Thanks Dimitri!!!
How about the client's bacula-fd.conf?
can you cut/paste some info?
as well, how do you run the script to create ssh tunnel?
Is backup job running it or you do it manually?
Here is my client's bacula-fd.conf:
FileDaemon { # this is me
Name = XXX-fd
FDAddress = 127.0.0.1
FDport = 9102 # where we listen for the director
WorkingDirectory = /var/spool/bacula
Pid Directory = /var/run
Maximum Concurrent Jobs = 20
}
and here is my clients.conf on the bacula server
# XXX SSH Tunnel test
Client {
Name = XXX-fd # file daemon
Address = 127.0.0.1 # Local Host for SSH Tunnel
FDPort = 9112
Catalog = MyCatalog
Password = "XXXXXXXXXXXXXXXX" # password for Remote FileDaemon on pbid
File Retention = 30 days # 30 days
Job Retention = 16 months # 16 months
AutoPrune = yes # Prune expired Jobs/Files
}
Job {
Name = "XXX"
JobDefs = "DefaultJob"
Client = XXX-fd
Pool = RemoteFile
FileSet= "XXX"
ClientRunBeforeJob = "/etc/bacula/scripts/sshbacula.sh"
}
and here is the script I am calling from "bacula"
USER=bacula
HOME=$(grep "^$USER:" /etc/passwd | cut -d : -f 6)
CLIENT=${1:-XXX}
LOCAL=$(hostname -f)
SSH=/usr/bin/ssh
echo "Starting SSH-tunnel to $CLIENT..."
$SSH -fC2 -R 9101:$LOCAL:9101 -R 9103:$LOCAL:9103 -L 9112:localhost:9102
$CLIENT
sleep 60 >/dev/null 2>/dev/null
# give ssh a little time to establish the connection.
sleep 10
Oh shit, I just realised I am call the script on client!!!
ClientRunBeforeJob = "/etc/bacula/scripts/sshbacula.sh"
what's the syntax to run script on the server please?
Thanks, take care
Jan Stefanovic
IT Systems Administrator
p | (604) 299-0458 x268
e | jstefano...@tantalus.com
u | www.tantalus.com
CONFIDENTIALITY NOTICE. This documentation, including any attachments,
transmitted by electronic mail is intended for the use of the individual to
whom or the entity to which it is addressed, and may contain information which
is proprietary, confidential, privileged and/or protected from disclosure by
applicable laws. Confidentiality and privilege are not lost by this
documentation having been sent to the wrong electronic mail address. If you are
not the intended recipient (or the person responsible for delivering thereto)
please immediately notify the sender and destroy this documentation and all
copies (in any form and media); and note that any distribution, reproduction or
other use of this documentation is strictly prohibited and may violate public
and intellectual property laws. Thank you.
-----Original Message-----
From: Dimitri Maziuk [mailto:dmaz...@bmrb.wisc.edu]
Sent: Thursday, February 23, 2017 10:14 AM
To: bacula-users@lists.sourceforge.net
Subject: Re: [Bacula-users] Bacula ssh tunnel - not working
On 02/23/2017 11:37 AM, Jan Stefanovic wrote:
> When I run the script manually, I can see the ssh tunnel is up between
> bacula sever and bacula client but backup never works as bacula can’t find
> client-fd.
What are you trying to do exactly? E.g.
server# ssh -L 1234:client:9102 u...@firewall.my.domain
Now the server should have in bacula-dir.conf
Client {
Name = client-fd
Address = 127.0.0.1
FDPort = 1234
...
-- off the top of my head that should be all you need for a client behind a
firewall.
--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
