Authorizing nonroot users for specific applications

Nonroot users can be authorized for a subset of the NetBackup-Java administrator applications.

To authorize users for a subset of the NetBackup-Java administrator applications, use the following identifiers for the ADMIN keyword in the auth.conf file:

ALL

Indicates that the user has administrative privileges for all of the applications that are listed in this table.

AM

Activity Monitor

BMR

Bare Metal Restore

BPM

Backup Policy Management

BAR or JBP

Backup, Archive, and Restore

CAT

Catalog

DM

Device Monitor

HPD

Host Properties

MM

Media Management

REP

Reports

SUM

Storage Unit Management

VLT

Vault Management

For example, to give a user (user1) access only to the Device Monitor and Activity Monitor, add the following entry to the auth.conf file:

user1 ADMIN=DM+AM

In order for a nonroot user to modify the files that the NetBackup-Java Administration Console uses, run the nonroot_admin_nbjava script. The script changes permissions on the following files:

/usr/openv/java/auth.conf
/usr/openv/java/Debug.properties
/usr/openv/java/nbj.conf

Note:

nonroot_admin_nbjava is located in /usr/openv/java/nonroot_admin_nbjava.