Installation/OS Specific Notes/Installing Amanda on Mac OS X: Difference between revisions
No edit summary |
|||
Line 4: | Line 4: | ||
This page is summarized from writeups by [https://webserver.brandeis.edu/pages/view/Bio/AmandaMacOSXCompileNotes Steven Karel] and [[User:Dustin|Dustin]]'s work on Amanda. | This page is summarized from writeups by [https://webserver.brandeis.edu/pages/view/Bio/AmandaMacOSXCompileNotes Steven Karel] and [[User:Dustin|Dustin]]'s work on Amanda. | ||
For additional information you may turn to the Mac How to find out [http://www.mac-how.net/ how to uninstall applications on mac] | |||
= General Setup = | = General Setup = |
Revision as of 15:21, 27 July 2010
Amanda has been tested on Mac OS X Panther (10.3), Tiger (10.4), Leopard (10.5) and Snow Leopard (10.6).
With Panther, the built-in tar does not record extended filesystem attributes (resource forks, finder flags, ACLs, and so on), so users who want to be able to restore those attributes will need to do some extra work (see below). Fortunately, Tiger's tar does support extended attributes, so an amanda installation will work "out of the box". See Mac OS X Extended Attributes Support for more information.
This page is summarized from writeups by Steven Karel and Dustin's work on Amanda. For additional information you may turn to the Mac How to find out how to uninstall applications on mac
General Setup
Prerequisites
Upcoming versions of Amanda (those incorporating the Device API) will require that glib2 version 2.2.0 or later be installed. Unfortunately, there is no ready-made package for this library. The easiest way to install it is to install MacPorts and then run
sudo port install glib2
which will pull in the various dependencies of this library. If you want to install it manually, see [1] for instructions pertaining to The GIMP (you will need to install a newer version of glib -- at least 2.2.0 -- than mentioned on that page).
Set Up 'amandabackup' User
On 10.3 and 10.4
The following steps use 'niutil' to set up Amanda in the netinfo database, and then creae a home directory for the new user.
sudo niutil -create / /users/amandabackup sudo niutil -createprop / /users/amandabackup shell /bin/bash sudo niutil -createprop / /users/amandabackup realname "Backup User" sudo niutil -createprop / /users/amandabackup uid 5000 sudo niutil -createprop / /users/amandabackup gid 0 sudo niutil -createprop / /users/amandabackup home /Users/amandabackup sudo ditto -rsrcFork '/System/Library/User Template/English.lproj/' /Users/amandabackup sudo sh -c "echo 'amanda_server.example.com amandabackup' > /Users/amandabackup/.amandahosts" sudo chown -R amandabackup:wheel /Users/amandabackup sudo passwd amandabackup
Replace amanda_server.example.com in the above with the name of your amanda server. This file is used as a basic security check to control which hosts can access amandad on this client.
On 10.5+
On OS X 10.5 and greater, this has changed, as NetInfo no longer exists.
sudo dscl localhost -create /Local/Default/Users/amandabackup sudo dscl localhost -create /Local/Default/Users/amandabackup RecordName amandabackup sudo dscl localhost -create /Local/Default/Users/amandabackup UserShell /bin/bash sudo dscl localhost -create /Local/Default/Users/amandabackup RealName "Backup User" sudo dscl localhost -create /Local/Default/Users/amandabackup UniqueID 5000 sudo dscl localhost -create /Local/Default/Users/amandabackup PrimaryGroupID 0 sudo dscl localhost -append /Local/Default/Groups/admin GroupMembership amandabackup sudo dscl localhost -create /Local/Default/Users/amandabackup NFSHomeDirectory /Users/amandabackup sudo ditto -rsrcFork '/System/Library/User Template/English.lproj/' /Users/amandabackup sudo sh -c "echo 'amandabackup_server.example.com amandabackup' > /Users/amandabackup/.amandahosts" sudo chmod 600 /Users/amandabackup/.amandahosts sudo chown -R amandabackup:wheel /Users/amandabackup sudo passwd amandabackup
( The amandabackup user has to be added to group 80 too, since the group of the default installation of Amanda on Lepord is admin (80), but I couldn't figure out how to add the secondary group from command line. I used WGM. Or you can specify "--with-group=GROUP" when doing the configuration.)
Adding amandabackup to group 80 in the command line is handled with the -append line in the dscl commands above.Jose (2/5/2009)
System Tweaks
Add the following lines at the appropriate place in /etc/services (this isn't strictly necessary if you're not using kerberos security and the machine will only be an amanda client):
kamanda 10081/tcp # amanda backup services (Kerberos) kamanda 10081/udp # amanda backup services (Kerberos) amandaidx 10082/tcp # amanda backup services amidxtape 10083/tcp # amanda backup services
(On Leopard, 10081/tcp/udp have already been taken by famdc, which I don't know what it is. It says "FAM Archive Server" in the comment field.)
Compile Amanda
Download and untar Amanda, then run ./configure as follows:
./configure --with-user=amandabackup --with-group=admin
You will want to examine ./configure --help first to see what other options are available. For example:
- --with-bsdtcp-security
- If you want to use bsdtcp authentication and are compiling from source code, you must specify the configure flag. If an authentication method is not specified, bsd is the default
- --with-bsdudp-security
- If you want to use bsdudp authentication and are compiling from source code, you must specify the configure flag. If an authentication method is not specified, bsd is the default
- --without-server
- just build the client components
- --prefix
- install somewhere other than /usr/local, etc.
- --with-config
- set the default configuration
- --with-gnutar
- give the path to GNU tar (especially useful on Panther; see below)
- --without-xsltproc
- don't build the manpages from XML (the XML parser is flaky)
- --with-tmpdir=/private/tmp
- you may not need this, but if you're worried, it certainly won't hurt.
This tutorial assumes that --prefix is left at the default, which installs everything (including configuration and state) under /usr/local. This helps to segregate amanda's information from files managed by Apple, and is probably best for end-user machines. If you will be actively working with the amanda configuration on these machines, you may want to consider:
- --sysconfdir=/private/etc
- store configuration in the usual place under /etc/amanda and /etc/amandates.
- --localstatedir=/private/var
- store state in the usual place under /var/amanda.
If you make these changes, you'll need to adjust the directories created in above.
If you're using MacPorts, and you haven't adjusted your PATH already, you may need to add /opt/local/bin:
PATH="$PATH:/opt/local/bin"
otherwise configure will be unable to find pkg-config (for glib2 -- this doesn't apply if that package isn't required).
To compile and install, follow the usual
make sudo make install
Configuring Amanda Files and Directories
# TODO: get paths right for no --prefix
Create Amanda system directories
sudo mkdir -p /usr/local/var/amanda/gnutar-lists /usr/local/lib/amanda /usr/local/etc/amanda
Create Amanda system files
sudo touch /usr/local/var/amanda/amandates sudo touch /usr/local/etc/amanda/exclude.gtar
Make amandabackup owner of system directories and files
sudo chown -R amandabackup:wheel /usr/local/var/amanda /usr/local/etc/amanda /usr/local/lib/amanda
Set permissions of directories and files
sudo chmod -R o-wrw /usr/local/var/amanda /usr/local/etc/amanda /usr/local/lib/amanda
# NOTE: For server installations, copy the amanda-client.conf file from SRC_ROOT/example/amanda-client.conf to /usr/local/etc/amanda. # Edit this file as needed. Without it amrecover will be unable to connect to amindexd.
Version-Specific Notes
10.5+
Amanda on 10.5 and greater works with SSH, BSDTCP and BSDUDP authentication.
Amanda has been tested with the following systems and configurations:
Client(2.6.0p2) has been tested on Leopard(10.5.5) with BSD authentication with success - 11/26/2008 Server(2.6.1) has been successfully tested on Leopard(10.5.6) - 2/5/2009, Jose Hales-Garcia Client (2.6.1) has been successfully tested on Snow Leopard(10.6.1) - 11/19/2009, Jose Hales-Garcia
Verify that amandad is in /usr/local/libexec/amanda, if not, you'll need to edit these slightly to give the correct path to amandad. The first runs amandad with BSDTCP authentication; the second uses BSDUDP authentication. Select the correct one based on the authentication method that you compiled the Amanda client with on your Mac.
Copy one of the property lists (either BSDTCP or BSDUDP) to /Library/LaunchDaemons, and load it with
sudo launchctl load -w /Library/LaunchDaemons/org.amanda.amandad.bsdtcp.plist or sudo launchctl load -w /Library/LaunchDaemons/org.amanda.amandad.bsdudp.plist
You should see the following output from netstat, depedning on which authentication protocol you're using:
me@mac ~ $ netstat -na | grep 10080 tcp6 0 0 *.10080 *.* tcp4 0 0 *.10080 *.*
or
me@mac ~ $ netstat -na | grep 10080 udp6 0 0 *.10080 *.* udp4 0 0 *.10080 *.*
BSDTCP
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.amanda.amandad.bsdtcp</string> <key>UserName</key> <string>amandabackup</string> <key>GroupName</key> <string>wheel</string> <key>InitGroups</key> <true/> <key>ProgramArguments</key> <array> <string>/usr/local/libexec/amanda/amandad</string> <string>-auth=bsdtcp</string> <string>amdump</string> <string>amindexd</string> <string>amidxtaped</string> </array> <key>Sockets</key> <dict> <key>ipv4</key> <dict> <key>SockFamily</key> <string>IPv4</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>stream</string> </dict> <key>ipv6</key> <dict> <key>SockFamily</key> <string>IPv6</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>stream</string> </dict> </dict> <key>inetdCompatibility</key> <dict> <key>Wait</key> <false/> </dict> </dict> </plist>
BSDUDP
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>GroupName</key> <string>wheel</string> <key>InitGroups</key> <true/> <key>Label</key> <string>org.amanda.amandad.bsdudp</string> <key>ProgramArguments</key> <array> <string>/usr/local/libexec/amanda/amandad</string> <string>-auth=bsdudp</string> <string>amdump</string> <string>amindexd</string> <string>amidxtaped</string> </array> <key>Sockets</key> <dict> <key>ipv4</key> <dict> <key>SockFamily</key> <string>IPv4</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>dgram</string> </dict> <key>ipv6</key> <dict> <key>SockFamily</key> <string>IPv6</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>dgram</string> </dict> </dict> <key>UserName</key> <string>amandabackup</string> <key>inetdCompatibility</key> <dict> <key>Wait</key> <true/> </dict> </dict> </plist>
Note: The ProgramArguments lines (amdump, amindexd, and aminxtaped) are needed on the server in order to execute amrecover.
Tiger
To get amandad to run when packets from the server arrive, you'll need a launchd script. See Apple's Getting started with launchd for background on this system.
Steven Karel has supplied a handy property list here, on which this version is based. You'll need to edit these slightly to give the correct path to amandad. The first runs amandad with BSDTCP authentication; the second uses BSDUDP authentication. These files are in contrib/macosx.
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.amanda.amandad.bsdtcp</string> <key>UserName</key> <string>amandabackup</string> <key>GroupName</key> <string>wheel</string> <key>InitGroups</key> <true/> <key>ProgramArguments</key> <array> <string>/usr/local/libexec/amandad</string> <string>-auth=bsdtcp</string> </array> <key>Sockets</key> <dict> <key>ipv4</key> <dict> <key>SockFamily</key> <string>IPv4</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>stream</string> </dict> <key>ipv6</key> <dict> <key>SockFamily</key> <string>IPv6</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>stream</string> </dict> </dict> <key>inetdCompatibility</key> <dict> <key>Wait</key> <false/> </dict> </dict> </plist>
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>GroupName</key> <string>wheel</string> <key>InitGroups</key> <true/> <key>Label</key> <string>org.amanda.amandad.bsdudp</string> <key>ProgramArguments</key> <array> <string>/usr/local/libexec/amandad</string> <string>-auth=bsdudp</string> </array> <key>Sockets</key> <dict> <key>ipv4</key> <dict> <key>SockFamily</key> <string>IPv4</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>dgram</string> </dict> <key>ipv6</key> <dict> <key>SockFamily</key> <string>IPv6</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>dgram</string> </dict> </dict> <key>UserName</key> <string>amandabackup</string> <key>inetdCompatibility</key> <dict> <key>Wait</key> <true/> </dict> </dict> </plist>
Copy one or both of the property lists to /Library/LaunchDaemons, and load them with
sudo launchctl load -w /Library/LaunchDaemons/org.amanda.amandad.bsdudp.plist
You should see the following output from netstat:
me@mac ~ $ netstat -na | grep 10080 udp6 0 0 *.10080 *.* udp4 0 0 *.10080 *.*
(or tcp6/4 for BSDTCP).
Panther
A user reports that for some versions of Mac OS X you may need to increase the UDP packetsize, as explained in UDP packet too large.
To support extended attributes on Panther,
- install either xtar or, if that doesn't work, hfstar
- compile Amanda, with the addition of the --with-gnutar=/path/to/new/tar flag to ./configure, giving the location of the new tar
To run amandad on Panther, you need to install an xinetd configuration snippet; create /etc/xinet.d/amanda with the following contents:
service amanda { socket_type = dgram protocol = udp wait = yes user = amandabackup server = /usr/local/libexec/amandad server_args = amandad groups = yes disable = no }
(where server is the path at which you've installed amandad)
To start the service in xinetd:
service amanda start
If you have trouble, you may want to check that xinetd is running on the machine.
Links
- Steven Karel's page on the topic
- Locnar's "brain dump"
- Apple's discussion of available backup utilities and their compatibility with extended attributes
- Building a Mac OS X Package for Amanda
Complete set-up for OS X Snow Leopard 10.6.2 on 2010-01-08
This is a transcription of the commands that I used to install Amanda Client on Mac OS X 10.6.2 (Snow Leopard) on 8 Jan 2010. This was installed without using any package manager. Note that some of the specifics may need to be modified for your computer (such as the index server), and there may be more recent versions of some of the packages available. However, I have verified that this installation does work.
I'm posting this because I think it's useful to see all of the steps needed. Thanks to http://letsneverdie.net/blog/?p=75 , although that page doesn't get the glib
install correct (which is why they patch the source).
Create a working directory
We're going to download a bunch of files, and it will be easier to keep track of things if we have a place to work from.
mycomputer:~ me$ cd Downloads mycomputer:Downloads me$ mkdir amanda mycomputer:Downloads me$ cd amanda
Download prerequisites
The following libraries are needed to install Amanda. They install by default into /usr/local
.
pkg-config
Download and install pkg-config
. I'm not actually certain that this is required, however the instructions I was following for the install of glib
installed this.
mycomputer:amanda me$ wget http://pkgconfig.freedesktop.org/releases/pkg-config-0.23.tar.gz mycomputer:amanda me$ tar xzf pkg-config-0.23.tar.gz mycomputer:amanda me$ rm pkg-config-0.23.tar.gz mycomputer:amanda me$ cd pkg-config-0.23 mycomputer:pkg-config-0.23 me$ ./configure mycomputer:pkg-config-0.23 me$ make mycomputer:pkg-config-0.23 me$ sudo make install mycomputer:pkg-config-0.23 me$ cd ..
gettext
Download and install gettext
.
mycomputer:amanda me$ wget http://ftp.gnu.org/pub/gnu/gettext/gettext-0.17.tar.gz mycomputer:amanda me$ tar xzf gettext-0.17.tar.gz mycomputer:amanda me$ rm gettext-0.17.tar.gz mycomputer:amanda me$ cd gettext-0.17 mycomputer:gettext-0.17 me$ ./configure mycomputer:gettext-0.17 me$ make mycomputer:gettext-0.17 me$ sudo make install mycomputer:gettext-0.17 me$ cd ..
libiconv
Download and install libiconv
mycomputer:amanda me$ wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz mycomputer:amanda me$ tar xzf libiconv-1.13.1.tar.gz mycomputer:amanda me$ rm libiconv-1.13.1.tar.gz mycomputer:amanda me$ cd libiconv-1.13.1/ mycomputer:libiconv-1.13.1 me$ ./configure mycomputer:libiconv-1.13.1 me$ make mycomputer:libiconv-1.13.1 me$ sudo make install mycomputer:libiconv-1.13.1 me$ cd ..
re-compile gettext
Apparently, gettext
and libiconv
have recursive dependencies. So we now need to re-compile and install gettext
.
mycomputer:amanda me$ cd gettext-0.17 mycomputer:gettext-0.17 me$ make distclean mycomputer:gettext-0.17 me$ ./configure mycomputer:gettext-0.17 me$ make mycomputer:gettext-0.17 me$ sudo make install mycomputer:gettext-0.17 me$ cd ..
glib
Download and install glib
. We need to pass LDFLAGS
and CPPFLAGS
in order to make it link against our compiled version of libiconv
. Otherwise, it tries to link to the version provided by Apple, which has some issues. (These issues may only show up on 64-bit computers; if you have a 32-bit computer, you can try skipping all of the other prerequisites and just installing glib
without any parameters to ./configure
.)
mycomputer:amanda me$ wget ftp://ftp.gtk.org/pub/glib/2.23/glib-2.23.1.tar.bz2 mycomputer:amanda me$ tar xjf glib-2.23.1.tar.bz2 mycomputer:amanda me$ rm glib-2.23.1.tar.bz2 mycomputer:amanda me$ cd glib-2.23.1 mycomputer:glib-2.23.1 me$ ./configure LDFLAGS="-L/usr/local/lib" CPPFLAGS="-I/usr/local/include" mycomputer:glib-2.23.1 me$ make mycomputer:glib-2.23.1 me$ sudo make install mycomputer:glib-2.23.1 me$ cd ..
Create the amanda user
This creates a shell script that will run all of the steps shown above to create the amanda user.
mycomputer:amanda me$ cat <<EOSH >create_amanda_user.sh #!/bin/bash echo "First password prompt is for sudo" # create the user sudo dscl localhost -create /Local/Default/Users/amanda sudo dscl localhost -create /Local/Default/Users/amanda RecordName amanda sudo dscl localhost -create /Local/Default/Users/amanda UserShell /bin/bash sudo dscl localhost -create /Local/Default/Users/amanda RealName "Amanda backup user" sudo dscl localhost -create /Local/Default/Users/amanda UniqueID 5000 sudo dscl localhost -create /Local/Default/Users/amanda PrimaryGroupID 0 sudo dscl localhost -append /Local/Default/Groups/admin GroupMembership amanda sudo dscl localhost -create /Local/Default/Users/amanda NFSHomeDirectory /Users/amanda echo "Next passwords are for passwd" sudo passwd amanda # create the users home directory sudo ditto -rsrcFork '/System/Library/User Template/English.lproj/' /Users/amanda sudo chown -R amanda:wheel /Users/amanda # set up the .amandahosts file sudo sh -c "echo 'indexserver.your.domain indexserveramandauser' > /Users/amanda/.amandahosts" sudo chown amanda:wheel /Users/amanda/.amandahosts sudo chmod 600 /Users/amanda/.amandahosts EOSH mycomputer:amanda me$ chmod +x create_amanda_user.sh mycomputer:amanda me$ ./create_amanda_user.sh
Install amanda
Download and install amanda
. You should, of course, modify the parameters passed to ./configure
as needed.
mycomputer:amanda me$ wget http://downloads.sourceforge.net/project/amanda/amanda%20-%20stable/2.6.1p2/amanda-2.6.1p2.tar.gz?use_mirror=hivelocity mycomputer:amanda me$ tar xzf amanda-2.6.1p2.tar.gz mycomputer:amanda me$ rm amanda-2.6.1p2.tar.gz mycomputer:amanda me$ cd amanda-2.6.1p2 mycomputer:amanda-2.6.1p2 me$ ./configure \ --prefix=/Users/amanda/amanda \ --with-user=amanda \ --with-group=admin \ --with-bsdtcp-security \ --without-server \ --disable-s3-device \ --without-restore \ --with-config=daily \ --with-index-server=indexserver.your.domain mycomputer:amanda-2.6.1p2 me$ make mycomputer:amanda-2.6.1p2 me$ sudo make install mycomputer:amanda-2.6.1p2 me$ cd ..
Create various paths needed by amanda
mycomputer:amanda me$ cd /Users/amanda/amanda mycomputer:amanda me$ sudo mkdir -p var/amanda/gnutar-lists etc/amanda mycomputer:amanda me$ sudo touch var/amanda/amandates mycomputer:amanda me$ sudo chown -R amanda:wheel var/amanda etc/amanda mycomputer:amanda me$ sudo chmod -R o-rwx var/amanda etc/amanda
Set up launchd
On Mac OS X, instead of inetd
, we use launchd
. The following is a small modification of the version above.
mycomputer:amanda me$ cd mycomputer:~ me$ cat <<EOLD >org.amanda.amandad.bsdtcp.plist <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.amanda.amandad.bsdtcp</string> <key>UserName</key> <string>amanda</string> <key>GroupName</key> <string>wheel</string> <key>InitGroups</key> <true/> <key>ProgramArguments</key> <array> <string>/Users/amanda/amanda/libexec/amanda/amandad</string> <string>-auth=bsdtcp</string> </array> <key>Sockets</key> <dict> <key>ipv4</key> <dict> <key>SockFamily</key> <string>IPv4</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>stream</string> </dict> <key>ipv6</key> <dict> <key>SockFamily</key> <string>IPv6</string> <key>SockServiceName</key> <string>amanda</string> <key>SockType</key> <string>stream</string> </dict> </dict> <key>inetdCompatibility</key> <dict> <key>Wait</key> <false/> </dict> </dict> </plist> EOLD mycomputer:~ me$ sudo chown root:wheel org.amanda.amandad.bsdtcp.plist mycomputer:~ me$ sudo chmod 644 org.amanda.amandad.bsdtcp.plist mycomputer:~ me$ sudo mv org.amanda.amandad.bsdtcp.plist /Library/LaunchDaemons/org.amanda.amandad.bsdtcp.plist mycomputer:~ me$ sudo launchctl load -w /Library/LaunchDaemons/org.amanda.amandad.bsdtcp.plist
verify that the amanda server sees no problems
The first time I ran amcheck
on the server, it reported no problems, so if any show up, I'm not sure what to suggest...
mycomputer:amanda me$ ssh [email protected] [me@hedwig ~]$ sudo -u indexserveramandauser -i [indexserveramandauser@hedwig ~]$ amcheck -c daily
Done
I hope that this helps!