Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Multiple directors sharing storage

2008-07-29 04:40:09
Subject: Re: [Bacula-users] Multiple directors sharing storage
From: Branimir Borovac <bborovac AT split-it DOT com>
To: bacula-users AT lists.sourceforge DOT net
Date: Tue, 29 Jul 2008 08:35:04 +0000 (UTC) 
Arno Lehmann <al <at> its-lehmann.de> writes:

> 
> Hi,
> 
> 28.07.2008 19:17, Branimir Borovac wrote:
> > 
> > 
> >  
> > 
> > hi!
> > 
> > well i need help regarding a folowing issue…
> > 
> > i have multiple mobile users (notebooks) that i have to backup, so i 
> > configured a bacula-dir and bacula-fd
> > 
> > on each one of them backping their files to bacula-sd stationed ad 
> > server with public ip address so
> > 
> > i did get some kind of offsite backup…  on bacula-sd server in .conf 
> > file multiple directors are configured
> > 
> > and each user/notebook backup their file sin own device …
> > 
> > problem is how to prevent access to someone other storage device becouse 
> > having directors credentials
> 
> Not easily possible, as a DIR always can do everything.
> 
> > it is easy to make damage using bconsole on someone else backup device …
> > 
> >  
> > 
> > server is ubuntu 8.04, kernel 2.6.24-19 and bacula version is 2.2.8
> > 
> >  
> > 
> > kind regards!
> > 
> 
> The way I would solve this is to run one central DIR only, create 
> restricted consoles with suitable ACLs for the remote users, and 
> configure a bconsole on their machines. Give each of those users their 
> own pools.
> 
> They can connect the DIR and run their own jobs, restore them, access 
> their own catalog entries (jobs, storages, pools, etc., but can not 
> access other users entries.
> 
> Hope this helps,
> 
> Arno
> 

> 


well i hoped there is a way to this ... because i would like for each user
to define own backup/restore jobs and keep this definition on their pc's 
(their own dir) and then to use offsite file storage device... 
but i'm worried about security because local director could access others
storage files (bacula-sd.conf on offsite server has all directors 
credentials)...
in this way i do not have to worry regarding mobile client dynamic ip address 
becouse local-dir would talk to local-fd and use offsite storage using fixed ip
address.
i know that this could be done using one DIR and using openvpn but i'd like
to keep things as simple as i could ...

please advice!
rgds!
branimir




-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Bacula Tape Problems, Stephan Jennewein
Next by Date:  Re: [Bacula-users] Error during file restore, Keith Sudbury
Previous by Thread:  Re: [Bacula-users] Multiple directors sharing storage, Arno Lehmann
Next by Thread:  Re: [Bacula-users] Multiple directors sharing storage, John Drescher
Indexes:  [Date] [Thread] [Top] [All Lists]