Bacula Auth Plugin Documentation

Large companies are using central systems to handle authentication and authorization data. It is very often based on LDAP databases. With one click, the access to all software in the company can be granted or revoked. Today, once a user can access the bconsole.conf file, Bacula doesn’t require any other form of authentication, basically, any user that have access to bconsole.conf can interact with Bacula. It is mandatory to change the Console resource and reload the Director to disable a user. The idea would be to let the administrator the possibility to authenticate users with a central database. For that, this document propose to design an Authorization/Authentication mechanism based on a Director plugin. Once the Console is properly connected, the plugin would be able to authenticate a given user (password/user), and in a second time, would be also able to manage ACLs.

• Dictionary
• Bacula DIR Plugin API
• Bacula Pluggable Authentication Modules API Framework BPAM

Possible Next Steps

Go back to Bacula FD Plugin API.

Go back to Developer Guide.