From owner-freebsd-questions Thu Jul 2 07:37:07 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA02504 for freebsd-questions-outgoing; Thu, 2 Jul 1998 07:37:07 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from plains.NoDak.edu (tinguely@plains.NoDak.edu [134.129.111.64]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA02491 for ; Thu, 2 Jul 1998 07:37:04 -0700 (PDT) (envelope-from tinguely@plains.NoDak.edu) Received: (from tinguely@localhost) by plains.NoDak.edu (8.8.8/8.8.8) id JAA10799; Thu, 2 Jul 1998 09:36:58 -0500 (CDT) Date: Thu, 2 Jul 1998 09:36:58 -0500 (CDT) From: Mark Tinguely Message-Id: <199807021436.JAA10799@plains.NoDak.edu> To: freebsd-questions@FreeBSD.ORG, kino@basta.fis.nsk.su Subject: Re: rdump Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I have FreeBSD 2.2.6 and storage device hp1533 DDS2 on the one machine (A). > I need dump from remote machine (B) to machine (A). > I created user taper, add her into group operator. > On the machine (B) do: > /sbin/rdump -0uf Machine_A:/dev/nrst0 /usr > it don't work: > rcmd: socket: Permission deniend > > PS: rcp, rsh work true. > PSS: exec on the machine (A) turn on. > PSSS: from root it work true. add a group taper that user taper is the only member, and then as root: # chmod 4750 /sbin/rdump # chgrp taper /sbin/rdump # for i in a e ... > do > chgrp taper /dev/rwd0s1${i} >done rdump need to be run as root to open the restricted network socket port. the chmod makes rdump SUID to root, the group restricts access so that ordinary users can't get copies of restricted files by: $ /sbin/rdump 0sf 99999 - /dev/rwd0s1a | /sbin/restore if - the last command, you will have to change to match your filesystem mount points, but the intent is to let the taper account read the raw devices. for additional security, you can add these commands to a script file so that the modes are only changed during the backup, and at the end of the backup, the modes and groups are reset to the original values. --mark. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message