On 06.09.2018 at 22:27 wrote Dakota Pilot: > On the whole I find Bareos documentation pretty good. I checked the website > and some other sources for system requirements and never found links to the > release notes. > > As far as the password goes it really doesn't matter one way or the other. I > come from where everything has passwords and I'm trying to find out what > others do - what is general practice. The docs say nothing about it and I > assume Bareos has set things up to be pretty secure. My installation has no > password in the catalog configuration nor was I asked for one when I ran the > install via yum. > > I'm not sure what auth secret you are referring to. The bareos user in > postgres has no password. I'm wary of changing passwords after the fact for > apps like Bareos because things can break badly. > > I guess what I'm asking is what does Bareos recommend. Should I apply a > password to the database user and if so I assume I change it in the catalog > and in postgres also. Do I need to do anything other than restart the > bareos services?
By default, Bareos uses ident identification with Postgresql. This is a default method of Postgres. A unix user can access a local database which is named identical to the user. Therefore the Unix user bareos can access the local Postgres database bareos, as Postgres can check if a query is really issues by the local user. I consider this as secure enough. Postgres has also a method to extend the behavior for network based database access. This is something I would avoid and would use a password based authentication instead. -- Jörg Steffens [email protected] Bareos GmbH & Co. KG Phone: +49 221 630693-91 http://www.bareos.com Fax: +49 221 630693-10 Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646 Komplementär: Bareos Verwaltungs-GmbH Geschäftsführer: S. Dühr, M. Außendorf, Jörg Steffens, P. Storz -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/d/optout.
