Red Hat Bugzilla – Bug 20510
Amanda 'run-as' user 'operator' can't read own home directory
Last modified: 2008-05-01 11:37:59 EDT
When backing up a Red Hat 7 system from another machine, an entry must be made in .amandahosts in the home directory of the user amanda is configured to run as. As shipped, this user is 'operator', whose home directory is /root, which is owned root.root, mode 750, so the amanda system can't read the .amandahosts file and remote access is always denied.
Workaround: make /root mode 751 and the .amandahosts file mode 644 owned by root, be careful about all other files in /root
Suggested fix: change the amanda package to run as a user 'amanda' or 'amuser'
Note: this requires a rebuild as there are a couple of setuid-root binaries with amanda that check the real UID they were invoked as and refuse to run if this is not correct.
Also, amanda runs as user operator, who is a member of group disk.
xinetd broke this. I needed to add group=disk to xinetd.d/amanda...
Otherwise access to /dev/hdaxxx and /etc/dumpdates failed with permission
I think my setup is stock RH. (My amanda server is currently RH6.2 while the
client is 7.0)
All of this should be fixed in amanda-2.4.2-2, coming soon to a Rawhide near you.