Greetings; 

I just nuked the amanda install, then re-installed on that box, so now 
everything is as user:group=root:root except the runtar & related stuffs.

From that install, an ls -la of /usr/lib/amanda:
total 204
drwxr-xr-x   2 root root    4096 2009-09-30 22:14 .
drwxr-xr-x 115 root root   45056 2009-09-30 22:14 ..
-rwxr-xr-x   1 root root   15000 2005-12-31 09:48 amandad
-rwxr-xr-x   1 root root    5068 2005-12-31 09:48 amqde
-rwxr-xr-x   1 root root    9816 2005-12-31 09:48 calcsize
-rwsr-xr--   1 root backup  5224 2005-12-31 09:48 killpgrp
-rwxr-xr-x   1 root root    4810 2005-12-31 09:48 patch-system
-rwsr-xr--   1 root backup  4628 2005-12-31 09:48 rundump
-rwsr-xr--   1 root backup  4928 2005-12-31 09:48 runtar
-rwxr-xr-x   1 root root   18096 2005-12-31 09:48 selfcheck
-rwxr-xr-x   1 root root   32008 2005-12-31 09:48 sendbackup
-rwxr-xr-x   1 root root   30712 2005-12-31 09:48 sendsize
-rwxr-xr-x   1 root root    3084 2005-12-31 09:48 versionsuffix

And that looks scary as hell to me in terms of security.  But who knows just 
how the hell they cram amanda into a deb.

So I give up, add a user backup, and change everything in a parallel 
configuration directory to be backup instead of amanda.

So, my question then since the runtar log generated by my running an
su amanda -c "amcheck Shop" if the user is amanda gets me this:
--------------
runtar: debug 1 pid 5864 ruid 0 euid 34: start at Wed Sep 30 22:10:47 2009
/usr/lib/amanda/runtar: version 2.4.5p1
runtar: error [must be invoked by backup]

runtar: pid 5864 finish time Wed Sep 30 22:10:47 2009
-------------------
So, making all instances of the user amanda into backup in the config and a 
few other changes:
----------------------
[root@coyote Shop]# su backup -c "amcheck Shop"
bash: /usr/local/sbin/amcheck: Permission denied
-----------------------
So, I add backup to the disk string in group, and disk to the backup entry in 
group, and get this:
-------------------------
root@coyote etc]# su backup -c "amcheck Shop"
amcheck: critical (fatal): create debug directory "/tmp/amanda-dbg//server/": 
Permission denied
amcheck: create debug directory "/tmp/amanda-dbg//server/": Permission denied
/usr/local/lib/amanda/libamanda-2.6.2alpha-20090831.so[0xb7e80c66]
/lib/libglib-2.0.so.0(g_logv+0x26f)[0x4f9a527f]
/lib/libglib-2.0.so.0(g_log+0x26)[0x4f9a5626]
/usr/local/lib/amanda/libamanda-2.6.2alpha-20090831.so[0xb7e8011c]
/usr/local/lib/amanda/libamanda-2.6.2alpha-20090831.so(debug_open+0x52)
[0xb7e807e2]
amcheck(main+0x95)[0x8050435]
/lib/libc.so.6(__libc_start_main+0xe5)[0x4523c6e5]
amcheck[0x804a2f1]
----------------------
Which looks like it gives a lot of stuff a bellyache.

Is there a way to use both 'amanda' as the local user, and 'backup' for the 
user going out on le0, or how can I widen the perms, hummm, change the damned 
/tmp path to /tmp/backup & give it its own perms maybe.  Except its trying to 
make the subdirs in /tmp/amanda, which are quite restricted access.  So 
that's a non starter.

And all I really wanted to do was to add 4 entrys in the 'Daily' disklist to 
pickup the emc related stuff from my milling machine, but I had NDI it would 
be a 2 week job & its still not working.  Discouraging to say the least.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
<https://www.nrahq.org/nrabonus/accept-membership.asp>

Look afar and see the end from the beginning.