Thanks John (and everyone) for the quick and useful feedback.
On Fri, Jul 27, 2001 at 06:17:08PM -0500, John R. Jackson wrote:
> >Some of our files are more confidential and I would like to hide these
> >a little: the director's files and the accounts. Is there anyway to
> >protect these? It doesn't have to be high grade security, just
> >security through obscurity.
> As I'm sure you know, and others have pointed out, about all you're going
> to get with simple tweaks is "security through obscurity", but as that's
> a given as OK for the moment ...
Yes - I'm fully aware of the weakness of the security that I'm
requesting :-).
Rest assured that this is not a reflection on the rest of the
system. One thing that would increase security would be the ability to
inform the system administrator by mail/logs which files have been
restored. If the new amr script logs which user is running it, then
the system can track who restores what - a degree of
accountability. Is there any way to do this with the existing setup?
> The following (amazingly trivial :-) patch allows amrecover commands on
> the command line, e.g.:
>
> amrecover <config> "sethost xxx" "setdisk /home" "cd some-user"
>
> So that might help a little.
Great - pretty much what I had in mind.
Tom
> I second the motion to use sudo (since amrecover must be run as root).
> That, in conjunction with a wrapper script around amrecover, might get
> you started.
>
> >What about the "set owner to '.'" bit?
>
> Just tell them to always answer "no". The '.' in this case would either
> be the top level of the file system or a temp directory in it (see below),
> and in either case it's best left alone.
> Remember that amrecover must be run as root, and it runs the restore
> program as root.
>
> >I could write a script to:
> >1) ask for the username
> >2) start up the amrestore program, setting the lcd to that user's
> >directory. Better still, a directory inside that directory called
> >recover.
>
> I've appended my "amr" wrapper script. It takes an (optional) user name
> on the command line, cd's to the top of the home directory file system,
> creates a .bkrest.$$ temp directory and cd's into there, then fires up
> amrecover. That could easily be changed to create and use your "restore"
> directory within the home.
> With the patch below you should be able to add the command to "cd" to the
> home directory, which obscures the restore a bit as they would have to
> explicitly go up a level to see anything else. You don't need to "lcd"
> since the script puts you in the right place to start with.
> The amr script does a bunch of other things you won't be interested in.
> Just ask if anything is confusing. One thing it calls is another script
> named amlocal that takes a host name and echoes several shell assignement
> statements for the config, the index host, the tape host, etc.
