Re: Frontend , UI for amanda ?

[Anthony A. D. Talltree]

Brandon makes some good points.  I'll add a couple points of my own that
some may take for granted:

o For a user interface to be friendly, it has to in fact be runnable. 
Window system interfaces tend not to work well on text consoles or in
environments where the user is running on a different machine which for
various reason't can't display a remote X session from the server.  Some
sites have draconian policies against X libraries even being installed
on servers

o An increasing number of graphical interfaces these days are being done
with gtk/GNOME, which effectively limits them to running on Linuxes. 

Of course, the existence of a graphical interface doesn't really
preclude the continued existence of the CLI, but one might worry about
the latter being deprecated.

Re: Frontend , UI for amanda ?

[Brandon D. Valentine]

On Mon, Mar 31, 2003 at 07:23:29PM -0500, Bort, Paul wrote:
>On Mon, Mar 31, 2003 at 05:00:49PM -0500, Thomas Hu wrote:
>> Gene made some points but not all I agree with.
>> 
>> Friendly user interface (not necessary "fancy" GUI) is a measure of all
>> good quality software products. Amanda is not beyond the scope of this
>> view.
> 
> As always, it's open source. If the lack of a GUI bothers you enough, you
> can write one, or hire someone to write it for you. The software scratches
> the collective itch.

Thomas, Bernd, et al:

1) This discussion probably belongs on amanda-hackers.

2) As I see it, amanda is in no way obligated to be all things to all
people.  In fact, that is a rather stupid way to approach software
design.  Software should be primarily concerned with solving one
specific problem and doing the best job of that as is reasonably
possible.  See UNIX for details.

3) You seem to have a narrow view of the concept of user friendliness.
An easy to use interface which leads the user to take the wrong action
is far less user friendly than an interface with a learning curve which
empowers the user with the knowledge that he is taking the correct
action.  It is my opinion that amanda's current interface is
sufficiently user friendly to enable me as the administrator to do my
job and know that it is being done in a manner which is verifiably
correct.  The data I protect is worth many hundreds of thousands of
dollars in laboratory materials, instrument time and manhours.  It is
far more valuable for me to know that the data was backed up correctly
than to be able to use a mouse to do so.  Where data integrity is
concerned my job is on the line as are the academic careers of many of
my colleagues.  I take that very seriously.  Were I doing this job in a
corporate environment I would take it equally seriously.

4) Code talks.  Amanda is open source.  So far nobody who has complained
about the lack of a GUI has ponied up to write one.  Will you be the
exception?  Experience makes me doubt that you will.  If that offends
you, prove me wrong.

5) As far as I am concerned there is _ONE_ place in the entire amanda
model where a GUI would be useful.  The GUI is not useful for me as the
administrator.  A GUI for amanda could be quite useful however for
enabling individual users to schedule their own restores.  However, in
order for such an application to be possible amanda would need to
overhauled to support some concept of user accounts and permissions so
that individual users could be granted permission to restore their own
data.  That's a lot of work and should probably happen concurrently with
a transition away from rhosts style auth(orization|entication) so that
amanda transitions to a uniform model for such.

Brandon D. Valentine
-- 
Systems Administrator
Center for Structural Biology
Vanderbilt University

Re: Frontend , UI for amanda [really, what is Bacula?]

[Jay Lessert]

On Mon, Mar 31, 2003 at 04:09:36PM -0800, Gordon Pritchard wrote:
>   But I am looking at Bacula now also...

http://www.bacula.org
http://sourceforge.net/projects/bacula

Was not aware of Bacula before, and it looks like Kern Sibbald has done
some cool stuff, and Bacula certainly has some features that would be
nice to have in Amanda, BUT Bacula:

- Mandates MySQL or SQLite as the server engine behind it's server
  catalog.  This is not an option.

- Uses it's own client backup engine, not *dump/*tar.

- Uses "multiple-interthreaded-blocks-from-different-backup-streams"
  type tape format.

  (Bacula provides a small, lightweight tape-reader utility to use
   for disaster recovery, though.)

  Kern recommends that nobody actually *use* multiple backup streams
  in production yet, though, until it's better tested.

[Disclaimer: all of the above three points are from reading the docs,
 not from reading the source or asking the author, so I could be
 wrong.]

In an ideal world, three years ago I would have arranged for Kern to
receive a post-hypnotic suggestion to "enhance Amanda".  :-)

-- 
Jay Lessert   [EMAIL PROTECTED]
Accelerant Networks Inc.   (voice)1.503.439.3461
Beaverton OR, USA(fax)1.503.466.9472

RE: Frontend , UI for amanda ?

[Bort, Paul]

Thomas, I'd like to disagree with you on a point-by-point basis: 

> Friendly user interface (not necessary "fancy" GUI) is a 
> measure of all
> good quality software products. Amanda is not beyond the scope of this
> view.

So the Linux Kernel, MVS/OS, Sendmail, and PostgreSQL are not of good
quality? I disagree. AMANDA is written to be as invisible to the user as any
of the above. 

> Amanda is client-server based product. This means, while its client
> might be in "bare" OS, amanda server is not. The server has 
> to be fully
> functioning to provide the data recovering/restoring service. 

Not true. I can restore any of my files given only hardware that can read
the tape and a machine either running Red Hat 6.2 or capable of supporting
it. AMANDA is not needed for the restore, as she is only a backup manager.
The backup utility ( tar/dump/xfsdump, gzip, etc.) with mt and dd is all
that is needed to read the tapes. The possible loss of this functionality
was of great concern when adding the ability to split a disk across tapes
was being discussed on the AMANDA-Hackers mailing list.

> In terms of management of amanda, I appreciate all efforts that have
> been put into the product to make it less demanding for human
> intervention however, it is still a client/server 
> architecture involving
> many resources and objects. Initial configuration, though one time,
> takes some time. The difficulty of getting used to it has 

I think that a GUI for initial configuration will make it easier for new
users to get into trouble faster. The INSTALL file included with the package
is a very good start, with step-by-step instructions. Since AMANDA should be
compiled from scratch at least for each server, the new user isn't going to
avoid the command line during install.

> been reflected
> in this mailing list. For a changing (amount of data, schedule, tape
> devices) environment, managing amanda does not seem to be a piece of
> cake. As far as I am concerned, Bernd's presented a good 

Changes in the amount of data being backed up will usually be handled
correctly by AMANDA. Changing tape devices is also easy once you have the
first one working, and given the cost, unlikely to be a common occurrence.
And why would the schedule need to change frequently? Other than restore
tests and tape changes, there should be a time of day when your users can
tolerate the performance overhead of a backup running, in exchange for
having backups. If you need to run extra backups spontaneously, I don't see
how a GUI can be better than typing `amdump YourConfig &` at the shell
prompt. 

> question if we
> look at it as a bigger picture rather than as a stupid question from a
> lazy and less knowledgeable admin.

It's certainly not a stupid question. There are good places and good reasons
for a GUI. I'm probably going to write one in the next six months or so, as
we deploy AMANDA to client sites. 

As always, it's open source. If the lack of a GUI bothers you enough, you
can write one, or hire someone to write it for you. The software scratches
the collective itch.

That said, here's my case for a GUI: 

At remote sites where the user is unlikely to even log in to the console,
they need some way to interact with AMANDA. They at least need to know what
tape to put in next; need to be able to add new tapes; and mark existing
tapes as NO-REUSE. (In my case, I can count on them calling support for a
restore.) 

Once I have that in place and can release it, other people might want to add
things like a restore interface, or updating the disklist.

RE: Frontend , UI for amanda ?

[Gordon Pritchard]

On Mon, 2003-03-31 at 14:00, Thomas Hu wrote:

> Amanda is client-server based product. This means, while its client
> might be in "bare" OS, amanda server is not. The server has to be fully
> functioning to provide the data recovering/restoring service. 

More heretical musings :-)

More and more, as my servers improve in horsepower, I'm moving from
command-line minimalist environments to GUI.  I mean, having X sitting
there doing nothing takes a pretty light toll on a 3GHZ server with 1GB
or more DDR...

Much of my day-to-day admin *is* in fact done via SSH and a console
window, but when I go to the server-room, it's a lot friendlier and
nicer to have a full-blown GUI...  Indeed, there are times I Ctrl-Alt-F2
to a console view, as an option.

Imagine having a GUI view, when the heat's on, to drag-and-drop restore
a user's files.  Imagine having a graphical tool to show you clients,
directories, scheduled times, etc.  Kind of like a commercial Windows
backup tool, except that it works :-)

> I am not initiating a fire. Forgive me if it would irritate some of you.

I am not intending to diminish the huge efforts of the Amanda
developers either... it must be a good tool - I'm using it both at home
and at work.

But I am looking at Bacula now also...

-- 
Gordon Pritchard, P.Eng. | Institute of Electrical and
Research Labs Manager|  Electronics Engineers
Simon Fraser University, Surrey  | Quarter Century Wireless Ass'n
[EMAIL PROTECTED]   | Telephone Pioneers of America
phone:  604.268.7509 | Amateur Radio:  VA7SFU, VA7GP

Re: Frontend , UI for amanda ?

[Gene Heskett]

On Mon March 31 2003 17:00, Thomas Hu wrote:
>Gene made some points but not all I agree with.
>
>Friendly user interface (not necessary "fancy" GUI) is a measure
> of all good quality software products. Amanda is not beyond the
> scope of this view.
>
>Amanda is client-server based product. This means, while its
> client might be in "bare" OS, amanda server is not. The server
> has to be fully functioning to provide the data
> recovering/restoring service.

With which I respectfully disagree. Yes, its no doubt much nicer to 
do if the server is up and functioning.  My point was that in the 
event of a meltdown, the recovery can be done with nothing more 
than mt, tar (or dump), gzip and dd.  IMO, we as admins, even if in 
my case its just my home machines, should be able to open the 
toolbox and get out the appropriate digital monkey wrenchs and fix 
it.  Not being locked into a proprietary tape format is IMO a huge, 
overriding advantage.

>In terms of management of amanda, I appreciate all efforts that
> have been put into the product to make it less demanding for
> human intervention however, it is still a client/server
> architecture involving many resources and objects. Initial
> configuration, though one time, takes some time. The difficulty
> of getting used to it has been reflected in this mailing list.
> For a changing (amount of data, schedule, tape devices)
> environment, managing amanda does not seem to be a piece of cake.
> As far as I am concerned, Bernd's presented a good question if we
> look at it as a bigger picture rather than as a stupid question
> from a lazy and less knowledgeable admin.
>
>I am not initiating a fire. Forgive me if it would irritate some
> of you.

NP Thomas, we're all entitled to our opinions, and those were mine.  
Probably worth somewhat less than what you paid for them. :)

Heck I like eye candy too, but didja ever actually try to USE Arkeia 
to recover?  It not all that intuitive either even if it does have 
all them fancy lamborgheni(sp) guages.  The one time I needed it, 
it decided it needed a $2500 license file before it would access 
the tape drive after loading its own bootstrap from the tapes 
header.  I never even bothered to email them about it, the email 
would have self-destructed enroute.  That was an eye opener. 8-(  
And now you know why I'm here.

-- 
Cheers, Gene
AMD [EMAIL PROTECTED] 320M
[EMAIL PROTECTED]  512M
99.25% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com attornies please note, additions to this message
by Gene Heskett are:
Copyright 2003 by Maurice Eugene Heskett, all rights reserved.

RE: Frontend , UI for amanda ?

[Thomas Hu]

Gene made some points but not all I agree with.

Friendly user interface (not necessary "fancy" GUI) is a measure of all
good quality software products. Amanda is not beyond the scope of this
view.
 
Amanda is client-server based product. This means, while its client
might be in "bare" OS, amanda server is not. The server has to be fully
functioning to provide the data recovering/restoring service. 

In terms of management of amanda, I appreciate all efforts that have
been put into the product to make it less demanding for human
intervention however, it is still a client/server architecture involving
many resources and objects. Initial configuration, though one time,
takes some time. The difficulty of getting used to it has been reflected
in this mailing list. For a changing (amount of data, schedule, tape
devices) environment, managing amanda does not seem to be a piece of
cake. As far as I am concerned, Bernd's presented a good question if we
look at it as a bigger picture rather than as a stupid question from a
lazy and less knowledgeable admin.

I am not initiating a fire. Forgive me if it would irritate some of you.


Thomas 
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gene Heskett
Sent: Monday, March 31, 2003 3:44 PM
To: Bernd Broermann; [EMAIL PROTECTED]
Subject: Re: Frontend , UI for amanda ?

On Wed February 12 2003 05:35, Bernd Broermann wrote:
>Hello,
>
>Do you know of a UI Frontend for AMNANDA ?
>
>I mean a shell, perl, python script ,
>which is an menu driven program to lable
>recover , manage the backups.
>
>Thanks
>Bernd

AFAIK, nobody ever got around to doing one of those, mainly because 
when you need to recover, the likelyhood of haveing that fancy gui 
available is somewhere between nil and .00zip.  In that event you 
are expected to get your fingernails a bit dirty running tar or 
dump because a recovery can be largely done with nothing more than 
a bare bones os (re-)install that includes tar (or uhgg, dump), 
gzip, mt to manipulate the drive and dd to extract the data.

Anything else is eye candy.  Nothing from amanda is required to do a 
recover although there are those utils for a fully functioning 
system.

As far as managing the backups, thats the job of a user 'amanda's 
crontab entry and how the various configuration files are built.  
It doesn't need any management, and if you try to force your ideas 
on amanda, you're just making life difficult for one heck of a good 
backup utility.

There are even those here who, if you insist on doing it your way, 
would rather you used some other utility designed for human 
intervention.  Amanda is not, although she can take gentle nudges 
and hints from time to time via modifications to the config files 
once you get to know her...

-- 
Cheers, Gene
AMD [EMAIL PROTECTED] 320M
[EMAIL PROTECTED]  512M
99.25% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com attornies please note, additions to this message
by Gene Heskett are:
Copyright 2003 by Maurice Eugene Heskett, all rights reserved.

issue with 'file' tape device backups

[Nathan Thaler]

I'm using Amanda 2.4.4 and attempting to setup a backup routine that dumps the backups 
to a hard drive instead of a tape.  I'm using the chg-multi config with 4 'file' 
devices.  When I attempt to check the status of the tape with a privileged account, 
Amanda can see that the tape drive is populated, but when I try this with the amanda 
user, chg-multi returns 'slot is empty'

suse-test:/etc/amanda/daily # /usr/local/libexec/chg-multi -slot 1 
1 file:/d1/backups/tape1

[EMAIL PROTECTED]:/etc/amanda/daily > /usr/local/libexec/chg-multi -slot 1 
1 chg-multi: slot is empty

The amanda user has all the permissions it needs to read that director (and 
permissions to read/write changer-status) Any ideas as to why it still reports the 
slot is empty?

Here's some configs:

chg-multi.conf:

multieject 0
gravity 0
needeject 0
ejectdelay 0
firstslot 1
lastslot 4
statefile /etc/amanda/daily/changer-status
slot 1 file:/d1/backups/tape1
slot 2 file:/d1/backups/tape2
slot 3 file:/d1/backups/tape3
slot 4 file:/d1/backups/tapes

semi-relevant lines from amanda.conf:

org "DailySet1" # your organization name for reports
mailto "amanda" # space separated list of operators at your site
dumpuser "amanda"   # the user to run dumps under
dumpcycle 4 weeks   # the number of days in the normal dump cycle
runspercycle 20 # the number of amdump runs in dumpcycle days
tpchanger "chg-multi"   # the tape-changer glue script
tapedev "file:/d1/backup" 
changerfile "/etc/amanda/daily/chg-multi.conf"
changerdev "/dev/null"
rawtapedev "/dev/null"  # the raw device to be used (ftape only)
maxdumpsize -1  # Maximum number of bytes the planner will schedule
tapetype HOLDING-TANK   # what kind of tape it is (see tapetypes below)
labelstr "^DailySet1[0-9][0-9]*$"   # label constraint regex: all tapes 
must mat
define tapetype HOLDING-TANK{
comment "storage tank"
length 5 mbytes
filemark 100 kbytes 
   speed 10 mbytes 
}

Granted, I do understand that I still have some left over single-device configuration 
here, but it doesn't look like that's the cause of the chg-multi errors.

Thanks,
Nathan Thaler

Re: Frontend , UI for amanda ?

[Gene Heskett]

On Wed February 12 2003 05:35, Bernd Broermann wrote:
>Hello,
>
>Do you know of a UI Frontend for AMNANDA ?
>
>I mean a shell, perl, python script ,
>which is an menu driven program to lable
>recover , manage the backups.
>
>Thanks
>Bernd

AFAIK, nobody ever got around to doing one of those, mainly because 
when you need to recover, the likelyhood of haveing that fancy gui 
available is somewhere between nil and .00zip.  In that event you 
are expected to get your fingernails a bit dirty running tar or 
dump because a recovery can be largely done with nothing more than 
a bare bones os (re-)install that includes tar (or uhgg, dump), 
gzip, mt to manipulate the drive and dd to extract the data.

Anything else is eye candy.  Nothing from amanda is required to do a 
recover although there are those utils for a fully functioning 
system.

As far as managing the backups, thats the job of a user 'amanda's 
crontab entry and how the various configuration files are built.  
It doesn't need any management, and if you try to force your ideas 
on amanda, you're just making life difficult for one heck of a good 
backup utility.

There are even those here who, if you insist on doing it your way, 
would rather you used some other utility designed for human 
intervention.  Amanda is not, although she can take gentle nudges 
and hints from time to time via modifications to the config files 
once you get to know her...

-- 
Cheers, Gene
AMD [EMAIL PROTECTED] 320M
[EMAIL PROTECTED]  512M
99.25% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com attornies please note, additions to this message
by Gene Heskett are:
Copyright 2003 by Maurice Eugene Heskett, all rights reserved.

Re: newbie having trouble with tape labels

[Gene Heskett]

On Mon March 31 2003 10:51, Bill wrote:
>I recently installed amanda on my network to backup a couple of my
> dev boxes.  I understand that a tape must be labelled by amanda
> to be used with the appropriate dump set, but when I follow the
> instructions in the doc, amdump errors out saying that it cannot
> overwrite the active tape. Does someone have more comprehensive
> instructions for labelling tapes and setting up a run?  My
> assumption is I am simply misconstruing the instructions at some
> point.
>
>Thanks
>
>-b

A: tapes must be labeled with individually identifiable labels
eg: tape-01, tape-02 etc, where the 'tape' portion fits the
"labelstr" regex pattern in amanda.conf.  Defaults to "DailySet1"
so the labels then become "DailySet1-01", "DailySet1-02" etc
unless you change that pattern in amanda.conf.

B: a tape will not be willingly re-used until amanda.conf's
"tapecycle" tapes have been used before it becomes eligible for
re-use.

Generally speaking, one should have sufficient tapes to allow a 5 to 
7 day dumpcycle, and enough to do a minimum of 2 dumpcycles in 
tapecycle.  Multiply accordingly if the tape size vs systems size 
is such that you must use runtapes set for more than 1.  This 
requires a changer robot or a human to change tapes on demand.  In 
the long run the robot is cheaper, it doesn't take coffee breaks, 
vacations, sick leave, etc. :)

Amanda will schedule (eventually, its takes her time to get the 
schedule fine tuned) the fulls vs the partials over that 5 to 7 day 
dumpcycle in an attempt to equalize the tape useage per nightly 
run.  Because of this, one should construct his disklist file 
entries with 2 things in mind, 1; each entry should be less than a 
full tapes worth because amanda cannot span a single entry over 
more than 1 tape (breaking into subdir entries for size control 
implies the use of tar, as dump cannot do that), and then 2; 
uncomment only about a tapes worth of entries per day until its all 
exposed, at which point you can probably forget her until she needs 
the robots magazines refilled.

If its consistently useing all of a tape & no changer is involved, 
then dumpcycle should be expanded a day, or bigger tapes obtained.  
Likewise if its only useing half a tape, then dumpcycle can be 
reduced, thereby gaining additional security in fewer tapes in the 
unlikely event of a recovery need.

Obviously if dumpcycle is expanded, then additional tapes will need 
to be labeled and added to the pool in order to maintain the 
minimum of at least 2 fulls on hand at all times.  You never want 
to get into the situation where a failed full overwrites the only 
good full you had, thats genuinely 'bad dog, no bisquit' country. 

HTH

-- 
Cheers, Gene
AMD [EMAIL PROTECTED] 320M
[EMAIL PROTECTED]  512M
99.25% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com attornies please note, additions to this message
by Gene Heskett are:
Copyright 2003 by Maurice Eugene Heskett, all rights reserved.

Re: backup plan

[Laas Toom]

On Mon, 31 Mar 2003, Lucia Mazzoni wrote:

> Hi everyone,
> I need a little help to tune a backup plan with Amanda.
> In my company we were used, before Amanda, to have this plan for our
> main servers (each one with a dedicated tape device):
> - a full backup was made every day from monday to friday but
> 1) from monday to thursday tapes were always the same, that is, every
> week they were overwritten
> 2) on friday we had 4 tapes to save a full-backup per week for one
> month. After 4 weeks we selected the oldest tape, put it in a safe place
> (against fire) and took a new one for the backup job.
> We kept 1 tape per month for 6 months and then one every 3 or 6 months.
>
> Now I'd like to maintain the same plan with Amanda and my problem is
> with Friday tapes that I want to "extract" and put away.
>
> I put a tapecycle of 4 tapes on Friday configuration but:
> - How can I maintain the possibility of restore data from the extracted
> tapes? Changing labels every time?

Did i get the plan correctly - after a month the oldest Friday dump of one
tape goest to archive and a new one replaces it?

if this is the case, i think, that you could have the Friday's
 set to
acomodate a lot of numbers (e.g. Friday[0-9][0-9][0-9] for 10-years of
archive - 120 tapes total, i.e. Friday001, Friday076, etc), so that amanda
has enough name-space.
after a month when the archved tape is selected, run command:
amadmin  no-reuse 

which tell's amanda not to reuse this tape anymore and to expect a fresh
tape when this tape's turn comes (i hope that amanda labels the new tape
on the fly, but i wouln'd be sure).

This should keep the data located on the tape still indexed in database
and therefore restorable via amrecover.

another way is to just replace the old tape with new one by simply
amlabeling new one with -f option. Note that this way you no longer can
amrecover from this tape, but have to amrestore instead (this means that
you have to extract whole image from the tape and restore it and only then
you can pick the files you want).

Laas Toom

Re: amrecover - gpg

[Jon LaBadie]

On Mon, Mar 31, 2003 at 10:50:29AM -0800, philo vivero wrote:
> On Mon, 2003-03-31 at 06:24, Jon LaBadie wrote:
> > First, during encryption+compression the compression level is "9".
> > 
> > dump_to_stdout () {
> > # Encrypt it, compress it, and send it on it's way
> > ${gpg_prog} --no-tty -q -e -z 9 -r ${gpg_as} -r ${gpg_as_self} 
> > Second I question the wisdom of the order of encrypt then compress (and
> > uncompress/decrypt).
> 
> There's a compression step before or after thie above statement in the
> script?!?! Take it out! The "-z 9" being passed to gnupg here means that
> gnupg itself compresses the data before encrypting it. (gnupg will still
> compress if you leave off "-z 9" just not at such a high compression
> rate).

No, the script contains no separate compression step during encryption.

But there is a separate decompression setp on recovery.
It is done before decryption.

Because of this I assume that the builtin gpg compression is done after
encryption.  Thus my comments suggesting a compression step be added
before pgp encryption and reversal of the pipeline on recovery.

-- 
Jon H. LaBadie  [EMAIL PROTECTED]
 JG Computing
 4455 Province Line Road(609) 252-0159
 Princeton, NJ  08540-4322  (609) 683-7220 (fax)

Re: amrecover - gpg

[philo vivero]

On Mon, 2003-03-31 at 06:24, Jon LaBadie wrote:
> First, during encryption+compression the compression level is "9".
> 
> dump_to_stdout () {
> # Encrypt it, compress it, and send it on it's way
> ${gpg_prog} --no-tty -q -e -z 9 -r ${gpg_as} -r ${gpg_as_self} 
> Second I question the wisdom of the order of encrypt then compress (and
> uncompress/decrypt).

There's a compression step before or after thie above statement in the
script?!?! Take it out! The "-z 9" being passed to gnupg here means that
gnupg itself compresses the data before encrypting it. (gnupg will still
compress if you leave off "-z 9" just not at such a high compression
rate).

If you're compressing prior to this step, you're gaining nothing because
gnupg uses zlib to compress the data first.

If you're compressing subsequent to this step, you're gaining nothing
because encrypted data doesn't compress.

Moral of the story: don't compress at all if gnupg is in the pipeline of
massaging your data.

-- 
pv
If this helped you, http://svcs.affero.net/rm.php?r=philovivero

FROM DENNIS STEVEN

[dennissteven]

FROM: DENNIS STEVEN
BREDA-THE NETHERLANDS
EMAIL: [EMAIL PROTECTED]

GOOD DAY,
 
YOU MAY BE SURPRISE TO RECEIVE THIS EMAIL FROM ME SINCE YOU DO NOT KNOW ME PERSONALLY.  I MR.DENNIS STEVEN THE FIRST SON OF DR. PATRICK STEVEN WHO WAS RECENTLY MURDERED IN THE LAND DISPUTE IN ZIMBABWE. I WAS FURNISH WITH VIABLE INFORMATION FROM THE WORLD TRADE CENTRE HERE IN AMSTERDAM, THE NETHERLANDS AND DECIDED TO WRITE YOU. 

BEFORE THE DEATH OF MY FATHER, HE HAD TAKEN ME TO JOHANESBURG   TO DEPOSITE THE SUM OF FIFTEEN.FIVE MILLION UNITED STATE DOLLARS (US$30.500.00) IN A SECURITY COMPANY THAT MOVE THIS MONEY DIPLOMATICALY TO
THE NETHERLANDS, AS IF HE FORESAW THE LOOMING DANGER IN ZIMBABWE. THIS MONEY WAS DEPOSITED IN A BOX AS DIPLOMATIC ITEMS OF HIGH VALUE TO REDUCE THE COST OF TRANSPORTATIONAND TO AVOID MUCH DEMURAGE FROM THE SECURITY COMPANY. THIS AMOUNT WAS MEANT FOR THE PURCHASE OF NEW MACHINES AND CHEMICALS FOR FARMS AND ESTABLISHMENT OF NEW FARM IN SWAZILAND. 

THIS LAND PROBLEM CAME WHEN ZIMBABWE PRESIDENT MR. ROBERT MUGABE,INTRODUCED A NEW LAND RESOLUTION THAT WHOLLY AFFECTED RICH FARMERS MAINLY WHITE AND SOME FEW BLACK FARMERS. THIS RESULTED TO THE KILLING AND MOB ACTION BY ZIMBABWE WAR VETERANS AND SOME LUNATICS IN THE SOCIETY.INFACT A LOT OF PEOPLE WERE KILLED BECAUSE OF THIS LAND REFORMED PROGRAM WHICH MY FATHER WAS ONE OF THE VICTIMS. 

IT IS AGAINST THIS BACKGROUND THAT I AM  CURRENTLY STAYING IN AMSTERDAM AS A REFUGEE AND TO SEEK FOR A TRUST WORTHY INDIVIDUAL/FIRM TO ADVICE ME IN
MAKING THE RIGHTFULL INVESTMENT AS WELL AS TO PROVIDE FOREIGN ACCOUNT(S) WHERE THE FUNDS WILL BE LODGE INTO. SINCE THE LAW OF THE NETHERLANDS PROHIBIT A REFUGEE (ASYLUM SEEKER) TO OPEN ACCOUNT OR TO BE INVOLVED IN ANY FINACIAL TRANSACTION. AS THE ELDEST SON OF MY FATHER, I AM SADDLED WITH THE RESPONSIBILITY OF SEEKING A GENUINE FOREIGN ACCOUNT WHERE THIS MONEY COULD BE TRANSFERRED WITHOUT THE KNOWLEDGE OF MY GOVERNMENT WHO ARE BENT ON TAKING EVERYTHING WE HAVE GOT. 

I AM FACED WITH THE DILEMA OF INVESTING THIS AMOUNT OF MONEY IN THE NETHERLANDS FOR THE FEAR OF GOING THROUGH THE SAME EXPERIENCE IN FUTURE SINCE BOTH COUNTRIES HAVE SIMILAR HISTORY. MOREOVER, THE NETHERLANDS FOREIGN EXCHANGE POLICY DOES NOT ALLOW SUCH INVESTMENT FROM ASYLUM SEEKERS.
 
AS REGARDS YOUR COMMISSION/REMUNERATION, I AND MY IMMEDIATE FAMILY HAVE DECIDED TO OFFER YOU 25% OF THE TOTAL SUM IMMIDIATELY AFTER WE CLEARED THE
CONSIGNMENT FROM THE SECURITY COMPANY VAULT AND ALSO SET ASIDE 5% FOR  ALL YOUR EXPENSES (E. I TELEPHONE BILLS, TRAVELLING EXPENSES, HOTEL BILLS AND OTHER MISCELLANEOUS EXPENSES). 

NOTE: I SHALL COMMIT HALF OF MY SHARE OF THE TOTAL SUM INTO A JOINT VENTURE PROJECT PREFERABLY IN THE PURCHASE OF REAL ESTATE OR OTHER PROFITABLE BUSINESS VENTURE. BE ASSURED THAT YOU STAND NO RISK OF ANY KIND. AS SOON AS I GET YOUR CONSENT, I WILL FURNISH YOU WITH THE DETAILS AND CONTACT OF THE SECURITY COMPANY AND A FACE TO FACE MEETING WILL BE ARRANGE IN ORDER TO KNOW EACH OTHER BETTER. 

 PLEASE. CONTACT ME WITH THE ABOVE TELEPHONE NUMBER OR E-MAIL ADDRESS, WHILE I IMPLORE YOU TO MAINTAIN THE ABSOLUTE SECRECY REQUIRED IN THISTRANSACTION.
 
YOURS FAITHFULLY, 

 MR DENNIS STEVEN  

 
 
 



___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net




___
EC Plaza!!!
The world's No.1 B2B site, http://www.ecplaza.net

Re: newbie having trouble with tape labels

[Stephen D. Lane]

On Mon, Mar 31, 2003 at 10:51:55AM -0500, Bill wrote:
> I recently installed amanda on my network to backup a couple of my dev
> boxes.  I understand that a tape must be labelled by amanda to be used
> with the appropriate dump set, but when I follow the instructions in the
> doc, amdump errors out saying that it cannot overwrite the active tape. 
> Does someone have more comprehensive instructions for labelling tapes
> and setting up a run?  My assumption is I am simply misconstruing the
> instructions at some point.
> 
> Thanks
> 
> -b 

Check out:

   http://www.backupcentral.com/amanda-12.html

(and, in general:

   http://www.backupcentral.com/amanda.html

and 

   http://www.amanda.org/

:)


--Steve Lane   /"\
  Doudna Lab   \ /  ASCII Ribbon Campaign
  U. C. BerkeleyX Against HTML Email
   / \

Re: backup plan

[Jon LaBadie]

On Mon, Mar 31, 2003 at 05:31:02PM +0200, Lucia Mazzoni wrote:
> Hi everyone,
> I need a little help to tune a backup plan with Amanda.
> In my company we were used, before Amanda, to have this plan for our 
> main servers (each one with a dedicated tape device):
> - a full backup was made every day from monday to friday but
> 1) from monday to thursday tapes were always the same, that is, every 
> week they were overwritten
> 2) on friday we had 4 tapes to save a full-backup per week for one 
> month. After 4 weeks we selected the oldest tape, put it in a safe place 
> (against fire) and took a new one for the backup job.
> We kept 1 tape per month for 6 months and then one every 3 or 6 months.
> 
> Now I'd like to maintain the same plan with Amanda and my problem is 
> with Friday tapes that I want to "extract" and put away.
> 
> I put a tapecycle of 4 tapes on Friday configuration but:
> - How can I maintain the possibility of restore data from the extracted 
> tapes? Changing labels every time?
> 

I'm guessing some things about your old setup and if wrong forget my idea.

Guesses:
The systems in question do not have tape changers.
It was operator responsibility to see that the correct tape was in the drive.
If the wrong tape was inserted, the previous backup system would just overwrite it.

If that is the case, how about setting tapecycle, dumpcycle, and runspercycle
to one.  Amanda will always take a new tape whose label meets the pattern
and with those settings will reuse any previous tape -- I think.

-- 
Jon H. LaBadie  [EMAIL PROTECTED]
 JG Computing
 4455 Province Line Road(609) 252-0159
 Princeton, NJ  08540-4322  (609) 683-7220 (fax)

Re: newbie having trouble with tape labels

[Jim Summers]

If you are attempting to re-label a tape that has already been labelled
by amlabel, then you might try the amlabel-f .  This will
force it to re-write the label.  

I guess it could also be a problem with the regex in amanda.conf or some
other settings in the same.

HTH



On Mon, 2003-03-31 at 09:51, Bill wrote:
> I recently installed amanda on my network to backup a couple of my dev
> boxes.  I understand that a tape must be labelled by amanda to be used
> with the appropriate dump set, but when I follow the instructions in the
> doc, amdump errors out saying that it cannot overwrite the active tape. 
> Does someone have more comprehensive instructions for labelling tapes
> and setting up a run?  My assumption is I am simply misconstruing the
> instructions at some point.
> 
> Thanks
> 
> -b 
> 
> 
> 
> 

Re: newbie having trouble with tape labels

[Joshua Baker-LePain]

On 31 Mar 2003 at 10:51am, Bill wrote

> I recently installed amanda on my network to backup a couple of my dev
> boxes.  I understand that a tape must be labelled by amanda to be used
> with the appropriate dump set, but when I follow the instructions in the
> doc, amdump errors out saying that it cannot overwrite the active tape. 
> Does someone have more comprehensive instructions for labelling tapes
> and setting up a run?  My assumption is I am simply misconstruing the
> instructions at some point.

An exact list of what you did and the results would be helpful...

-- 
Joshua Baker-LePain
Department of Biomedical Engineering
Duke University

newbie having trouble with tape labels

[Bill]

I recently installed amanda on my network to backup a couple of my dev
boxes.  I understand that a tape must be labelled by amanda to be used
with the appropriate dump set, but when I follow the instructions in the
doc, amdump errors out saying that it cannot overwrite the active tape. 
Does someone have more comprehensive instructions for labelling tapes
and setting up a run?  My assumption is I am simply misconstruing the
instructions at some point.

Thanks

-b 

Re: Amanda TCP Reset Problem with CygWin

[Enrico Bernardini]

Brian White wrote:
> 
> > use configure with --pid-debug-files if you want and
> > look at sendbackup.debug and runtar.debug (or something like these).
> 
> Hmmm...  I have debug files in /tmp/amanda/.  This creates more of them?
> 

This creates a log file name with pid extention. In test phase you can
see how many times a process runs...

> > Did you apply my gnu tar patch?
> 
> No.  Which patch was that?  Too many things on the go, I'm afraid.

The incremental-patch you can find near the other. But it helps during
incremental backups (with read-errors like files/dirs without rights)
> 
> > YES! I got it!
> > The problem is inside windows socket implementation.
> > Nothing to be done:
> 
> Ahh...  The dreaded "closing a socket doesn't delay until all data has been
> sent and ACK'd problem"?  Is that it?  I'm familiar with that because it
> was a problem within the TCP/IP stack I wrote for our own products.  :-)
> 
Yep, I think so.

> > You have to apply my patch to server's dumper.c also.
> > I forgot to add this step in the documentation. Sorry.
> 
> Eeek!  Any other alternatives?  I'd prefer to avoid changing the source
> code on the servers.

So I...

> 
> > Look at my earlier post:
> > http://www.cygwin.com/ml/cygwin/2001-12/msg00524.html (that solution was
> > not right!)
> 
> Why did a pause at the end of the process not work?  Or did it just not
> work reliably?
> 

I don't remeber well, but I think the windows "close socket" does not
send a "goodbye" nessage... never...
Or it goes lost:
+  /* A bug in the Windows TCP/IP implementation, which is not
+ yet worked around in Cygwin (such a workaround is very
+ difficult), causes the goodbye message to be lost if the
+ process sending it exits before it's read by the other
+ end.  Since this message doesn't contain any useful
+ information anyway, it is safe for us to just not read it
+ to avoid this problem. */

Try adding a sleep _before_ the close call in aclose define (amanda.h)
and let me know.

> > Here you have the dumper.c patch extracted from amanda-2.4.2p2.patch.
> >
> > A cup of coffe to me, please :)
> 
> Sure thing.  I've sent it FedEx to you.  I didn't have any lids, though...
> I hope that's okay.

:)

backup plan

[Lucia Mazzoni]

Hi everyone,
I need a little help to tune a backup plan with Amanda.
In my company we were used, before Amanda, to have this plan for our 
main servers (each one with a dedicated tape device):
- a full backup was made every day from monday to friday but
1) from monday to thursday tapes were always the same, that is, every 
week they were overwritten
2) on friday we had 4 tapes to save a full-backup per week for one 
month. After 4 weeks we selected the oldest tape, put it in a safe place 
(against fire) and took a new one for the backup job.
We kept 1 tape per month for 6 months and then one every 3 or 6 months.

Now I'd like to maintain the same plan with Amanda and my problem is 
with Friday tapes that I want to "extract" and put away.

I put a tapecycle of 4 tapes on Friday configuration but:
- How can I maintain the possibility of restore data from the extracted 
tapes? Changing labels every time?

Thank you very much in advance for your help.

greetings
Lucia
--
Lucia Mazzoni
ASTER Scienza Tecnologia Impresa - S.Cons.p.a.
Area di Ricerca di Bologna
Via Gobetti 101 -  I-40129 Bologna
Tel +39 051 6398099 Fax +39 051 6398131
http://www.aster.it

Re: Mailreport debugging

[Jean-Francois Malouin]

* Jon LaBadie ([EMAIL PROTECTED]) [20030331 10:26] thus spake:
> On Mon, Mar 31, 2003 at 03:39:04PM +0200, Mats Blomstrand wrote:
> > > In amanda.conf, set "mailto" to "[EMAIL PROTECTED]" ...
> > 
> > Yes, i know about that option. But that is not the problem that i have.
> > Sorry for being inprecise.
> > 
> > I would like to tell amanda to disguise as a valid user, ie myself.
> > Is there any options that i can give to amanda so it uses these headers
> > 
> > To: [EMAIL PROTECTED]
> > From: [EMAIL PROTECTED]
> > 
> > instead of
> > 
> > To: [EMAIL PROTECTED]
> > From: [EMAIL PROTECTED]
> 
> I thought that was what you meant but was surprised.
> I don't know of any way to :) lie about who amanda is.
> 
> What if you login as amanda on the tapehost.
> Can you send mail to users local to the tapehost?
> Can you send mail to users on other systems?
> If logged in as another user, not amanda, can mail be sent?
> 
> > Or should i try to fiddling with sendmail on tapeserver (ie, localhost)?
> > (I dont have access to the central mailserver and im forced to use it)
> > 
> > Any suggestions are welcome. Thank you!
> 
> Sendmail configuration would be my guess.  Maybe the combination of
> the Cw and Dj parameters must be adjusted.  I never see mail from
> "localhost" even if sent to myself.  Perhaps it is because I have
> set my sendmail to "masquerade" as just the domain, hiding the
> specific system hostname.

Read about genericstable and virtusertable in the sendmail doc.
They allow for users names mapping. Edit your m4 mc file and add:

FEATURE(`genericstable')dnl
FEATURE(`virtusertable')dnl

Depending on if you have 'always_add_domain' featured or not you might
have to add the domain to the users addresses, eg in my case:

virtusertable:
[EMAIL PROTECTED] malin

genericstable:
malin   [EMAIL PROTECTED]

HTH,
jf

> 
> 
> -- 
> Jon H. LaBadie  [EMAIL PROTECTED]
>  JG Computing
>  4455 Province Line Road(609) 252-0159
>  Princeton, NJ  08540-4322  (609) 683-7220 (fax)

-- 
Patriotism is the virtue of the vicious.

FreeBSD->Linux migration problem

[Yura Pismerov]

Did anybody migrate Amanda server from FreeBSD to Linux ?
I can't read old tapes (that were written on FreeBSD).


If I load a tape with amtape:

amtape: could not rewind Input/output error: tape_rewind: tape open:
Input/output error: No such file or directoryamtape: changed to slot
/dev/nst1: on Input/output error

If I try to read the tape with dd:

[EMAIL PROTECTED] amanda]$ dd if=/dev/nst1 bs=32k count=1
dd: reading `/dev/nst1': Input/output error
0+0 records in
0+0 records out

If I try mt status:

[EMAIL PROTECTED] scripts]$ mt -f /dev/nst1 status
SCSI 2 tape drive:
File number=0, block number=0, partition=0.
Tape block size 512 bytes. Density code 0x31 (AIT-2).
Soft error count since last status=0
General status bits on (4101):
 BOT ONLINE IM_REP_EN


What is wrong ? Does Linux handle tapes differently ?
The only way I could get it to work is re-label (amlabel). 
Does it mean that I can't read tapes that were written on FreeBSD system
?




Laas Toom wrote:
> 
> On Fri, 28 Mar 2003, Toomas Aas wrote:
> 
> > > From:  Scott Lambert <[EMAIL PROTECTED]>
> >
> > > On Thu, Mar 27, 2003 at 11:15:52AM +0200, Toomas Aas wrote:
> > > > Hello!
> > > >
> > > > My Amanda server is running 2.4.3b4. Three days ago I upgraded the
> > > > operating system from FreeBSD 4.7-RELEASE-p6 to 4.7-RELEASE-p9. This is
> > > > really just some security patches to sendmail, libc and openssl. Since
> > > > the upgrade Amanda thinks that all the backup tapes that were written
> > > > before the upgrade are "not Amanda tapes".
> > > >
> > > > After I re-label the tape, Amanda agrees to write the backup to it and
> > >
> > > Could the compression bit have been toggled in you tape drive?
> >
> > This doesn't seem to be the case. I checked after loading the next tape
> > today and the compression settings are what they've always been.
> >
> > Also, (say hello to mr. Murphy) the problem doesn't seem to exist at
> > all with todays tape. After loading it I checked the Amanda label with
> > dd as recommended by Gerhard den Hollander in another message and it
> > looked OK. Amcheck was also happy with the tape. Maybe it was just some
> > weird random problem with a couple of tapes.
> > --
> > Toomas Aas | [EMAIL PROTECTED] | http://www.raad.tartu.ee/~toomas/
> > * War doesn't determine who's right. War determines who's left.
> >
> 
> The weirdest thing - my problem disappeared too in few tapes. Maybe it
> has something to do with the amcheck ran before amdump (but that does not
> explain why the problem disappeared at all, even for tapes that did not
> get amchecked before amdump).
> 
> So as far as i can see - running amcheck once eliminates the problem for
> ever. :|
> 
> Laas Toom

Re: Mailreport debugging

[Jon LaBadie]

On Mon, Mar 31, 2003 at 03:39:04PM +0200, Mats Blomstrand wrote:
> > In amanda.conf, set "mailto" to "[EMAIL PROTECTED]" ...
> 
> Yes, i know about that option. But that is not the problem that i have.
> Sorry for being inprecise.
> 
> I would like to tell amanda to disguise as a valid user, ie myself.
> Is there any options that i can give to amanda so it uses these headers
> 
>   To: [EMAIL PROTECTED]
>   From: [EMAIL PROTECTED]
> 
> instead of
> 
>   To: [EMAIL PROTECTED]
>   From: [EMAIL PROTECTED]

I thought that was what you meant but was surprised.
I don't know of any way to :) lie about who amanda is.

What if you login as amanda on the tapehost.
Can you send mail to users local to the tapehost?
Can you send mail to users on other systems?
If logged in as another user, not amanda, can mail be sent?

> Or should i try to fiddling with sendmail on tapeserver (ie, localhost)?
> (I dont have access to the central mailserver and im forced to use it)
> 
> Any suggestions are welcome. Thank you!

Sendmail configuration would be my guess.  Maybe the combination of
the Cw and Dj parameters must be adjusted.  I never see mail from
"localhost" even if sent to myself.  Perhaps it is because I have
set my sendmail to "masquerade" as just the domain, hiding the
specific system hostname.


-- 
Jon H. LaBadie  [EMAIL PROTECTED]
 JG Computing
 4455 Province Line Road(609) 252-0159
 Princeton, NJ  08540-4322  (609) 683-7220 (fax)

Re: Amanda TCP Reset Problem with CygWin

[Brian White]

> use configure with --pid-debug-files if you want and
> look at sendbackup.debug and runtar.debug (or something like these).

Hmmm...  I have debug files in /tmp/amanda/.  This creates more of them?


> Did you apply my gnu tar patch?

No.  Which patch was that?  Too many things on the go, I'm afraid.


> YES! I got it!
> The problem is inside windows socket implementation.
> Nothing to be done:

Ahh...  The dreaded "closing a socket doesn't delay until all data has been
sent and ACK'd problem"?  Is that it?  I'm familiar with that because it
was a problem within the TCP/IP stack I wrote for our own products.  :-)


> You have to apply my patch to server's dumper.c also.
> I forgot to add this step in the documentation. Sorry.

Eeek!  Any other alternatives?  I'd prefer to avoid changing the source
code on the servers.


> Look at my earlier post:
> http://www.cygwin.com/ml/cygwin/2001-12/msg00524.html (that solution was
> not right!)

Why did a pause at the end of the process not work?  Or did it just not
work reliably?


> Here you have the dumper.c patch extracted from amanda-2.4.2p2.patch.
>
> A cup of coffe to me, please :)

Sure thing.  I've sent it FedEx to you.  I didn't have any lids, though...
I hope that's okay.


> Are you going to publish your own porting steps or would you like modify
> my own?

I'll see what I can write up.  (once everything actually works, of course)


> Brian White wrote:
> >
> > Well, after several weeks of on-again, off-again work on this, I've got
> > Amanda behaving pretty well under CygWin.  I've applied Enrico's patches
> > for v2.4.2 to v2.4.3 and it seems to run just fine.
> >
> > However, when the run completes, the CygWin amanda client completes, it
> > resets the TCP connection instead of closing it properly and thus the
> > server fails with the error "data read: Connection reset by peer".

  Brian
 ( [EMAIL PROTECTED] )

---
  Do, or do not.  There is no "try".  -- Yoda

Re: amrecover - gpg

[Jon LaBadie]

On Mon, Mar 31, 2003 at 02:05:01PM +0200, Nicki Messerschmidt wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Hi all,
> I just finished my amanda - gpg setup and now I'm capable of backup
> files and restoring files (even with amrecover!).
> For thos who are curious how I did it I provide short step-by-step
> instructions:
   ...
> 6. configure source with: GZIP=/gpgzip [as attached] ./configure
   ...


I've seen that script before and had a couple of thoughts regarding it.
As I don't have gpg running I've been unable (disinclined?) to check them.


First, during encryption+compression the compression level is "9".

dump_to_stdout () {
# Encrypt it, compress it, and send it on it's way
${gpg_prog} --no-tty -q -e -z 9 -r ${gpg_as} -r ${gpg_as_self} 
   ^

This is the highest compression level, corresponding to "BEST" in a dumptype.
BEST compression may place a heavy cpu burden on the system, particularly
with the added, simultaneous burden of encryption.



Second I question the wisdom of the order of encrypt then compress (and
uncompress/decrypt).  I'm guessing here, but I assume the output of an
encrytion scheme is relatively random.  If so, as "we all know from 
tapetype reports :)", random data does not compress very well.  It may
be best to compress first and then encrypt.  This would require the
"dump_to_stdout" to be a pipeline similar to "restore_from_stdin" and
the order of the restore pipeline be reversed.

An added advantage to splitting the command into a pipeline is that the
compression flags used by amanda (including compression levels specified
in the dumptype) could be applied to gzip.


The third thing also deals with the order of compress/encrypt.  Standard
unix is supplied with an encryption program crypt(1).  This uses a not
so state of the art algorithm, but was considered pretty good by the
Germans in WWII ;)  One known method of guessing the passkey for that
algorithm depends on knowing the original structure of the encrypted
data (all ascii, structured headers, ...).  Amanda dump files fall into
such a category.  One way to complicate such an attack is to compress
the data before encrypting causing it to loose its original structure
and require the attacker to try to uncompress the data after each guess
of a passkey.  I do not know if pgp is vulnerable to any similar attacks,
but if so, compressing first may make the data more secure.


Just some thoughts dreged up from old memory cells upon seeing the script again.


jl
-- 
Jon H. LaBadie  [EMAIL PROTECTED]
 JG Computing
 4455 Province Line Road(609) 252-0159
 Princeton, NJ  08540-4322  (609) 683-7220 (fax)

Re: Mailreport debugging

[Mats Blomstrand]

> In amanda.conf, set "mailto" to "[EMAIL PROTECTED]" ...

Yes, i know about that option. But that is not the problem that i have.
Sorry for being inprecise.

I would like to tell amanda to disguise as a valid user, ie myself.
Is there any options that i can give to amanda so it uses these headers

To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]

instead of

To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]

?
Or should i try to fiddling with sendmail on tapeserver (ie, localhost)?
(I dont have access to the central mailserver and im forced to use it)

Any suggestions are welcome. Thank you!
//Mats

Re: 'not an Amanda tape' after FreeBSD upgrade

[Laas Toom]

On Fri, 28 Mar 2003, Toomas Aas wrote:

> > From:  Scott Lambert <[EMAIL PROTECTED]>
>
> > On Thu, Mar 27, 2003 at 11:15:52AM +0200, Toomas Aas wrote:
> > > Hello!
> > >
> > > My Amanda server is running 2.4.3b4. Three days ago I upgraded the
> > > operating system from FreeBSD 4.7-RELEASE-p6 to 4.7-RELEASE-p9. This is
> > > really just some security patches to sendmail, libc and openssl. Since
> > > the upgrade Amanda thinks that all the backup tapes that were written
> > > before the upgrade are "not Amanda tapes".
> > >
> > > After I re-label the tape, Amanda agrees to write the backup to it and
> >
> > Could the compression bit have been toggled in you tape drive?
>
> This doesn't seem to be the case. I checked after loading the next tape
> today and the compression settings are what they've always been.
>
> Also, (say hello to mr. Murphy) the problem doesn't seem to exist at
> all with todays tape. After loading it I checked the Amanda label with
> dd as recommended by Gerhard den Hollander in another message and it
> looked OK. Amcheck was also happy with the tape. Maybe it was just some
> weird random problem with a couple of tapes.
> --
> Toomas Aas | [EMAIL PROTECTED] | http://www.raad.tartu.ee/~toomas/
> * War doesn't determine who's right. War determines who's left.
>


The weirdest thing - my problem disappeared too in few tapes. Maybe it
has something to do with the amcheck ran before amdump (but that does not
explain why the problem disappeared at all, even for tapes that did not
get amchecked before amdump).

So as far as i can see - running amcheck once eliminates the problem for
ever. :|

Laas Toom

Re: Mailreport debugging

[Matt Hyclak]

On Mon, Mar 31, 2003 at 01:19:56PM +0200, Mats Blomstrand enlightened us:
> Im almost there now! Thanks for all help everyone!
> 
> How are amanda sending the mail-reports? Is there a way to configure
> how it does?
> 
> My problem is that it i want it to send reports to "[EMAIL PROTECTED]".
> The sendmail on tapeserver is configured to talk to an central
> mailserver. That mailserver refuses to accept mail if it cant resolve
> the sender, and there is no "[EMAIL PROTECTED]" on that machine.
> 
> Any suggestions?

See "mailto" in your amanda.conf.

Matt

-- 
Matt Hyclak
Department of Mathematics
Ohio University
(740) 593-1263


pgp0.pgp
Description: PGP signature

Re: amrecover - gpg

[Nicki Messerschmidt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Nicki Messerschmidt wrote:
> 6. configure source with: GZIP=/gpgzip [as attached]
> ./configure 
... o.k. here is the attachement...


Cheers
Nicki

- -- 
Linksystem Muenchen GmbH  [EMAIL PROTECTED]
Schloerstrasse 10   http://www.link-m.de
80634 Muenchen  Tel. 089 / 890 518-0
We make the Net work.   Fax 089 / 890 518-77

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.3 for non-commercial use 
Comment: Keys at: https://www.link-m.de/pgp

iQA/AwUBPogoWes1nPm17iBDEQLpywCeLxj0ETzE3TjbwYFGz5TjNwzt43YAn3/h
woksCihf3oJ+FrSVOIci11Mg
=eZaA
-END PGP SIGNATURE-


gpgzip
Description: Binary data

Re: amrecover - gpg

[Nicki Messerschmidt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi all,
I just finished my amanda - gpg setup and now I'm capable of backup
files and restoring files (even with amrecover!).
For thos who are curious how I did it I provide short step-by-step
instructions:
1. get and extract source
2. create operator key
3. create root key
4. put operator passphrase to ~/.gnupg/.pass (beware: this is _not_
recommended, but needed for amrecover)
5. import root-public-key into operator-key-ring and vice versa
6. configure source with: GZIP=/gpgzip [as attached] ./configure
...
7. install
8. setup amanda
9. make backup
10. check if your index files are encrypted by unzipping and lessing
them...
11. check if amrecover works


Happy gpg'ing
Nicki

- -- 
Linksystem Muenchen GmbH  [EMAIL PROTECTED]
Schloerstrasse 10   http://www.link-m.de
80634 Muenchen  Tel. 089 / 890 518-0
We make the Net work.   Fax 089 / 890 518-77

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.3 for non-commercial use 
Comment: Keys at: https://www.link-m.de/pgp

iQA/AwUBPogg3es1nPm17iBDEQKzOQCg4+hCusCvXqNjoIWcVdb26UQtyVoAn0+0
SnGrNWPXXx4eawRjQCN2rLrK
=iZNF
-END PGP SIGNATURE-

Re: Mailreport debugging

[Stephen Carville]

On Monday 31 March 2003 03:19 am, Mats Blomstrand wrote:
> Im almost there now! Thanks for all help everyone!
> 
> How are amanda sending the mail-reports? Is there a way to configure
> how it does?
> 
> My problem is that it i want it to send reports to "[EMAIL PROTECTED]".
> The sendmail on tapeserver is configured to talk to an central
> mailserver. That mailserver refuses to accept mail if it cant 
resolve
> the sender, and there is no "[EMAIL PROTECTED]" on that machine.
> 
> Any suggestions?

In amanda.conf, set "mailto" to "[EMAIL PROTECTED]" ...

-- 
Stephen Carville http://www.heronforge.net/~stephen/gnupgkey.txt
===
You have the right to remain helpless. Should you give up this right, 
anything you do will be used against you in a court of law. You have 
the right to an assailant. If you cannot find one yourself, the court 
will release one for you.

Mailreport debugging

[Mats Blomstrand]

Im almost there now! Thanks for all help everyone!

How are amanda sending the mail-reports? Is there a way to configure
how it does?

My problem is that it i want it to send reports to "[EMAIL PROTECTED]".
The sendmail on tapeserver is configured to talk to an central
mailserver. That mailserver refuses to accept mail if it cant resolve
the sender, and there is no "[EMAIL PROTECTED]" on that machine.

Any suggestions?
//Mats

Re: Amanda TCP Reset Problem with CygWin

[Enrico Bernardini]

YES! I got it!
The problem is inside windows socket implementation.
Nothing to be done:
You have to apply my patch to server's dumper.c also.
I forgot to add this step in the documentation. Sorry.
Look at my earlier post:
http://www.cygwin.com/ml/cygwin/2001-12/msg00524.html (that solution was
not right!)

Here you have the dumper.c patch extracted from amanda-2.4.2p2.patch.

A cup of coffe to me, please :)

Are you going to publish your own porting steps or would you like modify
my own?

Enrico

diff -rup amanda-2.4.2p2.orig/server-src/dumper.c
amanda-2.4.2p2/server-src/dumper.c
--- amanda-2.4.2p2.orig/server-src/dumper.c Tue Mar 20 00:21:08 2001
+++ amanda-2.4.2p2/server-src/dumper.c  Mon Jan 14 12:10:04 2002
@@ -1223,9 +1223,15 @@ int mesgfd, datafd, indexfd, outfd;
size1 = read(datafd, dataptr, spaceleft);
switch(size1) {
case -1:
+if (errno == ECONNRESET)
+   {
+   size1=0;
+   log_add(L_WARNING,"data read: %s. The backup is
corrupt if not coming from Windows/Cygnus client
only",strerror(ECONNRESET));
+   }
+   else { 
errstr = newstralloc2(errstr, "data read: ",
strerror(errno));
rc = 2;
-   goto failed;
+   goto failed;}
case 0:
if(update_dataptr(outfd, size1, 1)) {
rc = 2;





Brian White wrote:
> 
> Well, after several weeks of on-again, off-again work on this, I've got
> Amanda behaving pretty well under CygWin.  I've applied Enrico's patches
> for v2.4.2 to v2.4.3 and it seems to run just fine.
> 
> However, when the run completes, the CygWin amanda client completes, it
> resets the TCP connection instead of closing it properly and thus the
> server fails with the error "data read: Connection reset by peer".
> 
> Here is the tcpdump of the session.  The XP machine is "watertown" and
> the server is "tolkien".
> 
> 20:07:04.675952 tolkien.ott.precidia.com.898 > watertown.ott.precidia.com.amanda:  
> udp 296 (DF)
> 20:07:04.917385 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.898:  
> udp 50
> 20:07:05.876973 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.898:  
> udp 85
> 20:07:05.877362 tolkien.ott.precidia.com.898 > watertown.ott.precidia.com.amanda:  
> udp 50 (DF)
> 20:25:23.573832 tolkien.ott.precidia.com.901 > watertown.ott.precidia.com.amanda:  
> udp 323 (DF)
> 20:25:23.808420 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.901:  
> udp 50
> 20:25:24.104053 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.901:  
> udp 232
> 20:25:24.104409 tolkien.ott.precidia.com.901 > watertown.ott.precidia.com.amanda:  
> udp 50 (DF)
> 20:25:24.106066 tolkien.ott.precidia.com.3291 > watertown.ott.precidia.com.782: S 
> 2770461836:2770461836(0) win 5840  0> (DF)
> 20:25:24.106719 watertown.ott.precidia.com.782 > tolkien.ott.precidia.com.3291: S 
> 1488495206:1488495206(0) ack 2770461837 win 17520  0,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
> 20:25:24.106821 tolkien.ott.precidia.com.3291 > watertown.ott.precidia.com.782: . 
> ack 1 win 5840  (DF)
> 20:25:24.108097 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: S 
> 2782800686:2782800686(0) win 5840  0> (DF)
> 20:25:24.108744 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: S 
> 1488548459:1488548459(0) ack 2782800687 win 17520  0,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
> 20:25:24.108835 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 1 win 5840  (DF)
> 20:25:24.109919 tolkien.ott.precidia.com.3293 > watertown.ott.precidia.com.784: S 
> 2782309519:2782309519(0) win 5840  0> (DF)
> 20:25:24.110570 watertown.ott.precidia.com.784 > tolkien.ott.precidia.com.3293: S 
> 1488716333:1488716333(0) ack 2782309520 win 17520  0,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
> 20:25:24.110672 tolkien.ott.precidia.com.3293 > watertown.ott.precidia.com.784: . 
> ack 1 win 5840  (DF)
> 20:25:24.117646 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 1:72(71) ack 1 win 17520  (DF)
> 20:25:24.117787 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 72 win 5840  (DF)
> 20:25:24.200843 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 72:109(37) ack 1 win 17520  (DF)
> 20:25:24.200988 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 109 win 5840  (DF)
> 20:25:24.201879 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 109:236(127) ack 1 win 17520  (DF)
> 20:25:24.201931 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 236 win 5840  (DF)
> 20:25:24.779303 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 236:278(42) ack 1 win 17520  (DF)
> 20:25:24.779460 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 278 win 5840  (DF)
> 20:25:24.975184 w

Re: Amanda TCP Reset Problem with CygWin

[Enrico Bernardini]

Hi Brian,
use configure with --pid-debug-files if you want and
look at sendbackup.debug and runtar.debug (or something like these).
I just catched [data read: Connection reset by peer] error but I don't
remember the solution.
Send me runtar.debug please.
Did you apply my gnu tar patch?

Enrico

Brian White wrote:
> 
> Well, after several weeks of on-again, off-again work on this, I've got
> Amanda behaving pretty well under CygWin.  I've applied Enrico's patches
> for v2.4.2 to v2.4.3 and it seems to run just fine.
> 
> However, when the run completes, the CygWin amanda client completes, it
> resets the TCP connection instead of closing it properly and thus the
> server fails with the error "data read: Connection reset by peer".
> 
> Here is the tcpdump of the session.  The XP machine is "watertown" and
> the server is "tolkien".
> 
> 20:07:04.675952 tolkien.ott.precidia.com.898 > watertown.ott.precidia.com.amanda:  
> udp 296 (DF)
> 20:07:04.917385 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.898:  
> udp 50
> 20:07:05.876973 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.898:  
> udp 85
> 20:07:05.877362 tolkien.ott.precidia.com.898 > watertown.ott.precidia.com.amanda:  
> udp 50 (DF)
> 20:25:23.573832 tolkien.ott.precidia.com.901 > watertown.ott.precidia.com.amanda:  
> udp 323 (DF)
> 20:25:23.808420 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.901:  
> udp 50
> 20:25:24.104053 watertown.ott.precidia.com.amanda > tolkien.ott.precidia.com.901:  
> udp 232
> 20:25:24.104409 tolkien.ott.precidia.com.901 > watertown.ott.precidia.com.amanda:  
> udp 50 (DF)
> 20:25:24.106066 tolkien.ott.precidia.com.3291 > watertown.ott.precidia.com.782: S 
> 2770461836:2770461836(0) win 5840  0> (DF)
> 20:25:24.106719 watertown.ott.precidia.com.782 > tolkien.ott.precidia.com.3291: S 
> 1488495206:1488495206(0) ack 2770461837 win 17520  0,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
> 20:25:24.106821 tolkien.ott.precidia.com.3291 > watertown.ott.precidia.com.782: . 
> ack 1 win 5840  (DF)
> 20:25:24.108097 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: S 
> 2782800686:2782800686(0) win 5840  0> (DF)
> 20:25:24.108744 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: S 
> 1488548459:1488548459(0) ack 2782800687 win 17520  0,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
> 20:25:24.108835 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 1 win 5840  (DF)
> 20:25:24.109919 tolkien.ott.precidia.com.3293 > watertown.ott.precidia.com.784: S 
> 2782309519:2782309519(0) win 5840  0> (DF)
> 20:25:24.110570 watertown.ott.precidia.com.784 > tolkien.ott.precidia.com.3293: S 
> 1488716333:1488716333(0) ack 2782309520 win 17520  0,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
> 20:25:24.110672 tolkien.ott.precidia.com.3293 > watertown.ott.precidia.com.784: . 
> ack 1 win 5840  (DF)
> 20:25:24.117646 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 1:72(71) ack 1 win 17520  (DF)
> 20:25:24.117787 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 72 win 5840  (DF)
> 20:25:24.200843 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 72:109(37) ack 1 win 17520  (DF)
> 20:25:24.200988 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 109 win 5840  (DF)
> 20:25:24.201879 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 109:236(127) ack 1 win 17520  (DF)
> 20:25:24.201931 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 236 win 5840  (DF)
> 20:25:24.779303 watertown.ott.precidia.com.783 > tolkien.ott.precidia.com.3292: P 
> 236:278(42) ack 1 win 17520  (DF)
> 20:25:24.779460 tolkien.ott.precidia.com.3292 > watertown.ott.precidia.com.783: . 
> ack 278 win 5840  (DF)
> 20:25:24.975184 watertown.ott.precidia.com.784 > tolkien.ott.precidia.com.3293: P 
> 1:356(355) ack 1 win 17520  (DF)
> 20:25:24.975286 tolkien.ott.precidia.com.3293 > watertown.ott.precidia.com.784: . 
> ack 356 win 6432  (DF)
> 20:25:25.118320 watertown.ott.precidia.com.782 > tolkien.ott.precidia.com.3291: . 
> 1:1449(1448) ack 1 win 17520  (DF)
> 20:25:25.119444 tolkien.ott.precidia.com.3291 > watertown.ott.precidia.com.782: . 
> ack 1449 win 8688  (DF)
> 20:25:25.119382 watertown.ott.precidia.com.782 > tolkien.ott.precidia.com.3291: . 
> 1449:2897(1448) ack 1 win 17520  (DF)
> 20:25:25.119759 tolkien.ott.precidia.com.3291 > watertown.ott.precidia.com.782: . 
> ack 2897 win 11584  (DF)
> 20:25:25.121090 watertown.ott.precidia.com.782 > tolkien.ott.precidia.com.3291: P 
> 2897:3278(381) ack 1 win 17520  (DF)
> 20:25:25.121190 tolkien.ott.precidia.com.3291 > watertown.ott.precidia.com.782: . 
> ack 3278 win 14480  (DF)
>vvv
> 20:25:25.230050 watertown.ott.precidia.com.784 > tolkien.ott.precidia.com.3293: R 
> 1488716689:1488716689(0) win 0 (DF)
>