4 \section*{Console Configuration}
5 \label{_ChapterStart36}
6 \index[general]{Configuration!Console}
7 \index[general]{Console Configuration}
8 \addcontentsline{toc}{section}{Console Configuration}
11 \index[general]{General}
12 \addcontentsline{toc}{subsection}{General}
14 The Console configuration file is the simplest of all the configuration files,
15 and in general, you should not need to change it except for the password. It
16 simply contains the information necessary to contact the Director or
19 For a general discussion of configuration file and resources including the
20 data types recognized by {\bf Bacula}, please see the
21 \ilink{Configuration}{_ChapterStart16} chapter of this manual.
23 The following Console Resource definition must be defined:
25 \subsection*{The Director Resource}
26 \label{DirectorResource3}
27 \index[general]{Director Resource}
28 \index[general]{Resource!Director}
29 \addcontentsline{toc}{subsection}{Director Resource}
31 The Director resource defines the attributes of the Director running on the
32 network. You may have multiple Director resource specifications in a single
33 Console configuration file. If you have more than one, you will be prompted to
34 choose one when you start the {\bf Console} program.
39 \index[console]{Director}
40 Start of the Director directives.
42 \item [Name = \lt{}name\gt{}]
44 The director name used to select among different Directors, otherwise, this
47 \item [DIRPort = \lt{}port-number\gt{}]
49 Specify the port to use to connect to the Director. This value will most
50 likely already be set to the value you specified on the {\bf
51 \verb:--:with-base-port} option of the {\bf ./configure} command. This port must be
52 identical to the {\bf DIRport} specified in the {\bf Director} resource of
53 the \ilink{Director's configuration}{_ChapterStart40} file. The
54 default is 9101 so this directive is not normally specified.
56 \item [Address = \lt{}address\gt{}]
58 Where the address is a host name, a fully qualified domain name, or a network
59 address used to connect to the Director.
61 \item [Password = \lt{}password\gt{}]
63 Where the password is the password needed for the Director to accept the
64 Console connection. This password must be identical to the {\bf Password}
65 specified in the {\bf Director} resource of the
66 \ilink{Director's configuration}{_ChapterStart40} file. This
67 directive is required.
70 An actual example might be:
76 address = rufus.cats.com
77 password = xyz1erploit
82 \subsection*{The ConsoleFont Resource}
83 \index[general]{Resource!ConsoleFont}
84 \index[general]{ConsoleFont Resource}
85 \addcontentsline{toc}{subsection}{ConsoleFont Resource}
87 The ConsoleFont resource is available only in the GNOME version of the
88 console. It permits you to define the font that you want used to display in
89 the main listing window.
94 \index[console]{ConsoleFont}
95 Start of the ConsoleFont directives.
97 \item [Name = \lt{}name\gt{}]
101 \item [Font = \lt{}Pango Font Name\gt{}]
102 \index[console]{Font}
103 The string value given here defines the desired font. It is specified in the
104 Pango format. For example, the default specification is:
108 Font = "LucidaTypewriter 9"
114 Thanks to Phil Stracchino for providing the code for this feature.
116 An different example might be:
122 Font = "Monospace 10"
127 \subsection*{The Console Resource}
128 \label{ConsoleResource}
129 \index[general]{Console Resource}
130 \index[general]{Resource!Console}
131 \addcontentsline{toc}{subsection}{Console Resource}
133 As of Bacula version 1.33 and higher, there are three different kinds of
134 consoles, which the administrator or user can use to interact with the
135 Director. These three kinds of consoles comprise three different security
139 \item The first console type is an {\bf anonymous} or {\bf default} console,
140 which has full privileges. There is no console resource necessary for this
141 type since the password is specified in the Director resource. This is the
142 kind of console that was initially implemented in versions prior to 1.33 and
143 remains valid. Typically you would use it only for administrators.
144 \item The second type of console, and new to version 1.33 and higher is a
145 "named" console defined within a Console resource in both the Director's
146 configuration file and in the Console's configuration file. Both the names
147 and the passwords in these two entries must match much as is the case for
150 This second type of console begins with absolutely no privileges except those
151 explicitly specified in the Director's Console resource. Thus you can have
152 multiple Consoles with different names and passwords, sort of like multiple
153 users, each with different privileges. As a default, these consoles can do
154 absolutely nothing -- no commands what so ever. You give them privileges or
155 rather access to commands and resources by specifying access control lists in
156 the Director's Console resource. Note, if you are specifying such a console,
157 you will want to put a null password in the Director resource.
158 \item The third type of console is similar to the above mentioned one in that
159 it requires a Console resource definition in both the Director and the
160 Console. In addition, if the console name, provided on the {\bf Name =}
161 directive, is the same as a Client name, the user of that console is
162 permitted to use the {\bf SetIP} command to change the Address directive in
163 the Director's client resource to the IP address of the Console. This permits
164 portables or other machines using DHCP (non-fixed IP addresses) to
165 "notify" the Director of their current IP address.
168 The Console resource is optional and need not be specified. However, if it is
169 specified, you can use ACLs (Access Control Lists) in the Director's
170 configuration file to restrict the particular console (or user) to see only
171 information pertaining to his jobs or client machine.
173 The following configuration files were supplied by Phil Stracchino. For
174 example, if we define the following in the user's bconsole.conf file (or
175 perhaps the wx-console.conf file):
183 Password = "XXXXXXXXXXX" # no, really. this is not obfuscation.
187 Name = restricted-user
188 Password = "UntrustedUser"
193 Where the Password in the Director section is deliberately incorrect, and the
194 Console resource is given a name, in this case {\bf restricted-client}. Then
195 in the Director's bacula-dir.conf file (not directly accessible by the user),
201 Name = restricted-user
202 Password = "UntrustedUser"
203 JobACL = "Restricted Client Save"
204 ClientACL = restricted-client
205 StorageACL = main-storage
208 FileSetACL = "Restricted Client's FileSet"
209 CatalogACL = DefaultCatalog
215 the user logging into the Director from his Console will get logged in as {\bf
216 restricted-client}, and he will only be able to see or access a Job with the
217 name {\bf Restricted Client Save} a Client with the name {\bf
218 restricted-client}, a Storage device {\bf main-storage}, any Schedule or Pool,
219 a FileSet named {\bf Restricted Client's File}, a Catalog named {\bf
220 DefaultCatalog}, and the only command he can use in the Console is the {\bf
221 run} command. In other words, this user is rather limited in what he can see
224 \subsection*{Console Commands}
225 \index[general]{Console Commands}
226 \index[general]{Commands!Console}
227 \addcontentsline{toc}{subsection}{Console Commands}
229 For more details on running the console and its commands, please see the
230 \ilink{Bacula Console}{_ConsoleChapter} chapter of this manual.
232 \subsection*{Sample Console Configuration File}
233 \label{SampleConfiguration2}
234 \index[general]{File!Sample Console Configuration}
235 \index[general]{Sample Console Configuration File}
236 \addcontentsline{toc}{subsection}{Sample Console Configuration File}
238 An example Console configuration file might be the following:
243 # Bacula Console Configuration File
247 address = "my_machine.my_domain.com"
248 Password = Console_password