Hi all,
This might be a stupid question but customer asks why cvlt requires root/admin privilege on each platform for installation and operation.
Anyone who can articulate this briefly in technical perspective?
Thanks.
Page 1 / 1
because the software needs full permissions on everything.
Software can be installed as a non-root user but Commvault is fully installed within that user's home directory and runs as that user.
Documentation: https://documentation.commvault.com/11.24/expert/1869_installation_of_unix_agents_by_non_root_user.html
Essentially the Commvault Processes/Services need to interface with the OS/Applications/Modules on the Server and launch processes for the necessary CV related operations/jobs, etc. - To do this we need to “run as” a user/root.
Hello Hongmo,
We are looking into few possibilities. Can you add some details on which customers are asking and what is their reservation to run the software as root?
Software can be installed as a non-root user but Commvault is fully installed within that user's home directory and runs as that user.
Documentation: https://documentation.commvault.com/11.24/expert/1869_installation_of_unix_agents_by_non_root_user.html
Essentially the Commvault Processes/Services need to interface with the OS/Applications/Modules on the Server and launch processes for the necessary CV related operations/jobs, etc. - To do this we need to “run as” a user/root.
Thanks for your great reference URL and descriptions.
Hello Hongmo,
We are looking into few possibilities. Can you add some details on which customers are asking and what is their reservation to run the software as root?
From what i heard from an engineer customer hasn’t experienced any backup product yet and so particular about security.
Otherwise he might be a very thorough guy on everything.
I reckon customer is asking this at the lack of understanding the backup product including CVLT.
Customer requests an official answer/BOL from CVLT on this.
I haven’t came across any customer who asked about this so far.
Let us know if you need more info, of course!
As of today, CV software needs to run as root. There is no immediate solution. however, go ahead and log a CMR/CCR with customer requirement. Narender will take that into advice for the project he is working on.
Hi !
So far, ontop of everything explained over here, we have regularly the same thoughts at some point in time, to challenge the use of full admin (windows) or root (unix-like) rights on any product. This mostly come from security teams, or management or even legal departments.
A simple answer would be that any backup software would backup anything that he has the right to access. So, if it has no right to read the registry (windows) or some folders (oracle/unix) then the backup software would not be able to copy them ==> to protect them.
For deeper technical questions like beeing able to vss or snapshot or mount/dismount volumes, then this requires thin extended rights. If you need to filter up to this level, it would be a huge work to create such accounts/profiles, that in almost any case are very close to Administrator/root users.
To simplify this, all the backup software on the marketplace require Admin/root rights to work properly.
Well detailed thoughts, 
).
Thanks you guys on all comments.
It’s a sufficient answer so I was able to cope with this customer with your help.
Thanks a lot.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.