Cheers
I run id command as amanda
and amanda belongs to users group
But I have issued in my .configure command
./configure --with-user=amanda --with-group=disk --with-owner=amanda
So I need to add amanda to disk group.
So I run the usermod command as susch
#usermod -G disk amanada
#id command
#uid=150(amanada) gid=100(users) groups=6(disk),100(users)
and guess what it worked.
myserver:/local/sw/amanda/bckup # su amanda -c
"/local/sw/amanda/bckup/sbin/amcheck DailySet1"
Amanda Tape Server Host Check
-----------------------------
Holding disk /dumps/amanda: 140763180 KB disk space available, that's
plenty
Holding disk /dumps/amanda: 140763180 KB disk space available, that's
plenty
ERROR: /dev/nst0: not an amanda tape
(expecting a new tape)
NOTE: skipping tape-writable test
NOTE: info dir /var/lib/amanda/DailySet1/curinfo/myserver/_etc: does not
exist
NOTE: index dir /var/lib/amanda/DailySet1/index/myserever/_etc: does not
exist
Server check took 10.389 seconds
Amanda Backup Client Hosts Check
--------------------------------
WARNING: myserver: selfcheck request timed out. Host down?
Client check: 1 host checked in 30.002 seconds, 1 problem found
(brought to you by Amanda 2.4.4p4)
myserver:/local/sw/amanda/bckup #
I hope Im geetting there slowly but surely.
Cheers
Mon, 2005-04-18 at 11:51 -0400, Jon LaBadie wrote:
> On Mon, Apr 18, 2005 at 04:17:16PM +0100, Chuck Amadi wrote:
> > Hi reinstalled amanda as Root make distclean
> > As amanda ./configure --( My preferences)
> > As amanada make
> > As Root make install
> >
> > Thus checked /local/sw/amanda/bckup/sbin/amcheck ls -al command the
> > output as below:
> >
> > -rwsr-x--- 1 root disk 86322 Apr 18 16:03 amcheck
> >
> > But when I run the following amcheck command
> >
> > myserver:/local/sw/amanda/bckup/sbin # su amanda -c
> > "/local/sw/amanda/bckup/sbin/amcheck"
> > zsh: permission denied: /local/sw/amanda/bckup/sbin/amcheck
> > myservefr:/local/sw/amanda/bckup/sbin #
> >
> > Im going a bit crazy Now! as I assume the sticky bit would sort out the
> > permission issue.
>
>
> For some things amanda absolutely needs root privileges.
> But there is a principle which amanda trys to adhere to
> of "least privileges for the task". So although the binary
> amcheck is now properly owned by root, properly setuid'ed,
> and probably properly group owned by disk, for some tasks
> amcheck may create child processes that lack root privilege.
>
> One of those I think is disk (if using dump rather than tar)
> and tape access. It may be necessary to check the permissions
> on your devices to ensure they are group "disk" readable and
> for the tape, writable.
>
>
> As to executing amcheck, note that the owner root can execute it,
> members of group disk can execute it, but the rest of the world
> can not. Were you root when you executed it, no you were amanda.
> So you the user had to be a member of group disk to execute it.
> What group(s) does user 'amanda' have rights to? Did you get them
> after doing the 'su' command? The cmd 'id' will tell you the latter.
>
>
--
Unix/ Linux Systems Administrator
The Surgical Material Testing Laboratory (SMTL),
Princess of Wales Hospital
Coity Road
Bridgend,
United Kingdom, CF31 1RQ.
Tel: +44 1656 752820
Fax: +44 1656 752830
|