On 2007-11-02 14:45, Philipp Geschke wrote:
I want to set up amanda in an unsecure multiuser environment. I want every user (maschine) to have access to their own backup only. But what happens right now is, as soon as a host is authenticated, it needs only to know the configurations name and the name of the host he wants the backup from, and it can access what ever it wants using the sethost command in amrecover (eg. amrecover -C test >> sethost test.testdomain.local). So, basically my question comes down to this: Does amanda support something like an acl to limit one host to one backup instead of opening all backups to any host that is allowed to connect to the index and tapeserver?
What I would do is to edit the .amandahost on the server and do not allow any host to restore anything. And when someone needs to restore something, then temporarily add an entry for that host. And tell the user that you will monitor his restore actions (you can find those in the amanda-debug dir on the server). When finished, disallow access again, by editing the .amandahosts file on the server. Not perfect, but you wouldn't expect to automate security in a non-secure environment, do you? -- Paul Bijnens, xplanation Technology Services Tel +32 16 397.511 Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM Fax +32 16 397.512 http://www.xplanation.com/ email: [EMAIL PROTECTED] *********************************************************************** * I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, ^^, * * F6, quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, * * stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, * * PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, * * init 0, kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... * * ... "Are you sure?" ... YES ... Phew ... I'm out * ***********************************************************************
