rpms/bacula
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Add separate firewall rules for storage/director only

Browse Source
This commit is contained in:
Simone Caronni 2022-11-21 11:03:22 +01:00
parent 312426c4ab
commit 955a8b86cc
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
bacula.spec
View File

@ -3,7 +3,7 @@
Name: bacula Name: bacula
Version: 13.0.1 Version: 13.0.1
Release: 1%{?dist} Release: 2%{?dist}
Summary: Cross platform network backup for Linux, Unix, Mac and Windows Summary: Cross platform network backup for Linux, Unix, Mac and Windows
# See LICENSE for details # See LICENSE for details
License: AGPLv3 with exceptions License: AGPLv3 with exceptions
@ -16,6 +16,9 @@ Source3: quickstart_mysql.txt
Source4: quickstart_sqlite3.txt Source4: quickstart_sqlite3.txt
Source5: README.Redhat Source5: README.Redhat
Source6: %{name}.logrotate Source6: %{name}.logrotate
# Firewalld cumulative (bacula.xml) and fd (bacula-client.xml) services are in firewalld:
Source7: %{name}-storage.xml
Source8: %{name}-director.xml
Source10: %{name}-fd.service Source10: %{name}-fd.service
Source11: %{name}-dir.service Source11: %{name}-dir.service
Source12: %{name}-sd.service Source12: %{name}-sd.service
@ -45,6 +48,7 @@ BuildRequires: sed
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: firewalld-filesystem
BuildRequires: gcc BuildRequires: gcc
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: glibc-devel BuildRequires: glibc-devel
@ -80,6 +84,8 @@ BuildRequires: libpq-devel
BuildRequires: postgresql-devel BuildRequires: postgresql-devel
%endif %endif
Requires(post): firewalld-filesystem
%description %description
Bacula is a set of programs that allow you to manage the backup, recovery, and Bacula is a set of programs that allow you to manage the backup, recovery, and
verification of computer data across a network of different computers. It is verification of computer data across a network of different computers. It is
@ -389,6 +395,10 @@ install -p -m 644 -D %{SOURCE17} %{buildroot}%{_sysconfdir}/sysconfig/bacula-sd
# Spool directory # Spool directory
mkdir -p %{buildroot}%{_localstatedir}/spool/bacula mkdir -p %{buildroot}%{_localstatedir}/spool/bacula
# Firewalld rules
install -p -m 644 -D %{SOURCE7} %{buildroot}%{_prefix}/lib/firewalld/services/bacula-storage.xml
install -p -m 644 -D %{SOURCE8} %{buildroot}%{_prefix}/lib/firewalld/services/bacula-director.xml
# Remove stuff we do not need # Remove stuff we do not need
rm -f %{buildroot}%{_libexecdir}/bacula/{bacula,bacula-ctl-*,startmysql,stopmysql,bconsole,make_catalog_backup} rm -f %{buildroot}%{_libexecdir}/bacula/{bacula,bacula-ctl-*,startmysql,stopmysql,bconsole,make_catalog_backup}
rm -f %{buildroot}%{_sbindir}/bacula rm -f %{buildroot}%{_sbindir}/bacula
@ -438,6 +448,9 @@ getent passwd %username >/dev/null || useradd -u %uid -r -s /sbin/nologin \
-d /var/spool/bacula -M -c 'Bacula Backup System' -g %username %username &>/dev/null || : -d /var/spool/bacula -M -c 'Bacula Backup System' -g %username %username &>/dev/null || :
exit 0 exit 0
%post common
%firewalld_reload
%post client %post client
%systemd_post %{name}-fd.service %systemd_post %{name}-fd.service
@ -501,6 +514,8 @@ exit 0
%{_libexecdir}/%{name}/bacula_config %{_libexecdir}/%{name}/bacula_config
%{_libexecdir}/%{name}/btraceback.mdb %{_libexecdir}/%{name}/btraceback.mdb
%{_mandir}/man8/btraceback.8* %{_mandir}/man8/btraceback.8*
%{_prefix}/lib/firewalld/services/bacula-director.xml
%{_prefix}/lib/firewalld/services/bacula-storage.xml
%{_sbindir}/btraceback %{_sbindir}/btraceback
%files director %files director
@ -625,6 +640,9 @@ exit 0
%{_libdir}/nagios/plugins/check_bacula %{_libdir}/nagios/plugins/check_bacula
%changelog %changelog
* Mon Nov 21 2022 Simone Caronni <negativo17@gmail.com> - 13.0.1-2
- Add separate firewall rules for storage/director only.
* Fri Aug 19 2022 Simone Caronni <negativo17@gmail.com> - 13.0.1-1 * Fri Aug 19 2022 Simone Caronni <negativo17@gmail.com> - 13.0.1-1
- Update to 13.0.1. - Update to 13.0.1.