tape speed
I inherited a tapetype definition from an email message to this group for an SDLT drive. In it, it lists the tape speed as 2377 kps. Someone mentioned that this seemed slow. Last nights backup report says that the average write rate was STATISTICS: Total Full Daily Avg Tp Write Rate (k/s) 7052.3 7050.6 8238.1 Is it safe to bump this number up to 8238 in my config? JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King
RE: maybe this is a dumb question
My policy is to never restore files in place. I always restore to a temporary location and ask the owner to copy the file into place. That avoids any stickiness. I remember a case where someone asked to have a file restored, but it was only to do a diff. The restore was done in place, so afterwards they had the old file, but the new file was gone, which was not an improvement. So this policy protects against stupidity and malice. JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King -Original Message- From: Jay Lessert [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2003 1:15 PM To: Chris Barnes Cc: [EMAIL PROTECTED] Subject: Re: maybe this is a dumb question On Tue, Aug 26, 2003 at 10:34:49AM -0500, Chris Barnes wrote: The concern is that when a restore is run, the softlink to the /usr/bin directory will be recreated, then the file will be restored into that directory, overwriting the file that is supposed to be there (ie. creating a security issue). 1) Is this possible, or does Amanda already do something to prevent this? Chris, Give your student worker a cookie (or a beer if they're old enough). Though this isn't a new exploit technique, it sure looks to me like if one: - Uses 'program DUMP' - Uses amrecover Then your proposed exploit would work. extract_files_child() in extract_list.c just calls 'restore x', and I just tested that ufsrestore (Solaris) will behave exactly as you describe. If instead you run: amrestore | ufsrestore r you're safe, though this is not so convenient for partial restores. :-) I did not test from inside amrecover; if there is deep magic there I am missing, I'd like to hear about it. From an Amanda point of view, this is an issue with 'program', not with Amanda, of course. I did not test 'tar -xpG' (that's how amrecover calls GNU tar). 2) If it is possbile, are there any security considerations we need to take into consideration when running backups or restore jobs? Yes. :-) I'm *really* glad I don't admin a student or ISP environment! If I did, I would tripwire everything, I guess. - Jay Lessert [EMAIL PROTECTED] Accelerant Networks Inc. (voice)1.503.439.3461 Beaverton OR, USA(fax)1.503.466.9472
decompression
It seems that amrestore decompressed my file for me. Thats nice, but it was compressed on the client, so I would think that I should decompress it on the client also, just in case there is some platform idiosyncrasy I dont think its a problem for me right now. Im just curious as to why it is done this way. JLm Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
strange output
I have added a wrapper to /sbin/dump to lock and unlock my vobs. The output from my script (which I send to stderr) is flagged by Amanda as strange output, for example FAILED AND STRANGE DUMP DETAILS: /-- lux2 sda5 lev 1 STRANGE sendbackup: start [lux2:sda5 level 1] sendbackup: info BACKUP=/sbin/dump sendbackup: info RECOVER_CMD=/bin/gzip -dc |/sbin/restore -f... - sendbackup: info COMPRESS_SUFFIX=.gz sendbackup: info end ? SUDO: /vobs/admin ? SUDO: Locked versioned object base /vobs/admin. ? SUDO: /vobs/client ? SUDO: Locked versioned object base /vobs/client Is there a way to tell Amanda that these lines are expected? Even better would be to tell her that they are required, but I know thats a bit much to ask, as it would have to be on a per filesystem basis. I plan to update my script to look like this in an attempt to fool Amanda into thinking its legit output: sudo -u ccadmin ~ccadmin/lockvobs 21 | perl -n -e 'print DUMP: $_;' 2 so that every line will start with DUMP: but this feels like a hack. Any comments? JLM P.S. The worst thing about viruses is the amount of time and bandwidth people spend complaining about them. JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
RE: backing up only local filesystems
Perhaps you are concerned that Amanda treats the local system the same as the others and that the traffic may be going down the network stack and getting looped backed up? Why are you worried about this? More and more unix software is built this way (X windows for one), so why should we be worried that Amanda works this way also? JLM PS...why can't people turn off vacation notices for mail sent to a list? Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King -Original Message- From: Albert Hopkins [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2003 2:49 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: backing up only local filesystems On Thu, 2003-07-31 at 11:45, [EMAIL PROTECTED] wrote: hello, I only want to back up local filesystems... How can I bypass amanda from going through the network to backup the filesystem that are just local to the amanda server anyway? Am I missing something? Can't you just remove the remote filesystems from disklist in your amanda configuration so that it doesn't back them up? -- Albert Hopkins [EMAIL PROTECTED] Laboratory Corporation of America
sdlt versus DLT library
Im using a DLT IV tape drive now (one tape a night), but its not big enough. I have 70GB partitions and when they get full, Ill have problems. If I switch to a DLT tape library (8x40GB), will that solve my problem? Will Amanda split backup across two tapes? Or should I just get a SDLT tape drive (160GB)? JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
RE: FW: selfcheck hangs
no, the list was no help. The problem was that the client had nfs-mounted a disk that was no longer on the net, so anything that iterated over mounts (like df) was hanging. That is probably why reboot solve it. I don't allow key machines to be nfs clients anymore. JLM -Original Message- From: Steven M. Wilson [mailto:[EMAIL PROTECTED] Sent: Wed 6/18/2003 2:32 PM To: Jeremy L. Mordkoff Cc: Subject:Re: FW: selfcheck hangs Jeremy, Did anyone respond off-list to your posting? I have the same problem here from time to time and the only way I've been able to correct is by rebooting the offending client system. Steve Jeremy L. Mordkoff wrote: one system has started refusing to run backups. amcheck reports a timeout. A ps on the client shows several orphaned selfcheck's. I did try killing all amandad's and hitting xinetd with a sigHUP, and then I tried an amcheck again, to no avail. I then reinstalled amanda and repeated. Still no. Here's the debug log. Any ideas would be appreciated. JLM -Original Message- From: root [mailto:[EMAIL PROTECTED] Sent: Fri 6/13/2003 9:20 AM To:[EMAIL PROTECTED] Cc: Subject: amandad: debug 1 pid 23823 ruid 527 euid 527: start at Fri Jun 13 09:16:52 2003 amandad: version 2.4.3 amandad: build: VERSION=Amanda-2.4.3 amandad:BUILT_DATE=Fri Apr 4 10:37:17 EST 2003 amandad:BUILT_MACH=Linux lux1 2.4.18-18.7.xsmp #1 SMP Wed Nov 13 19:01:42 EST 2002 i686 unknown amandad:CC=gcc amandad:CONFIGURE_COMMAND='./configure' '--with-user=amanda' '--with-group=disk' amandad: paths: bindir=/usr/local/bin sbindir=/usr/local/sbin amandad:libexecdir=/usr/local/libexec mandir=/usr/local/man amandad:AMANDA_TMPDIR=/tmp/amanda AMANDA_DBGDIR=/tmp/amanda amandad:CONFIG_DIR=/usr/local/etc/amanda DEV_PREFIX=/dev/ amandad:RDEV_PREFIX=/dev/ DUMP=/sbin/dump amandad:RESTORE=/sbin/restore SAMBA_CLIENT=/usr/bin/smbclient amandad:GNUTAR=/bin/gtar COMPRESS_PATH=/bin/gzip amandad:UNCOMPRESS_PATH=/bin/gzip MAILER=/usr/bin/Mail amandad:listed_incr_dir=/usr/local/var/amanda/gnutar-lists amandad: defs: DEFAULT_SERVER=lux1 DEFAULT_CONFIG=DailySet1 amandad:DEFAULT_TAPE_SERVER=lux1 DEFAULT_TAPE_DEVICE=/dev/null amandad:HAVE_MMAP HAVE_SYSVSHM LOCKING=POSIX_FCNTL SETPGRP_VOID amandad:DEBUG_CODE AMANDA_DEBUG_DAYS=4 BSD_SECURITY USE_AMANDAHOSTS amandad:CLIENT_LOGIN=amanda FORCE_USERID HAVE_GZIP amandad:COMPRESS_SUFFIX=.gz COMPRESS_FAST_OPT=--fast amandad:COMPRESS_BEST_OPT=--best UNCOMPRESS_OPT=-dc amandad: time 0.000: got packet: Amanda 2.4 REQ HANDLE 000-58790808 SEQ 1055510212 SECURITY USER amanda SERVICE selfcheck OPTIONS features=feff9f00;maxdumps=1;hostname=rel2; DUMP hda3 0 OPTIONS |;auth=bsd;compress-fast; DUMP vg01/lv_data 0 OPTIONS |;auth=bsd;compress-fast; amandad: time 0.000: sending ack: Amanda 2.4 ACK HANDLE 000-58790808 SEQ 1055510212 amandad: time 0.001: bsd security: remote host lux1 user amanda local user amanda amandad: time 0.001: amandahosts security check passed amandad: time 0.001: running service /usr/local/libexec/selfcheck amandad: time 30.526: got packet: Amanda 2.4 REQ HANDLE 000-58790808 SEQ 1055510212 SECURITY USER amanda SERVICE selfcheck OPTIONS features=feff9f00;maxdumps=1;hostname=rel2; DUMP hda3 0 OPTIONS |;auth=bsd;compress-fast; DUMP vg01/lv_data 0 OPTIONS |;auth=bsd;compress-fast; amandad: time 31.146: received dup P_REQ packet, ACKing it amandad: time 31.146: sending ack: Amanda 2.4 ACK HANDLE 000-58790808 SEQ 1055510212 amandad: time 61.141: got packet: Amanda 2.4 REQ HANDLE 000-58790808 SEQ 1055510212 SECURITY USER amanda SERVICE selfcheck OPTIONS features=feff9f00;maxdumps=1;hostname=rel2; DUMP hda3 0 OPTIONS |;auth=bsd;compress-fast; DUMP vg01/lv_data 0 OPTIONS |;auth=bsd;compress-fast; amandad: time 61.141: received dup P_REQ packet, ACKing it amandad: time 61.141: sending ack: Amanda 2.4 ACK HANDLE 000-58790808 SEQ 1055510212 -- Steven M. Wilson, Systems and Network Manager Markey Center for Structural Biology Purdue University [EMAIL PROTECTED]765.496.1946
FW: selfcheck hangs
one system has started refusing to run backups. amcheck reports a timeout. A ps on the client shows several orphaned selfcheck's. I did try killing all amandad's and hitting xinetd with a sigHUP, and then I tried an amcheck again, to no avail. I then reinstalled amanda and repeated. Still no. Here's the debug log. Any ideas would be appreciated. JLM -Original Message- From: root [mailto:[EMAIL PROTECTED] Sent: Fri 6/13/2003 9:20 AM To: [EMAIL PROTECTED] Cc: Subject: amandad: debug 1 pid 23823 ruid 527 euid 527: start at Fri Jun 13 09:16:52 2003 amandad: version 2.4.3 amandad: build: VERSION=Amanda-2.4.3 amandad:BUILT_DATE=Fri Apr 4 10:37:17 EST 2003 amandad:BUILT_MACH=Linux lux1 2.4.18-18.7.xsmp #1 SMP Wed Nov 13 19:01:42 EST 2002 i686 unknown amandad:CC=gcc amandad:CONFIGURE_COMMAND='./configure' '--with-user=amanda' '--with-group=disk' amandad: paths: bindir=/usr/local/bin sbindir=/usr/local/sbin amandad:libexecdir=/usr/local/libexec mandir=/usr/local/man amandad:AMANDA_TMPDIR=/tmp/amanda AMANDA_DBGDIR=/tmp/amanda amandad:CONFIG_DIR=/usr/local/etc/amanda DEV_PREFIX=/dev/ amandad:RDEV_PREFIX=/dev/ DUMP=/sbin/dump amandad:RESTORE=/sbin/restore SAMBA_CLIENT=/usr/bin/smbclient amandad:GNUTAR=/bin/gtar COMPRESS_PATH=/bin/gzip amandad:UNCOMPRESS_PATH=/bin/gzip MAILER=/usr/bin/Mail amandad:listed_incr_dir=/usr/local/var/amanda/gnutar-lists amandad: defs: DEFAULT_SERVER=lux1 DEFAULT_CONFIG=DailySet1 amandad:DEFAULT_TAPE_SERVER=lux1 DEFAULT_TAPE_DEVICE=/dev/null amandad:HAVE_MMAP HAVE_SYSVSHM LOCKING=POSIX_FCNTL SETPGRP_VOID amandad:DEBUG_CODE AMANDA_DEBUG_DAYS=4 BSD_SECURITY USE_AMANDAHOSTS amandad:CLIENT_LOGIN=amanda FORCE_USERID HAVE_GZIP amandad:COMPRESS_SUFFIX=.gz COMPRESS_FAST_OPT=--fast amandad:COMPRESS_BEST_OPT=--best UNCOMPRESS_OPT=-dc amandad: time 0.000: got packet: Amanda 2.4 REQ HANDLE 000-58790808 SEQ 1055510212 SECURITY USER amanda SERVICE selfcheck OPTIONS features=feff9f00;maxdumps=1;hostname=rel2; DUMP hda3 0 OPTIONS |;auth=bsd;compress-fast; DUMP vg01/lv_data 0 OPTIONS |;auth=bsd;compress-fast; amandad: time 0.000: sending ack: Amanda 2.4 ACK HANDLE 000-58790808 SEQ 1055510212 amandad: time 0.001: bsd security: remote host lux1 user amanda local user amanda amandad: time 0.001: amandahosts security check passed amandad: time 0.001: running service /usr/local/libexec/selfcheck amandad: time 30.526: got packet: Amanda 2.4 REQ HANDLE 000-58790808 SEQ 1055510212 SECURITY USER amanda SERVICE selfcheck OPTIONS features=feff9f00;maxdumps=1;hostname=rel2; DUMP hda3 0 OPTIONS |;auth=bsd;compress-fast; DUMP vg01/lv_data 0 OPTIONS |;auth=bsd;compress-fast; amandad: time 31.146: received dup P_REQ packet, ACKing it amandad: time 31.146: sending ack: Amanda 2.4 ACK HANDLE 000-58790808 SEQ 1055510212 amandad: time 61.141: got packet: Amanda 2.4 REQ HANDLE 000-58790808 SEQ 1055510212 SECURITY USER amanda SERVICE selfcheck OPTIONS features=feff9f00;maxdumps=1;hostname=rel2; DUMP hda3 0 OPTIONS |;auth=bsd;compress-fast; DUMP vg01/lv_data 0 OPTIONS |;auth=bsd;compress-fast; amandad: time 61.141: received dup P_REQ packet, ACKing it amandad: time 61.141: sending ack: Amanda 2.4 ACK HANDLE 000-58790808 SEQ 1055510212
debug flags
Hi- A question and an observation. I just made a small change to the format of one of the reports and rebuilt and re-installed Amanda. I was in the server-src directory and, as root, I did a make and a make install. Afterwards, several of the files in /usr/local/libexec had the wrong permissions and were not executable by Amanda. Are there options I can put in my xinit.d/Amanda file on a client so that I will get a log on the client? I think planner is hung now. JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
before or after midnight
Is there a problem with running Amanda after midnight? It seems like amadmin .. balance is always confused as to when the next backups will run. I run backups Tues thru Sat mornings at 3 AM and today (Tuesday morning) I get [EMAIL PROTECTED] amanda]$ amadmin daily balance due-date #fs orig KB out KB balance --- 4/01 Tue 0 0 0 --- 4/02 Wed 0 0 0 --- 4/03 Thu 1 23950230 9393310 +0.5% 4/04 Fri 6 20213050 8304244 -11.2% 4/05 Sat 1 27045090 20085958 +114.8% 4/06 Sun 0 0 0 --- 4/07 Mon 0 0 0 --- 4/08 Tue 26 25192150 8960866 -4.2% --- TOTAL 34 96400520 46744378 9348875 (estimated 5 runs per dumpcycle) The next backup is tomorrow (Wednesday) but amanda doesnt seem to think so. DumpCycle is 1 week Dumps per cycle are 5 JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
planner bug?
I have 20 GB (uncompressed) tape drive. I have a 23 GB partition. My compression ratio averages well over 50% so a full will fit on the tape, but Amanda refuses to even try JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
tape drive opinions
I need a 80 GB+ tape drive for a Dell Poweredge 2500 running Redhat 8.0 and Amanda Any suggestions? Thanks in advance JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
3 day rotation, answer (long)
The reason for my slightly strange requirements is that I want to offsite archive sets of backup tapes that have at least one level 0 for every system. So I need to have enough tapes so I can have a set that is being written to, a set that is on the way to offsite storage and a set that will soon return from offsite. Since the offsite storage place only picks up twice a week and someone MUST be here to sign for them, I need to have a few extra tapes just in case the old archives don't arrive before I need them. My plan (when I had only 11 tapes) was to have 3 sets of 3 plus 2 spares. A sequence of three tapes would be set to offsite once a week, where it would stay until the next set arrived. Then it would be returned to me and put back into rotation. The no-reuse/reuse options seem to do a wonderful job helping me manage this. But if I miss a delivery, I may end up with 6 tapes offsite and a weeks worth of backups onsite. With backups 5 days a week, that's 11 tapes with no room for error. So I got 5 more tapes. But I'd still like to see this work so I will be sure that when I have to go to 4 or 5 day cycles, I'll have a system that works. What I have found (that seems to work) is to set dumpcycle to 5 on Mondays and Tuesdays (so Amanda will look back far enough in time). Then I set it back to 3 days on Wednesdays, Thursdays and Fridays. This seems to have the exact desired affect. This morning's (Monday's) backups had level 0's for each system that had not gotten a level 0 last Thursday or Friday. Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King
aborted amdump causes tape to be used
I just aborted an amdump about a minute after it started because I forgot to specify a switch. When I tried to rerun the backup with the correct options, she wants me to insert a new tape, so I assume that she has marked that tape as having data on it. How do I tell her to forget everything about that aborted run and free up that tape? Is there a place I should be looking this kind of question up? JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) injustice anywhere threatens justice everywhere -- Dr. Martin Luther King �
RE: Full Backup Configuration
Okaywhat are the settings for getting a full once every 3 days with backups 5 nights a week and 16 tapes? I tried dumpcycle 3 days runspercycle 3 tapecycle 16 tapes but that gives me fulls of everyone on Monday and what I want Tues thru Friday. I think the problem is when it fires up on Monday it thinks it is 2 days behind. How can I tell it to discount Saturday and Sunday? My cron file runs amdump Mon-Fri. Would dumpcycle 1 week runspercycle 3 tapecycle 16 tapes work better? JLm Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) -Original Message- From: Keith Nasman [mailto:[EMAIL PROTECTED]] Sent: Friday, January 17, 2003 11:01 AM To: [EMAIL PROTECTED] Subject: Full Backup Configuration What are the amanda.conf settings (dumpcycle, runspercycle, tapecycle) for getting a full backup each night, five days a week, with a four weeks worth of tapes (20)? thanks, Keith
dumps per cycle question
I want to keep my cycles as short as possible so I can take a small subset of my tapes offsite for disaster recovery. I do dumps 5 nights a week. I was hoping to have a cycle of 3 days and 3 dumps per cycle, but with this config it always tries to do level 0s on everyone every Monday. Is there a way I can tell the system to ignore weekends completely? JLM Jeremy Mordkoff Tatara Systems 978-206-0808 (direct) 978-206-0888 (fax) �
