Hello,
I use on client and server the debian buster packages:
root@server:/etc/bacula# dpkg -l bacula\* |grep ^ii
ii bacula-bscan 9.4.2-2 amd64 network
backup service - bscan tool
ii bacula-common 9.4.2-2 amd64 network
backup service - common support files
ii bacula-common-pgsql 9.4.2-2 amd64 network
backup service - PostgreSQL common files
ii bacula-console 9.4.2-2 amd64 network
backup service - text console
ii bacula-console-qt 9.4.2-2 amd64 network
backup service - Bacula Administration Tool
ii bacula-director 9.4.2-2 amd64 network
backup service - Director daemon
ii bacula-director-pgsql 9.4.2-2 all network
backup service - PostgreSQL storage for Director
ii bacula-fd 9.4.2-2 amd64 network
backup service - file daemon
ii bacula-sd 9.4.2-2 amd64 network
backup service - storage daemon
ii bacula-server 9.4.2-2 all network
backup service - server metapackage
user@workstation:~$ dpkg -l bacula\* |grep ^ii
ii bacula-common 9.4.2-2 amd64 network backup service -
common support files
ii bacula-console 9.4.2-2 amd64 network backup service -
text console
ii bacula-console-qt 9.4.2-2 amd64 network backup service -
Bacula Administration Tool
ii bacula-fd 9.4.2-2 amd64 network backup service -
file daemon
ii bacula-tray-monitor 9.4.2-2 amd64 network backup service -
Bacula Tray Monitor
i've a running connection via bat + bconsole from my workstation to my
backupserver
which is running well with this configuration (same between bat + bconsole).
(Only running at root for the moment, but working.)
By the way it looks like bacula-tray-monitor ignores the default setup in
/etc/bacula
an starts with an empty configuration scheme. So I made my changes each time
also
on ~/.bacula-tray-monitor.
To prevent me from access issues I tried first to run bacula-tray-monitor as
root.
(Ugly and bad, but will be changed afer I get an running configuration)
In /etc/bacula
bat.conf + bconsole.conf
#
# Bacula Administration Tool (bat) configuration file
#
Director {
Name = backup-dir
DIRport = 9101
address = FQDN-of-Backupserver
Password = "mysecretdirectorpassword"
# For client connection to server port
# TLS configuration
TLS Enable = yes
TLS Require = yes
@/etc/bacula/tls_client.conf
}
tls_client.conf
TLS CA Certificate File = /etc/bacula/ssl/certs/ca2.crt.pem
TLS Certificate = /etc/bacula/ssl/certs/bac...@fqdn-of-workstation.crt.pem
TLS Key = /etc/bacula/ssl/private/HN-of-Workstation.key.pem
I tried to use the same configuration file for bacula-tray-monitor by
simply copy the bat.conf to bacula-tray-monitor.conf in /etc/bacula but had
some issues:
DIRport is not allowed. So I reanmed the name from DIRport to port, by the way
also
I comment the line because it is not needed. (port instead Dirport Breaks the
description)
A monitor ressource is needed. So I readded the monitor section by copy
it from the server, but then "password" is not allowed message appears. So I
used
the lines from the original configuration file:
Monitor {
Name = backup-mon
RefreshInterval = 30 seconds
}
Also I got a error message because TLS Require is not allowed. So I comment the
line
(is this more unsecure ?)
Looks like the @/etc/bacula/tls_client.conf is not used so I added the lines in
director section and comment out the @-Line.
Now all is starting without errors by the way in debug mode ob
bacula-tray-monitor
I get now an "Authentification error":
...
tray-monitor: parse_conf.c:1032-0 parse state=0 pass=2 got token=T_EOL
Monitor: name=backup-mon
Director: name=backup-dir address=FQDN-of-Backupserver port=9101
tray-monitor: parse_conf.c:1149-0 Leave parse_config()
tray-monitor: tray-monitor.cpp:179-0 Do not start the scheduler
tray-monitor: dirstatus.cpp:34-0 doUpdate(5568167106a8)
tray-monitor: task.cpp:232-0 Trying to connect to DIR
tray-monitor: bsockcore.c:299-0 Current My.BUSRV.IP.Adress:9101 All
My.BUSRV.IP.Adress:9101
tray-monitor: bsockcore.c:228-0 who=Director daemon host=FQDN-of-Backupserver
port=9101
tray-monitor: bsockcore.c:411-0 OK connected to server Director daemon
FQDN-of-Backupserver:9101.
tray-monitor: task.cpp:236-0 Connect done!
tray-monitor: watchdog.c:197-0 Registered watchdog 7fe7d40041c8, interval 300
one shot
tray-monitor: btimers.c:177-0 Start bsock timer 7fe7d4004298 tid=7fe836df7700
for 300 secs at 1582621658
tray-monitor: cram-md5.c:133-0 cram-get received: auth cram-md5
<10821xxxxx.xxxxx21608@backup-dir> ssl=0
tray-monitor: cram-md5.c:157-0 sending resp to challenge: f//6jW/xxx/xxx/xxxxx/A
tray-monitor: cram-md5.c:166-0 Received bad response: 1999 Authorization failed.
tray-monitor: message.c:1455-0 Enter Jmsg type=3
tray-monitor: btimers.c:212-0 Stop bsock timer 7fe7d4004298 tid=7fe836df7700 at
1582621663.
tray-monitor: watchdog.c:217-0 Unregistered watchdog 7fe7d40041c8
tray-monitor: task.cpp:239-0 Unable to authenticate
tray-monitor: bsockcore.c:999-0 BSOCKCORE::destroy()
tray-monitor: bsockcore.c:1012-0 BSOCKCORE::destroy():delete(this)
tray-monitor: bsock.c:89-0 BSOCK::~BSOCK()
tray-monitor: bsock.c:109-0 BSOCK::_destroy()
tray-monitor: bsockcore.c:143-0 BSOCKCORE::~BSOCKCORE()
tray-monitor: bsockcore.c:966-0 BSOCKCORE::_destroy()
tray-monitor: bsockcore.c:929-0 BSOCKCORE::close()
...
In running well bconsole from same workstation I get following messages:
25-Feb 10:09 backup-dir JobId 0: Security Alert: authenticate.c:452 Unable to
authenticate console "backup-mon" at client:My.WS.IP.Adress:37504.
If I use a different monitor ressource name which is not used on server side I
also get this message only
differs the name (which was a test before):
25-Feb 08:51 backup-dir JobId 0: Security Alert: authenticate.c:452 Unable to
authenticate console "workstation-mon" at client:My.WS.IP.Adress:37138.
As I understood this looks like a password problem in the monitor ressource
but if I configure a password in monitor section which is the same as in monitor
section of server:
Error parse_conf.c:1104 Keyword "Password" not permitted in this ressource and
in debug output. …
1. Is the configuration so much different from bconsole and bat configuration?
2. Why is not the default used as long a user save the own configuration or
not migrated from /etc/bacula which is readable for the user?
3. What could be the problem that bacula-tray-monitor is not running well?
…
Cheers,
Pierre
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
