On 10/11/13 15:38, Rodolfo Gouveia wrote:
On Fri, Oct 11, 2013 at 09:04:16AM -0400, Jiri B wrote:
Try `su' to your user on that system and try to `ls -lR' those dirs,
I suppose he won't be able to do that.
j.
Thanks Jiri.
Indeed he can't.
I've looked at this closer and I found out that on some machines dump
doesn't give any error even though the user 'backup' can't list the
contents of the folder:
$ whoami
backup
$ ls -lhd /var/audit
drwxrws--- 2 root wheel 512B Mar 13 2013 /var/audit
$ ls -lhR /var/audit
ls: audit: Permission denied
The difference I found between those machines is the partition layout.
Machine with no errors:
$ mount
/dev/sd0a on / type ffs (local)
/dev/sd0g on /home type ffs (local, nodev, nosuid)
/dev/sd0d on /tmp type ffs (local, nodev, nosuid)
/dev/sd0f on /usr type ffs (local, nodev)
/dev/sd0e on /var type ffs (local, nodev, nosuid)
Machine with errors:
$ mount
/dev/sd0a on / type ffs (local)
So the difference is that when '/var' is a real partition, dump doesn't
complain at all.
Does this make sense?
Yes, most likely.
If you dump a mount point, e.g. /var in the first machine, it will read
from the device (/dev/rsd0e). The operator group normally has the read
bits for that.
If you dump a non-mount point (e.g. /var in the second machine, it
requires reading the file system itself.
I'm quite positive this is what you're hitting here.
/Alexander
