On Mon, Jun 02, 2003 at 02:52:43PM +0100, Kevin Passey wrote:
> And I am assuming from the errors that I got it will not work because the
> config expects .amandahosts to be in /var/lib/amanda.

My understanding is it must be in ~amanda, i.e. the $HOME directory of
the user named amanda.  In /etc/passwd (does linux still use that?)
what is listed as the home directory of user amanda?  Or, if you
login as amanda, or 'su - amanda', what directory are you in?

> I've also sorted my authority problem on sda*'s - in the xinetd service
> config some documentation I had stated that the group = amanda. Changing
> this to "disk" made it work - are there any experts who would like to let me
> know if this is correct - it works anyway - my amcheck is now clean.

You ask as if there is a single answer.  The point is that amanda must be
able to read the disk drives.  The drives are owned by root and we don't
want amanda to run as root except for certain jobs.  We don't want the
drives accessible by the world (I hope some of the numerous security
implications of that are obvious) so that leaves group permission access.

In my installation (not linux, just used as an example) the disks are readable
by members of group "sys".  Amanda's primary group is "backup", but amanda is
also listed in the /etc/group file as a secondary member of "sys".  That
gives her the read access she needs.

So the objective is to get the disks readable by amanda without introducing
big security holes.  Sounds like you've done that.  Perhaps there is also
a way on Linux to make the amanda user a secondary member of group "disk".

-- 
Jon H. LaBadie                  jon AT jgcomp DOT com
 JG Computing
 4455 Province Line Road        (609) 252-0159
 Princeton, NJ  08540-4322      (609) 683-7220 (fax)