Re: "catch 22" in krb 5 client authentification
2009-04-14 08:19:35
----- "Jean-Louis Martineau" <martineau AT zmanda DOT com> wrote:
> amcheck must always be run by the amandabackup user.
> Your xinetd config looks good.
It is. Just for clarity here's amcheck run as amandabackup with the server
running as root:
-bash-3.2$ id
uid=33(amandabackup) gid=6(disk) groups=6(disk)
-bash-3.2$ amcheck DailySet3
Amanda Tape Server Host Check
....
Amanda Backup Client Hosts Check
--------------------------------
ERROR: zen: service /usr/libexec/amanda/noop failed: pid 21835 exited with code
1
Client check: 1 host checked in 1.114 seconds. 1 problem found.
And here's the other error if I run amcheck as amandabackup with the server
running as amandabackup:
-bash-3.2$ amcheck DailySet3
Amanda Tape Server Host Check
...
Amanda Backup Client Hosts Check
--------------------------------
WARNING: zen: selfcheck request failed: recv error in gss loop:
tcpm_recv_token: invalid size: amandad: Amanda must be run as user 'root' when
using 'krb5' authetication
Client check: 1 host checked in 10.151 seconds. 1 problem found.
> Are you sure you are running amandad for 2.6.0p2 on the client? The
> first line of the debug files should confirm it.
yes, sure, because this is the version in the rpm package of the distribution
>
> Jean-Louis
>
|
|
|