Hi: I'm attempting to backup a FreeNAS server with Windows ACLs (as it normally serves all its data up to Windows clients; Amanda is the only unix user of the data).
On the FreeBSD jail with amanda-client, as root, I can see/access all files on the system. However, amanda is throwing permission denied errors on folders and files without everyone=read permissions (in windows). I've looked, and it appears that amanda has the proper suid bits for the chunks doing backups (calcsize, killpgrp, rundump, runtar are all suid and all the programs are owned by root). I'm at a loss as to why this isn't working. As a possible fix to this, it recently occured to me that perhaps I should run a windows client and the amanda backup client on it. My main consern is backup time and forcing a network connection. I'm backing up approx. 75TB of data to LTO8M tape, and currently one run (one tape's worth) takes about 36-40hrs already. This is running the client on the hardware that has the data, so there's no network read requirement for amanda-client to "see" the data. As this hardware is freeBSD, I'd have to at least run a windows VM on this hardware, if not a separate physical machine that would have to read all the data over the network then send it to amanda-server over the network. Would this method be substantially better? Are there other methods of addressing this? (adding everyone permissions to the problem shares is not an answer we can accept here, although figuring out how to get a special-purpose user or perhaps the builtin BACKUP-OPERATOR group to work with amanda is potentially an option). Thanks in advance for your help! --Jim
