Page tree
Skip to end of metadata
Go to start of metadata

Product Version: 7.0

Last Modified: 02 Mar 2018

Problem

While recovering a RHEL or SLES VM, the VM disk where Transporter is deployed fails to be connected on the Recovery Server page of the File Recovery Wizard – the disk is not mounted in the NAKIVO Backup & Replication interface.

Background

The cause of the problem is an inappropriate permission for the runtime mounting process. In the result, NAKIVO Backup & Replication fails to create a secure channel to the source VM.

Solution

One can utilize the PAM subsystem which is able to perform user/password authorization. Specifically, it is possible to create bhsvc rule file in /etc/pam.d to organize security on the RHEL or SLES VM thereby giving several processes – for example, login, or sshd,– a possibility to become authorized as users.

Make sure that the following requirements are met prior to creating bhsvc rule file on the RHEL or SLES VM:

  1. iscsi-initiator-utils and cifs-utils packages are installed and running.
  2. iptables is configured as follows:
    1. SSH port is opened.
    2. ICMP traffic is opened.
    3. Port 9445 is opened.
  3. selinux must be disabled for RHEL.

Please create a rule file for the Transporter service in /etc/pam.d/ by following the steps below:

  1. Execute the command:

    cp /etc/pam.d/sshd /etc/pam.d/bhsvc

  2. Edit the content of the bhsvc file to have its content as follows:

    auth required pam_sepermit.so
    auth include password-auth

    account required pam_nologin.so
    account include password-auth

    password include password-auth
    #pam_selinux.so close should be the first session rule
    session required pam_selinux.so close
    session required pam_loginuid.so
    #pam_selinux.so open
    should only be followed by sessions to be executed in the user context
    session required pam_selinux.so open env_params
    session optional pam_keyinit.so force revoke
    session include password-auth

  3. Reload the VM.
  • No labels