> If you installed from rpms, we initially had a few problems getting > all the permissions right to run the SD properly. I believe that it > is all straightened out now. > I've always installed from rpms, sometimes I've used downloaded binary rpms, sometimes (like when upgrading to 1.38.10-3 today) I've built them by myself from source rpm. But installs from rpms anyway.
> There should be a user:group bacula:bacula > So there is. > Basically, the SD should run as bacula:disk (user:group) > Partial copy-paste from ps's output: /usr/sbin/bacula-sd -u bacula -g disk -c /etc/bacula/bacula-sd.conf Correct, I guess? Actually, I think I was somehow messing around while SD's tape drive access was debugged a few months ago. It may even have been me who was somehow guilty for the idea of running SD as group disk, I think the original (non-working) way was something else(*. Anyway, the SD can now access the tape drive /dev/nst0: crw-rw---- 1 root disk 9 So this was another issue, not the one of today's. *) My newer (FC5) system has only user root in group disk, the older FC4 has also user bacula in group disk (in addition to group bacula). This obviously remains from those old days. But both the systems behave in the same way, so this shouldn't be a problem now. Right now I'm in the middle of problem "tapes don't get labeled" so I leave removing bacula from group disk to a little bit later time. And I'm afraid I'll need to open another thread tomorrow about this labeling issue... > /var/bacula should be root:bacula > It is. > and the user bacula should be in group bacula. > It is. > With that, I think everyone has the correct permissions. I am not very good > at all this user:group stuff, so if anyone has other ideas, please say so. > I have the idea I don't believe in the correctness yet. At least a process running as bacula:disk (SD, mtx-changer) can't write into /var/bacula. The difference is, tape drive is root:disk, the directory is root:bacula. And the process is bacula:disk, it can access the tape but not the directory... - user bacula != user root (who owns the directory) - group disk != group bacula (who has group ownership of the directory) For the idea of fixing this... My first guess: how about changing the directory owner from root to bacula? That is, to bacula:bacula Is there spesific need it must be owned by root? There must be a lot of users running autochangers. How they do this? Run SD as root? Have changed the temporary file to /tmp directory maybe? The latter would solve the mtx-changer problem, but it still wouldn't allow writing /var/bacula/bacula-sd.9103.state This file obviously isn't very important, since at least I've done several succesful backups and restores without this file being updated properly. -- TiN Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
