On Mon, Nov 17, 2003 at 04:59:19PM -0500, John Grover wrote:
> Amanda Backup Client Hosts Check
> --------------------------------
> ERROR: host.domain.edu: [could not access /dev/vx/rdsk/var
> (/dev/vx/rdsk/var): Permission denied]
> ERROR: host.domain.edu: [could not access /dev/vx/rdsk/rootvol
> (/dev/vx/rdsk/rootvol): Permission denied]
>
> Is this a read permission error on the filesystem or an execute error
> on vxdump?
Looks like the former. Check the ownership and permissions on
the special files mentioned. The user/group under which vxdump
is running needs read permission.
I don't know about vxdump, but other dumps I've used do NOT need
write permission, and so I do my best to arrange that they don't
have it, even if that means deviating from the defaults for the
system in question. Least Privilege, and all that.
E.g.
brw-r----- 1 root sys 32, 8 Jun 23 2000 /dev/dsk/c0t1d0s0
Amanda was configured with "--with-group=sys", and for good
measure, the "--with-user=XXX" user (which is NOT root) is a
member of group "sys" in /etc/group.
For FreeBSD, replace "sys" with "operator". For Linux, it
probably depends on the distro, or you might have to chgrp the
special files to a group you've created, as it looks as though I
did here.
On at least some of our systems (can't remember which ones), the
original mode was 660; I had to chmod it to 640. So far,
nothing's blown up as a result...
--
| | /\
|-_|/ > Eric Siegerman, Toronto, Ont. erics AT telepres DOT com
| | /
It must be said that they would have sounded better if the singer
wouldn't throw his fellow band members to the ground and toss the
drum kit around during songs.
- Patrick Lenneau
|