simultaneously. Once the maximum connections has been reached, each
Bacula component will reject all new connections.
+ Finally, make sure you have no {\bf hosts.allow} or {\bf hosts.deny}
+ file that is not permitting access to the site trying to connect.
+
\label{AccessProblems}
\subsection*{Bacula Runs Fine but Cannot Access a Client on a Different Machine.
Why? }
Director's conf file must be known (resolvable) by the File daemon,
because it is passed symbolically to the File daemon, which then
resolves it to get an IP address used to contact the Storage daemon.
+\item You may have a {\bf hosts.allow} or {\bf hosts.deny} file that is
+ not permitting access.
\end{itemize}
\label{startover}
really sparse.
\label{readfifo}
-
\item [readfifo=yes|no]
\index[fd]{readfifo }
If enabled, tells the Client to read the data on a backup and write the
FIFO. When this is not enabled (default), the Client simply saves the
directory entry for the FIFO.
+ Unfortunately, when Bacula runs a RunBeforeJob, it waits until that
+ script terminates, and if the script accesses the FIFO to write
+ into the it, the Bacula job will block and everything will stall.
+ However, Vladimir Stavrinov as supplied tip that allows this feature
+ to work correctly. He simply adds the following to the beginning
+ of the RunBeforeJob script:
+
+\begin{verbatim}
+ exec > /dev/null
+\end{verbatim}
+
+
\item [mtimeonly=yes|no]
\index[dir]{mtimeonly }
If enabled, tells the Client that the selection of files during
\end{verbatim}
\normalsize
- if {\bf /home/abc/fifo} is a fifo device, Bacula will open the fifo, read it,
- and store all data thus obtained on the Volume. Please note, you must have a
- process on the system that is writing into the fifo, or Bacula will hang,
- and after one minute of waiting, Bacula will give up and go on to the next
- file. The data read can be anything since Bacula treats it as a stream.
-
- This feature can be an excellent way to do a "hot" backup of a very large
- database. You can use the {\bf RunBeforeJob} to create the fifo and to start
- a program that dynamically reads your database and writes it to the fifo.
- Bacula will then write it to the Volume.
-
- During the restore operation, the inverse is true, after Bacula creates the
- fifo if there was any data stored with it (no need to explicitly list it or
- add any options), that data will be written back to the fifo. As a
- consequence, if any such FIFOs exist in the fileset to be restored, you must
- ensure that there is a reader program or Bacula will block, and after one
- minute, Bacula will time out the write to the fifo and move on to the next
- file.
+ if {\bf /home/abc/fifo} is a fifo device, Bacula will open the fifo,
+ read it, and store all data thus obtained on the Volume. Please note,
+ you must have a process on the system that is writing into the fifo, or
+ Bacula will hang, and after one minute of waiting, Bacula will give up
+ and go on to the next file. The data read can be anything since Bacula
+ treats it as a stream.
+
+ This feature can be an excellent way to do a "hot" backup of a very
+ large database. You can use the {\bf RunBeforeJob} to create the fifo
+ and to start a program that dynamically reads your database and writes
+ it to the fifo. Bacula will then write it to the Volume. Be sure to
+ read the \ilink{readfifo section}{readfifo} that gives a
+ tip to ensure that the RunBeforeJob does not block Bacula.
+
+ During the restore operation, the inverse is true, after Bacula creates
+ the fifo if there was any data stored with it (no need to explicitly
+ list it or add any options), that data will be written back to the fifo.
+ As a consequence, if any such FIFOs exist in the fileset to be restored,
+ you must ensure that there is a reader program or Bacula will block, and
+ after one minute, Bacula will time out the write to the fifo and move on
+ to the next file.
\end{itemize}
\subsubsection*{FileSet Examples}
\index[general]{FileSet Examples}
\addcontentsline{toc}{subsection}{FileSet Examples}
-The following is an example of a valid FileSet resource definition. Note, the
-first Include pulls in the contents of the file {\bf /etc/backup.list} when
-Bacula is started (i.e. the @), and that file must have each filename to be
-backed up preceded by a {\bf File =} and on a separate line.
+The following is an example of a valid FileSet resource definition. Note,
+the first Include pulls in the contents of the file {\bf /etc/backup.list}
+when Bacula is started (i.e. the @), and that file must have each filename
+to be backed up preceded by a {\bf File =} and on a separate line.
\footnotesize
\begin{verbatim}
request of the Director, finds the files to be backed up and sends them (their
data) to the Storage daemon.
-The File daemon configuration file is found in the directory specified on the
-{\bf \verb:--:sysconfdir} option that you specified on the {\bf ./configure}
-command.
-By default, the File daemon's configuration file is named {\bf
+The File daemon configuration file is found in the directory specified on
+the {\bf \verb:--:sysconfdir} option that you specified on the {\bf ./configure}
+command. By default, the File daemon's configuration file is named {\bf
bacula-fd.conf}. Normally, for first time users, no change is needed to this
file. Reasonable defaults are set. However, if you are going to back up more
than one machine, you will need to install the File daemon with a unique
The Director configuration file is found in the directory specified on the
{\bf \verb:--:sysconfdir} option that you specified on the {\bf ./configure}
-command.
-Normally the Director's configuration file is named {\bf bacula-dir.conf}.
+command. Normally the Director's configuration file is named {\bf bacula-dir.conf}.
In general, the only change you must make is modify the FileSet resource so
that the {\bf Include} configuration directive contains at least one line with
name, address, and password. We have found that giving your daemons the same
name as your system but post fixed with {\bf -fd} helps a lot in debugging.
That is, if your system name is {\bf foobaz}, you would give the File daemon
-the name {\bf foobaz-fd}. For the Director, you might use {\bf foobaz-dir},
+the name {\bf foobaz-fd}. For the Director, you should use {\bf foobaz-dir},
and for the storage daemon, you might use {\bf foobaz-sd}.
+Each of your Bacula components {\bf must} have a unique name. If you
+make them all the same, aside fromt the fact that you will not
+know what daemon is sending what message, if they share the same
+working directory, the daemons temporary file names will not
+be unique, and you will get many strange failures.
\subsubsection*{
\ilink{Configuring the Storage daemon}{_ChapterStart31}}
\addcontentsline{toc}{subsection}{Testing Bacula Compatibility with Your Tape
Drive}
-Before spending a lot of time on Bacula only to find that it doesn't work with
-your tape drive, please read the
-\ilink{btape -- Testing Your Tape Drive}{_ChapterStart27}
-chapter of this manual. If you have a modern standard SCSI tape drive on a
-Linux or Solaris, most likely it will work, but better test than be sorry. For
-FreeBSD (and probably other xBSD flavors), reading the above mentioned tape
-testing chapter is a must. Also, for FreeBSD, please see
-\elink{The FreeBSD Diary}{http://www.freebsddiary.org/bacula.php} for a
-detailed description on how to make Bacula work on your system. In addition,
-users of FreeBSD prior to 4.9-STABLE dated Mon Dec 29 15:18:01 2003 UTC who
-plan to use tape devices, please see the file {\bf
-platforms/freebsd/pthreads-fix.txt} in the main Bacula directory concerning
-important information concerning compatibility of Bacula and your system.
-\label{notls}
+Before spending a lot of time on Bacula only to find that it doesn't work
+with your tape drive, please read the \ilink{btape -- Testing Your Tape
+Drive}{_ChapterStart27} chapter of this manual. If you have a modern
+standard SCSI tape drive on a Linux or Solaris, most likely it will work,
+but better test than be sorry. For FreeBSD (and probably other xBSD
+flavors), reading the above mentioned tape testing chapter is a must.
+Also, for FreeBSD, please see \elink{The FreeBSD
+Diary}{http://www.freebsddiary.org/bacula.php} for a detailed description
+on how to make Bacula work on your system. In addition, users of FreeBSD
+prior to 4.9-STABLE dated Mon Dec 29 15:18:01 2003 UTC who plan to use tape
+devices, please see the file {\bf platforms/freebsd/pthreads-fix.txt} in
+the main Bacula directory concerning important information concerning
+compatibility of Bacula and your system. \label{notls}
\subsection*{Get Rid of the /lib/tls Directory}
\index[general]{Directory!Get Rid of the /lib/tls }
\item Support ANSI and IBM tape labels.
\item Support for Unicode filenames (e.g. Chinese) on Win32 machines on
version 1.37.28 and greater.
-
+\item Consistent backup of open files on Win32 systems (WinXP, Win2003),
+ but not Win2000, using Volume Shadow Copy (VSS).
\end{itemize}
\subsection*{Advantages of Bacula Over Other Backup Programs}
\addcontentsline{toc}{subsection}{Current Implementation Restrictions}
\begin{itemize}
-\item Typical of Microsoft, not all files can always be saved on WinNT, Win2K
- and WinXP when they are in use by another program. Anyone knowing the magic
- incantations, please step forward. The files that are skipped seem to be in
- exclusive use by some other process, and don't appear to be too important.
-
- Volume Shadow Copy (VSS) is now (July 2005) implemented in the Bacula Win32 File
- daemon. The code is there, and it is being tested, but it is not yet
- released.
\item Path and filenames longer than 260 characters on Win32 systems are
not supported. They will be backed up, but they cannot be restored. By
using the {\bf Portable=yes} directive in your FileSet, files with
http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/ospki-book.htm}
{http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/ospki-book.htm}.
Note, this link may change.
+
+\subsection*{Example TLS Configuration Files}
+\index[general]{Example!TLS Configuration Files}
+\index[general]{TLS Configuration Files}
+\addcontentsline{toc}{subsection}{Example TLS Configuration Files}
+
+Landon has supplied us with the TLS portions of his configuration
+files, which should help you setting up your own.
+
+{\bf bacula-dir.conf}
+\footnotesize
+\begin{verbatim}
+ Director { # define myself
+ Name = backup1-dir
+ ...
+ TLS Require = yes
+ TLS Verify Peer = yes
+ TLS Allowed CN = "bacula@backup1.example.com"
+ TLS Allowed CN = "administrator@example.com"
+ TLS CA Certificate File = /usr/local/etc/ssl/ca.pem
+ # This is a server certificate, used for incoming
+ # console connections.
+ TLS Certificate = /usr/local/etc/ssl/backup1/cert.pem
+ TLS Key = /usr/local/etc/ssl/backup1/key.pem
+ }
+
+ Storage {
+ Name = File
+ Address = backup1.example.com
+ ...
+ TLS Require = yes
+ TLS CA Certificate File = /usr/local/etc/ssl/ca.pem
+ # This is a client certificate, used by the director to
+ # connect to the storage daemon
+ TLS Certificate = /usr/local/etc/ssl/bacula@backup1/cert.pem
+ TLS Key = /usr/local/etc/ssl/bacula@backup1/key.pem
+ }
+\end{verbatim}
+\normalsize
+
+{\bf bacula-fd.conf}
+\footnotesize
+\begin{verbatim}
+ Director {
+ Name = backup1-dir
+ ...
+ TLS Require = yes
+ TLS Verify Peer = yes
+ # Allow only the Director to connect
+ TLS Allowed CN = "bacula@backup1.example.com"
+ TLS CA Certificate File = /usr/local/etc/ssl/ca.pem\
+ # This is a server certificate. It is used by connecting
+ # directors to verify the authenticity of this file daemon
+ TLS Certificate = /usr/local/etc/ssl/server1/cert.pem
+ TLS Key = /usr/local/etc/ssl/server1/key.pem
+ }
+\end{verbatim}
+\normalsize
+
+{\bf bacula-sd.conf}
+\footnotesize
+\begin{verbatim}
+ Storage { # definition of myself
+ Name = backup1-sd
+ ...
+ # These TLS configuration options are used for incoming
+ # file daemon connections. Director TLS settings are handled
+ # below.
+ TLS Require = yes
+ # Peer certificate is not required/requested -- peer validity
+ # is verified by the storage connection cookie provided to the
+ # File Daemon by the director.
+ TLS Verify Peer = no
+ TLS CA Certificate File = /usr/local/etc/ssl/ca.pem
+ # This is a server certificate. It is used by connecting
+ # file daemons to verify the authenticity of this storage daemon
+ TLS Certificate = /usr/local/etc/ssl/backup1/cert.pem
+ TLS Key = /usr/local/etc/ssl/backup1/key.pem
+ }
+
+ #
+ # List Directors who are permitted to contact Storage daemon
+ #
+ Director {
+ Name = backup1-dir
+ ...
+ TLS Require = yes
+ # Require the connecting director to provide a certificate
+ # with the matching CN.
+ TLS Verify Peer = yes
+ TLS Allowed CN = "bacula@backup1.example.com"
+ TLS CA Certificate File = /usr/local/etc/ssl/ca.pem
+ # This is a server certificate. It is used by the connecting
+ # director to verify the authenticity of this storage daemon
+ TLS Certificate = /usr/local/etc/ssl/backup1/cert.pem
+ TLS Key = /usr/local/etc/ssl/backup1/key.pem
+ }
+\end{verbatim}
+\normalsize
+
+
+
# latex2html has used as the source to create the imgxx.png filename.
# The filename extension is taken from the file
sub read_transfile {
- my ($trans,$direction) = @_;
-
- if (!open IN,"<$path$TRANSFILE") {
- print "WARNING: Cannot open image translation file $path$TRANSFILE for reading\n";
- print " Image filename translation aborted\n\n";
- exit 0;
- }
-
- while (<IN>) {
- chomp;
- my ($new,$old) = split(/\001/);
-
- # Old filenames will usually have a leading ./ which we don't need.
- $old =~ s/^\.\///;
-
- # The filename extension of the old filename must be made to match
- # the new filename because it indicates the encoding format of the image.
- my ($ext) = $new =~ /(\.[^\.]*)$/;
- $old =~ s/\.[^\.]*$/$ext/;
- if ($direction == 0) {
- $trans->{$new} = $old;
- } else {
- $trans->{$old} = $new;
- }
- }
- close IN;
+ my ($trans,$direction) = @_;
+
+ if (!open IN,"<$path$TRANSFILE") {
+ print "WARNING: Cannot open image translation file $path$TRANSFILE for reading\n";
+ print " Image filename translation aborted\n\n";
+ exit 0;
+ }
+
+ while (<IN>) {
+ chomp;
+ my ($new,$old) = split(/\001/);
+
+ # Old filenames will usually have a leading ./ which we don't need.
+ $old =~ s/^\.\///;
+
+ # The filename extension of the old filename must be made to match
+ # the new filename because it indicates the encoding format of the image.
+ my ($ext) = $new =~ /(\.[^\.]*)$/;
+ $old =~ s/\.[^\.]*$/$ext/;
+ if ($direction == 0) {
+ $trans->{$new} = $old;
+ } else {
+ $trans->{$old} = $new;
+ }
+ }
+ close IN;
}
-
+
# Translates the image names in the file given as the first argument, according to
# the translations in the hash that is given as the second argument.
# The file contents are read in entirely into a string, the string is processed, and
# Links to other files are added to the %filelist for processing. That way,
# all linked files will be processed (assuming they are local).
sub translate_html {
- my ($filename,$trans,$filelist) = @_;
- my ($contents,$out,$this,$img,$dest);
- my $cnt = 0;
-
- # If the filename is an external link ignore it. And drop any file:// from
- # the filename.
- $filename =~ /^(http|ftp|mailto)\:/ and return 0;
- $filename =~ s/^file\:\/\///;
- # Load the contents of the html file.
- if (!open IF,"<$path$filename") {
- print "WARNING: Cannot open $path$filename for reading\n";
- print " Image Filename Translation aborted\n\n";
- exit 0;
- }
-
- while (<IF>) {
- $contents .= $_;
- }
- close IF;
-
- # Now do the translation...
- # First, search for an image filename.
- while ($contents =~ /\<\s*IMG[^\>]*SRC=\"/si) {
- $contents = $';
- $out .= $` . $&;
-
- # The next thing is an image name. Get it and translate it.
- $contents =~ /^(.*?)\"/s;
- $contents = $';
- $this = $&;
- $img = $1;
- # If the image is in our list of ones to be translated, do it
- # and feed the result to the output.
- $cnt += $this =~ s/$img/$trans->{$img}/ if (defined($trans->{$img}));
- $out .= $this;
- }
- $out .= $contents;
-
- # Now send the translated text to the html file, overwriting what's there.
- open OF,">$path$filename" or die "Cannot open $path$filename for writing\n";
- print OF $out;
- close OF;
-
- # Now look for any links to other files and add them to the list of files to do.
- while ($out =~ /\<\s*A[^\>]*HREF=\"(.*?)\"/si) {
- $out = $';
- $dest = $1;
- # Drop an # and anything after it.
- $dest =~ s/\#.*//;
- $filelist->{$dest} = '' if $dest;
- }
- return $cnt;
+ my ($filename,$trans,$filelist) = @_;
+ my ($contents,$out,$this,$img,$dest);
+ my $cnt = 0;
+
+ # If the filename is an external link ignore it. And drop any file:// from
+ # the filename.
+ $filename =~ /^(http|ftp|mailto)\:/ and return 0;
+ $filename =~ s/^file\:\/\///;
+ # Load the contents of the html file.
+ if (!open IF,"<$path$filename") {
+ print "WARNING: Cannot open $path$filename for reading\n";
+ print " Image Filename Translation aborted\n\n";
+ exit 0;
+ }
+
+ while (<IF>) {
+ $contents .= $_;
+ }
+ close IF;
+
+ # Now do the translation...
+ # First, search for an image filename.
+ while ($contents =~ /\<\s*IMG[^\>]*SRC=\"/si) {
+ $contents = $';
+ $out .= $` . $&;
+
+ # The next thing is an image name. Get it and translate it.
+ $contents =~ /^(.*?)\"/s;
+ $contents = $';
+ $this = $&;
+ $img = $1;
+ # If the image is in our list of ones to be translated, do it
+ # and feed the result to the output.
+ $cnt += $this =~ s/$img/$trans->{$img}/ if (defined($trans->{$img}));
+ $out .= $this;
+ }
+ $out .= $contents;
+
+ # Now send the translated text to the html file, overwriting what's there.
+ open OF,">$path$filename" or die "Cannot open $path$filename for writing\n";
+ print OF $out;
+ close OF;
+
+ # Now look for any links to other files and add them to the list of files to do.
+ while ($out =~ /\<\s*A[^\>]*HREF=\"(.*?)\"/si) {
+ $out = $';
+ $dest = $1;
+ # Drop an # and anything after it.
+ $dest =~ s/\#.*//;
+ $filelist->{$dest} = '' if $dest;
+ }
+ return $cnt;
}
-
+
# REnames the image files spefified in the %translate hash.
sub rename_images {
- my $translate = shift;
- my ($response);
-
- foreach (keys(%$translate)) {
- if (! $translate->{$_}) {
- print " WARNING: No destination Filename for $_\n";
- } else {
- $response = `mv -f $path$_ $path$translate->{$_} 2>&1`;
- $response and print "ERROR from system $response\n";
- }
- }
+ my $translate = shift;
+ my ($response);
+
+ foreach (keys(%$translate)) {
+ if (! $translate->{$_}) {
+ print " WARNING: No destination Filename for $_\n";
+ } else {
+ $response = `mv -f $path$_ $path$translate->{$_} 2>&1`;
+ $response and print "ERROR from system $response\n";
+ }
+ }
}
#################################################
my $arg0 = shift(@ARGV);
$arg0 =~ /^(--to_meaningful_names|--from_meaningful_names)$/ or
- die "ERROR: First argument must be either \'--to_meaningful_names\' or \'--from_meaningful_names\'\n";
+ die "ERROR: First argument must be either \'--to_meaningful_names\' or \'--from_meaningful_names\'\n";
$direction = ($arg0 eq '--to_meaningful_names') ? 0 : 1;
read_transfile(\%translate,$direction);
foreach (@ARGV) {
- # Strip the path from the filename, and use it later on.
- if (s/(.*\/)//) {
- $path = $1;
- } else {
- $path = '';
- }
- $filelist{$_} = '';
-
- while ($thisfile = (keys(%filelist))[0]) {
- $cnt += translate_html($thisfile,\%translate,\%filelist) if (!exists($completed{$thisfile}));
- delete($filelist{$thisfile});
- $completed{$thisfile} = '';
- }
- print "translate_images.pl: $cnt image filenames translated ",($direction)?"from":"to"," meaningful names\n";
+ # Strip the path from the filename, and use it later on.
+ if (s/(.*\/)//) {
+ $path = $1;
+ } else {
+ $path = '';
+ }
+ $filelist{$_} = '';
+
+ while ($thisfile = (keys(%filelist))[0]) {
+ $cnt += translate_html($thisfile,\%translate,\%filelist) if (!exists($completed{$thisfile}));
+ delete($filelist{$thisfile});
+ $completed{$thisfile} = '';
+ }
+ print "translate_images.pl: $cnt image filenames translated ",($direction)?"from":"to"," meaningful names\n";
}
rename_images(\%translate);
\footnotesize
\begin{verbatim}
-./bacula start -d20
+./bacula start -d100
\end{verbatim}
\normalsize
+This can be particularly helpful if your daemons do not start correctly,
+because direct daemon output to the console is normally directed to the
+NULL device, but with the debug level greater than zero, the output
+will be sent to the starting terminal.
+
To stop the three daemons, enter the following from the install directory:
\footnotesize
projects / bacula / docs / commitdiff
