Because tcp_wrappers is not configured for bacula by default. Your hosts.allow
file is not configured properly. As this is not a linux list, please read up
on tcp_wrappers, there is a lot of information available. I would only use
tcp_wrappers in a layered approach to security and only after using a firewall
as my primary defense.
It would be more appropriate to use iptables to control access to the bacula
ports. Here are a couple of examples. If you want tighter controls on your
backup server and/or storage daemon server, research iptables configurations
and test. Perhaps someone on the list will contribute some of their examples
of tighter firewall controls.
On the server and wide open:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9101:9103 -j ACCEPT
On the client and only to the specific server replacing x.x.x.x with your
bacula server’s ip address:
-A INPUT -s x.x.x.x -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp
--dport 9102 -j ACCEPT
Patti
From: Norbert Gomes
<norbert.go...@univ-orleans.fr<mailto:norbert.go...@univ-orleans.fr>>
Date: Thursday, April 14, 2016 at 5:36 AM
To:
"bacula-users@lists.sourceforge.net<mailto:bacula-users@lists.sourceforge.net>"
<bacula-users@lists.sourceforge.net<mailto:bacula-users@lists.sourceforge.net>>
Subject: Re: [Bacula-users] build RPM for FD 5.2 in CentOS 6
My problem seems to be with TCP wrappers, but I don't understand why :
Like this, it doesn't work :
hosts.deny :
ALL: ALL
hosts.allow :
9102: ALL
bacula-fd: ALL
But if I comment the hosts.deny file (or put ALL: ALL in the hosts.allow file),
it works.
I don't see where I made a mistake ?
My process running is :
root 1142 1 0 11:02 ? 00:00:00 bacula-fd -c
/etc/bacula/bacula-fd.conf -u root -g root
Norbert
Le 14/04/2016 09:58, Norbert Gomes a écrit :
Hi
Thank you for the repositories, it works on a test machine (fresh CentOS 6.2),
but not in the production one : in this last, the DIR can't contact the FD (
iptables and TCP wrappers seem to be OK)
Maybe I missed something elsewhere.
I'll give a look
Regards
Norbert
Le 13/04/2016 12:47, Simone Caronni a écrit :
Hi Norbert,
I'm the Bacula mantainer for Fedora. can you use the rebuild I do of current
packages for RHEL/CentOS and Fedora? You can upgrade directly from CentOS/RHEL
packages straight to them.
They have all features enabled. Please read the included README file in
bacula-common.
Bacula 5.2: https://repos.fedorapeople.org/slaanesh/bacula/
Bacula 7.0: https://repos.fedorapeople.org/slaanesh/bacula7/
Bacula 7.4: http://copr.fedorainfracloud.org/coprs/slaanesh/Bacula/
If you look on Google there's some history behind the packages.
Please note that only the 7.4 branch is supported.
Regards,
--Simone
On Wed, Apr 13, 2016 at 12:28 PM, Norbert Gomes
<norbert.go...@univ-orleans.fr<mailto:norbert.go...@univ-orleans.fr>> wrote:
Hi
I have to build a rpm for the bacula-fd 5.2 in Cent OS 6, and follow
this page :
http://www.bacula.org/5.2.x-manuals/en/utility/utility/Bacula_RPM_Packaging_FAQ.html
I downloaded and extracted the bacula-5.2.13.tar.gz file, then :
Looked at the bacula.spec.in<http://bacula.spec.in> file in
"platforms/rpms/redhat/bacula.spec.in<http://bacula.spec.in>"
Tried to build with this command :
rpmbuild -ba --define "build_centos6 1" --define "build_client_only 1"
platforms/rpms/redhat/bacula.spec.in<http://bacula.spec.in>
But if fails with
error: line 457: empty tag: Distribution:
The line in the spec file is :
Distribution: %{_dist}
I think that the _dist variable is empty because in the precedent lines,
the centos6 condition is missing :
%if %{centos5} || %{centos4} || %{centos3}
%define _dist %(grep CentOS /etc/redhat-release)
%endif
If I add a centos6 condition, the same error message appears.
Anyone has an idea, or is there another way to build a RPM file ?
Regards
Norbert
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net<mailto:Bacula-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/bacula-users
--
You cannot discover new oceans unless you have the courage to lose sight of the
shore (R. W. Emerson).
http://xkcd.com/229/
http://negativo17.org/
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net<mailto:Bacula-users@lists.sourceforge.net>https://lists.sourceforge.net/lists/listinfo/bacula-users
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
