28649 – amanda client and server configurations need a lot of work

Bug 28649 - amanda client and server configurations need a lot of work

Summary: amanda client and server configurations need a lot of work

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	amanda
Sub Component:
Version:	7.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Trond Eivind Glomsrxd
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-02-21 18:31 UTC by Need Real Name
Modified:	2007-04-18 16:31 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-02-21 18:31:46 UTC
Embargoed:

Attachments	(Terms of Use)

Description Need Real Name 2001-02-21 18:31:42 UTC

From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.2.16-22 i686)


amanda default configuration is not operational for server or client

Reproducible: Always
Steps to Reproduce:
a) install amanda and amanda-client on a backup client system.
b) try to configure and use amanda

or

a) install amanda, amanda-client and amanda server on a backup server
b) try to backup a filesystem or disk on the local host

Actual Results:  1) amanda can not contact the amandad client daemon
because it never starts
2) amanda can not contact the client (after solving 1) because the
.amandahosts
    file is protected in the /root directory (default user operator home,
but can not
    read).
3) etc.


Expected Results:  I should have been able to modify the configuration file
for the DailySet1 backups, and updated .amandahosts configuration file, and
get a backup working.

1) missing directory

the amanda-client installation fails to create a directory for
"gnutar-lists".  The default config file references
"/var/lib/amanda/gnutar-lists", and the absense of this directory will
result in a client node backup failure.  note, however, this directory *is*
created if the amanda-server package is installed.


2) missing or incorrect xinetd startup files

the amanda daemon entries are incorrect or missing after installation.  the
amanda-client installation fails to create a startup file for amandad in
/etc/xinetd.d.  it should look something like:

# default: off
#
# description: Part of the Amanda server package

service amandad
{
	disable	= no
	socket_type		= dgram
	protocol		= udp
	wait			= yes
	user			= operator
	group			= disk
	port = 10080
	server			= /usr/lib/amanda/amandad 
}

Also, only amandad should have wait set to yes; the others,
/etc/xinetd.d/amandaidx (server and client) and /etc/xinetd.d/amidxtape (on
server only) should have wait set to no.


3) backup user (operator) access control problems

by default, amanda uses the operator user account to do most of its work. 
the problem with this is that /root is the default home directory for
operator, and only the root user has permission, by default, to read the
contents of the /root directory.  the amanda package installs a security
configuration file, .amandahosts, in the operator's home directory.  the
amanda software must consult this file to determine whether or not a user
from a given host is allowed access, much like .rhosts.  since the amanda
software runs as user operator, and operator can not, by default read
/root, amanda fails to do much of anything since it can not resolve its
user and host security requirements.

I suggest repackaging amanda so that it uses a unique user, such as
"backup" or "amanda".  I also suggest creating a new home dirctory for said
user.

Comment 1 Trond Eivind Glomsrxd 2001-02-21 19:57:08 UTC

Please don't combine multiple issues into one bug report - it makes tracking harder.

Also, give the RPMs at http://people.redhat.com/teg/ a try. They should fix the
issues you're having.

Note You need to log in before you can comment on or make changes to this bug.