How To:Limit the Hosts That Can Recover a DLE
Before Amanda-3.2, Amanda would happily allow any host that could get past the security API to recover dumps from any host. This makes a lot of sense within a single organization: if www1 goes down, you can quickly recover its /var/www on spareserver, the host you started up to take its place. However, it is not a good solution for situations where different backup clients should not be able to access one another's data.
In version 3.2, Amanda can fix this.
Configuration
First, set a default recovery limit for all hosts using the global recovery-limit parameter in amanda.conf. Often this will be something like
recovery-limit same-host "backupserver.mycompany.com"
which says that, by default, client hosts can recover their own dumps, and that the host "backupserver" can recover all dumps.
For more complex circumstances, you can also add a recovery-limit parameter to particular dumptypes or DLEs. However, do not omit the global configuration, which limits access to dumps that are not in the disklist anymore. For example, to allow a restore from spareserver on a few DLEs, add a new parameter to each DLE like this:
www1 /var/www { www-tar recovery-limit "spareserver" }