On 6 Sep 2006 at 9:55, Kern Sibbald wrote: > On Wednesday 06 September 2006 02:21, Dan Langille wrote: > > I'm trying to setup TLS with one client. I have two other clients > > working with TLS. At this point, I'm just doing a 'status client' > > and bacula-fd dies. > > > > Two questions: > > > > 1 - Do we agree that bacula-fd shouldn't die? > > No, it has every right because it is configured incorrectly. > > The bigh problem is if it cannot open the state file, then it *is* > going to die at some point. You need to fix that. Probably it is a > permissions error on your working directory. This is the first thing > that needs fixing. Once done the other error will probably go away.
I cannnot see how it is incorrectly configured. Full configuration file and directory permissions are at: http://beta.freshports.org/tmp/bacula-fd.conf.txt > Second point is that a SIG 11 Kaboom is often Bacula's way of dying > when something is wrong -- like it cannot access the working > directory. FWIW, this is not a new FD. It has been working through stunnel, and plain text over the Internet. Now I'm adding TLS. > > 2 - Why is my TLS negotiation failing? > > Possibly because of working directory problems. In addition to the working directory permissions supplied in the above URL, I have: # ls -ld /home/bacula/ drwxr-xr-x 2 root wheel 512 Sep 6 23:46 /home/bacula/ # ls -l /home/bacula/ total 8 -rw-r----- 1 root wheel 4720 Sep 5 02:19 cacert.pem -rw-r--r-- 1 root wheel 1524 Sep 6 23:45 lists.example.org.cert -rw-r--r-- 1 root wheel 887 Sep 6 23:45 lists.example.org.nopassword.key # > > > > > Both bacula-fd and bacula-dir are version 1.38.11 > > > > cheers > > > > Here is the death: > > > > # /usr/local/sbin/bacula-fd -d100 -f -u root -g wheel -v -c > > /usr/local/etc/ > > bacula-fd.conf > > lists-fd: bsys.c:517 Could not open state file. sfd=-1 size=188: > > ERR=No such file or directory > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > lists-fd: filed.c:238 filed: listening on port 9102 > > lists-fd: bnet_server.c:83 Addresses host[ipv4:0.0.0.0:9102] > > lists-fd: bnet.c:1128 who=client host=70.26.229.230 port=36387 > > lists-fd: find.c:68 init_find_files ff=0x80a2c18 > > lists-fd: job.c:189 <dird: Hello Director bacula-dir calling > > lists-fd: job.c:205 Executing Hello command. > > lists-fd: cram-md5.c:52 send: auth cram-md5 > > <[EMAIL PROTECTED]> ssl=1 > > lists-fd: cram-md5.c:68 Authenticate OK q+M8e9kGp0MgmF+AiX+hJB > > lists-fd: cram-md5.c:97 cram-get: auth cram-md5 > > <[EMAIL PROTECTED]> ssl=2 > > lists-fd: cram-md5.c:114 sending resp to challenge: > > XkULP5/F/51V02/RwW/JVD > > Kaboom! bacula-fd, lists-fd got signal 11. Attempting traceback. > > Kaboom! exepath=/usr/local/sbin/ Calling: /usr/local/sbin/btraceback > > /usr/local/sbin/bacula-fd 8199 Killed > > > > Here is the traceback email: > > > > (no debugging symbols found)... > > /var/db/bacula/8199: No such file or directory. > > (no debugging symbols found)... > > (no debugging symbols found)...(no debugging symbols found)... > > (no debugging symbols found)...(no debugging symbols found)... > > (no debugging symbols found)...(no debugging symbols found)... > > (no debugging symbols found)...(no debugging symbols found)... > > (no debugging symbols found)...(no debugging symbols found)... > > 0x283b2478 in __sys_poll () from /usr/lib/libc_r.so.4 > > $1 = 1953720684 > > $2 = 134799576 > > $3 = 134799768 > > $4 = 1702129225 > > $5 = 134728113 > > $6 = 134728136 > > $7 = 134728160 > > $8 = 134728168 > > #0 0x283b2478 in __sys_poll () from /usr/lib/libc_r.so.4 > > #1 0x283b19c4 in _thread_kern_sched_state_unlock () from > > /usr/lib/libc_r.so.4 > > #2 0x283b1389 in _thread_kern_scheduler () from > > #/usr/lib/libc_r.so.4 3 0x0 in ?? () > > > > Thread 1 (process 8199, thread 1): > > #0 0x283b2478 in __sys_poll () from /usr/lib/libc_r.so.4 > > #1 0x283b19c4 in _thread_kern_sched_state_unlock () from > > /usr/lib/libc_r.so.4 > > #2 0x283b1389 in _thread_kern_scheduler () from > > #/usr/lib/libc_r.so.4 3 0x0 in ?? () 0 0x283b2478 in __sys_poll () > > #from /usr/lib/libc_r.so.4 > > No symbol table info available. > > #1 0x283b19c4 in _thread_kern_sched_state_unlock () from > > /usr/lib/libc_r.so.4 > > No symbol table info available. > > #2 0x283b1389 in _thread_kern_scheduler () from > > #/usr/lib/libc_r.so.4 > > No symbol table info available. > > #3 0x0 in ?? () > > No symbol table info available. > > /usr/local/share/bacula/btraceback.gdb:19: Error in sourced command > > file: No frame 4 > > > > Here is the bacula-fd.conf: > > > > Director { > > Name = bacula-dir > > Password = "password" > > > > TLS Enable = yes > > # TLS Require = yes > > > > # TLS Verify Peer = yes > > > > TLS CA Certificate File = /home/bacula/cacert.pem > > > > TLS Certificate = /home/bacula/lists.example.org.cert TLS > > Key = /home/bacula/lists.example.org-nopass.key > > } > > > > # > > # "Global" File daemon configuration specifications > > # > > FileDaemon { # this is me > > Name = lists-fd > > FDport = 9102 # where we listen for the > > > > director > > WorkingDirectory = /var/db/bacula > > Pid Directory = /var/run > > > > TLS Enable = yes > > TLS CA Certificate File = /home/bacula/cacert.pem > > > > TLS Certificate = /home/bacula/lists.example.org.cert TLS > > Key = /home/bacula/lists.example.org-nopass.key > > } > > > > # Send all messages except skipped files back to Director > > Messages { > > Name = Standard > > director = lists-dir = all, !skipped > > } > > > > Here is part of the bacula-dir.conf: > > > > # Client (File Services) to backup > > Client { > > Name = lists-fd > > Address = lists.example.org > > FDPort = 9102 > > Catalog = MyCatalog > > Password = "password" > > > > TLS Require = yes > > TLS Enable = yes > > TLS CA Certificate File = /home/bacula/certificates/cacert.pem > > > > TLS Certificate = > > /home/bacula/certificates/bacula.example.org.cert TLS Key > > = > > /home/bacula/certificates/bacula.example.org.nopassword.key > > } > > > > > > Here is the failed status command: > > > > 05-Sep 20:08 bacula-dir: *Console*.2006-09-05_20.06.19 Fatal error: > > TLS negotiation failed. *status client=lists-fd Connecting to Client > > lists-fd at lists.example.org:9102 Failed to connect to Client > > lists-fd. ==== You have messages. *mes 05-Sep 20:11 bacula-dir: > > *Console*.2006-09-05_20.06.19 Fatal error: TLS negotiation failed. * > > > > -- > > Dan Langille : Software Developer looking for work > > my resume: http://www.freebsddiary.org/dan_langille.php > > > > > > > > -------------------------------------------------------------------- > > ----- Using Tomcat but need to do more? Need to support web > > services, security? Get stuff done quickly with pre-integrated > > technology to make your job > easier > > Download IBM WebSphere Application Server v.1.0.1 based on Apache > > Geronimo > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=12 > > 1642 _______________________________________________ Bacula-users > > mailing list Bacula-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/bacula-users > > > -- Dan Langille : Software Developer looking for work my resume: http://www.freebsddiary.org/dan_langille.php ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
