Fran Fabrizio wrote:

I've got my first LVM-based system to be backed up and I'm running into permission problems. The client system is Fedora Core 4. I've installed amanda there by 'yum install'ing the amanda and amanda-client packages. I've enabled amanda in xinetd and reloaded xinetd. I want to back up just one directory (so using tar) so I add that to my disklist. The amanda xinetd setup on the client is set to use the 'disk' group. Here's my debugging so far...

On the server....

---------------------------
$ amcheck -c CIS client

Amanda Backup Client Hosts Check
--------------------------------

ERROR: client.cis.uab.edu: [could not access /var/lib/pgsql/backups (/var/lib/pgsql/backups): Permission denied]

Client check: 1 host checked in 0.021 seconds, 1 problem found

When using tar, amanda still must have access to the top level
directory.  tar itself is run with root priviledges, but amandad,
which does some checks, is not.
Some directory in the path /var/lib/pgsql/backups has no -x permission
for amanda.
On possibility is to make sure the directory has -x on the group,
and make amanda part of that group. E.g. if the permission of
the directory /var/lib/pgsql is:

drwxr-x---    2 pgsql    pgsql     512 Sep  8 11:15 .

then just add amanda tot the pgsql group (in /etc/group).

service amanda
{
       socket_type             = dgram
       protocol                = udp
       wait                    = yes
       user                    = amanda
       group                   = disk

Add this line, and reload xinetd:

         groups                  = yes

This is needed to get the additional "pgsql" group permissions too.

       server                  = /usr/lib/amanda/amandad
       disable                 = no
}

# ls -l /dev/mapper/VolGroup00-LogVol00
brw-rw----  1 root disk 253, 0 Aug 21 11:03 /dev/mapper/VolGroup00-LogVol00

When using tar, amanda does not access this device.  Only when using
dump, this device is needed.



--
Paul Bijnens, Xplanation                            Tel  +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM    Fax  +32 16 397.512
http://www.xplanation.com/          email:  Paul.Bijnens AT xplanation DOT com
***********************************************************************
* I think I've got the hang of it now:  exit, ^D, ^C, ^\, ^Z, ^Q, ^^, *
* F6, quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt,  abort,  hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e,  kill -1 $$,  shutdown, *
* init 0, kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... *
* ...  "Are you sure?"  ...   YES   ...   Phew ...   I'm out          *
***********************************************************************