developers.pdf
bacula.html
bacula.pdf
+dev-bacula.pdf
bacula
*.aux
*.png
@cp -fp ${IMAGES}/hires/*.eps .
dvipdfm -p a4 bacula.dvi
# Rename for loading on Web site
- mv bacula.pdf dev-bacula.pdf
+ @cp -f bacula.pdf dev-bacula.pdf
@rm -f *.eps *.old
dvipdf:
@cp -fp ${IMAGES}/hires/*.eps .
dvipdf bacula.dvi bacula.pdf
# Rename for loading on Web site
- mv bacula.pdf dev-bacula.pdf
+ @cp -f bacula.pdf dev-bacula.pdf
@rm -f *.eps *.old
@rm -f next.eps next.png prev.eps prev.png up.eps up.png
latex2html -white -no_subdir -split 0 -toc_stars -white -notransparent \
-init_file latex2html-init.pl bacula >tex.out 2>&1
- @grep "unmatched" tex.out
- @echo "opening brace #41 ... is expected"
+# @grep -v "opening brace #41" tex.out >1
+# @mv -f 1 tex.out
+# @grep "unmatched" tex.out
@echo " "
./translate_images.pl --to_meaningful_names bacula.html
@rm -f *.eps *.gif *.jpg
+ @echo "Done making html"
devhtml:
@echo "Making developers html"
@echo "Making web"
@mkdir -p bacula
@cp -fp ${IMAGES}/*.eps *.txt ${IMAGES}/*.png bacula
+ @rm -f bacula/xp-*.png
@(if [ -e bacula/imagename_translations ] ; then \
./translate_images.pl --from_meaningful_names bacula/Bacula_Users_Guide.html; \
fi)
@rm -f bacula/next.eps bacula/next.png bacula/prev.eps bacula/prev.png bacula/up.eps bacula/up.png
latex2html -split 4 -local_icons -t "Bacula User's Guide" -long_titles 4 \
-toc_stars -contents_in_nav -init_file latex2html-init.pl -white -notransparent bacula >tex.out 2>&1
- @grep "unmatched" tex.out
- @echo "opening brace #41 ... is expected"
- @./translate_images.pl --to_meaningful_names bacula/Bacula_Users_Guide.html
- @cp -f bacula/Bacula_Freque_Asked_Questi.html bacula/faq.html
- @rm -f *.eps *.gif *.jpg bacula/*.eps *.old
- @rm -f bacula/xp-*.png
+# grep -v "opening brace #41" tex.out >1
+# mv -f 1 tex.out
+# grep "unmatched" tex.out
+ ./translate_images.pl --to_meaningful_names bacula/Bacula_Users_Guide.html
+ cp -f bacula/Bacula_Freque_Asked_Questi.html bacula/faq.html
+ @rm -f *.eps *.gif *.jpg bacula/*.eps *.old bacula/*.old
+ @echo "Done making web"
devweb:
@echo "Making developers web"
distclean: clean
- @rm -f bacula.html bacula.pdf developers.html developers.pdf
+ @rm -f bacula.html bacula.pdf dev-bacula.pdf developers.html developers.pdf
\addcontentsline{toc}{subsection}{Installing and Configuring MySQL -- Phase I}
If you use the ./configure \verb{--{with-mysql=mysql-directory statement for
-configuring {\bf Bacula}, you will need MySQL version 3.23.33 or later
-installed in the {\bf mysql-directory} (we are currently using 3.23.56). If
-MySQL is installed in the standard system location, you need only enter {\bf
-\verb{--{with-mysql} since the configure program will search all the standard
-locations. If you install MySQL in your home directory or some other
-non-standard directory, you will need to provide the full path to it.
+configuring {\bf Bacula}, you will need MySQL version 3.23.53 or later
+installed in the {\bf mysql-directory}.
+Bacula has been tested on MySQL version 4.1.12 and works fine.
+If MySQL is installed in the standard system location, you need only enter
+{\bf \verb{--{with-mysql} since the configure program will search all the
+standard locations. If you install MySQL in your home directory or some
+other non-standard directory, you will need to provide the full path to it.
Installing and Configuring MySQL is not difficult but can be confusing the
first time. As a consequence, below, we list the steps that we used to install
\item cd {\bf mysql-source-directory}
where you replace {\bf mysql-source-directory} with the directory name where
-you put the MySQL source code.
+ you put the MySQL source code.
\item ./configure \verb{--{enable-thread-safe-client \verb{--{prefix=mysql-directory
where you replace {\bf mysql-directory} with the directory name where you
-want to install mysql. Normally for system wide use this is /usr/local/mysql.
-In my case, I use \~{}kern/mysql.
+ want to install mysql. Normally for system wide use this is /usr/local/mysql.
+ In my case, I use \~{}kern/mysql.
\item make
\item make install
This will put all the necessary binaries, libraries and support files into
-the {\bf mysql-directory} that you specified above.
+ the {\bf mysql-directory} that you specified above.
\item ./scripts/mysql\_install\_db
complete the installation. Please note, the installation files used in the
second phase of the MySQL installation are created during the Bacula
Installation.
-\label{mysql_phase2}
+\label{mysql_phase2}
\subsection*{Installing and Configuring MySQL -- Phase II}
\index[general]{Installing and Configuring MySQL -- Phase II }
\index[general]{Phase II!Installing and Configuring MySQL -- }
\item ./grant\_mysql\_privileges
- This script creates unrestricted access rights for {\bf kern}, {\bf kelvin},
-and {\bf bacula}. You may want to modify it to suit your situation. Please
-note that none of these userids, including root, are password protected.
+ This script creates unrestricted access rights for the user {\bf bacula}.
+ You may want to modify it to suit your situation. Please
+ note that none of the userids, including root, are password protected.
+ If you need more security, please assign a password to the root user
+ and to bacula. The program {\bf mysqladmin} can be used for this.
\item ./create\_mysql\_database
Diffie-Hellman anonymous ciphers are not supported by this code. The
use of DH anonymous ciphers increases the code complexity and places
-explicit trust upon the two-way Cram-MD5 implementation. Cram-MD5 is
+explicit trust upon the two-way CRAM-MD5 implementation. CRAM-MD5 is
subject to known plaintext attacks, and it should be considered
considerably less secure than PKI certificate-based authentication.
Appropriate autoconf macros have been added to detect and use OpenSSL
if enabled on the {\bf ./configure} line with {\bf \verb?--?enable-openssl}
-
\subsection*{TLS Configuration Directives}
\addcontentsline{toc}{section}{TLS Configuration Directives}
Additional configuration directives have been added to all the daemons
\item [TLS Certificate = \lt{}Directory\gt{}]
Path to a PEM encoded TLS certificate. It can be used as either a client
-or server certificate.
+or server certificate. PEM stands for Privacy Enhanced Mail, but in
+this context refers to how the certificates are encoded. It is used
+because PEM files are base64 encoded and hence ASCII text based
+rather than binary. They may also contain encrypted information.
\item [TLS Key = \lt{}Directory\gt{}]
Path to a PEM encoded TLS private key. It must correspond to the TLS
\item [TLS Verify Peer = \lt{}yes|no\gt{}]
Verify peer certificate. Instructs server to request and verify the
client's x509 certificate. Any client certificate signed by a known-CA
-will be accepted unless the TLS Allowed CN configuration directive is used.
-Not valid in a client context.
+will be accepted unless the TLS Allowed CN configuration directive is used,
+in which case the client certificate must correspond to the Allowed
+Common Name specified. This directive is valid only for a server
+and not in a client context.
\item [TLS Allowed CN = \lt{}string list\gt{}]
Common name attribute of allowed peer certificates. If this directive is
This directive may be specified more than once. It is not valid in a client
context.
-\item [TLS CA Certificate File = \lt{}Directory\gt{}]
-Path to PEM encoded TLS CA certificate(s). Multiple certificates are
+\item [TLS CA Certificate File = \lt{}Filename\gt{}]
+The full path and filename specifying a
+PEM encoded TLS CA certificate(s). Multiple certificates are
permitted in the file. One of \emph{TLS CA Certificate File} or \emph{TLS
CA Certificate Dir} are required in a server context if \emph{TLS
Verify Peer} (see above) is also specified, and are always required in a client
context.
\item [TLS CA Certificate Dir = \lt{}Directory\gt{}]
-Path to TLS CA certificate directory. In the current implementation,
-certificates must be stored PEM encoded with OpenSSL-compatible hashes.
+Full path to TLS CA certificate directory. In the current implementation,
+certificates must be stored PEM encoded with OpenSSL-compatible hashes,
+which is the subject name's hash and an extension of {bf .0}.
One of \emph{TLS CA Certificate File} or \emph{TLS CA Certificate Dir} are
required in a server context if \emph{TLS Verify Peer} is also specified,
and are always required in a client context.
\item [TLS DH File = \lt{}Directory\gt{}]
Path to PEM encoded Diffie-Hellman parameter file. If this directive is
-specified, DH ephemeral keying will be enabled, allowing for forward
-secrecy of communications. This directive is only valid within a server
-context. To generate the parameter file, you may use openssl:
+specified, DH key exchange will be used for the ephemeral keying, allowing
+for forward secrecy of communications. DH key exchange adds an additional
+level of security because the key used for encryption/decryption by the
+server and the client is computed on each end and thus is never passed over
+the network if Diffie-Hellman key exchange is used. Even if DH key
+exchange is not used, the encryption/decryption key is always passed
+encrypted. This directive is only valid within a server context.
+
+To generate the parameter file, you
+may use openssl:
\begin{verbatim}
openssl dhparam -out dh1024.pem -5 1024
The Windows version of the Bacula File daemon has been tested on Win98, WinMe,
WinNT, and Win2000 systems. We have coded to support Win95, but no longer have
a system for testing. The Windows version of Bacula is a native Win32 port,
-but there are very few source code changes, which means that the Windows
+but there are very few source code changes to the Unix code, which means that the Windows
version is for the most part running code that has long proved stable on Unix
systems. When running, it is perfectly integrated with Windows and displays
its icon in the system icon tray, and provides a system tray menu to obtain
software, it should be very familiar to you.
If you have a previous version Cygwin of Bacula (1.32 or lower) installed, you
-should stop the service, uninstall it, and remove the directory possibly
+should stop the service, uninstall it, and remove the Bacula installation directory possibly
saving your bacula-fd.conf file for use with the new version you will install.
The new native version of Bacula has far fewer files than the old Cygwin
-version.
+version, so it is better to start with a clean directory.
Finally, proceed with the installation.
\begin{itemize}
+\item You must be logged in as Administrator to do a correct installation,
+ if not, please do so before continuing.
+
\item Simply double click on the {\bf winbacula-1.xx.0.exe} NSIS install
icon. The actual name of the icon will vary from one release version to
another.
\item If you proceed, you will be asked to select the components to be
installed. You may install the Bacula program (Bacula File Service) and or
the documentation. Both will be installed in sub-directories of the install
-location that you choose later. The components dialog looks like the
-following:
+ location that you choose later. The components dialog looks like the
+ following:
\addcontentsline{lof}{figure}{Win32 Component Selection Dialog}
\includegraphics{./win32-pkg.eps}
\item If you are installing for the first time, you will be asked if you want
to edit the bacula-fd.conf file, and if you respond with yes, it will be
opened in notepad.
-\
+
\item Then the installer will ask if you wish to install Bacula as a service. You
should always choose to do so:
\addcontentsline{lof}{figure}{Win32 Client Service Selection}
\includegraphics{./win32-service.eps}
-\
+
\item If everything goes well, you will receive the following confirmation:
\addcontentsline{lof}{figure}{Win32 Client Service Confirmation}
-\includegraphics{./win32-service-ok.eps}
+ \includegraphics{./win32-service-ok.eps}
-\
+
\item Then you will be asked if you wish to start the service. If you respond
with yes, any running Bacula will be shutdown and the new one started. You
may see a DOS box momentarily appear on the screen as the service is started.
-It should disappear in a second or two:
+ It should disappear in a second or two:
\addcontentsline{lof}{figure}{Win32 Client Start}
\includegraphics{./win32-start.eps}
-\
-\item Finally, the finish dialog will appear:
+\item Finally, the finish dialog will appear:
\addcontentsline{lof}{figure}{Win32 Client Setup Completed}
-\includegraphics{./win32-finish.eps}
+ \includegraphics{./win32-finish.eps}
\
\end{itemize}
That should complete the installation process. When the Bacula File Server is
ready to serve files, an icon \includegraphics{./idle.eps} representing a
cassette (or tape) will appear in the system tray
-\includegraphics{./tray-icon.eps}; right click on it and a menu will appear.
-\
-\ \ \ \ \includegraphics{./menu.eps}
+\includegraphics{./tray-icon.eps}; right click on it and a menu will appear.\\
+\includegraphics{./menu.eps}\\
The {\bf Events} item is currently unimplemented, by selecting the {\bf
Status} item, you can verify whether any jobs are running or not.
c:\textbackslash{}bacula\textbackslash{}bin\textbackslash{}bacula-fd.conf} to
ensure that it corresponds to your configuration.
+Finally, but pulling up the Task Manager (ctl-alt-del), verify that Bacula
+is running as a process (not an Application) with User Name SYSTEM. If this is
+not the case, you probably have not installed Bacula while running as
+Administrator, and hence it will be unlikely that Bacula can access
+all the system files.
+
\subsection*{Uninstalling Bacula on Win32}
\index[general]{Win32!Uninstalling Bacula }
\index[general]{Uninstalling Bacula on Win32 }
The most likely source of problems is authentication when the Director
attempts to connect to the File daemon that you installed. This can occur if
the names and the passwords defined in the File daemon's configuration file
-{\bf
+{\bf
c:\textbackslash{}bacula\textbackslash{}bin\textbackslash{}bacula-fd.conf} on
the Windows machine do not match with the names and the passwords in the
Director's configuration file {\bf bacula-dir.conf} located on your Unix/Linux
is the program {\bf SetACL}, which can be found at
\elink{http://setacl.sourceforge.net/ }{http://setacl.sourceforge.net/}.
+If you have not installed Bacula while running as Administrator
+and if Bacula is not running as a Process with the userid (User Name) SYSTEM,
+then it is very unlikely that it will have sufficient permission to
+access all your files.
+
Some users have experienced problems restoring files that participate in
the Active Directory. They also report that changing the userid under which
Bacula (bacula-fd.exe) runs, from SYSTEM to a Domain Admin userid, resolves
projects / bacula / docs / commitdiff