# directors to verify the authenticity of this file daemon
TLS Certificate = "/etc/bacula/bacula-fd.pem"
TLS Key = "/etc/bacula/bacula-fd.pem"
- TLS DH File = "/etc/bacula/dh1024.pem"
+ TLS DH File = "/etc/bacula/dh2048.pem"
}
#
}
generate_dh() {
- DH_FILE=/etc/bacula/dh1024.pem
+ DH_FILE=/etc/bacula/dh2048.pem
if [ -s $DH_FILE ]; then
echo $DH_FILE already exists, skipping.
umask 077
echo Generating $DH_FILE
- openssl dhparam -out $DH_FILE -5 1024
+ ###openssl dhparam -out $DH_FILE -5 1024
+ openssl dhparam -out $DH_FILE -2 2048
+
fi
}
rm -f $REQUEST_FILE
openssl req -new -newkey rsa:2048 -nodes -keyout $CERT_FILE \
-subj "/C=HR/ST=Croatia/O=CARNet/OU=sysbackup/CN=$IP" \
- -x509 -extensions usr_cert -days $((365*5)) \
+ -x509 -extensions usr_cert -days $((365*10)) \
-out $CERT_FILE
fi
}
DF_FILE=$(mktemp bacula-cn.XXXXXXXXXX)
df -h > $DF_FILE
+ # dodaj i /media i /mnt
+ test -d /media && du -hs /media || true >> $DF_FILE
+ test -d /mnt && du -hs /mnt || true >> $DF_FILE
+
# report database sizes
DB_FILE=$(mktemp bacula-cn.XXXXXXXXXX)
if [ -d /var/lib/mysql -o -d /var/lib/postgresql ]; then
# cleanup
rm -f $DF_FILE $DB_FILE $FD_FILE $PEM_FILE
- # report problems
+ # report problems
if [ ! -e $REQUEST_FILE ]; then
db_input high bacula-cn/request-failed || true
db_go || true
fi
}
-
+
+fix_privileges() {
+ # fix privileges
+
+ chown root:bacula /etc/bacula/bacula-fd.pem /etc/bacula/bacula-fd.conf /etc/bacula/bconsole.conf
+ chmod 640 /etc/bacula/bacula-fd.pem /etc/bacula/bacula-fd.conf /etc/bacula/bconsole.conf
+}
+
load_config() {
db_get bacula-cn/hostname
HOST=$RET
generate_fd_config
generate_bconsole_config
+ fix_privileges
+
restart_bacula
send_request