what is the correct permission to give backup repository:
Ubuntu document its mention chmod 700 and in the redhat its 2775, which one is correct permission, kindly suggest. Appreciate if i get preparation process steps for redhat linux 8.x version for veeam 12.1
Permissions in the Veeam User Guide falls under Ubuntu section, but setting folder permissions is a universal setting, not an OS-specific setting...at least I’m pretty sure. I’ve trained on RH-based systems, but have Debian-based (Ubuntu) systems in-house...so I’m pretty sure that’s accurate, as I’ve configured folder/file permissions on both OSes the same way. Can you share where you got the RedHat config from?
I recommend following permissions configuration as recommended in the Veeam User Guide.
Follow this guide it is 3 parts and will explain how to set up the VHR - Veeam Hardening Linux Repository – Part 1 | StarWind Blog (starwindsoftware.com)
example given like below for redhat:[root@repo10 mnt]# chmod 2775 backup
I have configured on ubuntu earlier without any challenges. However in this redhat looks different
Follow this guide it is 3 parts and will explain how to set up the VHR - Veeam Hardening Linux Repository – Part 1 | StarWind Blog (starwindsoftware.com)
Hi Chris,
Thanks for your information. However, I need the procedure for redhat linux 8.x. I need it for my new requirement which is redhat linux.
should I follow the same procedure in redhat from ubuntu , will it support
Try this page - chattr Command Examples to Change File Attributes (Make files immutable) – The Geek Diary
You can use the “chattr” command in RHEL to set the Immutability flag for files/directories. Scroll down for folders.
should I follow the same procedure in redhat from ubuntu , will it support
It technically should support it but I tend to work with Ubuntu more and never tried RHEL with the same process.
I refer the following link for redhat hardening
https://www.redhat.com/en/blog/veeam-ransomware-protection-rhel-immutable-repository
should I follow the same procedure in redhat from ubuntu , will it support
Yes...the cmds provided in the Guide are linux-agnostic. The main difference is the package manager tool used. And, there are some package names required which are slightly different based on OS type.
should I follow the same procedure in redhat from ubuntu , will it support
Yes...the cmds provided in the Guide are linux-agnostic. The main difference is the package manager tool used. And, there are some package names required which are slightly different based on OS type.
thank you for your update, let me follow and work around with ubuntu procedure in redhat linux. I have configured ubuntu based hardended server couple of times.
should I follow the same procedure in redhat from ubuntu , will it support
Yes...the cmds provided in the Guide are linux-agnostic. The main difference is the package manager tool used. And, there are some package names required which are slightly different based on OS type.
thank you for your update, let me follow and work around with ubuntu procedure in redhat linux. I have configured ubuntu based hardended server couple of times.
Let us know how it goes but it should work this way as well.
I refer the following link for redhat hardening
https://www.redhat.com/en/blog/veeam-ransomware-protection-rhel-immutable-repository
Thank you for sharing that. So, the 4th octel, represented by the 1st digit, sets the setuid and/or setgid, representing letting either a user or a group to run executable and make changes. You can read more about it here. I’m not sure why that RH Solutions Architect placed those permissions on the directory used for the Repo. Those permissions are not configured in the User Guide. And, the permissions he adds are less restrictive than what Veeam suggests to configure.
should I follow the same procedure in redhat from ubuntu , will it support
It technically should support it but I tend to work with Ubuntu more and never tried RHEL with the same process.
chris,
Myself also worked with ubuntu, but the new case require redhat OS. I have done with some part, and have doubt with setting differs between ubuntu and redhat
should I follow the same procedure in redhat from ubuntu , will it support
It technically should support it but I tend to work with Ubuntu more and never tried RHEL with the same process.
chris,
Myself also worked with ubuntu, but the new case require redhat OS. I have done with some part, and have doubt with setting differs between ubuntu and redhat
Try the Ubuntu commands as it should work. You may need to tweak them for RHEL.
I refer the following link for redhat hardening
https://www.redhat.com/en/blog/veeam-ransomware-protection-rhel-immutable-repository
Thank you for sharing that. So, the 4th octel, represented by the 1st digit, sets the setuid and/or setgid, representing letting either a user or a group to run executable and make changes. You can read more about it here. I’m not sure why that RH Solutions Architect placed those permissions on the directory used for the Repo. Those permissions are not configured in the User Guide. And, the permissions he adds are less restrictive than what Veeam suggests to configure.
Yes, my doubt is also same. let me cross check with ubuntu and correct permission as per user guide
Ok..let us know how it goes
Make sure you review the requirements needed for your distribution
See Repo requirements here. And, for Linux Requirements and Limitations for Hardened Repo, see here.
is it mandatory to use Raid6/raid60 for data?
thank you all for your updates,
Let me try this tomorrow and validate
It is not mandatory no it depends on your server configuration but RAID5/6 would be best. Or at least some RAID for redundancy of data.
No. Which RAID you use is dependent upon your org requirements and/or preferences. But using RAID60 you get the benefit of dual-disk failure redundancy (RAID6) and best performance (RAID10).
thank you all for your updates,
Let me try this tomorrow and validate
Sure...let us know how it goes.
It is not mandatory no it depends on your server configuration but RAID5/6 would be best. Or at least some RAID for redundancy of data.
yes, the requirement is met and I used R5 for more capacity requirements. need to change the permission and other settings then i have to add the repository into backup server.
tomorrow i will workaround this and update.
I am from india, now its 11:47pm here ….
It is not mandatory no it depends on your server configuration but RAID5/6 would be best. Or at least some RAID for redundancy of data.
yes, the requirement is met and I used R5 for more capacity requirements. need to change the permission and other settings then i have to add the repository into backup server.
tomorrow i will workaround this and update.
I am from india, now its 11:47pm here ….
Hi Chris,
I changed the permission to 700 and tested backup, restore and delete job. its working
Thank you
Great to hear....worked as I thought it would. Following the User Guide instructions as suggested won't steer you wrong 
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
