Accessibility of the legacy logs

NetBackup 10.0 and later sets the permissions on the legacy log directories to a more restrictive but configurable level. This change is designed to prevent unauthorized access to the NetBackup logs, which may contain sensitive information.

You can control the accessibility of the logs by configuring the value of the parameter ALLOW_WORLD_READABLE_LOGS using the nbsetconfig command.

Here are the configurable values:

If ALLOW_WORLD_READABLE_LOGS=YES, the debug logs have world-readable permissions.
If ALLOW_WORLD_READABLE_LOGS=NO, which is the default state, the debug logs do not have world-readable permissions.

Note:

user_ops (except user_ops/nbjlogs) and dbagents logs are world-readable and non-world-writable.

See the NetBackup Commands Reference Guide for details of the nbsetconfig command.

Accessibility of the legacy logs

Feedback

Feedback