File Permissions with NFS - Amanda on Openhabian 2.4 (RPi3+), to Ubuntu 16.04

Setup, Configuration and Use Runtime
1

Hello all,
I’ve seen the discussion on backup (& Amanda), and realized I’ve put a lot of time into my current openhab system, and should probably do proper backups. (I have my current config files on my laptop, so those are always accessible, though)

I think I’ve run into a permssions issue.
I read through the Amanda documentation, set up NFS on my ubuntu 16.04 server, then on my openhabian system as per:

With some tinkering (restricting access to my RPi IP address), I had nfs working properly with a mounted directory linked to a large storage volume on my Ubuntu system. I chmod’d to 777 on it, and after mounted on my RPi, files created by the Pi showed up in the Ubuntu system with the user name (a sudo user) that I used to create the share on the ubuntu.

I installed Amanda from Openhabian-config, and followed the prompts. When I opted to not use AWS (the question suggested you set up the account at that time before proceeding, do you want to continue with installation Yes/No - when I chose ‘No’, the installed immediately exited.

  • I’m worried when I thought I was simply choosing not to install/configure AWS, the installation may not have completed. The config directory is populated, though, and the mounted network folder has lots of folders/subfolders in it.

When I look at the output from the amanda installer, however, there are permissions errors:

[snip]
Setting up libxml-sax-expat-perl (0.40-2) ...
update-perl-sax-parsers: Registering Perl SAX parser XML::SAX::Expat with priority 50...
update-perl-sax-parsers: Updating overall Perl SAX parser modules info file...
Replacing config file /etc/perl/XML/SAX/ParserDetails.ini with new version
Updating FireMotD available updates count ... 2019-09-12 21:08:47,676: FireMotD: Error: Template folder doesn't exist. Upgrading from an older version? Please run make again or run the install function "FireMotD -I -v".

openhabian:x:1000:1000:,,,:/home/openhabian:/bin/bash
/bin/chown: changing ownership of '/media/OHBackup/testing': Operation not permitted
/bin/chown: changing ownership of '/media/OHBackup/test2': Operation not permitted
/bin/chown: changing ownership of '/media/OHBackup': Operation not permitted
/bin/chmod: changing permissions of '/media/OHBackup': Operation not permitted
/bin/chmod: changing permissions of '/media/OHBackup/testing': Operation not permitted
/bin/chmod: changing permissions of '/media/OHBackup/test2': Operation not permitted
/bin/chown: changing ownership of '/media/OHBackup/slots': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot1': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot2': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot3': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot4': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot5': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot6': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot7': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot8': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot9': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot10': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot11': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot12': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot13': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot14': Operation not permitted
chown: changing ownership of '/media/OHBackup/slots/slot15': Operation not permitted
chown: changing ownership of '/media/OHBackup/amanda-backups': Operation not permitted
2019-09-12_21:27:10_PDT [openHABian] Checking for default openHABian username:password combination... OK
2019-09-12_21:27:10_PDT [openHABian] We hope you got what you came for! See you again soon ;)

And on my ubuntu system my /etc/exports file is:

 # /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#

/media/MediaStore/OHBackup 192.168.x.xxx(rw,sync,no_subtree_check)

And the command I ran to mount the network location was:

echo "192.168.x.xxx:/media/MediaStore/OHBackup /media/OHBackup nfs rsize=8192,wsize=8192,timeo=14,intr 0 0" | sudo tee -a /etc/fstab

(IP addresses edited)

My questions:

  1. Can I assume that Amanda installed correctly and will run correctly having chosen 'No" at the ambiguously-worded AWS prompt? I never was given the option to choose when to backup.

  2. Is the installer’s FireMotD error config file error likely to be significant?

and

  1. Is having the permissions issue going to be a problem restoring files, or will Amanda be able to sort it out to the local users at that time?
    3a) Do I need to mirror users between the Openhabian system and my Ubuntu system - or at least have an openhabian user on the Ubuntu system?

Thanks!

Ben

  • Openhabian 2.4 on Raspberry Pi 3+
  • installation expanded to external SSD
  • Ubuntu 16.04 LTS
2

Yes as far as your input is concerned. You won’t be asked for a time.
The error messages you show however indicate Amanda didn’t install correctly because you didn’t give proper permissions on exporting the NFS share.

No.

Yes, and it’ll already be a problem at backup time.
Fix mount permissions and reinstall Amanda.

No but since you get “operation not permitted” although openhabian-config is run as root which has all the rights, I assume you have to export the FS such that root is not mapped to some ordinary user which it is with your setup. You need the no_root_squash option on your Ubuntu box in exports. G**gle that to find a better explanation to properly understand that stuff.

PS: what is ambigous about the AWS install prompt ?

3

Thanks Markus.
I have now looked into the no_root_squash option. I will give it a try, as this won’t be exposed to anybody other than my RPi, but am aware of the increased security risk this can pose. I imagine it’s not that much different from my decision to try chmod 777 to get it to work.

==

The AWS install prompt talks about installing AWS, then asks if I want to continue installing Amanda. Instead it should probably say do you want to install AWS? Alternately, if the prompt stated the main installation was complete, do you wish to install AWS, that would be quite clear.

Given that I needed to re-install Amanda to fix the permissions, I copied the prompt. Here it is:

                        ┌──────────────────────┤ Create Amazon S3 based backup ├───────────────────────┐
                        │                                                                              │
                        │ Setup a backup mechanism based on Amazon Web Services. You can get 5 GB of   │
                        │ S3 cloud storage for free on https://aws.amazon.com/. For hints see          │
                        │ http://markelov.org/wiki/index.php?title=Backup_with_Amanda:_tape,_NAS,_Amaz │
                        │ on_S3#Amazon_S3                                                              │
                        │                                                                              │
                        │ Please setup your S3 bucket on Amazon Web Services NOW if you have not done  │
                        │ so. Remember the name has to be unique in AWS namespace.                     │
                        │ Continue with Amanda installation ?                                          │
                        │                                                                              │
                        │                                                                              │
                        │                     <Yes>                        <No>                        │
                        │                                                                              │
                        └──────────────────────────────────────────────────────────────────────────────┘

I wouldn’t have bothered raising it, though, if I didn’t have those other issues come up. I’m happy with the answer that it (would have) installed correctly at this point.

Thanks again for your help.

Ben