X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=man%2Fxml-source%2Famanda-auth.7.xml;fp=man%2Fxml-source%2Famanda-auth.7.xml;h=04e3eb05d8c5531c30f729844c28f607b4545012;hb=441dd72d27c13b97098a519388e6c194b16519f0;hp=3d27fbbeaeb9a5e4dd7aa0560e9978c9e6273a46;hpb=a2927cde973fba3eab558b723ba2bfba897f10c8;p=debian%2Famanda diff --git a/man/xml-source/amanda-auth.7.xml b/man/xml-source/amanda-auth.7.xml index 3d27fbb..04e3eb0 100644 --- a/man/xml-source/amanda-auth.7.xml +++ b/man/xml-source/amanda-auth.7.xml @@ -85,7 +85,7 @@ Authentication Configure option(s) option. Most Amanda processes run under this user's identity, to minimize security risks. In binary distributions, this username is usually one of 'amanda', -'amandabackup', or 'backup'. The examples below use 'amandabackup' +'backup', or 'backup'. The examples below use 'backup' since it is unambiguous. You may need to adjust accordingly for your system. @@ -147,10 +147,10 @@ configuration file. If service is omitted, it defaults to noop selfcheck sendsize sendbackup (which is equivalent to amdump). - Example of the .amandahosts file on an Amanda client, where 'amandabackup' is the Amanda dumpuser. + Example of the .amandahosts file on an Amanda client, where 'backup' is the Amanda dumpuser. - amandaserver.example.com amandabackup amdump + amandaserver.example.com backup amdump @@ -171,7 +171,7 @@ configuration file. bsdtcp communication and authentication - The authentication is done using .amandahosts files in the backup user's (for example: amandabackup) home directory. It uses TCP protocol between Amanda server and client. On the client, two reserved ports are used. On the server, all data streams are multiplexed to one port (see PORT USAGE below). + The authentication is done using .amandahosts files in the backup user's (for example: backup) home directory. It uses TCP protocol between Amanda server and client. On the client, two reserved ports are used. On the server, all data streams are multiplexed to one port (see PORT USAGE below). USING INETD SERVER @@ -181,24 +181,24 @@ configuration file. service_name socket_type protocol wait/nowait amanda_backup_user absolute_path_to_amandad amandad server_args - Client example of using bsd authorization for inetd server given Amanda user is "amandabackup": + Client example of using bsd authorization for inetd server given Amanda user is "backup": - amanda dgram udp wait amandabackup /path/to/amandad amandad -auth=bsd amdump + amanda dgram udp wait backup /path/to/amandad amandad -auth=bsd amdump The same could be used for bsdudp if specifying -auth=bsdudp instead of -auth=bsd. - Client example of using bsdtcp authorization for inetd server given Amanda user is "amandabackup": + Client example of using bsdtcp authorization for inetd server given Amanda user is "backup": - amanda stream tcp nowait amandabackup /path/to/amandad amandad -auth=bsdtcp amdump + amanda stream tcp nowait backup /path/to/amandad amandad -auth=bsdtcp amdump amindexd and amidxtaped would typically be added at the end of the line as &amandad; server arguments for an Amanda server. - Server example of using bsdtcp authorization for inetd server given Amanda user is "amandabackup": + Server example of using bsdtcp authorization for inetd server given Amanda user is "backup": - amanda stream tcp nowait amandabackup /path/to/amandad amandad -auth=bsdtcp amdump amindexd amidxtaped + amanda stream tcp nowait backup /path/to/amandad amandad -auth=bsdtcp amdump amindexd amidxtaped For Amanda version 2.5.0 and earlier, remember that neither bsdudp nor bsdtcp are supported and the Amanda daemon &amandad; accepts no arguments. Because of the latter, &amrecover; as of Amanda version 2.5.1 is not compatible with 2.5.0 and earlier servers. Thus, servers that are 2.5.0 or earlier must, in addition to the amanda service, run amindexd and amidxtaped Amanda services as their own network services, amandaidx and amidxtape, respectively (see below). @@ -208,8 +208,8 @@ configuration file. Example of amindexd and amidxtaped Amanda daemon services configured as their own network services for a 2.5.0 or earlier server or a newer server having 2.5.0 or earlier clients - amandaidx stream tcp nowait amandabackup /usr/local/libexec/amanda/current/amindexd amindexd - amidxtape stream tcp nowait amandabackup /usr/local/libexec/amanda/current/amidxtaped amidxtaped + amandaidx stream tcp nowait backup /usr/local/libexec/amanda/current/amindexd amindexd + amidxtape stream tcp nowait backup /usr/local/libexec/amanda/current/amidxtaped amidxtaped @@ -234,7 +234,7 @@ service amanda The only_from parameter can be used with xinetd but is usually in addition to the primary form of access control via the .amandahosts file. - Client example of using bsd authorization for xinetd server and for Amanda user "amandabackup": + Client example of using bsd authorization for xinetd server and for Amanda user "backup": service amanda @@ -243,7 +243,7 @@ service amanda socket_type = dgram protocol = udp wait = yes - user = amandabackup + user = backup group = disk groups = yes server = /path/to/amandad @@ -253,7 +253,7 @@ service amanda The same could be used for bsdudp if specifying -auth=bsdudp instead of -auth=bsd. - Client example of using bsdtcp authorization for xinetd server and for Amanda user "amandabackup": + Client example of using bsdtcp authorization for xinetd server and for Amanda user "backup": service amanda @@ -262,7 +262,7 @@ service amanda socket_type = stream protocol = tcp wait = no - user = amandabackup + user = backup group = disk groups = yes server = /path/to/amandad @@ -473,7 +473,7 @@ For example: define dumptype rsh_example { ... auth "rsh" - client-username "amandabackup" + client-username "backup" amandad-path "/usr/lib/exec/amandad" ... } @@ -506,7 +506,7 @@ When you use a public key on the client to do data encryption (see http://wiki.z Enable SSH authentication and set the ssh-keys option in all DLEs for that host by adding the following to the DLE itself or to the corresponding dumptype in amanda.conf: auth "ssh" - ssh-keys "/home/amandabackup/.ssh/id_rsa_amdump" + ssh-keys "/home/backup/.ssh/id_rsa_amdump" ssh-keys is the path to the private key on the client. If the username to which Amanda should connect is different from the default, then you should also add