On mercredi, 7 décembre 2016 23.35:30 h CET 74cmonty wrote: > Am Mittwoch, 7. Dezember 2016 17:24:30 UTC+1 schrieb Bruno Friedmann: > > On mercredi, 7 décembre 2016 06.43:30 h CET 74cmonty wrote: > > > Hello! > > > > > > The files on the client that are identified for backup have restricted > > > permissions 640 and have a specific owner/group. > > > > > > When I run a backup I get this error: > > > ERR=Permission denied. > > > > > > The error message is clear, and the root cause is that the Bareos user > > > accessing the files on the client has insufficient permissions. > > > > > > Question: > > > Which user is reading files on client for backup? > > > > > > I've tried to add user 'bareos' to the group w/o success. > > > > > > THX > > > > By default the bareos-fd user is root. > > It's means two things, the bareos-fd on your installation is not using > > root > > otherwise some special attributes have been set on those files. > > > > ps auxw | grep bareos-fd should show you root > > systemctl show bareos-fd.service should show it too (if used on decent > > modern distribution) > > > > Notice as you didn't precise it, under windows it use the system service > > account. Some users (terrible under windows) remove everybody, even for > > system account the right to read their file. Then you have to start > > training lesson to explain to user, if you don't let the system account > > read your file for backup then you have no backup :-) > > Indeed the user account for service bareos-fd is root: > ps auxw | grep bar > root 38459 0.2 0.0 170624 2988 ? Ssl Dec02 20:48 > /usr/sbin/bareos-fd bareos 79101 0.1 0.0 90000 3200 ? Ssl > Nov28 26:16 /usr/sbin/bareos-sd > > The OS is SLES11SP4; files on client to backup are: > ll /Backup_NewDB_BS4/data/ > total 198928404 > -rw-r----- 1 bs4adm sapsys 155648 Dec 7 14:42 > backup_BS4_bareos-schedule-20161207_144219_databackup_0_1 -rw-r----- 1 > bs4adm sapsys 100671488 Dec 7 14:42 > backup_BS4_bareos-schedule-20161207_144219_databackup_1_1 -rw-r----- 1 > bs4adm sapsys 83894272 Dec 7 14:42 > backup_BS4_bareos-schedule-20161207_144219_databackup_2_1 -rw-r----- 1 > bs4adm sapsys 202719109120 Dec 7 15:12 > backup_BS4_bareos-schedule-20161207_144219_databackup_3_1 > > Do you see any solution to backup these files other then modifying the > permissions (chmod o+r)?
No clear idea still from those informations. This is the what I would investigate. What about the top rights ? a getfacl -R /Backup_NewDB_BS4 Also when the deny access occur, did you get any message in dmesg ? Did the bareos-fd init script has some special flags or confined by apparmor ? -- Bruno Friedmann Ioda-Net Sàrl www.ioda-net.ch Bareos Partner, openSUSE Member, fsfe fellowship GPG KEY : D5C9B751C4653227 irc: tigerfoot openSUSE Tumbleweed Linux 4.8.12-1-default x86_64 GNU/Linux, nvidia: 375.20 Qt: 5.7.0, KDE Frameworks: 5.28.0, Plasma: 5.8.4, kmail2 5.3.3 (QtWebEngine) -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/d/optout.
