From 23b01883a9559e9b742906bab1e707a48b5b84f8 Mon Sep 17 00:00:00 2001
From: Dan Langille <dan@langille.org>
Date: Mon, 22 Oct 2007 23:43:12 +0000
Subject: [PATCH] Add a section on Security Considations when backing up the
 Bacula database.  Refer to this section from the Tips page.

---
 docs/manual/catmaintenance.tex | 29 +++++++++++++++++++++++++++++
 docs/manual/tips.tex           |  5 +++++
 2 files changed, 34 insertions(+)

diff --git a/docs/manual/catmaintenance.tex b/docs/manual/catmaintenance.tex
index 3c03058f..2fd11477 100644
--- a/docs/manual/catmaintenance.tex
+++ b/docs/manual/catmaintenance.tex
@@ -586,6 +586,8 @@ Job {
   Storage = DLTDrive
   Messages = Standard
   Pool = Default
+  # WARNING!!! Passing the password via the command line is insecure.
+  # see comments in make_catalog_backup for details.
   RunBeforeJob = "/home/kern/bacula/bin/make_catalog_backup"
   RunAfterJob  = "/home/kern/bacula/bin/delete_catalog_backup"
   Write Bootstrap = "/home/kern/bacula/working/BackupCatalog.bsr"
@@ -614,6 +616,33 @@ you to quickly recover the database backup should that be necessary.  If
 you do not have a bootstrap file, it is still possible to recover your
 database backup, but it will be more work and take longer. 
 
+
+\label{BackingUpBaculaSecurityConsiderations}
+\section{Security considerations}
+\index[general]{Backing Up Your Bacula Database - Security Considerations }
+\index[general]{Database!Backing Up Your Bacula Database - Security Considerations }
+
+We provide make_catalog_backup as an example of what can be used to backup
+your Bacula database.  We expect you to take security precautions relevant
+to your situation.  make_catalog_backup is designed to take a password on
+the command line.  This is fine on machines with only trusted users.  It is
+not acceptable on machines without trusted users.  Most database systems
+provide a alternative method, which does not place the password on the
+command line.
+
+The make_catalog_backup contains some warnings about how to use it. Please
+read those tips.
+
+To help you get started, we know PostgreSQL has a password file,
+\elink{
+.pgpass}{http://www.postgresql.org/docs/8.2/static/libpq-pgpass.html}, and
+we know MySQL has
+\elink{ .my.cnf}{http://dev.mysql.com/doc/refman/4.1/en/password-security.html}.
+
+Only you can decide what is appropriate for your situation. We have provided
+you with a starting point.  We hope it helps.
+
+
 \label{BackingUPOtherDBs}
 \section{Backing Up Third Party Databases}
 \index[general]{Backing Up Third Party Databases }
diff --git a/docs/manual/tips.tex b/docs/manual/tips.tex
index 08aeb429..d3d81659 100644
--- a/docs/manual/tips.tex
+++ b/docs/manual/tips.tex
@@ -602,6 +602,11 @@ setup procedure leaves the database open to anyone. At a minimum, you should
 assign the user {\bf bacula} a userid and add it to your Director's
 configuration file in the appropriate Catalog resource. 
 
+If you use the make_catalog_backup script provided by Bacula, remember that
+you should take care when supplying passwords on the command line.  Read the
+\ilink{BackingUpBaculaSecurityConsiderations}{Backing Up Your Bacula
+Database - Security Considerations } for more information.
+
 \section{Creating Holiday Schedules}
 \label{holiday}
 \index[general]{Schedules!Creating Holiday }
-- 
2.39.5