On Tue, Sep 20, 2005 at 03:03:02PM -0600, Adam Bayless enlightened us:
> I'm getting:
>
> ERROR: client: [host server.domain.com: port 10022 not secure]
>
> when running amcheck . The FAQ says make sure that amcheck is suid root,
> which it is:
>
> -r-sr-x--- 1 root operator 34840 Sep 20 19:50 /usr/local/sbin/amcheck
>
> The FAQ also mentions NAT possibly causing issues with ports such as
> this but I am not in a NAT scenario.
>
> I'm using a default build of amanda-2.4.5 (from the FreeBSD ports
> collection). The only customization is that I used
> '--with-udpportrange=10000,10100' '--with-portrange=10000,10100' because
> I have one host behind a firewall. The server is outside as are the
> other clients. I had this all working under an earlier build of amanda
> (2.4.1-ish) but when I updgraded to 2.4.5 things borked on me. Have
> there been any config changes since then that I should be aware of?
>
> Anyone have any pointers?
>
Yes, reread the portusage.txt document. The section on UDP ports specifies
that you should have at least "inparallel" many ports all less than 1023.
Any process can open a port > 1023, so amanda doesn't trust those packets.
Matt
--
Matt Hyclak
Department of Mathematics
Department of Social Work
Ohio University
(740) 593-1263
|