Date: Thu, 2 Jul 1998 09:36:58 -0500 (CDT) From: Mark Tinguely <tinguely@plains.NoDak.edu> To: freebsd-questions@FreeBSD.ORG, kino@basta.fis.nsk.su Subject: Re: rdump Message-ID: <199807021436.JAA10799@plains.NoDak.edu>
next in thread | raw e-mail | index | archive | help
> I have FreeBSD 2.2.6 and storage device hp1533 DDS2 on the one machine (A).
> I need dump from remote machine (B) to machine (A).
> I created user taper, add her into group operator.
> On the machine (B) do:
> /sbin/rdump -0uf Machine_A:/dev/nrst0 /usr
> it don't work:
> rcmd: socket: Permission deniend
>
> PS: rcp, rsh work true.
> PSS: exec on the machine (A) turn on.
> PSSS: from root it work true.
add a group taper that user taper is the only member, and then as root:
# chmod 4750 /sbin/rdump
# chgrp taper /sbin/rdump
# for i in a e ...
> do
> chgrp taper /dev/rwd0s1${i}
>done
rdump need to be run as root to open the restricted network socket port.
the chmod makes rdump SUID to root, the group restricts access so that
ordinary users can't get copies of restricted files by:
$ /sbin/rdump 0sf 99999 - /dev/rwd0s1a | /sbin/restore if -
the last command, you will have to change to match your filesystem mount
points, but the intent is to let the taper account read the raw devices.
for additional security, you can add these commands to a script file
so that the modes are only changed during the backup, and at the end
of the backup, the modes and groups are reset to the original values.
--mark.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807021436.JAA10799>