From d86208ceb22ba66943dd3e6aad9ec81a4a79e2d4 Mon Sep 17 00:00:00 2001 From: Kern Sibbald Date: Thu, 7 Sep 2006 16:51:53 +0000 Subject: [PATCH] kes Use get_catalog_resource() to open catalog database to ensure that ACLs are respected and that user is correctly prompted for database. kes Integrate multiple console/director patch from Carsten Paeth calle@calle.in-berlin.de git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/trunk@3428 91ce42f0-d328-0410-95d8-f526ca767f89 --- bacula/kernstodo | 17 +++++----- bacula/src/console/console.c | 52 +++++++++++++++++++++++++------ bacula/src/console/console_conf.c | 3 +- bacula/src/console/console_conf.h | 3 +- bacula/src/dird/ua_cmds.c | 16 ++-------- bacula/src/dird/ua_server.c | 2 +- bacula/technotes-1.39 | 5 +++ 7 files changed, 64 insertions(+), 34 deletions(-) diff --git a/bacula/kernstodo b/bacula/kernstodo index 0758a854dd..a3b8cab7f3 100644 --- a/bacula/kernstodo +++ b/bacula/kernstodo @@ -35,10 +35,8 @@ Priority: For 1.39: - When reading through parts on the DVD, the DVD is mounted and unmounted for each part. -- Restricted consoles start in the Default catalog even if it - is not permitted. - Make sure that the restore options don't permit "seeing" other - Client's job data. + Client's job data. -- mostly fixed. - Implement Python event for backing up/restoring a file. - Change dbcheck to tell users to use native tools for fixing broken databases, and to ensure they have the proper indexes. @@ -54,9 +52,6 @@ For 1.39: routines. - Do we migrate appendable Volumes? - Remove queue.c code. -- Fix re-read of last block to check if job has actually written - a block, and check if block was written by a different job - (i.e. multiple simultaneous jobs writing). - Some users claim that they must do two prune commands to get a Volume marked as purged. - Print warning message if LANG environment variable does not specify @@ -69,6 +64,11 @@ For 1.39: .move eject device=xxx toslot=yyy the same as above, but with a new target slot. The catalog should be updated accordingly. .move transfer device=xxx fromslot=yyy toslot=zzz + +Low priority: +- Fix re-read of last block to check if job has actually written + a block, and check if block was written by a different job + (i.e. multiple simultaneous jobs writing). - Figure out how to configure query.sql. Suggestion to use m4: == changequote.m4 === changequote(`[',`]')dnl @@ -95,8 +95,6 @@ For 1.39: The problem is that it requires m4, which is not present on all machines at ./configure time. - -Low priority: - Get Perl replacement for bregex.c - Given all the problems with FIFOs, I think the solution is to do something a little different, though I will look at the code and see if there is not some @@ -1684,3 +1682,6 @@ Block Position: 0 > the Volumes in the magazine disabled prior to taking them offsite, and mark > them all enabled when bringing them back on site. Coupled with the options > to the slots keyword, you can apply the enable/disable to any or all volumes. +- Restricted consoles start in the Default catalog even if it + is not permitted. + diff --git a/bacula/src/console/console.c b/bacula/src/console/console.c index b7064e0bd2..8bae25bde3 100644 --- a/bacula/src/console/console.c +++ b/bacula/src/console/console.c @@ -66,13 +66,15 @@ extern "C" void got_sigtin(int sig); /* Static variables */ static char *configfile = NULL; static BSOCK *UA_sock = NULL; -static DIRRES *dir; +static DIRRES *dir = NULL; +static CONRES *cons = NULL; static FILE *output = stdout; static bool teeout = false; /* output to output and stdout */ static bool stop = false; static bool no_conio = false; static int argc; static int numdir; +static int numcon; static POOLMEM *args; static char *argk[MAX_CMD_ARGS]; static char *argv[MAX_CMD_ARGS]; @@ -150,7 +152,7 @@ static struct cmdstruct commands[] = { { N_("time"), timecmd, _("print current time")}, { N_("version"), versioncmd, _("print Console's version")}, { N_("exit"), quitcmd, _("exit = quit")}, - { N_("zed_keyst"), zed_keyscmd, _("zed_keys = use zed keys instead of bash keys")}, + { N_("zed_keys"), zed_keyscmd, _("zed_keys = use zed keys instead of bash keys")}, }; #define comsize (sizeof(commands)/sizeof(struct cmdstruct)) @@ -423,6 +425,17 @@ int main(int argc, char *argv[]) (void)WSA_Init(); /* Initialize Windows sockets */ + LockRes(); + numdir = 0; + foreach_res(dir, R_DIRECTOR) { + numdir++; + } + numcon = 0; + foreach_res(cons, R_CONSOLE) { + numcon++; + } + UnlockRes(); + if (numdir > 1) { struct sockaddr client_addr; memset(&client_addr, 0, sizeof(client_addr)); @@ -445,22 +458,42 @@ try_again: senditf(_("You must enter a number between 1 and %d\n"), numdir); goto try_again; } + term_bsock(UA_sock); LockRes(); - dir = NULL; for (i=0; idirector && strcmp(cons->director, dir->hdr.name) == 0) { + break; + } + cons = NULL; + } + /* Look for the first non-linked console */ + if (cons == NULL) { + for (i=0; idirector == NULL) + break; + cons = NULL; + } + } UnlockRes(); - term_bsock(UA_sock); - } else { + } + /* If no director, take first one */ + if (!dir) { LockRes(); dir = (DIRRES *)GetNextRes(R_DIRECTOR, NULL); UnlockRes(); } - - LockRes(); - CONRES *cons = (CONRES *)GetNextRes(R_CONSOLE, (RES *)NULL); - UnlockRes(); + /* If no console, take first one */ + if (!cons) { + LockRes(); + cons = (CONRES *)GetNextRes(R_CONSOLE, (RES *)NULL); + UnlockRes(); + } senditf(_("Connecting to Director %s:%d\n"), dir->address,dir->DIRport); @@ -483,7 +516,6 @@ try_again: terminate_console(0); return 1; } - } /* Initialize Director TLS context */ diff --git a/bacula/src/console/console_conf.c b/bacula/src/console/console_conf.c index 0336a957cb..a3a0d134ed 100644 --- a/bacula/src/console/console_conf.c +++ b/bacula/src/console/console_conf.c @@ -20,7 +20,7 @@ * Kern Sibbald, January MM, September MM */ /* - Copyright (C) 2000-2005 Kern Sibbald + Copyright (C) 2000-2006 Kern Sibbald This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License @@ -81,6 +81,7 @@ static RES_ITEM cons_items[] = { {"tlscacertificatedir", store_dir, ITEM(res_cons.tls_ca_certdir), 0, 0, 0}, {"tlscertificate", store_dir, ITEM(res_cons.tls_certfile), 0, 0, 0}, {"tlskey", store_dir, ITEM(res_cons.tls_keyfile), 0, 0, 0}, + {"director", store_str, ITEM(res_cons.director), 0, 0, 0}, {NULL, NULL, {0}, 0, 0, 0} }; diff --git a/bacula/src/console/console_conf.h b/bacula/src/console/console_conf.h index 8e793ab3f9..7a73ef0b77 100644 --- a/bacula/src/console/console_conf.h +++ b/bacula/src/console/console_conf.h @@ -6,7 +6,7 @@ * Version $Id$ */ /* - Copyright (C) 2000-2005 Kern Sibbald + Copyright (C) 2000-2006 Kern Sibbald This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License @@ -57,6 +57,7 @@ struct CONRES { char *tls_ca_certdir; /* TLS CA Certificate Directory */ char *tls_certfile; /* TLS Client Certificate File */ char *tls_keyfile; /* TLS Client Key File */ + char *director; /* bind to director */ TLS_CONTEXT *tls_ctx; /* Shared TLS Context */ }; diff --git a/bacula/src/dird/ua_cmds.c b/bacula/src/dird/ua_cmds.c index 24828f4a25..481b51b0e3 100644 --- a/bacula/src/dird/ua_cmds.c +++ b/bacula/src/dird/ua_cmds.c @@ -1586,9 +1586,8 @@ static int version_cmd(UAContext *ua, const char *cmd) } -/* A bit brain damaged in that if the user has not done - * a "use catalog xxx" command, we simply find the first - * catalog resource and open it. +/* + * Open the catalog database. */ bool open_db(UAContext *ua) { @@ -1596,19 +1595,10 @@ bool open_db(UAContext *ua) return true; } if (!ua->catalog) { - LockRes(); - ua->catalog = (CAT *)GetNextRes(R_CATALOG, NULL); - UnlockRes(); + ua->catalog = get_catalog_resource(ua); if (!ua->catalog) { bsendmsg(ua, _("Could not find a Catalog resource\n")); return false; - } else if (!acl_access_ok(ua, Catalog_ACL, ua->catalog->hdr.name)) { - bsendmsg(ua, _("You must specify a \"use \" command before continuing.\n")); - ua->catalog = NULL; - return false; - } else { - bsendmsg(ua, _("Using default Catalog name=%s DB=%s\n"), - ua->catalog->hdr.name, ua->catalog->db_name); } } diff --git a/bacula/src/dird/ua_server.c b/bacula/src/dird/ua_server.c index 5ebaa79f75..689b2056f7 100644 --- a/bacula/src/dird/ua_server.c +++ b/bacula/src/dird/ua_server.c @@ -7,7 +7,7 @@ * Version $Id$ */ /* - Copyright (C) 2000-2005 Kern Sibbald + Copyright (C) 2000-2006 Kern Sibbald This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License diff --git a/bacula/technotes-1.39 b/bacula/technotes-1.39 index dedaabca7e..ab25ad7054 100644 --- a/bacula/technotes-1.39 +++ b/bacula/technotes-1.39 @@ -2,6 +2,11 @@ General: 07Sep06 +kes Use get_catalog_resource() to open catalog database + to ensure that ACLs are respected and that user is + correctly prompted for database. +kes Integrate multiple console/director patch from + Carsten Paeth calle@calle.in-berlin.de ebl Add character substitution in Job/JobDefs WriteBootStrap. You can use now 'WriteBootStrap = "/path/%c_%n.bsr"' kes Apply patch supplied in bug #656 to pass priority field -- 2.39.2