This is a tuff one. I really can't figure out what is going on.
Joshua Baker-LePain wrote:
On Wed, 25 Feb 2004 at 3:06pm, jlm17 wrote
I commented out the only_from line from all three amanda services but it
does not work.
The other thing to check is /etc/hosts.{allow,deny}. I don't know Gentoo,
but on RedHat xinetd uses them. Accepts or denies based on those files
should be logged in /var/log/secure.
I didn't have either a /etc/hosts.allow or /etc/hosts.deny. I created an
/etc/hosts.allow with the one line: ALL: LOCAL No change in behavior.
Note that I do not get any lines about removing amanda services.
Yes, but...
If you're not getting anything in /tmp/amanda, then amandad isn't even
starting up. Is ipchains/iptables getting in the way? What's the output
of 'netstat -ln | grep 10080'?
netstat -ln | grep 10080
udp 0 0 0.0.0.0:10080 0.0.0.0:*
That means amanda is listening, so that part of xinetd is working right.
As far as I know I do not have any iptables stuff turned on. I don't
even have the iptables userland tools installed. I have turned it on in
the kernel, though.
iptables looks empty:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
You can check what rules are set up with 'iptables -nL'. I'd say the next
thing to do would be to look at the traffic. Do 'tcpdump -i lo' and then
run amcheck and see what happens.
tcpdump gives me this:
tcpdump -vv -i lo
tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 68 bytes
10:08:27.706802 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF],
length: 145) royal.inse.lucent.com.798 > royal.inse.lucent.com.amanda:
UDP, length: 117
10:08:37.704970 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF],
length: 145) royal.inse.lucent.com.798 > royal.inse.lucent.com.amanda:
UDP, length: 117
10:08:47.706323 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF],
length: 145) royal.inse.lucent.com.798 > royal.inse.lucent.com.amanda:
UDP, length: 117
Additionally I figured out that xinetd logs some stuff in /var/log/auth.log:
Feb 26 10:08:27 royal xinetd[5766]: START: amanda pid=5941
from=152.148.113.221
Feb 26 10:08:27 royal xinetd[5941]: FAIL: amanda address
from=152.148.113.221
Feb 26 10:08:37 royal xinetd[5766]: START: amanda pid=5942
from=152.148.113.221
Feb 26 10:08:37 royal xinetd[5942]: FAIL: amanda address
from=152.148.113.221
Feb 26 10:08:47 royal xinetd[5766]: START: amanda pid=5943
from=152.148.113.221
Feb 26 10:08:47 royal xinetd[5943]: FAIL: amanda address
from=152.148.113.221
Still not very useful though. I have changed the amandad config in xinetd:
service amanda
{
socket_type = dgram
protocol = udp
wait = yes
user = amanda
group = amanda
groups = yes
server = /usr/libexec/amandad
# You need to ensure this points to your Amanda server!
# Don't just remove it!
only_from = royal
disable = no
}
so that wait = no. That just made things worse. Running amandad by hand
seems to do the right thing:
sudo -u amanda /usr/libexec/amandad
amandad: error receiving message: timeout
The next thing I will be trying is to run strace on xinetd and see if I
can glean any information that way.
Thanks again for all of your help.
|