Re: "catch 22" in krb 5 client authentification
2009-04-08 08:42:00
amcheck must always be run by the amandabackup user.
Your xinetd config looks good.
Are you sure you are running amandad for 2.6.0p2 on the client? The
first line of the debug files should confirm it.
Jean-Louis
Daniel Novotny wrote:
hello,
one of our users has a problem while configuring Amanda (2.6.0p2) with krb5
authentification
when he runs amanda as an amandabackup user, he gets an error message
"Amanda must be run as user 'root' when using 'krb5'
authentication."
on the other hand, when he runs it as root, amcheck fails and amandad log shows:
** (process:25638): CRITICAL **: running as user "root" instead of
"amandabackup"
as the error messages oppose each other, is there any way out?
thanks and regards,
Daniel Novotny
btw, the xinetd config entry for k5amanda looks like this:
service k5amanda
{
port = 10082
socket_type = stream
protocol = tcp
wait = no
user = root
group = disk
server = /usr/libexec/amanda/amandad
# Configure server_args for the authentication type you will be using,
# and the services you wish to allow the amanda server and/or recovery
# clients to use.
#
# Change the -auth= entry to reflect the authentication type you use.
# Add amindexd to allow recovery clients to access the index database.
# Add amidxtaped to allow recovery clients to access the tape device.
server_args = -auth=krb5 amdump
disable = no
}
|
|
|