Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] restricted consoles and uids

2016-02-24 18:48:55
Subject: Re: [Bacula-users] restricted consoles and uids
From: Heitor Faria <heitor AT bacula.com DOT br>
To: Peter Keller <pkeller AT sift DOT net>
Date: Wed, 24 Feb 2016 20:46:40 -0300 (BRT) 
> On 02/24/2016 04:41 PM, Heitor Faria wrote:
>> 
>>> Hello,
>>>
>>> Does bacula have any feature where, depending upon the UID of the unix user
>>> executing the bconsole program, one can choose different restrictions for
>>> the console and this would all be specified in one config file?
>> 
>> Hello, Peter: please read the nice manual =>
>> http://www.bacula.org/5.2.x-manuals/en/main/main/Console_Configuration.html
> 
> Thanks. I did read it. As far as I can tell, the answer is "no". It is
> easy to _define_ different console privilege levels, but it is hard to
> _select_ between them.
> 
> If I wasn't clear in my original explanation, Suppose I three users:
> root, foo, bar.
> 
> I'd like root to have all privileges, foo to only be able to invoke 'status',
> and bar to invoke 'status' and 'run'. I have only one director and one
> bconsole.conf config file. I'd like 'bconsole' when run (with no arguments) by
> each user to get the right console resource (based on their user id). And, to
> top it off, I'd like the root console configs in a separate file included by
> bconsole.conf so they aren't readable by foo or bar.
> 
> Thank you.
> 
> -pete

Hello, Peter: please check if this shell script (I named it 'baculejo') and 
configurations bellow suits you, given root user.

cat /usr/sbin/baculejo
=========================>8 Cut Here >8===========================
DIR_NAME=hfaria-K46CB-dir
DIR_ADDRESS=localhost

echo " Director {
 Name = $DIR_NAME
 DIRport = 9101
 Address = $DIR_ADDRESS
 Password = "xxxx"
}

Console {
   Name = $USER
   Password = "password"
}" > /tmp/bconsole.user.conf 

bconsole -c /tmp/baculejo.conf
=========================>8 Cut Here >8===========================

bacula-dir.conf sample:

=========================>8 Cut Here >8===========================
Console {
  Name = root
  Password = "password"
  JobACL = *all*
  ClientACL = *all*
  StorageACL = *all*
  ScheduleACL = *all*
  PoolACL = *all*
  FileSetACL = *all*
  CatalogACL = *all*
  CommandACL = *all*
}
=========================>8 Cut Here >8===========================

Regards,
-- 
======================================================================= 
Heitor Medrado de Faria - LPIC-III | ITIL-F | Bacula Systems Certified 
Administrator II 
Próximas aulas telepresencial ao-vivo - 15 de fevereiro: 
http://www.bacula.com.br/agenda/ 
Ministro treinamento e implementação in-company Bacula: 
http://www.bacula.com.br/in-company/ 
Ou assista minhas videoaulas on-line: 
http://www.bacula.com.br/treinamento-bacula-ed/ 
61 8268-4220 
Site: www.bacula.com.br | Facebook: heitor.faria 
========================================================================

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] restricted consoles and uids, Peter Keller
Next by Date:  Re: [Bacula-users] restricted consoles and uids, Heitor Faria
Previous by Thread:  Re: [Bacula-users] restricted consoles and uids, Peter Keller
Next by Thread:  Re: [Bacula-users] restricted consoles and uids, Heitor Faria
Indexes:  [Date] [Thread] [Top] [All Lists]