Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: planner,dumper and amcheck keep reverting back to (not setuid-root)

2005-08-01 12:27:44
Subject: Re: planner,dumper and amcheck keep reverting back to (not setuid-root)
From: Chuck Amadi Systems Administrator <chuck AT smtl.co DOT uk>
To: amanda-users AT amanda DOT org
Date: Mon, 01 Aug 2005 17:09:16 +0100 
Hi

Thanks for that my boss more than likely add such a program before he
went on holiday as this has only started to occur last week.

I have had no previous problem and I have been running this for over two
months.

I will check whats going on.

Thanks again.

On Fri, 2005-07-29 at 13:39 -0400, Jon LaBadie wrote:
> On Fri, Jul 29, 2005 at 03:34:29PM +0100, Chuck Amadi Systems Administrator 
> wrote:
> > Hi 
> > 
> > I run by hand amcheck it is in my crontab but every now and then I run
> > it to check.
> > 
> > Amanda Tape Server Host Check
> > -----------------------------
> > WARNING: program /usr/lib/amanda/planner: not setuid-root
> > WARNING: program /usr/lib/amanda/dumper: not setuid-root
> > WARNING: program /usr/sbin/amcheck: not setuid-root
> > 
> >  Thus I use chmod u+s as root.
> > 
> > # chmod u+s /usr/lib/amanda/planner 
> > # chmod u+s /usr/lib/amanda/dumper 
> > # chmod u+s /usr/sbin/amcheck
> > 
> > The above sorts this out bit I have had to do this a few times this
> > week.
> > 
> > I haven't got to do this on the other tape server Where is the best
> > place to check why it keeps reverting to the following below.
> > 
> 
> Chuck,
> 
> I hope you realize this has nothing to do with amanda.
> 
> The system probably has some "security" program that
> runs periodically and reports on all root-setuid programs.
> Perhaps automatically removing the setuid on those not
> in some list of "known safe" programs.
> 
> I once had an AT&T sysadmin who when to a security class.
> At the class they learned that setuid programs were a
> huge security problem.  When she got back, that Sunday night,
> she came in to the training site where I consulted and ran
> a find command on all the systems to locate and remove all
> setuid permissions on all programs.
> 
> Monday morning, very little worked right.
> 
> 
-- 
Unix/ Linux Systems Administrator
Chuck Amadi
The Surgical Material Testing Laboratory (SMTL), 
Princess of Wales Hospital 
Coity Road 
Bridgend, 
United Kingdom, CF31 1RQ.
Email chuck.smtl.co.uk
Tel: +44 1656 752820 
Fax: +44 1656 752830
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: planner,dumper and amcheck keep reverting back to (not setuid-root), Chuck Amadi Systems Administrator <=
Previous by Date:  amrecover question, Lei Zhong
Next by Date:  sendsize - smbclient du, Jonathan Swaby
Previous by Thread:  amrecover question, Lei Zhong
Next by Thread:  sendsize - smbclient du, Jonathan Swaby
Indexes:  [Date] [Thread] [Top] [All Lists]