|
Re: [Bacula-users] restricted consoles and uids
2016-02-24 18:55:32
*Minor correction:
cat /usr/sbin/baculejo
=========================>8 Cut Here >8===========================
DIR_NAME=hfaria-K46CB-dir
DIR_ADDRESS=localhost
echo " Director {
Name = $DIR_NAME
DIRport = 9101
Address = $DIR_ADDRESS
Password = "xxxx"
}
Console {
Name = $USER
Password = "password"
}" > /tmp/baculejo.conf
bconsole -c /tmp/baculejo.conf
=========================>8 Cut Here >8===========================
bacula-dir.conf sample:
=========================>8 Cut Here >8===========================
Console {
Name = root
Password = "password"
JobACL = *all*
ClientACL = *all*
StorageACL = *all*
ScheduleACL = *all*
PoolACL = *all*
FileSetACL = *all*
CatalogACL = *all*
CommandACL = *all*
}
=========================>8 Cut Here >8===========================
----- Original Message -----
> From: "Heitor Faria" <heitor AT bacula.com DOT br>
> To: "Peter Keller" <pkeller AT sift DOT net>
> Cc: "Bacula Users List" <bacula-users AT lists.sourceforge DOT net>
> Sent: Wednesday, February 24, 2016 8:46:40 PM
> Subject: Re: [Bacula-users] restricted consoles and uids
>> On 02/24/2016 04:41 PM, Heitor Faria wrote:
>>>
>>>> Hello,
>>>>
>>>> Does bacula have any feature where, depending upon the UID of the unix user
>>>> executing the bconsole program, one can choose different restrictions for
>>>> the console and this would all be specified in one config file?
>>>
>>> Hello, Peter: please read the nice manual =>
>>> http://www.bacula.org/5.2.x-manuals/en/main/main/Console_Configuration.html
>>
>> Thanks. I did read it. As far as I can tell, the answer is "no". It is
>> easy to _define_ different console privilege levels, but it is hard to
>> _select_ between them.
>>
>> If I wasn't clear in my original explanation, Suppose I three users:
>> root, foo, bar.
>>
>> I'd like root to have all privileges, foo to only be able to invoke 'status',
>> and bar to invoke 'status' and 'run'. I have only one director and one
>> bconsole.conf config file. I'd like 'bconsole' when run (with no arguments)
>> by
>> each user to get the right console resource (based on their user id). And, to
>> top it off, I'd like the root console configs in a separate file included by
>> bconsole.conf so they aren't readable by foo or bar.
>>
>> Thank you.
>>
>> -pete
>
> Hello, Peter: please check if this shell script (I named it 'baculejo') and
> configurations bellow suits you, given root user.
>
> cat /usr/sbin/baculejo
> =========================>8 Cut Here >8===========================
> DIR_NAME=hfaria-K46CB-dir
> DIR_ADDRESS=localhost
>
> echo " Director {
> Name = $DIR_NAME
> DIRport = 9101
> Address = $DIR_ADDRESS
> Password = "xxxx"
> }
>
> Console {
> Name = $USER
> Password = "password"
> }" > /tmp/bconsole.user.conf
>
> bconsole -c /tmp/baculejo.conf
> =========================>8 Cut Here >8===========================
>
> bacula-dir.conf sample:
>
> =========================>8 Cut Here >8===========================
> Console {
> Name = root
> Password = "password"
> JobACL = *all*
> ClientACL = *all*
> StorageACL = *all*
> ScheduleACL = *all*
> PoolACL = *all*
> FileSetACL = *all*
> CatalogACL = *all*
> CommandACL = *all*
> }
> =========================>8 Cut Here >8===========================
>
> Regards,
> --
> =======================================================================
> Heitor Medrado de Faria - LPIC-III | ITIL-F | Bacula Systems Certified
> Administrator II
> Próximas aulas telepresencial ao-vivo - 15 de fevereiro:
> http://www.bacula.com.br/agenda/
> Ministro treinamento e implementação in-company Bacula:
> http://www.bacula.com.br/in-company/
> Ou assista minhas videoaulas on-line:
> http://www.bacula.com.br/treinamento-bacula-ed/
> 61 8268-4220
> Site: www.bacula.com.br | Facebook: heitor.faria
> ========================================================================
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
> _______________________________________________
> Bacula-users mailing list
> Bacula-users AT lists.sourceforge DOT net
> https://lists.sourceforge.net/lists/listinfo/bacula-users
--
=======================================================================
Heitor Medrado de Faria - LPIC-III | ITIL-F | Bacula Systems Certified
Administrator II
Próximas aulas telepresencial ao-vivo - 15 de fevereiro:
http://www.bacula.com.br/agenda/
Ministro treinamento e implementação in-company Bacula:
http://www.bacula.com.br/in-company/
Ou assista minhas videoaulas on-line:
http://www.bacula.com.br/treinamento-bacula-ed/
61 8268-4220
Site: www.bacula.com.br | Facebook: heitor.faria
========================================================================
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|
