Patch by Robert Scheck <robert@fedoraproject.org> for bacula >= 2.4.4, which hopefully unbreaks
the issues introduced by the attempt to fix CVE-2007-5626: The new make_catalog_backup.pl replaces
the previous make_catalog_backup. However, make_catalog_backup.pl requires "dbscan -B" working and
the backport contains missing substitutions for the environment causing make_catalog_backup.pl to
fail at two places, where the environment variable issue is easily solved. The second part of this
patch tries to backport "dbscan -B" from newer Bacula versions (with some adaptions). Additionally
the spec file was corrected to not override dbscan(1) with bscan.variant(1), but dbscan.variant(1).
See also https://bugzilla.redhat.com/show_bug.cgi?id=456612#c19 for some more details, please.
--- bacula-2.4.4/src/dird/dird_conf.c 2008-06-19 21:44:34.000000000 +0200
+++ bacula-2.4.4/src/dird/dird_conf.c.dbcheck 2012-09-26 00:52:23.000000000 +0200
@@ -483,6 +483,16 @@
{NULL, 0}
};
+char *CAT::display(POOLMEM *dst) {
+ Mmsg(dst,"catalog=%s\ndb_name=%s\ndb_user=%s\n"
+ "db_password=%s\ndb_address=%s\ndb_port=%i\n"
+ "db_socket=%s\n",
+ name(), NPRTB(db_name),
+ NPRTB(db_user), NPRTB(db_password),
+ NPRTB(db_address), db_port, NPRTB(db_socket));
+ return dst;
+}
+
const char *level_to_str(int level)
{
int i;
--- bacula-2.4.4/src/dird/dird_conf.h 2008-06-18 21:22:03.000000000 +0200
+++ bacula-2.4.4/src/dird/dird_conf.h.dbcheck 2012-09-26 00:54:04.000000000 +0200
@@ -230,6 +230,7 @@
/* Methods */
char *name() const;
+ char *display(POOLMEM *dst); /* Get catalog information */
};
inline char *CAT::name() const { return hdr.name; }
--- bacula-2.4.4/src/tools/dbcheck.c 2007-10-03 13:36:47.000000000 +0200
+++ bacula-2.4.4/src/tools/dbcheck.c.dbcheck 2012-09-26 00:50:02.000000000 +0200
@@ -101,10 +101,11 @@
static void usage()
{
fprintf(stderr,
-"Usage: dbcheck [-c config] [-C catalog name] [-d debug_level] <working-directory> <bacula-database> <user> <password> [<dbhost>]\n"
+"Usage: dbcheck [-c config] [-B] [-C catalog name] [-d debug_level] <working-directory> <bacula-database> <user> <password> [<dbhost>] [<dbport>]\n"
" -b batch mode\n"
" -C catalog name in the director conf file\n"
" -c director conf filename\n"
+" -B print catalog configuration and exit\n"
" -dnn set debug level to nn\n"
" -f fix inconsistencies\n"
" -v verbose\n"
@@ -116,8 +117,11 @@
{
int ch;
const char *user, *password, *db_name, *dbhost;
+ int dbport = 0;
+ bool print_catalog=false;
char *configfile = NULL;
char *catalogname = NULL;
+ char *endptr;
setlocale(LC_ALL, "");
bindtextdomain("bacula", LOCALEDIR);
@@ -130,8 +134,12 @@
memset(&name_list, 0, sizeof(name_list));
- while ((ch = getopt(argc, argv, "bc:C:d:fv?")) != -1) {
+ while ((ch = getopt(argc, argv, "bc:C:d:fvB?")) != -1) {
switch (ch) {
+ case 'B':
+ print_catalog = true; /* get catalog information from config */
+ break;
+
case 'b': /* batch */
batch = true;
break;
@@ -203,6 +211,18 @@
exit(1);
}
set_working_directory(director->working_directory);
+
+ /*
+ * Print catalog information and exit (-B)
+ */
+ if (print_catalog) {
+ POOLMEM *buf = get_pool_memory(PM_MESSAGE);
+ printf("%sdb_type=%s\nworking_dir=%s\n", catalog->display(buf),
+ db_get_type(), working_directory);
+ free_pool_memory(buf);
+ exit(0);
+ }
+
db_name = catalog->db_name;
user = catalog->db_user;
password = catalog->db_password;
@@ -210,6 +230,7 @@
if (dbhost && dbhost[0] == 0) {
dbhost = NULL;
}
+ dbport = catalog->db_port;
}
} else {
if (argc > 5) {
@@ -244,6 +265,20 @@
user = argv[2];
password = argv[3];
dbhost = argv[4];
+ } else if (argc == 6) {
+ db_name = argv[1];
+ user = argv[2];
+ password = argv[3];
+ dbhost = argv[4];
+ errno = 0;
+ dbport = strtol(argv[5], &endptr, 10);
+ if (*endptr != '\0') {
+ Pmsg0(0, _("Database port must be a numeric value.\n"));
+ exit(1);
+ } else if (errno == ERANGE) {
+ Pmsg0(0, _("Database port must be a int value.\n"));
+ exit(1);
+ }
}
}
--- bacula-2.4.4/src/baconfig.h 2008-05-21 13:59:00.000000000 +0200
+++ bacula-2.4.4/src/baconfig.h.dbcheck 2012-09-26 00:52:58.000000000 +0200
@@ -77,6 +77,7 @@
/* Allow printing of NULL pointers */
#define NPRT(x) (x)?(x):_("*None*")
+#define NPRTB(x) (x)?(x):""
#if defined(HAVE_WIN32)
--- bacula-2.4.4/src/cats/make_catalog_backup.pl.in 2012-09-26 00:14:48.000000000 +0200
+++ bacula-2.4.4/src/cats/make_catalog_backup.pl.in.dbcheck 2012-09-26 00:16:31.000000000 +0200
@@ -41,6 +41,8 @@
=cut
+$ENV{PATH}="/usr/bin:$ENV{PATH}";
+
my $cat = shift or die "Usage: $0 catalogname";
my $dir_conf='@sbindir@/dbcheck -B -c @sysconfdir@/bacula-dir.conf';
my $wd = "@working_dir@";
@@ -115,13 +117,10 @@
{
my %args = @_;
if ($args{db_type} eq 'SQLite3') {
- $ENV{PATH}="@SQLITE_BINDIR@:$ENV{PATH}";
dump_sqlite3(%args);
} elsif ($args{db_type} eq 'PostgreSQL') {
- $ENV{PATH}="@POSTGRESQL_BINDIR@:$ENV{PATH}";
dump_pgsql(%args);
} elsif ($args{db_type} eq 'MySQL') {
- $ENV{PATH}="@MYSQL_BINDIR@:$ENV{PATH}";
dump_mysql(%args);
} else {
die "This database type isn't supported";