Re: ERROR: u07: [access as amanda not allowed from amanda@u03] amandahostsauth failed
--On Wednesday, January 28, 2004 13:52:10 +0100 Eugen Leitl <[EMAIL PROTECTED]> wrote: > I'm trying to backup the machine u07 from u07 (the one with the tape drive). > > I'm getting a > > ash-2.00$ amcheck daily > Amanda Tape Server Host Check > - > Holding disk /Disk2/AMANDA: 3376999 KB disk space available, that's plenty > ERROR: cannot overwrite active tape DailySet101 > (expecting a new tape) > NOTE: skipping tape-writable test > NOTE: info dir /usr/adm/amanda/DailySet1/curinfo/u07: does not exist > NOTE: index dir /usr/adm/amanda/DailySet1/index/u07: does not exist > Server check took 0.117 seconds > > Amanda Backup Client Hosts Check > > ERROR: u07: [access as amanda not allowed from [EMAIL PROTECTED] amandahostsauth > failed > Client check: 2 hosts checked in 1.405 seconds, 1 problem found > > (brought to you by Amanda 2.4.4p1) > > > I have a line for the amanda users in .amandahosts on u03: > u07 amanda You need a line for the server in the .amandahosts on the client, so in your case need the following line in your .amandahosts on u07: u03 amanda Frank > and on u07 in /etc/services: > > amanda 10080/udp # amanda > > I have the following debug info on u07 in /tmp/amanda: > bash-2.03$ cat /tmp/amanda/amandad.20040128135031.debug > amandad: debug 1 pid 6646 ruid 400 euid 400: start at Wed Jan 28 13:50:31 2004 > amandad: version 2.4.4p1 > amandad: build: VERSION="Amanda-2.4.4p1" > amandad:BUILT_DATE="Fri Nov 28 18:42:47 WET 2003" > amandad:BUILT_MACH="SunOS u07 5.8 Generic_108528-13 sun4u sparc > SUNW,UltraAX-i2 Solaris" > amandad:CC="gcc" > amandad:CONFIGURE_COMMAND="'./configure' '--with-user=amanda' > '--with-group=sys'" > amandad: paths: bindir="/usr/local/bin" sbindir="/usr/local/sbin" > amandad:libexecdir="/usr/local/libexec" mandir="/usr/local/man" > amandad:AMANDA_TMPDIR="/tmp/amanda" AMANDA_DBGDIR="/tmp/amanda" > amandad:CONFIG_DIR="/usr/local/etc/amanda" DEV_PREFIX="/dev/dsk/" > amandad:RDEV_PREFIX="/dev/rdsk/" DUMP="/usr/sbin/ufsdump" > amandad:RESTORE="/usr/sbin/ufsrestore" GNUTAR="/usr/local/bin/tar" > amandad:COMPRESS_PATH="/usr/local/bin/gzip" > amandad:UNCOMPRESS_PATH="/usr/local/bin/gzip" > amandad:MAILER="/usr/ucb/Mail" > amandad:listed_incr_dir="/usr/local/var/amanda/gnutar-lists" > amandad: defs: DEFAULT_SERVER="u07" DEFAULT_CONFIG="DailySet1" > amandad:DEFAULT_TAPE_SERVER="u07" DEFAULT_TAPE_DEVICE="/dev/null" > amandad:HAVE_MMAP HAVE_SYSVSHM LOCKING=POSIX_FCNTL SETPGRP_VOID > amandad:DEBUG_CODE AMANDA_DEBUG_DAYS=4 BSD_SECURITY USE_AMANDAHOSTS > amandad:CLIENT_LOGIN="amanda" FORCE_USERID HAVE_GZIP > amandad:COMPRESS_SUFFIX=".gz" COMPRESS_FAST_OPT="--fast" > amandad:COMPRESS_BEST_OPT="--best" UNCOMPRESS_OPT="-dc" > amandad: time 0.000: got packet: > > Amanda 2.4 REQ HANDLE 001-0003EF18 SEQ 1075294975 > SECURITY USER amanda > SERVICE noop > OPTIONS features=feff9ffe0f; > > > amandad: time 0.000: sending ack: > > Amanda 2.4 ACK HANDLE 001-0003EF18 SEQ 1075294975 > > > amandad: time 0.002: bsd security: remote host u03 user amanda local user amanda > amandad: time 0.002: check failed: [access as amanda not allowed from [EMAIL > PROTECTED] amandahostsauth failed > amandad: time 0.002: sending REP packet: > > Amanda 2.4 REP HANDLE 001-0003EF18 SEQ 1075294975 > ERROR [access as amanda not allowed from [EMAIL PROTECTED] amandahostsauth failed > > > amandad: time 0.004: got packet: > > Amanda 2.4 ACK HANDLE 001-0003EF18 SEQ 1075294975 > > > amandad: time 0.004: pid 6646 finish time Wed Jan 28 13:50:31 2004
Re: Ramifications of dump cycle and number of tapes choices
On Wednesday 28 January 2004 16:22, Georg Rehfeld wrote: >Hi, Thanks Georg. Someone else had explained it to me also, but this a actually a bit clearer an explanation, thanks. >though the question is fairly old I found the answer just now: > >Gene Heskett wrote: >> I've got a silly Q myself over this one, and the man page is no >> help for this. But what does it mean when out in the future tense >> columns, one gets an 01 or a 10 or a 1E. Samples from the rather >> lengthy report on my system with 58 LDE's: >> --- >> date 12 12 12 12 12 12 12 12 12 12 12 01 >> 01 01 01 01 01 01 01 01 01 01 01 01 host disk >> 21 22 23 24 25 26 27 28 29 30 31 01 02 03 04 05 06 07 08 09 10 11 >> 12 13 coyote /dos 1 1 1 1 1 1 1 0 1 1 >> 1 0 0 1 1 1 1 1 1 1 0 01 1 0 coyote /etc >> 1 1 1 1 1 1 1 0 1 1 1 0 1 1 0 1 1 1 1 1 1 >> 01 1 1 coyote /lib 1 1 1 1 1 0 1 1 1 >> 1 1 1 1 0 1 1 1 1 1 1 1 10 1 1 coyote /misc/deb1 >> 1 1 1 1 0 1 1 1 1 1 1 1 1 0 1 1 1 1 1 1 >> 1 1E 1 1 coyote /misc/deb81 1 1 1 1 0 1 1 >> 1 1 1 1 1 0 1 1 1 1 1 1 1 10 1 1 coyote >> /misc/fedora/disk31 1 1 1 1 0 1 1 1 1 1 1 1 0 1 >> 1 1 1 1 1 1 10 1 1 coyote /rh8.0disks/disk3 1 1 1 >> 1 1 1 0 1 1 1 1 1 1 1 0 1 1 1 1 1 1 01 1 1 >> coyote /root 1 1 1 2 2 0 1 1 1 1 2 2 >> 2 0 1 1 1 1 2 2 2 10 0 1 coyote /sbin >> 0 1 1 1 1 1 1 1 0 1 1 0 1 1 0 1 1 1 1 1 1 01 >> 1 1 --- >> The odd numbers are all in that same column, these culled from >> the report I get here. Also, >> dumpcycle=8, runspercycle=8, tapecycle=28, runtapes=1 ATM. > >tense columns mean: amdump ran more than once that day. And 'E' > stands for an error. Thus on the 11th Jan amdump ran twice (maybe > one started at 00:01 and the other at 23:59), DLE coyote:/misc/deb1 > was dumped at level 1 and then had an error on the 2nd dump. > >regards > >Georg -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) 99.22% setiathome rank, not too shabby for a WV hillbilly Yahoo.com attornies please note, additions to this message by Gene Heskett are: Copyright 2004 by Maurice Eugene Heskett, all rights reserved.
Re: Kerberos 5 support?
it should be conceptually fairly easy to add krb5 (hopefully gssapi, actually) code to parallel the krb4 support. the hard part is that there can be more than one enctype, but we could force 3des. gsswrap will be unusable due to the err interesting scheme the krb4 stuff uses. -- Greg Troxel <[EMAIL PROTECTED]>
ERROR: u07: [access as amanda not allowed from amanda@u03] amandahostsauth failed
I'm trying to backup the machine u07 from u07 (the one with the tape drive). I'm getting a ash-2.00$ amcheck daily Amanda Tape Server Host Check - Holding disk /Disk2/AMANDA: 3376999 KB disk space available, that's plenty ERROR: cannot overwrite active tape DailySet101 (expecting a new tape) NOTE: skipping tape-writable test NOTE: info dir /usr/adm/amanda/DailySet1/curinfo/u07: does not exist NOTE: index dir /usr/adm/amanda/DailySet1/index/u07: does not exist Server check took 0.117 seconds Amanda Backup Client Hosts Check ERROR: u07: [access as amanda not allowed from [EMAIL PROTECTED] amandahostsauth failed Client check: 2 hosts checked in 1.405 seconds, 1 problem found (brought to you by Amanda 2.4.4p1) I have a line for the amanda users in .amandahosts on u03: u07 amanda and on u07 in /etc/services: amanda 10080/udp # amanda I have the following debug info on u07 in /tmp/amanda: bash-2.03$ cat /tmp/amanda/amandad.20040128135031.debug amandad: debug 1 pid 6646 ruid 400 euid 400: start at Wed Jan 28 13:50:31 2004 amandad: version 2.4.4p1 amandad: build: VERSION="Amanda-2.4.4p1" amandad:BUILT_DATE="Fri Nov 28 18:42:47 WET 2003" amandad:BUILT_MACH="SunOS u07 5.8 Generic_108528-13 sun4u sparc SUNW,UltraAX-i2 Solaris" amandad:CC="gcc" amandad:CONFIGURE_COMMAND="'./configure' '--with-user=amanda' '--with-group=sys'" amandad: paths: bindir="/usr/local/bin" sbindir="/usr/local/sbin" amandad:libexecdir="/usr/local/libexec" mandir="/usr/local/man" amandad:AMANDA_TMPDIR="/tmp/amanda" AMANDA_DBGDIR="/tmp/amanda" amandad:CONFIG_DIR="/usr/local/etc/amanda" DEV_PREFIX="/dev/dsk/" amandad:RDEV_PREFIX="/dev/rdsk/" DUMP="/usr/sbin/ufsdump" amandad:RESTORE="/usr/sbin/ufsrestore" GNUTAR="/usr/local/bin/tar" amandad:COMPRESS_PATH="/usr/local/bin/gzip" amandad:UNCOMPRESS_PATH="/usr/local/bin/gzip" amandad:MAILER="/usr/ucb/Mail" amandad:listed_incr_dir="/usr/local/var/amanda/gnutar-lists" amandad: defs: DEFAULT_SERVER="u07" DEFAULT_CONFIG="DailySet1" amandad:DEFAULT_TAPE_SERVER="u07" DEFAULT_TAPE_DEVICE="/dev/null" amandad:HAVE_MMAP HAVE_SYSVSHM LOCKING=POSIX_FCNTL SETPGRP_VOID amandad:DEBUG_CODE AMANDA_DEBUG_DAYS=4 BSD_SECURITY USE_AMANDAHOSTS amandad:CLIENT_LOGIN="amanda" FORCE_USERID HAVE_GZIP amandad:COMPRESS_SUFFIX=".gz" COMPRESS_FAST_OPT="--fast" amandad:COMPRESS_BEST_OPT="--best" UNCOMPRESS_OPT="-dc" amandad: time 0.000: got packet: Amanda 2.4 REQ HANDLE 001-0003EF18 SEQ 1075294975 SECURITY USER amanda SERVICE noop OPTIONS features=feff9ffe0f; amandad: time 0.000: sending ack: Amanda 2.4 ACK HANDLE 001-0003EF18 SEQ 1075294975 amandad: time 0.002: bsd security: remote host u03 user amanda local user amanda amandad: time 0.002: check failed: [access as amanda not allowed from [EMAIL PROTECTED] amandahostsauth failed amandad: time 0.002: sending REP packet: Amanda 2.4 REP HANDLE 001-0003EF18 SEQ 1075294975 ERROR [access as amanda not allowed from [EMAIL PROTECTED] amandahostsauth failed amandad: time 0.004: got packet: Amanda 2.4 ACK HANDLE 001-0003EF18 SEQ 1075294975 amandad: time 0.004: pid 6646 finish time Wed Jan 28 13:50:31 2004
Re: Ramifications of dump cycle and number of tapes choices
Hi, though the question is fairly old I found the answer just now: Gene Heskett wrote: I've got a silly Q myself over this one, and the man page is no help for this. But what does it mean when out in the future tense columns, one gets an 01 or a 10 or a 1E. Samples from the rather lengthy report on my system with 58 LDE's: --- date 12 12 12 12 12 12 12 12 12 12 12 01 01 01 01 01 01 01 01 01 01 01 01 01 host disk 21 22 23 24 25 26 27 28 29 30 31 01 02 03 04 05 06 07 08 09 10 11 12 13 coyote /dos 1 1 1 1 1 1 1 0 1 1 1 0 0 1 1 1 1 1 1 1 0 01 1 0 coyote /etc 1 1 1 1 1 1 1 0 1 1 1 0 1 1 0 1 1 1 1 1 1 01 1 1 coyote /lib 1 1 1 1 1 0 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 10 1 1 coyote /misc/deb11 1 1 1 0 1 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 1E 1 1 coyote /misc/deb81 1 1 1 1 0 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 10 1 1 coyote /misc/fedora/disk31 1 1 1 1 0 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 10 1 1 coyote /rh8.0disks/disk3 1 1 1 1 1 1 0 1 1 1 1 1 1 1 0 1 1 1 1 1 1 01 1 1 coyote /root 1 1 1 2 2 0 1 1 1 1 2 2 2 0 1 1 1 1 2 2 2 10 0 1 coyote /sbin 0 1 1 1 1 1 1 1 0 1 1 0 1 1 0 1 1 1 1 1 1 01 1 1 --- The odd numbers are all in that same column, these culled from the report I get here. Also, dumpcycle=8, runspercycle=8, tapecycle=28, runtapes=1 ATM. tense columns mean: amdump ran more than once that day. And 'E' stands for an error. Thus on the 11th Jan amdump ran twice (maybe one started at 00:01 and the other at 23:59), DLE coyote:/misc/deb1 was dumped at level 1 and then had an error on the 2nd dump. regards Georg -- ___ ___ | + | |__Georg Rehfeld Woltmanstr. 12 20097 Hamburg |_|_\ |___ [EMAIL PROTECTED]+49 (40) 23 53 27 10
Kerberos 5 support?
Is this being worked on and likely to happen anytime in the reasonably near future? I really don't want to punch holes in my firewall if I don't have to :) Thanks, -- Seeya, Paul GPG Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE If you're not having fun, you're not doing it right!
Re: Can't open exclude file ???
On Wed, Jan 28, 2004 at 10:39:20AM -0600, Michael D Schleif wrote: > * Jon LaBadie <[EMAIL PROTECTED]> [2004:01:28:11:08:19-0500] scribed: > > On Wed, Jan 28, 2004 at 09:52:41AM -0600, Michael D Schleif wrote: > > > ># ls -adl /usr/local/home/mds/mail >drwxr-xr-x 19 mds mds 4096 Jan 28 10:29 /usr/local/home/mds/mail > > This allows amcheck to run _without_ errors, even _without_ > /usr/local/home/mds/mail/.amanda.excludes , which is what I wanted. > > Nonetheless, I remain confused, since conf uses: > >exclude list optional ".amanda.excludes" > > So, even though it is `optional', amcheck *must* have permissions > adequate to see whether or not the `optional' file exists? > > Would that condition impact the actual backup itself? Or, since it runs > as superuser, it would have access to the exclude file, and everything > would be OK? > > Am I getting closer to understanding this? Yes, JLM pointed out another thing I did not know. amcheck does not consider it an error for the file to not exist, it is listed as "optional". But amcheck does consider it an error if the file has the wrong permissions or if it is unable to determine if it exists. The latter was your problem. amcheck could not determine if there was a good exclude file (or none) in the mail directory. It did not have permission to visit the directory. -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road(609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)
Re: Can't open exclude file ???
* Jon LaBadie <[EMAIL PROTECTED]> [2004:01:28:11:08:19-0500] scribed: > On Wed, Jan 28, 2004 at 09:52:41AM -0600, Michael D Schleif wrote: > > Ironically, I do _not_ need any exclude file for this DLE. Initially, I > > did not have any exclude file, and amcheck issued the _same_ error. > > Then, I touched an empty exclude file, resulting in the same error. For > > my original post, I included two temporary directories in the exclude > > file. > > > > Regarding perms: > > > ># ls -adl /usr > >drwxr-xr-x 16 root root 4096 Oct 6 14:15 /usr > > > ># ls -adl /usr/local/home > >drwxrwsr-x7 root staff4096 Jan 16 21:17 /usr/local/home > > > ># ls -adl /usr/local/home/mds > >drwxr-xr-x 44 mds mds 8192 Jan 28 09:07 /usr/local/home/mds > > > ># ls -adl /usr/local/home/mds/mail > >drwx-- 19 mds mds 4096 Jan 28 01:00 /usr/local/home/mds/mail > ^^ > > When amcheck looks for the exclude file, unless it is running with root privleges > or as mds, it will not be able to visit this directory. During the amcheck run > your host is both server and client. When amcheck goes out to the client, it loses > its root privleges and runs as the amanda user. For this one you may need to > put the exclude file somewhere else the amanda user can visit and specify an > absolute directory path to the file. OK, now it makes sense to me -- mostly. I have reviewed my permission requirements, and I can live with this: # ls -adl /usr/local/home/mds/mail drwxr-xr-x 19 mds mds 4096 Jan 28 10:29 /usr/local/home/mds/mail This allows amcheck to run _without_ errors, even _without_ /usr/local/home/mds/mail/.amanda.excludes , which is what I wanted. Nonetheless, I remain confused, since conf uses: exclude list optional ".amanda.excludes" So, even though it is `optional', amcheck *must* have permissions adequate to see whether or not the `optional' file exists? Would that condition impact the actual backup itself? Or, since it runs as superuser, it would have access to the exclude file, and everything would be OK? Am I getting closer to understanding this? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: amcheck privileges (Was Re: Can't open exclude file ???)
selfcheck, sendsize and sendbackup are run on client as the amanda user. They have the same permission. It's only the backup program that is sometime run as root. Jean-Louis On Wed, Jan 28, 2004 at 10:04:26AM -0600, Frank Smith wrote: > --On Wednesday, January 28, 2004 10:28:28 -0500 Jon LaBadie <[EMAIL PROTECTED]> > wrote: > > > > > > IIRC, amcheck does not run with the same root permissions as amdump. > > Thus it may not be able to get to the excluce file during an amcheck. > > > > >From my experience this is indeed true. This makes the amcheck email > more difficult to deal with, since it logs many errors of being unable > to read exclude files (which are read fine with amdump). >What is/was the reason behind this design decision? It seems like > the closer the behavior of amcheck is to amdump the more relevant its > output would be. > > Frank > > -- > Frank Smith [EMAIL PROTECTED] > Systems Administrator Voice: 512-374-4673 > Hoover's Online Fax: 512-374-4501
Re: Can't open exclude file ???
On Wed, Jan 28, 2004 at 09:52:41AM -0600, Michael D Schleif wrote: > * Jon LaBadie <[EMAIL PROTECTED]> [2004:01:28:10:28:28-0500] scribed: > > On Wed, Jan 28, 2004 at 09:07:34AM -0600, Michael D Schleif wrote: > > > > > Now, since this addition, I get this: > > > > > ># sudo -u backup amcheck DailySet1 -cltw > > >Amanda Tape Server Host Check > > >- > > >Holding disk /space: 3704388 KB disk space available, using 3704388 KB > > >Tape backup.015 is writable > > >Tape backup.015 label ok > > >Server check took 39.313 seconds > > > > > >Amanda Backup Client Hosts Check > > > > > >ERROR: bragi.private.network: [Can't open exclude file > > > '/usr/local/home/mds/mail/.amanda.excludes': Permission denied] > > >Client check: 2 hosts checked in 7.134 seconds, 1 problem found > > > > > >(brought to you by Amanda 2.4.4p1) > > > > Check the permissions on the mail directory, or possibly - but unlikely, > > the directories above it. > > > > IIRC, amcheck does not run with the same root permissions as amdump. > > Thus it may not be able to get to the excluce file during an amcheck. > > Ironically, I do _not_ need any exclude file for this DLE. Initially, I > did not have any exclude file, and amcheck issued the _same_ error. > Then, I touched an empty exclude file, resulting in the same error. For > my original post, I included two temporary directories in the exclude > file. > > Regarding perms: > ># ls -adl /usr >drwxr-xr-x 16 root root 4096 Oct 6 14:15 /usr > ># ls -adl /usr/local/home >drwxrwsr-x7 root staff4096 Jan 16 21:17 /usr/local/home > ># ls -adl /usr/local/home/mds >drwxr-xr-x 44 mds mds 8192 Jan 28 09:07 /usr/local/home/mds > ># ls -adl /usr/local/home/mds/mail >drwx-- 19 mds mds 4096 Jan 28 01:00 /usr/local/home/mds/mail ^^ When amcheck looks for the exclude file, unless it is running with root privleges or as mds, it will not be able to visit this directory. During the amcheck run your host is both server and client. When amcheck goes out to the client, it loses its root privleges and runs as the amanda user. For this one you may need to put the exclude file somewhere else the amanda user can visit and specify an absolute directory path to the file. -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road(609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)
Upgrade
Hi all, I have an installation where Amanda has been built by me (remember those annoying questions 'How do I execute scripts from within Amanda' last year ? ;-) ) I would like to upgrade to 2.4.4; is there anything I should keep in mind ? (I still have my 'original' config statement documented. ) TIA Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be
Re: Can't open exclude file ???
Hi, Amanda will always give an error if it can't access the exclude file unless it's a ENOENT (no such file) with the optional option. It's a configuration mistake, you told amanda to use a file and it can't check if the file exist. first solution: Change your DLE for this disk to remove the exclude command. second solution: Make sure amanda can access the /usr/local/home/mds/mail directory. Jean-Louis On Wed, Jan 28, 2004 at 09:52:41AM -0600, Michael D Schleif wrote: > * Jon LaBadie <[EMAIL PROTECTED]> [2004:01:28:10:28:28-0500] scribed: > > On Wed, Jan 28, 2004 at 09:07:34AM -0600, Michael D Schleif wrote: > > > > > Now, since this addition, I get this: > > > > > ># sudo -u backup amcheck DailySet1 -cltw > > >Amanda Tape Server Host Check > > >- > > >Holding disk /space: 3704388 KB disk space available, using 3704388 KB > > >Tape backup.015 is writable > > >Tape backup.015 label ok > > >Server check took 39.313 seconds > > > > > >Amanda Backup Client Hosts Check > > > > > >ERROR: bragi.private.network: [Can't open exclude file > > > '/usr/local/home/mds/mail/.amanda.excludes': Permission denied] > > >Client check: 2 hosts checked in 7.134 seconds, 1 problem found > > > > > >(brought to you by Amanda 2.4.4p1) > > > > Check the permissions on the mail directory, or possibly - but unlikely, > > the directories above it. > > > > IIRC, amcheck does not run with the same root permissions as amdump. > > Thus it may not be able to get to the excluce file during an amcheck. > > Ironically, I do _not_ need any exclude file for this DLE. Initially, I > did not have any exclude file, and amcheck issued the _same_ error. > Then, I touched an empty exclude file, resulting in the same error. For > my original post, I included two temporary directories in the exclude > file. > > Regarding perms: > ># ls -adl /usr >drwxr-xr-x 16 root root 4096 Oct 6 14:15 /usr > ># ls -adl /usr/local/home >drwxrwsr-x7 root staff4096 Jan 16 21:17 /usr/local/home > ># ls -adl /usr/local/home/mds >drwxr-xr-x 44 mds mds 8192 Jan 28 09:07 /usr/local/home/mds > ># ls -adl /usr/local/home/mds/mail >drwx-- 19 mds mds 4096 Jan 28 01:00 /usr/local/home/mds/mail > > Else? > > -- > Best Regards, > > mds > mds resource > 877.596.8237 > - > Dare to fix things before they break . . . > - > Our capacity for understanding is inversely proportional to how much > we think we know. The more I know, the more I know I don't know . . . > --
amcheck privileges (Was Re: Can't open exclude file ???)
--On Wednesday, January 28, 2004 10:28:28 -0500 Jon LaBadie <[EMAIL PROTECTED]> wrote: > > IIRC, amcheck does not run with the same root permissions as amdump. > Thus it may not be able to get to the excluce file during an amcheck. > >From my experience this is indeed true. This makes the amcheck email more difficult to deal with, since it logs many errors of being unable to read exclude files (which are read fine with amdump). What is/was the reason behind this design decision? It seems like the closer the behavior of amcheck is to amdump the more relevant its output would be. Frank -- Frank Smith [EMAIL PROTECTED] Systems Administrator Voice: 512-374-4673 Hoover's Online Fax: 512-374-4501
Re: Can't open exclude file ???
* Jon LaBadie <[EMAIL PROTECTED]> [2004:01:28:10:28:28-0500] scribed: > On Wed, Jan 28, 2004 at 09:07:34AM -0600, Michael D Schleif wrote: > > Now, since this addition, I get this: > > > ># sudo -u backup amcheck DailySet1 -cltw > >Amanda Tape Server Host Check > >- > >Holding disk /space: 3704388 KB disk space available, using 3704388 KB > >Tape backup.015 is writable > >Tape backup.015 label ok > >Server check took 39.313 seconds > > > >Amanda Backup Client Hosts Check > > > >ERROR: bragi.private.network: [Can't open exclude file > > '/usr/local/home/mds/mail/.amanda.excludes': Permission denied] > >Client check: 2 hosts checked in 7.134 seconds, 1 problem found > > > >(brought to you by Amanda 2.4.4p1) > Check the permissions on the mail directory, or possibly - but unlikely, > the directories above it. > > IIRC, amcheck does not run with the same root permissions as amdump. > Thus it may not be able to get to the excluce file during an amcheck. Ironically, I do _not_ need any exclude file for this DLE. Initially, I did not have any exclude file, and amcheck issued the _same_ error. Then, I touched an empty exclude file, resulting in the same error. For my original post, I included two temporary directories in the exclude file. Regarding perms: # ls -adl /usr drwxr-xr-x 16 root root 4096 Oct 6 14:15 /usr # ls -adl /usr/local/home drwxrwsr-x7 root staff4096 Jan 16 21:17 /usr/local/home # ls -adl /usr/local/home/mds drwxr-xr-x 44 mds mds 8192 Jan 28 09:07 /usr/local/home/mds # ls -adl /usr/local/home/mds/mail drwx-- 19 mds mds 4096 Jan 28 01:00 /usr/local/home/mds/mail Else? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: Can't open exclude file ???
On Wed, Jan 28, 2004 at 09:07:34AM -0600, Michael D Schleif wrote:
> This does *not* appear to be Gene's problem of several days ago.
>
> Yesterday, I reconfigured some disk, and reconfigured amanda to work
> with the disk changes.
>
> For nearly one year, I have used the following as a top level dumptype,
> from which all others inherit:
>
>define dumptype global {
>comment "dat tapedrive, gnu tar"
>compress none
>exclude list optional ".amanda.excludes"
>holdingdisk yes
>index yes
>priority medium
>program "GNUTAR"
>record yes
>}
>
> Notice the `exclude list optional' line.
>
> So, last night, I added the second line to the following:
>
>bragi.private.network / server-compress
>bragi.private.network /home/mds/mail important-fast-compress
>bragi.private.network /home/mds/tmp medium-fast-compress
>bragi.private.network /usr important-fast-compress
>
> Now, since this addition, I get this:
>
># sudo -u backup amcheck DailySet1 -cltw
>Amanda Tape Server Host Check
>-
>Holding disk /space: 3704388 KB disk space available, using 3704388 KB
>Tape backup.015 is writable
>Tape backup.015 label ok
>Server check took 39.313 seconds
>
>Amanda Backup Client Hosts Check
>
>ERROR: bragi.private.network: [Can't open exclude file
> '/usr/local/home/mds/mail/.amanda.excludes': Permission denied]
>Client check: 2 hosts checked in 7.134 seconds, 1 problem found
>
>(brought to you by Amanda 2.4.4p1)
>
>
> Notice the _working_ exclude under /usr:
>
># ls -l /usr/local/home/mds/mail/.amanda.excludes
>-rw---1 backup backup 59 Jan 28 01:00
> /usr/local/home/mds/mail/.amanda.excludes
>
># ls -l /usr/.amanda.excludes
>-rw---1 backup backup 23 Aug 4 09:33 /usr/.amanda.excludes
>
>
> When I comment OUT the `exclude list optional' line from conf, then I
> get *NO* amcheck errors -- which is what I did for last night's backup.
>
> What is the problem here?
>
> What is the solution to that problem?
>
> What do you think?
Check the permissions on the mail directory, or possibly - but unlikely,
the directories above it.
IIRC, amcheck does not run with the same root permissions as amdump.
Thus it may not be able to get to the excluce file during an amcheck.
--
Jon H. LaBadie [EMAIL PROTECTED]
JG Computing
4455 Province Line Road(609) 252-0159
Princeton, NJ 08540-4322 (609) 683-7220 (fax)
Can't open exclude file ???
This does *not* appear to be Gene's problem of several days ago.
Yesterday, I reconfigured some disk, and reconfigured amanda to work
with the disk changes.
For nearly one year, I have used the following as a top level dumptype,
from which all others inherit:
define dumptype global {
comment "dat tapedrive, gnu tar"
compress none
exclude list optional ".amanda.excludes"
holdingdisk yes
index yes
priority medium
program "GNUTAR"
record yes
}
Notice the `exclude list optional' line.
So, last night, I added the second line to the following:
bragi.private.network / server-compress
bragi.private.network /home/mds/mail important-fast-compress
bragi.private.network /home/mds/tmp medium-fast-compress
bragi.private.network /usr important-fast-compress
Now, since this addition, I get this:
# sudo -u backup amcheck DailySet1 -cltw
Amanda Tape Server Host Check
-
Holding disk /space: 3704388 KB disk space available, using 3704388 KB
Tape backup.015 is writable
Tape backup.015 label ok
Server check took 39.313 seconds
Amanda Backup Client Hosts Check
ERROR: bragi.private.network: [Can't open exclude file
'/usr/local/home/mds/mail/.amanda.excludes': Permission denied]
Client check: 2 hosts checked in 7.134 seconds, 1 problem found
(brought to you by Amanda 2.4.4p1)
Notice the _working_ exclude under /usr:
# ls -l /usr/local/home/mds/mail/.amanda.excludes
-rw---1 backup backup 59 Jan 28 01:00
/usr/local/home/mds/mail/.amanda.excludes
# ls -l /usr/.amanda.excludes
-rw---1 backup backup 23 Aug 4 09:33 /usr/.amanda.excludes
When I comment OUT the `exclude list optional' line from conf, then I
get *NO* amcheck errors -- which is what I did for last night's backup.
What is the problem here?
What is the solution to that problem?
What do you think?
--
Best Regards,
mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know. The more I know, the more I know I don't know . . .
--
signature.asc
Description: Digital signature
