With Veritas NetBackup (tm) 4.5, 5.0, 5.1 and 6.0, when running a User Archive backup, an incorrectly handled routine results in a rare data loss situation.
| Article:TECH45866 | | | Created: 2006-01-09 | | | Updated: 2006-01-08 | | | Article URL http://www.symantec.com/docs/TECH45866 |
Problem
With Veritas NetBackup (tm) 4.5, 5.0, 5.1 and 6.0, when running a User Archive backup, an incorrectly handled routine results in a rare data loss situation.
Solution
Introduction:
There is a problem in how both the NetBackup for Windows GUI (also known as the Backup, Archive, and Restore GUI) and the bparchive command line handle User Archive operations. When an archive of a directory is performed, NetBackup captures the files and then deletes the files recursively using OS-level commands. The issue is that if any files are added to the directory after the start of the backup, when the archive is performed, those files are deleted without first being backed up.
This problem is exacerbated by the Backup, Archive and Restore GUI which, when all the files in a directory are selected for an archive, selects the directory as well. If, for example, a directory contained (at the start of the archive backup) four files, and those four files were selected, by default, the directory is selected as well, and the entire directory and its contents will be deleted at the end of a successful archive operation. If during the backup, a fifth file is written to that directory, it is deleted when the directory is deleted, even though it has not been backed up.
For affected Windows, UNIX, and Linux servers, the problem manifests itself when an entire directory is archived, and a file is added to the archive directory during backup, or an existing file within the directory is modified during the backup. The new file or the changed file will not be backed up, but the archive process will delete it.
What is Affected:
As the nbwin.exe file is found in all releases of NetBackup (master, media, and client) for Windows, and the bparchive binary is found in all releases of NetBackup (master, media, and client) for all NetBackup platforms (Windows, UNIX, and Linux), this issue affects the following versions of NetBackup:
- NetBackup 4.5 for Windows, UNIX, and Linux, all versions and patch levels.
- NetBackup 5.0 for Windows, UNIX, and Linux, all versions and patch levels prior to Maintenance Pack 7 (MP7)
- NetBackup 5.1 for Windows, UNIX, and Linux, all versions and patch levels prior to Maintenance Pack 5 (MP5)
- NetBackup 6.0 for Windows, UNIX, and Linux, all versions and patch levels prior to Maintenance Pack 2 (MP2)
NOTE: If there are no active policies which contain User Archive schedules, no data is at risk.
How to Determine if Affected:
For Windows:
- Review the shortcut which launches the NetBackup GUI. Right click on the icon, and select Properties. Under "Target", note the path to the nbwin.exe file. Using Windows Explorer, navigate to that directory, right click on the nbwin.exe file, and select "Properties". On the "Version" tab, review the File Version. Additionally, check the bparchive.exe file. Using Windows Explorer, navigate to the <install_path>\veritas\netbackup\bin directory, right click on the bparchive.exe file, and select "Properties". On the "Version" tab, review the File Version.
There is a problem in how both the NetBackup for Windows GUI (also known as the Backup, Archive, and Restore GUI) and the bparchive command line handle User Archive operations. When an archive of a directory is performed, NetBackup captures the files and then deletes the files recursively using OS-level commands. The issue is that if any files are added to the directory after the start of the backup, when the archive is performed, those files are deleted without first being backed up.
This problem is exacerbated by the Backup, Archive and Restore GUI which, when all the files in a directory are selected for an archive, selects the directory as well. If, for example, a directory contained (at the start of the archive backup) four files, and those four files were selected, by default, the directory is selected as well, and the entire directory and its contents will be deleted at the end of a successful archive operation. If during the backup, a fifth file is written to that directory, it is deleted when the directory is deleted, even though it has not been backed up.
For affected Windows, UNIX, and Linux servers, the problem manifests itself when an entire directory is archived, and a file is added to the archive directory during backup, or an existing file within the directory is modified during the backup. The new file or the changed file will not be backed up, but the archive process will delete it.
What is Affected:
As the nbwin.exe file is found in all releases of NetBackup (master, media, and client) for Windows, and the bparchive binary is found in all releases of NetBackup (master, media, and client) for all NetBackup platforms (Windows, UNIX, and Linux), this issue affects the following versions of NetBackup:
- NetBackup 4.5 for Windows, UNIX, and Linux, all versions and patch levels.
- NetBackup 5.0 for Windows, UNIX, and Linux, all versions and patch levels prior to Maintenance Pack 7 (MP7)
- NetBackup 5.1 for Windows, UNIX, and Linux, all versions and patch levels prior to Maintenance Pack 5 (MP5)
- NetBackup 6.0 for Windows, UNIX, and Linux, all versions and patch levels prior to Maintenance Pack 2 (MP2)
NOTE: If there are no active policies which contain User Archive schedules, no data is at risk.
How to Determine if Affected:
For Windows:
- Review the shortcut which launches the NetBackup GUI. Right click on the icon, and select Properties. Under "Target", note the path to the nbwin.exe file. Using Windows Explorer, navigate to that directory, right click on the nbwin.exe file, and select "Properties". On the "Version" tab, review the File Version. Additionally, check the bparchive.exe file. Using Windows Explorer, navigate to the <install_path>\veritas\netbackup\bin directory, right click on the bparchive.exe file, and select "Properties". On the "Version" tab, review the File Version.
- For NetBackup 6.0, if the
version of nbwin.exe or bparchive.exe is 6.0.2005.906 or earlier,
the machine is vulnerable.
- For NetBackup 5.1, if the
version of nbwin.exe or bparchive.exe is 5.1.0.164 or earlier, the
machine is vulnerable.
- For NetBackup 5.0, if the
version of nbwin.exe or bparchive.exe is 5.0.0.405 or earlier, the
machine is vulnerable.
- For NetBackup 4.5, if the
version of nbwin.exe version is 4.5.0.2223 or earlier, or the
bparchive.exe version is 4.5.0.2201 or earlier, the machine is
vulnerable.
For UNIX and Linux:
On UNIX and Linux servers, run the following command:
Cat
/usr/openv/netbackup/bin/version
If the output indicates a version older than those listed in the "What is Affected" section, the machine is vulnerable.
Again, please note that if none of the active policies contain User Archive schedules, no data is at risk.
Formal Resolution:
This issue will be formally resolved in the upcoming maintenance packs:
-NetBackup 6.0 with Maintenance Pack 2 (MP2), now available at the following link: http://support.veritas.com/menu_ddProduct_NBUESVR_view_DOWNLOAD.htm
-NetBackup 5.1 with Maintenance Pack 5 (MP5), also available at the same download link as 6.0 MP2.
-NetBackup 5.0 with Maintenance Pack 7 (MP7), currently scheduled for release the end of August, 2006
As these maintenance packs are released, they will be added to the Related Documents section of this TechNote, below, and they will be available from the following location: http://support.veritas.com/menu_ddProduct_NBUESVR_view_DOWNLOAD.htm
Please refer back to this document periodically for any updates as to when the packs mentioned herein are released.
Note: Because NetBackup 4.5 is approaching end of life, and the occurrence of this issue is very rare, Symantec currently has no plans to create a patch to fix this issue in NetBackup 4.5. Symantec strongly recommends upgrading to NetBackup 5.x or 6.0 to obtain the formal fix for this issue when it becomes available.
Until any of the formal resolutions (mentioned above) can be applied to your environment, Symantec strongly recommends implementing the Workaround described in the next section of this document. Once any of the workarounds are applied, Symantec recommends performing a "full" backup.
Workaround:
There are several known workarounds for this issue. Please implement one of the following workarounds until the maintenance packs mentioned in the formal resolution are available:
1. Avoid creating or modifying files in the directory that is being archived if archiving is done at the directory level.
2. Delete all user archive schedules from all policies
- Within NetBackup, review all
policies and if any contain a schedule of a type "User Archive", delete the User
Archive schedule until the fix is applied.
3. Review all NetBackup policies and replace all "User
Archive" schedules with "User Directed" backup schedules, and manually delete
the files after a successful backup.
4. To prevent problems with the Backup, Archive and Restore GUI incorrectly selecting the directory when all the files are selected, create a dummy file in the archiving directory. This file should be kept in the directory as long as the directory is being archived. Then, use the GUI to select the parent directory, which places a complete check mark next to the folder, and selects all the files. See Figure 1.
Figure 1
Then, deselect the dummy file on the right panel, which changes the check mark to partially complete on the left panel. See Figure 2.
Figure 2
If the directory is "partially" marked, the GUI generates a complete file list with each individual file on the list. This file list is sent to the Client for backup/archive, and only the individual files on the file list are backed up and archived. The directory and files created after the start of the backup job are not deleted. This workaround does not, however, protect files which are marked for archive that are modified after the backup, but before the archive.
4. To prevent problems with the Backup, Archive and Restore GUI incorrectly selecting the directory when all the files are selected, create a dummy file in the archiving directory. This file should be kept in the directory as long as the directory is being archived. Then, use the GUI to select the parent directory, which places a complete check mark next to the folder, and selects all the files. See Figure 1.
Figure 1
Then, deselect the dummy file on the right panel, which changes the check mark to partially complete on the left panel. See Figure 2.
Figure 2
If the directory is "partially" marked, the GUI generates a complete file list with each individual file on the list. This file list is sent to the Client for backup/archive, and only the individual files on the file list are backed up and archived. The directory and files created after the start of the backup job are not deleted. This workaround does not, however, protect files which are marked for archive that are modified after the backup, but before the archive.
Symantec strongly recommends the following best
practices:
1. Always perform a Full backup
prior to and after any changes to your environment.
2. Always make sure that your
environment is running the latest version and patch level.
If you have not received this TechNote from the Symantec Email Notification Service, as a Software Alert, please subscribe at the following link:
http://maillist.support.veritas.com/subscribe.asp
|
|
| Source | ETrack |
| Value | 526967 |
| Description | Defect found in Archive backups when using NBWin.exe that can result in dataloss. |
| Source | ETrack |
| Value | 526944 |
| Description | Defect found in Archive backups when using NBWin.exe that can result in dataloss. |
| Source | ETrack |
| Value | 430569 |
| Description | Defect found in Archive backups when using NBWin.exe that can result in dataloss. |
| Source | ETrack |
| Value | 526960 |
| Description | Defect found in Archive backups when using NBWin.exe that can result in dataloss. |
Related Articles
Legacy ID
281323
Article URL http://www.symantec.com/docs/TECH45866
Terms of use for this information are found in Legal Notices
Thank you.