User Tools

Site Tools


hints_tips:untrusted_director_-_nix_solution

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
hints_tips:untrusted_director_-_nix_solution [2009/03/10 16:10]
jzeeff
hints_tips:untrusted_director_-_nix_solution [2009/03/15 13:30] (current)
jzeeff
Line 1: Line 1:
 +===== Untrusted Director =====
  
 I ran into a situation where the director and storage systems weren'​t trusted by the fd client. ​ Ie, some of the data on the client should not be available to the director. ​ Nor should the director have rights to create or delete critical files on the client. I ran into a situation where the director and storage systems weren'​t trusted by the fd client. ​ Ie, some of the data on the client should not be available to the director. ​ Nor should the director have rights to create or delete critical files on the client.
Line 10: Line 11:
 The result is that bacula is used to backup selected files without trusting the bacula system. ​ File names are still exposed but I wasn't concerned about that. The result is that bacula is used to backup selected files without trusting the bacula system. ​ File names are still exposed but I wasn't concerned about that.
  
 +<​code>​
 +#!/bin/bash
  
 +# compress and encrypt files and then copy to a directory where bacula will get them
 +# don't update files that haven'​t changed. ​ Not recursive.
 +
 +DIR=/​u2/​chroot/​bacula/​data
 +export DIR
 +
 +cd xxx
 +
 +for i in *
 +do
 +   if test -f "​$i"​
 +   then
 +      if test -f "​$DIR/​$i"​ -a  "​$DIR/​$i"​ -nt "​$i"​
 +      then
 +         :
 +      else
 +          gpg --compress-algo bzip2 --passphrase xxxxxxxxx --no-use-agent -c  < "​$i"​ > "​$DIR/​$i"​
 +      fi
 +   fi
 +done
 +
 +</​code>​
  
  
hints_tips/untrusted_director_-_nix_solution.1236701404.txt.gz ยท Last modified: 2009/03/10 16:10 by jzeeff