On Thu, May 20, 2004 at 12:57:08AM +0000, Lars Kellogg-Stedman wrote: > I'm following up on an issue that was posted to this list back in > January: > > > JLM pointed out another thing I did not know. amcheck does not consider > > it an error for the file to not exist, it is listed as "optional". But > > amcheck does consider it an error if the file has the wrong permissions > > or if it is unable to determine if it exists. > > I'm running into exactly this problem. In my dumptypes file, I have: > > exclude list optional ".amanda.exclude" > > In my disklist file, I'm backing up individual home directories: > > arcadia /export/home/lars comp-user-tar > > Permissions on this directory are 750, so amcheck is failing: > > ERROR: backuphost: [Can't open exclude file > '/export/home/lars/.amanda.exclude': Permission denied] > > Of course, amcheck (and amandad) are running as user 'amanda' when running > this check, while the backup itself is performed as root (since the > 'runtar' command is SUID root) > ... > I'm hesitant to make things globally readable just to make Amanda work, so > I've worked around the problem on my Linux system using ACLs: > > setfacl -m u:amanda:rwx /export/home/*
Nice approach. Another approach, if ACL's are unavailable or ?overkill?, would be to give the directory world execute permission (751). Then a process could access a specific file if it "knows its name" but searchs like "ls" or "cat *" would not work because read permission was denied. -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road (609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)