3.3 features
Jump to navigation
Jump to search
3.3.9
- new --with-security-file configure option
- It set the default security file
- default to /etc/amanda-security.conf
- security-fix
- All previous release of amanda allow the 'amanda' user to execute any code as root, and to execute an interactive shell as root.
- This is a security vulnerability if you do not trust the 'amanda' user.
- There is no need to upgrade if you trust the 'amanda' user and the account is secure.
- good password
- secure xinetd.conf setting
- secure .amandahosts setting
- The 'amanda' user can read all files in the machine, it is what a backup program do.
- The set of fix disable the abilities to run unwanted code as root or to write file anywhere in the filesystem.
- /etc/amanda-security.conf
- A file that contains security setting.
- It list all binaries amanda can execute as root
- restore_by_amanda_user
- It tell if the 'amanda' user can do restore as root.
- It allow the 'amanda' user to write files anywhere in the filesystem
- see: man amanda-security.conf
- amgtar/amstar/ambsdtar/runtar
- Disable arguments that can fork program.
- Verify the realpath (with symbolic link resolved) is in the amanda-security.conf file.
- Verify the tar/star/bsdtar realpath program is secure
- owned by root and modifiable only by root.
- On restore, check the restore_by_amanda_user setting if not run by root.
3.3.8
- s3 device
- New NEARLINE S3-STORAGE-CLASS for Google storage.
- New AWS4 STORAGE-API
- amcryptsimple
- Works with newer gpg2.
- amgtar
- Default SPARSE value is NO if tar < 1.28.
- Because a bug in tar with some filesystem.
- amstar
- support include in backup mode.
- ampgsql
- Add FULL-WAL property.
- Many bugs fix.
3.3.7
- amvault
- new --no-interactivity argument.
- new --src-labelstr argument.
- amdump
- compute crc32 of the streams and write them to the debug files.
- chg-robot
- Add a BROKEN-DRIVE-LOADED-SLOT. property.
- Many bugs fix.
3.3.6
- ambsdtar
- new application that use BSD tar to do the backup.
- Many bugs fix.
3.3.5
- amtape
- faster 'verify' command.
- fix parsing of config override arguments.
- amsamba
- Add REGEX-MATCH property.
- amvault
- Print progress status.
- ndmp device
- INDIRECT property default to yes.
- Many bugs fix.
3.3.4
- amreport
- new --format argument
- new 'json' and 'json_raw' format.
- amanda.conf
- new REPORT-FORMAT option.
- amtape
- new 'verify' command.
- amadmin
- new 'force-level-1' command.
- ampgslq
- Add VERBOSE property.
- S3 device
- handle DURABLE_REDUCED_AVAILABILITY for google storage.
- Many bugs fix.
3.3.3
- amdump.X log files use timestamp instead of number, amdump and amdump.1 are maintained as symlink.
- chg-disk
- Use the changerfile for the statefile.
- s3 device
- support CASTOR storage
- amanda.conf
- New REPORT-USE-MEDIA and REPORT-NEXT-MEDIA.
- amfetchdump
- new --extract, --directory, --data-path and --application-property arguments. It allow to do the extraction on the server.
- --exact-match argument to many command, and '=' prefix to expression.
- It diable use of expression for host, disk, level and datestamp on command line argument.
- All changer scripts.
- Add LOCK-TIMEOUT property.
- Many bug fix
3.3.2
Please see man pages for more details.
- amgtar
- New IGNORE-ZEROS property.
- amsamba
- Fix use of subdir for restore.
- s3 device
- New PROXY property.
- New PASSWORD, USERNAME, TENANT_ID, TENANT_NAME properties.
- New STORAGE_API property.
- New S3_MULTI_DELETE property
- New CLIENT_ID, CLIENT_SECRET and REFRESH_TOKEN properties.
- New CREATE-BUCKET property.
- New PROJECT-ID property.
- New REUSE-CONNECTION property.
- Works with swift and google storage.
- amanda.conf
- Added 'max-warnings', The maximum number of warning lines in the report.
- Default 'columnspec' changed to: HostName=0:-12:12,Disk=1:-11:11,Level=1:-1:1,OrigKB=1:-7:0,OutKB=1:-7:0,Compress=1:-6:1,DumpTime=1:-7:7,Dumprate=1:-6:1,TapeTime=1:-6:6,TapeRate=1:-6:1
- amadmin
- Add --no-default and --print-source arguments for config and disklist command.
- amfetchdump
- Print progress.
- Add --decrypt, --no-decrypt, --server-decrypt, --client-decrypt, --compress, --no-compress, --server-compress and --client-compress options.
- fixes for compilation with newer glib.
- fixes for compilation on cygwin.
- Lot of bug fixes
3.3.1 and 3.3
- The default auth is changed to "bsdtcp", if you are using the default bsd then you must add it to your configuration.
- in amanda.conf
- in amanda-client.conf
- in dumptype/disklist
- in xinetd (if no '-auth' argument to amandad)
- amdump trap crtl-c, it still send the report and do cleanup if you do one crtl-c, do it more than once to abort the run.
- s3 device
- use multiple threads to speedup the transfer
- can connect to eucalytus.
- new NB_THREADS_BACKUP property
- new NB_THREADS_RECOVERY property
- new S3_HOST property
- new S3_SERVICE_PATH property
- new S3_SUBDOMAIN property
- chg-aggregate: new changer that use other changer sequentially.
- meta-volume
- Add meta label in tapelist file
- chg-disk:
- support for removable disk
- new NUM-SLOT property
- new AUTO-CREATE-SLOT property
- new REMOVABLE property
- new MOUNT property
- new UMOUNT property
- new UMOUNT-LOCKFILE property
- new UMOUNT-IDLE property
- new taperscan algorithm:
- oldest: this algorithm try to run through the volumes in the oldest order
- lexical: this algorithm try to run through the volumes in the natural order
- Change in amanda.conf
- new meta-autolabel option
- autolabel can include org, config, barcode, meta in the label
- new client-name option in appication and script
- application and script in amanda-client.conf can be used to set default properties for application or script
- amlabel
- The label argument is no longer required, an autolabel can be generated
- new --meta option
- new --barcode option
- new --assign option
- amgtar, amstar: The path must be specified, it will not works with a device.
- amrecover: decompression and decryption are now done on the client if compression/encryption was done on the client
- amtape: inventory print the current slot
- amanda.conf:
- autoflush have value "no|yes|all"
- script have single-execution setting
- Add pre-amcheck, post-amcheck, pre-estimate, post-estimate, pre-backup and post-backup to execute-on of script
- Add taperscan and interactivity section
- add 'server' value in recovery-limit
- add dump-limit in a dumptype
- amanda-client.conf
- add amdump-server setting
- script are searched in $APPLICATION_DIR, $CONFIG_DIR/<conf>/application and $CONFIG_DIR/application
- amservice amservice(8)
- add -s argument
- is also installed on client
- new amdumpd server service, if enable, it allow client to start a backup of itself
- new amdump_client program, it is use on client to start a backup of itself
- implement restore command in amzfs-sendrecv, it can be use with amrecover.