Skip to content
Permalink
Browse files

systemtest: add backup-bareos-notls test

Bug #1192: Authorization key rejected by Storage daemon since upgrading
director and storage daemons

This test runs a set of backups on a client with TLS disabled. This
triggers a problem in the SD where the authentication of an unencrypted
FD will fail sometimes.

(cherry picked from commit c4ad3a3)
  • Loading branch information
arogge committed Feb 21, 2020
1 parent 548c703 commit c11f4882db0db77bd20af6e6957145eecb5c41d8
Showing with 379 additions and 0 deletions.
  1. +1 −0 systemtests/CMakeLists.txt
  2. +8 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/catalog/MyCatalog.conf.in
  3. +9 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/client/bareos-fd.conf.in
  4. +7 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/console/bareos-mon.conf.in
  5. +27 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/director/bareos-dir.conf.in
  6. +11 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/fileset/Catalog.conf.in
  7. +11 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/fileset/SelfTest.conf.in
  8. +20 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/job/BackupCatalog.conf.in
  9. +11 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/job/RestoreFiles.conf.in
  10. +5 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/job/backup-bareos-fd.conf.in
  11. +15 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/jobdefs/DefaultJob.conf.in
  12. +7 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/messages/Daemon.conf.in
  13. +7 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/messages/Standard.conf.in
  14. +10 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/pool/Differential.conf
  15. +10 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/pool/Full.conf
  16. +10 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/pool/Incremental.conf
  17. +4 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/pool/Scratch.conf
  18. +18 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/profile/operator.conf
  19. +8 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-dir.d/storage/File.conf.in
  20. +21 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-fd.d/client/myself.conf.in
  21. +7 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-fd.d/director/bareos-dir.conf.in
  22. +6 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-fd.d/director/bareos-mon.conf.in
  23. +5 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-fd.d/messages/Standard.conf
  24. +11 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-sd.d/device/FileStorage.conf.in
  25. +5 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-sd.d/director/bareos-dir.conf.in
  26. +6 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-sd.d/director/bareos-mon.conf.in
  27. +5 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-sd.d/messages/Standard.conf
  28. +14 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bareos-sd.d/storage/bareos-sd.conf.in
  29. +10 −0 systemtests/tests/backup-bareos-notls/etc/bareos/bconsole.conf.in
  30. +5 −0 systemtests/tests/backup-bareos-notls/etc/bareos/tray-monitor.d/client/FileDaemon-local.conf.in
  31. +4 −0 systemtests/tests/backup-bareos-notls/etc/bareos/tray-monitor.d/director/Director-local.conf.in
  32. +7 −0 systemtests/tests/backup-bareos-notls/etc/bareos/tray-monitor.d/monitor/bareos-mon.conf.in
  33. +5 −0 systemtests/tests/backup-bareos-notls/etc/bareos/tray-monitor.d/storage/StorageDaemon-local.conf.in
  34. +69 −0 systemtests/tests/backup-bareos-notls/testrunner
@@ -570,6 +570,7 @@ endforeach()
set(tests_dir ${PROJECT_BINARY_DIR}/tests)
set(SYSTEM_TESTS
backup-bareos-test
backup-bareos-notls
backup-bareos-passive-test
multiplied-device-test
virtualfull
@@ -0,0 +1,8 @@
Catalog {
Name = MyCatalog
#dbdriver = "@DEFAULT_DB_TYPE@"
dbdriver = "XXX_REPLACE_WITH_DATABASE_DRIVER_XXX"
dbname = "@db_name@"
dbuser = "@db_user@"
dbpassword = "@db_password@"
}
@@ -0,0 +1,9 @@
Client {
Name = bareos-fd
Description = "Client resource of the Director itself."
Address = localhost
Password = "@fd_password@" # password for FileDaemon
FD PORT = @fd_port@
TLS Enable = no
TLS Require = no
}
@@ -0,0 +1,7 @@
Console {
Name = bareos-mon
Description = "Restricted console used by tray-monitor to get the status of the director."
Password = "@mon_dir_password@"
CommandACL = status, .status
JobACL = *all*
}
@@ -0,0 +1,27 @@
Director { # define myself
Name = bareos-dir
QueryFile = "@scriptdir@/query.sql"
Maximum Concurrent Jobs = 10
Password = "@dir_password@" # Console password
Messages = Daemon
Auditing = yes

# Enable the Heartbeat if you experience connection losses
# (eg. because of your router or firewall configuration).
# Additionally the Heartbeat can be enabled in bareos-sd and bareos-fd.
#
# Heartbeat Interval = 1 min

# remove comment in next line to load dynamic backends from specified directory
Backend Directory = @backenddir@

# remove comment from "Plugin Directory" to load plugins from specified directory.
# if "Plugin Names" is defined, only the specified plugins will be loaded,
# otherwise all director plugins (*-dir.so) from the "Plugin Directory".
#
# Plugin Directory = "@python_plugin_module_src_dir@"
# Plugin Names = ""
Working Directory = "@working_dir@"
Pid Directory = "@piddir@"
DirPort = @dir_port@
}
@@ -0,0 +1,11 @@
FileSet {
Name = "Catalog"
Description = "Backup the catalog dump and Bareos configuration files."
Include {
Options {
signature = MD5
}
File = "@working_dir@/@db_name@.sql" # database dump
File = "@confdir@" # configuration
}
}
@@ -0,0 +1,11 @@
FileSet {
Name = "SelfTest"
Description = "fileset just to backup some files for selftest"
Include {
Options {
Signature = MD5 # calculate md5 checksum per file
}
#File = "@sbindir@"
File=<@tmpdir@/file-list
}
}
@@ -0,0 +1,20 @@
Job {
Name = "BackupCatalog"
Description = "Backup the catalog database (after the nightly save)"
JobDefs = "DefaultJob"
Level = Full
FileSet="Catalog"

# This creates an ASCII copy of the catalog
# Arguments to make_catalog_backup.pl are:
# make_catalog_backup.pl <catalog-name>
RunBeforeJob = "@scriptdir@/make_catalog_backup.pl MyCatalog"

# This deletes the copy of the catalog
RunAfterJob = "@scriptdir@/delete_catalog_backup"

# This sends the bootstrap via mail for disaster recovery.
# Should be sent to another system, please change recipient accordingly
Write Bootstrap = "|@bindir@/bsmtp -h @smtp_host@ -f \"\(Bareos\) \" -s \"Bootstrap for Job %j\" @job_email@" # (#01)
Priority = 11 # run after main backup
}
@@ -0,0 +1,11 @@
Job {
Name = "RestoreFiles"
Description = "Standard Restore template. Only one such job is needed for all standard Jobs/Clients/Storage ..."
Type = Restore
Client = bareos-fd
FileSet = SelfTest
Storage = File
Pool = Incremental
Messages = Standard
Where = @tmp@/bareos-restores
}
@@ -0,0 +1,5 @@
Job {
Name = "backup-bareos-fd"
JobDefs = "DefaultJob"
Client = "bareos-fd"
}
@@ -0,0 +1,15 @@
JobDefs {
Name = "DefaultJob"
Type = Backup
Level = Incremental
Client = bareos-fd
FileSet = "SelfTest"
Storage = File
Messages = Standard
Pool = Incremental
Priority = 10
Write Bootstrap = "@working_dir@/%c.bsr"
Full Backup Pool = Full # write Full Backups into "Full" Pool
Differential Backup Pool = Differential # write Diff Backups into "Differential" Pool
Incremental Backup Pool = Incremental # write Incr Backups into "Incremental" Pool
}
@@ -0,0 +1,7 @@
Messages {
Name = Daemon
Description = "Message delivery for daemon messages (no job)."
console = all, !skipped, !saved, !audit
append = "@logdir@/bareos.log" = all, !skipped, !audit
append = "@logdir@/bareos-audit.log" = audit
}
@@ -0,0 +1,7 @@
Messages {
Name = Standard
Description = "Reasonable message delivery -- send most everything to email address and to the console."
console = all, !skipped, !saved, !audit
append = "@logdir@/bareos.log" = all, !skipped, !saved, !audit
catalog = all, !skipped, !saved, !audit
}
@@ -0,0 +1,10 @@
Pool {
Name = Differential
Pool Type = Backup
Recycle = yes # Bareos can automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 90 days # How long should the Differential Backups be kept? (#09)
Maximum Volume Bytes = 10G # Limit Volume size to something reasonable
Maximum Volumes = 100 # Limit number of Volumes in Pool
Label Format = "Differential-" # Volumes will be labeled "Differential-<volume-id>"
}
@@ -0,0 +1,10 @@
Pool {
Name = Full
Pool Type = Backup
Recycle = yes # Bareos can automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 365 days # How long should the Full Backups be kept? (#06)
Maximum Volume Bytes = 50G # Limit Volume size to something reasonable
Maximum Volumes = 100 # Limit number of Volumes in Pool
Label Format = "Full-" # Volumes will be labeled "Full-<volume-id>"
}
@@ -0,0 +1,10 @@
Pool {
Name = Incremental
Pool Type = Backup
Recycle = yes # Bareos can automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 30 days # How long should the Incremental Backups be kept? (#12)
Maximum Volume Bytes = 1G # Limit Volume size to something reasonable
Maximum Volumes = 100 # Limit number of Volumes in Pool
Label Format = "Incremental-" # Volumes will be labeled "Incremental-<volume-id>"
}
@@ -0,0 +1,4 @@
Pool {
Name = Scratch
Pool Type = Scratch
}
@@ -0,0 +1,18 @@
Profile {
Name = operator
Description = "Profile allowing normal Bareos operations."

Command ACL = !.bvfs_clear_cache, !.exit, !.sql
Command ACL = !configure, !create, !delete, !purge, !prune, !sqlquery, !umount, !unmount
Command ACL = *all*

Catalog ACL = *all*
Client ACL = *all*
FileSet ACL = *all*
Job ACL = *all*
Plugin Options ACL = *all*
Pool ACL = *all*
Schedule ACL = *all*
Storage ACL = *all*
Where ACL = *all*
}
@@ -0,0 +1,8 @@
Storage {
Name = File
Address = @hostname@ # N.B. Use a fully qualified name here (do not use "localhost" here).
Password = "@sd_password@"
Device = FileStorage
Media Type = File
SD Port = @sd_port@
}
@@ -0,0 +1,21 @@
Client {
Name = @basename@-fd
Maximum Concurrent Jobs = 20

# remove comment from "Plugin Directory" to load plugins from specified directory.
# if "Plugin Names" is defined, only the specified plugins will be loaded,
# otherwise all filedaemon plugins (*-fd.so) from the "Plugin Directory".
#
# Plugin Directory = "@python_plugin_module_src_fd@"
# Plugin Names = ""

# if compatible is set to yes, we are compatible with bacula
# if set to no, new bareos features are enabled which is the default
# compatible = yes

Working Directory = "@working_dir@"
Pid Directory = "@piddir@"
FD Port = @fd_port@
TLS Enable = no
TLS Require = no
}
@@ -0,0 +1,7 @@
Director {
Name = bareos-dir
Password = "@fd_password@"
Description = "Allow the configured Director to access this file daemon."
TLS Enable = no
TLS Require = no
}
@@ -0,0 +1,6 @@
Director {
Name = bareos-mon
Password = "@mon_fd_password@"
Monitor = yes
Description = "Restricted Director, used by tray-monitor to get the status of this file daemon."
}
@@ -0,0 +1,5 @@
Messages {
Name = Standard
Director = bareos-dir = all, !skipped, !restored
Description = "Send relevant messages to the Director."
}
@@ -0,0 +1,11 @@
Device {
Name = FileStorage
Media Type = File
Archive Device = @archivedir@
LabelMedia = yes; # lets Bareos label unlabeled media
Random Access = yes;
AutomaticMount = yes; # when device opened, read it
RemovableMedia = no;
AlwaysOpen = no;
Description = "File device. A connecting Director must have the same Name and MediaType."
}
@@ -0,0 +1,5 @@
Director {
Name = bareos-dir
Password = "@sd_password@"
Description = "Director, who is permitted to contact this storage daemon."
}
@@ -0,0 +1,6 @@
Director {
Name = bareos-mon
Password = "@mon_sd_password@"
Monitor = yes
Description = "Restricted Director, used by tray-monitor to get the status of this storage daemon."
}
@@ -0,0 +1,5 @@
Messages {
Name = Standard
Director = bareos-dir = all
Description = "Send all messages to the Director."
}
@@ -0,0 +1,14 @@
Storage {
Name = bareos-sd
Maximum Concurrent Jobs = 20

# remove comment from "Plugin Directory" to load plugins from specified directory.
# if "Plugin Names" is defined, only the specified plugins will be loaded,
# otherwise all storage plugins (*-sd.so) from the "Plugin Directory".
#
# Plugin Directory = "@python_plugin_module_src_sd@"
# Plugin Names = ""
Working Directory = "@working_dir@"
Pid Directory = "@piddir@"
SD Port = @sd_port@
}
@@ -0,0 +1,10 @@
#
# Bareos User Agent (or Console) Configuration File
#

Director {
Name = @basename@-dir
DIRport = @dir_port@
address = @hostname@
Password = "@dir_password@"
}
@@ -0,0 +1,5 @@
Client {
Name = @basename@-fd
Address = localhost
Password = "@mon_fd_password@" # password for FileDaemon
}
@@ -0,0 +1,4 @@
Director {
Name = bareos-dir
Address = localhost
}
@@ -0,0 +1,7 @@
Monitor {
# Name to establish connections to Director Console, Storage Daemon and File Daemon.
Name = bareos-mon
# Password to access the Director
Password = "@mon_dir_password@" # password for the Directors
RefreshInterval = 30 seconds
}
@@ -0,0 +1,5 @@
Storage {
Name = bareos-sd
Address = localhost
Password = "@mon_sd_password@" # password for StorageDaemon
}

0 comments on commit c11f488

Please sign in to comment.
You can’t perform that action at this time.