The 'bacula' user is a member of both 'tape' and 'disk' groups. The SD
config file belonged to the 'disk' group when 11.0.x was initially
installed. It belonged to the 'disk' group when upgraded to 13.0.x.
All worked.
When upgrading to 15.0.x, the SD config file belonging to the 'disk'
group no longer accessible even though 'bacula' is a member of the
'disk' group.
I noticed that an '.rpmnew' version of the SD config file provided by
the 15.0.2 upgrade had 'tape' as the group. I changed permission from
'disk' to 'tape' and now the SD starts and runs on both bacula servers.
---
On 11/21/2024 8:25 AM, Rob Gerber wrote:
D09,
Is bacula a member of the disk group?
What output do you have for the following:
id bacula # show groups for user bacula
sudo ls -lah /opt/bacula/etc
sudo ls -lah /opt/bacula/working
ps aux|grep bacula
My output for the same is below. This is a new installation of bacula on
rocky 9.4, using bacula 15.0.2, installed via the community repos.
Please note that I manually added bacula to the 'tape' and 'smb_backup'
groups. I did not manually set the bacula permissions, nor did I start
bacula using any means other than systemctl.
[gerber@td-bacula ~]$ id bacula
sudo ls -lah /opt/bacula/etc
sudo ls -lah /opt/bacula/working
ps aux|grep bacula
uid=985(bacula) gid=985(bacula) groups=985(bacula),33(tape),1001(smb_backup)
total 36K
drwxrwx---+ 2 root bacula 110 Nov 18 12:54 .
drwxrwxr-x+ 10 root root 108 Nov 18 12:54 ..
-rw-rwx---+ 1 root bacula 9.3K Nov 18 12:54 bacula-dir.conf
-rw-rwx---+ 1 root bacula 1.2K Nov 18 12:54 bacula-fd.conf
-rw-rwx---+ 1 root tape 9.8K Nov 18 12:54 bacula-sd.conf
-rw-rwx---+ 1 root bacula 280 Nov 18 12:54 bconsole.conf
-rw-rwx---+ 1 root root 636 Nov 18 12:54 .rpm.sed
total 40K
drwxrwx---+ 2 root bacula 4.0K Nov 20 23:10 .
drwxrwxr-x+ 10 root root 108 Nov 18 12:54 ..
-rw-r--r--. 1 bacula bacula 186 Nov 20 23:10 BackupCatalog.bsr
-rw-r-----. 1 bacula bacula 996 Nov 20 23:10 bacula-dir.9101.state
-rw-r-----. 1 root bacula 996 Nov 20 23:10 bacula-fd.9102.state
-rw-r-----. 1 bacula tape 4 Nov 19 17:18 bacula-sd.9103.pid
-rw-r-----. 1 bacula tape 996 Nov 20 23:10 bacula-sd.9103.state
-rw-rwx---+ 1 bacula bacula 11K Nov 20 23:10 td-bacula-dir.conmsg
-rw-r--r--. 1 bacula bacula 210 Nov 19 23:05 td-bacula-fd.bsr
root 839 0.0 0.3 311700 14292 ? Ssl Nov19 0:00 /opt/
bacula/bin/bacula-fd -fP -c /opt/bacula/etc/bacula-fd.conf
bacula 866 0.0 0.3 310812 11668 ? Ssl Nov19 0:00 /opt/
bacula/bin/bacula-sd -dt -c /opt/bacula/etc/bacula-sd.conf
bacula 1253 0.0 0.3 462884 14812 ? Ssl Nov19 0:01 /opt/
bacula/bin/bacula-dir -fP -c /opt/bacula/etc/bacula-dir.conf
gerber 10827 0.0 0.0 6408 2304 pts/1 S+ 09:21 0:00 grep
--color=auto bacula
Regards,
Robert Gerber
402-237-8692
r...@craeon.net <mailto:r...@craeon.net>
On Thu, Nov 21, 2024 at 8:44 AM D. <d...@bornfree.org
<mailto:d...@bornfree.org>> wrote:
Thank you, Bill.
It appears that bacula-sd (via systemd) is no longer content with the
permissions on its config file '/opt/bacula/etc/bacula-sd.conf' which
has never changed.
The permissions were:
-rw-rw----. 1 root disk 9894 Nov 5 2023 bacula-sd.conf
and that worked fine for years, but now it doesn't since the packages
upgrade. I changed the group to 'bacuala' and now the service starts
and runs.
Does that seem like an acceptable work-around to you?
---
On 11/20/2024 12:16 PM, Bill Arlofski via Bacula-users wrote:
> On 11/20/24 9:59 AM, D. wrote:
>> I upgraded from 13.0.4 to 15.0.2 on two Oracle Linux 8.10
servers. In
>> both cases, the bacula-sd.service daemon won't start after the
upgrade.
>> The DIR and FD daemons start just fine. The DIR seems to
interact with
>> the upgraded database just fine.
>>
>> The lack of logging has me stumped as to how I should further
>> troubleshoot this problem.
>>
>> Any thoughts?
>>
>> I thought about compiling it myself and seeing if my compiled SD
starts,
>> but I don't have the knowledge to compile myself. Hmph...
>
> Hello,
>
> You can star the SD in foreground mode with debug enabled. The
reason
> for the failure to start will usually be pretty clear - usually a
> permissions issue cause by the service being started manually as the
> root user at some point.
>
> # sudo -u bacula /opt/bacula/bin/bacula-sd -f -d100
>
> Make sure to start the SD using sudo like this - and not starting as
> root user using -u and -g command line options - so that there is
no chan
> ce of the daemon starting as root, being able to read files that the
> bacula user may not have access to, and then dropping privileges to
> become the bacula user. Basic permission issues can be missed
this way. :)
>
> Typically, the *.pid file might be owned `root:root` which will
prevent
> systemd, or the sudo command above from allowing the SD to start
- and
> systemd does not tell you why it didn't start, but the above command
> will reveal the issue.
>
>
> Hope this helps,
> Bill
>
>
>
> _______________________________________________
> Bacula-users mailing list
> Bacula-users@lists.sourceforge.net <mailto:Bacula-
us...@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/bacula-users
<https://lists.sourceforge.net/lists/listinfo/bacula-users>
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net <mailto:Bacula-
us...@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/bacula-users <https://
lists.sourceforge.net/lists/listinfo/bacula-users>
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
