On Thu, May 12, 2005 at 09:37:09PM +0100, Rodrigo Ventura wrote:
> 
> In fact /var/spool/imap is not readable by amanda. But it is absurd that 
> amanda has to read every file in the system... (mode=600 files are 
> unbackupable???) Or maybe amanda only needs to be able to read the base 
> directory of the dump.

Uhhh, I don't get why you feel it is absurd to need to read a file
in order to back it up.  How else does one backup, i.e. copy a file,
without reading its contents?

However, amanda does not do the backup, so the 'amanda user' does not
need read permission.  Root does the backups if you are using gnutar.
Properly installed, the amanda program ".../libexec/runtar" is root
owned and set-uid'ed.  That is the program that invokes gnutar and
thus gnutar runs with root privleges.

Is your runtar (and several other amanda programs) set-uid'ed root?

-- 
Jon H. LaBadie                  jon AT jgcomp DOT com
 JG Computing
 4455 Province Line Road        (609) 252-0159
 Princeton, NJ  08540-4322      (609) 683-7220 (fax)