[Bacula-users] rhel6 (centos6) bug on tape blocksize = 1024k
Hi, recently, after upgrading our bacula server from CentOS 5.10 to CentOS 6.4, we have been hit by an upstream kernel bug. in our bacula config we use the following tape device settings for some time. Maximum Block Size = 1024K Minimum Block Size = 32K after OS upgrade the tape mount failed most of the times 16-Nov 00:03 bacula-sd JobId 431441: Error: block.c:1002 Read error on fd=7 at file:blk 0:0 on device Drive-1 (/dev/nst1). ERR=Device or resource busy. we got the same error using dd, but not always. it took me about one week to find the root cause of the problem. It is described at redhat (need a subscription to read all details) https://access.redhat.com/site/solutions/303123 There exists a kernel patch, but it is not released until now. There i found also a workaround which works for us: # cat /etc/modprobe.d/mt-st.conf options st max_sg_segs=64 See also the latest technical notes from RHEL 6.5: --- https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/devices_issues.html kernel component When using large block size (1MB), the tape driver sometimes returns an EBUSY error. To work around this problem, use a smaller block size, that is 256KB. --- I wrote this just to save u time when u experiment on tape block size = 1024k on CentOS/RHEL 6.x. Best regards Ulrich -- Ulrich Leodolter ulrich.leodol...@obvsg.at Oesterreichische Bibliothekenverbund und Service GmbH Raimundgasse 1/3, A-1020 Wien Fax +43 1 4035158-30 Tel +43 1 4035158-21 Web http://www.obvsg.at -- Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311iu=/4140/ostg.clktrk ___ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
Re: [Bacula-users] Bacula Status Report
Hi Kern. Thank you for the information and here are some requests for more details :) On 25.11.2013 18:49, Kern Sibbald wrote: 2. The Bareos fork of Bacula: Unfortunately, despite the fact that Bareos hired one of the best German Open Source lawyers , there were a number of serious copyright violations with their code. I guess mixing copyright and open source into one sentence makes several people quite confused, so can you clarify what are the issues? Is it, for instance, that Bareos wants to change license of the source code, but copyright holder does not permit it? So as Bacula contributors and users, you would be within your rights to feel very upset with Bareos, because they never offered you the code they developed. I have understood that all of their code is in Github. Isn't it so? I assure that I will do all in my power to ensure that any worthwhile features that Bareos implements will be implemented in Bacula, and most likely better integrated and more robust, and where possible with even more functionality and growth potential. How would you do it? Would you port the features, possibly making the code better? Or would you just code the features from scratch? I'm sorry, but currently it seems there is some soap opera going on between these 2 projects and it is just sad to watch. I really do hope that it won't affect good ideas being spread between the 2 projects and also in the open etc. 3. Bacula Systems and the FSFE: There are a number of points in the agreement, but probably the most important of all is that Bacula Systems has now put in writing that it is an Open Source company (at its heart), as it has always proclaimed, and will contribute all the Enterprise code it creates to the Bacula Community code base within at most a 5 year period. So all the Bacula Enterprise features and plugins will ultimately be open sourced? Ie. we would see the delta plugin and vSphere plugin as open-source within 5 years counting from the point they were announced? Does it also mean that these features, by worst case scenario, in the open source version will always be 5 years behind the Enterprise version? Do you have any features in mind that you would make open sourced within the shorter time-frame? -- Silver -- Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311iu=/4140/ostg.clktrk___ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
Re: [Bacula-users] bacula-fd crashes on FreeBSD 9.2
Hello, Yes, Martin, that is surely the problem. Bacula has a handler for SIGUSR1 and if it gets a 0 for a signal number, Bacula will die. Kern On 11/25/2013 07:43 PM, Martin Simmons wrote: Looks like a recently discovered bug in FreeBSD: http://thread.gmane.org/gmane.os.freebsd.devel.hackers/51832 __Martin On Sun, 24 Nov 2013 17:36:50 -0800, David Newman said: Apologies for top posting. Kern and Dan asked for more information on this issue awhile back, and I'd provided it (see below, or the list archives) in two messages on 10 November. I'm OK for now by running from the binary, but a backup will crash when the binary is called from the FreeBSD startup script. Thanks in advance for additional troubleshooting clues. Also, should I instead file a FreeBSD PR for this? dn On 11/10/13, 5:12 PM, David Newman wrote: On 11/10/13 12:09 PM, Dan Langille wrote: On Nov 10, 2013, at 2:02 PM, David Newman dnew...@networktest.com wrote: On 11/9/13, 9:33 AM, Dan Langille wrote: On Nov 8, 2013, at 7:51 PM, David Newman dnew...@networktest.com wrote: On 11/7/13 6:17 AM, Dan Langille wrote: On 2013-11-06 21:05, David Newman wrote: On 11/5/13 5:53 PM, Dan Langille wrote: You are on 9.2-release. Have you run freebsd-update to get the latest security patches? Yes Did you see the post by Dean E. Weimer today? The most recent post from Dean to this list (at least that I have) is from 4 November at 2030 UTC, saying essentially that a complete rebuild of the OS solved his problem. I'm hoping not to have to boil the ocean... Second: read below. With your help (thanks), I got the debug version built and running. Two things: 1. Just like before, the binary in /usr/local/sbin/bacula-fd runs fine when launched on its own. By runs I mean the director successfully completes a backup job. 2. Just like before, the binary in /usr/local/sbin/bacula-fd crashed when called from the startup script in /usr/local/etc/rc.d/bacula-fd. By crashed I mean the client machine's fd daemon dies during a backup job. Please paste the output of ps auwx | grep bacula-fd for both of the above scenarios. I expect to see something like this: # ps auwx | grep bacula-fd root 1364 0.0 0.4 10156 4192 ?? Is1:47PM 0:15.71 /usr/local/sbin/bacula-fd -u root -g wheel -v -c /usr/local/etc/bacula-fd.conf Here's the binary by itself: root 27754 0.0 0.3 18696 5548 ?? Ss4:01PM0:00.00 /usr/local/sbin/bacula-fd That’s just bacula-fd raw, no parameters. Hmmm. and here it is called from /usr/local/etc/rc.d/bacula-fd (with debugging on): root 28337 0.0 0.3 18696 5612 ?? Ss4:15PM0:00.00 /usr/local/sbin/bacula-fd -u root -g wheel -v -c /usr/local/etc/bacula/bacula-fd.conf and once more, compiled with debug off: root 37399 0.0 0.3 18696 5608 ?? Ss4:38PM0:00.00 /usr/local/sbin/bacula-fd -u root -g wheel -v -c /usr/local/etc/bacula/bacula-fd.conf Those are identical. Good. I've pasted below the crash output to STDERR. Thanks in advance for more troubleshooting clues. For the below, I think you have to find btraceback and get that installed to /usr/local/sbin/btraceback OK, I found something: This is a problem related to bsmtp. (Again, this is on an i386 machine.) With debugging on and btraceback in place, the debugger complains it can't find bstmp. I copy the bsmtp directory from under the bacula-client port into /usr/local/sbin and a backup produces a complaint about permissions. I do 'chmod -R 777 /usr/local/bstmp' and -- lo and behold, the backup now runs with bacula-fd called from the startup script. There's no debug output because it works. Then I uninstall bacula-client and back out of all the debugging changes, both in the bacula-client and bacula-server directories, run 'make clean' in both directories, and reinstall bacula-client. I again put the bsmtp directory into /usr/local/sbin and again chmod 777 it. Now, bacula-fd crashes same as before. Try the non-debug and debug versions like this, start them from the command line. /usr/local/sbin/bacula-fd -f -u root -g wheel -c /usr/local/etc/bacula/bacula-fd.conf The -f ensures bacula-fd will stay in the foreground. Try the backup? Any messages? Yes. I've pasted the output of both here: http://pastebin.com/iPEqYDUb This time, both debug and non-debug versions failed to complete a backup. Not sure what changed from before. For starters, you’re running in the foreground… That may affect things. I do not know for sure. This is the only instance I have of bacula-fd on i386 on FreeBSD. There are other i386 machines running bacula-fd but they're on other OSs such as Linux and OpenBSD. The fact that the backup runs OK from the raw binary and doesn't run from the startup script suggests this may be a FreeBSD-specific issue. I wonder if this might be a compiler optimization issue. That is, the compiler is attempting to
Re: [Bacula-users] Bacula Status Report
Hello, On 11/26/2013 11:17 AM, Silver Salonen wrote: Hi Kern. Thank you for the information and here are some requests for more details :) On 25.11.2013 18:49, Kern Sibbald wrote: 2. The Bareos fork of Bacula: Unfortunately, despite the fact that Bareos hired one of the best German Open Source lawyers , there were a number of serious copyright violations with their code. I guess mixing copyright and open source into one sentence makes several people quite confused, so can you clarify what are the issues? All code is licensed one way or another. Virtually all Open Source code also has a copyright (the GPL is a copyright with a license). I would not like to burden this list with copyright/license details, so I will do so in my blog in detail, and besides right now I am on vacation so please excuse me for not giving any more details at the moment. Is it, for instance, that Bareos wants to change license of the source code, but copyright holder does not permit it? Most of the problems were that they incorrectly added their copyrights where they legally could not. I can imagine they would like to change the license, but that is speculation on my part. What is not speculation is that they cannot change the copyright license. So as Bacula contributors and users, you would be within your rights to feel very upset with Bareos, because they never offered you the code they developed. I have understood that all of their code is in Github. Isn't it so? You will need to ask Bareos if all their code is on Github since I don't have access to their company. At least the main source code is there. I assure that I will do all in my power to ensure that any worthwhile features that Bareos implements will be implemented in Bacula, and most likely better integrated and more robust, and where possible with even more functionality and growth potential. How would you do it? Would you port the features, possibly making the code better? Or would you just code the features from scratch? To keep the Bacula FSFE copyright clean, we will probably need to code the features from scratch. However, one must realize that when coding a feature in Bacula, if two people do the same thing, there could be a substantial overlap of the code since one would naturally use a lot of the internal subroutines. I'm sorry, but currently it seems there is some soap opera going on between these 2 projects and it is just sad to watch. I really do hope that it won't affect good ideas being spread between the 2 projects and also in the open etc. What gives you the idea that there is a soap opera going on? And what do you find sad? Hopefully not something that I have done. Certainly, if Bareos has good ideas, we will be very interested in them as I have already stated just above. They will clearly directly take anything from Bacula that they consider useful. 3. Bacula Systems and the FSFE: There are a number of points in the agreement, but probably the most important of all is that Bacula Systems has now put in writing that it is an Open Source company (at its heart), as it has always proclaimed, and will contribute all the Enterprise code it creates to the Bacula Community code base within at most a 5 year period. So all the Bacula Enterprise features and plugins will ultimately be open sourced? Yes. Some such as our Oracle plugin will not be Open Sources since it uses the Oracle API which is proprietary. At the moment, this is the only exception I can think of though. Ie. we would see the delta plugin and vSphere plugin as open-source within 5 years counting from the point they were announced? The answer is yes, but with the nuance that the time period for code developed prior to the agreement starts as of the agreement. Does it also mean that these features, by worst case scenario, in the open source version will always be 5 years behind the Enterprise version? Yes. Do you have any features in mind that you would make open sourced within the shorter time-frame? Yes we will probably make many available well before the 5 year period (I would guess even most features). I have a number of features in mind that we are internally agreed on and others that we are considering. The official announcement on what they are will certainly be made at the Bacula Conference or possibly earlier. Best regards, Kern -- Silver -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351iu=/4140/ostg.clktrk___ Bacula-users mailing list Bacula-users@lists.sourceforge.net
[Bacula-users] Question on restoring files using bscan with 2 storage servers
hello list, I am hoping you can help me solve this. I have one director and to storage servers. Both storage servers have disks attached but only one sd has a tape drive. The tape drive is not on the director. I need to load some old tapes into the database but when I run bscan from the sd where the tape is, it does not see the database. If I run bscan from the director where there isn't a tape drive it does not see the tape drive on the other sd. How can I resolve this? thanks -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351iu=/4140/ostg.clktrk___ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
Re: [Bacula-users] Question on restoring files using bscan with 2 storage servers
hello list, I am hoping you can help me solve this. I have one director and to storage servers. Both storage servers have disks attached but only one sd has a tape drive. The tape drive is not on the director. I need to load some old tapes into the database but when I run bscan from the sd where the tape is, it does not see the database. If I run bscan from the director where there isn't a tape drive it does not see the tape drive on the other sd. How can I resolve this? I know this can be made to work since my director, database and tape storage are on 3 different servers and have been for 8+ years. Wait a minute bscan has a parameter for database host, port, username and password. Are you supplying the database info? Usage: bscan [ options ] bacula-archive -b bootstrap specify a bootstrap file -c file specify configuration file -d nn set debug level to nn -dt print timestamp in debug output -mupdate media info in database -D driver name specify the driver database name (default NULL) -n name specify the database name (default bacula) -u user specify database user name (default bacula) -P password specify database password (default none) -h host specify database host (default NULL) -t port specify database port (default 0) -pproceed inspite of I/O errors -rlist records -ssynchronize or store in database -Sshow scan progress periodically -vverbose -V Volumes specify Volume names (separated by |) -w dir specify working directory (default from conf file) -?print this message John -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351iu=/4140/ostg.clktrk ___ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
Re: [Bacula-users] Bacula Status Report
Hello, my name is Maik Außendorf, I am a member of the Bareos project and co-founder of the Bareos company. I apologize for not using my original email address but that has been banned from this list withoout any given reason. I attach my original footer below. I just want to comment on 2 points: 1. The Free Software Foundation Europe (FSFE) is the copyright holder of Bacula open source. We've worked together with the FSFE to clear some formal things in the version history and header files. I.E. some copyright information had to be changed. We've changed everything the way the FSFE has asked for. On August 12th 2013 the last mail from the FSFE stated, that they do not see any more problems. Please read our FAQ article for full quotation: https://www.bareos.org/en/faq/items/copyright_bacula_bareos.html In that FAQ you can also find the history about the open source code fragments regarding the bandwidth limitation feature. 2. GIT Our sources are all on GIT Hub since late 2012. Before that the long year Bacula community developer Marco van Wieringen has maintained his own branch mainly with patches by him and other contributors that were rejected by bacula.org. So a private thing but the only way to preserve those contributions. After the decision was made to start an own project based on that branch, it was published, is 100% AGPL and will stay so. I don't want to comment on more, because these are the important things. Everyone can reuse our code in a open source way (fully compliant with AGPL). And everyone can choose whatever open source project he or she likes best. One more thing to add: we've given a fundamental value to the Bacula community, too: the Bareos clients are compatible with Bacula daemons. And there are repositories for almost all Linux distribution ready to use + a rewritten Windows installer for the Windows client - ready to install (graphical or even unattended by command line switches). If you are missing a bacula client for your particular Linux distribution, MacOS or Windows, feel free to test our Bareos client with your Bacula director. With kind regards. -- Mit freundlichen Grüßen -- Maik Außendorf maik.aussend...@bareos.com Bareos GmbH Co. KG Phone: +49221630693-93 http://www.bareos.com Fax: +49221630693-10 Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646 Komplementär: Bareos Verwaltungs-GmbH Geschäftsführer: Stephan Dühr, M. Außendorf, J. Steffens, P. Storz, M. v. Wieringen -Original Message- From: Kern Sibbald k...@sibbald.com To: bacula-users bacula-users@lists.sourceforge.net; bacula-devel bacula-de...@lists.sourceforge.net; bacula-announce bacula-annou...@lists.sourceforge.net Sent: Mon, Nov 25, 2013 5:57 pm Subject: [Bacula-users] Bacula Status Report Hello, I would like to speak to you about the following points: 1. The rumors of the death of Bacula (the Community version) 2. The Bareos fork of Bacula 3. Bacula Systems and the FSFE (Free Software Foundation Europe) 4. The future of Bacula (the Community version) 1. The rumors of the death of Bacula (the Community version): I borrow words from a quote of Mark Twain: The rumors of the death of Bacula are highly exaggerated! I began working on Bacula 14 years ago (in January 2000), and it has been Open Source from the time it was publicly released in April 2002, and it will remain Open Source. I have been and am fully devoted to Open Source, and in particular to Bacula, which is like my “baby”. So to hear rumors that Bacula is dead or that I have withheld commits because they are Enterprise features is shocking and hurtful to me as well as not true. I did inform the Bacula Community several years ago that my personal participation in Bacula would decrease a bit for several years to allow me to focus more on getting Bacula Systems started. In my opinion, that has not been a serious disadvantage for the Bacula project since Bacula Systems over that period has contributed far more code to Bacula than I could have alone over the same period, and as you will see a bit later in this status report, Bacula Systems contributions are absolutely guaranteed to continue in the long run, and even increase. 2. The Bareos fork of Bacula: The Bacula repository has been on “hold” since our last release in early February, because on 27 February 2013, I learned that there was a fork of Bacula made by a former “consultant” of Bacula Systems with a former reseller of Bacula Systems. Unfortunately, despite the fact that Bareos hired one of the best German Open Source lawyers , there were a number of serious copyright violations with their code. Since the Bacula code is copyrighted by the Free Software Foundation Europe
[Bacula-users] Backing up catalog into a Pool defeats the purpose?
Thanks for your help guys. I think the problem can be resolved in 2 ways: Maintaining the dumped sql of the catalog separately as specified. Backing up the catalog backup job bootstrap which is provided in (atleast) the debian flavor binaries' configuration as an incremented snapshot. +-- |This was sent by imagene...@gmail.com via Backup Central. |Forward SPAM to ab...@backupcentral.com. +-- -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351iu=/4140/ostg.clktrk ___ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
[Bacula-users] Does Copy support resume?
The basic question is: 1. Does the Copy job support resume? More precisely: 2. It has been specified that migration decompresses the contents (and perhaps decrypts) in it's execution. Is this the case for Copy? 3. What occurs in if the Copy job is canceled? Are the target volumes reverted to their original condition? 4. If it doesn't support resume, does it revert the target volumes to their original condition, removing the invalid truncated data and restart? It would appear that the Copy job copies the contents of volumes into a new volume pool. Considering, this, if Copy can resume, it can understand the current internal state of the target volume in comparison to the source in the event of termination. +-- |This was sent by imagene...@gmail.com via Backup Central. |Forward SPAM to ab...@backupcentral.com. +-- -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351iu=/4140/ostg.clktrk ___ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
[Bacula-users] bacula TLS help
Hello all, I'm trying to add TLS encryption to my bacula setup. I've been following this guide which got me almost all of the way there: http://blog.earth-works.com/2013/08/03/configuring-bacula-to-use-tls-to-encrypt-connections/ I modified the following sections in my bacula-dir.conf file: Director {# define myself Name = storage.jokefire.com DIRport = 9101# where we listen for UA connections QueryFile = /etc/bacula/query.sql WorkingDirectory = /var/spool/bacula PidDirectory = /var/run Maximum Concurrent Jobs = 1 Password = secret # Console password Messages = Daemon TLS Certificate = /etc/pki/tls/certs/storage.jokefire.com.crt TLS Key = /etc/pki/tls/private/storage.jokefire.com.key TLS CA Certificate File = /etc/pki/CA/certs/rootBaculaCA.pem TLS Enable = yes TLS Require = yes TLS Verify Peer = yes } Client { Name = ops.jokefire.com Address = ops.jokefire.com FDPort = 9102 Catalog = JokefireCatalog Password = secret # password for FileDaemon File Retention = 14 days# 14 days Job Retention = 14d# 14 days AutoPrune = yes # Prune expired Jobs/Files TLS Certificate = /etc/pki/tls/certs/storage.jokefire.com.crt TLS Key = /etc/pki/tls/private/storage.jokefire.com.key TLS CA Certificate File = /etc/pki/CA/certs/rootBaculaCA.pem TLS Enable = yes TLS Require = yes } And in my bacula-fd.conf Director { Name = storage.jokefire.com Password = secret TLS Certificate = /etc/pki/tls/certs/storage.jokefire.com.crt TLS Key = /etc/pki/tls/private/storage.jokefire.com.key TLS CA Certificate File = /etc/pki/CA/certs/rootBaculaCA.pem TLS Enable = yes TLS Require = yes } FileDaemon { # this is me Name = storage.jokefire.com FDport = 9102 # where we listen for the director WorkingDirectory = /var/bacula Pid Directory = /var/run Maximum Concurrent Jobs = 20 TLS Certificate = /etc/pki/tls/certs/storage.jokefire.com.crt TLS Key = /etc/pki/tls/private/storage.jokefire.com.key TLS CA Certificate File = /etc/pki/CA/certs/rootBaculaCA.pem TLS Enable = yes TLS Require = yes } In bacula-sd.conf: Storage { # definition of myself Name = storage.jokefire.com SDPort = 9103 # Director's port WorkingDirectory = /var/spool/bacula Pid Directory = /var/run Maximum Concurrent Jobs = 20 TLS Certificate = /etc/pki/tls/certs/storage.jokefire.com.crt TLS Key = /etc/pki/tls/private/storage.jokefire.com.key TLS CA Certificate File = /etc/pki/CA/certs/rootBaculaCA.pem TLS Enable = yes TLS Require = yes TLS Verify Peer = yes } And finally in bconsole.conf: Director { Name = storage.jokefire.com DIRport = 9101 address = storage.jokefire.com Password = secret TLS Certificate = /etc/pki/tls/certs/storage.jokefire.com.crt TLS Key = /etc/pki/tls/private/storage.jokefire.com.key TLS CA Certificate File = /etc/pki/CA/certs/rootBaculaCA.pem TLS Enable = yes TLS Require = yes } Then I bounced the services so all seems well at this point: [root@storage:/etc/bacula] #bounce-bacula Stopping Bacula Storage services: [ OK ] Starting Bacula Storage services: [ OK ] Stopping Bacula File services: [ OK ] Starting Bacula File services: [ OK ] Stopping Bacula Director services: [ OK ] Starting Bacula Director services: [ OK ] (wrote a script to bounce all services because I'm lazy) But when I go into bconsole I get the following (until I restore from backup) [root@storage:/etc/bacula] #bconsole Connecting to Director storage.jokefire.com:9101 26-Nov 22:13 bconsole JobId 0: Error: tls.c:92 Error with certificate at depth: 0, issuer = /C=US/ST=NJ/L=Newark/O=Jokefire LLC/OU=Ops/CN= storage.jokefire.com/emailAddress=bluethu...@gmail.com, subject = /C=US/ST=NJ/L=Newark/O=Jokefire LLC/OU=Ops/CN= storage.jokefire.com/emailAddress=bluethu...@gmail.com, ERR=18:self signed certificate TLS negotiation failed Director authorization problem. Most likely the passwords do not agree. If you are using TLS, there may have been a certificate validation error during the TLS handshake. Please see http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION0026for help. I've saved my work with TLS so I'm eager to get this going. I used the following guide to generating the certs, and I'm wondering if the problem could possibly be in the way I generated the certs? http://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/ Thanks for any and all advice! Tim -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B