>ERROR: raq3: [access as operator not allowed from backup@debian0]
>...
>The ra3 box has the RPM binaries. I've tried fussing with .amandahosts to
>get the mismatched users to work, with no luck.
First, are you using .amandahosts on raq3? Take a look in /tmp/amanda
(or wherever the debug files are) for amandad*debug and grep for
USE_AMANDAHOSTS. If you see it, you're using .amandahosts. If you
don't you might be using .rhosts.
Next, is .amandahosts in ~operator on raq3? Is it owned by operator?
Is it mode 0400 or 0600? Can operator get to it, i.e. are all the
directories down through ~operator open enough for access?
The line in ~operator/.amandahosts should look like this:
debian0 backup
and it should **exactly** match the error message from amcheck w.r.t.
the host and user name. In other words, if amcheck reports a fully
qualified host name, that's what should be in the file. If it reports
a short name, that's what should be in the file.
If none of this helps, and you don't find any other bright ideas in
the Amanda FAQ (www.amanda.org), you'll need to build from source on
that machine, then cd to common-src and "make security". Run that on
raq3 **as root** and answer the questions, which will come from the
amcheck error message. It uses the same access method as amandad but
logs all the intermediate steps (e.g. permissions) and often points out
the real problem.
>send req failed: Connection refused
>send req failed: Connection refused
>protocol packet receive: Connection refused
>protocol packet receive: Connection refused
>WARNING: raq4: selfcheck request timed out. Host down?
>WARNING: freebsd1: selfcheck request timed out. Host down?
This would appear to be a problem with inetd not knowing about the
amandad service (or not having given it a HUP after changing inetd.conf),
or maybe you've got TCP wrappers around amandad and it won't let in
the tape server, or maybe a firewall. It could also be that the Amanda
services didn't get registered in /etc/services (or wherever) so inetd
is not happy (which should be /var/adm/messages or the like).
The first easy test is "netstat -a | grep amanda" to make sure someone
(inetd) is listening on the port.
>- Iain
John R. Jackson, Technical Software Specialist, [EMAIL PROTECTED]
