From 8305edf2aab282e552d651e948a0d8a7d6a6424f Mon Sep 17 00:00:00 2001 From: Dominik Meyer Date: Thu, 1 Aug 2024 08:10:48 +0200 Subject: [PATCH] feat: provide own amanda-security.conf --- client/Containerfile | 8 ++++--- client/conf/amanda-security.conf | 39 ++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 3 deletions(-) create mode 100644 client/conf/amanda-security.conf diff --git a/client/Containerfile b/client/Containerfile index 8a85f77..53505fc 100644 --- a/client/Containerfile +++ b/client/Containerfile @@ -5,7 +5,8 @@ ARG AMANDA_VERSION=tag-community-3.5.4 RUN apt-get -qy update && apt-get -qy upgrade RUN apt-get -qy install git libssl-dev make autoconf autoconf-archive automake bash bison \ flex perl libperl-dev libglib2.0-dev swig \ - libtirpc-dev libreadline-dev libxslt1-dev libxml-simple-perl procps + libtirpc-dev libreadline-dev libxslt1-dev libxml-simple-perl procps \ + dump xfsprogs xfsdump WORKDIR /src RUN git clone https://github.com/zmanda/amanda.git && cd amanda && git checkout ${AMANDA_VERSION} && git submodule update --init --recursive @@ -21,7 +22,8 @@ FROM debian:stable-slim RUN apt-get -qy update && apt-get -qy upgrade RUN apt-get -qy install git libssl3 bash perl libglib2.0 swig libtirpc3 libreadline8 \ - libxslt1.1 libxml-simple-perl libjson-perl openbsd-inetd procps + libxslt1.1 libxml-simple-perl libjson-perl openbsd-inetd procps \ + dump xfsprogs xfsdump RUN apt-get -qy install tini @@ -37,7 +39,7 @@ RUN chmod +x /entryPoint.sh ENV LD_LIBRARY_PATH /usr/local/share/perl5/site_perl/auto/Amanda/Debug/ RUN chown -R backup:backup /var/backups -RUN cp /usr/local/etc/amanda/amanda-security.conf /usr/local/etc/ +COPY conf/amanda-client.conf /usr/local/etc/ RUN chown root:root /usr/local/etc/amanda-security.conf RUN mkdir -p /usr/local/var/amanda/gnutar-lists diff --git a/client/conf/amanda-security.conf b/client/conf/amanda-security.conf new file mode 100644 index 0000000..8882dba --- /dev/null +++ b/client/conf/amanda-security.conf @@ -0,0 +1,39 @@ +########################################################### +# /etc/amanda-security.conf # +# # +# See: man amanda-security.conf # +# # +# This file must be installed at /etc/amanda-security.conf # +# # +# It list all executables amanda can execute as root. # +# This file must contains realpath to executable, with # +# all symbolic links resolved. # +# You can use the 'realpath' command to find them. # +# # +# It list program and a symbolic name for the program # +# Followed by the realpath of the binary # +# # +# Uncomment and edit the following lines to let Amanda to # +# use customized system commands. If multiple PATH is # +# necessary, please put them in different lines. # +# e.g.: # +# amgtar:GNUTAR_PATH=/usr/bin/tar # +# amgtar:GNUTAR_PATH=/usr/bin/tar-1.28 # +# # +# Only binary listed are allowed to be run as root. # +# # +# You can find the configured binary with amgetconf # +# amgetconf build.gnutar_path # +# amgetconf build.star_path # +# amgetconf build.bsdtar_path # +# # +############################################################ +runtar:gnutar_path=/usr/bin/tar + +#restore_by_amanda_user=no + +tcp_port_range=512,1024 +udp_port_range=840,860 +amgtar:gnutar_path=/usr/bin/tar +runtar:gnutar_path=/bin/tar +amgtar:gnutar_path=/bin/tar \ No newline at end of file