Dunc wrote:
John E Hein wrote:
Dunc wrote at 12:08 +0000 on Dec 9, 2004:
> > amrestore: could not open /dev/nrsa0: Permission denied
...
> > Which completely baffles me because,
> > a) the amdump can use the tape drive fine, as can amrestore
> b) the amanda user is in the operator group, and the operator group
has > rw permissions on /dev/nrsa0
> c) I've tried su'ing to amanda, and trying to access the tape drive
and > that is also fine.
You should run amrecover as root so the files get extracted with the
right ownership & permissions.
That said, the permission problem on the tape device is something
else. You probably aren't accessing the tape drive as the user that
you think you are (which is not necessarily the same user that ran
amrecover). Look for the amidxtaped entry in /etc/inetd.conf and see
what user you've specified.
I was running amrecover as root.
I checked my xinetd, and I had the index daemons running as the amanda
user, I swapped them to root instead, and it does work now, many many
thanks.
I still don't understand why though. As I said before, the amanda user
is allowed to access the tape drive, I checked that.
The group "operator" is probably not the primary group as found in
/etc/passwd. And you probably forgot the "groups = yes" directive
in the xinetd.conf file for amidxtape. When omited, you don't have
the additional groups permissions, only the primary group from
/etc/passwd. Could this have been the problem?
Running as root solves this.
Also, after
swapping xinetd so that they are run as root from xinetd, when i check
the process list, it says that amindexd and amidxtaped are both running
as amanda anyway. So what's going on here?
If the macro FORCE_USERID is defined when compiling, the program does
indeed detect if it is running as root, and switches to amanda itself,
as you noticed. And when switching itself, it does take the additional
groups into account.
You can see de defs from the compile time with:
$ amadmin x version
...
CLIENT_LOGIN="amanda" FORCE_USERID HAVE_GZIP
...
The only thing that seems to make sense is that they try and switch to
the amanda user blindly, even if it already is the correct user?
Only when root.
I'd like to know what's going on just for completeness if anyone knows,
but at least it's working now, and thanks again John :)
--
Paul Bijnens, Xplanation Tel +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM Fax +32 16 397.512
http://www.xplanation.com/ email: [EMAIL PROTECTED]
***********************************************************************
* I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, *
* kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... *
* ... "Are you sure?" ... YES ... Phew ... I'm out *
***********************************************************************
