On Mon, Nov 17, 2003 at 04:59:19PM -0500, John Grover wrote:
> Amanda Backup Client Hosts Check
> --------------------------------
> ERROR: host.domain.edu: [could not access /dev/vx/rdsk/var 
> (/dev/vx/rdsk/var): Permission denied]
> ERROR: host.domain.edu: [could not access /dev/vx/rdsk/rootvol 
> (/dev/vx/rdsk/rootvol): Permission denied]
>
> Is this a read permission error on the filesystem or an execute error
> on vxdump?

Looks like the former.  Check the ownership and permissions on
the special files mentioned.  The user/group under which vxdump
is running needs read permission.

I don't know about vxdump, but other dumps I've used do NOT need
write permission, and so I do my best to arrange that they don't
have it, even if that means deviating from the defaults for the
system in question.  Least Privilege, and all that.

E.g.
    brw-r-----   1 root     sys       32,  8 Jun 23  2000 /dev/dsk/c0t1d0s0

Amanda was configured with "--with-group=sys", and for good
measure, the "--with-user=XXX" user (which is NOT root) is a
member of group "sys" in /etc/group.

For FreeBSD, replace "sys" with "operator".  For Linux, it
probably depends on the distro, or you might have to chgrp the
special files to a group you've created, as it looks as though I
did here.

On at least some of our systems (can't remember which ones), the
original mode was 660; I had to chmod it to 640.  So far,
nothing's blown up as a result...

--

|  | /\
|-_|/  >   Eric Siegerman, Toronto, Ont.        erics AT telepres DOT com
|  |  /
It must be said that they would have sounded better if the singer
wouldn't throw his fellow band members to the ground and toss the
drum kit around during songs.
        - Patrick Lenneau