24xSiempre, Oracle, Oracle Linux, OracleRAC, Oracle Single

Solution Veeam Oracle Permission Denied

By Leave a comment

During the past week I have been receiving some queries about some errors found in the log files of Veeam with Oracle integration. Whether the native integration of Veeam with Oracle on VMware or using Veeam Plugin for Oracle RMAN. In this post we will see how to solve an error that appears frequently and is easy to solve.

Introduction

The error I was referring to is the following:

Error has occurred while executing SSH command: boost::filesystem::status: Permission denied: "/grid/app/grid/product/12.2.0.1/oraInst.loc"
Error has occurred while executing SSH command: boost::filesystem::status: Permission denied: "/oracle/oraInventory/ContentsXML/inventory.xml"

The error appears in Veeam Backup & Replication o Veeam Plugin for Oracle RMAN when it is trying to detect the Oracle Database instances that exist on the server, as we see, the solutionsones of Veeam They don't have access to the files.

We will also see that the user used by Veeam for consistency, you can directly read the oraInst.loc and inventory.xml files from the operating system command line.

But when run from solutionsones of Veeam, either the plugin or VBR, still does not detect the instances and the error appears again in the log files.

To solve the above we must validate the permission requirements of Veeam Backup & Replication o Veeam Plugin for Oracle, whatever your case:

VBR (Down to Oracle-specific permissions):

https://helpcenter.veeam.com/docs/backup/vsphere/required_permissions.html?ver=100

Veeam Plugin:

https://helpcenter.veeam.com/docs/backup/plugins/rman_plugin_permissions.html?ver=100

In the event that the service user veeam (must be able to elevate to root) do not have the required permissions, they will need to be added to the required groups, such as:

usermod -a -G oinstall,dba,grid usuarioveeam

And of course, as it also appears in the documentation, the user used for Oracle Authentikation must have SYSDBA permissions:

As valid if the user who delivered has SYSDBA permissions?, with the following SQL script you can validate it:

select username,sysdba,sysoper,sysasm,sysbackup,sysdg,syskm from v$pwfile_users;

Where you must validate that the user exists in the following command output:

Otherwise, ask the DBA to add the user to the SYSDBA role.

Oracle permissions

If even so, they still cannot detect the instances, the solution is to recreate the permissions of the folders where Oracle is installed, since for some reason they were modified.

Therefore, in this step, you must have the help or authorization of the DBA to automatically recreate the permissions with a root.sh installation script or directly execute the following in the Oracle paths:

chown -R grid:oinstall /u01
chown -R oracle:oinstall /u01/app/oracle
chmod -R 775 /u01/

Where /u01 is the folder where the Oracle software was installed and -R means recursive. And with that, the detection and backup of your Oracle databases will work in case you have problems with folder and/or file permissions.

Post Views: 287
 

add a comment

Your email address will not be published. Required fields are marked *