Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] bacula and mysql password security

2010-01-26 11:35:25
Subject: Re: [Bacula-users] bacula and mysql password security
From: "Andy Lamb" <andylamb AT cgiss.boisestate DOT edu>
To: "'Joseph L. Casale'" <jcasale AT activenetwerx DOT com>
Date: Tue, 26 Jan 2010 09:33:15 -0700 
Joseph and Dan,
Thanks for your help. That's got me started and it was mainly how to add the
arguments to the scripts that I was not fully sure about. Now I must read up
on securing mysql.

I would really appreciate it if someone could look over the bacula-dir.conf
file below which I took from the manual and modified. The manual example is
in chapter 25 'Automated Disk Backup' however when I used this bacula
returned an error about no default pool being defined. I therefore added
this pool to the bacula-dir.conf file. It appears to be working well however
if someone could take a quick look over it that would help put my mind to
rest.

Thanks again for you help and time. It is much appreciated.
Andy Lamb.

Director {                            # define myself
  Name = jot.boisestate.edu-dir
  DIRport = 9101                # where we listen for UA connections
  QueryFile = "/etc/bacula/query.sql"
  WorkingDirectory = "/var/bacula/working"
  PidDirectory = "/var/bacula/working"
  Maximum Concurrent Jobs = 1
  Password = "**"         # Console password
  Messages = Daemon
}

#   By default, this job will back up to disk in /mnt/bacula
Job {
  Name = JotBackupJob
  Type = Backup
  Client = jot.boisestate.edu-fd
  FileSet = "Full Set"
  Schedule = "WeeklyCycle"
  Storage = File
  Messages = Standard
  Pool = Default
  Full Backup Pool = Full-Pool
  Incremental Backup Pool = Inc-Pool
  Differential Backup Pool = Diff-Pool
  Write Bootstrap = "/var/bacula/working/jot.bsr"
  Write Bootstrap = "/mnt/bacula/jot.bsr"
  Priority = 10
}
# Backup the catalog database (after the nightly save)
Job {
  Name = "BackupCatalogJob"
  Type = Backup
  Client = jot.boisestate.edu-fd
  FileSet="Catalog Set"
  Schedule = "WeeklyCycleAfterBackup"
  Storage = File
  Messages = Standard
  Pool = Default
  # This creates an ASCII copy of the catalog
  # WARNING!!! Passing the password via the command line is insecure.
  # see comments in make_catalog_backup for details.
  RunBeforeJob = "/etc/bacula/make_catalog_backup bacula bacula passwd"
  # This deletes the copy of the catalog
  RunAfterJob = "/etc/bacula/delete_catalog_backup"
  Write Bootstrap = "/var/bacula/working/BackupCatalog.bsr"
  Write Bootstrap = "/mnt/bacula/BackupCatalog.bsr"
  Priority = 11                    # run after main backup
}

#
# Standard Restore template, to be changed by Console program
#  Only one such job is needed for all Jobs/Clients/Storage ...
#
Job {
  Name = "RestoreFiles"
  Type = Restore
  Client=jot.boisestate.edu-fd                 
  FileSet="Full Set"                  
  Storage = File                      
  Pool = Default
  Messages = Standard
  Where = /tmp/bacula-restores
}


# List of files to be backed up
FileSet {
  Name = "Full Set"
  Include { 
    Options { 
      signature= MD5
      compression=GZIP 
    }
    File = /root
    File = /usr
    File = /home
    File = /boot
    File = /var
    File = /opt
    File = /etc
    File = /mymnt/raid0a
  }
  Exclude {
    
  }
}

Schedule {
  Name = "WeeklyCycle"
  Run = Level=Full 1st sun at 0:05
  Run = Level=Differential 2nd-5th sun at 0:05
  Run = Level=Incremental mon-sat at 0:05
}
# This schedule does the catalog. It starts after the WeeklyCycle
Schedule {
  Name = "WeeklyCycleAfterBackup"
  Run = Level=Full sun-sat at 0:10
}
# This is the backup of the catalog
FileSet {
  Name = "Catalog Set"
  Include { Options { signature=MD5 }
    File = /var/bacula/bacula.sql
  }
}

# Client (File Services) to backup
Client {
  Name = jot.boisestate.edu-fd
  Address = jot
  FDPort = 9102
  Catalog = MyCatalog
  Password = "**"          # password for FileDaemon
  AutoPrune = yes      # Prune expired Jobs/Files
  Job Retention = 6 months
  File Retention = 60 days
}


# Definition of file storage device
Storage {
  Name = File
# Do not use "localhost" here    
  Address = jot                # N.B. Use a fully qualified name here
  SDPort = 9103
  Password = "**"
  Device = FileStorage
  Media Type = File
}


# Generic catalog service
Catalog {
  Name = MyCatalog
# Uncomment the following line if you want the dbi driver
# dbdriver = "dbi:mysql"; dbaddress = 127.0.0.1; dbport =  
  dbname = "bacula"; dbuser = "bacula"; dbpassword = "password"
}

Pool {
  Name = Full-Pool
  Pool Type = Backup
  Recycle = yes            # automatically recycle Volumes
  AutoPrune = yes          # Prune expired volumes
  Volume Retention = 6 months
  Maximum Volume Jobs = 1
  Label Format = Full-
  Maximum Volumes = 9
}
Pool {
  Name = Inc-Pool
  Pool Type = Backup
  Recycle = yes            # automatically recycle Volumes
  AutoPrune = yes          # Prune expired volumes
  Volume Retention = 20 days
  Maximum Volume Jobs = 6
  Label Format = Inc-
  Maximum Volumes = 7
}
Pool {
  Name = Diff-Pool
  Pool Type = Backup
  Recycle = yes
  AutoPrune = yes
  Volume Retention = 40 days
  Maximum Volume Jobs = 1
  Label Format = Diff-
  Maximum Volumes = 10
}
# Default pool definition
Pool {
  Name = Default
  Pool Type = Backup
  Recycle = yes                       # Bacula can automatically recycle
Volumes
  AutoPrune = yes                     # Prune expired volumes
  Volume Retention = 6 months         # one year
  Maximum Volume Jobs = 10
  Label Format = Default-
  Maximum Volumes = 10
}

# Scratch pool definition
Pool {
  Name = Scratch
  Pool Type = Backup
}

Messages {#  Name = Standard
#  mailcommand = "bsmtp -h mail.domain.com -f \"\(Bacula\) %r\"
#      -s \"Bacula: %t %e of %c %l\" %r"
  Name = Standard
  mailcommand = "/usr/sbin/bsmtp -h cgiss.boisestate.edu -f \"\(Bacula\)
\<%r\>\" -s \"Bacula: %t %e of %c %l\" %r"
  operatorcommand = "/usr/sbin/bsmtp -h cgiss.boisestate.edu -f \"\(Bacula\)
%r\" -s \"Bacula: Intervention needed for %j\" %r"
  mail = andylamb AT cgiss.boisestate DOT edu = all, !skipped
  operator = andylamb AT cgiss.boisestate DOT edu = mount
  console = all, !skipped, !saved
  append = "/var/bacula/working/log" = all, !skipped
}

#
# Message delivery for daemon messages (no job).
Messages {
  Name = Daemon
  mailcommand = "/usr/sbin/bsmtp -h cgiss.boisestate.edu -f \"\(Bacula\)
\<%r\>\" -s \"Bacula daemon message\" %r"
  mail = andylamb AT cgiss.boisestate DOT edu = all, !skipped            
  console = all, !skipped, !saved
  append = "/var/bacula/working/log" = all, !skipped
}


#
# Restricted console used by tray-monitor to get the status of the director
#
Console {
  Name = jot.boisestate.edu-mon
  Password = "**"
  CommandACL = status, .status
}


------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Trouble to recycle files, smartina
Next by Date:  Re: [Bacula-users] How it optimize the transfer speed., John Stoffel
Previous by Thread:  Re: [Bacula-users] bacula and mysql password security, Joseph L. Casale
Next by Thread:  Re: [Bacula-users] bacula and mysql password security, Joseph L. Casale
Indexes:  [Date] [Thread] [Top] [All Lists]