From 7b33ced6a66dac8dd8ae3ff7f3012dd7b50f530b Mon Sep 17 00:00:00 2001 From: Radek Brich Date: Nov 22 2007 12:18:25 +0000 Subject: Resolves: #124510 --- diff --git a/README-rpm b/README-rpm new file mode 100644 index 0000000..ae1475c --- /dev/null +++ b/README-rpm @@ -0,0 +1,12 @@ +New user name was introduced in 2.5.2.p1-9. +See https://bugzilla.redhat.com/124510 for details. + +Amanda's RPMs contain scriptlets for automatic +transition to new 'amandabackup' user name. +Update of files /etc/amanda/*/amanda.conf, +/var/lib/amanda/.amandahosts, /etc/xinetd.d/amanda +as well as renaming /var/spool/cron/amanda +is handled by these scriptlets. Original files +are backed up with .usernameupdate extension. + +Other needed changes must be done manually... diff --git a/amanda.spec b/amanda.spec index b4342e6..a4eb7fc 100644 --- a/amanda.spec +++ b/amanda.spec @@ -2,7 +2,7 @@ %{!?defconfig:%define defconfig DailySet1} %{!?indexserver:%define indexserver amandahost} %{!?tapeserver:%define tapeserver %{indexserver}} -%{!?amanda_user:%define amanda_user amanda} +%{!?amanda_user:%define amanda_user amandabackup} %{!?amanda_group:%define amanda_group disk} # XXX append lib to current _localstatedir setting @@ -11,12 +11,13 @@ Summary: A network-capable tape backup solution Name: amanda Version: 2.5.2p1 -Release: 8%{?dist} +Release: 9%{?dist} Source: http://download.sourceforge.net/amanda/amanda-%{version}.tar.gz Source1: amanda.crontab Source4: disklist Source5: amanda-xinetd Source8: amandahosts +Source9: README-rpm Patch1: amanda-2.5.2p1-pie.patch Patch3: amanda-2.5.2p1-ylwrapNotFound.patch Patch4: amanda-2.5.2p1-undefSymbols.patch @@ -25,11 +26,12 @@ Patch6: amanda-2.5.2p1-typo_chg_multi.patch License: BSD Group: Applications/System URL: http://www.amanda.org -Prereq: fileutils grep initscripts BuildRequires: dump gnuplot cups samba-client tar grep fileutils BuildRequires: libtool automake autoconf gcc-c++ readline-devel /usr/bin/Mail BuildRequires: krb5-devel rsh openssh-clients ncompress mtx mt-st -Requires: tar /usr/bin/Mail +Requires(pre): shadow-utils +Requires(post): grep sed +Requires: fileutils grep initscripts tar /usr/bin/Mail BuildRoot: %{_tmppath}/%{name}-%{version}-root %description @@ -48,8 +50,9 @@ well. %package client Summary: The client component of the AMANDA tape backup system. Group: Applications/System -Prereq: fileutils grep /sbin/service xinetd +Requires: fileutils grep /sbin/service xinetd Requires(pre): amanda = %{version} +Requires(post): grep sed %description client The Amanda-client package should be installed on any machine that will @@ -60,9 +63,9 @@ AMANDA client machine. %package server Summary: The server side of the AMANDA tape backup system. Group: Applications/System -Requires: gnuplot -Prereq: fileutils grep /sbin/service +Requires: gnuplot fileutils grep /sbin/service Requires(pre): amanda = %{version} +Requires(post): grep sed findutils %description server The amanda-server package should be installed on the AMANDA server, @@ -134,6 +137,8 @@ cp example/* examples rm -f examples/Makefile* rm -f examples/config.site +cp %SOURCE9 . + pushd tape-src/.libs install -m 755 amtapetype $RPM_BUILD_ROOT/%{_sbindir} popd @@ -164,19 +169,37 @@ rm $RPM_BUILD_ROOT/%{_libdir}/*.la rm -rf ${RPM_BUILD_ROOT} %pre +# look for user 'amanda' with uid 33, if exists, rename to new %amanda_user +getent passwd 'amanda' | grep ':33:' >/dev/null && +usermod -l %amanda_user amanda >/dev/null 2>&1 && +mv /var/spool/cron/amanda /var/spool/cron/%amanda_user &>/dev/null + /usr/sbin/useradd -M -n -g %amanda_group -o -r -d %{_localstatedir}/amanda -s /bin/bash \ -c "Amanda user" -u 33 %amanda_user >/dev/null 2>&1 || : - - -%post -p /sbin/ldconfig +%post +/sbin/ldconfig +# when upgrading and .amandahosts contains obsolete user name, update it +[ $1 -eq 2 ] && +grep -E '^[^[:blank:]]+[[:blank:]]+amanda([[:blank:]].*)?$' /var/lib/amanda/.amandahosts &>/dev/null && + sed -i.usernameupdate -r -e 's/^([^[:blank:]]+[[:blank:]]+)amanda([[:blank:]].*)?$/\1%amanda_user\2/' /var/lib/amanda/.amandahosts || : %post client /sbin/ldconfig +# when upgrading and /etc/xinet.d/amanda contains obsolete user name, update it +[ $1 -eq 2 ] && +grep -E '^[[:blank:]]*user[[:blank:]]*=[[:blank:]]*amanda[[:blank:]]*$' /etc/xinetd.d/amanda &>/dev/null && + sed -i.usernameupdate -r -e 's/^([[:blank:]]*user[[:blank:]]*=[[:blank:]]*)amanda([[:blank:]]*)$/\1%amanda_user\2/' /etc/xinetd.d/amanda || : + [ -f /var/lock/subsys/xinetd ] && /sbin/service xinetd reload > /dev/null 2>&1 || : %post server /sbin/ldconfig +# when upgrading, check amanda.conf in all configurations +# if it contains obsolete user name, update it +[ $1 -eq 2 ] && +grep -l -E '^dumpuser[[:blank:]]*"amanda"' /etc/amanda/*/amanda.conf | + xargs sed -i.usernameupdate -r -e 's/^(dumpuser[[:blank:]]*)"amanda"/\1"%amanda_user"/' &>/dev/null || : %postun -p /sbin/ldconfig @@ -203,6 +226,7 @@ rm -rf ${RPM_BUILD_ROOT} %attr(-,%amanda_user,%amanda_group) %dir %{_localstatedir}/amanda/ %attr(-,%amanda_user,%amanda_group) %dir %{_sysconfdir}/amanda/ %attr(-,%amanda_user,%amanda_group) %config(noreplace) %{_sysconfdir}/amandates +%doc README-rpm %{_mandir}/man5/amanda.conf* @@ -338,6 +362,12 @@ rm -rf ${RPM_BUILD_ROOT} %{_libdir}/libamandad.so %changelog +* Thu Nov 22 2007 Radek Brich 2.5.2.p1-9 +- Change default amanda user name to 'amandabackup' (#124510). + This should not break upgrades as config files are checked for + old user name and updated. +- Add some explaining comments to .amandahosts (#153749) + * Tue Aug 28 2007 Radek Brich 2.5.2.p1-8 - rebuild diff --git a/amandahosts b/amandahosts index 7fb8d3a..affd314 100644 --- a/amandahosts +++ b/amandahosts @@ -1,2 +1,29 @@ -amandahost amanda -amandahost.localdomain amanda +# Allow access to amanda over the network. See 'man amanda' + +# 'ambackup' connects to 'amandad'. If your 'disklist' is correctly +# set up, i.e. if it does not use 'localhost' but the fully qualified +# domain name (FQDN) of the target machine, then you must put +# the FQDN here. 'ambackup' must be run by user 'amandabackup', so we allow +# access by user 'amandabackup'. Do not forget to add an 'only_from' line to +# '/etc/xinet.d/amanda' to allow access to 'amandad' only from known +# IP addresses. + +# replace mymachine.mydomain by the correct value and uncomment +# mymachine.mydomain amandabackup + + +# 'amrecover' connects to 'amandaidx', which uses the fully qualified +# domain name when access is done from another machine. 'amrecover' +# must be run by user 'root', so we allow access by user 'root'. + +# replace mymachine.mydomain by the correct value and uncomment +# mymachine.mydomain root + + +# 'amrecover' connects to 'amandaidx', which uses the bare machine +# name w/o domain name when access is done from the same machine. +# 'amrecover' must be run by user 'root', so we allow access by user +# 'root'. + +# replace mymachine by the correct value and uncomment +# mymachine root