On Sunday 26 May 2019 12:08:37 pm Nathan Stratton Treadway wrote: > On Sun, May 26, 2019 at 09:24:35 -0400, Gene Heskett wrote: > > On Sunday 26 May 2019 04:48:59 am Gene Heskett wrote: > > > On Saturday 25 May 2019 11:46:46 pm Nathan Stratton Treadway wrote: > > > > Then, from that checkout directory, run your gh.cf script to > > > > kick off the build (first making sure the --with-security-file= > > > > line is what you want it to be)... and see what happens.... > > > > > > My script has never had that line, as its using > > > --with-bsd-security --with-amandahosts \ > > > and that has worked for around a decade using the repos .deb > > > clients. Do I need to change that? > > Note that the "--with-XXX-security" options are completely different > than the "--with-security-file=<path-to-file>" option. > > I found the thread where you hit the problem before (of course it was > buried under an unrelated Subject line...). Look for the > message > From: Gene Heskett <ghesk...@shentel.net> > To: amanda-users@amanda.org > Subject: Re: Zmanda acquired from Carbonite by BETSOL -- future of > Amanda development Date: Thu, 4 Oct 2018 07:11:15 -0400 > > (currently found in archives at > https://www.mail-archive.com/amanda-users@amanda.org/msg49927.html > or And I know exactly what happened, that copy came from the build directory which because git doesn't do version numbers, was a locally modified copy thats been blown away several times in this debacle, and replaced with the master copy in the amanda home dir, which never got overwritten with these changes. I'll fix that next thing, after I go get the missus something like a pubwich from Ginos, a local pizza/spaghetti place. I think she's in favor of closing the kitchen on account of illness, she's sick of my cooking. :) See rule #2 of that famous sign...
> http://www.backupcentral.com/forum/14/291870/291873/re__zmanda_acquire >d_from_carbonite_by_betsol_--_future_of_amanda_development#msg-291873 ) > > Anyway, the point is that last October you definitely changed your > gh.cf script to include > "--with-security-file=/etc/amanda-security.conf"... And many thanks for finding it! > > [For what it's worth I found several occasions between then and now in > which you posted a copies of your gh.cf script to the list, and those > copies did include the --with-security-file option. So perhaps you > have a different version of your script stashed somewhere else? > > For example, though the rest of the thread is unrelated to the > discussion today, the copy of your script posted in the following > message includes not only --with-security-file but also > --with-amandates-file added below that (both of which are missing from > the version you posted on yesterday): > > From: Gene Heskett <ghesk...@shentel.net> > To: amanda-users@amanda.org > Subject: amanda backup fails > Date: Mon, 10 Dec 2018 19:05:23 -0500 > > https://www.mail-archive.com/amanda-users@amanda.org/msg50346.html > ] > > > but I cannot seem to fix this erronious error. > > [...] > > > Amanda Backup Client Hosts Check > > -------------------------------- > > ERROR: coyote: selfcheck request failed: file/dir '/usr/local/etc' > > (/usr/local/etc/amanda-security.conf) is writable by the group > > ERROR: shop: selfcheck request failed: file/dir '/usr/local/etc' > > (/usr/local/etc/amanda-security.conf) is writable by the group > > ERROR: picnc: selfcheck request failed: file/dir '/usr/local/etc' > > (/usr/local/etc/amanda-security.conf) is writable by the group > > ERROR: GO704: selfcheck request failed: file/dir '/usr/local/etc' > > (/usr/local/etc/amanda-security.conf) is writable by the group > > ERROR: lathe: selfcheck request failed: file/dir '/usr/local/etc' > > (/usr/local/etc/amanda-security.conf) is writable by the group > > Client check: 5 hosts checked in 13.184 seconds. 5 problems found. > > (brought to you by Amanda 3.5.1.git.19364c7b) > > [...] > > > amanda@coyote:~/amanda$ ls -l /usr/local/etc/ > > total 48 > > drwx------ 3 amanda backup 4096 May 26 04:17 amanda > > -rw-r--r-- 1 amanda backup 55 Jul 17 2014 amanda-client.conf > > -rwx------ 1 root staff 2033 May 26 08:41 amanda-security.conf > > and as you can see, is not writeable by group but /etc/group > > amanda-security.conf itself is not writable by group... but _this_ > error message (unlike the one in the previous email) is complaining > about the "/usr/local/etc" directory. > > This is the problem you were working on last October (in the > above-referenced thread and a couple of others in that same > timeframe), but based on the referenced message I believe the solution > you settled on at that time was to use > "--with-security-file=/etc/amanda-security.conf" in your build script > -- with that, you do not need to worry about the group permissions on > each parent directory in the /usr/local/etc path... > > So, I think your best bet is to stick with your earlier solution, i.e. > do another rebuild with that option added back in to the script. > After that it should be easy to resolve the amnda-security.conf > permission checks. > > (If I remember correctly the build-install cycle should create a new > /etc/amanda-security.conf file for you. If not I guess you'll find > out as soon as you try amcheck, and then you can copy/move the > existing one into /etc/ ....) > > > > Nathan > > ---------------------------------------------------------------------- >------ Nathan Stratton Treadway - natha...@ontko.com - Mid-Atlantic > region Ray Ontko & Co. - Software consulting services - > http://www.ontko.com/ GPG Key: > http://www.ontko.com/~nathanst/gpg_key.txt ID: 1023D/ECFB6239 Key > fingerprint = 6AD8 485E 20B9 5C71 231C 0C32 15F3 ADCD ECFB 6239 Copyright 2019 by Maurice E. Heskett Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene>
