Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Configuring RH7.2 Amanda out of the box - error accessing Ama nda hosts file.

2003-06-02 03:32:57
Subject: Re: Configuring RH7.2 Amanda out of the box - error accessing Ama nda hosts file.
From: Paul Bijnens <paul.bijnens AT xplanation DOT com>
To: Jon LaBadie <jon AT jgcomp DOT com>
Date: Mon, 02 Jun 2003 09:26:39 +0200 
Jon LaBadie wrote:

On Sat, May 31, 2003 at 12:14:08PM +0200, Wojciech Jedliczka wrote:


I always RTFM many times.
Inside all docs files in amanda distribution is no place
giving suggestion about .amandahosts permissions.
Amandahosts file is used for authorization and therefore
it is important who owns these file and who has access
to read and write.

From the security point of view is better to has 600

than 660 but both are acceptable for me.



In this case the guidelines are based on the BSD authentication
scheme using the .rhosts file as a model.  Remberance of either
usage or past documentation would make me say 600 is the proper
permissions as the programs specifically ignored a file even
readable by group or other.  However I don't see that on the
manpage for rhosts on my system now.  A similar file, .netrc
does have those requirements (listed on the manpage too) but
that has nothing to do with amanda.


The man page "ruserok" on Linux does mention the strict permissions,
but the Solaris man page does not.
And indeed, a quick test revealed that even mode 666 on .rhosts
makes no difference on Solaris or SunOS 4.1.4, but does invoke a
password prompt on Linux.

I surely remember struggling with the permissions of .rhosts when
running HP/UX 7 and SunOS 4.1.2 (or was that still longer ago?).

And indeed, nothing in the source code of Amanda 2.4.4 checks for too
wide permissions of .amandahosts.
You can learn something new every day :-)

--
Paul Bijnens, Xplanation                            Tel  +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM    Fax  +32 16 397.512
http://www.xplanation.com/          email:  Paul.Bijnens AT xplanation DOT com
***********************************************************************
* I think I've got the hang of it now:  exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit,  ZZ, :q, :q!,  M-Z, ^X^C,  logoff, logout, close, bye,  /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt,  abort,  hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e,  kill -1 $$,  shutdown, *
* kill -9 1,  Alt-F4,  Ctrl-Alt-Del,  AltGr-NumLock,  Stop-A,  ...    *
* ...  "Are you sure?"  ...   YES   ...   Phew ...   I'm out          *
***********************************************************************
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: Configuring RH7.2 Amanda out of the box - error accessing Ama nda hosts file., Paul Bijnens <=
Previous by Date:  confused, Paolo Supino
Next by Date:  Re: client was working, now suddenly is getting self check "host down?" errors, Dave Ewart
Previous by Thread:  confused, Paolo Supino
Next by Thread:  Re: client was working, now suddenly is getting self check "host down?" errors, Dave Ewart
Indexes:  [Date] [Thread] [Top] [All Lists]