I'm sorry Jean-Louis but it is not clear to me how to implement your
suggestion.
Please, can you provide a configuration example?
> -----Messaggio originale-----
> Da: Jean-Louis Martineau [mailto:martinea AT IRO.UMontreal DOT CA]
> Inviato: giovedì 24 aprile 2003 20.21
> A: Creator
> Cc: amanda-users AT amanda DOT org
> Oggetto: Re: R: Access restriction in amrecover
>
>
> On Thu, Apr 24, 2003 at 08:59:38AM +0200, Creator wrote:
> > I think it may be achieved using server-side authentication so no
> > matter which user you are running amrecover from the client.
> >
> > Without proper authentication I'm forced to close the firewall port
> > 80012 to deny access to the index daemon. It is the only
> way I have to
> > limit customers from restoring other people backups.
> >
> > In this case I'm forced to do the restores for them wasting my time.
> > 1) I have to extract their data somewhere
> > 2) I have to give them access to it to let them browse their files
> > Result: no handy selective restore procedure :(
> >
> > In the way I've proposed (like: customer can access only
> his data) I
> > can simply mount the tape on the tapechanger and let the
> customer do
> > their restore comfortably using amrecover.
> >
> > I'm going to have a bad shape if I cannot work around this limit.
>
> It could be done easily, add a dumptype entry 'restore_host'
> which list the hostname (or ip) that can restore the DLE. The
> amindexd an amidxtaped daemon will have to check the
> connecting host with the host listed in restore_host for this DLE.
>
> Jean-Louis
> --
> Jean-Louis Martineau email: martineau AT IRO.UMontreal DOT CA
> Departement IRO, Universite de Montreal
> C.P. 6128, Succ. CENTRE-VILLE Tel: (514) 343-6111 ext. 3529
> Montreal, Canada, H3C 3J7 Fax: (514) 343-5834
>
|