On Fri, Oct 11, 2013 at 04:56:35PM +0200, Remco wrote: > Possibly, yes, but I don't think you're supplying all information necessary > to > determine that. The exact command you run isn't clear to me.
Here it is, on the machine without errors: $ id uid=1001(backup) gid=1001(backup) groups=1001(backup), 5(operator) $ /sbin/dump -0auf /tmp/var.dump /var DUMP: Date of this level 0 dump: Fri Oct 11 16:21:30 2013 DUMP: Date of last level 0 dump: the epoch DUMP: Dumping /dev/rsd0e (/var) to /tmp/var.dump DUMP: mapping (Pass I) [regular files] DUMP: mapping (Pass II) [directories] DUMP: estimated 107345 tape blocks. DUMP: Volume 1 started at: Fri Oct 11 16:21:35 2013 DUMP: dumping (Pass III) [directories] DUMP: dumping (Pass IV) [regular files] DUMP: 114670 tape blocks on 1 volume DUMP: Date of this level 0 dump: Fri Oct 11 16:21:30 2013 DUMP: Volume 1 completed at: Fri Oct 11 16:22:04 2013 DUMP: Volume 1 took 0:00:29 DUMP: Volume 1 transfer rate: 3954 KB/s DUMP: Date this dump completed: Fri Oct 11 16:22:04 2013 DUMP: Average transfer rate: 3954 KB/s DUMP: level 0 dump on Fri Oct 11 16:21:30 2013 DUMP: Closing /tmp/var.dump DUMP: DUMP IS DONE $ mount /dev/sd0a on / type ffs (local) /dev/sd0g on /home type ffs (local, nodev, nosuid) /dev/sd0d on /tmp type ffs (local, nodev, nosuid) /dev/sd0f on /usr type ffs (local, nodev) /dev/sd0e on /var type ffs (local, nodev, nosuid) Now on the other one: $ id uid=1003(backup) gid=1003(backup) groups=1003(backup), 5(operator) $ /sbin/dump -0auf /tmp/var.dump /var DUMP: Ignoring u flag for subdir dump DUMP: Dumping sub files/directories from / DUMP: Dumping file/directory /var DUMP: Date of this level 0 dump: Fri Oct 11 16:22:57 2013 DUMP: Date of last level 0 dump: the epoch DUMP: Dumping /dev/rsd0a (/) to /tmp/var.dump DUMP: mapping (Pass I) [regular files] DUMP: Can't fts_read /var/audit: Permission denied DUMP: Can't fts_read /var/authpf: Permission denied DUMP: Can't fts_read /var/backups: Permission denied DUMP: Can't fts_read /var/crash: Permission denied DUMP: Can't fts_read /var/cron/atjobs: Permission denied DUMP: Can't fts_read /var/cron/tabs: Permission denied DUMP: Can't fts_read /var/db/ldap: Permission denied DUMP: Can't fts_read /var/db/pkg/libart-2.3.21: Permission denied DUMP: Can't fts_read /var/db/pkg/png-1.5.10: Permission denied DUMP: Can't fts_read /var/db/pkg/rrdtool-1.2.30p3: Permission denied DUMP: Can't fts_read /var/db/pkg/symon-2.85: Permission denied DUMP: Can't fts_read /var/db/pkg/libxml-2.7.8p6: Permission denied DUMP: Can't fts_read /var/db/pkg/femail-0.98: Permission denied DUMP: Can't fts_read /var/db/pkg/femail-chroot-0.98p1: Permission denied [snip] DUMP: Can't fts_read /var/postfix: Permission denied DUMP: mapping (Pass II) [directories] DUMP: estimated 68170 tape blocks. DUMP: Volume 1 started at: Fri Oct 11 16:22:57 2013 DUMP: dumping (Pass III) [directories] DUMP: dumping (Pass IV) [regular files] DUMP: 68342 tape blocks on 1 volume DUMP: Date of this level 0 dump: Fri Oct 11 16:22:57 2013 DUMP: Volume 1 completed at: Fri Oct 11 16:23:06 2013 DUMP: Volume 1 took 0:00:09 DUMP: Volume 1 transfer rate: 7593 KB/s DUMP: Date this dump completed: Fri Oct 11 16:23:06 2013 DUMP: Average transfer rate: 7593 KB/s DUMP: Closing /tmp/var.dump DUMP: DUMP IS DONE $ mount /dev/sd0a on / type ffs (local) So that pertains 1). > 2) a mountpoint, I suspect the underlying device node is accessed to make the > backup. > > Guess what ? > > $ ls -l /dev/sd0a > brw-r----- 1 root operator 4, 0 May 7 19:13 /dev/sd0a > > AFAICT device nodes are readable by the operator group an thus can be backed > up by members of that group. > > To the best of my knowledge dump can be used to backup whole filesystems by > accessing them through the underlying device node as a member of the operator > group. Now that you explained it like that, I can see what's happening. It works when there is a partition because of the permissions of the device itself and not of the filesystem. Thank you! cheers, --rodolfo
