Install the
File System agent on RHEL distributions
For RHEL distributions (for Red Hat 8.0, 8.1, and 8.2), Security-Enhanced Linux (SELinux) is enabled by default. To support block-based backups, run this special installation procedure.
If you have not yet run the installation script,
install.sh, run it now.
Installation of the block-based backup driver fails.
Check that an error message similar to the following appears in
/var/log/messages
insmod: ERROR: could not insert module /lib/modules/4.18.0-80.el8.x86_64/extra/nsrbbb.ko: Permission denied.
To check the audit log, run:
ausearch -c 'insmod'
It returns a string similar to:
type=AVC msg=audit(1624349147.478:628): avc: denied { module_load } for pid=80964 comm='insmod' path="/opt/dpsapps/fsagent/bin/nsrbbb-redhatenterprise-8.2-4.18.0-193.ko" dev="dm-0" ino=12098527 scontext=system_u:system_r:unconfined_service_t:s0 tcontext=unconfined_u:object_r:bin_t:s0 tclass=system permissive=0
type=AVC indicates that the installation of the block-based backup driver is failing due to the SELinux policy.
To change the SELinux policy so that it will be able to allow access to the block-based backup driver, run:
ausearch -c 'insmod' -–raw | audit2allow -M ppdm-fsagent
It generates two files in the current directory:
ppdm-fsagent.pp and
ppdm-fsagent.te
To apply the SELinux policy changes, to enable access to the block-based backup driver, run:
semodule -i ppdm-fsagent.pp
Run the installation script once again:
install.sh
Installation of the block-based backup driver should succeed, and the following
.rpm or
.deb files are installed as part of the script:
powerprotect-agentsvc.rpm or
powerprotect-agentsvc.deb—Installs or updates the agent service component for the
File System agent.
ppdm_bbbwt.rpm or
ppdm-bbbwt.deb—Installs the block-based backups driver.
ppdm_fsagent.rpm or
ppdm-fsagent.deb—Installs the
File System agent related files and folders.
Type the
PowerProtect Data Manager server FQDN or IP address. It is recommended to use the FQDN.
NOTE:If another application agent is already installed on the client and registered to PowerProtect, ensure that you register the agent with the existing
PowerProtect Data Manager server FQDN. When you register the agent with a
PowerProtect Data Manager server that is different from the currently registered server, no warning message appears, and requests are routed to the newer server instance.
Type the preferred FQDN or IP address of the application host.
Type the port number from the supported port ranges 7000 to 7009 and 7012 to 7020. The specified port is used for communication between the File System agent and
PowerProtect Data Manager.
NOTE:If you do not specify a port number, the default port 7000 is used as the communication port. The ports 7010 and 7011 are used by the agent service message bus.
Type the answer to the prompt about whether to add the firewall rule for the specified port. If you answer
yes, the
/opt/dpsapps/agentsvc/configfw.sh script runs to set the firewall rule and enable the
PowerProtect Data Manager communication port.
Next steps
If the host is not already approved, add the file system host to the
PowerProtect Data Manager server.
Manage the File System agent provides more information.