I have achieved the expected by adding "sqlquery" in CommandACL.
But still the bigger picture remains unknown to me. How i can restrict a client console to see only his own Job related information. Because currently i am able to below things:
1. Able to see the Jobs completed for other clients 2. Able to fire a restore job for other client and restore the files on local machine( Security breach) 3. Able to see the list of total jobs configured on the director (Backup+ Restore).
The requirement is to isolate every client from other and show him information only related his own.
Regards,
Vishal Veerkar
On Wed, Nov 16, 2011 at 7:19 PM, vishal veerkar <vishalveerkar AT gmail DOT com> wrote:
Just to add,
[root@test ~]# bconsole Connecting to Director bacula3:9101 1000 OK: bacula3-dir Version: 5.0.3 (04 August 2010)
Enter a period to cancel a command. *restore Automatically selected Catalog: MyCatalog
Using Catalog "MyCatalog"
First you select one or more JobIds that contain files to be restored. You will be presented several methods of specifying the JobIds. Then you will be allowed to select which files from those JobIds are to be restored.
To select the JobIds, you have the following choices: 1: List last 20 Jobs run 2: List Jobs where a given File is saved 3: Enter list of comma separated JobIds to select 4: Enter SQL list command
5: Select the most recent backup for a client 6: Select backup for a client before a specified time 7: Enter a list of files to restore 8: Enter a list of files to restore before a specified time
9: Find the JobIds of the most recent backup for a client 10: Find the JobIds for a backup for a client before a specified time 11: Enter a list of directories to restore for found JobIds 12: Select full restore to a specified Job date
13: Cancel Select item: (1-13): 1 SQL query not authorized.
Regards,
VishalOn Wed, Nov 16, 2011 at 6:52 PM, vishal veerkar <vishalveerkar AT gmail DOT com> wrote:
Hi,
I am currently running a multi customer (shared) env. backup system. How i can restrict the client to only see the successful jobs for his own backup client on bconsole. Currently i have only given the "CommandACL = run, restore, messages, .messages". If i give "list" option the end user, he also gets access to all the other resources such as pools, volume etc. I would only like to have customer should only see his own jobs status.
Thanks in advance.
-- With regards,
Vishal Veerkar
-- With regards, Vishal Veerkar
-- With regards,
Vishal Veerkar
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d _______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|