Re: The Coyote Den AMANDA MAIL REPORT FOR BogusMonth 0, 0
On Wednesday 30 September 2009, Gene Heskett wrote: On Tuesday 29 September 2009, Dustin J. Mitchell wrote: On Fri, Sep 25, 2009 at 4:41 PM, Gene Heskett gene.hesk...@verizon.net wrote: Ok, I'll be watching the (e)mailbox. :) OK, revision 2148 should have fixed this, and should be in last night's snapshot. I'm sorry it took so long -- it was a simple fix :) Dustin I have a few minutes before the run so I'll give the *29 version a try tonight. Its building now. And I'm going to make my vtape about 90Gb so it can do it all in one swell foop. And it all failed, same as before, snipped from the email it sent: dumper: FATAL euid (500) does not match uid (0); is this program setuid- root when it shouldn't be? dumper: FATAL euid (500) does not match uid (0); is this program setuid- root when it shouldn't be? driver: FATAL reading result from dumper0: Connection reset by peer chunker: FATAL startup_chunker failed: error accepting stream: Connection timed out Back to the 0831 version. :) -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp Mal: Listen, if you got guests, I can come back later. --Episode #10, War Stories
Re: The Coyote Den AMANDA MAIL REPORT FOR BogusMonth 0, 0
On Wed, Sep 30, 2009 at 12:06 AM, Gene Heskett gene.hesk...@verizon.net wrote: How am I supposed to be able to run it from a cron launched script if somebody has to be there to Press enter when ready? This issue of interactivity has been a sore spot for a while now, with no good solution. As for the continued permissions failures -- I got the same thing today. I thought you had said the amdumps were working fine, so I didn't wait for my nightly amdump to run. But sure enough I have the same errors you do this morning. I also noticed that this permissions fix has broken ssh auth. Dustin -- Open Source Storage Engineer http://www.zmanda.com
Re: Tapes are not filled up
Msiipola, Try with 'taperflush 100' Jean-Louis Msiipola wrote: I' trying to utilize tapes better by using a holdingdisk and by setting i amanda.conf: flush-threshold-dumped 100 flush-threshold-scheduled 100 taperflush 0 But looks like amanda does not take any notice about these settings. Instead a dump is done to tape every time amdump is executed. Any ideas what's wrong? In the amanda.conf I have: flush-threshold-dumped 100 flush-threshold-scheduled 100 taperflush 0 Mail log from amdump: Hostname: backup Org : HiQ Config : daily Date: September 28, 2009 These dumps were to tape HIQ-10. The next 2 tapes Amanda expects to use are: HIQ-11, HIQ-12. STATISTICS: Total Full Incr. Estimate Time (hrs:min)0:35 Run Time (hrs:min) 2:28 Dump Time (hrs:min)1:34 0:01 1:33 Output Size (meg) 49867.4 1154.748712.7 Original Size (meg) 49867.4 1154.748712.7 Avg Compressed Size (%) -- -- --(level:#disks ...) Filesystems Dumped7 4 3 (1:3) Avg Dump Rate (k/s) 9037.222907.4 8909.4 Tape Time (hrs:min)0:15 0:00 0:14 Tape Size (meg) 49867.4 1154.748712.7 Tape Used (%) 12.50.3 12.2 (level:#disks ...) Filesystems Taped 7 4 3 (1:3) (level:#chunks ...) Chunks Taped 7 4 3 (1:3) Avg Tp Write Rate (k/s) 58337.251128.258532.8 USAGE BY TAPE: LabelTime Size %NbNc HIQ-10 0:15 51064180K 12.5 7 7 NOTES: planner: tapecycle (13) = runspercycle (28) planner: Last full dump of backup.mod.fus39a:/space/rsync_copy/hiq on tape HIQ-7 overwritten in 5 runs. planner: Last full dump of backup.mod.fus39a:/space/rsync_copy/sim on tape HIQ-3 overwritten in 3 runs. planner: Last full dump of backup.mod.fus39a:/space/rsync_copy/usr on tape HIQ-5 overwritten in 4 runs. planner: Full dump of backup.mod.fus39a:/usr/local promoted from 27 days ahead. planner: Full dump of backup.mod.fus39a:/var/log promoted from 27 days ahead. planner: Full dump of backup.mod.fus39a:/home promoted from 27 days ahead. planner: Full dump of backup.mod.fus39a:/etc promoted from 27 days ahead. taper: tape HIQ-10 kb 51064180 fm 7 [OK] big estimate: backup.mod.fus39a /space/rsync_copy/hiq 1 est: 2748480Kout 1881010K big estimate: backup.mod.fus39a /space/rsync_copy/sim 1 est: 1160992Kout 606740K DUMP SUMMARY: DUMPER STATS TAPER STATS HOSTNAME DISKL ORIG-KB OUT-KB COMP% MMM:SS KB/s MMM:SS KB/s -- - - backup.mod.f /etc0 29190 29190-- 0:08 3817.7 0:01 53167.8 backup.mod.f /home 0 433880 433880-- 0:16 27856.9 0:07 64317.7 backup.mod.f -c_copy/hiq 1 1881010 1881010--22:21 1403.0 0:41 46212.6 backup.mod.f -c_copy/sim 1 606740 606740--12:46 791.6 0:10 60737.3 backup.mod.f -c_copy/usr 1 47394020 47394020--58:12 13573.7 13:22 59131.0 backup.mod.f /usr/local 0 681920 681920-- 0:27 25447.3 0:15 44605.7 backup.mod.f /var/log0 37420 37420-- 0:02 23400.6 0:01 68816.2 (brought to you by Amanda version 2.6.1)
Re: The Coyote Den AMANDA MAIL REPORT FOR BogusMonth 0, 0
On Wednesday 30 September 2009, Dustin J. Mitchell wrote: On Wed, Sep 30, 2009 at 12:06 AM, Gene Heskett gene.hesk...@verizon.net wrote: How am I supposed to be able to run it from a cron launched script if somebody has to be there to Press enter when ready? This issue of interactivity has been a sore spot for a while now, with no good solution. It needs a just do it option. As you can see, it does find the correct, last recorded 'tape', to verify. No reason it can't just go do it. I found where the trailing numbers were coming from, at one time, when I wrote the script, it needed the tape number, 2 in that instant case, and the runtapes value, 1 in my case, and my script passes them as args 1 and 2. Now it appears to just ignore them. As for the continued permissions failures -- I got the same thing today. I thought you had said the amdumps No, I said amcheck's were fine I believe. were working fine, so I didn't wait for my nightly amdump to run. But sure enough I have the same errors you do this morning. I also noticed that this permissions fix has broken ssh auth. Oh Goody, NOT! But I didn't notice that as I'm using auth=bsd. I have catchup running, but in 3+ hours it has only done 2 of the seven I told it too. I have another problem too, but I'll start a fresh thread for that. Dustin -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp If someone says he will do something without fail, he won't.
Re: hard coded limit REP_TIMEOUT of 6hrs in amandad-src/amandad.c
Jean-Francois Malouin wrote: * Dustin J. Mitchell dus...@zmanda.com [20090908 13:08]: On Tue, Sep 8, 2009 at 12:03 PM, Jean-Francois Malouinma...@bic.mni.mcgill.ca wrote: Hmmm, more than a week now and no replies. So I'll attempt to fix it myself: just to be on the safe side, any adverse effect to just bump up REP_TIMEOUT to, say 10hrs? Sorry, I thought I replied, but what I meant to say was essentially: yes, that sounds like something to fix :) As long as the client will die if the TCP connection goes away, I would prefer to get rid of the timeout altogether. These long enough timeouts are really only relevant for UDP, where the OS doesn't notify us of a lost connection (since there is no connection). I'm reviving this thread as I got hit again last night on a server running 2.6.1p1 that I reinstalled with REP_TIMEOUT=(12*60*60) ie, 12hrs. I'm still getting 6hrs timeouts on some DLEs: planner: [disk /raid/nih, all estimate timed out] REP_TIMEOUT is a client timeout, It must be configured on the client. You can also use estimate server, less precise estimate but a lot faster. Jean-Louis
New machine fails, all e stimates missing.
Greetings; I am trying to add a kubuntu-6.06 machine, on which I have installed via apt- get, the amanda-client and related debs. One dependency that apt-get didn't pull in was xinetd, but that's now installed and an amanda file added to /etc/xinetd.d. Amcheck, done from this machine is happy, but when the backup runs, the runtar log file on that machine reports this: --- runtar: debug 1 pid 12192 ruid 1001 euid 0: start at Wed Sep 30 10:17:57 2009 /bin/tar: version 2.4.5p1 runtar: error [must be invoked by amanda] runtar: pid 12192 finish time Wed Sep 30 10:17:57 2009 -- Now, probably an attack of dumbass on my part, I couldn't figure out how amanda stuff was to be executed as having a backup:backup ownership, so I made it all, except for runtar, owned by amanda:disk, runtar is root:disk, has the suid things set, and the binary edited to replace the string 'backup' in it with the string 'amanda', same number of chars so I did it with vim. I _think_ it is being run by amanda, here is that amanda file from the xinetd.d directory: -- # default on # description: The amanda service service amanda { only_from = coyote.coyote.den socket = dgram protocol= udp wait= yes user= amanda group = disk groups = yes server = /usr/lib/amanda/amandad server_args =-auth=bsd amdump amindexd amidxtaped disable = no } The amanda user has been added, and /etc/group made to match what has worked for many years on this machine, so it all should be running as amanda, who is a member of group disk. And xinetd has been restarted several times. What might I have missed? Or should I edit the above file to put the user:group back to 'backup' and reinstall the amanda-client? Or nuke the debs and build from a recent tarball? FWIW, packaging system constraints are a PIMA. :) -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp If bankers can count, how come they have eight windows and only four tellers?
Re: globbing
Brian Cuttler wrote: Using amanda 2.6.1 on Solaris 10 (server x86, client Sparc) I currently have entries in the disklist like these, currently there are 55+ entries. finsen /export/home/agaupelzfs-snapshot finsen /export/home/along zfs-snapshot finsen /export/home/amanda zfs-snapshot finsen /export/home/bhowland zfs-snapshot finsen /export/home/brainard zfs-snapshot finsen /export/home/cbryantzfs-snapshot finsen /export/home/cchen zfs-snapshot finsen /export/home/dkim zfs-snapshot finsen /export/home/dmullerzfs-snapshot Each user directory is its own zfs mount point. Can I successfully replace them with entries like this ? I think this will do what I think it does, because I do it on other machines, but the zfs-snapshot is a new addition to this structure. finsen /export/home-A /export/home { zfs-snapshot include ./[a]* } finsen /export/home-B /export/home { zfs-snapshot include ./[b]* } This will create two snapshot of /export/home, if they include the subdirs, then it should works. It must be tried. Jean-Louis
user amanda on server, user backup on client, access denied to ama...@coyote.coyote.den
Greetings; I just nuked the amanda install, then re-installed on that box, so now everything is as user:group=root:root except the runtar related stuffs. From that install, an ls -la of /usr/lib/amanda: total 204 drwxr-xr-x 2 root root4096 2009-09-30 22:14 . drwxr-xr-x 115 root root 45056 2009-09-30 22:14 .. -rwxr-xr-x 1 root root 15000 2005-12-31 09:48 amandad -rwxr-xr-x 1 root root5068 2005-12-31 09:48 amqde -rwxr-xr-x 1 root root9816 2005-12-31 09:48 calcsize -rwsr-xr-- 1 root backup 5224 2005-12-31 09:48 killpgrp -rwxr-xr-x 1 root root4810 2005-12-31 09:48 patch-system -rwsr-xr-- 1 root backup 4628 2005-12-31 09:48 rundump -rwsr-xr-- 1 root backup 4928 2005-12-31 09:48 runtar -rwxr-xr-x 1 root root 18096 2005-12-31 09:48 selfcheck -rwxr-xr-x 1 root root 32008 2005-12-31 09:48 sendbackup -rwxr-xr-x 1 root root 30712 2005-12-31 09:48 sendsize -rwxr-xr-x 1 root root3084 2005-12-31 09:48 versionsuffix And that looks scary as hell to me in terms of security. But who knows just how the hell they cram amanda into a deb. So I give up, add a user backup, and change everything in a parallel configuration directory to be backup instead of amanda. So, my question then since the runtar log generated by my running an su amanda -c amcheck Shop if the user is amanda gets me this: -- runtar: debug 1 pid 5864 ruid 0 euid 34: start at Wed Sep 30 22:10:47 2009 /usr/lib/amanda/runtar: version 2.4.5p1 runtar: error [must be invoked by backup] runtar: pid 5864 finish time Wed Sep 30 22:10:47 2009 --- So, making all instances of the user amanda into backup in the config and a few other changes: -- [r...@coyote Shop]# su backup -c amcheck Shop bash: /usr/local/sbin/amcheck: Permission denied --- So, I add backup to the disk string in group, and disk to the backup entry in group, and get this: - r...@coyote etc]# su backup -c amcheck Shop amcheck: critical (fatal): create debug directory /tmp/amanda-dbg//server/: Permission denied amcheck: create debug directory /tmp/amanda-dbg//server/: Permission denied /usr/local/lib/amanda/libamanda-2.6.2alpha-20090831.so[0xb7e80c66] /lib/libglib-2.0.so.0(g_logv+0x26f)[0x4f9a527f] /lib/libglib-2.0.so.0(g_log+0x26)[0x4f9a5626] /usr/local/lib/amanda/libamanda-2.6.2alpha-20090831.so[0xb7e8011c] /usr/local/lib/amanda/libamanda-2.6.2alpha-20090831.so(debug_open+0x52) [0xb7e807e2] amcheck(main+0x95)[0x8050435] /lib/libc.so.6(__libc_start_main+0xe5)[0x4523c6e5] amcheck[0x804a2f1] -- Which looks like it gives a lot of stuff a bellyache. Is there a way to use both 'amanda' as the local user, and 'backup' for the user going out on le0, or how can I widen the perms, hummm, change the damned /tmp path to /tmp/backup give it its own perms maybe. Except its trying to make the subdirs in /tmp/amanda, which are quite restricted access. So that's a non starter. And all I really wanted to do was to add 4 entrys in the 'Daily' disklist to pickup the emc related stuff from my milling machine, but I had NDI it would be a 2 week job its still not working. Discouraging to say the least. -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp Look afar and see the end from the beginning.
Re: user amanda on server, user backup on client, access denied to ama...@coyote.coyote.den
On Wed, Sep 30, 2009 at 10:46 PM, Gene Heskett gene.hesk...@verizon.net wrote: I just nuked the amanda install, then re-installed on that box, so now everything is as user:group=root:root except the runtar related stuffs. I'm so confused -- is this related to the permissions work we've been doing? Because we didn't change ownership of anything (that's a packaging issue) or what's setuid and what's not.. Dusitn -- Open Source Storage Engineer http://www.zmanda.com
Re: user amanda on server, user backup on client, access denied to ama...@coyote.coyote.den
On Wednesday 30 September 2009, Dustin J. Mitchell wrote: On Wed, Sep 30, 2009 at 10:46 PM, Gene Heskett gene.hesk...@verizon.net wrote: I just nuked the amanda install, then re-installed on that box, so now everything is as user:group=root:root except the runtar related stuffs. I'm so confused -- is this related to the permissions work we've been doing? Because we didn't change ownership of anything (that's a packaging issue) or what's setuid and what's not.. Dusitn This is how it came out of the deb packages. I assume it worked, for *buntu's. So the problem now is how to specify that while the amanda user is named amanda on this box, the amanda user is named backup on that box. And apparently never the twain shall meet. :( -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp Military justice is to justice what military music is to music. -- Groucho Marx