Dear all, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446809 http://bugs.bacula.org/view.php?id=990
I found a clean and secure way to pass the mysql password for the bacula database from make_catalog_backup to the mysql command line client. The trick is to use the command line option "--defaults-file" as the first argument on the command line. For example, create a file /etc/bacula/bacula-mysql-passwd as part of the bacula installation/setup, owned by root:root with mode 600 (like /etc/shadow). That file contains: [client] password=THEPASSWORDHERE Then modify make_catalog_backup to pass to mysql the arguments e.g. mysqldump --defaults-file=/etc/bacula/bacula-mysql-passwd -u bacula ... There is then no need for the password to be exposed in a command line or environment variable. Perhaps this should be adopted as a simple fix for that bug? With best wishes, Chris Rodgers. ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
