<< Back to man.ChinaUnix.net

next up previous contents index
Next: Installing and Configuring SQLite Up: Bacula User's Guide Previous: Installing and Configuring MySQL   Contents   Index

Subsections


Installing and Configuring PostgreSQL

Warning!!! If you are considering using PostreSQL, you should be aware of their philosophy of upgrades, which could be destabilizing for a production shop. Basically at every major version upgrade, you are required to dump your database in an ASCII format, do the upgrade, and then reload your database (or databases). This is because they frequently update the "data format" from version to version, and they supply no tools to automatically do the conversion. If you forget to do the ASCII dump, your database may become totally useless because none of the new tools can access it due to the format change, and the PostgreSQL server will not be able to start.

Installing and Configuring PostgreSQL -- Phase I

If you use the ./configure --with-postgresql=PostgreSQL-Directory statement for configuring Bacula, you will need PostgreSQL version 7.3 or later installed. NOTE! PostgreSQL versions earlier than 7.3 do not work with Bacula. If PostgreSQL is installed in the standard system location, you need only enter --with-postgresql since the configure program will search all the standard locations. If you install PostgreSQL in your home directory or some other non-standard directory, you will need to provide the full path with the --with-postgresql option.

Installing and configuring PostgreSQL is not difficult but can be confusing the first time. If you prefer, you may want to use a package provided by your chosen operating system. Binary packages are available on most PostgreSQL mirrors.

If you prefer to install from source, we recommend following the instructions found in the PostgreSQL documentation.

If you are using FreeBSD, this FreeBSD Diary article will be useful. Even if you are not using FreeBSD, the article will contain useful configuration and setup information.

After installing PostgreSQL, you should return to completing the installation of Bacula. Later, after Bacula is installed, come back to this chapter to complete the installation. Please note, the installation files used in the second phase of the PostgreSQL installation are created during the Bacula Installation.

Installing and Configuring PostgreSQL -- Phase II

At this point, you should have built and installed PostgreSQL, or already have a running PostgreSQL, and you should have configured, built and installed Bacula. If not, please complete these items before proceeding.

Please note that the ./configure used to build Bacula will need to include --with-postgresql=PostgreSQL-directory, where PostgreSQL-directory is the directory name that you specified on the ./configure command for configuring PostgreSQL (if you didn't specify a directory or PostgreSQL is installed in a default location, you do not need to specify the directory). This is needed so that Bacula can find the necessary include headers and library files for interfacing to PostgreSQL.

Bacula will install scripts for manipulating the database (create, delete, make tables etc) into the main installation directory. These files will be of the form *_bacula_* (e.g. create_bacula_database). These files are also available in the <bacula-src>/src/cats directory after running ./configure. If you inspect create_bacula_database, you will see that it calls create_postgresql_database. The *_bacula_* files are provided for convenience. It doesn't matter what database you have chosen; create_bacula_database will always create your database.

Now you will create the Bacula PostgreSQL database and the tables that Bacula uses. These instructions assume that you already have PostgreSQL running. You will need to perform these steps as a user that is able to create new databases. This can be the PostgreSQL user (on most systems, this is the pgsql user).

  1. cd <install-directory>

    This directory contains the Bacula catalog interface routines.

  2. ./create_bacula_database

    This script creates the PostgreSQL bacula database. If it fails, it is probably because the database is owned by a user other than yourself. On many systems, the database owner is pgsql and on others such as RedHat and Fedora it is postgres. You can find out which it is by examining your /etc/passwd file. To create a new user under either your name or with say the name bacula, you can do the following:

       su
       (enter root password)
       su pgsql (or postgres)
       createuser kern (or perhaps bacula)
       Shall the new user be allowed to create databases? (y/n) y
       Shall the new user be allowed to create more new users? (y/n) (choose
             what you want)
       exit
    

    At this point, you should be able to execute the ./create_bacula_database command.

  3. ./make_bacula_tables

    This script creates the PostgreSQL tables used by Bacula.

  4. ./grant_bacula_privileges

    This script creates the database user bacula with restricted access rights. You may want to modify it to suit your situation. Please note that this database is not password protected.

Each of the three scripts (create_bacula_database, make_bacula_tables, and grant_bacula_privileges) allows the addition of a command line argument. This can be useful for specifying the user name. For example, you might need to add -h hostname to the command line to specify a remote database server.

To take a closer look at the access privileges that you have setup with the above, you can do:

PostgreSQL-directory/bin/psql --command \\dp bacula

Also, I had an authorization problem with the password. In the end, I had to modify my pg_hba.conf file (in /var/lib/pgsql/data on my machine) from:

  local   all    all        ident  sameuser
to
  local   all    all        trust  sameuser

This solved the problem for me, but it is not always a good thing to do from a security standpoint. However, it allowed me to run my regression scripts without having a password.

A more secure way to perform database authentication is with md5 password hashes. Begin by editing the pg_hba.conf file, and just prior the the existing ``local'' and ``host'' lines, add the line:

  local bacula bacula md5

and restart the Postgres database server (frequently, this can be done using "/etc/init.d/postgresql restart") to put this new authentication rule into effect.

Next, become the Postgres administrator, postgres, either by logging on as the postgres user, or by using su to become root and then using su - postgres to become postgres. Add a password to the bacula database for the bacula user using:

  \$ psql bacula
  bacula=# alter user bacula with password 'secret';
  ALTER USER
  bacula=# \\q

Next, you'll have to add this password to two locations in the bacula-dir.conf file: once to the Catalog resource and once to the RunBeforeJob entry in the BackupCatalog Job resource. With the password in place, these two lines should look something like:

  dbname = bacula; user = bacula; password = "secret"
    ... and ...
  RunBeforeJob = "/etc/make_catalog_backup bacula bacula secret"

Naturally, you should choose your own significantly more random password, and ensure that the bacula-dir.conf file containing this password is readable only by the root.

Even with the files containing the database password properly restricted, there is still a security problem with this approach: on some platforms, the environment variable that is used to supply the password to Postgres is available to all users of the local system. To eliminate this problem, the Postgres team have deprecated the use of the environment variable password-passing mechanism and recommend the use of a .pgpass file instead. To use this mechanism, create a file named .pgpass containing the single line:

  localhost:5432:bacula:bacula:secret

This file should be copied into the home directory of all accounts that will need to gain access to the database: typically, root, bacula, and any users who will make use of any of the console programs. The files must then have the owner and group set to match the user (so root:root for the copy in root, and so on), and the mode set to 600, limiting access to the owner of the file.

Re-initializing the Catalog Database

After you have done some initial testing with Bacula, you will probably want to re-initialize the catalog database and throw away all the test Jobs that you ran. To do so, you can do the following:

  cd <install-directory>
  ./drop_bacula_tables
  ./make_bacula_tables
  ./grant_bacula_privileges

Please note that all information in the database will be lost and you will be starting from scratch. If you have written on any Volumes, you must write an end of file mark on the volume so that Bacula can reuse it. Do so with:

   (stop Bacula or unmount the drive)
   mt -f /dev/nst0 rewind
   mt -f /dev/nst0 weof

Where you should replace /dev/nst0 with the appropriate tape drive device name for your machine.

Installing PostgreSQL from RPMs

If you are installing PostgreSQL from RPMs, you will need to install both the PostgreSQL binaries and the client libraries. The client libraries are usually found in a devel package, so you must install:

  postgresql
  postgresql-devel

This will be the same with most other package managers too.

Converting from MySQL to PostgreSQL

The conversion procedure presented here was worked out by Norm Dressler <ndressler at dinmar dot com>

This process was tested using the following software versions:

WARNING: Always as a precaution, take a complete backup of your databases before proceeding with this process!

  1. Shutdown bacula (cd /etc/bacula;./bacula stop)
  2. Run the following command to dump your Mysql database:

           mysqldump -f -t -n >bacula-backup.dmp
    

  3. Make a backup of your /etc/bacula directory (but leave the original in place).
  4. Go to your Bacula source directory and rebuild it to include PostgreSQL support rather then Mysql support. Check the config.log file for your original configure command and replace enable-mysql with enable-postgresql.
  5. Recompile Bacula with a make and if everything compiles completely, perform a make install.
  6. Shutdown Mysql.
  7. Start PostgreSQL on your system.
  8. Create a bacula user in Postgres with the createuser command. Depending on your Postgres install, you may have to SU to the user who has privileges to create a user.
  9. Verify your pg_hba.conf file contains sufficient permissions to allow bacula to access the server. Mine has the following since it's on a secure network:

    local all all trust
                    
    host all all 127.0.0.1 255.255.255.255 trust
                    
    NOTE: you should restart your postgres server if you
          made changes
    

  10. Change into the /etc/bacula directory and prepare the database and tables with the following commands:

    ./create_postgresql_database
                                    
    ./make_postgresql_tables
                                    
    ./grant_postgresql_privileges
    

  11. Verify you have access to the database:

      
    psql -Ubacula bacula
    

    You should not get any errors.

  12. Load your database from the Mysql database dump with:

    psql -Ubacula bacula <bacula-backup.dmp>
    

  13. Resequence your tables with the following commands:

    psql -Ubacula bacula
                    
    SELECT SETVAL('basefiles_baseid_seq', (SELECT
    MAX(baseid) FROM basefiles));
    SELECT SETVAL('client_clientid_seq', (SELECT
    MAX(clientid) FROM client));
    SELECT SETVAL('file_fileid_seq', (SELECT MAX(fileid)
    FROM file));
    SELECT SETVAL('filename_filenameid_seq', (SELECT
    MAX(filenameid) FROM filename));
                    
    SELECT SETVAL('fileset_filesetid_seq', (SELECT
    MAX(filesetid) FROM fileset));
                    
    SELECT SETVAL('job_jobid_seq', (SELECT MAX(jobid) FROM job));
    SELECT SETVAL('jobmedia_jobmediaid_seq', (SELECT
    MAX(jobmediaid) FROM jobmedia));
    SELECT SETVAL('media_mediaid_seq', (SELECT MAX(mediaid) FROM media));
    SELECT SETVAL('path_pathid_seq', (SELECT MAX(pathid) FROM path));
                    
    SELECT SETVAL('pool_poolid_seq', (SELECT MAX(poolid) FROM pool));
    

  14. At this point, start up Bacula, verify your volume library and perform a test backup to make sure everything is working properly.

Upgrading PostgreSQL

If you upgrade PostgreSQL, you must reconfigure, rebuild, and re-install Bacula otherwise you are likely to get bizarre failures. If you to modify the bacula.spec file to account for the new PostgreSQL version. You can do so by rebuilding from the source rpm. To do so, you may need install from rpms and you upgrade PostgreSQL, you must also rebuild Bacula.

Credits

Many thanks to Dan Langille for writing the PostgreSQL driver. This will surely become the most popular database that Bacula supports.


next up previous contents index
Next: Installing and Configuring SQLite Up: Bacula User's Guide Previous: Installing and Configuring MySQL   Contents   Index
Kern Sibbald 2006-07-30