There are two possible issues here. One is a packaging issue. If you package Bacula to run as non-root, which can be done for both the Director and the Storage daemon, then the packager must ensure that any new userid or group is created when installing the package. For example, often the Director runs as bacula:bacula, and the SD as bacula:disk.
The second issue here is Bacula itself. It must be started as root, then drops to the user/group specified on the command line. Due to the excessively complex Unix API for dropping to a different group, the code in version 1.38.11 did not get it completely correct. This is fixed in 1.39.x. The result is that it is often easier to run the Storage daemon in group root otherwise you can run into permission problems attempting to access tape devices. In any case, if Bacula needs access to certificate files, then you *must* either run the appropriate component as root or modify the permissions on the certificate directories and files so that Bacula can access them. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
