blob: 63dbe364b49e336fc8a7ffb521c8f94bb3b5837c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
$NetBSD: patch-ab,v 1.1 2008/07/13 15:26:36 tonnerre Exp $
--- manual/catmaintenance.tex.orig 2007-01-05 18:20:40.000000000 +0100
+++ manual/catmaintenance.tex
@@ -545,6 +545,8 @@ Job {
Storage = DLTDrive
Messages = Standard
Pool = Default
+ # WARNING!!! Passing the password via the command line is insecure.
+ # see comments in make_catalog_backup for details.
RunBeforeJob = "/home/kern/bacula/bin/make_catalog_backup"
RunAfterJob = "/home/kern/bacula/bin/delete_catalog_backup"
Write Bootstrap = "/home/kern/bacula/working/BackupCatalog.bsr"
@@ -573,6 +575,33 @@ you to quickly recover the database back
you do not have a bootstrap file, it is still possible to recover your
database backup, but it will be more work and take longer.
+
+\label{BackingUpBaculaSecurityConsiderations}
+\section{Security considerations}
+\index[general]{Backing Up Your Bacula Database - Security Considerations }
+\index[general]{Database!Backing Up Your Bacula Database - Security Considerations }
+
+We provide make_catalog_backup as an example of what can be used to backup
+your Bacula database. We expect you to take security precautions relevant
+to your situation. make_catalog_backup is designed to take a password on
+the command line. This is fine on machines with only trusted users. It is
+not acceptable on machines without trusted users. Most database systems
+provide a alternative method, which does not place the password on the
+command line.
+
+The make_catalog_backup contains some warnings about how to use it. Please
+read those tips.
+
+To help you get started, we know PostgreSQL has a password file,
+\elink{
+.pgpass}{http://www.postgresql.org/docs/8.2/static/libpq-pgpass.html}, and
+we know MySQL has
+\elink{ .my.cnf}{http://dev.mysql.com/doc/refman/4.1/en/password-security.html}.
+
+Only you can decide what is appropriate for your situation. We have provided
+you with a starting point. We hope it helps.
+
+
\label{BackingUPOtherDBs}
\section{Backing Up Third Party Databases}
\index[general]{Backing Up Third Party Databases }
|