Dear Kevin, et al., My bug in which Amanda created its dump-holding directory with permissions that made it impossible for it to write on that directory --- it's fixed. The fix was to change the ownership of one or more of the files in /home/amanda. I'm not sure which file ownerships made the difference.
Anyway, only because the Amanda maintainers might be interested, I'm attaching my Amanda installation script (install.sh). Search for the string "### Bug:" and you will see the difference that made the difference. It's curious as all get-out, and I'm wondering whether I ran into some security fix in the version of Linux that I'm running. (2.6.16, in this case). Anyway, happy days, I have dumps now. And they do indeed pass through the ssh connection. I commend you guys. auth="ssh" is a significant enhancement to Amanda. -- Steve Steven R. Newcomb, Consultant Coolheads Consulting Co-editor, Topic Maps International Standard (ISO/IEC 13250) Co-editor, draft Topic Maps -- Reference Model (ISO/IEC 13250-5) [EMAIL PROTECTED] http://www.coolheads.com direct: +1 540 951 9773 main: +1 540 951 9774 fax: +1 540 951 9775 208 Highview Drive Blacksburg, Virginia 24060 USA (Confidential to all US government personnel to whom this private letter is not addressed and who are reading it in the absence of a specific search warrant: You are violating the law and you are co-conspiring to subvert the Constitution that you are sworn to defend. You can either refuse to commit this crime, or you can expect to suffer criminal sanctions in the future, when the current administration of the United States of America has been replaced by one that respects the rule of law. I do not envy you for having to make this difficult choice, but I urge you to make it wisely.)
#!/bin/bash if [ ! "$USER" = "root" ]; then echo "user is not root, aborting." exit 1 fi if [ ! `pwd` = "/home/amanda/amandasrc" ]; then echo "you must first cd to /home/amanda/amandasrc" exit 1 fi TRUE=0 FALSE=1 if [ `hostname` = "dimanche" ]; then isServer=$TRUE else isServer=$FALSE fi set -x if [ ! -e /home/amanda ]; then echo "There must be a user \"amanda\" who is a member of groups \"disk\" and \"tape\", and whose home is /home/amanda" exit 1 fi usermod -G amanda,disk,tape amanda if [ -d /home/amanda/DailySet1 ]; then rm -rf /home/amanda/DailySet1 fi if [ "$isServer" = "$TRUE" ]; then if [ ! -d /home/amanda/INDEX ]; then mkdir -p /home/amanda/INDEX fi if [ ! -d /home/amanda/INFO ]; then mkdir -p /home/amanda/INFO fi if [ ! -d /home/amanda/LOG ]; then mkdir -p /home/amanda/LOG fi fi if [ ! -e /tmp/amanda ]; then mkdir /tmp/amanda fi chown -R amanda.disk /tmp/amanda if [ -e /home/amanda/coolheads ]; then rm -rf /home/amanda/coolheads fi mkdir /home/amanda/coolheads ln -s /home/amanda/amandasrc/coolheads/.amandahosts /home/amanda/.amandahosts ln -s /home/amanda/amandasrc/coolheads/.amandahosts /home/amanda/coolheads/.amandahosts ln -s /home/amanda/amandasrc/coolheads/amanda.conf /home/amanda/amanda.conf ln -s /home/amanda/amandasrc/coolheads/amanda.conf /home/amanda/coolheads/amanda.conf ln -s /home/amanda/amandasrc/coolheads/amanda-client.conf /home/amanda/amanda-client.conf ln -s /home/amanda/amandasrc/coolheads/amanda-client.conf /home/amanda/coolheads/amanda-client.conf ln -s /home/amanda/amandasrc/coolheads/tapelist /home/amanda/tapelist ln -s /home/amanda/amandasrc/coolheads/tapelist /home/amanda/coolheads/tapelist ln -s /home/amanda/amandasrc/coolheads/disklist /home/amanda/disklist ln -s /home/amanda/amandasrc/coolheads/disklist /home/amanda/coolheads/disklist ln -s /home/amanda/amandasrc/coolheads/chg-multi.conf /home/amanda/coolheads/chg-multi.conf whereWeWere=`pwd` cd /home/amanda/amandasrc/coolheads for i in *-excludes ; do ln -s /home/amanda/amandasrc/coolheads/${i} /home/amanda/coolheads/${i} done if [ ! -e /home/amanda/share ]; then mkdir /home/amanda/share fi if [ ! -e /home/amanda/man ]; then mkdir /home/amanda/man fi if [ -e /home/amanda/lib ]; then rm -rf /home/amanda/lib fi if [ -e /home/amanda/libexec ]; then rm -rf /home/amanda/libexec fi if [ -e /home/amanda/man ]; then rm -rf /home/amanda/man fi if [ -e /home/amanda/sbin ]; then rm -rf /home/amanda/sbin fi if [ -e /home/amanda/share ]; then rm -rf /home/amanda/share fi if [ -e /home/amanda/amandasrc/amanda-2.5.1 ]; then rm -rf /home/amanda/amandasrc/amanda-2.5.1 fi cd /home/amanda/amandasrc tar xzf amanda-2.5.1.tar.gz cd /home/amanda/amandasrc/amanda-2.5.1 commonConfigArgs=\ " --prefix=/home/amanda \ --exec-prefix=/home/amanda \ --sysconfdir=/home/amanda \ --datadir=/home/amanda/share \ --sysconfdir=/home \ --sharedstatedir=/home/amanda/com \ --localstatedir=/home/amanda/var \ --libdir=/home/amanda/lib \ --includedir=/home/amanda/include \ --oldincludedir=/home/amanda/include \ --mandir=/home/amanda/man \ --infodir=/home/amanda/info --with-user=amanda \ --with-group=disk \ --with-ssh-security" set - $commonConfigArgs if [ "$isServer" = "$TRUE" ]; then echo ./configure $@ ./configure $@ else echo ./configure $@ --without-server ./configure $@ --without-server fi make make install if [ "$isServer" = "$TRUE" ]; then if [ ! -e /nobackup/AMANDASPOOL ]; then mkdir /nobackup/AMANDASPOOL fi chown -R root.disk /nobackup/AMANDASPOOL fi if [ ! -d /home/amanda/var ]; then mkdir /home/amanda/var fi if [ ! -d /home/amanda/var/gnutar_list ]; then mkdir /home/amanda/var/gnutar_list fi if [ ! -e /home/amanda/var/amandates ]; then touch /home/amanda/var/amandates fi if [ ! -f /home/amanda/amandasrc/coolheads/tapelist ]; then touch /home/amanda/amandasrc/coolheads/tapelist fi ### Bug: if the below line is: ### chown -R root.disk /home/amanda ### then, when Amanda creates the ### the holding disk (/nobackup/AMANDASPOOL/200609...) ### directory for the dump, it's created with root ### ownership and mode 700 permissions, and Amanda ### can't write on it. I have no idea why this happens. ### The Amanda code says it's creating this directory ### with 770 permissions. --SRN chown -R amanda.disk /home/amanda chown root.disk /home/amanda/libexec/runtar chown root.disk /home/amanda/libexec/dumper chown root.disk /home/amanda/libexec/planner chown root.disk /home/amanda/sbin/amcheck chmod -R 6770 /home/amanda/libexec/* /home/amanda/sbin/* if [ -d /home/amanda/DailySet1 ]; then rm -rf /home/amanda/DailySet1 fi cat - <<EOF SSH You must configure amanda with --with-ssh-security. create user 'amanda' For amdump: You must create user amanda on all machines, including the server. You must put the server's amanda's id_rsa.pub, as amended with options, on *all* machine's amanda's ~/.ssh/authorized_keys. Here's an example: from="dimanche.coolheads.com",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/home/amanda/libexec/amandad -auth=ssh amdump" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxKMbLwLfI6iwGYzkv75UpRqj2LvOV6uvRYJghvN7t8vUzrxzGmIPEiuFwKRAO8jsfrvLDaBJU4S18eN7FpybcEyhT1yctfSY6TxKL3QHR6pluUl7kh2eJ1C9Cr26AU5Hfp3/FYTWM33SVcgDIuyzrbUTtKZubuQGRkn6r6Ns8POI5d+b6jwPGkqa85qVzK7xA1dQFv0HyrHaVO15FTG8/Zv1kMHQyVa8fKxFQGdAjRdaQD2nG18jeyzuFcgX9RCA+zPef1ceHj2Xh6W25YCQuxYzC73pcdbedZMoVSbT25AcY09+Rg/z0MQqZhf86xiRvFwbpI2aYCy7gmXtub+8kQ== [EMAIL PROTECTED] You must create an ssh key for your server. In this example, the key is put in the id_rsa_amdump file: ssh-keygen -t rsa Enter file in which to save the key (/home/amanda/.ssh/id_rsa)? /home/ amanda/.ssh/id_rsa_amdump You must set the ssh_keys option in all DLE for that host: ssh_keys "/home/amanda/.ssh/id_rsa_amdump" You mush append the /home/amanda/.ssh/id_rsa_amdump.pub file to the .ssh/ authorized_keys file of all client host. For security reason, you must prepend the line with the following: from="tape_server_fqdn_name",no-port-forwarding,no-X11-forwarding,no-agent- forwarding,command="/path/to/amandad -auth=ssh amdump" That will limit that key to connect only from your server and only be able to execute amandad. Like rsh if your server username and client username are different, you must add the client_username option in all DLE for that host: client_username "client_username" Like rsh, if your server amandad path and client amandad path are different, you must set the amandad_path option in all DLE for that hosts: amandad_path "client/amandad/path" For amrecover: You must create an ssh key for root on all clients that can use amrecover. In this example, the key is put in the /root/.ssh/id_ rsa_amrecover file: Log in as root: ssh-keygen -t rsa Enter file in which to save the key (/root/.ssh/id_rsa)? /root/.ssh/ id_rsa_amrecover You must set the ssh_keys option in the amanda_client.conf file ssh_keys "/root/.ssh/id_rsa_amrecover" You mush append all client /home/root/.ssh/id_rsa_amrecover.pub file to the / home/amanda/.ssh/authorized_keys of the server. For security reason, you must prefix all lines with the following: from="aclient_fqdn_name",no-port-forwarding,no-X11-forwarding,no-agent- forwarding,command="/path/to/amandad -auth=ssh amindexd amidxtaped" That will limit every client key to connect from the client and only be able to execute amandad. ------------------------------------------------------------------------------- Prev Up Next Chapter 16. How to do Amanda-server-side Home Part IV. Various Information gpg-encrypted backups. EOF # [EMAIL PROTECTED]:~/AMANDA/amanda-2.5.1# ./configure --help # `configure' configures this package to adapt to many kinds of systems. # # Usage: ./configure [OPTION]... [VAR=VALUE]... # # To assign environment variables (e.g., CC, CFLAGS...), specify them as # VAR=VALUE. See below for descriptions of some of the useful variables. # # Defaults for the options are specified in brackets. # # Configuration: # -h, --help display this help and exit # --help=short display options specific to this package # --help=recursive display the short help of all the included packages # -V, --version display version information and exit # -q, --quiet, --silent do not print `checking...' messages # --cache-file=FILE cache test results in FILE [disabled] # -C, --config-cache alias for `--cache-file=config.cache' # -n, --no-create do not create output files # --srcdir=DIR find the sources in DIR [configure dir or `..'] # # Installation directories: # --prefix=PREFIX install architecture-independent files in PREFIX # [/usr/local] # --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX # [PREFIX] # # By default, `make install' will install all the files in # `/usr/local/bin', `/usr/local/lib' etc. You can specify # an installation prefix other than `/usr/local' using `--prefix', # for instance `--prefix=$HOME'. # # For better control, use the options below. # # Fine tuning of the installation directories: # --bindir=DIR user executables [EPREFIX/bin] # --sbindir=DIR system admin executables [EPREFIX/sbin] # --libexecdir=DIR program executables [EPREFIX/libexec] # --datadir=DIR read-only architecture-independent data [PREFIX/share] # --sysconfdir=DIR read-only single-machine data [PREFIX/etc] # --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] # --localstatedir=DIR modifiable single-machine data [PREFIX/var] # --libdir=DIR object code libraries [EPREFIX/lib] # --includedir=DIR C header files [PREFIX/include] # --oldincludedir=DIR C header files for non-gcc [/usr/include] # --infodir=DIR info documentation [PREFIX/info] # --mandir=DIR man documentation [PREFIX/man] # # Program names: # --program-prefix=PREFIX prepend PREFIX to installed program names # --program-suffix=SUFFIX append SUFFIX to installed program names # --program-transform-name=PROGRAM run sed PROGRAM on installed program names # # System types: # --build=BUILD configure for building on BUILD [guessed] # --host=HOST cross-compile to build programs to run on HOST [BUILD] # --target=TARGET configure for building compilers for TARGET [HOST] # # Optional Features: # --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) # --enable-FEATURE[=ARG] include FEATURE [ARG=yes] # --disable-dependency-tracking speeds up one-time build # --enable-dependency-tracking do not reject slow dependency extractors # --disable-largefile omit support for large files # --enable-shared[=PKGS] # build shared libraries [default=yes] # --enable-static[=PKGS] # build static libraries [default=yes] # --enable-fast-install[=PKGS] # optimize for fast installation [default=yes] # --disable-libtool-lock avoid locking (might break parallel builds) # # Optional Packages: # --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] # --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) # --with-cflags=CFLAGS arguments to the c compiler (-Wall, -g, etc) # --with-includes=DIR site header files for readline, etc in DIR # --with-libraries=DIR site library directories for readline, etc in DIR # --with-dumperdir=DIR where we install the dumpers [EPREFIX/dumper] # --with-configdir=DIR runtime config files in DIR [sysconfdir/amanda] # --with-indexdir deprecated, use indexdir in amanda.conf # --with-dbdir deprecated, use infofile in amanda.conf # --with-logdir deprecated, use logfile in amanda.conf # --with-suffixes install binaries with version string appended to name # --with-client-only deprecated, use --without-server # --with-server-only deprecated, use --without-client # --without-client do not build client stuff # --without-server do not build server stuff (set --without-restore) # --without-restore do not build amrestore nor amidxtaped # --without-amrecover do not build amrecover # --with-index-server=HOST default amanda index server [`uname -n`] # --without-force-uid do not force the uid to --with-user # --with-user=USER force execution to USER on client systems [required] # --with-group=GROUP group allowed to execute setuid-root programs [required] # --with-owner=USER force ownership of files to USER [default == --with-user value] # --with-rundump use rundump (setuid-root) to invoke dump # --with-config=CONFIG default configuration [DailySet1] # --with-tape-server=HOST default restoring tape server is HOST [same as --with-index-server] # --with-tape-device=ARG restoring tape server HOST's no rewinding tape drive # --with-ftape-rawdevice=ARG raw device on tape server HOST's if using Linux ftape >=3.04d # --with-rew-tape deprecated, use --with-tape-device # --with-norew-tape=ARG deprecated, use --with-tape-device # --with-changer-device=ARG default tape changer device [/dev/ch0 if it exists] # --with-fqdn use FQDN's to backup multiple networks # --with-broken-fsf only enable if tape fsf calls fail mid-file # --without-reuseaddr Don't closed network connections to be reused until full timeout period. # --with-gnutar[=PROG] use PROG as GNU tar executable [default: looks for one] # --with-smbclient[=PROG] use PROG as Samba's smbclient executable [default: looks for one] # --with-samba-user was deprecated # --with-gnutar-listdir=DIR gnutar directory lists go in DIR [localstatedir/amanda/gnutar-lists] # --with-gnutar-listed-incremental was deprecated, use --with-gnutar-listdir # --without-bsd-security do not use BSD rsh/rlogin style security # --without-amandahosts use .rhosts instead of .amandahosts # --with-dbmalloc=DIR Location of dbmalloc libs and headers # --with-krb4-security=DIR Location of Kerberos software [/usr/kerberos /usr/cygnus /usr /opt/kerberos] # --with-rsh-security use rsh as a transport # --with-ssh-security use ssh as a transport # --with-bsdtcp-security use tcp as a transport # --with-bsdudp-security use tcp as a transport # --with-server-principal=ARG server host principal ["amanda"] # --with-server-instance=ARG server host instance ["amanda"] # --with-server-keyfile=ARG server host key file ["/.amanda"] # --with-client-principal=ARG client host principal ["rcmd"] # --with-client-instance=ARG client host instance [HOSTNAME_INSTANCE] # --with-client-keyfile=ARG client host key file [KEYFILE] # --with-ticket-lifetime=ARG ticket lifetime [128] # --with-krb5-security=DIR Location of Kerberos V software [/usr/kerberos /usr/cygnus /usr /opt/kerberos] # --with-low-tcpportrange=low,high bind reserved TCP server sockets to ports within this range unlimited (mainly for amrecover) # --with-tcpportrange=low,high bind unreserved TCP server sockets to ports within this range [unlimited] # --with-udpportrange=low,high bind reserved UDP server sockets to ports within this range [unlimited] # --with-maxtapeblocksize=kb Maximum size of a tape block # --with-db={text,db,dbm,gdbm,ndbm} use the selected database format [text] # --with-mmap force use of mmap instead of shared memory support # --with-buffered-dump buffer the dumping sockets on the server for speed # --with-assertions compile assertions into code # --with-tmpdir=/temp/dir area Amanda can use for temp files [/tmp/amanda] # --with[out]-debugging[=/debug/dir] [do not] record runtime debugging information in specified directory [--with-tmpdir] # --with-debug-days=NN number of days to keep debugging files [default=4] # --with-testing[=suffix] use alternate service names # --with-dump-honor-nodump if dump supports -h, use it for level0s too # --with-gnu-ld assume the C compiler uses GNU ld [default=no] # --with-pic try to use only PIC/non-PIC objects [default=use # both] # --with-tags[=TAGS] # include additional configurations [automatic] # --without-built-manpages Do not build manpages from XML source. # # Some influential environment variables: # CC C compiler command # CFLAGS C compiler flags # LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a # nonstandard directory <lib dir> # CPPFLAGS C/C++ preprocessor flags, e.g. -I<include dir> if you have # headers in a nonstandard directory <include dir> # CPP C preprocessor # CXX C++ compiler command # CXXFLAGS C++ compiler flags # CXXCPP C++ preprocessor # F77 Fortran 77 compiler command # FFLAGS Fortran 77 compiler flags # # Use these variables to override the choices made by `configure' or to help # it to find libraries and programs with nonstandard names/locations. # #