Re: setuid question
On Saturday 23 January 2021 00:23:45 David Christensen wrote:
> On 2021-01-22 15:35, David Christensen wrote:
> > On 2021-01-22 15:29, Gene Heskett wrote:
> >> Greeting all;
> >>
> >> I have a problem, using amanda, locally
> >> built. /usr/local/libexec/amanda/ambind needs to be setuid, but
> >> isn't.
> >>
> >> How or what do I do to fix it?
> >
> > How about chmod(1) as root?
> >
> > # chmod u+s /usr/local/libexec/amanda/ambind
>
> On 2021-01-22 16:09, Gene Heskett wrote:
> > root@coyote:amanda-3.5.1$ chmod u+s
> > /usr/local/libexec/amanda/ambind root@coyote:amanda-3.5.1$ su
> > amanda -c "/usr/local/sbin/amcheck Daily" Amanda Tape Server Host
> > Check
> > -----------------------------
> > ERROR: program /usr/local/libexec/amanda/ambind: not setuid-root
> > NOTE: Holding disk '/sdb/dumps': 212792 MB disk space available,
> > using 212292 MB
> > Searching for label 'Dailys-3':found in slot 3: volume 'Dailys-3'
> > Will write to volume 'Dailys-3' in slot 3.
> > NOTE: skipping tape-writable test
> > Server check took 0.103 seconds
> > Amanda Backup Client Hosts Check
> > --------------------------------
> > ERROR: coyote: selfcheck request failed: ambind: bind failed A:
> > Permission denied
> > ERROR: shop: selfcheck request failed: ambind: bind failed A:
> > Permission denied
> > ERROR: lathe: selfcheck request failed: ambind: bind failed A:
> > Permission denied
> > ERROR: GO704: selfcheck request failed: ambind: bind failed A:
> > Permission denied
> > ERROR: rpi4: selfcheck request failed: ambind: bind failed A:
> > Permission denied
> > Client check: 5 hosts checked in 11.298 seconds. 5 problems found.
>
> On 2021-01-22 17:39, Gene Heskett wrote:
> > On Friday 22 January 2021 19:51:36 Larry Martell wrote:
> >> Try chown root /usr/local/libexec/amanda/ambind
> >>
> >> and after that check that the suid bit is still set
> >
> > that fixed the ambind, but now have 132 problems with amgtar, no
>
> permission.
>
> > tried to fix it with the same pill, get
> > root@coyote:amanda-3.5.1$ ls -lh
>
> /usr/local/libexec/amanda/application/amgtar
>
> > -rwxr-x--- 1 root disk 158K Jan 22 20:17
>
> /usr/local/libexec/amanda/application/amgtar
>
> > Which says the setuid bit wasn't set so I reset it:
> > root@coyote:amanda-3.5.1$ chmod u+s
>
> /usr/local/libexec/amanda/application/amgtar
>
> > root@coyote:amanda-3.5.1$ ls -lh
>
> /usr/local/libexec/amanda/application/amgtar
>
> > -rwsr-x--- 1 root disk 158K Jan 22 20:17
>
> /usr/local/libexec/amanda/application/amgtar
>
> > but still get 132 copys of:
> > selfcheck (etc does matter): error [exec
>
> /usr/local/libexec/amanda/application/amgtar: Permission denied]
>
> > when running:su amanda -c "/usr/local/sbin/amcheck Daily"
> >
> > Something IMO has been updated in stretch's perl, that has totally
>
> screwed amanda.
>
>
> Sorry I missed the chown(1). :-(
>
>
> But, building and installing Amanda from source is turning into a
> cluster f***.
That's also why I drive the build with a script so it has a constant set
of ./configure options, and adding a new line to that set of config
options that specs --without-ipv6 has turned into a permissions
cluster-f--k. So as I said, I've been doing this since before there were
official rpms for redhat-5.0 in 1998.
>
> I assumed you had some compelling reason not to use the official
> packages:
>
> 2021-01-22 21:18:42 dpchrist@tinkywinky ~
> $ cat /etc/debian_version ; uname -a
> 9.13
> Linux tinkywinky 4.9.0-13-amd64 #1 SMP Debian 4.9.228-1 (2020-07-05)
> x86_64 GNU/Linux
>
> 2021-01-22 21:22:07 dpchrist@tinkywinky ~
> $ apt-cache search amanda | grep amanda
> amanda-client - Advanced Maryland Automatic Network Disk Archiver
> (Client) amanda-common - Advanced Maryland Automatic Network Disk
> Archiver (Libs) amanda-server - Advanced Maryland Automatic Network
> Disk Archiver (Server)
>
>
> But, I have had similar experiences building from source and I now
> avoid it like COVID-19. Perhaps you should just use the Debian
> packages.
>
>
> David
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: