Bug 219850
| Summary: | misc/amanda-server Amanda security.conf must be writable by root only | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Ekkehard 'Ekki' Gehm <gehm> |
| Component: | Individual Port(s) | Assignee: | Dmitry Marakasov <amdmi3> |
| Status: | Closed Overcome By Events | ||
| Severity: | Affects Many People | CC: | Trond.Endrestol, fbsd, gert |
| Priority: | --- | Keywords: | needs-patch |
| Version: | Latest | Flags: | bugzilla:
maintainer-feedback?
(fbsd) |
| Hardware: | Any | ||
| OS: | Any | ||
Indeed. This is causing much pain here - after upgrade 3.3.6 to 3.3.9, many of my machines fail their backup because /usr/local/etc/ is writable for wheel here (because local requirements need a given user group to be able to atomically replace a config file, read "move file.new file", and we do not want them to use sudo if unix file permissions can handle this perfectly well). BTW, the path for amanda-client-3.3.9,1 is /usr/local/etc/amanda/security.conf - and the package isn't creating /usr/local/etc/amanda/ at all if only the client is installed. The maintainer seems to be MIA. Can either of you provide a patch that fixes this? As of now, the file is installed as -rw-r--r-- 1 root wheel 2037 Feb 16 16:37 /usr/local/etc/amanda/amanda-security.conf so the problem seems to be gone. |
The security.conf file much more the whole path to it must be writable to root only. The Port defaults it to ${ETCDIR}/security.conf wich is writable by the amanda user. In that case all backups fail on this host after the update. It should, if at all, reside in /etc or /usr/local/etc as amanda-security.conf or there should be at least a NOTE in /usr/ports/UPDATING and after the install itself.