Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Restricting who can restore data from which system to where

2012-10-22 08:50:12
Subject: Re: [Bacula-users] Restricting who can restore data from which system to where
From: Martin Simmons <martin AT lispworks DOT com>
To: bacula-users AT lists.sourceforge DOT net
Date: Mon, 22 Oct 2012 13:30:26 +0100 
>>>>> On Mon, 22 Oct 2012 10:20:19 +0200,   said:
> 
> >> To solve things,  I've tried setting ACL's in the Console statement like 
> >> this:
> >> 
> >> Console {
> >>   Name = Almond
> >>   Password = ""
> >>   ClientACL = Almond
> >>   StorageACL = Almond_Storage
> >>   PoolACL = Almond_Pool
> >> }
> >> 
> >> But this doesn't work. I thought this would limit the client as 
> >> defined in Client { Name= Almond.....}  to access only the listed 
> >> storage and pools (which would be great, as almond has it's own 
> >> reserved pool), but it doesn't do that. I think I may be interpreting 
> >> the manual the wrong way. I've googled and found several other people 
> >> asking the same question, but no working answers.
> 
> >The Console statement in bacula-dir.conf isn't designed to match a named
> >Client statement.  You need to put a special bconsole.conf on the client,
> >so that it uses the Console directive in the bacula-dir.conf.
> 
> >See the restricted-user examples here:
> 
> >http://www.bacula.org/5.2.x-manuals/en/main/main/Console_Configuration.html
> 
> >__Martin
> 
> Martin, 
> 
> Thanks for your answer, but that doesn't fully solve my issue. The root user
> on client A can modify his own bconsole.conf, so any security that depends
> on bconsole.conf isn't security. I only want to trust those clients like a
> bank trusts it's safety deposit box holders: I trust client A with the files
> from Client A and with Client A's password, but I don't trust Client A with
> Client B's files, just like the bank will trust Client A with the key to his
> box, but not with the key to Mr. B's box.  I'd like the security to be thus
> that only client A can access client A's files, and nothing more. I don't
> see how I can accomplish that by using only a bconsole.conf on the client
> side. Is there any other way that you know of?

I think the Console statement *does* provide this -- the security depends on
the passwords, not bconsole.conf itself.  The password is like the key to the
safety deposit box.

Each client has a bconsole.conf containing a different Name and Password in
the Console statement and a dummy password in the Director statement (to
disallow full access).

The bacula-dir.conf contains all of the named Console statements, with
appropriate ACLs.  You can make the bacula-dir.conf readable only by the owner
(typically root or bacula on the bacula-dir machine).

That prevents Client A from accessing Client B's files, because Client A
cannot discover the password in Client B's Console statement.

__Martin

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Bacula-users] Differential backup with old timestamps, "Jürgen Ecker"
Next by Date:  Re: [Bacula-users] Understanding and configuring Bacula retentions, Florent Krieg
Previous by Thread:  Re: [Bacula-users] Restricting who can restore data from which system to where, r.schuitemaker
Next by Thread:  Re: [Bacula-users] Restricting who can restore data from which system to where, lst_hoe02
Indexes:  [Date] [Thread] [Top] [All Lists]