On Mon, Apr 18, 2005 at 04:17:16PM +0100, Chuck Amadi wrote: > Hi reinstalled amanda as Root make distclean > As amanda ./configure --( My preferences) > As amanada make > As Root make install > > Thus checked /local/sw/amanda/bckup/sbin/amcheck ls -al command the > output as below: > > -rwsr-x--- 1 root disk 86322 Apr 18 16:03 amcheck > > But when I run the following amcheck command > > myserver:/local/sw/amanda/bckup/sbin # su amanda -c > "/local/sw/amanda/bckup/sbin/amcheck" > zsh: permission denied: /local/sw/amanda/bckup/sbin/amcheck > myservefr:/local/sw/amanda/bckup/sbin # > > Im going a bit crazy Now! as I assume the sticky bit would sort out the > permission issue.
For some things amanda absolutely needs root privileges. But there is a principle which amanda trys to adhere to of "least privileges for the task". So although the binary amcheck is now properly owned by root, properly setuid'ed, and probably properly group owned by disk, for some tasks amcheck may create child processes that lack root privilege. One of those I think is disk (if using dump rather than tar) and tape access. It may be necessary to check the permissions on your devices to ensure they are group "disk" readable and for the tape, writable. As to executing amcheck, note that the owner root can execute it, members of group disk can execute it, but the rest of the world can not. Were you root when you executed it, no you were amanda. So you the user had to be a member of group disk to execute it. What group(s) does user 'amanda' have rights to? Did you get them after doing the 'su' command? The cmd 'id' will tell you the latter. -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road (609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)
