Re: Bacula and tcpwrappers on Debian

To: debian-user@lists.debian.org
Subject: Re: Bacula and tcpwrappers on Debian
From: Daehenoc <daehenoc@optusnet.com.au>
Date: Mon, 03 Apr 2006 09:57:32 +1000
Message-id: <[🔎] 443064EC.90000@optusnet.com.au>
Reply-to: daehenoc@optusnet.com.au
In-reply-to: <200603310502.k2V52Loj013283@mail25.syd.optusnet.com.au>
References: <200603310502.k2V52Loj013283@mail25.syd.optusnet.com.au>

Hah! I say hah!

Greg Vickers wrote:
> Hi all,
> 
> I've found out that tcpwrappers were causing my authentication problems with Bacula (bconsole couldn't connect to the bacula-dir process.)
> 
> If remove the 'ALL: ALL' line from hosts.deny bconsole will connect to the director successfully. I reinstate the 'ALL: ALL' clause and the following hosts.allow file will not allow bconsole to connect:
> bacula-dir: ALL
> bacula-fd: ALL
> bacula-sd: ALL
> 
> (I know I probably don't need the bacula-fd and -sd lines, but I included them out of frustration.)
> 
> What else should I include in my hosts.allow file to allow bconsole to connect to the director?

According to
http://www.bacula.org/dev-manual/Bacula_Security_Issues.html (thanks go
to apathy for pointing it out!) the daemeon name when running (the
service name) can be configured to be different to the process name!!

Debian configuration for Bacula sets the service name to be
%hostname%-dir (which makes sense) so your hosts.allow has to have an
entry for '%hostname%-dir', NOT 'bacula-dir'!

I guess it's not a bug, but an important configuration point that is not
included anywhere in any of the Debian documentation for Bacula that I
could find (I may have looked in the wrong place.)

HTH someone else,
Greg

Reply to:

Prev by Date: Re: DVD install from Plextor PX-712SA
Next by Date: Re: utf-8 and gnuplot
Previous by thread: How To Get “Provider Independent” IP Address For Your Home Server?
Next by thread: Burning files bigger than 2GB in k3b??
Index(es):
- Date
- Thread