Quantcast

Bacula ssh tunnel - not working

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Bacula ssh tunnel - not working

Jan Stefanovic

Hi guys

 

struggling with bacula ssh tunnel for days. Followed few “How To” for example

 

https://github.com/naszaklasa/bacula/blob/master/examples/ssh-tunnel-README.txt

or this one

http://wiki.bacula.org/doku.php?id=sshtunnel

 

but can’t make it work!

When I run the script manually, I can see the ssh tunnel is up between bacula sever and bacula client

but backup never works as bacula can’t find client-fd.

 

Can anybody send me working scenario?

 

Really really appreciate your help, guys!!!

 

 

Thanks, take care

 

Jan Stefanovic

IT Systems Administrator

 


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Bacula ssh tunnel - not working

Dimitri Maziuk
On 02/23/2017 11:37 AM, Jan Stefanovic wrote:

> When I run the script manually, I can see the ssh tunnel is up between bacula sever and bacula client
> but backup never works as bacula can’t find client-fd.

What are you trying to do exactly? E.g.

server# ssh -L 1234:client:9102 [hidden email]

Now the server should have in bacula-dir.conf

Client {
  Name = client-fd
  Address = 127.0.0.1
  FDPort = 1234
...

-- off the top of my head that should be all you need for a client
behind a firewall.

--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users

signature.asc (197 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Bacula ssh tunnel - not working

Jan Stefanovic
Thanks Dimitri!!!

How about the client's bacula-fd.conf?
can you cut/paste some info?

as well, how do you run the script to create ssh tunnel?
Is backup job running it or you do it manually?

Here is my client's bacula-fd.conf:

FileDaemon {                          # this is me
  Name = XXX-fd
  FDAddress = 127.0.0.1
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/spool/bacula
  Pid Directory = /var/run
  Maximum Concurrent Jobs = 20
}


and here is my clients.conf on the bacula server

# XXX SSH Tunnel test
Client {
  Name = XXX-fd                   # file daemon
  Address = 127.0.0.1              # Local Host for SSH Tunnel
  FDPort = 9112
  Catalog = MyCatalog
  Password = "XXXXXXXXXXXXXXXX" # password for Remote FileDaemon on pbid
  File Retention = 30 days            # 30 days
  Job Retention = 16 months            #  16 months
  AutoPrune = yes                     # Prune expired Jobs/Files
}

Job {
  Name = "XXX"
  JobDefs = "DefaultJob"
  Client = XXX-fd
  Pool = RemoteFile
  FileSet= "XXX"
  ClientRunBeforeJob = "/etc/bacula/scripts/sshbacula.sh"
}

and here is the script I am calling from "bacula"

USER=bacula
HOME=$(grep "^$USER:" /etc/passwd | cut -d : -f 6)
CLIENT=${1:-XXX}
LOCAL=$(hostname -f)
SSH=/usr/bin/ssh

echo "Starting SSH-tunnel to $CLIENT..."
$SSH -fC2 -R 9101:$LOCAL:9101 -R 9103:$LOCAL:9103 -L 9112:localhost:9102 $CLIENT
sleep 60 >/dev/null 2>/dev/null
# give ssh a little time to establish the connection.
sleep 10


Oh shit, I just realised I am call the script on client!!!

  ClientRunBeforeJob = "/etc/bacula/scripts/sshbacula.sh"


what's the syntax to run script on the server please?

Thanks, take care

Jan Stefanovic
IT Systems Administrator

p | (604) 299-0458 x268
e | [hidden email]
u | www.tantalus.com


CONFIDENTIALITY NOTICE.  This documentation, including any attachments, transmitted by electronic mail is intended for the use of the individual to whom or the entity to which it is addressed, and may contain information which is proprietary, confidential, privileged and/or protected from disclosure by applicable laws. Confidentiality and privilege are not lost by this documentation having been sent to the wrong electronic mail address. If you are not the intended recipient (or the person responsible for delivering thereto) please immediately notify the sender and destroy this documentation and all copies (in any form and media); and note that any distribution, reproduction or other use of this documentation is strictly prohibited and may violate public and intellectual property laws.  Thank you.


-----Original Message-----
From: Dimitri Maziuk [mailto:[hidden email]]
Sent: Thursday, February 23, 2017 10:14 AM
To: [hidden email]
Subject: Re: [Bacula-users] Bacula ssh tunnel - not working

On 02/23/2017 11:37 AM, Jan Stefanovic wrote:

> When I run the script manually, I can see the ssh tunnel is up between
> bacula sever and bacula client but backup never works as bacula can’t find client-fd.

What are you trying to do exactly? E.g.

server# ssh -L 1234:client:9102 [hidden email]

Now the server should have in bacula-dir.conf

Client {
  Name = client-fd
  Address = 127.0.0.1
  FDPort = 1234
...

-- off the top of my head that should be all you need for a client behind a firewall.

--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Bacula ssh tunnel - not working

Dimitri Maziuk
On 02/23/2017 12:32 PM, Jan Stefanovic wrote:
> Thanks Dimitri!!!
>
> How about the client's bacula-fd.conf?
> can you cut/paste some info?
>
> as well, how do you run the script to create ssh tunnel?
> Is backup job running it or you do it manually?

I don't, that was just off the top of my head.

You'd have to ask somebody (Kern?) exactly how it works: will RunScript
run before the director tries to contact the client or after -- if it's
the latter, it won't work.

--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users

signature.asc (197 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Bacula ssh tunnel - not working

Wanderlei Huttel
Hello Stefanovic

The commands to run scripts on server is "RunBeforeJob" or "RunAfterJob"


Best Regards

Wanderlei Hüttel

2017-02-23 15:49 GMT-03:00 Dimitri Maziuk <[hidden email]>:
On 02/23/2017 12:32 PM, Jan Stefanovic wrote:
> Thanks Dimitri!!!
>
> How about the client's bacula-fd.conf?
> can you cut/paste some info?
>
> as well, how do you run the script to create ssh tunnel?
> Is backup job running it or you do it manually?

I don't, that was just off the top of my head.

You'd have to ask somebody (Kern?) exactly how it works: will RunScript
run before the director tries to contact the client or after -- if it's
the latter, it won't work.

--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Bacula ssh tunnel - not working

Jan Stefanovic

Thank you Wanderlei!

 

I am used to run ClientRunbefore job for SQL dumps and it works great, but somehow

this RunBeforeJob is not doing it for me, as I can see the ssh channel is not up.

When running script manually, ssh channel is up on both sides…

 

but when calling it from bconsole, no luck…

Really need to see someone’s working scenario

 

 

Thanks, take care

 

Jan Stefanovic

IT Systems Administrator

 

p | (604) 299-0458 x268

e | [hidden email]

u | www.tantalus.com

 

Tantalus Logo

CONFIDENTIALITY NOTICE.  This documentation, including any attachments, transmitted by electronic mail is intended for the use of the individual to whom or the entity to which it is addressed, and may contain information which is proprietary, confidential, privileged and/or protected from disclosure by applicable laws. Confidentiality and privilege are not lost by this documentation having been sent to the wrong electronic mail address. If you are not the intended recipient (or the person responsible for delivering thereto) please immediately notify the sender and destroy this documentation and all copies (in any form and media); and note that any distribution, reproduction or other use of this documentation is strictly prohibited and may violate public and intellectual property laws.  Thank you.

 

From: Wanderlei Huttel [mailto:[hidden email]]
Sent: Thursday, February 23, 2017 11:02 AM
To: Dimitri Maziuk
Cc: Jan Stefanovic; [hidden email]
Subject: Re: [Bacula-users] Bacula ssh tunnel - not working

 

Hello Stefanovic

 

The commands to run scripts on server is "RunBeforeJob" or "RunAfterJob"

 

 

Best Regards

 

Wanderlei Hüttel

 

2017-02-23 15:49 GMT-03:00 Dimitri Maziuk <[hidden email]>:

On 02/23/2017 12:32 PM, Jan Stefanovic wrote:
> Thanks Dimitri!!!
>
> How about the client's bacula-fd.conf?
> can you cut/paste some info?
>
> as well, how do you run the script to create ssh tunnel?
> Is backup job running it or you do it manually?

I don't, that was just off the top of my head.

You'd have to ask somebody (Kern?) exactly how it works: will RunScript
run before the director tries to contact the client or after -- if it's
the latter, it won't work.


--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users

 


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Bacula ssh tunnel - not working

Wanderlei Huttel
Could you post some information?
- Job configuration
- Job log of job with problem (list joblog jobid=XXX)
- Script that you are using
- Permission from script (ls -lh /..../script.sh) (your script)

Best Regards

Wanderlei Hüttel

2017-02-23 16:59 GMT-03:00 Jan Stefanovic <[hidden email]>:

Thank you Wanderlei!

 

I am used to run ClientRunbefore job for SQL dumps and it works great, but somehow

this RunBeforeJob is not doing it for me, as I can see the ssh channel is not up.

When running script manually, ssh channel is up on both sides…

 

but when calling it from bconsole, no luck…

Really need to see someone’s working scenario

 

 

Thanks, take care

 

Jan Stefanovic

IT Systems Administrator

 

p | <a href="tel:(604)%20299-0458" value="+16042990458" target="_blank">(604) 299-0458 x268

e | [hidden email]

u | www.tantalus.com

 

Tantalus Logo

CONFIDENTIALITY NOTICE.  This documentation, including any attachments, transmitted by electronic mail is intended for the use of the individual to whom or the entity to which it is addressed, and may contain information which is proprietary, confidential, privileged and/or protected from disclosure by applicable laws. Confidentiality and privilege are not lost by this documentation having been sent to the wrong electronic mail address. If you are not the intended recipient (or the person responsible for delivering thereto) please immediately notify the sender and destroy this documentation and all copies (in any form and media); and note that any distribution, reproduction or other use of this documentation is strictly prohibited and may violate public and intellectual property laws.  Thank you.

 

From: Wanderlei Huttel [mailto:[hidden email]]
Sent: Thursday, February 23, 2017 11:02 AM
To: Dimitri Maziuk
Cc: Jan Stefanovic; [hidden email]
Subject: Re: [Bacula-users] Bacula ssh tunnel - not working

 

Hello Stefanovic

 

The commands to run scripts on server is "RunBeforeJob" or "RunAfterJob"

 

 

Best Regards

 

Wanderlei Hüttel

 

2017-02-23 15:49 GMT-03:00 Dimitri Maziuk <[hidden email]>:

On 02/23/2017 12:32 PM, Jan Stefanovic wrote:
> Thanks Dimitri!!!
>
> How about the client's bacula-fd.conf?
> can you cut/paste some info?
>
> as well, how do you run the script to create ssh tunnel?
> Is backup job running it or you do it manually?

I don't, that was just off the top of my head.

You'd have to ask somebody (Kern?) exactly how it works: will RunScript
run before the director tries to contact the client or after -- if it's
the latter, it won't work.


--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users

 



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Bacula ssh tunnel - not working

Jan Stefanovic

Hi guys,

 

thanks for all your help, it turned to be my stupid copy/paste mistake.

I had ClientRunBeforeJob instead of RunBeforeJob

so poor bacula was trying to run the sshtunnel script on the client.

 

Fixed and now my sshtunnel works

 

*message

23-Feb 14:54 bacula7-dir JobId 268: shell command: run BeforeJob "/etc/bacula/scripts/sshbacula.sh"

23-Feb 14:54 bacula7-dir JobId 268: BeforeJob: Starting SSH-tunnel to centos7...

 

*message

23-Feb 14:54 bacula7-dir JobId 268: Start Backup JobId 268, Job=centos7.2017-02-23_14.54.19_04

23-Feb 14:54 bacula7-dir JobId 268: Using Device "FileStorage" to write.

23-Feb 14:54 bacula-sd JobId 268: Volume "VirtualTape-Dev-0014" previously written, moving to end of data.

23-Feb 14:54 bacula-sd JobId 268: Ready to append to end of Volume "VirtualTape-Dev-0014" size=1,261,100,974

*

You have messages.

*

*message

23-Feb 14:54 bacula-sd JobId 268: Elapsed time=00:00:04, Transfer rate=2.963 M Bytes/second

23-Feb 14:54 bacula-sd JobId 268: Sending spooled attrs to the Director. Despooling 1,014,342 bytes ...

23-Feb 14:54 bacula7-dir JobId 268: Bacula bacula7-dir 7.0.5 (28Jul14):

  Build OS:               x86_64-redhat-linux-gnu redhat Enterprise release

  JobId:                  268

  Job:                    centos7.2017-02-23_14.54.19_04

  Backup Level:           Full

  Client:                 "centos7-fd" 5.2.13 (19Jan13) x86_64-redhat-linux-gnu,redhat,(Core)

  FileSet:                "centos7" 2017-02-20 13:06:34

  Pool:                   "DevServersFile" (From Job resource)

  Catalog:                "MyCatalog" (From Client resource)

  Storage:                "File" (From Job resource)

  Scheduled time:         23-Feb-2017 14:54:11

  Start time:             23-Feb-2017 14:54:31

  End time:               23-Feb-2017 14:54:36

  Elapsed time:           5 secs

  Priority:               10

  FD Files Written:       3,912

  SD Files Written:       3,912

  FD Bytes Written:       11,377,350 (11.37 MB)

  SD Bytes Written:       11,852,637 (11.85 MB)

  Rate:                   2275.5 KB/s

  Software Compression:   63.9% 2.8:1

  VSS:                    no

  Encryption:             no

  Accurate:               no

  Volume name(s):         VirtualTape-Dev-0014

  Volume Session Id:      1

  Volume Session Time:    1487890429

  Last Volume Bytes:      1,273,077,031 (1.273 GB)

  Non-fatal FD errors:    0

  SD Errors:              0

  FD termination status:  OK

  SD termination status:  OK

  Termination:            Backup OK

 

23-Feb 14:54 bacula7-dir JobId 268: Begin pruning Jobs older than 6 months .

23-Feb 14:54 bacula7-dir JobId 268: No Jobs found to prune.

23-Feb 14:54 bacula7-dir JobId 268: Begin pruning Files.

23-Feb 14:54 bacula7-dir JobId 268: No Files found to prune.

23-Feb 14:54 bacula7-dir JobId 268: End auto prune.

 

*

 

 

Thanks, take care

 

Jan Stefanovic

IT Systems Administrator

 

p | (604) 299-0458 x268

e | [hidden email]

u | www.tantalus.com

 

Tantalus Logo

CONFIDENTIALITY NOTICE.  This documentation, including any attachments, transmitted by electronic mail is intended for the use of the individual to whom or the entity to which it is addressed, and may contain information which is proprietary, confidential, privileged and/or protected from disclosure by applicable laws. Confidentiality and privilege are not lost by this documentation having been sent to the wrong electronic mail address. If you are not the intended recipient (or the person responsible for delivering thereto) please immediately notify the sender and destroy this documentation and all copies (in any form and media); and note that any distribution, reproduction or other use of this documentation is strictly prohibited and may violate public and intellectual property laws.  Thank you.

 

From: Wanderlei Huttel [mailto:[hidden email]]
Sent: Thursday, February 23, 2017 12:11 PM
To: Jan Stefanovic
Cc: [hidden email]
Subject: Re: [Bacula-users] Bacula ssh tunnel - not working

 

Could you post some information?

- Job configuration

- Job log of job with problem (list joblog jobid=XXX)
- Script that you are using

- Permission from script (ls -lh /..../script.sh) (your script)


Best Regards

 

Wanderlei Hüttel

 

2017-02-23 16:59 GMT-03:00 Jan Stefanovic <[hidden email]>:

Thank you Wanderlei!

 

I am used to run ClientRunbefore job for SQL dumps and it works great, but somehow

this RunBeforeJob is not doing it for me, as I can see the ssh channel is not up.

When running script manually, ssh channel is up on both sides…

 

but when calling it from bconsole, no luck…

Really need to see someone’s working scenario

 

 

Thanks, take care

 

Jan Stefanovic

IT Systems Administrator

 

p | <a href="tel:(604)%20299-0458" target="_blank">(604) 299-0458 x268

e | [hidden email]

u | www.tantalus.com

 

Tantalus Logo

CONFIDENTIALITY NOTICE.  This documentation, including any attachments, transmitted by electronic mail is intended for the use of the individual to whom or the entity to which it is addressed, and may contain information which is proprietary, confidential, privileged and/or protected from disclosure by applicable laws. Confidentiality and privilege are not lost by this documentation having been sent to the wrong electronic mail address. If you are not the intended recipient (or the person responsible for delivering thereto) please immediately notify the sender and destroy this documentation and all copies (in any form and media); and note that any distribution, reproduction or other use of this documentation is strictly prohibited and may violate public and intellectual property laws.  Thank you.

 

From: Wanderlei Huttel [mailto:[hidden email]]
Sent: Thursday, February 23, 2017 11:02 AM
To: Dimitri Maziuk
Cc: Jan Stefanovic; [hidden email]
Subject: Re: [Bacula-users] Bacula ssh tunnel - not working

 

Hello Stefanovic

 

The commands to run scripts on server is "RunBeforeJob" or "RunAfterJob"

 

 

Best Regards

 

Wanderlei Hüttel

 

2017-02-23 15:49 GMT-03:00 Dimitri Maziuk <[hidden email]>:

On 02/23/2017 12:32 PM, Jan Stefanovic wrote:
> Thanks Dimitri!!!
>
> How about the client's bacula-fd.conf?
> can you cut/paste some info?
>
> as well, how do you run the script to create ssh tunnel?
> Is backup job running it or you do it manually?

I don't, that was just off the top of my head.

You'd have to ask somebody (Kern?) exactly how it works: will RunScript
run before the director tries to contact the client or after -- if it's
the latter, it won't work.


--
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users

 

 


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-users
Loading...