Hello,
2015-12-17 19:33 GMT+01:00 Gilberto Nunes :
> 17-Dec 16:30 storage-global-sd: ERROR in bget_msg.c:95 bget_msg: unknown
> signal -1827994119
> 17-Dec 16:30 storage-global-sd JobId 1003: Fatal error: bsock.c:570 Packet
> size=2102457799 too big from "client:172.16.254.5:9103. Terminating
> c
Hello
I change bacula to other server, and works perfectly!
Thank you!
2015-12-18 7:52 GMT-02:00 Radosław Korzeniewski :
> Hello,
>
> 2015-12-17 19:33 GMT+01:00 Gilberto Nunes :
>
>> 17-Dec 16:30 storage-global-sd: ERROR in bget_msg.c:95 bget_msg: unknown
>> signal -1827994119
>> 17-Dec 16:30 s
Hello,
our current understanding of the bacula security model is, that it is
not possible to disable the anonymous aka default console.
This leads to the fact that all users having root access to one of the
clients does have access to all data that was backed up
by bacula.
In a network with hundre
Many Windows machines do not support
(i.e. get errors) network buffer sizes greater than 32K. This is
likely the case for you. The manual probably explains this a bit
more. The problem can be resolved (if it is this particular
problem) by getting a better netw
tl;dr: RTFM
Bacula Enterprise has full restricted-user controls, if desired.
ie: User X can only access a subset of backups, user Y can only access a
different subset.
That's also there in community version 7.2 - see section 20.4 of the
main reference manual.
HOWEVER: In a network with "hundr
Hello Alan,
I am pretty much aware of the console resource, it is not used for the
anonymous console which provides administrative privileges. Therefore
you cant limit access to any data
with this as long as you are not able to turn off the anonymous console.
Cheers,
Heri
Am 18.12.15 um 15
On 12/18/2015 08:36 AM, H. Steuer wrote:
> Hello,
>
> our current understanding of the bacula security model is, that it is not
> possible to disable the anonymous aka default console.
> This leads to the fact that all users having root access to one of the clients
> does have access to all data t
Hello Bill,
you are right, but there is a serious side effect. Heres a statement
from the Bacula docs:
The first console type is an anonymous or default console, which
has full privileges. There is no console resource necessary for
this type since the password is specified in
On 12/18/15 11:34, H. Steuer wrote:
>
> Hello Bill,
>
> you are right, but there is a serious side effect. Heres a statement
> from the Bacula docs:
>
>
> The first console type is an anonymous or default console, which
> has full privileges. There is no console resource necessary f
Hello,
If you have hundreds of users with root access and they can access
the Bacula Director machine as root, you have a far bigger
security problem than just Bacula, since they can do anything to
your machines and the Bacula Director machine, and there is
On 12/18/15 11:56, Kern Sibbald wrote:
> Hello,
>
> If you have hundreds of users with root access and they can access the
> Bacula Director machine as root, you have a far bigger security problem
> than just Bacula, since they can do anything to your machines and the
> Bacula Director machine, an
Hello Kern,
thanks for your comment. Probably I did not understand the security
model of Bacula so far. Furthermore, you misread my
post. The point is not anybody having root access to the Bacula server -
thats absolutely not the case. And there are just very few users with
root access on servers.
On 18.12.2015 18:01, Phil Stracchino wrote:
> On 12/18/15 11:56, Kern Sibbald wrote:
>> Hello,
>>
>> If you have hundreds of users with root access and they can access the
>> Bacula Director machine as root, you have a far bigger security problem
>> than just Bacula, since they can do anything to y
On 18/12/15 18:01, H. Steuer wrote:
>
> In fact the whole discussion breaks down to a very simple question:
> /
> //Is the director password thats stored in the file daemon
> configuration on a client machine the same password that gains me
> administrative access to the director using bconsole./
>
On 12/18/2015 06:46 PM, H. Steuer
wrote:
Hello Kern,
thanks for your comment. Probably I did not understand the
security model of Bacula so far. Furthermore, you misread my
post. The point is not anybody having root access to
> On 12/18/2015 06:46 PM, H. Steuer wrote:
>> Hello Kern,
>> thanks for your comment. Probably I did not understand the security model of
>> Bacula so far. Furthermore, you misread my
>> post. The point is not anybody having root access to the Bacula server -
>> thats
>> absolutely not the case.
Hello Heri,
Maybe the misunderstanding here is because in bacula-fd.conf the client's
password used for communicating with director is in a director resource.
All the daemons (clients and storages daemons) have their own passwords for
communicating with director, not for communicating with bconsol
17 matches
Mail list logo
