|
Re: port 35280 not secure
2006-04-03 15:56:22
On Monday 03 April 2006 20:25, Kevin Till wrote:
> Anne Wilson wrote:
> > On Monday 03 April 2006 19:50, Anne Wilson wrote:
> >>Kevin said:
> >>amcheck is not setuid root on the source tree so it fails to bind a
> >>privileged port while perform host check.
> >>
> >>I've made sure now that all the /usr/local/sbin/ executables are owned
> >>root:disk, and amcheck is setuid. What else needs to be setuid?
> >
> > Changed ownership to amanda:disk, but still seeing the same errors.
>
> the installed amcheck should be used, not the one in the source tree.
> The installed amcheck should have permission similar to the following:
>
> ls -la /usr/local/sbin/amcheck
> -rwsr-x--- 1 root disk 63345 Apr 3 10:45 /usr/local/sbin/amcheck
>
-rwsr-x--- 1 amanda disk 82445 Mar 26 20:31 /usr/local/sbin/amcheck
>
Some of the errors have disappeared since I corrected ownerships, but I still
get
[amanda@borg ~]$ /usr/local/sbin/amcheck Daily
Amanda Tape Server Host Check
-----------------------------
WARNING: program /usr/local/sbin/amcheck: not setuid-root
Holding disk /tmp/dumps: 10799 MB disk space available, using 10299 MB
ERROR: /Backup/amandatapes/Dailys/data/: No such file or directory
ERROR: /Backup/amandatapes/Dailys/data/: No such file or directory
ERROR: /Backup/amandatapes/Dailys/data/: No such file or directory
ERROR: /Backup/amandatapes/Dailys/data/: No such file or directory
ERROR: /Backup/amandatapes/Dailys/data/: No such file or directory
ERROR: /Backup/amandatapes/Dailys/data/: No such file or directory
slot 4: not an amanda tape (Read 0 bytes)
slot 5: not an amanda tape (Read 0 bytes)
slot 6: not an amanda tape (Read 0 bytes)
slot 7: not an amanda tape (Read 0 bytes)
slot 8: not an amanda tape (Read 0 bytes)
slot 9: not an amanda tape (Read 0 bytes)
slot 10: not an amanda tape (Read 0 bytes)
slot 11: not an amanda tape (Read 0 bytes)
slot 12: not an amanda tape (Read 0 bytes)
slot 13: not an amanda tape (Read 0 bytes)
slot 14: not an amanda tape (Read 0 bytes)
slot 15: not an amanda tape (Read 0 bytes)
slot 16: not an amanda tape (Read 0 bytes)
slot 17: not an amanda tape (Read 0 bytes)
slot 18: not an amanda tape (Read 0 bytes)
slot 19: rewinding tape: Input/output error
slot 20: rewinding tape: Input/output error
slot 21: rewinding tape: Input/output error
slot 1: not an amanda tape (Read 0 bytes)
slot 2: not an amanda tape (Read 0 bytes)
slot 3: not an amanda tape (Read 0 bytes)
(expecting a new tape)
NOTE: info dir /usr/local/var/amanda/Daily/curinfo: does not exist
NOTE: it will be created on the next run.
NOTE: index dir /usr/local/var/amanda/Daily/index: does not exist
NOTE: it will be created on the next run.
Server check took 0.939 seconds
Amanda Backup Client Hosts Check
--------------------------------
ERROR: NAK borg: host borg: port 35331 not secure
Client check: 1 host checked in 5.010 seconds, 1 problem found
(brought to you by Amanda 2.5.0-20060323)
***********
ls -l /Backup/amandatapes/Dailys/data
lrwxrwxrwx 1 amanda disk 32 Apr 3 20:45 /Backup/amandatapes/Dailys/data
-> /Backup/amandatapes/Dailys/slot3
>
> Is there a firewall between the client and the server?
> If so, see http://wiki.zmanda.com/index.php/Firewalls_%26_NAT
No - the current need is for the backup of borg:hda to borg:hdb
SELinux is disabled.
Anne
pgpOAcqGNNiwb.pgp
Description: PGP signature
|
|
|
