On Monday 05 April 2004 04:07, David Chin wrote:
>On 5 Apr 2004, at 03:02, Gene Heskett wrote:
>> Here is the first potential problem. Even with all the warnings
>> plastered all over the FAQ and Docs, folks still insist on useing
>> a universal name instead of the FQDN.
>
>Yes, I knew about the problems with a universal name. I just wanted
>to get something up quickly as a test. My machine sits NATted at
> home and doesn't have a real FQDN.
>
>But anyway, I changed it:
>
>1. make my wireless AP give my machine a fixed address
>2. add an entry to /etc/hosts --
>
> 192.168.0.111 myhostname
>
>> Second, did you build amanda as the user amanda, then become root
>> to do the make install?
>
>I decided to avoid all permission stuff by running everything as
> root. Yes, I know the dangers, and I am willing to live with the
> risk for now.
amanda checks to see who she is, and amdump will not run as root.
Tear it all back out and reinstall according to the instructions.
This requirement is a security related requirement, and really isn't
open for discussion. Where amanda needs root perms, she will do an
suid root to gain the perms she needs. Make a normal user "amanda'
and make this user a member of the group 'disk' or 'backup'. As
root, do a "chown -R amanda:disk amanda-2.4.5b1-20040326" (if thats
the name of the src tree) before starting the build. I maintain
these src trees in /home/amanda here. You'll also need to change the
perms on the tarball itself because lately the tarballs are not owned
by amanda if root does the download. Minor detail.
I also use a script to do the configuration and initial make because
its consistent and repeatable from snapshot to snapshot without
relying on my aged, occasionally fading memory. I copy this script
into the new src tree when a new snapshot comes out, and run it from
the top level directory of the src.
The script:
-------------gh.cf------------
#!/bin/sh
# since I'm always forgetting to su amanda...
if [ `whoami` != 'amanda' ]; then
echo
echo "!!!!!!!!!!!! Warning !!!!!!!!!!!!"
echo "Amanda needs to be configured and built by the user amanda,"
echo "but must be installed by the user root."
echo
exit 1
fi
make clean
rm -f config.status config.cache
./configure --with-user=amanda \
--with-group=disk \
--with-owner=amanda \
--with-tape-device=/dev/nst0 \
--with-changer-device=/dev/sg1 \
--with-gnu-ld --prefix=/usr/local \
--with-debugging=/tmp/amanda-dbg/ \
--with-tape-server=FQDN.of.the.server \
--with-amandahosts \
--with-configdir=/usr/local/etc/amanda
make
---------------end of script-------------
remove the changer device line if you don't have a robotic changer.
The Fully Qualified Domain Name (FQDN) of the tape server (or its ip
address) must be used.
Adjust the device name to be whatever the NON-rewinding on file close
device is on your system. Set the x bit (chmod +x script.name)
Become amanda and execute it with "./script.name". Then become root
and do a "make install"
I doubt you'll need to do it, but the estimate timeout value
('etimeout' in your amanda.conf) which is defaulted to 10 minutes
(600 seconds) per disklist entry might have to be increased. I did
that early on when it was running on a much slower machine, but now
on this box a 44 member disklist typically takes 22 minutes to
estimate. The backup will in any event commence when all estimates
have been obtained, or have timed out, unlikely on todays hardware
such as your G5.
[...]
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.22% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com attornies please note, additions to this message
by Gene Heskett are:
Copyright 2004 by Maurice Eugene Heskett, all rights reserved.
|