On Sunday 15 January 2006 04:31, James P. Kinney III wrote:
> On Sat, 2006-01-14 at 18:07 -0500, Dan Langille wrote:
> > On 14 Jan 2006 at 18:00, James P. Kinney III wrote:
> > > On Sat, 2006-01-14 at 19:20 +0100, Kern Sibbald wrote:
> > > > On Saturday 14 January 2006 18:14, James P. Kinney III wrote:
> > > > > On Sat, 2006-01-14 at 15:31 +0100, Kern Sibbald wrote:
> > > > > > > So it looks like the mtx-changer is not being touched.
> > > > > >
> > > > > > More likely, there is a problem with paths (i.e. Bacula is using
> > > > > > a different path from the one you are using), or a problem of
> > > > > > permissions ...
> > > > >
> > > > > Hmm. There is only one copy of mtx-changer and one copy of mtx. The
> > > > > bacula-sd.conf points to the correct (and only) version. I have
> > > > > tried perms of 755 on mtx-changer and mtx. I even set mtx to suid
> > > > > root.
> > > >
> > > > Yes, those permissions seem OK, but your SD is probably running as
> > > > user bacula rather than root and that is likely to create problems.
> > >
> > > BINGO!! I now have slots.
> > >
> > > I'll look at editing the src.rpm so the bacula-sd gets setup to run as
> > > root in the init.d file.
> >
> > I suggest another option.
> >
> > Find out what permissions exist on the changer/tape drive and adjust
> > bacula to suit that. I advise against running as root if you have
> > other options.
> >
> > For example, on FreeBSD, we do this:
> >
> > $ grep bacula /etc/group
> > operator:*:5:root,bacula
> >
> > Why? Because of this:
> >
> > $ ls -l /dev/sa0
> > crw-rw---- 4 root operator 14, 0 Mar 13 2005 /dev/sa0
> >
> > The operater has access to the tape drive.
> >
> > I *seem* to recall I might have had to do a chmod g+w on that device.
>
> With the Fedora Linux world, the tape devices are owned by root with
> group disk. The default settings for the device are ug+rw. The system
> this is on is not running SELinux so the perm are quite a bit looser
> than they could be. bacula is a member of the disk group. The default
> install from a compiled src.rpm had the user and group as bacula. But
> the bacula user has no write privs on /dev/sg* as it's all owned by
> root.
>
> I guess I need to poke around in /etc/udev/* and come up with some
> better rules than owned by root. That's where it would need to be
> changed so the perm will survive a reboot. Hmm. Now that I think about
> it, the change needs to happen in the bacula-sd init script. That where
> the device name and ownership can be found and set since the start up is
> run by root. So the plan for now is to use the init script to parse the
> bacula-sd.conf file, extract the devices to be used and chown them to
> user bacula. On shutdown, they will need to be changed back to the
> original settings. I'll look at dumping that data in /var/bacula.
I think you can do things much more simply by using groups and possibly
tweaking udev, then you won't need to change things back and forth.
Personally, I took a big hammer to my udev for both the tape drive and the
control channel. I created a
/etc/udev/rules.d/40-kerns.rules that contains:
# Devices used by Kern
KERNEL="hiddev*", NAME="usb/hiddev%n"
KERNEL=="ttyS*", OWNER="kern",GROUP="uucp", MODE="0660"
KERNEL=="st*", OWNER="kern",GROUP="disk", MODE="0640"
KERNEL=="sg*", OWNER="kern",GROUP="disk", MODE="0640"
KERNEL=="nst*", OWNER="kern",GROUP="disk", MODE="0640"
I imagine from that you should be able to figure out how to ensure the devices
are created with the permissions you want ...
--
Best regards,
Kern
(">
/\
V_V
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
