On 07/23/2014 10:26 AM, Alexander Tiurin wrote:
Hello folks,
When i tried connect to amanda server, i get message from client:
# amrecover omega -s cowback
AMRECOVER Version 2.4.5p1. Contacting server on cowback ...
220 cowback AMANDA index server (3.3.6) ready.
220 cowback AMANDA index server (3.3.6) ready.
amrecover: Unexpected end of file, check amindexd*debug on server cowback
At this time on server
kernel: [1374795.689017] amindexd[16214]: segfault at 0 ip
00007f556527fc3d sp 00007fff5d9375f0 error 4 in
libamanda-3.3.6.so[7f5565249000+57000]
# cat /var/log/amanda/server/amindexd.20140723181502.debug
Wed Jul 23 18:15:02 2014: thd-0x1e6b000: amindexd: pid 16214 ruid 34
euid 34 version 3.3.6: start at Wed Jul 23 18:15:02 2014
Wed Jul 23 18:15:02 2014: thd-0x1e6b000: amindexd: version 3.3.6
Wed Jul 23 18:15:02 2014: thd-0x1e6b000: amindexd: < 220 cowback
AMANDA index server (3.3.6) ready.
Wed Jul 23 18:15:02 2014: thd-0x1e6b000: amindexd: > SECURITY USER root
Wed Jul 23 18:15:02 2014: thd-0x1e6b000: amindexd: (sockaddr_in
*)0x7fff5d937c30 = { 2, 885, 10.11.110.33 }
Any ideas are welcome!
The attached 'recover-2.4.5-compat-3.3.7,diff' patch fix the crash and
report a better error message.
Add the credential to the ~/.amandahosts file:
cowback root amindexd amidxtaped
Jean-Louis
Index: server-src/amidxtaped.pl
===================================================================
--- server-src/amidxtaped.pl (revision 5813)
+++ server-src/amidxtaped.pl (working copy)
@@ -827,7 +827,7 @@
return 0;
}
- my $errmsg = $self->check_bsd_security($stream, $1);
+ my $errmsg = $self->check_bsd_security($stream, $1, "amidxtaped");
if ($errmsg) {
print "ERROR $errmsg\r\n";
return 0;
Index: server-src/amindexd.c
===================================================================
--- server-src/amindexd.c (revision 5813)
+++ server-src/amindexd.c (working copy)
@@ -1557,7 +1557,7 @@
user_validated = amindexd_debug ||
check_security(
(sockaddr_union *)&his_addr,
- arg, 0, &errstr);
+ arg, 0, &errstr, "amindexd");
if(user_validated) {
reply(200, _("Access OK"));
amfree(line);
Index: perl/Amanda/ClientService.pm
===================================================================
--- perl/Amanda/ClientService.pm (revision 5813)
+++ perl/Amanda/ClientService.pm (working copy)
@@ -133,7 +133,7 @@
The method returns C<undef> if the check succeeds, and an error message if it
fails.
- if ($self->check_bsd_security($stream, $authstr)) { .. }
+ if ($self->check_bsd_security($stream, $authstr, $service)) { .. }
Not that the security check is skipped if the service is being run from an
installcheck, since BSD security can't be tested by installchecks.
@@ -409,7 +409,7 @@
sub check_bsd_security {
my $self = shift;
- my ($name, $authstr) = @_;
+ my ($name, $authstr, $service) = @_;
# find the open file descriptor
my $fd = $self->rfd($name);
@@ -420,7 +420,7 @@
# installchecks are incompatible with BSD security
return undef if $self->from_installcheck();
- return Amanda::Util::check_security($fd, $authstr);
+ return Amanda::Util::check_security($fd, $authstr, $service);
}
sub parse_req {
Index: perl/Amanda/Util.swg
===================================================================
--- perl/Amanda/Util.swg (revision 5813)
+++ perl/Amanda/Util.swg (working copy)
@@ -566,7 +566,7 @@
%newobject check_security_fd;
%rename(check_security) check_security_fd;
%inline %{
-char *check_security_fd(int fd, char *userstr)
+char *check_security_fd(int fd, char *userstr, char *service)
{
socklen_t_equiv i;
struct sockaddr_in addr;
@@ -587,7 +587,7 @@
}
/* call out to check_security */
- if (!check_security((sockaddr_union *)&addr, userstr, 0, &errstr))
+ if (!check_security((sockaddr_union *)&addr, userstr, 0, &errstr, service))
return errstr;
return NULL;
Index: common-src/debug.c
===================================================================
--- common-src/debug.c (revision 5813)
+++ common-src/debug.c (working copy)
@@ -341,6 +341,8 @@
memset(&sbuf, 0, SIZEOF(sbuf));
+ if (!config_is_initialized())
+ return;
pname = get_pname();
pname_len = strlen(pname);
Index: common-src/security-util.c
===================================================================
--- common-src/security-util.c (revision 5813)
+++ common-src/security-util.c (working copy)
@@ -2333,7 +2333,8 @@
sockaddr_union *addr,
char * str,
unsigned long cksum,
- char ** errstr)
+ char ** errstr,
+ char *service)
{
char * remotehost = NULL, *remoteuser = NULL;
char * bad_bsd = NULL;
@@ -2422,7 +2423,7 @@
#ifndef USE_AMANDAHOSTS
s = check_user_ruserok(remotehost, pwptr, remoteuser);
#else
- s = check_user_amandahosts(remotehost, addr, pwptr, remoteuser, NULL);
+ s = check_user_amandahosts(remotehost, addr, pwptr, remoteuser, service);
#endif
if (s != NULL) {
Index: common-src/conffile.c
===================================================================
--- common-src/conffile.c (revision 5813)
+++ common-src/conffile.c (working copy)
@@ -5006,6 +5006,12 @@
}
}
+gboolean
+config_is_initialized()
+{
+ return config_initialized;
+}
+
/*
* Initialization Implementation
*/
Index: common-src/amanda.h
===================================================================
--- common-src/amanda.h (revision 5813)
+++ common-src/amanda.h (working copy)
@@ -686,7 +686,7 @@
/* from old bsd-security.c */
extern int debug;
-extern int check_security(sockaddr_union *, char *, unsigned long, char **);
+extern int check_security(sockaddr_union *, char *, unsigned long, char **, char *);
/*
* Handle functions which are not always declared on all systems. This
Index: common-src/security-util.h
===================================================================
--- common-src/security-util.h (revision 5813)
+++ common-src/security-util.h (working copy)
@@ -39,7 +39,7 @@
#include "event.h"
#define auth_debug(i, ...) do { \
- if ((i) <= debug_auth) { \
+ if ((i) <= 12) { \
dbprintf(__VA_ARGS__); \
} \
} while (0)
Index: common-src/conffile.h
===================================================================
--- common-src/conffile.h (revision 5813)
+++ common-src/conffile.h (working copy)
@@ -1404,6 +1404,10 @@
* Initialization
*/
+/* I the config is initialized */
+gboolean
+config_is_initialized();
+
/* Constants for config_init */
typedef enum {
/* Use arg_config_name, if not NULL */
