From b4d4fa828bd679fe86139ec94cd836c1801d99cd Mon Sep 17 00:00:00 2001 From: Michal Rakowski Date: Wed, 27 Oct 2021 15:54:55 +0200 Subject: [PATCH] Add 'BackupJobUser' and 'RestoreJobUser' FD directives --- bacula/src/filed/filed_conf.c | 10 +++++++++- bacula/src/filed/filed_conf.h | 2 ++ bacula/src/filed/job.c | 14 +++++++++++++- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/bacula/src/filed/filed_conf.c b/bacula/src/filed/filed_conf.c index f34366a4a..e6ffaef11 100644 --- a/bacula/src/filed/filed_conf.c +++ b/bacula/src/filed/filed_conf.c @@ -158,8 +158,10 @@ static RES_ITEM dir_items[] = { {"ReconnectionTime", store_time,ITEM(res_dir.reconnection_time), 0, ITEM_DEFAULT, 60 * 45}, {"AllowedBackupDirectories", store_alist_str, ITEM(res_dir.allowed_backup_dirs), 0, 0, 0}, {"ExlcudedBackupDirectories", store_alist_str, ITEM(res_dir.excluded_backup_dirs), 0, 0, 0}, - {"AllowedScriptDirectories", store_alist_str, ITEM(res_dir.allowed_script_dirs), 0, 0, 0}, + {"AllowedScriptDirectories", store_alist_str, ITEM(res_dir.allowed_script_dirs), 0, 0, 0}, {"AllowedRestoreDirectories", store_alist_str, ITEM(res_dir.allowed_restore_dirs), 0, 0, 0}, + {"BackupJobUser", store_str, ITEM(res_dir.backup_job_user), 0, 0, 0}, + {"RestoreJobUser", store_str, ITEM(res_dir.restore_job_user), 0, 0, 0}, {NULL, NULL, {0}, 0, 0, 0} }; @@ -552,6 +554,12 @@ void free_resource(RES *sres, int type) if (res->res_dir.allowed_restore_dirs) { delete res->res_dir.allowed_restore_dirs; } + if (res->res_dir.backup_job_user) { + free(res->res_dir.backup_job_user); + } + if (res->res_dir.restore_job_user) { + free(res->res_dir.restore_job_user); + } break; case R_CONSOLE: if (res->res_cons.dirinfo.password) { diff --git a/bacula/src/filed/filed_conf.h b/bacula/src/filed/filed_conf.h index 0a04872f2..0322bf19b 100644 --- a/bacula/src/filed/filed_conf.h +++ b/bacula/src/filed/filed_conf.h @@ -121,6 +121,8 @@ struct DIRRES { alist *excluded_backup_dirs; /* Excluded to-be-backed-up directory list */ alist *allowed_script_dirs; /* Allowed directory list to run scripts/programs from */ alist *allowed_restore_dirs; /* Allowed directory list to restore to */ + char *backup_job_user; /* Backup job will be run as this user if specified */ + char *restore_job_user; /* Restore job will be run as this user if specified */ }; struct CLIENT { diff --git a/bacula/src/filed/job.c b/bacula/src/filed/job.c index 1776fd1cb..0310ed23e 100644 --- a/bacula/src/filed/job.c +++ b/bacula/src/filed/job.c @@ -2942,6 +2942,12 @@ static int backup_cmd(JCR *jcr) dir->fsend(OKbackup); Dmsg1(110, "filed>dird: %s", dir->msg); + /* Change the user if needed */ + if (!set_job_user(jcr)) { + dir->fsend(BADcmd, "backup"); + goto cleanup; + } + /* * Send Append Open Session to Storage daemon */ @@ -3097,6 +3103,8 @@ static int backup_cmd(JCR *jcr) } cleanup: + /* Reset the user if */ + reset_job_user(jcr); #if defined(WIN32_VSS) if (jcr->Snapshot) { Win32ConvCleanupCache(); @@ -3375,7 +3383,11 @@ static int restore_cmd(JCR *jcr) } #endif - set_job_user(jcr); + /* Change the user if needed */ + if (!set_job_user(jcr)) { + dir->fsend(BADjob); + goto bail_out; + } if (!jcr->is_canceled()) { do_restore(jcr); -- 2.47.3