SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
Client Test Configuration
Create a file named .amandahosts
in the home directory of the Amanda user on the client. It should contain an entry with the hostname of the Amanda server and the Amanda user on the server:
su - amanda
echo "amanda.example.com amanda" > .amandahosts
exit
Since version 2.5.0, the .amandahosts
file also requires strict permissions. Also, the home directory of the Amanda user (containing the .amandahosts file) should be write-protected from modification by any other user:
chown amanda ~amanda ~/.amandahosts
chmod 755 ~amanda
chmod 600 ~amanda/.amandahosts
Create an empty file /var/amanda/amandates
and change its ownership to the Amanda user:
mkdir /var/amanda
chown amanda:backup /var/amanda
touch /var/amanda/amandates
chown amanda:backup /var/amanda/amandates
Make the file /var/amanda/dumpdates
writable by the Amanda user:
touch /var/amanda/dumpdates
chmod 664 /var/amanda/dumpdates
chgrp backup /var/amanda/dumpdates
If the dumptype for this client uses GNU-tar, then you must create a directory for it. Create the directory, making sure the Amanda user has write permission:
mkdir -p /var/lib/amanda/gnutar-lists
chown -R amanda:backup /var/lib/amanda
exit
xinetd configuration
yum install xinetd
Create /etc/xinetd.d/amanda
:
#o Either:
# - Add this to /etc/xinetd.conf
# - Or create a new file called /etc/xinetd.d/amanda
#
#o Entry for /etc/inetd.conf:
# - amanda dgram udp wait backup /usr/sbin/tcpd /usr/lib/amanda/amandad
#
#o Don't forget that:
# - 'bind' is the ip address of the interface on which the amanda client
# will respond on.
# - 'only_from' is the amanda server's ip address that the client will talk
# to.
#
#o Translation for xinetd:
#
service amanda
{
socket_type = dgram
protocol = udp
wait = yes
user = amanda
groups = yes
server = /usr/local/libexec/amanda/amandad
bind = client_ip_address
only_from = server_ip_address
}
service xinetd restart
Daemontools configuration
Install netcat from source (Centos 5 RPM no workie!:
cd /extra/src
wget http://internap.dl.sourceforge.net/sourceforge/netcat/netcat-0.7.1.tar.gz
tar zxvf netcat-0.7.1.tar.gz
cd netcat-0.7.1
./configure
make
make install
Make the service directory:
mkdir /var/service/amanda
Create /var/service/amanda/run
:
#!/bin/sh
exec /usr/local/bin/setuidgid amanda \
/usr/bin/netcat -l -u -p 10080 \
-e /usr/local/libexec/amandad >/dev/null 2>/dev/null
Make it executable:
chmod 755 run
Create the log service:
mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run
mv service-any-log-run run
chmod 755 run
Create the symbolic link to start the service:
ln -s /var/service/amanda /service/amanda
- Log in to post comments