subject:"Patches used by Debian on amanda \-\- \"backup\" user under Debian"

Re: Patches used by Debian on amanda -- "backup" user under Debian

2017-01-09 Thread Charles Curley

On Mon, 9 Jan 2017 14:21:00 -0500
Nathan Stratton Treadway  wrote:

> On Sun, Jan 08, 2017 at 12:51:45 -0700, Charles Curley wrote:
> > May I request you end two irritants about the Debian version. It
> > creates a user, "backup". That's fine, although "amanda", say,
> > would avoid stepping on some other user named "backup".


> 
> For what it's worth, the "backup" user (uid 34) -- including its home
> directory and login shell settings -- is actually defined on all
> Debian systems as part of the base-passwd package (and thus exist
> completely separately from the Amanda packages).
> 
> See, for example:
>   
> https://anonscm.debian.org/cgit/users/cjwatson/base-passwd.git/tree/passwd.master
>   https://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2
>  (_Debian Policy Manual_ "9.2.2 UID and GID classes")

I stand corrected, thank you.

> 
> 
> I've always figured that whoever did the original Debian packaging for
> the Amanda software (years ago) decided it would be easier to make use
> of that pre-existing user rather than having to have the package
> installation scripts manage creation (and deletion) of a separate
> "amanda" user

My conjecture also.

The culprits also did not anticipate amanda over ssh, or possibly
other tools like amcheck, and so the need to use the amanda account
interactively.

> 
> Interestingly, /usr/share/doc/base-passwd/users-and-groups.txt.gz
> doesn't seem to know what the "backup" user is for, either:
>   backup
> 
> Presumably so backup/restore responsibilities can be locally
> delegated to someone without full root permissions?
> 
> HELP: Is that right? Amanda reportedly uses this, details?
> 
>  so I suspect that this user was "allocated" in the early mists of
> time for the Debian project, and since then has mostly or completely
> fallen out of use -- except for the use by the Amanda packages

Yep. Except that something, probably the update-passwd tool, appears to
still use it.

-- 

The right of the people to be secure in their persons, houses, papers,
and effects, against unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon probable cause,
supported by Oath or affirmation, and particularly describing the
place to be searched, and the persons or things to be seized.
-- U.S. Const. Amendment IV

Key fingerprint = CE5C 6645 A45A 64E4 94C0  809C FFF6 4C48 4ECD DFDB

Re: Patches used by Debian on amanda -- "backup" user under Debian

2017-01-09 Thread Jean-Louis Martineau

Steve,

The amanda-client can be run with any user.
The user is compiled in, but it doesn't need to be the same on the 
amanda server and amanda-client.

What was the problem?

Jean-Louis

On 09/01/17 02:41 PM, Steve Wray wrote:
For what its worth, this creates problems with inter-operability 
between CentOS and Debian; we rebuilt the CentOS rpm for amanda client 
so it used the backup user instead of amanda, as our amanda server was 
on Debian. We tried hard but never found a way to configure this.

It would be nice to be able to configure this and not have to have it 
compiled in.

On Mon, Jan 9, 2017 at 11:21 AM, Nathan Stratton Treadway 
mailto:natha...@ontko.com>> wrote:

On Sun, Jan 08, 2017 at 12:51:45 -0700, Charles Curley wrote:
> May I request you end two irritants about the Debian version. It
creates
> a user, "backup". That's fine, although "amanda", say, would avoid
> stepping on some other user named "backup".
>
> The irritant is that debian makes the user's home
> directory /var/backups. Something else uses that directory, and
I don't
> like co-mingling the two different functions. It also sets the user
> shell to "/usr/sbin/nologin" rather than to bash, which is an
irritant
> on the way to using amanda over ssh.
>

For what it's worth, the "backup" user (uid 34) -- including its home
directory and login shell settings -- is actually defined on all
Debian
systems as part of the base-passwd package (and thus exist completely
separately from the Amanda packages).

See, for example:

https://anonscm.debian.org/cgit/users/cjwatson/base-passwd.git/tree/passwd.master

https://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2

 (_Debian Policy Manual_ "9.2.2 UID and GID classes")

I've always figured that whoever did the original Debian packaging for
the Amanda software (years ago) decided it would be easier to make use
of that pre-existing user rather than having to have the package
installation scripts manage creation (and deletion) of a separate
"amanda" user

Interestingly, /usr/share/doc/base-passwd/users-and-groups.txt.gz
doesn't
seem to know what the "backup" user is for, either:
  backup

Presumably so backup/restore responsibilities can be locally
delegated to
someone without full root permissions?

HELP: Is that right? Amanda reportedly uses this, details?

 so I suspect that this user was "allocated" in the early mists of
time for the Debian project, and since then has mostly or completely
fallen out of use -- except for the use by the Amanda packages

Nathan

Nathan Stratton Treadway  - natha...@ontko.com
 -  Mid-Atlantic region
Ray Ontko & Co.  -  Software consulting services  -
http://www.ontko.com/
 GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt
  ID: 1023D/ECFB6239
 Key fingerprint = 6AD8 485E 20B9 5C71 231C  0C32 15F3 ADCD ECFB 6239

Disclaimer

The information contained in this communication from the sender is 
confidential. It is intended solely for use by the recipient and others 
authorized to receive it. If you are not the recipient, you are hereby notified 
that any disclosure, copying, distribution or taking action in relation of the 
contents of this information is strictly prohibited and may be unlawful.

This email has been scanned for viruses and malware, and may have been 
automatically archived by Mimecast Ltd, an innovator in Software as a Service 
(SaaS) for business. Providing a safer and more useful place for your human 
generated data. Specializing in; Security, archiving and compliance. To find 
out more visit the Mimecast website.

Re: Patches used by Debian on amanda -- "backup" user under Debian

2017-01-09 Thread Steve Wray

For what its worth, this creates problems with inter-operability between
CentOS and Debian; we rebuilt the CentOS rpm for amanda client so it used
the backup user instead of amanda, as our amanda server was on Debian. We
tried hard but never found a way to configure this.

It would be nice to be able to configure this and not have to have it
compiled in.


On Mon, Jan 9, 2017 at 11:21 AM, Nathan Stratton Treadway <
natha...@ontko.com> wrote:

> On Sun, Jan 08, 2017 at 12:51:45 -0700, Charles Curley wrote:
> > May I request you end two irritants about the Debian version. It creates
> > a user, "backup". That's fine, although "amanda", say, would avoid
> > stepping on some other user named "backup".
> >
> > The irritant is that debian makes the user's home
> > directory /var/backups. Something else uses that directory, and I don't
> > like co-mingling the two different functions. It also sets the user
> > shell to "/usr/sbin/nologin" rather than to bash, which is an irritant
> > on the way to using amanda over ssh.
> >
>
> For what it's worth, the "backup" user (uid 34) -- including its home
> directory and login shell settings -- is actually defined on all Debian
> systems as part of the base-passwd package (and thus exist completely
> separately from the Amanda packages).
>
> See, for example:
>   https://anonscm.debian.org/cgit/users/cjwatson/base-
> passwd.git/tree/passwd.master
>   https://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2
>  (_Debian Policy Manual_ "9.2.2 UID and GID classes")
>
>
> I've always figured that whoever did the original Debian packaging for
> the Amanda software (years ago) decided it would be easier to make use
> of that pre-existing user rather than having to have the package
> installation scripts manage creation (and deletion) of a separate
> "amanda" user
>
> Interestingly, /usr/share/doc/base-passwd/users-and-groups.txt.gz doesn't
> seem to know what the "backup" user is for, either:
>   backup
>
> Presumably so backup/restore responsibilities can be locally delegated
> to
> someone without full root permissions?
>
> HELP: Is that right? Amanda reportedly uses this, details?
>
>  so I suspect that this user was "allocated" in the early mists of
> time for the Debian project, and since then has mostly or completely
> fallen out of use -- except for the use by the Amanda packages
>
>
> Nathan
>
> 
> 
> Nathan Stratton Treadway  -  natha...@ontko.com  -  Mid-Atlantic region
> Ray Ontko & Co.  -  Software consulting services  -
> http://www.ontko.com/
>  GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt   ID: 1023D/ECFB6239
>  Key fingerprint = 6AD8 485E 20B9 5C71 231C  0C32 15F3 ADCD ECFB 6239
>

Re: Patches used by Debian on amanda -- "backup" user under Debian

2017-01-09 Thread Nathan Stratton Treadway

On Sun, Jan 08, 2017 at 12:51:45 -0700, Charles Curley wrote:
> May I request you end two irritants about the Debian version. It creates
> a user, "backup". That's fine, although "amanda", say, would avoid
> stepping on some other user named "backup".
> 
> The irritant is that debian makes the user's home
> directory /var/backups. Something else uses that directory, and I don't
> like co-mingling the two different functions. It also sets the user
> shell to "/usr/sbin/nologin" rather than to bash, which is an irritant
> on the way to using amanda over ssh.
> 

For what it's worth, the "backup" user (uid 34) -- including its home
directory and login shell settings -- is actually defined on all Debian
systems as part of the base-passwd package (and thus exist completely
separately from the Amanda packages).

See, for example:
  
https://anonscm.debian.org/cgit/users/cjwatson/base-passwd.git/tree/passwd.master
  https://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2
 (_Debian Policy Manual_ "9.2.2 UID and GID classes")


I've always figured that whoever did the original Debian packaging for
the Amanda software (years ago) decided it would be easier to make use
of that pre-existing user rather than having to have the package
installation scripts manage creation (and deletion) of a separate
"amanda" user

Interestingly, /usr/share/doc/base-passwd/users-and-groups.txt.gz doesn't
seem to know what the "backup" user is for, either:
  backup

Presumably so backup/restore responsibilities can be locally delegated to
someone without full root permissions?

HELP: Is that right? Amanda reportedly uses this, details?

 so I suspect that this user was "allocated" in the early mists of
time for the Debian project, and since then has mostly or completely
fallen out of use -- except for the use by the Amanda packages


Nathan


Nathan Stratton Treadway  -  natha...@ontko.com  -  Mid-Atlantic region
Ray Ontko & Co.  -  Software consulting services  -   http://www.ontko.com/
 GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt   ID: 1023D/ECFB6239
 Key fingerprint = 6AD8 485E 20B9 5C71 231C  0C32 15F3 ADCD ECFB 6239

Re: Patches used by Debian on amanda -- "backup" user under Debian

Re: Patches used by Debian on amanda -- "backup" user under Debian

Re: Patches used by Debian on amanda -- "backup" user under Debian

Re: Patches used by Debian on amanda -- "backup" user under Debian

4 matches

Site Navigation

Mail list logo

Footer information