|
Re: [Bacula-users] Bacula daemon message
2015-01-17 20:48:06
On 01/17/2015 03:29 PM, Polcari, Joe (Contractor) wrote:> [root@cdcdbaculadir
> ~]# crontab -l
>
> no crontab for root
Hi Joe,
It may be that a job is running as a user other than root,
try looking in /var/run/cron/crontabs (location may vary depending on
distribution (assuming Linux here), and version of cron.
But since you said "random times of the day" I have to doubt that it is a cron
job calling a command or script.
Since no one mentioned it yet, I'd like to say that it is also possible that a
script o a person on another machine is running bconsole to connect to your
server and is issuing a purge command.
Check your bacula-dir.conf file for the line:
Password = "XXXXX"
Change XXXX to a nice, long random string created by something like pwgen (on
Linux), then restart the Bacula director.
Now, this will prevent whoever or whatever is attempting to purge your volumes
from authenticating to the director, but you will probably see authentication
error emails instead of purge warning emails at that point. :)
Next step, run tcpdump, listening on all interfaces, include time stamps and
write out to file:
tcpdump -i any -tttt tcp port 9101 2>&1 >> /tmp/whoIsConnectingToBaculaDir.txt
Then wait for one of those random emails...
Once you get that email, you can stop the tcpdump.
Take a look at the timestamp of the email, then correlate that time in the
tcpdump output file.
At this point you should have an idea where the connections are coming from
and stop them.
Good luck!
:)
--
Bill Arlofski
Reverse Polarity, LLC
http://www.revpol.com/
-- Not responsible for anything below this line --
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Bacula-users] FW: Bacula daemon message, Polcari, Joe (Contractor)
- Re: [Bacula-users] Bacula daemon message, Roberts, Ben
- Re: [Bacula-users] Bacula daemon message, Polcari, Joe (Contractor)
- Re: [Bacula-users] Bacula daemon message, Brady, Mike
- Re: [Bacula-users] Bacula daemon message, Polcari, Joe (Contractor)
- Re: [Bacula-users] Bacula daemon message, Brady, Mike
- Re: [Bacula-users] Bacula daemon message, Polcari, Joe (Contractor)
- Re: [Bacula-users] Bacula daemon message, Polcari, Joe (Contractor)
- Re: [Bacula-users] Bacula daemon message, Roberts, Ben
- Re: [Bacula-users] Bacula daemon message, Polcari, Joe (Contractor)
- Re: [Bacula-users] Bacula daemon message, Roberts, Ben
- Re: [Bacula-users] Bacula daemon message, Polcari, Joe (Contractor)
|
|
|
