Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: amrecover from Client machine

  1. #1

    Default amrecover from Client machine

    Hello all,

    I compiled and installed the latest 2.5.1p1 bundle for a client and a server.
    --with-tcpportrange=48004,48555
    --with-udpportrange=850,854
    --with-low-tcpportrange=1001,1009


    I have a Server and Client. Respective ports are open for both these machines, includ.
    The xinetd entries are set like following

    For the Client (with ip 192.168.2.15)
    service amanda
    {
    only_from = <ServerFQDN> 192.168.2.15
    disable = no
    socket_type = dgram
    protocol = udp
    wait = yes
    user = amandabackup
    group = disk
    groups = yes
    server = /opt/amanda-2.5.1/libexec/amandad
    server_args = -auth=bsd amdump
    }

    For the tape/index Server
    service amanda
    {
    only_from = <ServerFQDN> 192.168.2.15
    disable = no
    socket_type = dgram
    protocol = udp
    wait = yes
    user = amandabackup
    group = disk
    groups = yes
    server = /opt/amanda-2.5.1/libexec/amandad
    server_args = -auth=bsd amdump amindexd amidxtaped
    }

    Amcheck checks out ok. Amdump backs up the Client and the Server just fine.
    Amrecover is another story. It works when I restore on the server, for both machines. So when I

    Server# amrecover

    I can get both the Server's and the Client's backups

    But when I try

    Client# amrecover
    AMRECOVER Version 2.5.1p1. Contacting server on zeus.iit.demokritos.gr ...
    [request failed: timeout waiting for ACK]

    It doesn't seem to be a firewall problem. I took down both firewalls to no avail. I sniffed the packets to see if there is any ports misconfiguration.
    amrecover from Client gets through to the Server where process amandad starts. But that's where it ends, amidxtaped never starts (where as when I amrecover from Server amandad and then amidxtaped start).

    It seems that that amandad is responsible for that. I thought that xinetd spawns amidxtaped but when I examined the process tree I saw that amandad spawns it.

    Any ideas about it? It's not that important as I can always recover my clients backups on the server and then transfer them to the client. Just wandering though

  2. #2
    Join Date
    Oct 2005
    Posts
    1,559

    Default

    What are the contents of .amandahosts on the server? Please check you have made
    changes to [URL="http://wiki.zmanda.com/index.php/Configuring_bsd/bsdudp/bsdtcp_authentication#.amandahosts_configuration_f ile_changes"].amandahosts to use secure API for recovery.[/URL]

    Thanks,
    Paddy

  3. #3

    Default

    the .amandahosts contains:
    192.168.2.15 amandabackup amindexd amidxtaped

    the ip belongs to the Client. The only thing that doesn't match with the .amandahosts spec is that instead of FQDN there is IP there. Could it be it?

    And yes it seems it's a security problem cause the amrecover logs show that a security_* function calls returns with an error (can't tell right now which specific function, cause Im at home atm and the access to our site is temporarily down so I cannnot examine the logs)
    Last edited by taruone; September 30th, 2006 at 02:38 AM.

  4. #4
    Join Date
    Oct 2005
    Posts
    1,559

    Default

    .amandahosts appears to be ok.

    Can you post the logs from amrecover when you can?

    Paddy

  5. #5
    Join Date
    Oct 2005
    Posts
    1,559

    Default

    I made a mistake in my earlier post. .amandahosts on Amanda server should be

    192.168.2.15 root amindexd amidxtaped

    to allow amrecover running as root on machine with IP address 192.168.2.15 to
    connect to Amanda server.

    I have corrected the Amanda wiki.

    Thanks,
    Paddy

  6. #6

    Default

    the .amandahosts file is ok ,since I have both a root and an amandabackup line for that client with amindexd and amidxtaped.

    Amrecover log follows
    amrecover: debug 1 pid 8584 ruid 0 euid 0: start at Thu Sep 28 15:26:23 2006
    Reading conf file "/opt/amanda-2.5.1/etc/amanda/amanda-client.conf".
    Could not open conf file "/opt/amanda-2.5.1/etc/amanda/daily/amanda-client.conf": No such file or directory
    amrecover: debug 1 pid 8584 ruid 0 euid 0: rename at Thu Sep 28 15:26:23 2006
    security_getdriver(name=bsd) returns 0x555c6020
    security_handleinit(handle=0x805c0a0, driver=0x555c6020 (BSD))
    amrecover: bind_portrange2: Skip port 759: Owned by con.
    amrecover: bind_portrange2: Skip port 760: Owned by ns.
    amrecover: bind_portrange2: Skip port 761: Owned by rxe.
    amrecover: bind_portrange2: Skip port 762: Owned by quotad.
    amrecover: bind_portrange2: Skip port 763: Owned by cycleserv.
    amrecover: bind_portrange2: Skip port 764: Owned by omserv.
    amrecover: bind_portrange2: Skip port 765: Owned by webster.
    amrecover: bind_portrange2: Try port 766: Available - Success
    amrecover: dgram_bind: socket bound to 0.0.0.0.766
    amrecover: dgram_send_addr(addr=0xffffb9a0, dgram=0x555c7064)
    amrecover: (sockaddr_in *)0xffffb9a0 = { 2, 24615, <SERVER_IP> }
    amrecover: dgram_send_addr: 0x555c7064->socket = 3
    amrecover: dgram_send_addr(addr=0xffffb770, dgram=0x555c7064)
    amrecover: (sockaddr_in *)0xffffb770 = { 2, 24615, <SERVER_IP> }
    amrecover: dgram_send_addr: 0x555c7064->socket = 3
    amrecover: dgram_send_addr(addr=0xffffb770, dgram=0x555c7064)
    amrecover: (sockaddr_in *)0xffffb770 = { 2, 24615, <SERVER_IP> }
    amrecover: dgram_send_addr: 0x555c7064->socket = 3
    security_seterror(handle=0x805c0a0, driver=0x555c6020 (BSD) error=timeout waiting for ACK)
    security_close(handle=0x805c0a0, driver=0x555c6020 (BSD))

    the amindexd or amidxtaped respective logs on the server are not available since they don't start, when I amrecover on the client


    Here on the logs port 10080 is used to contact the server. As soon as I amrecover on the client I switch to a server terminal, where I see xinetd starting amandad. Then amandad waits for 30secs (xinetd configuratiion) and then dies.
    Last edited by taruone; October 1st, 2006 at 04:59 AM.

  7. #7
    Join Date
    Oct 2005
    Posts
    1,559

    Default

    Please remove only_from field from server xinetd entry or set it
    appropriately. Currently, it is set to allow connections only from server.

    For the tape/index Server
    service amanda
    {
    only_from = <ServerFQDN> 192.168.2.15
    disable = no
    socket_type = dgram
    protocol = udp
    wait = yes
    user = amandabackup
    group = disk
    groups = yes
    server = /opt/amanda-2.5.1/libexec/amandad
    server_args = -auth=bsd amdump amindexd amidxtaped
    }

  8. #8

    Default

    ?? The only_from field atm specifies both the Server's FQDN and the client(192.168.2.15)....
    I'll remove it though to see if that fixes the problem.

  9. #9

    Default

    no luck either...
    Anyway thx for the help, I'll move on and revisit this sometime later

  10. #10
    Join Date
    Oct 2005
    Posts
    1,559

    Default

    Hi Taruone,

    Take a look at xinetd logs at the server. For some reason, amindexd and amidxtaped
    are not being started when amrecover sends a request to the server.

    What distribution are you using?

    I hope you do not have "<ServerFQDN>" in the only_from field value.

    Paddy

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •