Re: amcheck with gnutar

Chris Karakas Wed, 17 Jan 2001 10:02:09 -0800
Takayuki Murai wrote:
> 

> my client's /etc/group:
> -----------------------------------
> operator:*:5:root,amanda
> amanda:*:1000:amanda
> 
...

> > > The files of permissions are:
> > >
> > > -rwsr-x---  1 root    amanda   52300 Jan 15 17:06 runtar
> > > drw-rw-rw-  2 amanda  amanda  512 Jan 16 15:58 gnutar-lists
> > >

Since amanda is in the operator group on your client, runtar, at least,
should be owned by group operator, not group amanda. I see that you have
a user amanda (on the client and the server), a group amanda (on the
client, as seen on the files permissions above), a group operator (on
the client) and a group disk (on the server). Of course, you can do it
that complicated, but you must know what you are doing ;-)

I suggest you stick to *one* AMANDA user and *one* group with disk
access rights for both server and client. I have decided for "amanda" as
the AMANDA user and "disk" for the disk access group where amanda
belongs. It is then enough to change the *group* ownership to the disk
group. So I have:

-rwsr-xr--   1 root     disk        21344 Dec 10 16:42
/usr/lib/amanda/runtar




> Please give me some advice!!
> 
> taka
> 
> Takayuki Murai -'o^a?@-2"V-
> [EMAIL PROTECTED]
> 
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of
> > [EMAIL PROTECTED]
> > Sent: Tuesday, January 16, 2001 5:45 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: amcheck with gnutar
> >
> >
> > taka murai hath declared on Tuesday the 16 day of January 2001  :-:
> > >
> > > ERROR: dirac: [can not execute /usr/local/libexec/runtar:
> > Permission denied]
> > > ERROR: dirac: [can not read/write /usr/local/var/amanda/gnutar-lists/.:
> > > Permission denied]
> > >

> > > How can I do to get Permission allowed?
> >
> > First off, what user are you running amandad as on the client?
> > In /etc/inetd.conf:
> >
> > amanda  dgram   udp     wait    amanda /usr/local/libexec/amandad amandad
> >                                 ^^^^^^
> >
> > Next, is this user in the amanda group to be able to run runtar,
> > it it possibly operator (Freebsd) or disk (linux), you could just
> > add amanda to the amanda group in /etc/group as you want amanda to
> > stay in the group that has read access to the disks (operator/disk)
> >
> > /etc/group:
> > amanda:*:6:amanda                  (or something similar...)
> >
> > As for gnutar-lists... *shrug*
> > check the permission to the directories under it, /usr/local/var/,
> > /usr/local/var/amanda. Also it is a bad idea to have write permission
> > to all other groups on the system, someone could be nasty!
> >
> > --
> > Robert "bobb" Crosbie.
> > System Administrator, Internet Ireland.
> >

-- 
Regards

Chris Karakas
Don´t waste your cpu time - crack rc5: http://www.distributed.net
Re: amcheck with gnutar

Reply via email to
