Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: amcheck error

2005-03-18 10:24:44
Subject: Re: amcheck error
From: Brian Cuttler <brian AT wadsworth DOT org>
To: Kevin Chen <kchen AT fre.devry DOT edu>
Date: Fri, 18 Mar 2005 09:54:08 -0500 
Kevin,

You should also see client side log files in /tmp/amanda.
I don't recall that you reported anything else odd in /var/adm/messages

typically cron starts amdump, "network" connection to client(s) is
initiated via inetd which initiate amandad as the specific user,
verifying login via .amandahosts in the user's login directory
(or in older version of amanda via .rhosts).

I know its all on the same box, the network isn't really used but
logically it is. This Solaris system doesn't have any sort of firewall
in the way of accessing the amanda TCP/UDP ports ?

What error messages where produced when you ran # amcheck config ?

my /etc/inetd.conf contains these lines, which now that I look at them
I have to wonder about, too many parameters on the second line unless
I'm mistaken (perhaps its ignored as a parameter to amandad)

Anyway, I run services as user "amanda", much safer than "root" or
even "bin".

amandaidx  stream  tcp  nowait  amanda  /usr/local/lib/libexec/amindexd
amanda     dgram   udp    wait  amanda  /usr/local/libexec/amandad amandad

Have a look also as the protections on the binaries in /usr/local/libexec
and /usr/local/sbin (assuming default locations). Normally the files are
owned by the amanda user with only a couple suid, like rundump or runtar.




On Thu, Mar 17, 2005 at 02:37:31PM -0800, Kevin Chen wrote:
> Brian,
> 
> Here are few lines from /var/messages -
> 
> inetd[138]: [ID 858011 daemon.warning] /usr/local/libexec/amandad:
> Killed  amanda/udp server failing (looping), service terminated
> 
> contents of /.amandahosts is -
> 
> peru root
> 
> I am trying just backup server local files, so /tmp/amanda log file is
> same as the one I sent you earlier.
> 
> Thanks.
> 
> Kevin
> 
> -----Original Message-----
> From: Brian Cuttler [mailto:brian AT wadsworth DOT org] 
> Sent: Thursday, March 17, 2005 11:32 AM
> To: Kevin Chen
> Cc: Brian Cuttler; amanda-users AT amanda DOT org
> Subject: Re: amcheck error
> 
> Kevin,
> 
> > amandad: time 30.005: dgram_recv: timeout after 30 seconds
> > amandad: error receiving message: timeout
> > amandad: time 30.007: error receiving message: timeout
> > amandad: time 30.007: pid 1075 finish time Thu Mar 17 11:25:59 2005
> 
> anything in /var/adm/messages ?
> Any client side files created in /tmp/amanda ?
> 
> What are the contents of /.amandahosts ?
> 
> Location of file in root is a result of using the root account
> as the amanda user. [We had used "bin" but have been migrating
> the a separate "amanda" userid]
> 
> Note: older versions would have relied on .rhosts, this change/more
> specific file was a security improvement a while back.
> 
> 
> 
> 
> 
> On Thu, Mar 17, 2005 at 11:24:10AM -0800, Kevin Chen wrote:
> > Brain:
> > 
> > It generated a log file in /tmp/amanada, here is entire content for
> this
> > file -
> > 
> > amandad: debug 1 pid 1075 ruid 0 euid 0: start at Thu Mar 17 11:25:29
> > 2005
> > amandad: version 2.4.4p4
> > amandad: build: VERSION="Amanda-2.4.4p4"
> > amandad:        BUILT_DATE="Tue Mar 15 15:02:29 PST 2005"
> > amandad:        BUILT_MACH="SunOS peru 5.8 Generic_117350-08 sun4u
> sparc
> > SUNW,Ultra-30"
> > amandad:        CC="gcc"
> > amandad:        CONFIGURE_COMMAND="'./configure' '--with-user=root'
> > '--with-group=other'"
> > amandad: paths: bindir="/usr/local/bin" sbindir="/usr/local/sbin"
> > amandad:        libexecdir="/usr/local/libexec"
> mandir="/usr/local/man"
> > amandad:        AMANDA_TMPDIR="/tmp/amanda"
> AMANDA_DBGDIR="/tmp/amanda"
> > amandad:        CONFIG_DIR="/usr/local/etc/amanda"
> > DEV_PREFIX="/dev/dsk/"
> > amandad:        RDEV_PREFIX="/dev/rdsk/" DUMP="/usr/sbin/ufsdump"
> > amandad:        RESTORE="/usr/sbin/ufsrestore" VDUMP=UNDEF
> > VRESTORE=UNDEF
> > amandad:        XFSDUMP=UNDEF XFSRESTORE=UNDEF VXDUMP=UNDEF
> > VXRESTORE=UNDEF
> > amandad:        SAMBA_CLIENT=UNDEF GNUTAR=UNDEF
> > COMPRESS_PATH="//bin/gzip"
> > amandad:        UNCOMPRESS_PATH="//bin/gzip" LPRCMD="//bin/lp"
> > amandad:        MAILER="//bin/mailx"
> > amandad:        listed_incr_dir="/usr/local/var/amanda/gnutar-lists"
> > amandad: defs:  DEFAULT_SERVER="peru" DEFAULT_CONFIG="DailySet1"
> > amandad:        DEFAULT_TAPE_SERVER="peru"
> > amandad:        DEFAULT_TAPE_DEVICE="/dev/rmt/0bn" HAVE_MMAP
> > HAVE_SYSVSHM
> > amandad:        LOCKING=POSIX_FCNTL SETPGRP_VOID DEBUG_CODE
> > amandad:        AMANDA_DEBUG_DAYS=4 BSD_SECURITY USE_AMANDAHOSTS
> > amandad:        CLIENT_LOGIN="root" FORCE_USERID HAVE_GZIP
> > amandad:        COMPRESS_SUFFIX=".gz" COMPRESS_FAST_OPT="--fast"
> > amandad:        COMPRESS_BEST_OPT="--best" UNCOMPRESS_OPT="-dc"
> > amandad: time 30.005: dgram_recv: timeout after 30 seconds
> > amandad: error receiving message: timeout
> > amandad: time 30.007: error receiving message: timeout
> > amandad: time 30.007: pid 1075 finish time Thu Mar 17 11:25:59 2005
> > 
> > 
> > Thanks.
> > 
> > Kevin
> > 
> > -----Original Message-----
> > From: Brian Cuttler [mailto:brian AT wadsworth DOT org] 
> > Sent: Thursday, March 17, 2005 11:23 AM
> > To: Brian Cuttler
> > Cc: Kevin Chen; amanda-users AT amanda DOT org
> > Subject: Re: amcheck error
> > 
> > 
> > Kevin,
> > 
> > I don't recall - what where the contents of the files in the
> > /tmp/amanda directory ?
> > 
> > On Thu, Mar 17, 2005 at 02:21:08PM -0500, Brian Cuttler wrote:
> > > 
> > > Kevin,
> > > 
> > > dumb question - all binaries, /usr/local/libexec/* /usr/local/sbin/*
> > > are local to the machine ? There is no worry about NFS mounts
> > accessing
> > > things as nobody (since you used the root account for the amanda
> user)
> > ?
> > > 
> > > On Thu, Mar 17, 2005 at 11:11:30AM -0800, Kevin Chen wrote:
> > > > Brian:
> > > > 
> > > > I ran "patch-system" command, so it actually created the entries
> in
> > > > /etc/inetd.conf and /etc/services automatically. Here are the
> lines
> > that
> > > > "patch-system" added:
> > > > 
> > > > /etc/inetd.conf -
> > > > 
> > > > amidxtaped      stream  tcp     nowait  root
> > > > /usr/local/libexec/amidxtaped  midxtaped
> > > > amanda    dgram  udp wait   root /usr/local/libexec/amandad
> > amandad
> > > > amandaidx stream tcp nowait root /usr/local/libexec/amindexd
> > amindexd
> > > > amidxtape stream tcp nowait root /usr/local/libexec/amidxtaped
> > > > amidxtaped
> > > > 
> > > > /etc/services -
> > > > 
> > > > amanda 10080/udp
> > > > amanda 10080/tcp
> > > > kamanda 10081/udp
> > > > amandaidx 10082/tcp
> > > > amidxtape 10083/tcp
> > > > 
> > > > Thanks.
> > > > 
> > > > Kevin
> > > > 
> > > > -----Original Message-----
> > > > From: Brian Cuttler [mailto:brian AT wadsworth DOT org] 
> > > > Sent: Thursday, March 17, 2005 6:08 AM
> > > > To: Kevin Chen
> > > > Subject: Re: amcheck error
> > > > 
> > > > 
> > > > Kevin,
> > > > 
> > > > I also saw a message to you yesterday asking that you check the
> > > > entry in /etc/inetd.conf, beyond that you also have to check the
> > > > /etc/services file (or NIS services perhaps) to make sure the
> > > > amanda services are properly defined TCP sockets.
> > > > 
> > > > 
> > > > On Wed, Mar 16, 2005 at 01:30:21PM -0800, Kevin Chen wrote:
> > > > > Hello:
> > > > > 
> > > > > I ran ldd and here is message -
> > > > > 
> > > > > ldd amandad
> > > > >         libamclient-2.4.4p4.so =>
> > > > > /usr/local/lib/libamclient-2.4.4p4.so
> > > > >         libamanda-2.4.4p4.so =>
> > /usr/local/lib/libamanda-2.4.4p4.so
> > > > >         libgen.so.1 =>   /usr/lib/libgen.so.1
> > > > >         libm.so.1 =>     /usr/lib/libm.so.1
> > > > >         libcurses.so.1 =>        /usr/lib/libcurses.so.1
> > > > >         libsocket.so.1 =>        /usr/lib/libsocket.so.1
> > > > >         libnsl.so.1 =>   /usr/lib/libnsl.so.1
> > > > >         libintl.so.1 =>  /usr/lib/libintl.so.1
> > > > >         libc.so.1 =>     /usr/lib/libc.so.1
> > > > >         libgcc_s.so.1 =>         /usr/local/lib/libgcc_s.so.1
> > > > >         libdl.so.1 =>    /usr/lib/libdl.so.1
> > > > >         libmp.so.2 =>    /usr/lib/libmp.so.2
> > > > >         /usr/platform/SUNW,Ultra-30/lib/libc_psr.so.1
> > > > > 
> > > > > I have checked all the corresponding libraries, everything are
> > there.
> > > > > 
> > > > > Thanks anyway.
> > > > > 
> > > > > Kevin
> > > > > 
> > > > > -----Original Message-----
> > > > > From: Brian Cuttler [mailto:brian AT wadsworth DOT org] 
> > > > > Sent: Wednesday, March 16, 2005 12:52 PM
> > > > > To: Kevin Chen
> > > > > Cc: amanda-users AT amanda DOT org
> > > > > Subject: Re: amcheck error
> > > > > 
> > > > > 
> > > > > 
> > > > > Try # ldd /usr/local/libexec/amandad on the client and see
> > > > > if you don't have all the support libraries available.
> > > > > 
> > > > > On Wed, Mar 16, 2005 at 12:43:07PM -0800, Kevin Chen wrote:
> > > > > > Greetings:
> > > > > > 
> > > > > >  
> > > > > > 
> > > > > > I am setting up Amanda 2.4.4p4 on a Sun Ultra30 machine which
> is
> > 
> > > > > > 
> > > > > > running Solaris 8, configuration and make install went through
> > all 
> > > > > > 
> > > > > > right, but when I run "amcheck Daily", it is keep on
> complaining
> > 
> > > > > > 
> > > > > > about one of client host is down - "Warning: spain selfcheck
> > request
> > > > 
> > > > > > 
> > > > > > timed out, Host down?", spain is another ultra30 in the same
> > subnet 
> > > > > > 
> > > > > > and I have ran "patch-system" on both server and client
> "spain" 
> > > > > > 
> > > > > > machine already. There are also some error messages in
> > > > > /var/adm/messages
> > > > > > - "inetd[138]: [ID 858011 daemon.warning]
> > > > /usr/local/libexec/amandad:
> > > > > > Killed" and " amanda/udp server failing (looping), service
> > > > > terminated".
> > > > > > I have checked all the amanda documentation but no 
> > > > > > 
> > > > > > lucks so far to solve my problem.
> > > > > > 
> > > > > >  
> > > > > > 
> > > > > > Any help would be really appreciated.
> > > > > > 
> > > > > >  
> > > > > > 
> > > > > > Kevin
> > > > > > 
> > > > > >  
> > > > > > 
> > > > > ---
> > > > >    Brian R Cuttler                 brian.cuttler AT wadsworth DOT org
> > > > >    Computer Systems Support        (v) 518 486-1697
> > > > >    Wadsworth Center                (f) 518 473-6384
> > > > >    NYS Department of Health        Help Desk 518 473-0773
> > > > > 
> > > > > 
> > > > > 
> > > > ---
> > > >    Brian R Cuttler                 brian.cuttler AT wadsworth DOT org
> > > >    Computer Systems Support        (v) 518 486-1697
> > > >    Wadsworth Center                (f) 518 473-6384
> > > >    NYS Department of Health        Help Desk 518 473-0773
> > > > 
> > > > 
> > > > 
> > > ---
> > >    Brian R Cuttler                 brian.cuttler AT wadsworth DOT org
> > >    Computer Systems Support        (v) 518 486-1697
> > >    Wadsworth Center                (f) 518 473-6384
> > >    NYS Department of Health        Help Desk 518 473-0773
> > > 
> > ---
> >    Brian R Cuttler                 brian.cuttler AT wadsworth DOT org
> >    Computer Systems Support        (v) 518 486-1697
> >    Wadsworth Center                (f) 518 473-6384
> >    NYS Department of Health        Help Desk 518 473-0773
> > 
> > 
> > 
> ---
>    Brian R Cuttler                 brian.cuttler AT wadsworth DOT org
>    Computer Systems Support        (v) 518 486-1697
>    Wadsworth Center                (f) 518 473-6384
>    NYS Department of Health        Help Desk 518 473-0773
> 
> 
> 
---
   Brian R Cuttler                 brian.cuttler AT wadsworth DOT org
   Computer Systems Support        (v) 518 486-1697
   Wadsworth Center                (f) 518 473-6384
   NYS Department of Health        Help Desk 518 473-0773
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: amcheck error, Kevin Chen
Next by Date:  Re: amcheck error, Paul Bijnens
Previous by Thread:  RE: amcheck error, Kevin Chen
Next by Thread:  RE: amcheck error, Kevin Chen
Indexes:  [Date] [Thread] [Top] [All Lists]