On 10/31/2013 06:15 AM, Petr Hracek wrote:
Hi amanda users,
I have just a tricky question:
I observed that in Fedora we are delivering amanda where some binaries
have setuid bits.
Are the suid bits really needed for amanda working properly?
List of affected binaries is (mode 104750):
/usr/lib/amanda/application/amstar
/usr/lib/amanda/calcsize
/usr/lib/amanda/rundump
/usr/lib/amanda/runtar
/usr/lib/amanda/dumper
/usr/lib/amanda/planner
Yes, they are needed, some files are missing:
/usr/lib/amanda/application/amgtar
/usr/sbin/amcheck
/usr/sbin/amservice
They needs root because they either read the filesystem or open a
privileged port (<1024)
Is it necessary to have setgid bit on the directory /var/log/amanda?
I think no, my logdir is 700.
Jean-Louis