On Wednesday 03 October 2018 22:07:53 Olivier wrote:
> Gene,
>
> Sorry, I missed your message yesterday.
>
> > ERROR: picnc: selfcheck request failed: file/dir '/usr/local/etc'
> > (/usr/local/etc/amanda-security.conf) is writable by the group
> > Client check: 5 hosts checked in 11.356 seconds. 5 problems found.
> >
> > ...
> >
> > The man page says its to be in /etc/amanda, but since this is a
> > local build, its in /usr/local/etc/amanda.
>
> First, I see a discrepancy: the error messge places the file
> amanda-security.conf in /usr/local/etc while according to what you say
> later about the man page, you expect it to be in /usr/local/etc/amanda
>
> The error message is complaining about the mode of the directory, not
> about the file. But mode on /usr/local/etc are not for Amanda only,
> it's a system stuff, so it is not really realistic to change them.
>
> So the solution was to move the file to /usr/local/etc/amanda, as
> suggested by the man, where you can adjust the mode more to Amanda
> linking.
>
> To do that, I modified the Makefile in FreeBSD port to include the
> option:
>
> --with-security-file=/usr/local/etc/amanda/amanda-security.conf
>
> [ In the case of FreeBSDm it was:
>
> --with-security-file=${ETCDIR}/amanda/amanda-security.conf
>
> I also informed the port maintener that there maybe a change needed]
>
> I hope that helps.
>
> Olivier
May I be so rude as to point out
that --with-security-file=/path/to/amanda-security.conf doesn't work
according to the config output. I moved it
to /usr/local/etc/amanda/Daily. It is there, and owned by amanda:disk,
but configure reports:
./gh.cf:
25: ./gh.cf:
--with-security_file=/usr/local/etc/amanda/Daily/amanda-security.conf:
not found
So I'll state that until now I hadn't noted your use of a dash whereas I
was using and underscore, so I fixed that and reran the script, getting
this at the synopsis at the end:
./gh.cf:
25: ./gh.cf:
--with-security-file=/usr/local/etc/amanda/Daily/amanda-security.conf:
not found
But as amanda, ls -l /usr/local/etc/amanda/Daily returns
total 136
-rw-r--r-- 1 amanda disk 21488 Oct 25 2005 3hole.ps
-rw-r--r-- 1 amanda disk 5887 Oct 25 2005 8.5x11.ps
-rw-r--r-- 1 amanda disk 25389 Oct 3 09:49 amanda.conf
-rw-r--r-- 1 amanda disk 24655 Apr 20 2012 amanda.conf~
-rw-r--r-- 1 amanda disk 2034 Oct 2 14:26 amanda-security.conf <<<<<
-rw------- 1 amanda disk 222 Oct 3 12:36 chg-disk
-rw-r--r-- 1 amanda disk 2 Aug 24 13:42 chg-disk-access
-rw-r--r-- 1 amanda disk 3 Aug 24 13:42 chg-disk-clean
-rw-r--r-- 1 amanda disk 2 Aug 24 13:42 chg-disk-slot
-rw-r--r-- 1 amanda disk 765 May 22 2004 chg-scsi.conf
-rw------- 1 amanda disk 16 Mar 4 2017 command_file
-rw-r--r-- 1 amanda disk 3977 Aug 30 06:28 disklist
-rw-r--r-- 1 amanda disk 5002 Apr 3 2012 disklist~
-rw------- 1 amanda disk 2566 Oct 3 12:24 tapelist
-rw------- 1 amanda disk 1071 Aug 24 13:22 tapelist.amlabel
lrwxrwxrwx 1 amanda disk 5 Mar 4 2017 tapelist.last_write -> 16356
-rw------- 1 amanda disk 0 Aug 31 03:03 tapelist.lock
Of what use is the option if it doesn't work?
An error message that tells you WHY its not found would at least hint at
what it takes to fix it. Security by obscurity like this is a right
PITA.
Until there is a fix that works, this thread is a waste of bandwidth.
Thank you for trying, Nathan and Oliver, its appreciated.
--
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
