On Thu, Oct 04, 2018 at 09:07:53 +0700, Olivier wrote:
> The error message is complaining about the mode of the directory, not
> about the file. But mode on /usr/local/etc are not for Amanda only, it's
> a system stuff, so it is not really realistic to change them.
>
> So the solution was to move the file to /usr/local/etc/amanda, as
> suggested by the man, where you can adjust the mode more to Amanda
> linking.
While trying to figure out the error messages Gene was reporting I took
a look at the source code that performs this security check [*] and
found that it specifically checks the ownership and permissions of each
containing directory all the way up the path. So, in this case, if it
doesn't like the permissions of /usr/local/etc/, moving it under
/usr/local/etc/amanda/ won't actually avoid the error message -- it will
still check /usr/local/etc/ because it's a parent of the .../amanda/
directory.
Here's what Jean-Louis wrote on the topic back in Jun 2017:
The complete path to security.conf must be owned and writable only by
the root user
[...]
That's why it is by default in /etc and not in /etc/amanda which must
be writable by the amanda user.
[*] for what it's worth, it's done in the function
check_security_file_permission_message_recursive() found in
common-src/security-file.c
>
> To do that, I modified the Makefile in FreeBSD port to include the
> option:
>
> --with-security-file=/usr/local/etc/amanda/amanda-security.conf
>
> [ In the case of FreeBSDm it was:
>
> --with-security-file=${ETCDIR}/amanda/amanda-security.conf
>
Have you completed the build process with this configure parameter in
place? (I'm curious to hear if it did work as expected for you.)
Nathan
----------------------------------------------------------------------------
Nathan Stratton Treadway - [email protected] - Mid-Atlantic region
Ray Ontko & Co. - Software consulting services - http://www.ontko.com/
GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt ID: 1023D/ECFB6239
Key fingerprint = 6AD8 485E 20B9 5C71 231C 0C32 15F3 ADCD ECFB 6239
