> "Simone Caronni" <negativ...@gmail.com> kirjoitti > viestissä:camougsbhtyyjfyti5f67ut7wpvub-wzdr3g3znxaajxzmqk...@mail.gmail.com... > On 25 February 2013 09:14, Simone Caronni <negativ...@gmail.com> wrote: > > Restore /etc/bacula to the default permissions + bacula group: > > chown -R root:root /etc/bacula > chgrp bacula /etc/bacula \ > /etc/bacula/bacula-dir.conf > /etc/bacula/query.sql > > > Well, this should be better; same result but a bit more restrictive. > Fixes also the console permissions to be more restrictive while preventing > the bacula daemon to poke with other files in case of being compromised: > > > chown -R root:root /etc/bacula > chmod 755 /etc/bacula > chmod 640 /etc/bacula/* > chgrp bacula /etc/bacula/bacula-dir.conf /etc/bacula/query.sql > > Please let me know.
I need to admit I couldn't right now follow why this solved it. But yes, it did solve the problem :-) After a quick test, at least the catalog backup now runs ok with proper uid:gid as follows: root 2096 1 0 Feb22 ? 00:00:14 bacula-fd -c /etc/bacula/bacula-fd.conf -u root -g root bacula 37775 1 0 11:47 ? 00:00:01 bacula-sd -c /etc/bacula/bacula-sd.conf -u bacula -g tape bacula 37879 1 0 11:50 ? 00:00:00 bacula-dir -c /etc/bacula/bacula-dir.conf -u bacula -g bacula About the tape changer problem I mentioned... I'm using a slighltly modified version of mtx-changer script, which used to be -rwxr-xr-- and worked. I changed it to world-executable (-rwxr-xr-x) like the original bacula-supplied one is, now it also works. But I agree with you, something that caused this propably has changed in the code. Thanks, Timo ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
