diff --git a/DartTestfile.txt.in b/DartTestfile.txt.in index e55fdec..65a4b2e 100644 --- a/DartTestfile.txt.in +++ b/DartTestfile.txt.in @@ -86,6 +86,7 @@ ADD_TEST(disk:stats-test "@regressdir@/tests/stats-test") ADD_TEST(disk:three-pool-test "@regressdir@/tests/three-pool-test") ADD_TEST(disk:tls-duplicate-job-test "@regressdir@/tests/tls-duplicate-job-test") ADD_TEST(disk:tls-test "@regressdir@/tests/tls-test") +ADD_TEST(disk:tls-passive-test "@regressdir@/tests/tls-passive-test") ADD_TEST(disk:two-jobs-test "@regressdir@/tests/two-jobs-test") ADD_TEST(disk:two-pool-test "@regressdir@/tests/two-pool-test") ADD_TEST(disk:two-vol-test "@regressdir@/tests/two-vol-test") diff --git a/scripts/tls-bareos-dir-passive.conf.in b/scripts/tls-bareos-dir-passive.conf.in new file mode 100644 index 0000000..2e07650 --- /dev/null +++ b/scripts/tls-bareos-dir-passive.conf.in @@ -0,0 +1,391 @@ +# +# Default Bareos Director Configuration file +# +# The only thing that MUST be changed is to add one or more +# file or directory names in the Include directive of the +# FileSet resource. +# +# You might also want to change the default email address +# from root to your address. See the "mail" and "operator" +# directives in the Messages resource. +# + +Director { # define myself + Name = localhost-dir + DIRPort = @dirport@ # where we listen for UA connections + QueryFile = "@scriptdir@/query.sql" + WorkingDirectory = "@working_dir@" + PidDirectory = "@piddir@" + Maximum Concurrent Jobs = 10 + Password = "pNvX1WiXnwv2C/F7E52LGvw6rKjbbPvu2kyuPa9pVaL3" # Console password + Messages = Standard +} + +# +# Define the main nightly save backup job +# By default, this job will back up to disk in @tmpdir@ +Job { + Name = "NightlySave" + Type = Backup + Client=localhost-fd + FileSet="Full Set" + Storage = File + Messages = Standard + Pool = Default + Write Bootstrap = "@working_dir@/NightlySave.bsr" + Maximum Concurrent Jobs = 10 + SpoolData=yes +} + +Job { + Name = "MonsterSave" + Type = Backup + Client=localhost-fd + FileSet="Full Set" + Storage = File1 + Messages = Standard + Pool = Default + Write Bootstrap = "@working_dir@/NightlySave.bsr" + Max Run Time = 30min + Maximum Concurrent Jobs = 10 + SpoolData=yes +} + + +Job { + Name = "VerifyVolume" + Type = Verify + Level = VolumeToCatalog + Client=localhost-fd + FileSet="Full Set" + Storage = File + Messages = Standard + Pool = Default + Write Bootstrap = "@working_dir@/NightlySave.bsr" +} + + +Job { + Name = "SparseTest" + Type = Backup + Client=localhost-fd + FileSet="SparseSet" + Storage = File + Messages = Standard + Pool = Default + Write Bootstrap = "@working_dir@/NightlySave.bsr" + Max Run Time = 30min + Maximum Concurrent Jobs = 10 + SpoolData=yes +} + +Job { + Name = "CompressedTest" + Type = Backup + Client=localhost-fd + FileSet="CompressedSet" + Storage = File + Messages = Standard + Pool = Default + Max Run Time = 30min + Maximum Concurrent Jobs = 10 + SpoolData=yes + Write Bootstrap = "@working_dir@/NightlySave.bsr" +} + +Job { + Name = "SparseCompressedTest" + Type = Backup + Client=localhost-fd + FileSet="SparseCompressedSet" + Storage = File + Messages = Standard + Pool = Default + Write Bootstrap = "@working_dir@/NightlySave.bsr" + Max Run Time = 30min + Maximum Concurrent Jobs = 10 + SpoolData=yes +} + +Job { + Name = "FIFOTest" + Type = Backup + Client=localhost-fd + FileSet="FIFOSet" + Storage = File + Messages = Standard + Pool = Default + Write Bootstrap = "@working_dir@/NightlySave.bsr" + ClientRunBeforeJob = "sleep 5" +} + + + +# Backup the catalog database (after the nightly save) +Job { + Name = "BackupCatalog" + Type = Backup + Client=localhost-fd + FileSet="Catalog" +# Schedule = "WeeklyCycleAfterBackup" + Storage = File + Messages = Standard + Pool = Default + # This creates an ASCII copy of the catalog + RunBeforeJob = "@sbindir@/make_catalog_backup -u regress" + # This deletes the copy of the catalog + RunAfterJob = "@sbindir@/delete_catalog_backup" + Write Bootstrap = "@working_dir@/BackupCatalog.bsr" +} + +JobDefs { + Name = "BackupJob" + Type = Backup + Pool = Default + Storage = File + Messages = Standard + Priority = 10 +} + +Job { + JobDefs = "BackupJob" + Name = "bug621-job-1" + Client = localhost-fd + FileSet="Full Set" + ClientRunBeforeJob = "sleep 5" +} + +Job { + JobDefs = "BackupJob" + Name = "bug621-job-2" + Client = localhost-fd + FileSet = "Full Set" + Max Run Time = 30 + Priority = 15 +} + + +# Standard Restore template, to be changed by Console program +Job { + Name = "RestoreFiles" + Type = Restore + Client=localhost-fd + FileSet="Full Set" + Storage = File + Messages = Standard + Pool = Default + Where = @tmpdir@/bareos-restores +} + + +# List of files to be backed up +FileSet { + Name = "Full Set" + Include { Options { signature=MD5 } + File = <@tmpdir@/file-list + } +} + +FileSet { + Name = "SparseSet" + Include { + Options { + signature=MD5 + sparse=yes + } + File = <@tmpdir@/file-list + } +} + +FileSet { + Name = "CompressedSet" + Include { + Options { + signature=MD5 + compression=GZIP + } + File = <@tmpdir@/file-list + } +} + +FileSet { + Name = "FIFOSet" + Include { + Options { + readfifo = yes + signature=MD5 + } + File = <@tmpdir@/file-list + } +} + + +FileSet { + Name = "SparseCompressedSet" + Include { + Options { + signature=MD5 + compression=GZIP + sparse=yes + } + File = <@tmpdir@/file-list + } +} + + + +# +# When to do the backups, full backup on first sunday of the month, +# differential (i.e. incremental since full) every other sunday, +# and incremental backups other days +Schedule { + Name = "WeeklyCycle" + Run = Level=Full 1st sun at 1:05 + Run = Level=Differential 2nd-5th sun at 1:05 + Run = Level=Incremental mon-sat at 1:05 +} + +# This schedule does the catalog. It starts after the WeeklyCycle +Schedule { + Name = "WeeklyCycleAfterBackup" + Run = Level=Full sun-sat at 1:10 +} + +# This is the backup of the catalog +FileSet { + Name = "Catalog" + Include { + Options { + signature=MD5 + } + File = /home/kern/bareos/regress/bin/working/bareos.sql + } +} + +# Client (File Services) to backup +Client { + Name = localhost-fd + Address = localhost + FDPort = @fdport@ + Catalog = MyCatalog + Password = "xevrjURYoCHhn26RaJoWbeWXEY/a3VqGKp/37tgWiuHc" # password for FileDaemon + File Retention = 30d # 30 days + Job Retention = 180d # six months + AutoPrune = yes # Prune expired Jobs/Files + Maximum Concurrent Jobs = 10 + TLS Require = yes + TLS Certificate = "@scriptdir@/tls-cert.pem" + TLS Key = "@scriptdir@/tls-cert.pem" + TLS CA Certificate File = "@scriptdir@/tls-CA.pem" + Passive = Yes +} + +# Definiton of file storage device +Storage { + Name = File + Address = localhost # N.B. Use a fully qualified name here + SDPort = @sdport@ + Password = "ccV3lVTsQRsdIUGyab0N4sMDavui2hOBkmpBU0aQKOr9" + Device = FileStorage + Media Type = File + Maximum Concurrent Jobs = 10 + TLS Require = yes + TLS Certificate = "@scriptdir@/tls-cert.pem" + TLS Key = "@scriptdir@/tls-cert.pem" + TLS CA Certificate File = "@scriptdir@/tls-CA.pem" +} + +Storage { + Name = File1 + Address = localhost # N.B. Use a fully qualified name here + SDPort = @sdport@ + Password = "ccV3lVTsQRsdIUGyab0N4sMDavui2hOBkmpBU0aQKOr9" + Device = FileStorage1 + Media Type = File1 + Maximum Concurrent Jobs = 10 + TLS Require = yes + TLS Certificate = "@scriptdir@/tls-cert.pem" + TLS Key = "@scriptdir@/tls-cert.pem" + TLS CA Certificate File = "@scriptdir@/tls-CA.pem" +} + + +# Definition of DLT tape storage device +#Storage { +# Name = DLTDrive +# Address = localhost # N.B. Use a fully qualified name here +# SDPort = @sdport@ +# Password = "ccV3lVTsQRsdIUGyab0N4sMDavui2hOBkmpBU0aQKOr9" # password for Storage daemon +# Device = "HP DLT 80" # must be same as Device in Storage daemon +# Media Type = DLT8000 # must be same as MediaType in Storage daemon +#} + +# Definition of DDS tape storage device +#Storage { +# Name = SDT-10000 +# Address = localhost # N.B. Use a fully qualified name here +# SDPort = @sdport@ +# Password = "ccV3lVTsQRsdIUGyab0N4sMDavui2hOBkmpBU0aQKOr9" # password for Storage daemon +# Device = SDT-10000 # must be same as Device in Storage daemon +# Media Type = tape # must be same as MediaType in Storage daemon +#} + +# Definition of 8mm tape storage device +#Storage { +# Name = "8mmDrive" +# Address = localhost # N.B. Use a fully qualified name here +# SDPort = @sdport@ +# Password = "ccV3lVTsQRsdIUGyab0N4sMDavui2hOBkmpBU0aQKOr9" +# Device = "Exabyte 8mm" +# MediaType = "8mm" +#} + + +# Generic catalog service +Catalog { + Name = MyCatalog + @libdbi@ + dbname = @db_name@; user = @db_user@; password = "@db_password@" +} + +# Reasonable message delivery -- send most everything to email address +# and to the console +Messages { + Name = Standard + mailcommand = "@sbindir@/bsmtp -h localhost -f \"\(Bareos regression\) %r\" -s \"Regression: %t %e of %c %l\" %r" +# operatorcommand = "@sbindir@/bsmtp -h localhost -f \"\(Bareos regression\) %r\" -s \"Regression: Intervention needed for %j\" %r" +# MailOnError = @job_email@ = all +# operator = @job_email@ = mount + console = all, !skipped, !terminate, !restored, !audit +# +# WARNING! the following will create a file that you must cycle from +# time to time as it will grow indefinitely. However, it will +# also keep all your messages if the scroll off the console. +# + append = "@working_dir@/log" = all, !skipped, !audit + catalog = all, !skipped, !audit +} + +Messages { + Name = NoEmail + mailcommand = "@sbindir@/bsmtp -h localhost -f \"\(Bareos regression\) %r\" -s \"Regression: %t %e of %c %l\" %r" + console = all, !skipped, !terminate, !audit +# +# WARNING! the following will create a file that you must cycle from +# time to time as it will grow indefinitely. However, it will +# also keep all your messages if the scroll off the console. +# + append = "@working_dir@/log" = all, !skipped, !audit + catalog = all, !skipped, !audit +} + + +# Default pool definition +Pool { + Name = Default + Pool Type = Backup + Recycle = yes # Bareos can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365d # one year +# Label Format = "TEST-${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}:${NumVols}" +} diff --git a/scripts/tls-bareos-fd-passive.conf.in b/scripts/tls-bareos-fd-passive.conf.in new file mode 100644 index 0000000..fa4fd25 --- /dev/null +++ b/scripts/tls-bareos-fd-passive.conf.in @@ -0,0 +1,41 @@ +# +# Default Bareos File Daemon Configuration file +# +# There is not much to change here except perhaps the +# File daemon Name to +# + +# +# List Directors who are permitted to contact this File daemon +# +Director { + Name = localhost-dir + Password = "xevrjURYoCHhn26RaJoWbeWXEY/a3VqGKp/37tgWiuHc" + TLS Require = yes + TLS Certificate = "@scriptdir@/tls-cert.pem" + TLS Key = "@scriptdir@/tls-cert.pem" + TLS CA Certificate File = "@scriptdir@/tls-CA.pem" +} + +# +# "Global" File daemon configuration specifications +# +FileDaemon { # this is me + Name = localhost-fd + FDPort = @fdport@ # where we listen for the director + WorkingDirectory = "@working_dir@" + Pid Directory = "@piddir@" + Plugin Directory = "@sbindir@/plugins" + Maximum Concurrent Jobs = 100 + TLS Require = yes + TLS Certificate = "@scriptdir@/tls-cert.pem" + TLS Key = "@scriptdir@/tls-cert.pem" + TLS CA Certificate File = "@scriptdir@/tls-CA.pem" + Compatible = No +} + +# Send all messages except skipped files back to Director +Messages { + Name = Standard + director = localhost-dir = all, !terminate, !restored, !audit +} diff --git a/tests/tls-passive-test b/tests/tls-passive-test new file mode 100755 index 0000000..fe6d517 --- /dev/null +++ b/tests/tls-passive-test @@ -0,0 +1,57 @@ +#!/bin/sh +# +# Run a simple backup of the Bareos build directory with TLS +# communications code enabled then restore it. +# +TestName="tls-passive-test" +JobName=tls +. scripts/functions + +scripts/cleanup +#scripts/copy-tls-confs + +/bin/cp -f scripts/tls-bareos-dir-passive.conf bin/bareos-dir.conf +/bin/cp -f scripts/tls-bareos-sd.conf bin/bareos-sd.conf +/bin/cp -f scripts/tls-bareos-fd-passive.conf bin/bareos-fd.conf +/bin/cp -f scripts/test-console.conf bin/bconsole.conf +/bin/cp -f scripts/test-console.conf bin/bat.conf +/bin/cp -f scripts/tls-CA.pem bin/tls-CA.pem +/bin/cp -f scripts/tls-cert.pem bin/tls-cert.pem + + +echo "${cwd}/build" >${cwd}/tmp/file-list + +change_jobname CompressedTest $JobName +start_test + +cat <tmp/bconcmds +messages +@$out tmp/log1.out +status all +status all +messages +label storage=File volume=TestVolume001 pool=Default +run job=$JobName storage=File yes +wait +messages +@# +@# now do a restore +@# +@$out tmp/log2.out +restore where=${cwd}/tmp/bareos-restores select storage=File +unmark * +mark * +done +yes +wait +messages +quit +END_OF_DATA + +run_bareos +check_for_zombie_jobs storage=File +stop_bareos + +check_two_logs +check_restore_diff +end_test