On Sat, 19 Aug 2006, Jo Rhett wrote:
> In a previous message, Kern said:
> Maybe I am misunderstanding the request, because Bacula has since quite some
> time had very fine grain control of Client access. There is perhaps some
> need for improvement of where the user can restore the files so that he/she
> is not able to clobber other users files, but other than that, as far as I
> know it all works fine. Restricted Consoles and Bacula Director Access
> control lists ...
>
> So I did some testing using the examples from the documentation
> and came up with this test of my personal machine:
>
> Console {
> Name = triceratops.lizardarts.com-console
> Password = "*removed*"
> JobACL = "triceratops.lizardarts.com"
> ClientACL = triceratops.lizardarts.com-fd
> StorageACL = Disk_clients
> ScheduleACL = *all*
> PoolACL = clients_Pool
> FileSetACL = *all*
> CatalogACL = clientsCatalog
> CommandACL = restore
> }
>
> This works fine on the surface. I can connect only if the
> passwords are right. I can only run the commands that are listed
> in the command acl. If I use the "run" command it immediately goes
> directly to my one and only backup job. Good so far.
>
> But when I try to run a restore, I see the following. Note that
> none of these jobs are even in the same catalog as this client:
Have you tried setting the FileSetACL to only the FileSet for that
particular client, instead of *all*?
I set the FileSetACL to only the FileSet for that particular client,
and that is the only one visible from the restricted client.
-- Michael
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
