On Wednesday 24 September 2008 11:13:20 Ante Karamatić wrote: > I'll mark this bug as 'medium' at the moment. But this should be > resolved as soon as possible. > > Kern, of course, any code would be welcome. It's clear that we should > generate password on postinstall of package, not during compile-time. > > ** Changed in: bacula (Ubuntu) > Importance: Undecided => Medium > Status: New => Confirmed
I am not (yet) a Debian packaging expert, so I asked the Bacula .deb guy (Eric), and this is his response. Sorry for emailer wrapping, but you can probably figure it out. On Wednesday 24 September 2008 16:18:58 you wrote: > Hello Eric, > > Do you have some .deb magic I could send off to the Ubuntu Bacula > maintainers so that they can generate random passwords when installing > Bacula? I use the bacula-common configuration script (debian/bacula-common.config) to compute and store random password for all bacula packages. (my template file is ok too) if ! db_get bacula/director_passwd; then db_set bacula/director_passwd $(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c33) db_set bacula/director_mpasswd $(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c33) db_set bacula/fd_passwd $(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c33) db_set bacula/fd_mpasswd $(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c33) db_set bacula/sd_passwd $(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c33) db_set bacula/sd_mpasswd $(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c33) fi After that, i use special strings to replace password in configuration file (like for RPM) ./configure ... --with-dir-password="XXX_REPLACE_WITH_DIRECTOR_PASSWORD_XXX" \ --with-fd-password="XXX_REPLACE_WITH_CLIENT_PASSWORD_XXX" \ --with-sd-password="XXX_REPLACE_WITH_STORAGE_PASSWORD_XXX" \ --with-mon-dir-password="XXX_REPLACE_WITH_DIRECTOR_MONITOR_PASSWORD_XXX" \ --with-mon-fd-password="XXX_REPLACE_WITH_CLIENT_MONITOR_PASSWORD_XXX" \ --with-mon-sd-password="XXX_REPLACE_WITH_STORAGE_MONITOR_PASSWORD_XXX" \ At the end, i just have to replace XXX_...XXX strings by what we have computed in each package.postinst script. db_get bacula/director_mpasswd db_dir_mpass="$RET" db_get bacula/fd_mpasswd db_fd_mpass="$RET" db_get bacula/sd_mpasswd db_sd_mpass="$RET" db_stop sed \ -e "s%XXX_REPLACE_WITH_DIRECTOR_MONITOR_PASSWORD_XXX%$db_dir_mpass%" \ -e "s%XXX_REPLACE_WITH_STORAGE_MONITOR_PASSWORD_XXX%$db_sd_mpass%" \ -e "s%XXX_REPLACE_WITH_CLIENT_MONITOR_PASSWORD_XXX%$db_fd_mpass%" \ < $SRCDIR/$CONFIG > $TARGET At the end, if you configure FD/SD/DIR/Console on the same box, all your passwords will be ok. They have also to remove the XXAddress = 127.0.0.1 from all configuration file. -- password in bacula-fd.conf is not auto-generated https://bugs.launchpad.net/bugs/222558 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bacula in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs