Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: backups: best privilege policy

2006-08-14 18:56:29
Subject: Re: backups: best privilege policy
From: Jon LaBadie <jon AT jgcomp DOT com>
To: amanda-users AT amanda DOT org
Date: Mon, 14 Aug 2006 17:48:18 -0400 
On Mon, Aug 14, 2006 at 09:06:19PM +0100, Alan Pearson wrote:
> 
> 
> On 14 Aug 2006, at 20:37, Henning Brauer wrote:
> 
> >>there an established method for keeping privileges lower when  
> >>doing dumps, i.e.
> >>add a user who can dump and not using root to do this?
> >
> >you don't need root to do backups, a member of group operator is
> >sufficient. we add a special backup user to each machine and restrict
> >the access via ssh key a fair little bit more, like
> 
> I presume root is need for tar, as it need file permissions ?

On the client a compiled, wrapper program, "runtar" is used
to call tar.  runtar is installed owned by root and setuid'ed.

-- 
Jon H. LaBadie                  jon AT jgcomp DOT com
 JG Computing
 4455 Province Line Road        (609) 252-0159
 Princeton, NJ  08540-4322      (609) 683-7220 (fax)
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: tape_splitsize 20 Gb and 200GB LTO2 Tapes, Gardiner Leverett
Next by Date:  Re: backups: best privilege policy, Alan Pearson
Previous by Thread:  Re: backups: best privilege policy, Alan Pearson
Next by Thread:  Re: backups: best privilege policy, Alan Pearson
Indexes:  [Date] [Thread] [Top] [All Lists]