On Wed, Apr 12, 2006 at 06:05:29PM +0200, Thomas Ginestet wrote: > Thanks JL you right. I've made my own dumptype and it's much better. > But amcheck tell me to run it as user backup instead of root and when I > run it with user backup, i've got: > > backup:/$ /usr/sbin/amcheck DailySet > amcheck: could not open /tmp/amanda/amcheck.temp.19982: Permission denied > > amcheck is setuid so I don't understand why it fail (and why it tries to > open /tmp/amanda) > -rwsr-xr-- 1 root backup 35164 2006-04-03 14:07 amcheck >
Just because a program is setuid root does not mean all its functions run with those permissions. Just as you can do an "su username" the amcheck can change its id for some purposes that need not be done as root. Least necessary privlege is often the best choice. /tmp/amanda is where debugging files from all amanda programs are logged. It should be owned by amanda. Probably it is owned by root due to your running things as root in the past. -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road (609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)
