Hello Kostis,
When you say "If we restart bacula-dir service, everything is ok again",
you mean that bacula-dir service is running and you successfully enter
bconsole with SSL/TLS configured?
Best regards,
Ana
On Tue, Dec 22, 2015 at 10:05 AM, Kostis Fardelas <dante1...@gmail.com>
wrote:
> Hello,
> we are on Linux Debian Wheezy and we use version bacula-director-mysql
> 5.2.6+dfsg-9. We experience a faulty communication between bconsole
> and director daemon after reloading bacula-dir. Specifically, when
> everything is ok and without TLS configuration we get the following:
> {code}
> *root@bacula-dir:/etc/bacula# bconsole -d99
> Connecting to Director bacula-dir.grnet.gr:9101
> bconsole: cram-md5.c:150-0 sending resp to challenge:
> 6U/xF//Cb5/Sb3NNt+/WlD
> bconsole: cram-md5.c:79-0 send: auth cram-md5
> <XXXXXXXXXX.XXXXXXXXXX@bconsole> ssl=0
> bconsole: cram-md5.c:98-0 Authenticate OK Dx/1Z/smv++eoEEV3SNtPC
> bconsole: authenticate.c:150-0 >dird: 1000 OK auth
> bconsole: authenticate.c:157-0 <dird: 1000 OK: bacula-dir.grnet.gr-dir
> Version: 5.2.6 (21 February 2012)
> 1000 OK: bacula-dir.grnet.gr-dir Version: 5.2.6 (21 February 2012)
> bconsole: console.c:1208-0 Opened connection with Director daemon
> Enter a period to cancel a command.
> {code}
>
> And when we configure TLS, we get:
> {code}
> root@bacula-dir:/etc/bacula# bconsole -d99
> Connecting to Director bacula-dir.grnet.gr:9101
> bconsole: cram-md5.c:150-0 sending resp to challenge:
> yj+jL6+6p0ly72I4+4+aRC
> bconsole: cram-md5.c:79-0 send: auth cram-md5
> <XXXXXXXXXX.XXXXXXXXXX@bconsole> ssl=2
> bconsole: cram-md5.c:98-0 Authenticate OK w//u1W/imgpOn9+f8++PXB
> bconsole: bnet.c:347-0 TLS client negotiation established.
> bconsole: authenticate.c:150-0 >dird: 1000 OK auth
> bconsole: authenticate.c:157-0 <dird: 1000 OK: bacula-dir.grnet.gr-dir
> Version: 5.2.6 (21 February 2012)
> 1000 OK: bacula-dir.grnet.gr-dir Version: 5.2.6 (21 February 2012)
> bconsole: console.c:1208-0 Opened connection with Director daemon
> Enter a period to cancel a command.
> {code}
>
> But, after reloading bacula-dir, we get the following (with or without
> TLS configured):
> {code}
> root@bacula-dir:/etc/bacula# bconsole -d99
> Connecting to Director bacula-dir.grnet.gr:9101
> bconsole: cram-md5.c:150-0 sending resp to challenge:
> lDtDW8Q4t8pCCz+1PkFsrC
> bconsole: cram-md5.c:152-0 Receive chanllenge response failed. ERR=No
> data available
> Director authorization problem.
> Most likely the passwords do not agree.
> If you are using TLS, there may have been a certificate validation
> error during the TLS handshake.
> Please see
> http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION003760000000000000000
> for help.
> {code}
>
> What we also notice after reloading bacula-dir, is that there is no
> daemon listening to port 9101.
> The same happens if we reload from inside a bconsole. The next
> bconsole we try to connect, fails.
>
> If we restart bacula-dir service, everything is ok again.
>
> Regards,
> Kostis Fardelas
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Bacula-users mailing list
> Bacula-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bacula-users
>
------------------------------------------------------------------------------
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
