Bug 20510 - Amanda 'run-as' user 'operator' can't read own home directory
Amanda 'run-as' user 'operator' can't read own home directory
Status: CLOSED RAWHIDE
Product: Red Hat Powertools
Classification: Retired
Component: amanda (Show other bugs)
7.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Trond Eivind Glomsrxd
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-11-08 04:40 EST by Thais Smith
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-11-20 11:28:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Thais Smith 2000-11-08 04:40:01 EST
When backing up a Red Hat 7 system from another machine, an entry must be made in .amandahosts in the home directory of the user amanda is configured to run as.  As shipped, this user is 'operator', whose home directory is /root, which is owned root.root, mode 750, so the amanda system can't read the .amandahosts file and remote access is always denied.

Workaround: make /root mode 751 and the .amandahosts file mode 644 owned by root, be careful about all other files in /root

Suggested fix: change the amanda package to run as a user 'amanda' or 'amuser'

Note: this requires a rebuild as there are a couple of setuid-root binaries with amanda that check the real UID they were invoked as and refuse to run if this is not correct.
Comment 1 Neal D. Becker 2000-11-20 11:28:21 EST
Also, amanda runs as user operator, who is a member of group disk.
xinetd broke this.  I needed to add group=disk to xinetd.d/amanda... 
Otherwise access to /dev/hdaxxx and /etc/dumpdates failed with permission
denied.
I think my setup is stock RH.  (My amanda server is currently RH6.2 while the
client is 7.0)
Comment 2 Trond Eivind Glomsrxd 2001-01-30 19:08:51 EST
All of this should be fixed in amanda-2.4.2-2, coming soon to a Rawhide near you.

Note You need to log in before you can comment on or make changes to this bug.