>>>>> On Fri, 20 Jan 2006 17:31:01 +0100, Ralf Gross <[EMAIL PROTECTED]> said: > Russell Howe schrieb: > > James P. Kinney III wrote: > > > bacula is a member of the disk group. > > > > Isn't being a member of the disk group effectively the same as being > > root, since you can gain access to the block devices containing the > > local filesystems? > > I discovered a similar problem today with a fresh bacula 1.38.5 > install on debian sarge. bacula-sd is runnin as user bacula. > > Select Storage resource (1-2): 2 > 3301 Issuing autochanger "loaded drive 0" command. > 3991 Bad autochanger "loaded drive 0" command: ERR=Child exited with > code 1. > dev.c:362 dev.c:356 Unable to open device "AIT-2" (/dev/nst0): > ERR=Keine Berechtigung > 3901 open device failed: ERR=dev.c:356 Unable to open device "AIT-2" > (/dev/nst0): ERR=Keine Berechtigung > > $ id -a bacula > uid=107(bacula) gid=107(bacula) Gruppen=107(bacula),26(tape) > > crw-rw---- 1 root tape 21, 3 2004-09-18 13:51 /dev/sg3 > crw-rw---- 1 root tape 9, 128 2004-09-18 13:51 /dev/nst0 > > -rwxr-xr-x 1 root root 15076 2005-10-02 18:34 /bin/mt-gnu > -rwxr-xr-x 1 root root 19316 2004-02-15 06:43 /usr/sbin/mtx > > As user bacula: > > > $ id; /usr/sbin/mtx -f /dev/sg3 status > uid=107(bacula) gid=107(bacula) groups=26(tape),107(bacula) > Storage Changer /dev/sg3:1 Drives, 13 Slots ( 1 Import/Export ) > Data Transfer Element 0:Full (Storage Element 6 Loaded) > Storage Element 1:Full > Storage Element 2:Full > Storage Element 3:Full > Storage Element 4:Full > Storage Element 5:Full > Storage Element 6:Empty > Storage Element 7:Empty > Storage Element 8:Empty > Storage Element 9:Empty > Storage Element 10:Empty > Storage Element 11:Empty > Storage Element 12:Empty > Storage Element 13 IMPORT/EXPORT:Empty > > $ id; mt -f /dev/nst0 status > uid=107(bacula) gid=107(bacula) groups=26(tape),107(bacula) > drive type = Generic SCSI-2 tape > drive status = 822083584 > sense key error = 0 > residue count = 0 > file number = 0 > block number = 0 > Tape block size 0 bytes. Density code 0x31 (unknown). > Soft error count since last status=0 > General status bits on (41010000): > BOT ONLINE IM_REP_EN > > $ id; ./mtx-changer /dev/sg3 unload 6 /dev/nst0 0 > uid=107(bacula) gid=107(bacula) groups=26(tape),107(bacula) > Unloading Data Transfer Element into Storage Element 6...done > > > After changing the group ownership to bacula, everything is fine and I > can work with the changer from bconsole. > > crw-rw---- 1 root bacula 9, 128 2004-09-18 13:51 /dev/nst0 > crw-rw---- 1 root bacula 21, 3 2004-09-18 13:51 /dev/sg3 > > Select Storage resource (1-2): 2 > 3301 Issuing autochanger "loaded drive 0" command. > 3302 Autochanger "loaded drive 0", result is Slot 6. > 3307 Issuing autochanger "unload slot 6, drive 0" command. > 3002 Device "AIT-2" (/dev/nst0) unmounted. > > > I can live with these group settings, but I would like to understand > why it didn't work with user bacula as memeber of the tape group?
A process has a set of groups, which can be a different set from those associated with a user. The "su" command (or however you became the bacula user above) looks in /etc/group when it creates its shell, but bacula just runs in the single group passed via the -g option on the command line. See the "Groups:" line in /proc/nnn/status to the groups of process nnn. __Martin ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
