[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid question

On 2021-01-22 15:35, David Christensen wrote:

On 2021-01-22 15:29, Gene Heskett wrote:

Greeting all;

I have a problem, using amanda, locally
built. /usr/local/libexec/amanda/ambind needs to be setuid, but isn't.

How or what do I do to fix it?


How about chmod(1) as root?

# chmod u+s /usr/local/libexec/amanda/ambind



On 2021-01-22 16:09, Gene Heskett wrote:
> root@coyote:amanda-3.5.1$  chmod u+s /usr/local/libexec/amanda/ambind
> root@coyote:amanda-3.5.1$  su amanda -c "/usr/local/sbin/amcheck Daily"
> Amanda Tape Server Host Check
> -----------------------------
> ERROR: program /usr/local/libexec/amanda/ambind: not setuid-root
> NOTE: Holding disk '/sdb/dumps': 212792 MB disk space available, using
> 212292 MB
> Searching for label 'Dailys-3':found in slot 3: volume 'Dailys-3'
> Will write to volume 'Dailys-3' in slot 3.
> NOTE: skipping tape-writable test
> Server check took 0.103 seconds
> Amanda Backup Client Hosts Check
> --------------------------------
> ERROR: coyote: selfcheck request failed: ambind: bind failed A:
> Permission denied
> ERROR: shop: selfcheck request failed: ambind: bind failed A: Permission
> denied
> ERROR: lathe: selfcheck request failed: ambind: bind failed A: Permission
> denied
> ERROR: GO704: selfcheck request failed: ambind: bind failed A: Permission
> denied
> ERROR: rpi4: selfcheck request failed: ambind: bind failed A: Permission
> denied
> Client check: 5 hosts checked in 11.298 seconds.  5 problems found.


On 2021-01-22 17:39, Gene Heskett wrote:
> On Friday 22 January 2021 19:51:36 Larry Martell wrote:
>> Try chown root /usr/local/libexec/amanda/ambind
>>
>> and after that check that the suid bit is still set
>
> that fixed the ambind, but now have 132 problems with amgtar, no permission. 
> tried to fix it with the same pill, get
> root@coyote:amanda-3.5.1$ ls -lh /usr/local/libexec/amanda/application/amgtar > -rwxr-x--- 1 root disk 158K Jan 22 20:17 /usr/local/libexec/amanda/application/amgtar 
> Which says the setuid bit wasn't set so I reset it:
> root@coyote:amanda-3.5.1$ chmod u+s /usr/local/libexec/amanda/application/amgtar > root@coyote:amanda-3.5.1$ ls -lh /usr/local/libexec/amanda/application/amgtar > -rwsr-x--- 1 root disk 158K Jan 22 20:17 /usr/local/libexec/amanda/application/amgtar 
> but still get 132 copys of:
> selfcheck (etc does matter): error [exec /usr/local/libexec/amanda/application/amgtar: Permission denied] 
> when running:su amanda -c "/usr/local/sbin/amcheck Daily"
>
> Something IMO has been updated in stretch's perl, that has totally screwed amanda. 


Sorry I missed the chown(1).  :-(
But, building and installing Amanda from source is turning into a cluster f***. 


I assumed you had some compelling reason not to use the official packages:

2021-01-22 21:18:42 dpchrist@tinkywinky ~
$ cat /etc/debian_version ; uname -a
9.13
Linux tinkywinky 4.9.0-13-amd64 #1 SMP Debian 4.9.228-1 (2020-07-05) x86_64 GNU/Linux 

2021-01-22 21:22:07 dpchrist@tinkywinky ~
$ apt-cache search amanda | grep amanda
amanda-client - Advanced Maryland Automatic Network Disk Archiver (Client)
amanda-common - Advanced Maryland Automatic Network Disk Archiver (Libs)
amanda-server - Advanced Maryland Automatic Network Disk Archiver (Server)
But, I have had similar experiences building from source and I now avoid it like COVID-19. Perhaps you should just use the Debian packages. 


David
Reply to: