Error Installing Veeam Data Mover service Error: mkdir: cannot create directory ‘/opt/veeam’: Permission denied
Challenge
When adding a Linux Server to Veeam Backup & Replication using a non-root account and not enabling the "Elevate account privileges automatically" option, the following error is shown:
Error Installing Veeam Data Mover service Error: mkdir: cannot create directory ‘/opt/veeam’: Permission denied
Cause
Solution
Key Points
- The installation of the persistent Veeam Data Mover service, while recommended, is only strictly required if the Linux server will be used as a Hardened Repository or as a Backup Proxy. If the Linux server is not used for either of those purposes, the error regarding the failure to install the Veeam Data Mover service when using a non-root account without elevation may be disregarded.
- If the persistent Veeam Data Mover service cannot be installed on the Linux server, a non-persistent Data Mover agent will be uploaded to the /tmp/ folder and run via an SSH connection each time Veeam Backup & Replication interacts with the Linux Server.
Note: Use of the non-persistent Data Movers requires that perl be installed.
For more information regarding Veeam Data Movers, please review: Veeam Backup & Replication User Guide: Veeam Data Movers
Resolution Options
Option 1: Continue Using a Non-root Account Without the Elevate Option
If the choice to not enable the "Elevate account privileges automatically" option was intentional, the error regarding failure to install the Veeam Data Mover service should be ignored.
- When a non-root account without the "Elevate account privileges automatically" option enabled is used by Veeam Backup & Replication to communicate with a Linux server being used as a Linux Repository, the repository path must be one that the account can access without the need to sudo. Attempting to create a repository for a path that the non-root account does not own will succeed, but any job that attempts to use that repository will fail with the error:
Error: can not create /<path>/<jobname> : No such file or directory
Option 2: Enable the Elevate Account Privileges Automatically Option
Enabling the "Elevate account privileges automatically" option will allow Veeam Backup & Replication to install the persistent Data Mover Service, improving the performance and reliability of communication with the Linux server.
Option 3: Use "Single-use credentials" — (Most Secure Option)
Note: The Single-Use Credential option is documented in the same section as Immutability because they are both parts of the "Hardened Repository" model. However, it is possible to use Single-Use Credentials without using Immutability.
When adding or editing the Linux server within the Veeam Backup & Replication console, on the SSH Connection tab, click Add and select the option for "Single-use credentials for hardened repository." Then provide credentials for a non-root account that can elevate via sudo. This account will be used one-time by Veeam to deploy the persistent Data Mover Service and not stored within the Veeam Backup & Replication configuration database.
More information regarding Single-Use Credentials is available here:
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.