Summer projects.
We need to upgrade all our servers from Ubuntu 14.04 to 16.04 this summer.
I started with the simplest server, which really only provides file storage via sftp. Of course, it
also has an amanda client – 3.3.3.
The do-release-upgrade to 16.04 ran pretty smoothly. However, afterwards Amanda gave me the classic
warning "selfcheck request failed: EOF on read". Kind of makes sense. All the system libraries
changed, so I should recompile Amanda. However, that turned out to be a bit of a problem. First off,
in the make step, I got an error, "gets is a security hole - use fgets instead". I found this:
http://lists.gnu.org/archive/html/grub-devel/2012-07/txtHRnXiHYUrM.txt, and applied the same patch
down inside the Amanda copy of gnulib/stdio.in.h. Then I came up with some other errors related to
perl, I think. So, I decided that I should just upgrade Amanda.
I started the upgrade of Amanda by doing a `make uninstall` in the source for
amanda 3.3.3.
Amanda 3.5.1 built and installed without any apparent trouble.
Now, I'm still getting the selfcheck request failed.
I'm using ssh-auth.
On my client, the authorized_keys has an entry that looks like:
from="eclogite.geo.mor.nsm",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/usr/local/libexec/amanda/amandad
-auth=ssh amdump" ssh-rsa AAA-and-so-on-with-the-key
I've compared the keys, and they match. However, if I go to the Amanda server,
su to amanda, and enter
ssh perigee.geo.mor.nsm "/usr/local/libexec/amanda/amandad -auth=ssh amdump"
It asks me for a password. I would have expected it to authenticate with the key but fail in the
subsequent exchange, since I don't know how to talk like Amanda on the shell pipe. Then, I could
look at the debug files in /tmp/amanda. But, there are none on the client. And no references to the
client in the debug files on the server that I could find.
I suppose the top question would be to confirm that Amanda 3.3.3 as server should be able to work
with Amanda 3.5.1 as a client. If that is true, then I can work with it from there.
This is my configure:
sudo ./configure --with-user=amandabackup --with-group=amandabackup --without-server --without-ipv6
--with-ssh-security
--
---------------
Chris Hoogendyk
-
O__ ---- Systems Administrator
c/ /'_ --- Biology & Geosciences Departments
(*) \(*) -- 315 Morrill Science Center
~~~~~~~~~~ - University of Massachusetts, Amherst
<[email protected]>
---------------
Erdös 4
