same database account must be used on each node of a clustered primary server. The username, group name, and UID must be same on all cluster nodes.
  • The WEBSVC_USER user should not be used as the database user.

Upgrade scenarios

Service user is non-root: The database user will have the same value as the service user. 

Service user is root:  The install will prompt for a database user. The username that is provided must exist in the system and be a non-root account.

Database user prompt during install/upgrade

ATTENTION! The NetBackup services currently use a root system account, which is not recommended.
NetBackup is unable to use this account for the new scale-out database server process.
Provide an alternative account name that meets the following criteria:
- Root accounts are not allowed.
- The username must be 1-31 characters.
- The username must contain only English characters.
- The nbwebsvc user should not be used as the scale-out database user.
For more details, see the article: https://www.veritas.com/docs/100053091.

Enter the name of the system account which will own the scale-out database server process:

Was this content helpful?