amanda-security.conf man page

amanda-security.conf — Client configuration file for Amanda


amanda-security.conf(5) is the security configuration file for Amanda. This manpage lists the relevant sections and parameters of this file.

The file must be installed at /etc/amanda-security.conf and only root must be able to write to it. Good permission are:

It must be readable by the amanda user and owned by root. Good permissions are:

$ ls -l /etc/amanda-security.conf
-rw-r--r--. 1 root root 1994 Jan 29 13:45 /etc/amanda-security.conf

An example file should be installed at /etc/amanda/amanda-security.conf.

All lines with '#' as the first character ar comment line.

Secure Binaries

The list of all executables amanda can execute as root. The format is as follow:


This file must contains realpath to executable, with all symbolic links resolved. You can use the 'realpath' command to find them.

Multiple line can be added for the same 'AMANDA_PROGRAM:SYMBOLIC_NAME' if you are using multiple binaries.

The 'AMANDA_PROGRAM:SYMBOLIC_NAME' can be any of the following:


The gnutar binary runtar is allowed to run. The default is `amgetconf build.gnutar_path`


The gnutar binary amgtar is allowed to run. The default is `amgetconf build.gnutar_path`


The star binary amstar is allowed to run. The default is `amgetconf build.star_path`


The bsdtar binary ambsdtar is allowed to run. The default is `amgetconf build.bsdtar_path`

Others Security Parameters


Default: no. Set to 'yes' if you want the amanda use to restore file as root, required only if you run amgtar, amstar or ambsdtar as the amanda backup for recovery.

See Also

amanda(8), amanda.conf(5)

The Amanda Wiki: :


Jean-Louis Martineau <>

Zmanda, Inc. (

Referenced By


05/03/2017 Amanda 3.4.4 File formats and conventions