Amanda has been tested to run on both Mac OS X Panther (10.3) and Tiger (10.4). I have tested Amanda client on Leopard (10.5.4) with success (backed up and recovered just fine on 08/21/2008). Detail under Leopard section.

With Panther, the built-in tar does not record extended filesystem attributes (resource forks, finder flags, ACLs, and so on), so users who want to be able to restore those attributes will need to do some extra work (see below). Fortunately, Tiger's tar does support extended attributes, so an amanda installation will work "out of the box". See Mac OS X Extended Attributes Support for more information.

This page is summarized from writeups by Steven Karel and Dustin's work on Amanda.

General Setup

Prerequisites

Upcoming versions of Amanda (those incorporating the Device API) will require that glib2 version 2.2.0 or later be installed. Unfortunately, there is no ready-made package for this library. The easiest way to install it is to install DarwinPorts and then run

sudo port install glib2

which will pull in the various dependencies of this library. If you want to install it manually, see [1] for instructions pertaining to The GIMP (you will need to install a newer version of glib -- at least 2.2.0 -- than mentioned on that page).

Set Up 'amandabackup' User

The following steps use 'niutil' to set up Amanda in the netinfo database, and then creae a home directory for the new user.

sudo niutil -create / /users/amandabackup
sudo niutil -createprop / /users/amandabackup shell /bin/bash
sudo niutil -createprop / /users/amandabackup realname "Backup User"
sudo niutil -createprop / /users/amandabackup uid 5000
sudo niutil -createprop / /users/amandabackup gid 0
sudo niutil -createprop / /users/amandabackup home /Users/amandabackup
sudo ditto -rsrcFork '/System/Library/User Template/English.lproj/' /Users/amandabackup
sudo sh -c "echo 'amanda_server.example.com amandabackup' > /Users/amandabackup/.amandahosts"
sudo chown -R amandabackup:wheel /Users/amandabackup
sudo passwd amandabackup

Replace amanda_server.example.com in the above with the name of your amanda server. This file is used as a basic security check to control which hosts can access amandad on this client.

On OS X 10.5 (Leopard), this has changed, as NetInfo no longer exists.

sudo dscl localhost -create /Local/Default/Users/amandabackup
sudo dscl localhost -create /Local/Default/Users/amandabackup RecordName amandabackup
sudo dscl localhost -create /Local/Default/Users/amandabackup UserShell /bin/bash
sudo dscl localhost -create /Local/Default/Users/amandabackup RealName "Backup User" 
sudo dscl localhost -create /Local/Default/Users/amandabackup UniqueID 5000
sudo dscl localhost -create /Local/Default/Users/amandabackup PrimaryGroupID 0
sudo dscl localhost -append /Local/Default/Groups/admin GroupMembership amandabackup
sudo dscl localhost -create /Local/Default/Users/amandabackup NFSHomeDirectory /Users/amandabackup
sudo ditto -rsrcFork '/System/Library/User Template/English.lproj/' /Users/amandabackup
sudo sh -c "echo 'amandabackup_server.example.com amandabackup' > /Users/amandabackup/.amandahosts"
sudo chown -R amandabackup:wheel /Users/amandabackup
sudo passwd amandabackup

( The amandabackup user has to be added to group 80 too, since the group of the default installation of Amanda on Lepord is admin (80), but I couldn't figure out how to add the secondary group from command line. I used WGM. Or you can specify "--with-group=GROUP" when doing the configuration.)

Adding amandabackup to group 80 in the command line is handled with the -append line in the dscl commands above._{Jose (2/5/2009)}

System Tweaks

Add the following lines at the appropriate place in /etc/services (this isn't strictly necessary if you're not using kerberos security and the machine will only be an amanda client):

kamanda         10081/tcp   # amanda backup services (Kerberos)
kamanda         10081/udp   # amanda backup services (Kerberos)
amandaidx       10082/tcp   # amanda backup services
amidxtape       10083/tcp   # amanda backup services

(On Leopard, 10081/tcp/udp have already been taken by famdc, which I don't know what it is. It says "FAM Archive Server" in the comment field.)

Compile Amanda

Download and untar Amanda, then run ./configure as follows:

./configure --with-user=amandabackup --with-group=admin

You will want to examine ./configure --help first to see what other options are available. For example:

--with-bsdtcp-security

If you want to use bsdtcp authentication and are compiling from source code, you must specify the configure flag. If an authentication method is not specified, bsd is the default

--with-bsdudp-security

If you want to use bsdudp authentication and are compiling from source code, you must specify the configure flag. If an authentication method is not specified, bsd is the default

--without-server

just build the client components

--prefix

install somewhere other than /usr/local, etc.

--with-config

set the default configuration

--with-gnutar

give the path to GNU tar (especially useful on Panther; see below)

--without-xsltproc

don't build the manpages from XML (the XML parser is flaky)

--with-tmpdir=/private/tmp

you may not need this, but if you're worried, it certainly won't hurt.

This tutorial assumes that --prefix is left at the default, which installs everything (including configuration and state) under /usr/local. This helps to segregate amanda's information from files managed by Apple, and is probably best for end-user machines. If you will be actively working with the amanda configuration on these machines, you may want to consider:

--sysconfdir=/private/etc

store configuration in the usual place under /etc/amanda and /etc/amandates.

--localstatedir=/private/var

store state in the usual place under /var/amanda.

If you make these changes, you'll need to adjust the directories created in above.

If you're using DarwinPorts, and you haven't adjusted your PATH already, you may need to add /opt/local/bin:

PATH="$PATH:/opt/local/bin"

otherwise configure will be unable to find pkg-config (for glib2 -- this doesn't apply if that package isn't required).

To compile and install, follow the usual

make
sudo make install

Configuring Amanda Files and Directories

Create /usr/local/var/amanda/amandates:

sudo touch /usr/local/var/amanda/amandates
sudo chmod 660 /usr/local/var/amanda/amandates
sudo chown -R amandabackup:wheel /usr/local/var/amanda/amandates

And set up some directories where Amanda can store small bits of data:

# TODO: get paths right for no --prefix
sudo mkdir -p /usr/local/lib/amanda
sudo touch /usr/local/lib/amanda/exclude.gtar
sudo mkdir -p /usr/local/var/amanda/gnutar-lists/
sudo chown -R amandabackup:wheel /usr/local/lib/amanda /usr/local/var/amanda/

For server installations, copy the amanda-client.conf file from SRC_ROOT/example/amanda-client.conf to /usr/local/etc/amanda. Edit this file as needed. Without it amrecover will be unable to connect to amindexd.

Version-Specific Notes

Leopard

Amanda on Leopard works with SSH, BSDTCP and BSDUDP authentication.

I have tested (11/26/2008) Amanda client(2.6.0p2) on Leopard(10.5.5) with BSD authentication with success. (Also, Amanda server(2.6.1) has been successfully tested (2/5/2009) on Leopard(10.5.6) by Jose Hales-Garcia at UCLA.) Just follow the instruction in this wiki. Extra steps required for a server installation have been included.

Verify that amandad is in /usr/local/libexec/amanda, if not, you'll need to edit these slightly to give the correct path to amandad. The first runs amandad with BSDTCP authentication; the second uses BSDUDP authentication. Select the correct one based on the authentication method that you compiled the Amanda client with on your Mac.

Copy one of the property lists (either BSDTCP or BSDUDP) to /Library/LaunchDaemons, and load it with

sudo launchctl load -w /Library/LaunchDaemons/org.amanda.amandad.bsdtcp.plist
or
sudo launchctl load -w /Library/LaunchDaemons/org.amanda.amandad.bsdudp.plist

You should see the following output from netstat, depedning on which authentication protocol you're using:

me@mac ~ $ netstat -na | grep 10080
tcp6       0      0  *.10080                *.*
tcp4       0      0  *.10080                *.*

or

me@mac ~ $ netstat -na | grep 10080
udp6       0      0  *.10080                *.*
udp4       0      0  *.10080                *.*

BSDTCP

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>org.amanda.amandad.bsdtcp</string>
	<key>UserName</key>
	<string>amandabackup</string>
	<key>GroupName</key>
	<string>wheel</string>
	<key>InitGroups</key>
	<true/>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/libexec/amanda/amandad</string>
		<string>-auth=bsdtcp</string>
                <string>amdump</string>
                <string>amindexd</string>
                <string>amidxtaped</string>
	</array>
	<key>Sockets</key>
	<dict>
		<key>ipv4</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv4</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>stream</string>
		</dict>
		<key>ipv6</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv6</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>stream</string>
		</dict>
	</dict>
	<key>inetdCompatibility</key>
	<dict>
		<key>Wait</key>
		<false/>
	</dict>
</dict>
</plist>

BSDUDP

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>GroupName</key>
	<string>wheel</string>
	<key>InitGroups</key>
	<true/>
	<key>Label</key>
	<string>org.amanda.amandad.bsdudp</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/libexec/amanda/amandad</string>
		<string>-auth=bsdudp</string>
                <string>amdump</string>
                <string>amindexd</string>
                <string>amidxtaped</string>
	</array>
	<key>Sockets</key>
	<dict>
		<key>ipv4</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv4</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>dgram</string>
		</dict>
		<key>ipv6</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv6</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>dgram</string>
		</dict>
	</dict>
	<key>UserName</key>
	<string>amandabackup</string>
	<key>inetdCompatibility</key>
	<dict>
		<key>Wait</key>
		<true/>
	</dict>
</dict>
</plist>

Note: The ProgramArguments lines (amdump, amindexd, and aminxtaped) are needed on the server in order to execute amrecover.

Tiger

To get amandad to run when packets from the server arrive, you'll need a launchd script. See Apple's Getting started with launchd for background on this system.

Steven Karel has supplied a handy property list here, on which this version is based. You'll need to edit these slightly to give the correct path to amandad. The first runs amandad with BSDTCP authentication; the second uses BSDUDP authentication. These files are in contrib/macosx.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>org.amanda.amandad.bsdtcp</string>
	<key>UserName</key>
	<string>amandabackup</string>
	<key>GroupName</key>
	<string>wheel</string>
	<key>InitGroups</key>
	<true/>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/libexec/amandad</string>
		<string>-auth=bsdtcp</string>
	</array>
	<key>Sockets</key>
	<dict>
		<key>ipv4</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv4</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>stream</string>
		</dict>
		<key>ipv6</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv6</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>stream</string>
		</dict>
	</dict>
	<key>inetdCompatibility</key>
	<dict>
		<key>Wait</key>
		<false/>
	</dict>
</dict>
</plist>

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>GroupName</key>
	<string>wheel</string>
	<key>InitGroups</key>
	<true/>
	<key>Label</key>
	<string>org.amanda.amandad.bsdudp</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/libexec/amandad</string>
		<string>-auth=bsdudp</string>
	</array>
	<key>Sockets</key>
	<dict>
		<key>ipv4</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv4</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>dgram</string>
		</dict>
		<key>ipv6</key>
		<dict>
			<key>SockFamily</key>
			<string>IPv6</string>
			<key>SockServiceName</key>
			<string>amanda</string>
			<key>SockType</key>
			<string>dgram</string>
		</dict>
	</dict>
	<key>UserName</key>
	<string>amandabackup</string>
	<key>inetdCompatibility</key>
	<dict>
		<key>Wait</key>
		<true/>
	</dict>
</dict>
</plist>

Copy one or both of the property lists to /Library/LaunchDaemons, and load them with

sudo launchctl load -w /Library/LaunchDaemons/org.amanda.amandad.bsdudp.plist

You should see the following output from netstat:

me@mac ~ $ netstat -na | grep 10080
udp6       0      0  *.10080                *.*
udp4       0      0  *.10080                *.*

(or tcp6/4 for BSDTCP).

Panther

A user reports that for some versions of Mac OS X you may need to increase the UDP packetsize, as explained in UDP packet too large.

To support extended attributes on Panther,

1. install either xtar or, if that doesn't work, hfstar
2. compile Amanda, with the addition of the --with-gnutar=/path/to/new/tar flag to ./configure, giving the location of the new tar

To run amandad on Panther, you need to install an xinetd configuration snippet; create /etc/xinet.d/amanda with the following contents:

service amanda
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = amandabackup
        server                  = /usr/local/libexec/amandad
        server_args             = amandad
        groups                  = yes
        disable                 = no
}

(where server is the path at which you've installed amandad)

To start the service in xinetd:

service amanda start

If you have trouble, you may want to check that xinetd is running on the machine.

Links

• Steven Karel's page on the topic
• Locnar's "brain dump"
• Apple's discussion of available backup utilities and their compatibility with extended attributes
• Building a Mac OS X Package for Amanda