From Fedora Project Wiki

< User:Renich‎ | HowTo

Revision as of 21:20, 19 February 2010 by Renich (talk | contribs) (added iptables command)

Bacula basic configuration


Bacula is an enterprise-grade backup utility. This HowTo explains how to set up bacula on Fedora while respecting Fedora's configuration way.

Applicable to Fedora Versions

  • Fedora 12


Bacula supports a few database backends, so, you will need to choose one. On this document, I will choose the mysql backend. Clients do not need a database backend.

Also, you will need to decide which console(s) you want and configure them. I will choose the commandline console.

Storage, database and director could be distributed but, in this case, everything will be managed on the same server.

Server requirements

  • bacula-common
  • bacula-console
  • bacula-director-common
  • bacula-director-mysql
  • bacula-sysconfdir
  • bacula-storage-common
  • bacula-storage-mysql
  • mysql-server

Client's requirements

  • bacula-client
Storage, database and director could be distributed but, in this case, everything will be managed on the same server.

Doing the Work

Configuring the server

  • Install mysql-server:
su -c 'yum install mysql-server'
  • Install the relevant bacula packages
su -c 'yum install bacula-common \
bacula-console bacula-director-common \
bacula-director-mysql bacula-storage-common \
bacula-storage-mysql bacula-sysconfdir'
  • Start the mysql server
su -c 'service mysql start'
  • Grant privileges to the bacula user
su -c '/usr/libexec/bacula/grant_mysql_privileges'
  • Create the database
su -c '/usr/libexec/bacula/create_mysql_database'
  • Create the necessary tables
su -c '/usr/libexec/bacula/make_mysql_tables'
  • Add a strong password to the bacula user
su -c 'mysql -u root'
UPDATE mysql.user SET Password=PASSWORD(',Somes7r0nGp4$5w_rD--') WHERE User='bacula';
  • Set /etc/bacula/bacula-dir passwords

  • Configure bacula's mysql user on the /etc/bacula/bacula-dir.conf
Catalog {
  Name = MyCatalog
  dbname = "bacula"; dbuser = "bacula"; dbpassword = ""


Catalog {
  Name = MyCatalog
  dbname = "bacula"; dbuser = "bacula"; dbpassword = ",Somes7r0nGp4$5w_rD--"
  • Set /etc/bacula/bacula-fd passwords

  • Set /etc/bacula/bacula-sd passwords

+ Open up the relevant iptables port

su -c 'iptables -A INPUT -m state --state NEW -m tcp \
-p tcp --dport 9101 -j ACCEPT'
u -c 'iptables -A INPUT -m state --state NEW -m tcp \
-p tcp --dport 9103 -j ACCEPT'
  • Start the storage and dir services
su -c 'service start bacula-sd'
su -c 'service start bacula-dir'
su -c 'service start bacula-fd'
Since you need to generate quite a few secure passwords, I recommend using apg; specifically: apg -M LCN -m 32 -x 32. This tool can be installed from the repositories.

Configuring the clients

  • Install the bacula client
su -c 'yum install bacula-client'
  • Configure the client's and monitor's names, addresses and passwords. These ones need to be present in the server configuration so, keep track of the passwords and names.
# Default  Bacula File Daemon Configuration file
#  For Bacula release 3.0.3 (18 October 2009) -- redhat 
# There is not much to change here except perhaps the
# File daemon Name to

# List Directors who are permitted to contact this File daemon
Director {
  Name = bacula-dir
  Password = "fd_password" # change to a nice and strong password

# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
Director {
  Name = bacula-mon
  Password = "mon_fd_password" # change to a nice and strong password
  Monitor = yes

# "Global" File daemon configuration specifications
FileDaemon {                          # this is me
  Name = bacula-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/spool/bacula
  Pid Directory = /var/run
  Maximum Concurrent Jobs = 20

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored

+ Open up the relevant firewall port; in this case, 9102

su -c 'iptables -A INPUT -m state --state NEW -m tcp \
-p tcp --dport 9102 -j ACCEPT'


How to test

Common problems and fixes

More Information


I haven't had the opportunity to test this HowTo since I lack of a networked PC to do it, so you may run into problems, if you do, come to #fedora on or leave me messages so I know what's up. Feel free to propose changes and stuff.

Added Reading