I’m trying to set up encryption for
Amanda 2.6.0p1. I’ve followed the instructions on http://wiki.zmanda.com/index.php/How_To:Set_up_data_encryption.
I did not specifically install gnupg or
aespipe as they appeared to be present already. I did install
sharutils for uuencode.
I generated the gpg-key as per the
instructions, created .am_passphrase, and then modified the dumptype in
amanda.conf accordingly:
define dumptype comp-tar {
program
"GNUTAR"
tape_splitsize 1Gb
compress fast
index yes
record yes
exclude list
"/etc/amanda/exclude-list"
encrypt
server
server_encrypt
"/usr/sbin/amcrypt"
server_decrypt_option "-d"
}
Amcheck runs ok. But when I start the
backup job, it fails with:
FAILED DUMP DETAILS:
/-- server /bla/bla lev 0 FAILED [data write:
Broken pipe]
sendbackup: start [server:/bla/bla level 0]
sendbackup: info BACKUP=/bin/tar
sendbackup: info RECOVER_CMD=/bin/gzip -dc |/bin/tar
-f... -
sendbackup: info COMPRESS_SUFFIX=.gz
sendbackup: info end
\--------
/-- server /bla/bla lev 0 FAILED [data write:
Broken pipe]
sendbackup: start [server:/bla/bla level 0]
sendbackup: info BACKUP=/bin/tar
sendbackup: info RECOVER_CMD=/bin/gzip -dc |/bin/tar
-f... -
sendbackup: info COMPRESS_SUFFIX=.gz
sendbackup: info end
\--------
And this is an extract from amdump.1 in the
Amanda config directory. It appears not to have been able to find
“aespipe”, which is strange because it’s right there:
-sh-3.2$ ls -l /usr/sbin/amaespipe
-rwxr-x--- 1 amandabackup disk 3193 May 14
03:45 /usr/sbin/amaespipe
amdump.1 extract:
which: no aespipe in
(/usr/sbin:/usr/libexec/amanda:/usr/sbin:/usr/libexec/amanda:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/sbin:/sbin:/us
r/ucb:/usr/sbin:/sbin:/usr/ucb:/opt/csw/bin)
/usr/sbin/amcrypt: aespipe was not found in
/usr/sbin:/usr/libexec/amanda:/usr/sbin:/usr/libexec/amanda:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/sb
in:/usr/sbin:/sbin:/usr/ucb:/usr/sbin:/sbin:/usr/ucb:/opt/csw/bin
dumper: kill encrypt command
dumper: kill index command
driver: state time 16.240 free kps: 5116
space: 456602272 taper: idle idle-dumpers: 3 qlen tapeq: 0 runq: 0 roomq: 0 wakeup:
0 driver-idle: no-dumpers
driver: interface-state time 16.240 if
default: free 5116
driver: hdisk-state time 16.240 hdisk 0:
free 198176768 dumpers 0 hdisk 1: free 258425504 dumpers 1
driver: result time 16.240 from dumper0:
FAILED 00-00002 "[data write: Broken pipe]"
driver: send-cmd time 16.240 to chunker0:
FAILED 00-00002
driver: state time 16.240 free kps: 5116
space: 456602272 taper: idle idle-dumpers: 3 qlen tapeq: 0 runq: 0 roomq: 0
wakeup: 0 driver-idle: no-dumpers
driver: interface-state time 16.240 if
default: free 5116
driver: hdisk-state time 16.240 hdisk 0:
free 198176768 dumpers 0 hdisk 1: free 258425504 dumpers 1
driver: result time 16.240 from chunker0:
FAILED 00-00002 "[dumper returned FAILED]"
driver: state time 16.241 free kps: 8000 space:
456613888 taper: idle idle-dumpers: 4 qlen tapeq: 0 runq: 0 roomq: 0 wakeup: 0
driver-idle: no-dumpers
driver: interface-state time 16.241 if
default: free 8000
driver: hdisk-state time 16.241 hdisk 0:
free 198176768 dumpers 0 hdisk 1: free 258437120 dumpers 0
driver: QUITTING time 16.241 telling
children to quit
driver: send-cmd time 16.241 to dumper0:
QUIT
driver: send-cmd time 16.241 to dumper1:
QUIT
driver: send-cmd time 16.241 to dumper2:
QUIT
driver: send-cmd time 16.241 to dumper3:
QUIT
driver: send-cmd time 16.241 to taper: QUIT
taper: DONE
driver: FINISHED time 17.244
amdump: end at Fri Jul 25 16:59:01 BST 2008
I did notice that an example dumptype in
amanda.conf mentions "/usr/sbin/amgpgcrypt" as opposed to "/usr/sbin/amcrypt",
but get the same results as above when using that one.
Am I maybe not using the correct version of
aespipe? The Amanda server is a simple clean install of RHEL5 U2.
Any advice?
Thanks.
