Re: [Bacula-users] Special Permissions to Stop and Start Services during backup
2017-04-28 12:09:25
Hi Jim,
Note that sudo requires the command be executed from a TTY by default for security, which isn’t compatible with how system services run. Do you have a defaults entry for bacula that
disables the “requiretty” option? Not having this would manifest as a permission denied as if the sudo rule hadn’t taken effect.
> Defaults:bacula !requiretty
Giving bacula full access to systemctl is also not consistent with the principles of least privilege, and potentially dangerous. You would be safer providing multiple sudo rules to
start and stop just the services you need bacula to have control over.
This email and any files transmitted with it contain confidential and proprietary information and is solely for the use of the intended recipient. If you are not the intended recipient please return the email to the sender and delete it from your computer and you must not use, disclose, distribute, copy, print or rely on this email or its contents. This communication is for informational purposes only. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. Any comments or statements made herein do not necessarily reflect those of GSA Capital. GSA Capital Partners LLP is authorised and regulated by the Financial Conduct Authority and is registered in England and Wales at Stratton House, 5 Stratton Street, London W1J 8LA, number OC309261. GSA Capital Services Limited is registered in England and Wales at the same address, number 5320529.
|
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|