Next: Bacula Copyright, Trademark, and Up: Console and Operators Guide Previous: Bacula Console Contents Index
This chapter presents the Bacula Web based interface that has been added to the Bacula project for version 7.0 and later.
Baculum provides the following base features:
Environment for Baculum installation should have following components installed:
All the above requirements are validated during Baculum start. If an error is found you will be notified during the initial login. See below for instructions on how to correct errors.
With installation from binary packages (deb, rpm) all requirements will be automatically installed as packages dependencies.
For rpm binary there are the following packages:
You must install at a minimum the baculum package and either baculum-http or baculum-lighttpd.
To add the Baculum repository, first you must import the Baculum public key:
rpm --import http://bacula.org/downloads/baculum/baculum.pub
Once the key is imported, the next step is to add the repository definition. First you must create the following file:
/etc/yum.repos.d/baculum.repo
The for CentOS 7, put the following in the file just created:
[baculumrepo] name=Baculum CentOS repository baseurl=http://bacula.org/downloads/baculum/centos gpgcheck=1 enabled=1
For Fedora 23 the bacula.repo file should have the following contents:
[baculumrepo] name=Baculum Fedora repository baseurl=http://bacula.org/downloads/baculum/fedora gpgcheck=1 enabled=1
Install Baculum for the Apache Web server as follows:
yum install baculum baculum-httpd
Restart your Apache Web server:
service httpd restart
Baculum requires access to Bconsole. To configure Bconsole sudo access there can use following entries in newly created Baculum sudoers.d file (usually in path /etc/sudoers.d/baculum):
In case default user both for Apache and Lighttpd:
Defaults:web-user !requiretty web-user ALL=NOPASSWD: /usr/sbin/bconsole
Where web-user must be replaced by the Linux username under which your Web server is running.
For example, on Fedora the default Apache server name is apache; on Debian/Ubuntu it is www-data, and on CentOS/RedHat it is apache or apache2.
First time login: admin
First time password: admin
/var/log/apache2/error.log
In addition, special debug output is placed by Baculum in the file:
/etc/baculum/Data-apache/baculum.dbg
With the information in those two files, you can usually quickly find and correct most problems.
Installation on system with SELinux enabled access and access via Lighttpd is as follows
yum install baculum baculum-selinux baculum-lighttpd
You can skip installing baculum-selinux if you do not use SELinux.
Please note that in case CentOS distribution the Lighttpd web server is available in the distribution packages after enabling the EPEL repository.
Start Baculum as application using the lighttpd Web server:
service baculum-lighttpd start
Baculum requires access to Bconsole. To configure Bconsole sudo access we strongly recommend that you create a Baculum sudoers.d file, which should be in /etc/sudoers.d/baculum:
In case default Apache user, the file contents must be:
Defaults:apache !requiretty apache ALL=NOPASSWD: /usr/sbin/bconsole
In case default Lighttpd user the file contents must be:
Defaults:lighttpd !requiretty lighttpd ALL=NOPASSWD: /usr/sbin/bconsole
First time login: admin
First time password: admin
For deb binary packages format you will find the following packages:
To add the Baculum repository, first import the Baculum public key:
wget -qO - http://bacula.org/downloads/baculum/baculum.pub | apt-key add -
Once the key is imported, the next step is to create a new baculum file:
/etc/apt/sources.list.d/baculum.list
For Debian 8 Jessie the contents should be:
deb http://bacula.org/downloads/baculum/debian jessie main deb-src http://bacula.org/downloads/baculum/debian jessie main
For Ubuntu 15.04 Vivid the contents should be:
deb [ arch=amd64 ] http://bacula.org/downloads/baculum/ubuntu vivid main deb-src http://bacula.org/downloads/baculum/ubuntu vivid main
For Ubuntu 15.10 Wily the contents should be:
deb [ arch=amd64 ] http://bacula.org/downloads/baculum/ubuntu wily main deb-src http://bacula.org/downloads/baculum/ubuntu wily main
After adding repository definition, please refresh repository indexes:
apt-get update
To install Baculum access via Apache Web server by using apt packages manager use the command:
apt-get install baculum baculum-apache2
Next you must enable mod_rewrite module for Apache, with the following command:
ln -s /etc/apache2/mods-available/rewrite.load \
/etc/apache2/mods-enabled/rewrite.load
and include Baculum VirtualHost definition in the Apache configuration with:
ln -s /etc/apache2/sites-available/baculum.conf \
/etc/apache2/sites-enabled/baculum.conf
The restart your Apache server with:
service apache2 restart
and access Baculum from you Web browser with: http://localhost:9095
First time login: admin
First time password: admin
Example installation with access via Lighttpd web server looks following:
apt-get install baculum baculum-lighttpd
Start Baculum as application available through Apache web server:
service baculum-lighttpd start
Access from web browser: http://localhost:9095
First time login: admin
First time password: admin
You may also install Baculum from the source bacula-gui tar archive.
To prepare Baculum runtime files one uses the Makefile file. To do this, after unpacking bacula-gui archive please go to Baculum main directory:
cd ./web/baculum/
Then please run (depending on used distribution):
For rpm-based distributions (example with /tmp/baculum-runtime destination directory):
make build DESTDIR=/tmp/baculum-runtime
For deb-based distributions (example with /tmp/baculum-runtime destination directory):
make build DESTDIR=/tmp/baculum-release SAMPLETYPE=deb-template \ HTTPDNAME=apache2 HTTPDSITECONF=sites-available
After execution above command, in path /tmp/baculum-runtime should contain all required runtime files.
The Base Baculum source files will be located in:
/tmp/baculum-runtime/usr/share/baculum/htdocs/
These are the files that should be placed in web server's document root (or Virtual Host document root) directory.
Please note that for language files (including English) symbolic links must be created as shown below:
/usr/share/locale/en/LC_MESSAGES/baculum.mo => /tmp/baculum-runtime/usr/share/baculum/htdocs/protected/Lang/en/baculum.mo /usr/share/locale/pl/LC_MESSAGES/baculum.mo => /tmp/baculum-runtime/usr/share/baculum/htdocs/protected/Lang/pl/baculum.mo /usr/share/locale/pt/LC_MESSAGES/baculum.mo => /tmp/baculum-runtime/usr/share/baculum/htdocs/protected/Lang/pt/baculum.mo
Please also update the symbolic link to the Baculum settings directory in the following path:
/tmp/baculum-runtime/usr/share/baculum/htdocs/protected/Data
Other files are: web servers configuration files, systemd units, SELinux policy module and others. Please select and copy appropriate files to your system environment and edit their content if needed.
You must set read/write privileges for the Web server user to the files and directories listed below:
./baculum/assets/ ./baculum/protected/Data/ ./baculum/protected/Data/baculum.users ./baculum/protected/runtime/
Baculum supports customized and restricted consoles for each logged in user.
General design permits one administrator and many users. For each user it is possible to define a unique bconsole configuration file that will allow the user access to specific resources only.
Resources limitation is realized by using Bacula Restricted Consoles functionality.
Before using customized and restricted consoles with Baculum please check the location for bconsole configuration files for each user. To do so, please run the configuration wizard and then to go to "Console" wizard step (fourth step).
In the "Console" wizard step there is a field "Bconsole custom config file path". In this field you must define a location for restricted consoles. In the defined path exists keyword {user}. During login, Baculum will replace this keyword with the logged in username. This permits using a single directory which contains a different bconsole-xxx.conf for each user (where xxx is replaced by the user login name.
For example, if there the user named "john", is logging in, Baculum will replace the keyword {user} with john.
Example:
"Bconsole custom config file path" is defined as:
/usr/local/bacula/etc/bconsole-{user}.conf
Thus for user "john", Baculum will use the following file for each access to bconsole:
/usr/local/bacula/etc/bconsole-john.conf
The permits defining user specific Console access (or restricted access) for each Baculum user.
Note that it is possible to create users and which bconsole file will be accessed using Baculum, but it is not currently possible to use Baculum to create the bconsole configuration files. For this reason please prepare bconsole configuration files for each regular (non-administrator) user and check the access by logging in to Baculum as the new user.
For Baculum to work work correctly some Bconsole commands are necessary. They are:
Example configuration of the Restricted Console can look like below:
Console {
Name = "BaculaRestrictedUser"
Password = "XXXXXXXXX"
CommandACL = run,show,.client,.jobs,.fileset,.pool,.storage,.jobs,.bvfs_update,
.bvfs_lsdirs,.bvfs_lsfiles,.bvfs_versions,.bvfs_get_jobids,.bvfs_restore,restore
CatalogACL = *all*
ClientACL = user-fd
JobACL = somejob1,userjob
PoolACL = Full-Pool
StorageACL = VTL
FileSetACL = somejob1-fileset,userjobFileSet3
WhereACL = *all*
}
