Solved

Immutable Backup on Linux Hardened Repository


Userlevel 3

I set up a linux hardened repository for immutable backups. In the Backup Repository I have set the minimu 7 days as immutable.

The Backup Job finished sucessfully on this linux repository. But i can still delete the backup. I have also checked in Linux directory, there should all backup files have an extension “i” to say that this file is immutable. But there is also no “i” in the directory.

 

What am I doing wrong? Can someone help me?

icon

Best answer by SchuleRothrist 10 February 2022, 13:30

View original

35 comments

Userlevel 7
Badge +5

Are you running synthentic or active fulls periodically?

You must configure FullBackups, or the files won’t be immutable.

Forever Forward Incremental Backup Chains will not be immutable

Userlevel 7
Badge +7

Do you get any error messages? What kind of backup do you perform? VM? Agent? Database?

Userlevel 7
Badge +7

Are you running synthentic or active fulls periodically?

You must configure FullBackups, or the files won’t be immutable.

Forever Forward Incremental Backup Chains will not be immutable

Wrong selected chain-type should show a error in console. It should not be possible to configure this. Would be a bug ...

Userlevel 3

Are you running synthentic or active fulls periodically?

You must configure FullBackups, or the files won’t be immutable.

Forever Forward Incremental Backup Chains will not be immutable

I dont get any errors.

I set up asynthetic full backup periodically. So i have to deactivate the synthetic and activate the active full backup?

 

Userlevel 7
Badge +7

No, synthetic and active full both works.

Userlevel 7
Badge +7

What backup job do you perform?

Userlevel 3

No, synthetic and active full both works.

Ok, but i have still the problem, that my backup is not immutable. Any idea about that?

Userlevel 7
Badge +7

No, synthetic and active full both works.

Ok, but i have still the problem, that my backup is not immutable. Any idea about that?

do you backup VMs or files or Agents or … ?

Userlevel 3

No, synthetic and active full both works.

Ok, but i have still the problem, that my backup is not immutable. Any idea about that?

do you backup VMs or files or Agents or … ?

I do Server, and add the computers, and these computers are VM’s

 

Userlevel 7
Badge +7

What Linux distribution and version do you use?

Userlevel 7
Badge +3

Did you follow the guide for creating the immutable linux repo?

https://helpcenter.veeam.com/docs/backup/vsphere/hardened_repository_deploy.html?ver=110

 

Userlevel 3

What Linux distribution and version do you use?

I am using Ubuntu Server 20.04.3 LTS.

I have all set it up like this: https://nolabnoparty.com/en/veeam-v11-hardened-repository-immutability-pt-1/

but instead of one Backup Disk i chose software Raid 6 in the installation, cause i have 6 disks.

Userlevel 7
Badge +8

And also:

 

What file system is the repository using?

And can you show us the repository settings/configuration in Veeam?

Userlevel 3

And also:

 

What file system is the repository using?

And can you show us the repository settings/configuration in Veeam?

The file system is xfs (or do you mean something else?)

 

this is the configuration in veeam

 

 

Userlevel 7
Badge +7

could you please check the system time on your hardened repo server

Userlevel 3

could you please check the system time on your hardened repo server

the time on the server is one hour behind the local time

Userlevel 3

Did you follow the guide for creating the immutable linux repo?

https://helpcenter.veeam.com/docs/backup/vsphere/hardened_repository_deploy.html?ver=110

 

I have used this discription: https://nolabnoparty.com/en/veeam-v11-hardened-repository-immutability-pt-1/ 
but im not a linux master

Userlevel 7
Badge +8

could you please check the system time on your hardened repo server

the time on the server is one hour behind the local time

I can see you’re signed in as root, root can bypass immutability, is this the problem?

 

Go to the directory with the backups in and use the lsattr command to see the immutability flag

Userlevel 7
Badge +7

could you share the screenshot of lsattr?

Userlevel 7
Badge +7

How did you try to delete files? within Linux (shell) or by deleting restore points in VBR console?

Userlevel 3

could you please check the system time on your hardened repo server

the time on the server is one hour behind the local time

I can see you’re signed in as root, root can bypass immutability, is this the problem?

 

Go to the directory with the backups in and use the lsattr command to see the immutability flag

For setting up i have used another user and used Single-use credentials to set up veeam repository. The user was in root and afterwards i deleted the user from root again.

This is the lsattr view

 

 

Userlevel 3

How did you try to delete files? within Linux (shell) or by deleting restore points in VBR console?

I have tried to delete it from veeam directly, after that i was looking for the lsattr and cant find the immutable “i”

Userlevel 7
Badge +7

could you please check the system time on your hardened repo server

the time on the server is one hour behind the local time

I can see you’re signed in as root, root can bypass immutability, is this the problem?

 

Go to the directory with the backups in and use the lsattr command to see the immutability flag

For setting up i have used another user and used Single-use credentials to set up veeam repository. The user was in root and afterwards i deleted the user from root again.

This is the lsattr view

 

 

please let us see the file extentions

Userlevel 3

could you please check the system time on your hardened repo server

the time on the server is one hour behind the local time

I can see you’re signed in as root, root can bypass immutability, is this the problem?

 

Go to the directory with the backups in and use the lsattr command to see the immutability flag

For setting up i have used another user and used Single-use credentials to set up veeam repository. The user was in root and afterwards i deleted the user from root again.

This is the lsattr view

 

 

please let us see the file extentions

 

Userlevel 3

Sorry the last picture is from a Computer that actually not finished backing up.

 

I have now a successful backup from a smaler one. It looks like it worked. I cant delete it from Veeam Disk. Also have the “i” in the repository.

 

I have still ssh activated, due to set up. Does this affect somehow if i disable the ssh, i think its recommendet to deactivate ssh if all is set up?

Comment