Hello all,
I am having a problem with Baculum currently. To explain the context I need to start somewhere else: Baculum is running in a Docker container (pwa666/bacula-server:11-postgresql-latest) on my unRAID NAS, this container contains Baculum, Director, the SD and an FD for backing up local data. (https://hub.docker.com/pwa666/bacula-server) As macOS TimeMachine stopped working properly after unRAID upgrade to 6.10.3 I disabled TimeMachine in unRAID and installed the TimeMachine container (https://github.com/mbentley/docker-timemachine). This container runs with a br0 network and the TimeMachine service is using a different IP than the unRAID server, but in the same subnet. (Yes, macOS backup up twice, by Bacula and by TimeMachine) Since I have this TimeMachine container Baculum threw an error on the UI that bconsole had problems connecting to the director at localhost:9101. Consequently I replaced in bconsole.conf localhost with the FQDN of the director, which is a CNAME for the FQDN of the unRAID server: bconsole.conf: Director { Name = "bacula-dir" DIRport = 9101 address = bacdir.foo.net Password = "redacted" } After this, Baculum first works a while, but then it complains that bconsole fails to connect to the Director due to authentication problems: "Error code: 4 Message: Problem with connection to bconsole. Output=>Connecting to Director bacula-dir.lan.net:9101 Director authorization problem. Most likely the passwords do not agree. If you are using TLS, there may have been a certificate validation error during the TLS handshake. For help, please see http://www.bacula.org/rel-manual/en/problems/Bacula_Frequently_Asked_Que.html, Exitcode=>1" (btw, the mentioned URL is dead, I didn't find an FAQ) bacula-dir.conf: Director { Name = "bacula-dir" Messages = "Daemon" QueryFile = "/opt/bacula/scripts/query.sql" WorkingDirectory = "/opt/bacula/working" PidDirectory = "/opt/bacula/working" MaximumConcurrentJobs = 20 Password = "redacted" } The redacted passwords for both Director resources are identical, so a password mismatch is not the problem here. As can be seen there are no TLS directives, so even if TLS is used per default it would us the Password directives for the TLS PSK (if I understood it correctly). There are not TLS certificates provides by me for bacula. However, the unRAID server UI uses a certificate, and bacdir is not one of the names in the certificate's SAN. But AFAIK Bacula looks only at the CN, not at the names in SAN, correct? This is the first time I am seeing such an error in Bacula, and I have a small number of remote FDs that might possibly also connect using TLS (although in no config file there are TLS directives). If this error was about a missing TLS certificate, then why am I not seeing such an error for any of the remote FDs? Any has an idea where the problem might be? _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
