On Fri, Jul 27, 2001 at 12:43:03PM +0200, Johannes Niess wrote:
> Tom Strickland <[EMAIL PROTECTED]> writes:
> > Our system will be run largely without a competent Unix administrator
> > on-site. The secretary and one other individual will be responsible
> > for tape-changing, cleaning and amrecover for files and directories
> > deleted by users.
> > My question:
> > Some of our files are more confidential and I would like to hide these
> > a little: the director's files and the accounts. Is there anyway to
> > protect these? It doesn't have to be high grade security, just
> > security through obscurity.
> What about sudo? The recovered files keep owner and permissions. Let
> the operator's sudo to the (too powerfull in this case) Amanda user
> just for amcheck, amrecover and what else you like. You'll see their
> actions in the syslog. The good thing: no password for the Amanda user
> has to be given away.
> We have set up just our tape changing that way.
Good idea. I think that we will do this, but I have one more
question. What about the "set owner to '.'" bit? Couldn't they just
choose their home directory and set the ownership of the file to
'.' there? Perhaps I've misunderstood the feature...
On that point, there isn't a way to either:
a) restore the files to their original directory by default
or
b) set the initial lcd dir at the command line?
I know that (b) isn't possible, but it would be a great feature for
idiot-proofing the amrestore procedure. I could write a script to:
1) ask for the username
2) start up the amrestore program, setting the lcd to that user's
directory. Better still, a directory inside that directory called
recover.
Come to think of it, are there any plans to make amrecover work from
the command line? It would be quite handy to be able to use it in
scripting to a limited degree.
Tom
