Re: [Bacula-users] bacula and mysql password security
2010-01-26 11:35:25
Joseph and Dan,
Thanks for your help. That's got me started and it was mainly how to add the
arguments to the scripts that I was not fully sure about. Now I must read up
on securing mysql.
I would really appreciate it if someone could look over the bacula-dir.conf
file below which I took from the manual and modified. The manual example is
in chapter 25 'Automated Disk Backup' however when I used this bacula
returned an error about no default pool being defined. I therefore added
this pool to the bacula-dir.conf file. It appears to be working well however
if someone could take a quick look over it that would help put my mind to
rest.
Thanks again for you help and time. It is much appreciated.
Andy Lamb.
Director { # define myself
Name = jot.boisestate.edu-dir
DIRport = 9101 # where we listen for UA connections
QueryFile = "/etc/bacula/query.sql"
WorkingDirectory = "/var/bacula/working"
PidDirectory = "/var/bacula/working"
Maximum Concurrent Jobs = 1
Password = "**" # Console password
Messages = Daemon
}
# By default, this job will back up to disk in /mnt/bacula
Job {
Name = JotBackupJob
Type = Backup
Client = jot.boisestate.edu-fd
FileSet = "Full Set"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Full Backup Pool = Full-Pool
Incremental Backup Pool = Inc-Pool
Differential Backup Pool = Diff-Pool
Write Bootstrap = "/var/bacula/working/jot.bsr"
Write Bootstrap = "/mnt/bacula/jot.bsr"
Priority = 10
}
# Backup the catalog database (after the nightly save)
Job {
Name = "BackupCatalogJob"
Type = Backup
Client = jot.boisestate.edu-fd
FileSet="Catalog Set"
Schedule = "WeeklyCycleAfterBackup"
Storage = File
Messages = Standard
Pool = Default
# This creates an ASCII copy of the catalog
# WARNING!!! Passing the password via the command line is insecure.
# see comments in make_catalog_backup for details.
RunBeforeJob = "/etc/bacula/make_catalog_backup bacula bacula passwd"
# This deletes the copy of the catalog
RunAfterJob = "/etc/bacula/delete_catalog_backup"
Write Bootstrap = "/var/bacula/working/BackupCatalog.bsr"
Write Bootstrap = "/mnt/bacula/BackupCatalog.bsr"
Priority = 11 # run after main backup
}
#
# Standard Restore template, to be changed by Console program
# Only one such job is needed for all Jobs/Clients/Storage ...
#
Job {
Name = "RestoreFiles"
Type = Restore
Client=jot.boisestate.edu-fd
FileSet="Full Set"
Storage = File
Pool = Default
Messages = Standard
Where = /tmp/bacula-restores
}
# List of files to be backed up
FileSet {
Name = "Full Set"
Include {
Options {
signature= MD5
compression=GZIP
}
File = /root
File = /usr
File = /home
File = /boot
File = /var
File = /opt
File = /etc
File = /mymnt/raid0a
}
Exclude {
}
}
Schedule {
Name = "WeeklyCycle"
Run = Level=Full 1st sun at 0:05
Run = Level=Differential 2nd-5th sun at 0:05
Run = Level=Incremental mon-sat at 0:05
}
# This schedule does the catalog. It starts after the WeeklyCycle
Schedule {
Name = "WeeklyCycleAfterBackup"
Run = Level=Full sun-sat at 0:10
}
# This is the backup of the catalog
FileSet {
Name = "Catalog Set"
Include { Options { signature=MD5 }
File = /var/bacula/bacula.sql
}
}
# Client (File Services) to backup
Client {
Name = jot.boisestate.edu-fd
Address = jot
FDPort = 9102
Catalog = MyCatalog
Password = "**" # password for FileDaemon
AutoPrune = yes # Prune expired Jobs/Files
Job Retention = 6 months
File Retention = 60 days
}
# Definition of file storage device
Storage {
Name = File
# Do not use "localhost" here
Address = jot # N.B. Use a fully qualified name here
SDPort = 9103
Password = "**"
Device = FileStorage
Media Type = File
}
# Generic catalog service
Catalog {
Name = MyCatalog
# Uncomment the following line if you want the dbi driver
# dbdriver = "dbi:mysql"; dbaddress = 127.0.0.1; dbport =
dbname = "bacula"; dbuser = "bacula"; dbpassword = "password"
}
Pool {
Name = Full-Pool
Pool Type = Backup
Recycle = yes # automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 6 months
Maximum Volume Jobs = 1
Label Format = Full-
Maximum Volumes = 9
}
Pool {
Name = Inc-Pool
Pool Type = Backup
Recycle = yes # automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 20 days
Maximum Volume Jobs = 6
Label Format = Inc-
Maximum Volumes = 7
}
Pool {
Name = Diff-Pool
Pool Type = Backup
Recycle = yes
AutoPrune = yes
Volume Retention = 40 days
Maximum Volume Jobs = 1
Label Format = Diff-
Maximum Volumes = 10
}
# Default pool definition
Pool {
Name = Default
Pool Type = Backup
Recycle = yes # Bacula can automatically recycle
Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 6 months # one year
Maximum Volume Jobs = 10
Label Format = Default-
Maximum Volumes = 10
}
# Scratch pool definition
Pool {
Name = Scratch
Pool Type = Backup
}
Messages {# Name = Standard
# mailcommand = "bsmtp -h mail.domain.com -f \"\(Bacula\) %r\"
# -s \"Bacula: %t %e of %c %l\" %r"
Name = Standard
mailcommand = "/usr/sbin/bsmtp -h cgiss.boisestate.edu -f \"\(Bacula\)
\<%r\>\" -s \"Bacula: %t %e of %c %l\" %r"
operatorcommand = "/usr/sbin/bsmtp -h cgiss.boisestate.edu -f \"\(Bacula\)
%r\" -s \"Bacula: Intervention needed for %j\" %r"
mail = andylamb AT cgiss.boisestate DOT edu = all, !skipped
operator = andylamb AT cgiss.boisestate DOT edu = mount
console = all, !skipped, !saved
append = "/var/bacula/working/log" = all, !skipped
}
#
# Message delivery for daemon messages (no job).
Messages {
Name = Daemon
mailcommand = "/usr/sbin/bsmtp -h cgiss.boisestate.edu -f \"\(Bacula\)
\<%r\>\" -s \"Bacula daemon message\" %r"
mail = andylamb AT cgiss.boisestate DOT edu = all, !skipped
console = all, !skipped, !saved
append = "/var/bacula/working/log" = all, !skipped
}
#
# Restricted console used by tray-monitor to get the status of the director
#
Console {
Name = jot.boisestate.edu-mon
Password = "**"
CommandACL = status, .status
}
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|