RE: Permission Denied error on client

2003-11-17 Thread Rebecca Pakish Crum 
Have you checked .amandahosts for proper entries? Does that file have
the proper permissions?
-rw---   1 amanda   amanda37 Nov 14 13:16 .amandahosts

on the client .amandahosts should say
bkup.server.com amanda

and on the server the entry should be
client.server.com root

are you using the FQDN for both server and client?

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of John Grover
 Sent: Monday, November 17, 2003 3:59 PM
 To: [EMAIL PROTECTED]
 Subject: Permission Denied error on client
 
 
 I've not been able to get one of my clients to back up using 
 vxdump. Another, similarly configured client has no problem. 
 Amcheck reports the following on the bad client ...
 
 Amanda Backup Client Hosts Check
 
 ERROR: host.domain.edu: [could not access /dev/vx/rdsk/var
 (/dev/vx/rdsk/var): Permission denied]
 ERROR: host.domain.edu: [could not access /dev/vx/rdsk/rootvol
 (/dev/vx/rdsk/rootvol): Permission denied]
 Client check: 1 host checked in 1.051 seconds, 2 problems found
 
 (brought to you by Amanda 2.4.4p1)
 
 Is this a read permission error on the filesystem or an 
 execute error on vxdump? All seems identical on both systems.
 
 Thanks
 JG
 
 John W Grover, Systems and Database Administrator
   Lake Michigan College
 www.lakemichigancollege.edu

Re: Permission Denied error on client

2003-11-17 Thread Eric Siegerman 
On Mon, Nov 17, 2003 at 04:59:19PM -0500, John Grover wrote:
 Amanda Backup Client Hosts Check
 
 ERROR: host.domain.edu: [could not access /dev/vx/rdsk/var (/dev/vx/rdsk/var): 
 Permission denied]
 ERROR: host.domain.edu: [could not access /dev/vx/rdsk/rootvol 
 (/dev/vx/rdsk/rootvol): Permission denied]

 Is this a read permission error on the filesystem or an execute error
 on vxdump?

Looks like the former.  Check the ownership and permissions on
the special files mentioned.  The user/group under which vxdump
is running needs read permission.

I don't know about vxdump, but other dumps I've used do NOT need
write permission, and so I do my best to arrange that they don't
have it, even if that means deviating from the defaults for the
system in question.  Least Privilege, and all that.

E.g.
brw-r-   1 root sys   32,  8 Jun 23  2000 /dev/dsk/c0t1d0s0

Amanda was configured with --with-group=sys, and for good
measure, the --with-user=XXX user (which is NOT root) is a
member of group sys in /etc/group.

For FreeBSD, replace sys with operator.  For Linux, it
probably depends on the distro, or you might have to chgrp the
special files to a group you've created, as it looks as though I
did here.

On at least some of our systems (can't remember which ones), the
original mode was 660; I had to chmod it to 640.  So far,
nothing's blown up as a result...

--

|  | /\
|-_|/ Eric Siegerman, Toronto, Ont.[EMAIL PROTECTED]
|  |  /
It must be said that they would have sounded better if the singer
wouldn't throw his fellow band members to the ground and toss the
drum kit around during songs.
- Patrick Lenneau