## Bareos ®; Backup Archiving REcovery Open Sourced Main Reference

This manual documents Bareos version master (July 3, 2014)
Bareos ®; is a registered trademark of Bareos GmbH & Co KG.
Bacula ®; is a registered trademark of Kern Sibbald.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled ”GNU Free Documentation License”.

# Part IIntroduction and Tuturial

## Chapter 1What is Bareos?

Bareos is a set of computer programs that permits the system administrator to manage backup, recovery, and verification of computer data across a network of computers of different kinds. Bareos can also run entirely upon a single computer and can backup to various types of media, including tape and disk.

In technical terms, it is a network Client/Server based backup program. Bareos is relatively easy to use and efficient, while offering many advanced storage management features that make it easy to find and recover lost or damaged files. Due to its modular design, Bareos is scalable from small single computer systems to systems consisting of hundreds of computers located over a large network.

### 1.1 History

Bareos is a fork of the open source project Bacula version 5.2. In 2010 the Bacula community developer Marco van Wieringen started to collect rejected or neglected community contributions in his own branch. This branch was later on the base of Bareos and since then was enriched by a lot of new features.

This documentation also bases on the original Bacula documentation, it is technically also a fork of the documenation created following the rules of the GNU Free Documentation License.

Both, the Bacula project and the documentation was initiated by Kern Sibbald. We thank Kern and all contributors to Bacula and it’s documentation. We maintain a list of contributors to Bacula (until the time we’ve started the fork) an Bareos in our AUTHORS file.

### 1.2 Who Needs Bareos?

If you are currently using a program such as tar, dump, or bru to backup your computer data, and you would like a network solution, more flexibility, or catalog services, Bareos will most likely provide the additional features you want. However, if you are new to Unix systems or do not have offsetting experience with a sophisticated backup package, the Bareos project does not recommend using Bareos as it is much more difficult to setup and use than tar or dump.

If you want Bareos to behave like the above mentioned simple programs and write over any tape that you put in the drive, then you will find working with Bareos difficult. Bareos is designed to protect your data following the rules you specify, and this means reusing a tape only as the last resort. It is possible to ”force” Bareos to write over any tape in the drive, but it is easier and more efficient to use a simpler program for that kind of operation.

If you would like a backup program that can write to multiple volumes (i.e. is not limited by your tape drive capacity), Bareos can most likely fill your needs.

If you are currently using a sophisticated commercial package such as Legato Networker, ARCserveIT, Arkeia, IBM Tivoli Storage Manager or PerfectBackup+, you may be interested in Bareos, which provides many of the same features and is free software available under the GNU AGPLv3 software license.

### 1.3 Bareos Components or Services

Bareos is made up of the following five major components or services: Director, Console, File, Storage, and Monitor services.

#### Bareos Director

The Bareos Director service is the program that supervises all the backup, restore, verify and archive operations. The system administrator uses the Bareos Director to schedule backups and to recover files. The Director runs as a daemon (or service) in the background.

#### Bareos Console

The Bareos Console service is the program that allows the administrator or user to communicate with the Bareos Director Currently, the Bareos Console is available in two versions: a text-based console and a QT-based GUI interface. The first and simplest is to run the Console program in a shell window (i.e. TTY interface). Most system administrators will find this completely adequate. The second version is a GUI interface that is far from complete, but quite functional as it has most the capabilities of the shell Console. For more details see the Bareos Console Design Document.

#### Bareos File

The Bareos File service (also known as the Client program) is the software program that is installed on the machine to be backed up. It is specific to the operating system on which it runs and is responsible for providing the file attributes and data when requested by the Director. The File services are also responsible for the file system dependent part of restoring the file attributes and data during a recovery operation. For more details see the File Services Daemon Design Document in the Bareos Developer’s Guide. This program runs as a daemon on the machine to be backed up. In addition to Unix/Linux File daemons, there are File daemons for Windows and MacOS.

#### Bareos Storage

The Bareos Storage services consist of the software programs that perform the storage and recovery of the file attributes and data to the physical backup media or volumes. In other words, the Storage daemon is responsible for reading and writing your tapes (or other storage media, e.g. files). The Storage services runs as a daemon on the machine that has the backup device (such as a tape drive).

#### Catalog

The Catalog services are comprised of the software programs responsible for maintaining the file indexes and volume databases for all files backed up. The Catalog services permit the system administrator or user to quickly locate and restore any desired file. The Catalog services sets Bareos apart from simple backup programs like tar and bru, because the catalog maintains a record of all Volumes used, all Jobs run, and all Files saved, permitting efficient restoration and Volume management. Bareos currently supports three different databases, MySQL, PostgreSQL, and SQLite, one of which must be chosen when building Bareos.

The three SQL databases currently supported (MySQL, PostgreSQL or SQLite) provide quite a number of features, including rapid indexing, arbitrary queries, and security. Although the Bareos project plans to support other major SQL databases, the current Bareos implementation interfaces only to MySQL, PostgreSQL and SQLite. For the technical and porting details see the Catalog Services Design Document in the developer’s documented.

The packages for MySQL and PostgreSQL are available for several operating systems.

#### Bareos Tray Monitor

A Bareos Tray Monitor service is the program that allows the user to watch current status of Bareos Directors, Bareos File Daemons and Bareos Storage Daemons. Currently, a QT version is available, which works with Linux and Windows.

To perform a successful save or restore, the following four daemons must be configured and running: the Director daemon, the File daemon, the Storage daemon, and the Catalog service (MySQL, PostgreSQL or SQLite).

### 1.4 Bareos Packages

Following Bareos Linux packages are available (release 13.2):

 Package Name Description bareos Bares All-In-One package (dir,sd,fd) bareos-bat Provide Bareos Admin Tool gui bareos-bconsole Provide ncurses administration console bareos-client Meta-All-In-One package client package bareos-common Generic libs needed by every package bareos-database-common Generic abstration lib for the sql catalog bareos-database-mysql Libs and tools for mysql catalog bareos-database-postgresql Libs and tools for postgresql catalog bareos-database-sqlite3 Libs and tools for sqlite3 catalog bareos-database-tools Provides bareos-dbcheck, bscan bareos-devel Devel headers bareos-director Provide bareos director daemon bareos-filedaemon Provide bareos file daemon service bareos-storage Provide bareos storage daemon bareos-storage-tape Provide bareos storage daemon tape support bareos-tools Provides bcopy, bextract, bls, bregex, bwild bareos-traymonitor Qt based tray monitor

Additionally, packages containing debug information are available. These are named differently depending on the distribution (bareos-debuginfo or bareos-dbg or ).

Not all packages are required to run Bareos.

• For the Bareos Director, the package bareos-director and one of bareos-database-mysql, bareos-database-postgresql or bareos-database-sqlite3 are required (use bareos-database-sqlite3 only for testing).
• For the Bareos Storage Daemon, the package bareos-storage is required. If you plan to connect tape drives to the storage director, also install the package bareos-storage-tape. This is keeped separtly, because it has additional dependencies for tape tools.
• On a client, only the package bareos-filedaemon is required. If you run it on a workstation, the packages bareos-traymonitor gives the user information about running backups.
• On a Backup Administration system you need to install at least bareos-bconsole to have an interactive console to the Bareos Director.

### 1.5 Bareos Configuration

In order for Bareos to understand your system, what clients you want backed up and how, you must create a number of configuration files containing resources (or objects).

### 1.6 Conventions Used in this Document

Bareos is in a state of evolution, and as a consequence, this manual will not always agree with the code. If an item in this manual is preceded by an asterisk (*), it indicates that the particular feature is not implemented. If it is preceded by a plus sign (+), it indicates that the feature may be partially implemented.

If you are reading this manual as supplied in a released version of the software, the above paragraph holds true. If you are reading the online version of the manual, http://www.bareos.org, please bear in mind that this version describes the current version in development that may contain features not in the released version. Just the same, it generally lags behind the code a bit.

The source of this document is available at https://github.com/bareos/bareos-docs. As with the rest of the Bareos project, you are welcome to participate and improve it.

### 1.7 Quick Start

To get Bareos up and running quickly, the author recommends that you first scan the Terminology section below, then quickly review the next chapter entitled The Current State of Bareos, then the Installing Bareos, the Getting Started with Bareos, which will give you a quick overview of getting Bareos running. After which, you should proceed to the chapter How to Configure Bareos, and finally the chapter on Running Bareos.

### 1.8 Terminology

The person or persons responsible for administrating the Bareos system.
Backup
The term Backup refers to a Bareos Job that saves files.
Bootstrap File
The bootstrap file is an ASCII file containing a compact form of commands that allow Bareos or the stand-alone file extraction utility (bextract) to restore the contents of one or more Volumes, for example, the current state of a system just backed up. With a bootstrap file, Bareos can restore your system without a Catalog. You can create a bootstrap file from a Catalog to extract any file or files you wish.
Catalog
The Catalog is used to store summary information about the Jobs, Clients, and Files that were backed up and on what Volume or Volumes. The information saved in the Catalog permits the administrator or user to determine what jobs were run, their status as well as the important characteristics of each file that was backed up, and most importantly, it permits you to choose what files to restore. The Catalog is an online resource, but does not contain the data for the files backed up. Most of the information stored in the catalog is also stored on the backup volumes (i.e. tapes). Of course, the tapes will also have a copy of the file data in addition to the File Attributes (see below).

The catalog feature is one part of Bareos that distinguishes it from simple backup and archive programs such as dump and tar.

Client
In Bareos’s terminology, the word Client refers to the machine being backed up, and it is synonymous with the File services or File daemon, and quite often, it is referred to it as the FD. A Client is defined in a configuration file resource.
Console
The program that interfaces to the Director allowing the user or system administrator to control Bareos.
Daemon
Unix terminology for a program that is always present in the background to carry out a designated task. On Windows systems, as well as some Unix systems, daemons are called Services.
Directive
The term directive is used to refer to a statement or a record within a Resource in a configuration file that defines one specific setting. For example, the Name directive defines the name of the Resource.
Director
The main Bareos server daemon that schedules and directs all Bareos operations. Occasionally, the project refers to the Director as DIR.
Differential
A backup that includes all files changed since the last Full save started. Note, other backup programs may define this differently.
File Attributes
The File Attributes are all the information necessary about a file to identify it and all its properties such as size, creation date, modification date, permissions, etc. Normally, the attributes are handled entirely by Bareos so that the user never needs to be concerned about them. The attributes do not include the file’s data.
File Daemon
The daemon running on the client computer to be backed up. This is also referred to as the File services, and sometimes as the Client services or the FD.

FileSet
A FileSet is a Resource contained in a configuration file that defines the files to be backed up. It consists of a list of included files or directories, a list of excluded files, and how the file is to be stored (compression, encryption, signatures). For more details, see the FileSet Resource definition in the Director chapter of this document.
Incremental
A backup that includes all files changed since the last Full, Differential, or Incremental backup started. It is normally specified on the Level directive within the Job resource definition, or in a Schedule resource.

Job
A Bareos Job is a configuration resource that defines the work that Bareos must perform to backup or restore a particular Client. It consists of the Type (backup, restore, verify, etc), the Level (full, differential, incremental, etc.), the FileSet, and Storage the files are to be backed up (Storage device, Media Pool). For more details, see the Job Resource definition in the Director chapter of this document.
Monitor
The program that interfaces to all the daemons allowing the user or system administrator to monitor Bareos status.
Resource
A resource is a part of a configuration file that defines a specific unit of information that is available to Bareos. It consists of several directives (individual configuration statements). For example, the Job resource defines all the properties of a specific Job: name, schedule, Volume pool, backup type, backup level, ...
Restore
A restore is a configuration resource that describes the operation of recovering a file from backup media. It is the inverse of a save, except that in most cases, a restore will normally have a small set of files to restore, while normally a Save backs up all the files on the system. Of course, after a disk crash, Bareos can be called upon to do a full Restore of all files that were on the system.
Schedule
A Schedule is a configuration resource that defines when the Bareos Job will be scheduled for execution. To use the Schedule, the Job resource will refer to the name of the Schedule. For more details, see the Schedule Resource definition in the Director chapter of this document.
Service
This is a program that remains permanently in memory awaiting instructions. In Unix environments, services are also known as daemons.
Storage Coordinates
The information returned from the Storage Services that uniquely locates a file on a backup medium. It consists of two parts: one part pertains to each file saved, and the other part pertains to the whole Job. Normally, this information is saved in the Catalog so that the user doesn’t need specific knowledge of the Storage Coordinates. The Storage Coordinates include the File Attributes (see above) plus the unique location of the information on the backup Volume.
Storage Daemon
The Storage daemon, sometimes referred to as the SD, is the code that writes the attributes and data to a storage Volume (usually a tape or disk).
Session
Normally refers to the internal conversation between the File daemon and the Storage daemon. The File daemon opens a session with the Storage daemon to save a FileSet or to restore it. A session has a one-to-one correspondence to a Bareos Job (see above).
Verify
A verify is a job that compares the current file attributes to the attributes that have previously been stored in the Bareos Catalog. This feature can be used for detecting changes to critical system files similar to what a file integrity checker like Tripwire does. One of the major advantages of using Bareos to do this is that on the machine you want protected such as a server, you can run just the File daemon, and the Director, Storage daemon, and Catalog reside on a different machine. As a consequence, if your server is ever compromised, it is unlikely that your verification database will be tampered with.

Verify can also be used to check that the most recent Job data written to a Volume agrees with what is stored in the Catalog (i.e. it compares the file attributes), *or it can check the Volume contents against the original files on disk.

Retention Period
There are various kinds of retention periods that Bareos recognizes. The most important are the File Retention Period, Job Retention Period, and the Volume Retention Period. Each of these retention periods applies to the time that specific records will be kept in the Catalog database. This should not be confused with the time that the data saved to a Volume is valid.

The File Retention Period determines the time that File records are kept in the catalog database. This period is important for two reasons: the first is that as long as File records remain in the database, you can ”browse” the database with a console program and restore any individual file. Once the File records are removed or pruned from the database, the individual files of a backup job can no longer be ”browsed”. The second reason for carefully choosing the File Retention Period is because the volume of the database File records use the most storage space in the database. As a consequence, you must ensure that regular ”pruning” of the database file records is done to keep your database from growing too large. (See the Console prune command for more details on this subject).

The Job Retention Period is the length of time that Job records will be kept in the database. Note, all the File records are tied to the Job that saved those files. The File records can be purged leaving the Job records. In this case, information will be available about the jobs that ran, but not the details of the files that were backed up. Normally, when a Job record is purged, all its File records will also be purged.

The Volume Retention Period is the minimum of time that a Volume will be kept before it is reused. Bareos will normally never overwrite a Volume that contains the only backup copy of a file. Under ideal conditions, the Catalog would retain entries for all files backed up for all current Volumes. Once a Volume is overwritten, the files that were backed up on that Volume are automatically removed from the Catalog. However, if there is a very large pool of Volumes or a Volume is never overwritten, the Catalog database may become enormous. To keep the Catalog to a manageable size, the backup information should be removed from the Catalog after the defined File Retention Period. Bareos provides the mechanisms for the catalog to be automatically pruned according to the retention periods defined.

Scan
A Scan operation causes the contents of a Volume or a series of Volumes to be scanned. These Volumes with the information on which files they contain are restored to the Bareos Catalog. Once the information is restored to the Catalog, the files contained on those Volumes may be easily restored. This function is particularly useful if certain Volumes or Jobs have exceeded their retention period and have been pruned or purged from the Catalog. Scanning data from Volumes into the Catalog is done by using the bscan program. See the bscan section of the Bareos Utilities chapter of this manual for more details.
Volume
A Volume is an archive unit, normally a tape or a named disk file where Bareos stores the data from one or more backup jobs. All Bareos Volumes have a software label written to the Volume by Bareos so that it identifies what Volume it is really reading. (Normally there should be no confusion with disk files, but with tapes, it is easy to mount the wrong one.)

### 1.9 What Bareos is Not

Bareos is a backup, restore and verification program and is not a complete disaster recovery system in itself, but it can be a key part of one if you plan carefully and follow the instructions included in the Disaster Recovery chapter of this manual.

With proper planning, as mentioned in the Disaster Recovery chapter, Bareos can be a central component of your disaster recovery system. For example, if you have created an emergency boot disk, and/or a Bareos Rescue disk to save the current partitioning information of your hard disk, and maintain a complete Bareos backup, it is possible to completely recover your system from ”bare metal” that is starting from an empty disk.

If you have used the WriteBootstrap record in your job or some other means to save a valid bootstrap file, you will be able to use it to extract the necessary files (without using the catalog or manually searching for the files to restore).

### 1.10 Interactions Between the Bareos Services

The following block diagram shows the typical interactions between the Bareos Services for a backup job. Each block represents in general a separate process (normally a daemon). In general, the Director oversees the flow of information. It also maintains the Catalog.

## Chapter 2The Current State of Bareos

In other words, what is and what is not currently implemented and functional.

### 2.1 What is Implemented

• Job Control
• Network backup/restore with centralized Director.
• Internal scheduler for automatic Job execution.
• Scheduling of multiple Jobs at the same time.
• You may run one Job at a time or multiple simultaneous Jobs (sometimes called multiplexing).
• Job sequencing using priorities.
• Console interface to the Director allowing complete control. A text console and a Qt4 GUI of the Console program are available.
• Security
• Verification of files previously cataloged, permitting a Tripwire like capability (system break-in detection).
• CRAM-MD5 password authentication between each component (daemon).
• Configurable TLS (SSL) communications encryption between each component.
• Configurable Data (on Volume) encryption on a Client by Client basis.
• Computation of MD5 or SHA1 signatures of the file data if requested.
• Restore Features
• Restore of one or more files selected interactively either for the current backup or a backup prior to a specified time and date.
• Listing and Restoration of files using stand-alone bls and bextract tool programs. Among other things, this permits extraction of files when Bareos and/or the catalog are not available. Note, the recommended way to restore files is using the restore command in the Console. These programs are designed for use as a last resort.
• Ability to restore the catalog database rapidly by using bootstrap files (previously saved).
• Ability to recreate the catalog database by scanning backup Volumes using the bscan program.
• SQL Catalog
• Catalog database facility for remembering Volumes, Pools, Jobs, and Files backed up.
• Support for MySQL, PostgreSQL, and SQLite Catalog databases.
• User extensible queries to the MySQL, PostgreSQL and SQLite databases.
• Advanced Volume and Pool Management
• Labeled Volumes, preventing accidental overwriting (at least by Bareos).
• Any number of Jobs and Clients can be backed up to a single Volume. That is, you can backup and restore Linux, Unix and Windows machines to the same Volume.
• Multi-volume saves. When a Volume is full, Bareos automatically requests the next Volume and continues the backup.
• Pool and Volume library management providing Volume flexibility (e.g. monthly, weekly, daily Volume sets, Volume sets segregated by Client, ...).
• Machine independent Volume data format. Linux, Solaris, and Windows clients can all be backed up to the same Volume if desired.
• The Volume data format is upwards compatible so that old Volumes can always be read.
• A flexible message handler including routing of messages from any daemon back to the Director and automatic email reporting.
• Data spooling to disk during backup with subsequent write to tape from the spooled disk files. This prevents tape ”shoe shine” during Incremental/Differential backups.
• Advanced Support for most Storage Devices
• Autochanger support using a simple shell interface that can interface to virtually any autoloader program. A script for mtx is provided.
• Support for autochanger barcodes – automatic tape labeling from barcodes.
• Automatic support for multiple autochanger magazines either using barcodes or by reading the tapes.
• Support for multiple drive autochangers.
• Raw device backup/restore. Restore must be to the same device.
• All Volume blocks (approximately 64K bytes) contain a data checksum.
• Migration support – move data from one Pool to another or one Volume to another.
• Multi-Operating System Support
• Programmed to handle arbitrarily long filenames and messages.
• Compression on a file by file basis done by the Client program if requested before network transit.
• Saves and restores POSIX ACLs and Extended Attributes on most OSes if enabled.
• Access control lists for Consoles that permit restricting user access to only their data.
• Support for save/restore of files larger than 2GB.
• Support ANSI and IBM tape labels.
• Support for Unicode filenames (e.g. Chinese) on Win32 machines
• Consistent backup of open files on Win32 systems using Volume Shadow Copy (VSS).
• Support for path/filename lengths of up to 64K on Win32 machines (unlimited on Unix/Linux machines).
• Miscellaneous
• A comprehensive and extensible configuration file for each daemon.

### 2.2 Advantages Over Other Backup Programs

• Since there is a client for each machine, you can backup and restore clients of any type ensuring that all attributes of files are properly saved and restored.
• It is also possible to backup clients without any client software by using NFS or CIFS. However, if possible, we recommend running a Client File daemon on each machine to be backed up.
• Bareos handles multi-volume backups.
• A full comprehensive SQL standard database of all files backed up. This permits online viewing of files saved on any particular Volume.
• Automatic pruning of the database (removal of old records) thus simplifying database administration.
• Any SQL database engine can be used making Bareos very flexible. Drivers currently exist for MySQL, PostgreSQL, and SQLite.
• The modular but integrated design makes Bareos very scalable.
• Since Bareos uses client file servers, any database or other application can be properly shutdown by Bareos using the native tools of the system, backed up, then restarted (all within a Bareos Job).
• Bareos has a built-in Job scheduler.
• The Volume format is documented and there are simple C programs to read/write it.
• Bareos uses well defined (IANA registered) TCP/IP ports – no rpcs, no shared memory.
• Bareos installation and configuration is relatively simple compared to other comparable products.
• Aside from several GUI administrative interfaces, Bareos has a comprehensive shell administrative interface, which allows the administrator to use tools such as ssh to administrate any part of Bareos from anywhere.

### 2.3 Current Implementation Restrictions

• It is very unusual to attempt to restore two Jobs that ran simultaneously in a single restore, but if you do, please be aware that unless you had data spooling turned on and the spool file held the full contents of both Jobs during the backup, the restore will not work correctly. In other terms, Bareos cannot restore two jobs in the same restore if the Jobs’ data blocks were intermixed on the backup medium. The problem is resolved by simply doing two restores, one for each Job. Normally this can happen only if you manually enter specific JobIds to be restored in a single restore Job.
• Bareos can generally restore any backup made from one client to any other client. However, if the architecture is significantly different (i.e. 32 bit architecture to 64 bit or Win32 to Unix), some restrictions may apply (e.g. Solaris door files do not exist on other Unix/Linux machines; there are reports that Zlib compression written with 64 bit machines does not always read correctly on a 32 bit machine).

### 2.4 Design Limitations or Restrictions

• Names (resource names, volume names, and such) defined in Bareos configuration files are limited to a fixed number of characters. Currently the limit is defined as 127 characters. Note, this does not apply to filenames, which may be arbitrarily long.
• Command line input to some of the stand alone tools – e.g. btape, bconsole is restricted to several hundred characters maximum. Normally, this is not a restriction, except in the case of listing multiple Volume names for programs such as bscan. To avoid this command line length restriction, please use a .bsr file to specify the Volume names.
• Bareos configuration files for each of the components can be any length. However, the length of an individual line is limited to 500 characters after which it is truncated. If you need lines longer than 500 characters for directives such as ACLs where they permit a list of names are character strings simply specify multiple short lines repeating the directive on each line but with different list values.

### 2.5 Items to Note

• Bareos’s Differential and Incremental normal backups are based on time stamps. Consequently, if you move files into an existing directory or move a whole directory into the backup fileset after a Full backup, those files will probably not be backed up by an Incremental save because they will have old dates. This problem is corrected by using Accurate mode backups or by explicitly updating the date/time stamp on all moved files.
• In non Accurate mode, files deleted after a Full save will be included in a restoration. This is typical for most similar backup programs. To avoid this, use Accurate mode backup.

## Chapter 3Installing Bareos

If you are like me, you want to get Bareos running immediately to get a feel for it, then later you want to go back and read about all the details. This chapter attempts to accomplish just that: get you going quickly without all the details.

Bareos comes prepackaged for a number of Linux distributions. So the easiest way to get to a running Bareos installation, is to use a platform where prepacked Bareos packages are available. Additional information can be found in the chapter Operating Systems.

If Bareos is available as a package, only 4 steps are required to get to a running Bareos System:

• Subscribe to the repository according to your platform and version
• Install the Bareos package
• Prepare database backend
• Start the daemons

This will start a very basic Bareos installation which will regularly backup a directory to disk. In order to fit it to your needs, you’ll have to adapt the configuration and might want to backup other clients.

### 3.1 Subscribe to a Software Repository and Install Software

You’ll find Bareos binary package repositories at http://download.bareos.org/bareos. Add the repository to your system. You will find the public key in the repodata subdirectory (for Debian the distribution directory itself). See your distribution’s documentation for details.

You will then have to install the package bareos.

This will install all client- and server components and the postgresql backend. We recommend to use postgresql, therefore this is the default. You can also use mysql or sqlite3 (where sqlite3 is intended for testing purposes only, by no means recommended for productive use).

If you want to use mysql rather than postgresql, you need two packages: bareos and bareos-database-mysql.

Here are some working examples:

#### 3.1.1 Install on RedHat based Linux Distributions

##### RHEL 6

 wget -O /etc/yum.repos.d/bareos.repo http://download.bareos.org/bareos/release/latest/RHEL_6/bareos.repo


For using PostgreSQL backend:

 yum install bareos bareos-database-postgresql

Commands 3.2: Bareos installation on RHEL 6 (PostgreSQL backend)

For using MySQL backend:

 yum install bareos bareos-database-mysql

Commands 3.3: Bareos installation on RHEL 6 (MySQL backend)

##### CentOS 6

Just replace RHEL by CentOS in the repository URL

##### RHEL 5

yum in RHEL 5 has slightly different behaviour as far as dependency resolving is concerned: it sometimes install a dependent package after the one that has the dependency defined. To make sure that it works, install the desired Bareos database backend package first in a separate step:

 wget -O /etc/yum.repos.d/bareos.repo http://download.bareos.org/bareos/release/latest/RHEL_5/bareos.repo


After that you can install with PostgreSQL backend:

 yum install bareos-database-postgresql yum install bareos

Commands 3.5: Bareos installation on RHEL 5 (PostgreSQL backend)

Or install with MySQL backend:

 yum install bareos-database-mysql yum install bareos

Commands 3.6: Bareos installation on RHEL 5 (MySQL backend)

##### CentOS 5

Again, just replace RHEL with CentOS in the repository URL.

##### Fedora 18

 wget -O /etc/yum.repos.d/bareos.repo http://download.bareos.org/bareos/release/latest/Fedora_18/bareos.repo


After that you can install with PostgreSQL backend:

 yum install bareos bareos-database-postgresql

Commands 3.8: Bareos installation on Fedora 18 (PostgreSql backend)

Or install with MySQL backend:

 yum install bareos bareos-database-mysql

Commands 3.9: Bareos installation on Fedora 18 (MySQL backend)

#### 3.1.2 Install on SUSE based Linux Distributions

##### SLES11 SP3
 zypper addrepo --refresh http://download.bareos.org/bareos/release/latest/SLE_11_SP3/bareos.repo zypper install bareos bareos-database-mysql

Commands 3.10: Bareos installation on SUSE Linux Enterprise Server (SLES) 11 SP3

In this example using mysql as database backend.

##### openSUSE 13.1
 zypper addrepo --refresh http://download.bareos.org/bareos/release/latest/openSUSE_13.1/bareos.repo zypper install bareos bareos-database-mysql

Commands 3.11: Bareos installation on openSUSE 13.1

#### 3.1.3 Install on Debian based Linux Distributions

##### Debian 7
 URL=http://download.bareos.org/bareos/release/latest/Debian_7.0/ printf "deb $URL /\n" > /etc/apt/sources.list.d/bareos.list # add package key wget -q$URL/Release.key -O- | apt-key add -  apt-get update apt-get install bareos bareos-database-postgresql

Commands 3.12: Bareos installation on Debian 7

##### Ubuntu 12.04
 URL=http://download.bareos.org/bareos/release/latest/xUbuntu_12.04/ printf "deb $URL /\n" > /etc/apt/sources.list.d/bareos.list # add package key wget -q$URL/Release.key -O- | apt-key add -  apt-get update apt-get install bareos bareos-database-postgresql

Commands 3.13: Bareos installation on Ubuntu 12.04

### 3.2 Prepare Bareos database

We assume that you have already your database installed and basically running. Currently the database backend PostgreSQL and MySQL are recommended. The Sqlite database backend is only intended for testing purposes.

The easiest way to set up a database is using an system account that have passwordless local access to the database. Often this is the user root for MySQL and the user postgres for PostgreSQL.

For details, see chapter Catalog Maintenance.

#### 3.2.1 PostgreSQL

 su postgres -c /usr/lib/bareos/scripts/create_bareos_database su postgres -c /usr/lib/bareos/scripts/make_bareos_tables su postgres -c /usr/lib/bareos/scripts/grant_bareos_privileges

Commands 3.14: Setup Bareos catalog database

#### 3.2.2 MySQL

Make sure, that root has direct access to the local MySQL server. Check if the command mysql connects to the database without defining the password. This is the default on RedHat and SUSE distributions. On other systems (Debian, Ubuntu), create the file ~/.my.cnf with your authentication informations:

 [client] host=localhost user=root password=YourPasswordForAccessingMysqlAsRoot

Configuration 3.15: MySQL credentials file .my.cnf

It is recommended, to secure the Bareos database connection with a password. See Catalog Maintenance – MySQL about how to archieve this. For testing, using a password-less MySQL connection is probable okay. Setup the Bareos database tables by following commands:

 /usr/lib/bareos/scripts/create_bareos_database /usr/lib/bareos/scripts/make_bareos_tables /usr/lib/bareos/scripts/grant_bareos_privileges

Commands 3.16: Setup Bareos catalog database

As some Bareos updates require a database schema update, therefore the file /root/.my.cnf might also be useful in the future.

### 3.3 Start the daemons

 service bareos-dir start service bareos-sd start service bareos-fd start

Commands 3.17: Start the Bareos Daemons

You will eventually have to allow access to the ports 9101-9103, used by Bareos.

Now you should be able to access the director using the bconsole.

## Chapter 4Updating Bareos

In most cases, a Bareos update is simply done by a package update of the distribution. Please remind, that Bareos Director and Bareos Storage Daemon must always have the same version. The version of the File Daemon may differ, see chapter about backward compatibility.

### 4.1 Updating the database schema

Sometimes improvements in Bareos make it neccessary to update the database scheme. This has to be done as database administrator and can therefore not be done by the Bareos packages itself, even if the database host runs on the same system as the Bareos Director.

Please note! If the Bareos catalog database has not the current schema, the Bareos Director refuses to start. Detailed information can than be found in the log file /var/log/bareos/bareos.log.

Take a look in the Release Notes to see, what Bareos updates to require a database schema update.

The task of updating the database schema is done by the script /usr/lib/bareos/scripts/update_bareos_tables.

However, this script requires administration access to the database. Depending on your distribution and your database, this requires different preparations. More details can be found in chapter Catalog Maitenance.

Please note! If you’re updating to Bareos <= 13.2.3 and had configured the Bareos database during install using Bareos environment variables (db_name, db_user or db_password, see Catalog Maintenance), make sure to have these variables definied in the same way when calling the update and grant scripts. Newer versions of Bareos read this variables from the Director configuration file /etc/bareos/bareos-dir.conf. However, make sure, the user running the database scripts has read access to this file (or set the environment variables). The postgres user normally does not have the required permissions.

#### 4.1.1 PostgreSQL

 su postgres -c /usr/lib/bareos/scripts/update_bareos_tables su postgres -c /usr/lib/bareos/scripts/grant_bareos_privileges

Commands 4.1: Update PostgreSQL database schema

The grant_bareos_privileges command is required, if new databases tables are introduced. It does not hurt to run es multiple times.

After this, restart the Bareos Director and verify it starts without problems.

#### 4.1.2 MySQL

Make sure, that root has direct access to the local MySQL server. Check if the command mysql without parameter connects to the database. If not, you may be required to adapt your local MySQL config file ~/.my.cnf. It should look similar to this:

 [client] host=localhost user=root password=YourPasswordForAccessingMysqlAsRoot

Configuration 4.2: MySQL credentials file .my.cnf

If you are able to connect via the mysql to the database, run the following script from the Unix prompt:

 /usr/lib/bareos/scripts/update_bareos_tables

Commands 4.3: Update MySQL database schema

Currently on MySQL is it not neccessary to run grant_bareos_privileges, because access to the database is already given using wildcards.

After this, restart the Bareos Director and verify it starts without problems.

## Chapter 5Getting Started with Bareos

### 5.1 Understanding Jobs and Schedules

In order to make Bareos as flexible as possible, the directions given to Bareos are specified in several pieces. The main instruction is the job resource, which defines a job. A backup job generally consists of a FileSet, a Client, a Schedule for one or several levels or times of backups, a Pool, as well as additional instructions. Another way of looking at it is the FileSet is what to backup; the Client is who to backup; the Schedule defines when, and the Pool defines where (i.e. what Volume).

Typically one FileSet/Client combination will have one corresponding job. Most of the directives, such as FileSets, Pools, Schedules, can be mixed and matched among the jobs. So you might have two different Job definitions (resources) backing up different servers using the same Schedule, the same Fileset (backing up the same directories on two machines) and maybe even the same Pools. The Schedule will define what type of backup will run when (e.g. Full on Monday, incremental the rest of the week), and when more than one job uses the same schedule, the job priority determines which actually runs first. If you have a lot of jobs, you might want to use JobDefs, where you can set defaults for the jobs, which can then be changed in the job resource, but this saves rewriting the identical parameters for each job. In addition to the FileSets you want to back up, you should also have a job that backs up your catalog.

Finally, be aware that in addition to the backup jobs there are restore, verify, and admin jobs, which have different requirements.

### 5.2 Understanding Pools, Volumes and Labels

If you have been using a program such as tar to backup your system, Pools, Volumes, and labeling may be a bit confusing at first. A Volume is a single physical tape (or possibly a single file) on which Bareos will write your backup data. Pools group together Volumes so that a backup is not restricted to the length of a single Volume (tape). Consequently, rather than explicitly naming Volumes in your Job, you specify a Pool, and Bareos will select the next appendable Volume from the Pool and request you to mount it.

Although the basic Pool options are specified in the Director’s Pool resource, the real Pool is maintained in the Bareos Catalog. It contains information taken from the Pool resource (bareos-dir.conf) as well as information on all the Volumes that have been added to the Pool. Adding Volumes to a Pool is usually done manually with the Console program using the label command.

For each Volume, Bareos maintains a fair amount of catalog information such as the first write date/time, the last write date/time, the number of files on the Volume, the number of bytes on the Volume, the number of Mounts, etc.

Before Bareos will read or write a Volume, the physical Volume must have a Bareos software label so that Bareos can be sure the correct Volume is mounted. This is usually done using the label command in the Console program.

The steps for creating a Pool, adding Volumes to it, and writing software labels to the Volumes, may seem tedious at first, but in fact, they are quite simple to do, and they allow you to use multiple Volumes (rather than being limited to the size of a single tape). Pools also give you significant flexibility in your backup process. For example, you can have a ”Daily” Pool of Volumes for Incremental backups and a ”Weekly” Pool of Volumes for Full backups. By specifying the appropriate Pool in the daily and weekly backup Jobs, you thereby insure that no daily Job ever writes to a Volume in the Weekly Pool and vice versa, and Bareos will tell you what tape is needed and when.

For more on Pools, see the Pool Resource section of the Director Configuration chapter, or simply read on, and we will come back to this subject later.

### 5.3 Setting Up Bareos Configuration Files

On Unix, Bareos configuration files are usualy location in the /etc/bareos/ directory and are named accordingly to the programs that use it: bareos-fd.conf, bareos-sd.conf, bareos-dir.conf, bconsole.conf, etc.

For information about Windows configuration files, see the Windows chapter.

#### 5.3.1 Configuring the Console Program

The Console program is used by the administrator to interact with the Director and to manually start/stop Jobs or to obtain Job status information.

The Console configuration file is named bconsole.conf.

Normally, for first time users, no change is needed to these files. Reasonable defaults are set.

Further details are in the Console configuration chapter.

#### 5.3.2 Configuring the File daemon

The File daemon is a program that runs on each (Client) machine. At the request of the Director, finds the files to be backed up and sends them (their data) to the Storage daemon.

The File daemon configuration file is named bareos-fd.conf. Normally, for first time users, no change is needed to this file. Reasonable defaults are set. However, if you are going to back up more than one machine, you will need to install the File daemon with a unique configuration file on each machine to be backed up. The information about each File daemon must appear in the Director’s configuration file.

Further details are in the File daemon configuration chapter.

#### 5.3.3 Configuring the Director

The Director is the central control program for all the other daemons. It schedules and monitors all jobs to be backed up.

The Director configuration file is named bareos-dir.conf.

In general, the only change you must make is modify the FileSet resource so that the Include configuration directive contains at least one line with a valid name of a directory (or file) to be saved.

Finally, if you have multiple systems to be backed up, you will need a separate File daemon or Client specification for each system, specifying its name, address, and password. We have found that giving your daemons the same name as your system but post fixed with -fd helps a lot in debugging. That is, if your system name is foobaz, you would give the File daemon the name foobaz-fd. For the Director, you should use foobaz-dir, and for the storage daemon, you might use foobaz-sd. Each of your Bareos components must have a unique name. If you make them all the same, aside from the fact that you will not know what daemon is sending what message, if they share the same working directory, the daemons temporary file names will not be unique, and you will get many strange failures.

#### 5.3.4 Configuring the Storage daemon

The Storage daemon is responsible, at the Director’s request, for accepting data from a File daemon and placing it on Storage media, or in the case of a restore request, to find the data and send it to the File daemon.

The Storage daemon’s configuration file is named bareos-sd.conf. The default configuration comes with backup to disk only, so the Archive device points to a directory in which the Volumes will be created as files when you label the Volume. These Storage resource name and Media Type must be the same as the corresponding ones in the Director’s configuration file bareos-dir.conf.

Further information is in the Storage daemon configuration chapter.

### 5.4 Testing your Configuration Files

You can test if your configuration file is syntactically correct by running the appropriate daemon with the -t option. The daemon will process the configuration file and print any error messages then terminate.

bareos-dir -t -c /etc/bareos/bareos-dir.conf
bareos-fd -t -c /etc/bareos/bareos-fd.conf
bareos-sd -t -c /etc/bareos/bareos-sd.conf
bconsole -t -c /etc/bareos/bconsole.conf
bat -t -c /etc/bareos/bat.conf
bareos-tray-monitor -t -c /etc/bareos/tray-monitor.conf"

will test the configuration files of each of the main programs. If the configuration file is OK, the program will terminate without printing anything.

### 5.6 Running Bareos

Probably the most important part of running Bareos is being able to restore files. If you haven’t tried recovering files at least once, when you actually have to do it, you will be under a lot more pressure, and prone to make errors, than if you had already tried it once.

To get a good idea how to use Bareos in a short time, we strongly recommend that you follow the example in the Running Bareos Chapter of this manual where you will get detailed instructions on how to run Bareos.

## Chapter 6Tutorial

This chapter will guide you through running Bareos. To do so, we assume you have installed Bareos. However, we assume that you have not changed the .conf files. If you have modified the .conf files, please go back and uninstall Bareos, then reinstall it, but do not make any changes. The examples in this chapter use the default configuration files, and will write the volumes to disk in your /var/lib/bareos/storage/ directory, in addition, the data backed up will be the source directory where you built Bareos. As a consequence, you can run all the Bareos daemons for these tests as non-root. Please note, in production, your File daemon(s) must run as root. See the Security chapter for more information on this subject.

The general flow of running Bareos is:

1. Start the Database (if using MySQL or PostgreSQL)
2. Start the Bareos Daemons
3. Start the Console program to interact with the Director
4. Run a job
5. When the Volume fills, unmount the Volume, if it is a tape, label a new one, and continue running. In this chapter, we will write only to disk files so you won’t need to worry about tapes for the moment.
6. Test recovering some files from the Volume just written to ensure the backup is good and that you know how to recover. Better test before disaster strikes

Each of these steps is described in more detail below.

### 6.1 Installing Bareos

For installing Bareos, follow the instructions from the Installing Bareos chapter.

### 6.2 Starting the Database

If you are using MySQL or PostgreSQL as the Bareos database, you should start it before you attempt to run a job to avoid getting error messages from Bareos when it starts. If you are using SQLite you need do nothing. SQLite is automatically started by Bareos.

### 6.3 Starting the Daemons

Assuming you have installed the packages, to start the three daemons, from your installation directory, simply enter:

service bareos-dir start
service bareos-sd start
service bareos-fd start

The bareos script starts the Storage daemon, the File daemon, and the Director daemon, which all normally run as daemons in the background. If you are using the autostart feature of Bareos, your daemons will either be automatically started on reboot, or you can control them individually with the files bareos-dir, bareos-fd, and bareos-sd, which are usually located in /etc/init.d, though the actual location is system dependent. Some distributions may do this differently.

Note, on Windows, currently only the File daemon is ported, and it must be started differently. Please see the Windows Version of Bareos chapter of this manual.

The rpm packages configure the daemons to run as user=root and group=bareos. The rpm installation also creates the group bareos if it does not exist on the system. Any users that you add to the group bareos will have access to files created by the daemons. To disable or alter this behavior edit the daemon startup scripts:

• /etc/init.d/bareos-dir
• /etc/init.d/bareos-sd
• /etc/init.d/bareos-fd

and then restart as noted above.

The installation chapter of this manual explains how you can install scripts that will automatically restart the daemons when the system starts.

### 6.4 Using the Director to Query and Start Jobs

To communicate with the director and to query the state of Bareos or run jobs, from the top level directory, simply enter:

bconsole

For simplicity, here we will describe only the bconsole program, also there is also a graphical interface called BAT.

The bconsole runs the Bareos Console program, which connects to the Director daemon. Since Bareos is a network program, you can run the Console program anywhere on your network. Most frequently, however, one runs it on the same machine as the Director. Normally, the Console program will print something similar to the following:

root@bareos:~ # bconsole
Connecting to Director bareos:9101
Enter a period to cancel a command.
*

the asterisk is the console command prompt.

Type help to see a list of available commands:

 * help   Command       Description   =======       ===========   add           Add media to a pool   autodisplay   Autodisplay console messages   automount     Automount after label   cancel        Cancel a job   create        Create DB Pool from resource   delete        Delete volume, pool or job   disable       Disable a job   enable        Enable a job   estimate      Performs FileSet estimate, listing gives full listing   exit          Terminate Bconsole session   export        Export volumes from normal slots to import/export slots   gui           Non-interactive gui mode   help          Print help on specific command   import        Import volumes from import/export slots to normal slots   label         Label a tape   list          List objects from catalog   llist         Full or long list like list command   messages      Display pending messages   memory        Print current memory usage   mount         Mount storage   move          Move slots in an autochanger   prune         Prune expired records from catalog   purge         Purge records from catalog   quit          Terminate Bconsole session   query         Query catalog   restore       Restore files   relabel       Relabel a tape   release       Release storage   reload        Reload conf file   rerun         Rerun a job   run           Run a job   status        Report status   setbandwidth  Sets bandwidth   setdebug      Sets debug level   setip         Sets new client address -- if authorized   show          Show resource records   sqlquery      Use SQL to query catalog   time          Print current time   trace         Turn on/off trace to file   unmount       Unmount storage   umount        Umount - for old-time Unix guys, see unmount   update        Update volume, pool or stats   use           Use specific catalog   var           Does variable expansion   version       Print Director version   wait          Wait until no jobs are running

bconsole 6.1: help

Details of the console program’s commands are explained in the Console Chapter of this manual.

### 6.5 Running a Job

At this point, we assume you have done the following:

• Installed Bareos
• Started the Database
• Prepared the database for Bareos
• Started Bareos Director, Storage Daemon and File Daemon
• Invoked the Console program with bconsole

Furthermore, we assume for the moment you are using the default configuration files.

At this point, enter the show filesets and you should get something similar this:

 * show filesets FileSet: name=Full Set       O M       N       I /usr/sbin       N       E /var/lib/bareos       E /var/lib/bareos/storage       E /proc       E /tmp       E /.journal       E /.fsck       N

bconsole 6.2: show filesets

This is a pre-defined FileSet that will backup the Bareos source directory. The actual directory names printed should correspond to your system configuration. For testing purposes, we have chosen a directory of moderate size (about 40 Megabytes) and complexity without being too big. The FileSet Catalog is used for backing up Bareos’s catalog and is not of interest to us for the moment. The I entries are the files or directories that will be included in the backup and the E are those that will be excluded, and the O entries are the options specified for the FileSet. You can change what is backed up by editing bareos-dir.conf and changing the File = line in the FileSet resource.

Now is the time to run your first backup job. We are going to backup your Bareos source directory to a File Volume in your /var/lib/bareos/storage/ directory just to show you how easy it is. Now enter:

status dir

and you should get the following output:

bareos-dir Version: 13.2.0 (09 April 2013) x86_64-pc-linux-gnu debian Debian GNU/Linux 6.0 (squeeze)
Daemon started 23-May-13 13:17. Jobs: run=0, running=0 mode=0
Heap: heap=270,336 smbytes=59,285 max_bytes=59,285 bufs=239 max_bufs=239

Scheduled Jobs:
Level          Type     Pri  Scheduled          Name               Volume
===================================================================================
Incremental    Backup    10  23-May-13 23:05    BackupClient1      testvol
Full           Backup    11  23-May-13 23:10    BackupCatalog      testvol
====

Running Jobs:
Console connected at 23-May-13 13:34
No Jobs running.
====

where the times and the Director’s name will be different according to your setup. This shows that an Incremental job is scheduled to run for the Job BackupClient1 at 1:05am and that at 1:10, a BackupCatalog is scheduled to run. Note, you should probably change the name BackupClient1 to be the name of your machine, if not, when you add additional clients, it will be very confusing.

Now enter:

status client

and you should get something like:

Automatically selected Client: bareos-fd
Connecting to Client bareos-fd at bareos:9102

bareos-fd Version: 13.2.0 (09 April 2013)  x86_64-pc-linux-gnu debian Debian GNU/Linux 6.0 (squeeze)
Daemon started 23-May-13 13:17. Jobs: run=0 running=0.
Heap: heap=135,168 smbytes=26,000 max_bytes=26,147 bufs=65 max_bufs=66
Sizeof: boffset_t=8 size_t=8 debug=0 trace=0 bwlimit=0kB/s

Running Jobs:
Director connected at: 23-May-13 13:58
No Jobs running.
====

In this case, the client is named bareos-fd your name will be different, but the line beginning with bareos-fd Version ... is printed by your File daemon, so we are now sure it is up and running.

Finally do the same for your Storage daemon with:

status storage

and you should get:

Automatically selected Storage: File
Connecting to Storage daemon File at bareos:9103

bareos-sd Version: 13.2.0 (09 April 2013) x86_64-pc-linux-gnu debian Debian GNU/Linux 6.0 (squeeze)
Daemon started 23-May-13 13:17. Jobs: run=0, running=0.
Heap: heap=241,664 smbytes=28,574 max_bytes=88,969 bufs=73 max_bufs=74
Sizes: boffset_t=8 size_t=8 int32_t=4 int64_t=8 mode=0 bwlimit=0kB/s

Running Jobs:
No Jobs running.
====

Device status:

Device "FileStorage" (/var/lib/bareos/storage) is not open.
==
====

Used Volume status:
====

====

You will notice that the default Storage daemon device is named File and that it will use device /var/lib/bareos/storage, which is not currently open.

Now, let’s actually run a job with:

run

you should get the following output:

Automatically selected Catalog: MyCatalog
Using Catalog "MyCatalog"
A job name must be specified.
The defined Job resources are:
1: BackupClient1
2: BackupCatalog
3: RestoreFiles
Select Job resource (1-3):

Here, Bareos has listed the three different Jobs that you can run, and you should choose number 1 and type enter, at which point you will get:

Run Backup job
JobName:  BackupClient1
Level:    Incremental
Client:   bareos-fd
Format:   Native
FileSet:  Full Set
Pool:     File (From Job resource)
NextPool: *None* (From unknown source)
Storage:  File (From Job resource)
When:     2013-05-23 14:50:04
Priority: 10
OK to run? (yes/mod/no):

At this point, take some time to look carefully at what is printed and understand it. It is asking you if it is OK to run a job named BackupClient1 with FileSet Full Set (we listed above) as an Incremental job on your Client (your client name will be different), and to use Storage File and Pool Default, and finally, it wants to run it now (the current time should be displayed by your console).

Here we have the choice to run (yes), to modify one or more of the above parameters (mod), or to not run the job (no). Please enter yes, at which point you should immediately get the command prompt (an asterisk). If you wait a few seconds, then enter the command messages you will get back something like:

TODO: Replace bconsole output by current version of Bareos.

28-Apr-2003 14:22 bareos-dir: Last FULL backup time not found. Doing
FULL backup.
28-Apr-2003 14:22 bareos-dir: Start Backup JobId 1,
Job=Client1.2003-04-28_14.22.33
28-Apr-2003 14:22 bareos-sd: Job Client1.2003-04-28_14.22.33 waiting.
Cannot find any appendable volumes.
Please use the "label"  command to create a new Volume for:
Storage:      FileStorage
Media type:   File
Pool:         Default

The first message, indicates that no previous Full backup was done, so Bareos is upgrading our Incremental job to a Full backup (this is normal). The second message indicates that the job started with JobId 1., and the third message tells us that Bareos cannot find any Volumes in the Pool for writing the output. This is normal because we have not yet created (labeled) any Volumes. Bareos indicates to you all the details of the volume it needs.

At this point, the job is BLOCKED waiting for a Volume. You can check this if you want by doing a status dir. In order to continue, we must create a Volume that Bareos can write on. We do so with:

label

and Bareos will print:

The defined Storage resources are:
1: File
Item 1 selected automatically.
Enter new Volume name:

at which point, you should enter some name beginning with a letter and containing only letters and numbers (period, hyphen, and underscore) are also permitted. For example, enter TestVolume001, and you should get back:

Defined Pools:
1: Default
Item 1 selected automatically.
Connecting to Storage daemon File at bareos:8103 ...
Sending label command for Volume "TestVolume001" Slot 0 ...
3000 OK label. Volume=TestVolume001 Device=/var/lib/bareos/storage
Catalog record for Volume "TestVolume002", Slot 0  successfully created.
Requesting mount FileStorage ...
3001 OK mount. Device=/var/lib/bareos/storage

Finally, enter messages and you should get something like:

28-Apr-2003 14:30 bareos-sd: Wrote label to prelabeled Volume
"TestVolume001" on device /var/lib/bareos/storage
28-Apr-2003 14:30 rufus-dir: Bareos 1.30 (28Apr03): 28-Apr-2003 14:30
JobId:                  1
Job:                    BackupClient1.2003-04-28_14.22.33
FileSet:                Full Set
Backup Level:           Full
Client:                 bareos-fd
Start time:             28-Apr-2003 14:22
End time:               28-Apr-2003 14:30
Files Written:          1,444
Bytes Written:          38,988,877
Rate:                   81.2 KB/s
Software Compression:   None
Volume names(s):        TestVolume001
Volume Session Id:      1
Volume Session Time:    1051531381
Last Volume Bytes:      39,072,359
FD termination status:  OK
SD termination status:  OK
Termination:            Backup OK
28-Apr-2003 14:30 rufus-dir: Begin pruning Jobs.
28-Apr-2003 14:30 rufus-dir: No Jobs found to prune.
28-Apr-2003 14:30 rufus-dir: Begin pruning Files.
28-Apr-2003 14:30 rufus-dir: No Files found to prune.
28-Apr-2003 14:30 rufus-dir: End auto prune.

If you don’t see the output immediately, you can keep entering messages until the job terminates.

Instead of typing messages multiple times, you can also ask bconsole to wait, until a specific job is finished:

wait jobid=1

or just wait, which waits for all running jobs to finish.

Another useful command is autodisplay on. With autodisplay activated, messages will automatically be displayed as soon as they are ready.

If you do an ls -l of your /var/lib/bareos/storage directory, you will see that you have the following item:

-rw-r-----    1 bareos bareos   39072153 Apr 28 14:30 TestVolume001

This is the file Volume that you just wrote and it contains all the data of the job just run. If you run additional jobs, they will be appended to this Volume unless you specify otherwise.

You might ask yourself if you have to label all the Volumes that Bareos is going to use. The answer for disk Volumes, like the one we used, is no. It is possible to have Bareos automatically label volumes. For tape Volumes, you will most likely have to label each of the Volumes you want to use.

If you would like to stop here, you can simply enter quit in the Console program.

If you would like to try restoring the files that you just backed up, read the following section.

If you have run the default configuration and run the job as demonstrated above, you can restore the backed up files in the Console program by entering:

restore all

where you will get:

First you select one or more JobIds that contain files
to be restored. You will be presented several methods
of specifying the JobIds. Then you will be allowed to
select which files from those JobIds are to be restored.

To select the JobIds, you have the following choices:
1: List last 20 Jobs run
2: List Jobs where a given File is saved
3: Enter list of comma separated JobIds to select
4: Enter SQL list command
5: Select the most recent backup for a client
6: Select backup for a client before a specified time
7: Enter a list of files to restore
8: Enter a list of files to restore before a specified time
9: Find the JobIds of the most recent backup for a client
10: Find the JobIds for a backup for a client before a specified time
11: Enter a list of directories to restore for found JobIds
12: Select full restore to a specified Job date
13: Cancel
Select item:  (1-13):

As you can see, there are a number of options, but for the current demonstration, please enter 5 to do a restore of the last backup you did, and you will get the following output:

Automatically selected Client: bareos-fd
The defined FileSet resources are:
1: Catalog
2: Full Set
Select FileSet resource (1-2):

As you can see, Bareos knows what client you have, and since there was only one, it selected it automatically. Select 2, because you want to restore files from the file set.

+-------+-------+----------+------------+---------------------+---------------+
| jobid | level | jobfiles | jobbytes   | starttime           | volumename    |
+-------+-------+----------+------------+---------------------+---------------+
|     1 | F     |      166 | 19,069,526 | 2013-05-05 23:05:02 | TestVolume001 |
+-------+-------+----------+------------+---------------------+---------------+
You have selected the following JobIds: 1

Building directory tree for JobId(s) 1 ...  +++++++++++++++++++++++++++++++++++++++++
165 files inserted into the tree and marked for extraction.

You are now entering file selection mode where you add (mark) and
remove (unmark) files to be restored. No files are initially added, unless
you used the "all" keyword on the command line.
Enter "done" to leave this mode.

cwd is: /
}

#### 8.2.4 Recognized Primitive Data Types

When parsing the resource directives, Bareos classifies the data according to the types listed below. The first time you read this, it may appear a bit overwhelming, but in reality, it is all pretty logical and straightforward.

name
A keyword or name consisting of alphanumeric characters, including the hyphen, underscore, and dollar characters. The first character of a name must be a letter. A name has a maximum length currently set to 127 bytes. Typically keywords appear on the left side of an equal (i.e. they are Bareos keywords – i.e. Resource names or directive names). Keywords may not be quoted.
name-string
A name-string is similar to a name, except that the name may be quoted and can thus contain additional characters including spaces. Name strings are limited to 127 characters in length. Name strings are typically used on the right side of an equal (i.e. they are values to be associated with a keyword).
string
A quoted string containing virtually any character including spaces, or a non-quoted string. A string may be of any length. Strings are typically values that correspond to filenames, directories, or system command names. A backslash (\) turns the next character into itself, so to include a double quote in a string, you precede the double quote with a backslash. Likewise to include a backslash.
directory
A directory is either a quoted or non-quoted string. A directory will be passed to your standard shell for expansion when it is scanned. Thus constructs such as $HOME are interpreted to be their correct values. password This is a Bareos password and it is stored internally in MD5 hashed format. integer A 32 bit integer value. It may be positive or negative. positive integer A 32 bit positive integer value. long integer A 64 bit integer value. Typically these are values such as bytes that can exceed 4 billion and thus require a 64 bit value. yes|no Either a yes or a no. size A size specified as bytes. Typically, this is a floating point scientific input format followed by an optional modifier. The floating point input is stored as a 64 bit integer value. If a modifier is present, it must immediately follow the value with no intervening spaces. The following modifiers are permitted: k 1,024 (kilobytes) kb 1,000 (kilobytes) m 1,048,576 (megabytes) mb 1,000,000 (megabytes) g 1,073,741,824 (gigabytes) gb 1,000,000,000 (gigabytes) time A time or duration specified in seconds. The time is stored internally as a 64 bit integer value, but it is specified in two parts: a number part and a modifier part. The number can be an integer or a floating point number. If it is entered in floating point notation, it will be rounded to the nearest integer. The modifier is mandatory and follows the number part, either with or without intervening spaces. The following modifiers are permitted: seconds seconds minutes minutes (60 seconds) hours hours (3600 seconds) days days (3600*24 seconds) weeks weeks (3600*24*7 seconds) months months (3600*24*30 seconds) quarters quarters (3600*24*91 seconds) years years (3600*24*365 seconds) Any abbreviation of these modifiers is also permitted (i.e. seconds may be specified as sec or s). A specification of m will be taken as months. The specification of a time may have as many number/modifier parts as you wish. For example: 1 week 2 days 3 hours 10 mins 1 month 2 days 30 sec are valid date specifications. #### 8.2.5 Variable Expansion Depending on the type of directive, Bareos will expand following variables: Variable Expansion on Media Labels When labeling a new media, following Bareos internal variables can be used:  Internal Variable Description Year Year Month Month: 1-12 Day Day: 1-31 Hour Hour: 0-24 Minute Minute: 0-59 Second Second: 0-59 WeekDay Day of the week: 0-6, using 0 for Sunday Job Name of the Job Dir Name of the Director Level Job Level Type Job Type JobId JobId JobName unique name of a job Storage Name of the Storage Daemon Client Name of the Clients NumVols Numbers of volumes in the pool Pool Name of the Pool Catalog Name of the Catalog MediaType Type of the media Additional, normal environment variables can be used, e.g. HOME oder HOSTNAME. Variable Expansion on RunScripts At the configuration of RunScripts following variables can be used:  Variable Description \%c Client’s Name \%d Director’s Name \%e Job Exit Code \%i JobId \%j Unique JobId \%l Job Level \%n Unadorned Job Name \%r Recipients \%s Since Time \%b Job Bytes \%f Job Files \%t Job Type (Backup, ...) \%v Read Volume Name (only on Director) \%V Write Volume Name (only on Director) Variable Expansion in Autochanger Commands At the configuration of autochanger commands following variables can be used:  Variable Description \%a Archive Device Name \%c Changer Device Name \%d Changer Drive Index \%f Client’s Name \%j Job Name \%o Command \%s Slot Base 0 \%S Slot Base 1 \%v Volume Name Variable Expansion in Mount Commands At the configuration of mount commands following variables can be used:  Variable Description \%a Archive Device Name \%e Erase \%n Part Number \%m Mount Point \%v Last Part Name Variable Expansion in Mail and Operator Commands At the configuration of mail and operator commands following variables can be used:  Variable Description \%c Client’s Name \%d Director’s Name \%e Job Exit Code \%i JobId \%j Unique Job Id \%l Job Level \%n Unadorned Job Name \%s Since Time \%t Job Type (Backup, ...) \%r Recipients \%v Read Volume Name \%V Write Volume Name \%b Job Bytes \%F Job Files ### 8.3 Resource Types The following table lists all current Bareos resource types. It shows what resources must be defined for each service (daemon). The default configuration files will already contain at least one example of each permitted resource, so you need not worry about creating all these kinds of resources from scratch.  Resource Director Client Storage Console Autochanger No No Yes No Catalog Yes No No No Client Yes Yes No No Console Yes No No Yes Device No No Yes No Director Yes Yes Yes Yes FileSet Yes No No No Job Yes No No No JobDefs Yes No No No Message Yes Yes Yes No NDMP No No Yes No Pool Yes No No No Schedule Yes No No No Storage Yes No Yes No ### 8.4 Names, Passwords and Authorization In order for one daemon to contact another daemon, it must authorize itself with a password. In most cases, the password corresponds to a particular name, so both the name and the password must match to be authorized. Passwords are plain text, any text. They are not generated by any special process; just use random text. The default configuration files are automatically defined for correct authorization with random passwords. If you add to or modify these files, you will need to take care to keep them consistent. Here is sort of a picture of what names/passwords in which files/Resources must match up: In the left column, you will find the Director, Storage, and Client resources, with their names and passwords – these are all in bareos-dir.conf. In the right column are where the corresponding values should be found in the Console, Storage daemon (SD), and File daemon (FD) configuration files. Please note that the Address, fd-sd, that appears in the Storage resource of the Director, preceded with and asterisk in the above example, is passed to the File daemon in symbolic form. The File daemon then resolves it to an IP address. For this reason, you must use either an IP address or a fully qualified name. A name such as localhost, not being a fully qualified name, will resolve in the File daemon to the localhost of the File daemon, which is most likely not what is desired. The password used for the File daemon to authorize with the Storage daemon is a temporary password unique to each Job created by the daemons and is not specified in any .conf file. ## Chapter 9Director Configuration Of all the configuration files needed to run Bareos, the Director’s is the most complicated, and the one that you will need to modify the most often as you add clients or modify the FileSets. For a general discussion of configuration files and resources including the data types recognized by Bareos. Please see the Configuration chapter of this manual. Director resource type may be one of the following: Job, JobDefs, Client, Storage, Catalog, Schedule, FileSet, Pool, Director, or Messages. We present them here in the most logical order for defining them: Note, everything revolves around a job and is tied to a job in one way or another. • Director – to define the Director’s name and its access password used for authenticating the Console program. Only a single Director resource definition may appear in the Director’s configuration file. If you have either /dev/random or bc on your machine, Bareos will generate a random password during the configuration process, otherwise it will be left blank. • Job – to define the backup/restore Jobs and to tie together the Client, FileSet and Schedule resources to be used for each Job. Normally, you will Jobs of different names corresponding to each client (i.e. one Job per client, but a different one with a different name for each client). • JobDefs – optional resource for providing defaults for Job resources. • Schedule – to define when a Job is to be automatically run by Bareos’s internal scheduler. You may have any number of Schedules, but each job will reference only one. • FileSet – to define the set of files to be backed up for each Client. You may have any number of FileSets but each Job will reference only one. • Client – to define what Client is to be backed up. You will generally have multiple Client definitions. Each Job will reference only a single client. • Storage – to define on what physical device the Volumes should be mounted. You may have one or more Storage definitions. • Pool – to define the pool of Volumes that can be used for a particular Job. Most people use a single default Pool. However, if you have a large number of clients or volumes, you may want to have multiple Pools. Pools allow you to restrict a Job (or a Client) to use only a particular set of Volumes. • Catalog – to define in what database to keep the list of files and the Volume names where they are backed up. Most people only use a single catalog. However, if you want to scale the Director to many clients, multiple catalogs can be helpful. Multiple catalogs require a bit more management because in general you must know what catalog contains what data. Currently, all Pools are defined in each catalog. This restriction will be removed in a later release. • Messages – to define where error and information messages are to be sent or logged. You may define multiple different message resources and hence direct particular classes of messages to different users or locations (files, ...). ### 9.1 Director Resource The Director resource defines the attributes of the Directors running on the network. In the current implementation, there is only a single Director resource, but the final design will contain multiple Directors to maintain index and media database redundancy. Director Start of the Director resource. One and only one director resource must be supplied. Name = <name> The director name used by the system administrator. This directive is required. Description = <text> The text field contains a description of the Director that will be displayed in the graphical user interface. This directive is optional. Password = <UA-password> Specifies the password that must be supplied for the default Bareos Console to be authorized. The same password must appear in the Director resource of the Console configuration file. For added security, the password is never passed across the network but instead a challenge response hash code created with the password. This directive is required. If you have either /dev/random or bc on your machine, Bareos will generate a random password during the configuration process, otherwise it will be left blank and you must manually supply it. The password is plain text. It is not generated through any special process but as noted above, it is better to use random text for security reasons. Messages = <Messages-resource-name> The messages resource specifies where to deliver Director messages that are not associated with a specific Job. Most messages are specific to a job and will be directed to the Messages resource specified by the job. However, there are a few messages that can occur when no job is running. This directive is required. Working Directory = <Directory> This directive is optional and specifies a directory in which the Director may put its status files. This directory should be used only by Bareos but may be shared by other Bareos daemons. However, please note, if this directory is shared with other Bareos daemons (the File daemon and Storage daemon), you must ensure that the Name given to each daemon is unique so that the temporary filenames used do not collide. By default the Bareos configure process creates unique daemon names by postfixing them with -dir, -fd, and -sd. Standard shell expansion of the Directory is done when the configuration file is read so that values such as$HOME will be properly expanded.

The working directory specified must already exist and be readable and writable by the Bareos daemon referencing it.

Pid Directory = <Directory>

This directive is optional and specifies a directory in which the Director may put its process Id file. The process Id file is used to shutdown Bareos and to prevent multiple copies of Bareos from running simultaneously. Standard shell expansion of the Directory is done when the configuration file is read so that values such as $HOME will be properly expanded. The PID directory specified must already exist and be readable and writable by the Bareos daemon referencing it. Typically on Linux systems, you will set this to: /var/run. If you are not installing Bareos in the system directories, you can use the Working Directory as defined above. Scripts Directory = <Directory> This directive is currently unused. QueryFile = <Path> This directive is required and specifies a directory and file in which the Director can find the canned SQL statements for the Query command of the Console. Heartbeat Interval = <time-interval> This directive is optional and if specified will cause the Director to set a keepalive interval (heartbeat) in seconds on each of the sockets it opens for the Client resource. This value will override any specified at the Director level. It is implemented only on systems that provide the setsockopt TCP_KEEPIDLE function (Linux, ...). The default value is zero, which means no change is made to the socket. Maximum Concurrent Jobs = <number> (default: 1) where <number> is the maximum number of total Director Jobs that should run concurrently. The default is set to 1, but you may set it to a larger number. The Volume format becomes more complicated with multiple simultaneous jobs, consequently, restores may take longer if Bareos must sort through interleaved volume blocks from multiple simultaneous jobs. This can be avoided by having each simultaneous job write to a different volume or by using data spooling, which will first spool the data to disk simultaneously, then write one spool file at a time to the volume thus avoiding excessive interleaving of the different job blocks. See also the section about Concurrent Jobs. FD Connect Timeout = <time> where time is the time that the Director should continue attempting to contact the File daemon to start a job, and after which the Director will cancel the job. The default is 30 minutes. SD Connect Timeout = <time> where time is the time that the Director should continue attempting to contact the Storage daemon to start a job, and after which the Director will cancel the job. The default is 30 minutes. DirAddresses = <IP-address-specification> Specify the ports and addresses on which the Director daemon will listen for Bareos Console connections. Probably the simplest way to explain this is to show an example: DirAddresses = { ip = { addr = 1.2.3.4; port = 1205;} ipv4 = { addr = 1.2.3.4; port = http;} ipv6 = { addr = 1.2.3.4; port = 1205; } ip = { addr = 1.2.3.4 port = 1205 } ip = { addr = 1.2.3.4 } ip = { addr = 201:220:222::2 } ip = { addr = bluedot.thun.net } } where ip, ip4, ip6, addr, and port are all keywords. Note, that the address can be specified as either a dotted quadruple, or IPv6 colon notation, or as a symbolic name (only in the ip specification). Also, port can be specified as a number or as the mnemonic value from the /etc/services file. If a port is not specified, the default will be used. If an ip section is specified, the resolution can be made either by IPv4 or IPv6. If ip4 is specified, then only IPv4 resolutions will be permitted, and likewise with ip6. Please note that if you use the DirAddresses directive, you must not use either a DirPort or a DirAddress directive in the same resource. DirPort = <port-number> Specify the port (a positive integer) on which the Director daemon will listen for Bareos Console connections. This same port number must be specified in the Director resource of the Console configuration file. The default is 9101, so normally this directive need not be specified. This directive should not be used if you specify DirAddresses (N.B plural) directive. DirAddress = <IP-Address> This directive is optional, but if it is specified, it will cause the Director server (for the Console program) to bind to the specified IP-Address, which is either a domain name or an IP address specified as a dotted quadruple in string or quoted string format. If this directive is not specified, the Director will bind to any available address (the default). Note, unlike the DirAddresses specification noted above, this directive only permits a single address to be specified. This directive should not be used if you specify a DirAddresses (N.B. plural) directive. DirSourceAddress = <IP-Address> This record is optional, and if it is specified, it will cause the Director server (when initiating connections to a storage or file daemon) to source its connections from the specified address. Only a single IP address may be specified. If this record is not specified, the Director server will source its outgoing connections according to the system routing table (the default). Statistics Retention = <time> The Statistics Retention directive defines the length of time that Bareos will keep statistics job records in the Catalog database after the Job End time (in JobHistory table). When this time period expires, and if user runs prune stats command, Bareos will prune (remove) Job records that are older than the specified period. Theses statistics records aren’t use for restore purpose, but mainly for capacity planning, billings, etc. See chapter about how to extract information from the catalog for additional information. See the Configuration chapter of this manual for additional details of time specification. The default is 5 years. VerId = <string> where <string> is an identifier which can be used for support purpose. This string is displayed using the version command. MaximumConsoleConnections = <number> where <number> is the maximum number of Console Connections that could run concurrently. The default is set to 20, but you may set it to a larger number. Optimize For Size = <yes|no> If Yes which is the default, this directive will use the optimizations for memory size over speed. So it will try to use less memory which may lead to a somewhat lower speed. Its currently mostly used for keeping all hardlinks in memory. Optimize For Speed = <yes|no> If Yes which is Not the default, this directive will use the optimizations for speed over the memory size. So it will try to use more memory which lead to a somewhat higher speed. Its currently mostly used for keeping all hardlinks in memory. Its relates to the Optimize For Size option set either one to Yes as they are mutually exclusive. Key Encryption Key = <KeyEncryptionKey> This key is used to encrypt the Security Key that is exchanged between the Director and the Storage Daemon for supporting Application Managed Encryption (AME). For security reasons each Director should have a different Key Encryption Key. NDMP Snooping = <yes|no> This directive enables the Snooping and pretty printing of NDMP protocol information in debugging mode. NDMP Loglevel = <level> This directive sets the loglevel for the NDMP protocol library. The following is an example of a valid Director resource definition: Director { Name = HeadMan WorkingDirectory = "$HOME/bareos/bin/working"
PidDirectory = "$HOME/bareos/bin/working" QueryFile = "$HOME/bareos/bin/query.sql"
Messages = Standard
}

### 9.2 Job Resource

The Job resource defines a Job (Backup, Restore, ...) that Bareos must perform. Each Job resource definition contains the name of a Client and a FileSet to backup, the Schedule for the Job, where the data are to be stored, and what media Pool can be used. In effect, each Job resource must specify What, Where, How, and When or FileSet, Storage, Backup/Restore/Level, and Schedule respectively. Note, the FileSet must be specified for a restore job for historical reasons, but it is no longer used.

Only a single type (Backup, Restore, ...) can be specified for any job. If you want to backup multiple FileSets on the same Client or multiple Clients, you must define a Job for each one.

Note, you define only a single Job to do the Full, Differential, and Incremental backups since the different backup levels are tied together by a unique Job name. Normally, you will have only one Job per Client, but if a client has a really huge number of files (more than several million), you might want to split it into to Jobs each with a different FileSet covering only part of the total files.

Multiple Storage daemons are not currently supported for Jobs, so if you do want to use multiple storage daemons, you will need to create a different Job and ensure that for each Job that the combination of Client and FileSet are unique. The Client and FileSet are what Bareos uses to restore a client, so if there are multiple Jobs with the same Client and FileSet or multiple Storage daemons that are used, the restore will not work. This problem can be resolved by defining multiple FileSet definitions (the names must be different, but the contents of the FileSets may be the same).

Job
Start of the Job resource. At least one Job resource is required.
Name = <name>

The Job name. This name can be specified on the Run command in the console program to start a job. If the name contains spaces, it must be specified between quotes. It is generally a good idea to give your job the same name as the Client that it will backup. This permits easy identification of jobs.

When the job actually runs, the unique Job Name will consist of the name you specify here followed by the date and time the job was scheduled for execution. This directive is required.

Enabled = <yes|no>

This directive allows you to enable or disable automatic execution via the scheduler of a Job.
Type = <job-type>

The Type directive specifies the Job type, which may be one of the following: Backup, Restore, Verify, or Admin. This directive is required. Within a particular Job Type, there are also Levels as discussed in the next item.
Backup

Run a backup Job. Normally you will have at least one Backup job for each client you want to save. Normally, unless you turn off cataloging, most all the important statistics and data concerning files backed up will be placed in the catalog.
Restore

Run a restore Job. Normally, you will specify only one Restore job which acts as a sort of prototype that you will modify using the console program in order to perform restores. Although certain basic information from a Restore job is saved in the catalog, it is very minimal compared to the information stored for a Backup job – for example, no File database entries are generated since no Files are saved.

Restore jobs cannot be automatically started by the scheduler as is the case for Backup, Verify and Admin jobs. To restore files, you must use the restore command in the console.

Verify

Run a verify Job. In general, verify jobs permit you to compare the contents of the catalog to the file system, or to what was backed up. In addition, to verifying that a tape that was written can be read, you can also use verify as a sort of tripwire intrusion detection.

Run an admin Job. An Admin job can be used to periodically run catalog pruning, if you do not want to do it at the end of each Backup Job. Although an Admin job is recorded in the catalog, very little data is saved.
Protocol = <protocolname>

The backup protocol to use to run the Job. If not set it will default to Native currently the director understand the following protocols:
1. Native - The native Bareos protocol
2. NDMP - The NDMP protocol
Backup Format = <backup format>

The backup format used for protocols which support multiple formats. A protocol like NDMP supports different backup formats for instance:
1. Dump
2. Tar
3. SMTape

Level = <job-level>

The Level directive specifies the default Job level to be run. Each different Job Type (Backup, Restore, ...) has a different set of Levels that can be specified. The Level is normally overridden by a different value that is specified in the Schedule resource. This directive is not required, but must be specified either by a Level directive or as an override specified in the Schedule resource.

For a Backup Job, the Level may be one of the following:

Full

When the Level is set to Full all files in the FileSet whether or not they have changed will be backed up.
Incremental

When the Level is set to Incremental all files specified in the FileSet that have changed since the last successful backup of the the same Job using the same FileSet and Client, will be backed up. If the Director cannot find a previous valid Full backup then the job will be upgraded into a Full backup. When the Director looks for a valid backup record in the catalog database, it looks for a previous Job with:
• The same Job name.
• The same Client name.
• The same FileSet (any change to the definition of the FileSet such as adding or deleting a file in the Include or Exclude sections constitutes a different FileSet.
• The Job was a Full, Differential, or Incremental backup.
• The Job terminated normally (i.e. did not fail or was not canceled).
• The Job started no longer ago than Max Full Interval.

If all the above conditions do not hold, the Director will upgrade the Incremental to a Full save. Otherwise, the Incremental backup will be performed as requested.

The File daemon (Client) decides which files to backup for an Incremental backup by comparing start time of the prior Job (Full, Differential, or Incremental) against the time each file was last ”modified” (st_mtime) and the time its attributes were last ”changed”(st_ctime). If the file was modified or its attributes changed on or after this start time, it will then be backed up.

Some virus scanning software may change st_ctime while doing the scan. For example, if the virus scanning program attempts to reset the access time (st_atime), which Bareos does not use, it will cause st_ctime to change and hence Bareos will backup the file during an Incremental or Differential backup. In the case of Sophos virus scanning, you can prevent it from resetting the access time (st_atime) and hence changing st_ctime by using the --no-reset-atime option. For other software, please see their manual.

When Bareos does an Incremental backup, all modified files that are still on the system are backed up. However, any file that has been deleted since the last Full backup remains in the Bareos catalog, which means that if between a Full save and the time you do a restore, some files are deleted, those deleted files will also be restored. The deleted files will no longer appear in the catalog after doing another Full save.

In addition, if you move a directory rather than copy it, the files in it do not have their modification time (st_mtime) or their attribute change time (st_ctime) changed. As a consequence, those files will probably not be backed up by an Incremental or Differential backup which depend solely on these time stamps. If you move a directory, and wish it to be properly backed up, it is generally preferable to copy it, then delete the original.

However, to manage deleted files or directories changes in the catalog during an Incremental backup you can use accurate mode. This is quite memory consuming process.

Differential

When the Level is set to Differential all files specified in the FileSet that have changed since the last successful Full backup of the same Job will be backed up. If the Director cannot find a valid previous Full backup for the same Job, FileSet, and Client, backup, then the Differential job will be upgraded into a Full backup. When the Director looks for a valid Full backup record in the catalog database, it looks for a previous Job with:
• The same Job name.
• The same Client name.
• The same FileSet (any change to the definition of the FileSet such as adding or deleting a file in the Include or Exclude sections constitutes a different FileSet.
• The Job was a FULL backup.
• The Job terminated normally (i.e. did not fail or was not canceled).
• The Job started no longer ago than Max Full Interval.

If all the above conditions do not hold, the Director will upgrade the Differential to a Full save. Otherwise, the Differential backup will be performed as requested.

The File daemon (Client) decides which files to backup for a differential backup by comparing the start time of the prior Full backup Job against the time each file was last ”modified” (st_mtime) and the time its attributes were last ”changed” (st_ctime). If the file was modified or its attributes were changed on or after this start time, it will then be backed up. The start time used is displayed after the Since on the Job report. In rare cases, using the start time of the prior backup may cause some files to be backed up twice, but it ensures that no change is missed. As with the Incremental option, you should ensure that the clocks on your server and client are synchronized or as close as possible to avoid the possibility of a file being skipped. Note, on versions 1.33 or greater Bareos automatically makes the necessary adjustments to the time between the server and the client so that the times Bareos uses are synchronized.

When Bareos does a Differential backup, all modified files that are still on the system are backed up. However, any file that has been deleted since the last Full backup remains in the Bareos catalog, which means that if between a Full save and the time you do a restore, some files are deleted, those deleted files will also be restored. The deleted files will no longer appear in the catalog after doing another Full save. However, to remove deleted files from the catalog during a Differential backup is quite a time consuming process and not currently implemented in Bareos. It is, however, a planned future feature.

As noted above, if you move a directory rather than copy it, the files in it do not have their modification time (st_mtime) or their attribute change time (st_ctime) changed. As a consequence, those files will probably not be backed up by an Incremental or Differential backup which depend solely on these time stamps. If you move a directory, and wish it to be properly backed up, it is generally preferable to copy it, then delete the original. Alternatively, you can move the directory, then use the touch program to update the timestamps.

However, to manage deleted files or directories changes in the catalog during an Differential backup you can use accurate mode. This is quite memory consuming process. See for more details.

Every once and a while, someone asks why we need Differential backups as long as Incremental backups pickup all changed files. There are possibly many answers to this question, but the one that is the most important for me is that a Differential backup effectively merges all the Incremental and Differential backups since the last Full backup into a single Differential backup. This has two effects: 1. It gives some redundancy since the old backups could be used if the merged backup cannot be read. 2. More importantly, it reduces the number of Volumes that are needed to do a restore effectively eliminating the need to read all the volumes on which the preceding Incremental and Differential backups since the last Full are done.

For a Restore Job, no level needs to be specified.

For a Verify Job, the Level may be one of the following:

InitCatalog

does a scan of the specified FileSet and stores the file attributes in the Catalog database. Since no file data is saved, you might ask why you would want to do this. It turns out to be a very simple and easy way to have a Tripwire like feature using Bareos. In other words, it allows you to save the state of a set of files defined by the FileSet and later check to see if those files have been modified or deleted and if any new files have been added. This can be used to detect system intrusion. Typically you would specify a FileSet that contains the set of system files that should not change (e.g. /sbin, /boot, /lib, /bin, ...). Normally, you run the InitCatalog level verify one time when your system is first setup, and then once again after each modification (upgrade) to your system. Thereafter, when your want to check the state of your system files, you use a Verify level = Catalog. This compares the results of your InitCatalog with the current state of the files.
Catalog

Compares the current state of the files against the state previously saved during an InitCatalog. Any discrepancies are reported. The items reported are determined by the verify options specified on the Include directive in the specified FileSet (see the FileSet resource below for more details). Typically this command will be run once a day (or night) to check for any changes to your system files.

Please note! If you run two Verify Catalog jobs on the same client at the same time, the results will certainly be incorrect. This is because Verify Catalog modifies the Catalog database while running in order to track new files.

VolumeToCatalog

This level causes Bareos to read the file attribute data written to the Volume from the last backup Job for the job specified on the VerifyJob directive. The file attribute data are compared to the values saved in the Catalog database and any differences are reported. This is similar to the DiskToCatalog level except that instead of comparing the disk file attributes to the catalog database, the attribute data written to the Volume is read and compared to the catalog database. Although the attribute data including the signatures (MD5 or SHA1) are compared, the actual file data is not compared (it is not in the catalog).

Please note! If you run two Verify VolumeToCatalog jobs on the same client at the same time, the results will certainly be incorrect. This is because the Verify VolumeToCatalog modifies the Catalog database while running.

DiskToCatalog

This level causes Bareos to read the files as they currently are on disk, and to compare the current file attributes with the attributes saved in the catalog from the last backup for the job specified on the VerifyJob directive. This level differs from the VolumeToCatalog level described above by the fact that it doesn’t compare against a previous Verify job but against a previous backup. When you run this level, you must supply the verify options on your Include statements. Those options determine what attribute fields are compared.

This command can be very useful if you have disk problems because it will compare the current state of your disk against the last successful backup, which may be several jobs.

Note, the current implementation does not identify files that have been deleted.

Accurate = <yes|no>
(default: no)
In accurate mode, the File daemon knowns exactly which files were present after the last backup. So it is able to handle deleted or renamed files.

When restoring a FileSet for a specified date (including ”most recent”), Bareos is able to restore exactly the files and directories that existed at the time of the last backup prior to that date including ensuring that deleted files are actually deleted, and renamed directories are restored properly.

In this mode, the File daemon must keep data concerning all files in memory. So If you do not have sufficient memory, the backup may either be terribly slow or fail.

For 500.000 files (a typical desktop linux system), it will require approximately 64 Megabytes of RAM on your File daemon to hold the required information.

Verify Job = <Job-Resource-Name>

If you run a verify job without this directive, the last job run will be compared with the catalog, which means that you must immediately follow a backup by a verify command. If you specify a Verify Job Bareos will find the last job with that name that ran. This permits you to run all your backups, then run Verify jobs on those that you wish to be verified (most often a VolumeToCatalog) so that the tape just written is re-read.
Catalog = <Catalog-resource-name>

This specifies the name of the catalog resource to be used for this Job. When a catalog is defined in a Job it will override the definition in the client. (This keyword was introduced in Bareos 13.4.0)
JobDefs = <JobDefs-Resource-Name>

If a JobDefs-Resource-Name is specified, all the values contained in the named JobDefs resource will be used as the defaults for the current Job. Any value that you explicitly define in the current Job resource, will override any defaults specified in the JobDefs resource. The use of this directive permits writing much more compact Job resources where the bulk of the directives are defined in one or more JobDefs. This is particularly useful if you have many similar Jobs but with minor variations such as different Clients. A simple example of the use of JobDefs is provided in the default bareos-dir.conf file.
Bootstrap = <bootstrap-file>

The Bootstrap directive specifies a bootstrap file that, if provided, will be used during Restore Jobs and is ignored in other Job types. The bootstrap file contains the list of tapes to be used in a restore Job as well as which files are to be restored. Specification of this directive is optional, and if specified, it is used only for a restore job. In addition, when running a Restore job from the console, this value can be changed.

If you use the Restore command in the Console program, to start a restore job, the bootstrap file will be created automatically from the files you select to be restored.

For additional details of the bootstrap file, please see Restoring Files with the Bootstrap File chapter of this manual.

Write Bootstrap = <bootstrap-file-specification>

The writebootstrap directive specifies a file name where Bareos will write a bootstrap file for each Backup job run. This directive applies only to Backup Jobs. If the Backup job is a Full save, Bareos will erase any current contents of the specified file before writing the bootstrap records. If the Job is an Incremental or Differential save, Bareos will append the current bootstrap record to the end of the file.

Using this feature, permits you to constantly have a bootstrap file that can recover the current state of your system. Normally, the file specified should be a mounted drive on another machine, so that if your hard disk is lost, you will immediately have a bootstrap record available. Alternatively, you should copy the bootstrap file to another machine after it is updated. Note, it is a good idea to write a separate bootstrap file for each Job backed up including the job that backs up your catalog database.

If the bootstrap-file-specification begins with a vertical bar (|), Bareos will use the specification as the name of a program to which it will pipe the bootstrap record. It could for example be a shell script that emails you the bootstrap record.

Before opening the file or executing the specified command, Bareos performs character substitution like in RunScript directive. To automatically manage your bootstrap files, you can use this in your JobDefs resources:

JobDefs {
Write Bootstrap = "%c_%n.bsr"
...
}

For more details on using this file, please see the chapter entitled The Bootstrap File of this manual.

Client = <client-resource-name>

The Client directive specifies the Client (File daemon) that will be used in the current Job. Only a single Client may be specified in any one Job. The Client runs on the machine to be backed up, and sends the requested files to the Storage daemon for backup, or receives them when restoring. For additional details, see the Client Resource section of this chapter. This directive is required (For versions before 13.3.0 for all Jobtypes and for versions after that for all Jobtypes but Copy and Migrate).
FileSet = <FileSet-resource-name>

The FileSet directive specifies the FileSet that will be used in the current Job. The FileSet specifies which directories (or files) are to be backed up, and what options to use (e.g. compression, ...). Only a single FileSet resource may be specified in any one Job. For additional details, see the FileSet Resource section of this chapter. This directive is required (For versions before 13.3.0 for all Jobtypes and for versions after that for all Jobtypes but Copy and Migrate).
Base = <job-resource-name, ...>

The Base directive permits to specify the list of jobs that will be used during Full backup as base. This directive is optional. See the Base Job chapter for more information.
Messages = <messages-resource-name>

The Messages directive defines what Messages resource should be used for this job, and thus how and where the various messages are to be delivered. For example, you can direct some messages to a log file, and others can be sent by email. For additional details, see the Messages Resource Chapter of this manual. This directive is required.
Pool = <pool-resource-name>

The Pool directive defines the pool of Volumes where your data can be backed up. Many Bareos installations will use only the Default pool. However, if you want to specify a different set of Volumes for different Clients or different Jobs, you will probably want to use Pools. For additional details, see the Pool Resource section of this chapter. This directive is required.
Full Backup Pool = <pool-resource-name>

The Full Backup Pool specifies a Pool to be used for Full backups. It will override any Pool specification during a Full backup. This directive is optional.
Differential Backup Pool = <pool-resource-name>

The Differential Backup Pool specifies a Pool to be used for Differential backups. It will override any Pool specification during a Differential backup. This directive is optional.
Incremental Backup Pool = <pool-resource-name>

The Incremental Backup Pool specifies a Pool to be used for Incremental backups. It will override any Pool specification during an Incremental backup. This directive is optional.
Next Pool = <pool-resource-name>

A Next Pool override used for Migration/Copy and Virtual Backup Jobs.
Schedule = <schedule-name>

The Schedule directive defines what schedule is to be used for the Job. The schedule in turn determines when the Job will be automatically started and what Job level (i.e. Full, Incremental, ...) is to be run. This directive is optional, and if left out, the Job can only be started manually using the Console program. Although you may specify only a single Schedule resource for any one job, the Schedule resource may contain multiple Run directives, which allow you to run the Job at many different times, and each run directive permits overriding the default Job Level Pool, Storage, and Messages resources. This gives considerable flexibility in what can be done with a single Job. For additional details, see the Schedule Resource Chapter of this manual.
Storage = <storage-resource-name>

The Storage directive defines the name of the storage services where you want to backup the FileSet data. For additional details, see the Storage Resource Chapter of this manual. The Storage resource may also be specified in the Job’s Pool resource, in which case the value in the Pool resource overrides any value in the Job. This Storage resource definition is not required by either the Job resource or in the Pool, but it must be specified in one or the other, if not an error will result.
Max Start Delay = <time>

The time specifies the maximum delay between the scheduled time and the actual start time for the Job. For example, a job can be scheduled to run at 1:00am, but because other jobs are running, it may wait to run. If the delay is set to 3600 (one hour) and the job has not begun to run by 2:00am, the job will be canceled. This can be useful, for example, to prevent jobs from running during day time hours. The default is 0 which indicates no limit.
Max Run Time = <time>

The time specifies the maximum allowed time that a job may run, counted from when the job starts, (not necessarily the same as when the job was scheduled).

By default, the the watchdog thread will kill any Job that has run more than 6 days. The maximum watchdog timeout is independent of MaxRunTime and cannot be changed.

Incremental—Differential Max Wait Time = <time>

These directives have been deprecated in favor of Incremental|Differential Max Run Time
Incremental Max Run Time = <time>

The time specifies the maximum allowed time that an Incremental backup job may run, counted from when the job starts, (not necessarily the same as when the job was scheduled).
Differential Max Wait Time = <time>

The time specifies the maximum allowed time that a Differential backup job may run, counted from when the job starts, (not necessarily the same as when the job was scheduled).
Max Run Sched Time = <time>

The time specifies the maximum allowed time that a job may run, counted from when the job was scheduled. This can be useful to prevent jobs from running during working hours. We can see it like Max Start Delay + Max Run Time.
Max Wait Time = <time>

The time specifies the maximum allowed time that a job may block waiting for a resource (such as waiting for a tape to be mounted, or waiting for the storage or file daemons to perform their duties), counted from the when the job starts, (not necessarily the same as when the job was scheduled).

Maximum Bandwidth = <speed>

The speed parameter specifies the maximum allowed bandwidth that a job may use. The speed parameter should be specified in k/s, kb/s, m/s or mb/s.
Max Full Interval = <time>

The time specifies the maximum allowed age (counting from start time) of the most recent successful Full backup that is required in order to run Incremental or Differential backup jobs. If the most recent Full backup is older than this interval, Incremental and Differential backups will be upgraded to Full backups automatically. If this directive is not present, or specified as 0, then the age of the previous Full backup is not considered.

Prefer Mounted Volumes = <yes|no>

If the Prefer Mounted Volumes directive is set to yes (default yes), the Storage daemon is requested to select either an Autochanger or a drive with a valid Volume already mounted in preference to a drive that is not ready. This means that all jobs will attempt to append to the same Volume (providing the Volume is appropriate – right Pool, ... for that job), unless you are using multiple pools. If no drive with a suitable Volume is available, it will select the first available drive. Note, any Volume that has been requested to be mounted, will be considered valid as a mounted volume by another job. This if multiple jobs start at the same time and they all prefer mounted volumes, the first job will request the mount, and the other jobs will use the same volume.

If the directive is set to no, the Storage daemon will prefer finding an unused drive, otherwise, each job started will append to the same Volume (assuming the Pool is the same for all jobs). Setting Prefer Mounted Volumes to no can be useful for those sites with multiple drive autochangers that prefer to maximize backup throughput at the expense of using additional drives and Volumes. This means that the job will prefer to use an unused drive rather than use a drive that is already in use.

Despite the above, we recommend against setting this directive to no since it tends to add a lot of swapping of Volumes between the different drives and can easily lead to deadlock situations in the Storage daemon. We will accept bug reports against it, but we cannot guarantee that we will be able to fix the problem in a reasonable time.

A better alternative for using multiple drives is to use multiple pools so that Bareos will be forced to mount Volumes from those Pools on different drives.

Prune Jobs = <yes|no>

Normally, pruning of Jobs from the Catalog is specified on a Client by Client basis in the Client resource with the AutoPrune directive. If this directive is specified (not normally) and the value is yes, it will override the value specified in the Client resource. The default is no.
Prune Files = <yes|no>

Normally, pruning of Files from the Catalog is specified on a Client by Client basis in the Client resource with the AutoPrune directive. If this directive is specified (not normally) and the value is yes, it will override the value specified in the Client resource. The default is no.
Prune Volumes = <yes|no>

Normally, pruning of Volumes from the Catalog is specified on a Pool by Pool basis in the Pool resource with the AutoPrune directive. Note, this is different from File and Job pruning which is done on a Client by Client basis. If this directive is specified (not normally) and the value is yes, it will override the value specified in the Pool resource. The default is no.
RunScript {<body-of-runscript>}

The RunScript directive behaves like a resource in that it requires opening and closing braces around a number of directives that make up the body of the runscript.

The specified Command (see below for details) is run as an external program prior or after the current Job. This is optional. By default, the program is executed on the Client side like in ClientRunXXXJob.

Console options are special commands that are sent to the director instead of the OS. At this time, console command ouputs are redirected to log with the jobid 0.

You can use following console command : delete, disable, enable, estimate, list, llist, memory, prune, purge, reload, status, setdebug, show, time, trace, update, version, .client, .jobs, .pool, .storage. See console chapter for more information. You need to specify needed information on command line, nothing will be prompted. Example :

Console = "prune files client=%c"
Console = "update stats age=3"

You can specify more than one Command/Console option per RunScript.

You can use following options may be specified in the body of the runscript:

 Options Value Default Information Runs On Success Yes|No Yes Run command if JobStatus is successful Runs On Failure Yes|No No Run command if JobStatus isn’t successful Runs On Client Yes|No Yes Run command on client Runs When Before|After|Always|AfterVSS Never When run commands Fail Job On Error Yes/No Yes Fail job if script returns something different from 0 Command Path to your script Console Console command

Any output sent by the command to standard output will be included in the Bareos job report. The command string must be a valid program name or name of a shell script.

In addition, the command string is parsed then fed to the OS, which means that the path will be searched to execute your specified command, but there is no shell interpretation, as a consequence, if you invoke complicated commands or want any shell features such as redirection or piping, you must call a shell script and do it inside that script.

Before submitting the specified command to the operating system, Bareos performs character substitution of the following characters:

%% = %
%b = Job Bytes
%c = Client’s name
%d = Daemon’s name (Such as host-dir or host-fd)
%D = Director’s name (Also valid on file daemon)
%e = Job Exit Status
%f = Job FileSet (Only on director side)
%F = Job Files
%i = JobId
%j = Unique Job id
%l = Job Level
%n = Job name
%p = Pool name (Only on director side)
%P = Daemon PID
%s = Since time
%t = Job type (Backup, ...)
%v = Read Volume name(s) (Only on director side)
%V = Write Volume name(s) (Only on director side)
%w = Storage name (Only on director side)
%x = Spooling enabled? ("yes" or "no")

Some character substitutions are not available in all situations. The Job Exit Status code %e edits the following values:

• OK
• Error
• Fatal Error
• Canceled
• Differences
• Unknown term code

Thus if you edit it on a command line, you will need to enclose it within some sort of quotes.

You can use these following shortcuts:

 Keyword RunsOnSuccess RunsOnFailure FailJobOnError Runs On Client RunsWhen Run Before Job Yes No Before Run After Job Yes No No After Run After Failed Job No Yes No After Client Run Before Job Yes Yes Before Client Run After Job Yes No Yes After

Examples:

RunScript {
RunsWhen = Before
FailJobOnError = No
Command = "/etc/init.d/apache stop"
}

RunScript {
RunsWhen = After
RunsOnFailure = yes
Command = "/etc/init.d/apache start"
}

For compatibility reasons, with this shortcut, the command is executed directly when the client receive it. And if the command is in error, other remote runscripts will be discarded. To be sure that all commands will be sent and executed, you have to use RunScript syntax.

Special Windows Considerations

You can run scripts just after snapshots initializations with AfterVSS keyword.

In addition, for a Windows client, please take note that you must ensure a correct path to your script. The script or program can be a .com, .exe or a .bat file. If you just put the program name in then Bareos will search using the same rules that cmd.exe uses (current directory, Bareos bin directory, and PATH). It will even try the different extensions in the same order as cmd.exe. The command can be anything that cmd.exe or command.com will recognize as an executable file.

However, if you have slashes in the program name then Bareos figures you are fully specifying the name, so you must also explicitly add the three character extension.

The command is run in a Win32 environment, so Unix like commands will not work unless you have installed and properly configured Cygwin in addition to and separately from Bareos.

The System %Path% will be searched for the command. (under the environment variable dialog you have have both System Environment and User Environment, we believe that only the System environment will be available to bareos-fd, if it is running as a service.)

System environment variables can be referenced with %var% and used as either part of the command name or arguments.

So if you have a script in the Bareos
bin directory then the following lines should work fine:

Client Run Before Job = systemstate
or
Client Run Before Job = systemstate.bat
or
Client Run Before Job = "systemstate"
or
Client Run Before Job = "systemstate.bat"
or
ClientRunBeforeJob = "\"C:/Program Files/Bareos/systemstate.bat\""

The outer set of quotes is removed when the configuration file is parsed. You need to escape the inner quotes so that they are there when the code that parses the command line for execution runs so it can tell what the program name is.

ClientRunBeforeJob = "\"C:/Program Files/Software
Vendor/Executable\" /arg1 /arg2 \"foo bar\""

The special characters

&<>()@^|

will need to be quoted, if they are part of a filename or argument.

If someone is logged in, a blank ”command” window running the commands will be present during the execution of the command.

Some Suggestions from Phil Stracchino for running on Win32 machines with the native Win32 File daemon:

1. You might want the ClientRunBeforeJob directive to specify a .bat file which runs the actual client-side commands, rather than trying to run (for example) regedit /e directly.
2. The batch file should explicitly ’exit 0’ on successful completion.
3. The path to the batch file should be specified in Unix form:

ClientRunBeforeJob = ”c:/bareos/bin/systemstate.bat”

rather than DOS/Windows form:

ClientRunBeforeJob =

”c:\bareos\bin\systemstate.bat” INCORRECT

For Win32, please note that there are certain limitations:

ClientRunBeforeJob = ”C:/Program Files/Bareos/bin/pre-exec.bat”

Lines like the above do not work because there are limitations of cmd.exe that is used to execute the command. Bareos prefixes the string you supply with cmd.exe /c . To test that your command works you should type cmd /c ”C:/Program Files/test.exe” at a cmd prompt and see what happens. Once the command is correct insert a backslash (\) before each double quote (”), and then put quotes around the whole thing when putting it in the director’s .conf file. You either need to have only one set of quotes or else use the short name and don’t put quotes around the command path.

Below is the output from cmd’s help as it relates to the command line passed to the /c option.

If /C or /K is specified, then the remainder of the command line after the switch is processed as a command line, where the following logic is used to process quote (”) characters:

1. If all of the following conditions are met, then quote characters on the command line are preserved:
• no /S switch.
• exactly two quote characters.
• no special characters between the two quote characters, where special is one of:
&<>()@^|

• there are one or more whitespace characters between the the two quote characters.
• the string between the two quote characters is the name of an executable file.
2. Otherwise, old behavior is to see if the first character is a quote character and if so, strip the leading character and remove the last quote character on the command line, preserving any text after the last quote character.

The following example of the use of the Client Run Before Job directive was submitted by a user:
You could write a shell script to back up a DB2 database to a FIFO. The shell script is:

#!/bin/sh
# ===== backupdb.sh
DIR=/u01/mercuryd

mkfifo $DIR/dbpipe db2 BACKUP DATABASE mercuryd TO$DIR/dbpipe WITHOUT PROMPTING &
sleep 1

The following line in the Job resource in the bareos-dir.conf file:

Client Run Before Job = "su - mercuryd -c \"/u01/mercuryd/backupdb.sh ’%t’
’%l’\""

When the job is run, you will get messages from the output of the script stating that the backup has started. Even though the command being run is backgrounded with &, the job will block until the ”db2 BACKUP DATABASE” command, thus the backup stalls.

To remedy this situation, the ”db2 BACKUP DATABASE” line should be changed to the following:

db2 BACKUP DATABASE mercuryd TO $DIR/dbpipe WITHOUT PROMPTING >$DIR/backup.log
2>&1 < /dev/null &

It is important to redirect the input and outputs of a backgrounded command to /dev/null to prevent the script from blocking.

Run Before Job = <command>

The specified command is run as an external program prior to running the current Job. This directive is not required, but if it is defined, and if the exit code of the program run is non-zero, the current Bareos job will be canceled.
Run Before Job = "echo test"

it’s equivalent to :

RunScript {
Command = "echo test"
RunsOnClient = No
RunsWhen = Before
}

Lutz Kittler has pointed out that using the RunBeforeJob directive can be a simple way to modify your schedules during a holiday. For example, suppose that you normally do Full backups on Fridays, but Thursday and Friday are holidays. To avoid having to change tapes between Thursday and Friday when no one is in the office, you can create a RunBeforeJob that returns a non-zero status on Thursday and zero on all other days. That way, the Thursday job will not run, and on Friday the tape you inserted on Wednesday before leaving will be used.

Run After Job = <command>

The specified command is run as an external program if the current job terminates normally (without error or without being canceled). This directive is not required. If the exit code of the program run is non-zero, Bareos will print a warning message. Before submitting the specified command to the operating system, Bareos performs character substitution as described above for the RunScript directive.

See the Run After Failed Job if you want to run a script after the job has terminated with any non-normal status.

Run After Failed Job = <command>

The specified command is run as an external program after the current job terminates with any error status. This directive is not required. The command string must be a valid program name or name of a shell script. If the exit code of the program run is non-zero, Bareos will print a warning message. Before submitting the specified command to the operating system, Bareos performs character substitution as described above for the RunScript directive. Note, if you wish that your script will run regardless of the exit status of the Job, you can use this :
RunScript {
Command = "echo test"
RunsWhen = After
RunsOnFailure = yes
RunsOnClient  = no
RunsOnSuccess = yes    # default, you can drop this line
}

Client Run Before Job = <command>

This directive is the same as Run Before Job except that the program is run on the client machine. The same restrictions apply to Unix systems as noted above for the RunScript.
Client Run After Job = <command>

The specified command is run on the client machine as soon as data spooling is complete in order to allow restarting applications on the client as soon as possible. .

Note, please see the notes above in RunScript concerning Windows clients.

Rerun Failed Levels = <yes|no>

If this directive is set to yes (default no), and Bareos detects that a previous job at a higher level (i.e. Full or Differential) has failed, the current job level will be upgraded to the higher level. This is particularly useful for Laptops where they may often be unreachable, and if a prior Full save has failed, you wish the very next backup to be a Full save rather than whatever level it is started as.

There are several points that must be taken into account when using this directive: first, a failed job is defined as one that has not terminated normally, which includes any running job of the same name (you need to ensure that two jobs of the same name do not run simultaneously); secondly, the Ignore FileSet Changes directive is not considered when checking for failed levels, which means that any FileSet change will trigger a rerun.

Spool Data = <yes|no>

If this directive is set to yes (default no), the Storage daemon will be requested to spool the data for this Job to disk rather than write it directly to the Volume (normally a tape).

Thus the data is written in large blocks to the Volume rather than small blocks. This directive is particularly useful when running multiple simultaneous backups to tape. Once all the data arrives or the spool files’ maximum sizes are reached, the data will be despooled and written to tape.

Spooling data prevents interleaving data from several job and reduces or eliminates tape drive stop and start commonly known as ”shoe-shine”.

We don’t recommend using this option if you are writing to a disk file using this option will probably just slow down the backup jobs.

NOTE: When this directive is set to yes, Spool Attributes is also automatically set to yes.

Spool Attributes = <yes|no>

The default is set to no, which means that the File attributes are sent by the Storage daemon to the Director as they are stored on tape. However, if you want to avoid the possibility that database updates will slow down writing to the tape, you may want to set the value to yes, in which case the Storage daemon will buffer the File attributes and Storage coordinates to a temporary file in the Working Directory, then when writing the Job data to the tape is completed, the attributes and storage coordinates will be sent to the Director.

NOTE: When Spool Data is set to yes, Spool Attributes is also automatically set to yes.

SpoolSize=<bytes>

where the bytes specify the maximum spool size for this job. The default is take from Device Maximum Spool Size limit.
Where = <directory>

This directive applies only to a Restore job and specifies a prefix to the directory name of all files being restored. This permits files to be restored in a different location from which they were saved. If Where is not specified or is set to backslash (/), the files will be restored to their original location. By default, we have set Where in the example configuration files to be /tmp/bareos-restores. This is to prevent accidental overwriting of your files.

This directive applies only to a Restore job and specifies a prefix to the directory name of all files being restored. This will use File Relocation feature.

This directive applies only to a Restore job and specifies a suffix to all files being restored. This will use File Relocation feature.

Using Add Suffix=.old, /etc/passwd will be restored to /etc/passwsd.old

Strip Prefix = <directory>

This directive applies only to a Restore job and specifies a prefix to remove from the directory name of all files being restored. This will use the File Relocation feature.

Using Strip Prefix=/etc, /etc/passwd will be restored to /passwd

Under Windows, if you want to restore c:/files to d:/files, you can use :

Strip Prefix = c:

RegexWhere = <expressions>

This directive applies only to a Restore job and specifies a regex filename manipulation of all files being restored. This will use File Relocation feature.

Replace = <replace-option>

This directive applies only to a Restore job and specifies what happens when Bareos wants to restore a file or directory that already exists. You have the following options for replace-option:
always
when the file to be restored already exists, it is deleted and then replaced by the copy that was backed up. This is the default value.
if the backed up file (on tape) is newer than the existing file, the existing file is deleted and replaced by the back up.
ifolder
if the backed up file (on tape) is older than the existing file, the existing file is deleted and replaced by the back up.
never
if the backed up file already exists, Bareos skips restoring this file.

If a Where path prefix is specified for a recovery job, apply it to absolute links as well. The default is No. When set to Yes then while restoring files to an alternate directory, any absolute soft links will also be modified to point to the new alternate directory. Normally this is what is desired – i.e. everything is self consistent. However, if you wish to later move the files to their original locations, all files linked with absolute names will be broken.
Maximum Concurrent Jobs = <number>

where <number> is the maximum number of Jobs from the current Job resource that can run concurrently. Note, this directive limits only Jobs with the same name as the resource in which it appears. Any other restrictions on the maximum concurrent jobs such as in the Director, Client, or Storage resources will also apply in addition to the limit specified here. The default is set to 1, but you may set it to a larger number. We strongly recommend that you read the WARNING documented under Maximum Concurrent Jobs in the Director’s resource.
Reschedule On Error = <yes|no>

If this directive is enabled, and the job terminates in error, the job will be rescheduled as determined by the Reschedule Interval and Reschedule Times directives. If you cancel the job, it will not be rescheduled. The default is no (i.e. the job will not be rescheduled).

This specification can be useful for portables, laptops, or other machines that are not always connected to the network or switched on.

Reschedule Interval = <time-specification>

If you have specified Reschedule On Error = yes and the job terminates in error, it will be rescheduled after the interval of time specified by time-specification. See the time specification formats in the Configure chapter for details of time specifications. If no interval is specified, the job will not be rescheduled on error.
Reschedule Times = <count>

This directive specifies the maximum number of times to reschedule the job. If it is set to zero (the default) the job will be rescheduled an indefinite number of times.
Allow Duplicate Jobs = <yes|no>

A duplicate job in the sense we use it here means a second or subsequent job with the same name starts. This happens most frequently when the first job runs longer than expected because no tapes are available.

If this directive is enabled duplicate jobs will be run. If the directive is set to no then only one job of a given name may run at one time, and the action that Bareos takes to ensure only one job runs is determined by the other directives (see below).

If Allow Duplicate Jobs is set to no and two jobs are present and none of the three directives given below permit cancelling a job, then the current job (the second one started) will be cancelled.

The default is yes.

Cancel Lower Level Duplicates = <yes|no>

If Allow Duplicates Jobs is set to no and this directive is set to yes, Bareos will choose between duplicated jobs the one with the highest level. For example, it will cancel a previous Incremental to run a Full backup. It works only for Backup jobs. The default is no. If the levels of the duplicated jobs are the same, nothing is done and the other Cancel XXX Duplicate directives will be examined.
Cancel Queued Duplicates = <yes|no>

If Allow Duplicate Jobs is set to no and if this directive is set to yes any job that is already queued to run but not yet running will be canceled. The default is no.
Cancel Running Duplicates = <yes|no>
If Allow Duplicate Jobs is set to no and if this directive is set to yes any job that is already running will be canceled. The default is no.
Run = <job-name>
The Run directive (not to be confused with the Run option in a Schedule) allows you to start other jobs or to clone jobs. By using the cloning keywords (see below), you can backup the same data (or almost the same data) to two or more drives at the same time. The job-name is normally the same name as the current Job resource (thus creating a clone). However, it may be any Job name, so one job may start other related jobs.

The part after the equal sign must be enclosed in double quotes, and can contain any string or set of options (overrides) that you can specify when entering the Run command from the console. For example storage=DDS-4 .... In addition, there are two special keywords that permit you to clone the current job. They are level=%l and since=%s. The %l in the level keyword permits entering the actual level of the current job and the %s in the since keyword permits putting the same time for comparison as used on the current job. Note, in the case of the since keyword, the %s must be enclosed in double quotes, and thus they must be preceded by a backslash since they are already inside quotes. For example:

run = "Nightly-backup level=%l since=\"%s\" storage=DDS-4"

A cloned job will not start additional clones, so it is not possible to recurse.

Please note that all cloned jobs, as specified in the Run directives are submitted for running before the original job is run (while it is being initialized). This means that any clone job will actually start before the original job, and may even block the original job from starting until the original job finishes unless you allow multiple simultaneous jobs. Even if you set a lower priority on the clone job, if no other jobs are running, it will start before the original job.

If you are trying to prioritize jobs by using the clone feature (Run directive), you will find it much easier to do using a RunScript resource, or a RunBeforeJob directive.

Priority = <number>
This directive permits you to control the order in which your jobs will be run by specifying a positive non-zero number. The higher the number, the lower the job priority. Assuming you are not running concurrent jobs, all queued jobs of priority 1 will run before queued jobs of priority 2 and so on, regardless of the original scheduling order.

The priority only affects waiting jobs that are queued to run, not jobs that are already running. If one or more jobs of priority 2 are already running, and a new job is scheduled with priority 1, the currently running priority 2 jobs must complete before the priority 1 job is run, unless Allow Mixed Priority is set.

The default priority is 10.

If you want to run concurrent jobs you should keep these points in mind:

• See Running Concurrent Jobs on how to setup concurrent jobs.
• Bareos concurrently runs jobs of only one priority at a time. It will not simultaneously run a priority 1 and a priority 2 job.
• If Bareos is running a priority 2 job and a new priority 1 job is scheduled, it will wait until the running priority 2 job terminates even if the Maximum Concurrent Jobs settings would otherwise allow two jobs to run simultaneously.
• Suppose that bareos is running a priority 2 job and a new priority 1 job is scheduled and queued waiting for the running priority 2 job to terminate. If you then start a second priority 2 job, the waiting priority 1 job will prevent the new priority 2 job from running concurrently with the running priority 2 job. That is: as long as there is a higher priority job waiting to run, no new lower priority jobs will start even if the Maximum Concurrent Jobs settings would normally allow them to run. This ensures that higher priority jobs will be run as soon as possible.

If you have several jobs of different priority, it may not best to start them at exactly the same time, because Bareos must examine them one at a time. If by Bareos starts a lower priority job first, then it will run before your high priority jobs. If you experience this problem, you may avoid it by starting any higher priority jobs a few seconds before lower priority ones. This insures that Bareos will examine the jobs in the correct order, and that your priority scheme will be respected.

Allow Mixed Priority = <yes|no>

When set to yes (default no), this job may run even if lower priority jobs are already running. This means a high priority job will not have to wait for other jobs to finish before starting. The scheduler will only mix priorities when all running jobs have this set to true.

Note that only higher priority jobs will start early. Suppose the director will allow two concurrent jobs, and that two jobs with priority 10 are running, with two more in the queue. If a job with priority 5 is added to the queue, it will be run as soon as one of the running jobs finishes. However, new priority 10 jobs will not be run until the priority 5 job has finished.

The following is an example of a valid Job resource definition:

Job {
Name = "Minou"
Type = Backup
Level = Incremental                 # default
Client = Minou
FileSet="Minou Full Set"
Storage = DLTDrive
Pool = Default
Schedule = "MinouWeeklyCycle"
Messages = Standard
}

### 9.3 JobDefs Resource

The JobDefs resource permits all the same directives that can appear in a Job resource. However, a JobDefs resource does not create a Job, rather it can be referenced within a Job to provide defaults for that Job. This permits you to concisely define several nearly identical Jobs, each one referencing a JobDefs resource which contains the defaults. Only the changes from the defaults need to be mentioned in each Job.

### 9.4 Schedule Resource

The Schedule resource provides a means of automatically scheduling a Job as well as the ability to override the default Level, Pool, Storage and Messages resources. If a Schedule resource is not referenced in a Job, the Job can only be run manually. In general, you specify an action to be taken and when.

Schedule

Start of the Schedule directives. No Schedule resource is required, but you will need at least one if you want Jobs to be automatically started.
Name = <name>

The name of the schedule being defined. The Name directive is required.
Run = <Job-overrides> <Date-time-specification>

The Run directive defines when a Job is to be run, and what overrides if any to apply. You may specify multiple run directives within a Schedule resource. If you do, they will all be applied (i.e. multiple schedules). If you have two Run directives that start at the same time, two Jobs will start at the same time (well, within one second of each other).

The Job-overrides permit overriding the Level, the Storage, the Messages, and the Pool specifications provided in the Job resource. In addition, the FullPool, the IncrementalPool, and the DifferentialPool specifications permit overriding the Pool specification according to what backup Job Level is in effect.

By the use of overrides, you may customize a particular Job. For example, you may specify a Messages override for your Incremental backups that outputs messages to a log file, but for your weekly or monthly Full backups, you may send the output by email by using a different Messages override.

Job-overrides are specified as: keyword=value where the keyword is Level, Storage, Messages, Pool, FullPool, DifferentialPool, or IncrementalPool, and the value is as defined on the respective directive formats for the Job resource. You may specify multiple Job-overrides on one Run directive by separating them with one or more spaces or by separating them with a trailing comma. For example:

Level=Full
is all files in the FileSet whether or not they have changed.
Level=Incremental
is all files that have changed since the last backup.
Pool=Weekly
specifies to use the Pool named Weekly.
Storage=DLT_Drive
specifies to use DLT_Drive for the storage device.
Messages=Verbose
specifies to use the Verbose message resource for the Job.
FullPool=Full
specifies to use the Pool named Full if the job is a full backup, or is upgraded from another type to a full backup.
DifferentialPool=Differential
specifies to use the Pool named Differential if the job is a differential backup.
IncrementalPool=Incremental
specifies to use the Pool named Incremental if the job is an incremental backup.
Accurate=yes|no
tells Bareos to use or not the Accurate code for the specific job. It can allow you to save memory and and CPU resources on the catalog server in some cases.

Date-time-specification determines when the Job is to be run. The specification is a repetition, and as a default Bareos is set to run a job at the beginning of the hour of every hour of every day of every week of every month of every year. This is not normally what you want, so you must specify or limit when you want the job to run. Any specification given is assumed to be repetitive in nature and will serve to override or limit the default repetition. This is done by specifying masks or times for the hour, day of the month, day of the week, week of the month, week of the year, and month when you want the job to run. By specifying one or more of the above, you can define a schedule to repeat at almost any frequency you want.

Basically, you must supply a month, day, hour, and minute the Job is to be run. Of these four items to be specified, day is special in that you may either specify a day of the month such as 1, 2, ... 31, or you may specify a day of the week such as Monday, Tuesday, ... Sunday. Finally, you may also specify a week qualifier to restrict the schedule to the first, second, third, fourth, or fifth week of the month.

For example, if you specify only a day of the week, such as Tuesday the Job will be run every hour of every Tuesday of every Month. That is the month and hour remain set to the defaults of every month and all hours.

Note, by default with no other specification, your job will run at the beginning of every hour. If you wish your job to run more than once in any given hour, you will need to specify multiple run specifications each with a different minute.

The date/time to run the Job can be specified in the following way in pseudo-BNF:

<void-keyword>    = on
<at-keyword>      = at
<week-keyword>    = 1st | 2nd | 3rd | 4th | 5th | first |
second | third | fourth | fifth
<wday-keyword>    = sun | mon | tue | wed | thu | fri | sat |
sunday | monday | tuesday | wednesday |
thursday | friday | saturday
<week-of-year-keyword> = w00 | w01 | ... w52 | w53
<month-keyword>   = jan | feb | mar | apr | may | jun | jul |
aug | sep | oct | nov | dec | january |
february | ... | december
<daily-keyword>   = daily
<weekly-keyword>  = weekly
<monthly-keyword> = monthly
<hourly-keyword>  = hourly
<digit>           = 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 0
<number>          = <digit> | <digit><number>
<12hour>          = 0 | 1 | 2 | ... 12
<hour>            = 0 | 1 | 2 | ... 23
<minute>          = 0 | 1 | 2 | ... 59
<day>             = 1 | 2 | ... 31
<time>            = <hour>:<minute> |
<12hour>:<minute>am |
<12hour>:<minute>pm
<time-spec>       = <at-keyword> <time> |
<hourly-keyword>
<date-keyword>    = <void-keyword>  <weekly-keyword>
<day-range>       = <day>-<day>
<month-range>     = <month-keyword>-<month-keyword>
<wday-range>      = <wday-keyword>-<wday-keyword>
<range>           = <day-range> | <month-range> |
<wday-range>
<date>            = <date-keyword> | <day> | <range>
<date-spec>       = <date> | <date-spec>
<day-spec>        = <day> | <wday-keyword> |
<day> | <wday-range> |
<week-keyword> <wday-keyword> |
<week-keyword> <wday-range> |
<daily-keyword>
<month-spec>      = <month-keyword> | <month-range> |
<monthly-keyword>
<date-time-spec>  = <month-spec> <day-spec> <time-spec>

Note, the Week of Year specification wnn follows the ISO standard definition of the week of the year, where Week 1 is the week in which the first Thursday of the year occurs, or alternatively, the week which contains the 4th of January. Weeks are numbered w01 to w53. w00 for Bareos is the week that precedes the first ISO week (i.e. has the first few days of the year if any occur before Thursday). w00 is not defined by the ISO specification. A week starts with Monday and ends with Sunday.

According to the NIST (US National Institute of Standards and Technology), 12am and 12pm are ambiguous and can be defined to anything. However, 12:01am is the same as 00:01 and 12:01pm is the same as 12:01, so Bareos defines 12am as 00:00 (midnight) and 12pm as 12:00 (noon). You can avoid this abiguity (confusion) by using 24 hour time specifications (i.e. no am/pm).

An example schedule resource that is named WeeklyCycle and runs a job with level full each Sunday at 2:05am and an incremental job Monday through Saturday at 2:05am is:

Schedule {
Name = "WeeklyCycle"
Run = Level=Full sun at 2:05
Run = Level=Incremental mon-sat at 2:05
}

An example of a possible monthly cycle is as follows:

Schedule {
Name = "MonthlyCycle"
Run = Level=Full Pool=Monthly 1st sun at 2:05
Run = Level=Differential 2nd-5th sun at 2:05
Run = Level=Incremental Pool=Daily mon-sat at 2:05
}

The first of every month:

Schedule {
Name = "First"
Run = Level=Full on 1 at 2:05
Run = Level=Incremental on 2-31 at 2:05
}

Every 10 minutes:

Schedule {
Name = "TenMinutes"
Run = Level=Full hourly at 0:05
Run = Level=Full hourly at 0:15
Run = Level=Full hourly at 0:25
Run = Level=Full hourly at 0:35
Run = Level=Full hourly at 0:45
Run = Level=Full hourly at 0:55
}

#### 9.4.1 Technical Notes on Schedules

For any schedule you have defined, you can see how these bits are set by doing a show schedules command in the Console program. Please note that the bit mask is zero based, and Sunday is the first day of the week (bit zero).

### 9.5 FileSet Resource

The FileSet resource defines what files are to be included or excluded in a backup job. A FileSet resource is required for each backup Job. It consists of a list of files or directories to be included, a list of files or directories to be excluded and the various backup options such as compression, encryption, and signatures that are to be applied to each file.

Any change to the list of the included files will cause Bareos to automatically create a new FileSet (defined by the name and an MD5 checksum of the Include/Exclude contents). Each time a new FileSet is created, Bareos will ensure that the next backup is always a Full save.

FileSet
Start of the FileSet resource. One FileSet resource must be defined for each Backup job.
Name = <name>
(required)
The name of the FileSet resource. This directive is required.
Description = <text>

Information only.
Enable VSS = <yes|no>
(default: yes (on Windows))
If this directive is set to yes the File daemon will be notified that the user wants to use a Volume Shadow Copy Service (VSS) backup for this job. This directive is effective only on the Windows File Daemon. It permits a consistent copy of open files to be made for cooperating writer applications, and for applications that are not VSS away, Bareos can at least copy open files. The Volume Shadow Copy will only be done on Windows drives where the drive (e.g. C:, D:, ...) is explicitly mentioned in a File directive. For more information, please see the Windows chapter of this manual.
Ignore FileSet Changes = <yes|no>
(default: no)
Normally, if you modify the FileSet Include or Exclude lists, the next backup will be forced to a Full so that Bareos can guarantee that any additions or deletions are properly saved.

We strongly recommend against setting this directive to yes, since doing so may cause you to have an incomplete set of backups.

If this directive is set to yes, any changes you make to the FileSet Include or Exclude lists, will not force a Full during subsequent backups.

The default is no, in which case, if you change the Include or Exclude, Bareos will force a Full backup to ensure that everything is properly backed up.

Include = <>

Describe the files, that should get included to a backup, see section about the Include Ressource.
Exclude = <>

Describe the files, that should get excluded from a backup, see section about the Exclude Ressource.

#### 9.5.1 FileSet Include Ressource

The Include resource must contain a list of directories and/or files to be processed in the backup job.

Normally, all files found in all subdirectories of any directory in the Include File list will be backed up. Note, see below for the definition of <file-list>. The Include resource may also contain one or more Options resources that specify options such as compression to be applied to all or any subset of the files found when processing the file-list for backup. Please see below for more details concerning Options resources.

There can be any number of Include resources within the FileSet, each having its own list of directories or files to be backed up and the backup options defined by one or more Options resources.

Please take note of the following items in the FileSet syntax:

1. There is no equal sign (=) after the Include and before the opening brace ({). The same is true for the Exclude.
2. Each directory (or filename) to be included or excluded is preceded by a File =. Previously they were simply listed on separate lines.
3. The Exclude resource does not accept Options.
4. When using wild-cards or regular expressions, directory names are always terminated with a slash (/) and filenames have no trailing slash.
File = < filename | dirname | |command | \<includefile-client | <includefile-server >

The file list consists of one file or directory name per line. Directory names should be specified without a trailing slash with Unix path notation.

Windows users, please take note to specify directories (even c:/...) in Unix path notation. If you use Windows conventions, you will most likely not be able to restore your files due to the fact that the Windows path separator was defined as an escape character long before Windows existed, and Bareos adheres to that convention (i.e. means the next character appears as itself).

You should always specify a full path for every directory and file that you list in the FileSet. In addition, on Windows machines, you should always prefix the directory or filename with the drive specification (e.g. c:/xxx) using Unix directory name separators (forward slash). The drive letter itself can be upper or lower case (e.g. c:/xxx or C:/xxx).

Bareos’s default for processing directories is to recursively descend in the directory saving all files and subdirectories. Bareos will not by default cross filesystems (or mount points in Unix parlance). This means that if you specify the root partition (e.g. /), Bareos will save only the root partition and not any of the other mounted filesystems. Similarly on Windows systems, you must explicitly specify each of the drives you want saved (e.g. c:/ and d:/ ...). In addition, at least for Windows systems, you will most likely want to enclose each specification within double quotes particularly if the directory (or file) name contains spaces. The df command on Unix systems will show you which mount points you must specify to save everything. See below for an example.

Take special care not to include a directory twice or Bareos will backup the same files two times wasting a lot of space on your archive device. Including a directory twice is very easy to do. For example:

   Include {     Options {       compression=GZIP     }     File = /     File = /usr   }

Configuration 9.1: File Set

on a Unix system where /usr is a subdirectory (rather than a mounted filesystem) will cause /usr to be backed up twice.

<file-list> is a list of directory and/or filename names specified with a File = directive. To include names containing spaces, enclose the name between double-quotes. Wild-cards are not interpreted in file-lists. They can only be specified in Options resources.

There are a number of special cases when specifying directories and files in a file-list. They are:

• Any name preceded by an at-sign (@) is assumed to be the name of a file, which contains a list of files each preceded by a ”File =”. The named file is read once when the configuration file is parsed during the Director startup. Note, that the file is read on the Director’s machine and not on the Client’s. In fact, the @filename can appear anywhere within the conf file where a token would be read, and the contents of the named file will be logically inserted in the place of the @filename. What must be in the file depends on the location the @filename is specified in the conf file. For example:
 Include {   Options {     compression=GZIP   }   @/home/files/my-files }

Configuration 9.2: File Set with Include File
• Any name beginning with a vertical bar (|) is assumed to be the name of a program. This program will be executed on the Director’s machine at the time the Job starts (not when the Director reads the configuration file), and any output from that program will be assumed to be a list of files or directories, one per line, to be included. Before submitting the specified command Bareos will performe character substitution.

This allows you to have a job that, for example, includes all the local partitions even if you change the partitioning by adding a disk. The examples below show you how to do this. However, please note two things:
1. if you want the local filesystems, you probably should be using the new fstype directive, which was added in version 1.36.3 and set onefs=no.

2. the exact syntax of the command needed in the examples below is very system dependent. For example, on recent Linux systems, you may need to add the -P option, on FreeBSD systems, the options will be different as well.

In general, you will need to prefix your command or commands with a sh -c so that they are invoked by a shell. This will not be the case if you are invoking a script as in the second example below. Also, you must take care to escape (precede with a \) wild-cards, shell character, and to ensure that any spaces in your command are escaped as well. If you use a single quotes (’) within a double quote (”), Bareos will treat everything between the single quotes as one field so it will not be necessary to escape the spaces. In general, getting all the quotes and escapes correct is a real pain as you can see by the next example. As a consequence, it is often easier to put everything in a file and simply use the file name within Bareos. In that case the sh -c will not be necessary providing the first line of the file is #!/bin/sh.

As an example:

 Include {    Options {      signature = SHA1    }    File = "|sh -c ’df -l | grep \"^/dev/hd[ab]\" | grep -v \".*/tmp\" | awk \"{print \\$6}\"’" }  Configuration 9.3: File Set with inline script will produce a list of all the local partitions on a Linux system. Quoting is a real problem because you must quote for Bareos which consists of preceding every \ and every ” with a \, and you must also quote for the shell command. In the end, it is probably easier just to execute a script file with:  Include { Options { signature=MD5 } File = "|my_partitions" }  Configuration 9.4: File Set with external script where my_partitions has: #!/bin/sh df -l | grep "^/dev/hd[ab]" | grep -v ".*/tmp" \ | awk "{print \$6}"

If the vertical bar (|) in front of my_partitions is preceded by a backslash as in \|, the program will be executed on the Client’s machine instead of on the Director’s machine. Please note that if the filename is given within quotes, you will need to use two slashes. An example, provided by John Donagher, that backs up all the local UFS partitions on a remote system is:

 FileSet {   Name = "All local partitions"   Include {     Options {       signature=SHA1       onefs=yes     }     File = "\\|bash -c \"df -klF ufs | tail +2 | awk ’{print \$6}’\"" } }  Configuration 9.5: File Set with inline script in quotes The above requires two backslash characters after the double quote (one preserves the next one). If you are a Linux user, just change the ufs to ext3 (or your preferred filesystem type), and you will be in business. If you know what filesystems you have mounted on your system, e.g. for Linux only using ext2, ext3 or ext4, you can backup all local filesystems using something like:  Include { Options { signature = SHA1 onfs=no fstype=ext2 } File = / }  Configuration 9.6: File Set to backup all extfs partions • Any file-list item preceded by a less-than sign (<) will be taken to be a file. This file will be read on the Director’s machine (see below for doing it on the Client machine) at the time the Job starts, and the data will be assumed to be a list of directories or files, one per line, to be included. The names should start in column 1 and should not be quoted even if they contain spaces. This feature allows you to modify the external file and change what will be saved without stopping and restarting Bareos as would be necessary if using the @ modifier noted above. For example: Include { Options { signature = SHA1 } File = "</home/files/local-filelist" } If you precede the less-than sign (<) with a backslash as in \<, the file-list will be read on the Client machine instead of on the Director’s machine. Please note that if the filename is given within quotes, you will need to use two slashes. Include { Options { signature = SHA1 } File = "\\</home/xxx/filelist-on-client" } • If you explicitly specify a block device such as /dev/hda1, then Bareos will assume that this is a raw partition to be backed up. In this case, you are strongly urged to specify a sparse=yes include option, otherwise, you will save the whole partition rather than just the actual data that the partition contains. For example:  Include { Options { signature=MD5 sparse=yes } File = /dev/hd6 }  Configuration 9.7: Backup Raw Partitions will backup the data in device /dev/hd6. Note, the bf /dev/hd6 must be the raw partition itself. Bareos will not back it up as a raw device if you specify a symbolic link to a raw device such as my be created by the LVM Snapshot utilities. • A file-list may not contain wild-cards. Use directives in the Options resource if you wish to specify wild-cards or regular expression matching. Exclude Dir Containing = <filename> This directive can be added to the Include section of the FileSet resource. If the specified filename (filename-string) is found on the Client in any directory to be backed up, the whole directory will be ignored (not backed up). We recommend to use the filename .nobackup, as it is a hidden file on unix systems, and explains what is the purpose of the file. For example:  # List of files to be backed up FileSet { Name = "MyFileSet" Include { Options { signature = MD5 } File = /home Exclude Dir Containing = .nobackup } }  Configuration 9.8: Exlude Directories containing the file .nobackup But in /home, there may be hundreds of directories of users and some people want to indicate that they don’t want to have certain directories backed up. For example, with the above FileSet, if the user or sysadmin creates a file named .nobackup in specific directories, such as /home/user/www/cache/.nobackup /home/user/temp/.nobackup then Bareos will not backup the two directories named: /home/user/www/cache /home/user/temp NOTE: subdirectories will not be backed up. That is, the directive applies to the two directories in question and any children (be they files, directories, etc). Plugin = <plugin-name:plugin-parameter1:plugin-parameter2:> Instead of only specifying files, a file set can also use plugins. Plugins are additional libraries that handle specific requirements. The purpose of plugins is to provide an interface to any system program for backup and restore. That allows you, for example, to do database backups without a local dump. The syntax and semantics of the Plugin directive require the first part of the string up to the colon to be the name of the plugin. Everything after the first colon is ignored by the File daemon but is passed to the plugin. Thus the plugin writer may define the meaning of the rest of the string as he wishes. The program bpluginfo can be used, to retreive information about a specific plugin, see the bpluginfo section. Examples about the bpipe- and the mssql-plugin can be found in the sections about the bpipe plugin and the MSSQL plugin. Note: It is also possible to define more than one plugin directive in a FileSet to do several database dumps at once. Options = <> See the File Set Options section. ##### FileSet Options Ressource The Options resource is optional, but when specified, it will contain a list of keyword=value options to be applied to the file-list. See below for the definition of file-list. Multiple Options resources may be specified one after another. As the files are found in the specified directories, the Options will applied to the filenames to determine if and how the file should be backed up. The wildcard and regular expression pattern matching parts of the Options resources are checked in the order they are specified in the FileSet until the first one that matches. Once one matches, the compression and other flags within the Options specification will apply to the pattern matched. A key point is that in the absence of an Option or no other Option is matched, every file is accepted for backing up. This means that if you want to exclude something, you must explicitly specify an Option with an exclude = yes and some pattern matching. Once Bareos determines that the Options resource matches the file under consideration, that file will be saved without looking at any other Options resources that may be present. This means that any wild cards must appear before an Options resource without wild cards. If for some reason, Bareos checks all the Options resources to a file under consideration for backup, but there are no matches (generally because of wild cards that don’t match), Bareos as a default will then backup the file. This is quite logical if you consider the case of no Options clause is specified, where you want everything to be backed up, and it is important to keep in mind when excluding as mentioned above. However, one additional point is that in the case that no match was found, Bareos will use the options found in the last Options resource. As a consequence, if you want a particular set of ”default” options, you should put them in an Options resource after any other Options. It is a good idea to put all your wild-card and regex expressions inside double quotes to prevent conf file scanning problems. This is perhaps a bit overwhelming, so there are a number of examples included below to illustrate how this works. You find yourself using a lot of Regex statements, which will cost quite a lot of CPU time, we recommend you simplify them if you can, or better yet convert them to Wild statements which are much more efficient. The directives within an Options resource may be one of the following: compression=<GZIP|LZO|LZFAST|LZ4|LZ4HC> compression=GZIP All files saved will be software compressed using the GNU ZIP compression format. The compression is done on a file by file basis by the File daemon. If there is a problem reading the tape in a single record of a file, it will at most affect that file and none of the other files on the tape. Normally this option is not needed if you have a modern tape drive as the drive will do its own compression. In fact, if you specify software compression at the same time you have hardware compression turned on, your files may actually take more space on the volume. Software compression is very important if you are writing your Volumes to a file, and it can also be helpful if you have a fast computer but a slow network, otherwise it is generally better to rely your tape drive’s hardware compression. As noted above, it is not generally a good idea to do both software and hardware compression. Specifying GZIP uses the default compression level 6 (i.e. GZIP is identical to GZIP6). If you want a different compression level (1 through 9), you can specify it by appending the level number with no intervening spaces to GZIP. Thus compression=GZIP1 would give minimum compression but the fastest algorithm, and compression=GZIP9 would give the highest level of compression, but requires more computation. According to the GZIP documentation, compression levels greater than six generally give very little extra compression and are rather CPU intensive. You can overwrite this option per Storage resource with AllowCompression option. compression=LZO All files saved will be software compressed using the LZO compression format. The compression is done on a file by file basis by the File daemon. Everything else about GZIP is true for LZO. LZO provides much faster compression and decompression speed but lower compression ratio than GZIP. If your CPU is fast enough you should be able to compress your data without making the backup duration longer. Note that Bareos only use one compression level LZO1X-1 specified by LZO. You can overwrite this option per Storage resource with AllowCompression option. compression=LZFAST All files saved will be software compressed using the LZFAST compression format. The compression is done on a file by file basis by the File daemon. Everything else about GZIP is true for LZFAST. LZFAST provides much faster compression and decompression speed but lower compression ratio than GZIP. If your CPU is fast enough you should be able to compress your data without making the backup duration longer. You can overwrite this option per Storage resource with AllowCompression option. compression=LZ4 All files saved will be software compressed using the LZ4 compression format. The compression is done on a file by file basis by the File daemon. Everything else about GZIP is true for LZ4. LZ4 provides much faster compression and decompression speed but lower compression ratio than GZIP. If your CPU is fast enough you should be able to compress your data without making the backup duration longer. Both LZ4 and LZ4HC have the same decompression speed which is about twice the speed of the LZO compression. So for a restore both LZ4 and LZ4HC are good candidates. You can overwrite this option per Storage resource with AllowCompression option. compression=LZ4HC All files saved will be software compressed using the LZ4HC compression format. The compression is done on a file by file basis by the File daemon. Everything else about GZIP is true for LZ4. LZ4HC is the High Compression version of the LZ4 compression. It has a higher compression ratio than LZ4 and is more comparable to GZIP-6 in both compression rate and cpu usage. Both LZ4 and LZ4HC have the same decompression speed which is about twice the speed of the LZO compression. So for a restore both LZ4 and LZ4HC are good candidates. You can overwrite this option per Storage resource with AllowCompression option. signature=<SHA1|MD5> signature=SHA1 An SHA1 signature will be computed for all The SHA1 algorithm is purported to be some what slower than the MD5 algorithm, but at the same time is significantly better from a cryptographic point of view (i.e. much fewer collisions, much lower probability of being hacked.) It adds four more bytes than the MD5 signature. We strongly recommend that either this option or MD5 be specified as a default for all files. Note, only one of the two options MD5 or SHA1 can be computed for any file. signature=MD5 An MD5 signature will be computed for all files saved. Adding this option generates about 5% extra overhead for each file saved. In addition to the additional CPU time, the MD5 signature adds 16 more bytes per file to your catalog. We strongly recommend that this option or the SHA1 option be specified as a default for all files. basejob=<options> The options letters specified are used when running a Backup Level=Full with BaseJobs. The options letters are the same than in the verify= option below. accurate=<options> The options letters specified are used when running a Backup Level=Incremental/Differential in Accurate mode. The options letters are the same than in the verify= option below. verify=<options> The options letters specified are used when running a Verify Level=Catalog as well as the DiskToCatalog level job. The options letters may be any combination of the following: i compare the inodes p compare the permission bits n compare the number of links u compare the user id g compare the group id s compare the size a compare the access time m compare the modification time (st_mtime) c compare the change time (st_ctime) d report file size decreases 5 compare the MD5 signature 1 compare the SHA1 signature A Only for Accurate option, it allows to always backup the file A useful set of general options on the Level=Catalog or Level=DiskToCatalog verify is pins5 i.e. compare permission bits, inodes, number of links, size, and MD5 changes. onefs=yes|no If set to yes (the default), Bareos will remain on a single file system. That is it will not backup file systems that are mounted on a subdirectory. If you are using a *nix system, you may not even be aware that there are several different filesystems as they are often automatically mounted by the OS (e.g. /dev, /net, /sys, /proc, ...). Bareos will inform you when it decides not to traverse into another filesystem. This can be very useful if you forgot to backup a particular partition. An example of the informational message in the job report is: rufus-fd: /misc is a different filesystem. Will not descend from / into /misc rufus-fd: /net is a different filesystem. Will not descend from / into /net rufus-fd: /var/lib/nfs/rpc_pipefs is a different filesystem. Will not descend from /var/lib/nfs into /var/lib/nfs/rpc_pipefs rufus-fd: /selinux is a different filesystem. Will not descend from / into /selinux rufus-fd: /sys is a different filesystem. Will not descend from / into /sys rufus-fd: /dev is a different filesystem. Will not descend from / into /dev rufus-fd: /home is a different filesystem. Will not descend from / into /home If you wish to backup multiple filesystems, you can explicitly list each filesystem you want saved. Otherwise, if you set the onefs option to no, Bareos will backup all mounted file systems (i.e. traverse mount points) that are found within the FileSet. Thus if you have NFS or Samba file systems mounted on a directory listed in your FileSet, they will also be backed up. Normally, it is preferable to set onefs=yes and to explicitly name each filesystem you want backed up. Explicitly naming the filesystems you want backed up avoids the possibility of getting into a infinite loop recursing filesystems. Another possibility is to use onefs=no and to set fstype=ext2, .... See the example below for more details. If you think that Bareos should be backing up a particular directory and it is not, and you have onefs=no set, before you complain, please do: stat / stat <filesystem> where you replace filesystem with the one in question. If the Device: number is different for / and for your filesystem, then they are on different filesystems. E.g. stat / File: ‘/’ Size: 4096 Blocks: 16 IO Block: 4096 directory Device: 302h/770d Inode: 2 Links: 26 Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2005-11-10 12:28:01.000000000 +0100 Modify: 2005-09-27 17:52:32.000000000 +0200 Change: 2005-09-27 17:52:32.000000000 +0200 stat /net File: ‘/home’ Size: 4096 Blocks: 16 IO Block: 4096 directory Device: 308h/776d Inode: 2 Links: 7 Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2005-11-10 12:28:02.000000000 +0100 Modify: 2005-11-06 12:36:48.000000000 +0100 Change: 2005-11-06 12:36:48.000000000 +0100 Also be aware that even if you include /home in your list of files to backup, as you most likely should, you will get the informational message that ”/home is a different filesystem” when Bareos is processing the / directory. This message does not indicate an error. This message means that while examining the File = referred to in the second part of the message, Bareos will not descend into the directory mentioned in the first part of the message. However, it is possible that the separate filesystem will be backed up despite the message. For example, consider the following FileSet: File = / File = /var where /var is a separate filesystem. In this example, you will get a message saying that Bareos will not decend from / into /var. But it is important to realise that Bareos will descend into /var from the second File directive shown above. In effect, the warning is bogus, but it is supplied to alert you to possible omissions from your FileSet. In this example, /var will be backed up. If you changed the FileSet such that it did not specify /var, then /var will not be backed up. honor nodump flag=<yes|no> If your file system supports the nodump flag (e. g. most BSD-derived systems) Bareos will honor the setting of the flag when this option is set to yes. Files having this flag set will not be included in the backup and will not show up in the catalog. For directories with the nodump flag set recursion is turned off and the directory will be listed in the catalog. If the honor nodump flag option is not defined or set to no every file and directory will be eligible for backup. portable=yes|no If set to yes (default is no), the Bareos File daemon will backup Win32 files in a portable format, but not all Win32 file attributes will be saved and restored. By default, this option is set to no, which means that on Win32 systems, the data will be backed up using Windows API calls and on WinNT/2K/XP, all the security and ownership attributes will be properly backed up (and restored). However this format is not portable to other systems – e.g. Unix, Win95/98/Me. When backing up Unix systems, this option is ignored, and unless you have a specific need to have portable backups, we recommend accept the default (no) so that the maximum information concerning your files is saved. recurse=yes|no If set to yes (the default), Bareos will recurse (or descend) into all subdirectories found unless the directory is explicitly excluded using an exclude definition. If you set recurse=no, Bareos will save the subdirectory entries, but not descend into the subdirectories, and thus will not save the files or directories contained in the subdirectories. Normally, you will want the default (yes). sparse=yes|no Enable special code that checks for sparse files such as created by ndbm. The default is no, so no checks are made for sparse files. You may specify sparse=yes even on files that are not sparse file. No harm will be done, but there will be a small additional overhead to check for buffers of all zero, and if there is a 32K block of all zeros (see below), that block will become a hole in the file, which may not be desirable if the original file was not a sparse file. Restrictions: Bareos reads files in 32K buffers. If the whole buffer is zero, it will be treated as a sparse block and not written to tape. However, if any part of the buffer is non-zero, the whole buffer will be written to tape, possibly including some disk sectors (generally 4098 bytes) that are all zero. As a consequence, Bareos’s detection of sparse blocks is in 32K increments rather than the system block size. If anyone considers this to be a real problem, please send in a request for change with the reason. If you are not familiar with sparse files, an example is say a file where you wrote 512 bytes at address zero, then 512 bytes at address 1 million. The operating system will allocate only two blocks, and the empty space or hole will have nothing allocated. However, when you read the sparse file and read the addresses where nothing was written, the OS will return all zeros as if the space were allocated, and if you backup such a file, a lot of space will be used to write zeros to the volume. Worse yet, when you restore the file, all the previously empty space will now be allocated using much more disk space. By turning on the sparse option, Bareos will specifically look for empty space in the file, and any empty space will not be written to the Volume, nor will it be restored. The price to pay for this is that Bareos must search each block it reads before writing it. On a slow system, this may be important. If you suspect you have sparse files, you should benchmark the difference or set sparse for only those files that are really sparse. You probably should not use this option on files or raw disk devices that are not really sparse files (i.e. have holes in them). readfifo=yes|no If enabled, tells the Client to read the data on a backup and write the data on a restore to any FIFO (pipe) that is explicitly mentioned in the FileSet. In this case, you must have a program already running that writes into the FIFO for a backup or reads from the FIFO on a restore. This can be accomplished with the RunBeforeJob directive. If this is not the case, Bareos will hang indefinitely on reading/writing the FIFO. When this is not enabled (default), the Client simply saves the directory entry for the FIFO. Normally, when Bareos runs a RunBeforeJob, it waits until that script terminates, and if the script accesses the FIFO to write into it, the Bareos job will block and everything will stall. However, Vladimir Stavrinov as supplied tip that allows this feature to work correctly. He simply adds the following to the beginning of the RunBeforeJob script: exec > /dev/null  Include { Options { signature=SHA1 readfifo=yes } File = /home/abc/fifo }  Configuration 9.9: FileSet with Fifo This feature can be used to do a ”hot” database backup. You can use the RunBeforeJob to create the fifo and to start a program that dynamically reads your database and writes it to the fifo. Bareos will then write it to the Volume. During the restore operation, the inverse is true, after Bareos creates the fifo if there was any data stored with it (no need to explicitly list it or add any options), that data will be written back to the fifo. As a consequence, if any such FIFOs exist in the fileset to be restored, you must ensure that there is a reader program or Bareos will block, and after one minute, Bareos will time out the write to the fifo and move on to the next file. If you are planing to use a Fifo for backup, better take a look to the bpipe plugin section. noatime=yes|no If enabled, and if your Operating System supports the O_NOATIME file open flag, Bareos will open all files to be backed up with this option. It makes it possible to read a file without updating the inode atime (and also without the inode ctime update which happens if you try to set the atime back to its previous value). It also prevents a race condition when two programs are reading the same file, but only one does not want to change the atime. It’s most useful for backup programs and file integrity checkers (and Bareos can fit on both categories). This option is particularly useful for sites where users are sensitive to their MailBox file access time. It replaces both the keepatime option without the inconveniences of that option (see below). If your Operating System does not support this option, it will be silently ignored by Bareos. mtimeonly=yes|no If enabled, tells the Client that the selection of files during Incremental and Differential backups should based only on the st_mtime value in the stat() packet. The default is no which means that the selection of files to be backed up will be based on both the st_mtime and the st_ctime values. In general, it is not recommended to use this option. keepatime=yes|no The default is no. When enabled, Bareos will reset the st_atime (access time) field of files that it backs up to their value prior to the backup. This option is not generally recommended as there are very few programs that use st_atime, and the backup overhead is increased because of the additional system call necessary to reset the times. However, for some files, such as mailboxes, when Bareos backs up the file, the user will notice that someone (Bareos) has accessed the file. In this, case keepatime can be useful. (I’m not sure this works on Win32). Note, if you use this feature, when Bareos resets the access time, the change time (st_ctime) will automatically be modified by the system, so on the next incremental job, the file will be backed up even if it has not changed. As a consequence, you will probably also want to use mtimeonly = yes as well as keepatime (thanks to Rudolf Cejka for this tip). checkfilechanges=yes|no On versions 2.0.4 or greater, if enabled, the Client will check size, age of each file after their backup to see if they have changed during backup. If time or size mismatch, an error will raise. zog-fd: Client1.2007-03-31_09.46.21 Error: /tmp/test mtime changed during backup. In general, it is recommended to use this option. hardlinks=yes|no When enabled (default), this directive will cause hard links to be backed up. However, the File daemon keeps track of hard linked files and will backup the data only once. The process of keeping track of the hard links can be quite expensive if you have lots of them (tens of thousands or more). This doesn’t occur on normal Unix systems, but if you use a program like BackupPC, it can create hundreds of thousands, or even millions of hard links. Backups become very long and the File daemon will consume a lot of CPU power checking hard links. In such a case, set hardlinks=no and hard links will not be backed up. Note, using this option will most likely backup more data and on a restore the file system will not be restored identically to the original. wild=<string> Specifies a wild-card string to be applied to the filenames and directory names. Note, if Exclude is not enabled, the wild-card will select which files are to be included. If Exclude=yes is specified, the wild-card will select which files are to be excluded. Multiple wild-card directives may be specified, and they will be applied in turn until the first one that matches. Note, if you exclude a directory, no files or directories below it will be matched. You may want to test your expressions prior to running your backup by using the bwild program. Please see the Utilities chapter of this manual for more. You can also test your full FileSet definition by using the estimate command in the Console chapter of this manual. It is recommended to enclose the string in double quotes. wilddir=<string> Specifies a wild-card string to be applied to directory names only. No filenames will be matched by this directive. Note, if Exclude is not enabled, the wild-card will select directories to be included. If Exclude=yes is specified, the wild-card will select which directories are to be excluded. Multiple wild-card directives may be specified, and they will be applied in turn until the first one that matches. Note, if you exclude a directory, no files or directories below it will be matched. It is recommended to enclose the string in double quotes. You may want to test your expressions prior to running your backup by using the bwild program. Please see the Utilities chapter of this manual for more. You can also test your full FileSet definition by using the estimate command in the Console chapter of this manual. An example of excluding with the WildDir option on Win32 machines is presented below. wildfile=<string> Specifies a wild-card string to be applied to non-directories. That is no directory entries will be matched by this directive. However, note that the match is done against the full path and filename, so your wild-card string must take into account that filenames are preceded by the full path. If Exclude is not enabled, the wild-card will select which files are to be included. If Exclude=yes is specified, the wild-card will select which files are to be excluded. Multiple wild-card directives may be specified, and they will be applied in turn until the first one that matches. It is recommended to enclose the string in double quotes. You may want to test your expressions prior to running your backup by using the bwild program. Please see the Utilities chapter of this manual for more. You can also test your full FileSet definition by using the estimate command in the Console chapter of this manual. An example of excluding with the WildFile option on Win32 machines is presented below. regex=<string> Specifies a POSIX extended regular expression to be applied to the filenames and directory names, which include the full path. If Exclude is not enabled, the regex will select which files are to be included. If Exclude=yes is specified, the regex will select which files are to be excluded. Multiple regex directives may be specified within an Options resource, and they will be applied in turn until the first one that matches. Note, if you exclude a directory, no files or directories below it will be matched. It is recommended to enclose the string in double quotes. The regex libraries differ from one operating system to another, and in addition, regular expressions are complicated, so you may want to test your expressions prior to running your backup by using the bregex program. Please see the Utilities chapter of this manual for more. You can also test your full FileSet definition by using the estimate command in the Console chapter of this manual. You find yourself using a lot of Regex statements, which will cost quite a lot of CPU time, we recommend you simplify them if you can, or better yet convert them to Wild statements which are much more efficient. regexfile=<string> Specifies a POSIX extended regular expression to be applied to non-directories. No directories will be matched by this directive. However, note that the match is done against the full path and filename, so your regex string must take into account that filenames are preceded by the full path. If Exclude is not enabled, the regex will select which files are to be included. If Exclude=yes is specified, the regex will select which files are to be excluded. Multiple regex directives may be specified, and they will be applied in turn until the first one that matches. It is recommended to enclose the string in double quotes. The regex libraries differ from one operating system to another, and in addition, regular expressions are complicated, so you may want to test your expressions prior to running your backup by using the bregex program. Please see the Utilities chapter of this manual for more. regexdir=<string> Specifies a POSIX extended regular expression to be applied to directory names only. No filenames will be matched by this directive. Note, if Exclude is not enabled, the regex will select directories files are to be included. If Exclude=yes is specified, the regex will select which files are to be excluded. Multiple regex directives may be specified, and they will be applied in turn until the first one that matches. Note, if you exclude a directory, no files or directories below it will be matched. It is recommended to enclose the string in double quotes. The regex libraries differ from one operating system to another, and in addition, regular expressions are complicated, so you may want to test your expressions prior to running your backup by using the bregex program. Please see the Utilities chapter of this manual for more. exclude=yes|no The default is no. When enabled, any files matched within the Options will be excluded from the backup. aclsupport=yes|no The default is no. If this option is set to yes, and you have the POSIX libacl installed on your Linux system, Bareos will backup the file and directory Unix Access Control Lists (ACL) as defined in IEEE Std 1003.1e draft 17 and ”POSIX.1e” (abandoned). This feature is available on Unix systems only and requires the Linux ACL library. Bareos is automatically compiled with ACL support if the libacl library is installed on your Linux system (shown in config.out). While restoring the files Bareos will try to restore the ACLs, if there is no ACL support available on the system, Bareos restores the files and directories but not the ACL information. Please note, if you backup an EXT3 or XFS filesystem with ACLs, then you restore them to a different filesystem (perhaps reiserfs) that does not have ACLs, the ACLs will be ignored. For other operating systems there is support for either POSIX ACLs or the more extensible NFSv4 ACLs. The ACL stream format between Operation Systems is not compatible so for example an ACL saved on Linux cannot be restored on Solaris. The following Operating Systems are currently supported: 1. AIX (pre-5.3 (POSIX) and post 5.3 (POSIX and NFSv4) ACLs) 2. Darwin 3. FreeBSD (POSIX and NFSv4/ZFS ACLs) 4. HPUX 5. IRIX 6. Linux 7. Solaris (POSIX and NFSv4/ZFS ACLs) 8. Tru64 xattrsupport=yes|no The default is no. If this option is set to yes, and your operating system support either so called Extended Attributes or Extensible Attributes Bareos will backup the file and directory XATTR data. This feature is available on UNIX only and depends on support of some specific library calls in libc. The XATTR stream format between Operating Systems is not compatible so an XATTR saved on Linux cannot for example be restored on Solaris. On some operating systems ACLs are also stored as Extended Attributes (Linux, Darwin, FreeBSD) Bareos checks if you have the aclsupport option enabled and if so will not save the same info when saving extended attribute information. Thus ACLs are only saved once. The following Operating Systems are currently supported: 1. AIX (Extended Attributes) 2. Darwin (Extended Attributes) 3. FreeBSD (Extended Attributes) 4. IRIX (Extended Attributes) 5. Linux (Extended Attributes) 6. NetBSD (Extended Attributes) 7. Solaris (Extended Attributes and Extensible Attributes) 8. Tru64 (Extended Attributes) ignore case=yes|no The default is no. On Windows systems, you will almost surely want to set this to yes. When this directive is set to yes all the case of character will be ignored in wild-card and regex comparisons. That is an uppercase A will match a lowercase a. fstype=filesystem-type This option allows you to select files and directories by the filesystem type. The permitted filesystem-type names are: ext2, jfs, ntfs, proc, reiserfs, xfs, usbdevfs, sysfs, smbfs, iso9660. You may have multiple Fstype directives, and thus permit matching of multiple filesystem types within a single Options resource. If the type specified on the fstype directive does not match the filesystem for a particular directive, that directory will not be backed up. This directive can be used to prevent backing up non-local filesystems. Normally, when you use this directive, you would also set onefs=no so that Bareos will traverse filesystems. This option is not implemented in Win32 systems. DriveType=Windows-drive-type This option is effective only on Windows machines and is somewhat similar to the Unix/Linux fstype described above, except that it allows you to select what Windows drive types you want to allow. By default all drive types are accepted. The permitted drivetype names are: removable, fixed, remote, cdrom, ramdisk You may have multiple Driveype directives, and thus permit matching of multiple drive types within a single Options resource. If the type specified on the drivetype directive does not match the filesystem for a particular directive, that directory will not be backed up. This directive can be used to prevent backing up non-local filesystems. Normally, when you use this directive, you would also set onefs=no so that Bareos will traverse filesystems. This option is not implemented in Unix/Linux systems. hfsplussupport=yes|no This option allows you to turn on support for Mac OSX HFS plus finder information. strippath=<integer> This option will cause integer paths to be stripped from the front of the full path/filename being backed up. This can be useful if you are migrating data from another vendor or if you have taken a snapshot into some subdirectory. This directive can cause your filenames to be overlayed with regular backup data, so should be used only by experts and with great care. size=sizeoption This option will allow you to select files by their actual size. You can select either files smaller than a certain size or bigger then a certain size, files of a size in a certain range or files of a size which is within 1 % of its actual size. The following settings can be used: 1. <size>-<size> - Select file in range size - size. 2. <size - Select files smaller than size. 3. >size - Select files bigger than size. 4. size - Select files which are within 1 % of size. shadowing=none|localwarn|localremove|globalwarn|globalremove The default is none. This option performs a check within the fileset for any file-list entries which are shadowing each other. Lets say you specify / and /usr but /usr is not a seperate filesystem then in the normal situation both / and /usr would lead to data being backuped twice. The following settings can be used: 1. none - Do NO shadowing check 2. localwarn - Do shadowing check within one include block and warn 3. localremove - Do shadowing check within one include block and remove duplicates 4. globalwarn - Do shadowing check between all include blocks and warn 5. globalremove - Do shadowing check between all include blocks and remove duplicates The local and global part of the setting relate to the fact if the check should be performed only within one include block (local) or between multiple include blocks of the same fileset (global). The warn and remove part of the keyword sets the action e.g. warn the user about shadowing or remove the entry shadowing the other. meta=tag This option will add a meta tag to a fileset. These meta tags are used by the Native NDMP protocol to pass NDMP backup or restore environment variables via the Data Management Agent (DMA) in Bareos to the remote NDMP Data Agent. You can have zero or more metatags which are all passed to the remote NDMP Data Agent. #### 9.5.2 FileSet Exclude Ressource FileSet Exclude-Ressources very similar to Include-Ressources, except that they only allow following directives: File = < filename | dirname | |command | \<includefile-client | <includefile-server > Files to exclude are descripted in the same way as at the Include ressource. For example:  FileSet { Name = Exclusion_example Include { Options { Signature = SHA1 } File = / File = /boot File = /home File = /rescue File = /usr } Exclude { File = /proc File = /tmp # Don’t add trailing / File = .journal File = .autofsck } }  Configuration 9.10: FileSet using Exclude Another way to exclude files and directories is to use the Exclude option from the Include section. #### 9.5.3 FileSet Examples The following is an example of a valid FileSet resource definition. Note, the first Include pulls in the contents of the file /etc/backup.list when Bareos is started (i.e. the @), and that file must have each filename to be backed up preceded by a File = and on a separate line. FileSet { Name = "Full Set" Include { Options { Compression=GZIP signature=SHA1 Sparse = yes } @/etc/backup.list } Include { Options { wildfile = "*.o" wildfile = "*.exe" Exclude = yes } File = /root/myfile File = /usr/lib/another_file } } In the above example, all the files contained in /etc/backup.list will be compressed with GZIP compression, an SHA1 signature will be computed on the file’s contents (its data), and sparse file handling will apply. The two directories /root/myfile and /usr/lib/another_file will also be saved without any options, but all files in those directories with the extensions .o and .exe will be excluded. Let’s say that you now want to exclude the directory /tmp. The simplest way to do so is to add an exclude directive that lists /tmp. The example above would then become: FileSet { Name = "Full Set" Include { Options { Compression=GZIP signature=SHA1 Sparse = yes } @/etc/backup.list } Include { Options { wildfile = "*.o" wildfile = "*.exe" Exclude = yes } File = /root/myfile File = /usr/lib/another_file } Exclude { File = /tmp # don’t add trailing / } } You can add wild-cards to the File directives listed in the Exclude directory, but you need to take care because if you exclude a directory, it and all files and directories below it will also be excluded. Now lets take a slight variation on the above and suppose you want to save all your whole filesystem except /tmp. The problem that comes up is that Bareos will not normally cross from one filesystem to another. Doing a df command, you get the following output: [user@host]$ df
Filesystem      1k-blocks      Used Available Use% Mounted on
/dev/hda5         5044156    439232   4348692  10% /
/dev/hda1           62193      4935     54047   9% /boot
/dev/hda9        20161172   5524660  13612372  29% /home
/dev/hda2           62217      6843     52161  12% /rescue
/dev/hda8         5044156     42548   4745376   1% /tmp
/dev/hda6         5044156   2613132   2174792  55% /usr
none               127708         0    127708   0% /dev/shm
//minimatou/c$14099200 9895424 4203776 71% /mnt/mmatou lmatou:/ 1554264 215884 1258056 15% /mnt/matou lmatou:/home 2478140 1589952 760072 68% /mnt/matou/home lmatou:/usr 1981000 1199960 678628 64% /mnt/matou/usr lpmatou:/ 995116 484112 459596 52% /mnt/pmatou lpmatou:/home 19222656 2787880 15458228 16% /mnt/pmatou/home lpmatou:/usr 2478140 2038764 311260 87% /mnt/pmatou/usr deuter:/ 4806936 97684 4465064 3% /mnt/deuter deuter:/home 4806904 280100 4282620 7% /mnt/deuter/home deuter:/files 44133352 27652876 14238608 67% /mnt/deuter/files And we see that there are a number of separate filesystems (/ /boot /home /rescue /tmp and /usr not to mention mounted systems). If you specify only / in your Include list, Bareos will only save the Filesystem /dev/hda5. To save all filesystems except /tmp with out including any of the Samba or NFS mounted systems, and explicitly excluding a /tmp, /proc, .journal, and .autofsck, which you will not want to be saved and restored, you can use the following: FileSet { Name = Include_example Include { Options { wilddir = /proc wilddir = /tmp wildfile = "/.journal" wildfile = "/.autofsck" exclude = yes } File = / File = /boot File = /home File = /rescue File = /usr } } Since /tmp is on its own filesystem and it was not explicitly named in the Include list, it is not really needed in the exclude list. It is better to list it in the Exclude list for clarity, and in case the disks are changed so that it is no longer in its own partition. Now, lets assume you only want to backup .Z and .gz files and nothing else. This is a bit trickier because Bareos by default will select everything to backup, so we must exclude everything but .Z and .gz files. If we take the first example above and make the obvious modifications to it, we might come up with a FileSet that looks like this: FileSet { Name = "Full Set" Include { !!!!!!!!!!!! Options { This wildfile = "*.Z" example wildfile = "*.gz" doesn’t work } !!!!!!!!!!!! File = /myfile } } The *.Z and *.gz files will indeed be backed up, but all other files that are not matched by the Options directives will automatically be backed up too (i.e. that is the default rule). To accomplish what we want, we must explicitly exclude all other files. We do this with the following: FileSet { Name = "Full Set" Include { Options { wildfile = "*.Z" wildfile = "*.gz" } Options { Exclude = yes RegexFile = ".*" } File = /myfile } } The ”trick” here was to add a RegexFile expression that matches all files. It does not match directory names, so all directories in /myfile will be backed up (the directory entry) and any *.Z and *.gz files contained in them. If you know that certain directories do not contain any *.Z or *.gz files and you do not want the directory entries backed up, you will need to explicitly exclude those directories. Backing up a directory entries is not very expensive. Bareos uses the system regex library and some of them are different on different OSes. The above has been reported not to work on FreeBSD. This can be tested by using the estimate job=job-name listing command in the console and adapting the RegexFile expression appropriately. In a future version of Bareos, we will supply our own Regex code to avoid such system dependencies. Please be aware that allowing Bareos to traverse or change file systems can be very dangerous. For example, with the following: FileSet { Name = "Bad example" Include { Options { onefs=no } File = /mnt/matou } } you will be backing up an NFS mounted partition (/mnt/matou), and since onefs is set to no, Bareos will traverse file systems. Now if /mnt/matou has the current machine’s file systems mounted, as is often the case, you will get yourself into a recursive loop and the backup will never end. As a final example, let’s say that you have only one or two subdirectories of /home that you want to backup. For example, you want to backup only subdirectories beginning with the letter a and the letter b – i.e. /home/a* and /home/b*. Now, you might first try: FileSet { Name = "Full Set" Include { Options { wilddir = "/home/a*" wilddir = "/home/b*" } File = /home } } The problem is that the above will include everything in /home. To get things to work correctly, you need to start with the idea of exclusion instead of inclusion. So, you could simply exclude all directories except the two you want to use: FileSet { Name = "Full Set" Include { Options { RegexDir = "^/home/[c-z]" exclude = yes } File = /home } } And assuming that all subdirectories start with a lowercase letter, this would work. An alternative would be to include the two subdirectories desired and exclude everything else: FileSet { Name = "Full Set" Include { Options { wilddir = "/home/a*" wilddir = "/home/b*" } Options { RegexDir = ".*" exclude = yes } File = /home } } The following example shows how to back up only the My Pictures directory inside the My Documents directory for all users in C:/Documents and Settings, i.e. everything matching the pattern: C:/Documents and Settings/*/My Documents/My Pictures/* To understand how this can be achieved, there are two important points to remember: Firstly, Bareos walks over the filesystem depth-first starting from the File = lines. It stops descending when a directory is excluded, so you must include all ancestor directories of each directory containing files to be included. Secondly, each directory and file is compared to the Options clauses in the order they appear in the FileSet. When a match is found, no further clauses are compared and the directory or file is either included or excluded. The FileSet resource definition below implements this by including specifc directories and files and excluding everything else. FileSet { Name = "AllPictures" Include { File = "C:/Documents and Settings" Options { signature = SHA1 verify = s1 IgnoreCase = yes # Include all users’ directories so we reach the inner ones. Unlike a # WildDir pattern ending in *, this RegExDir only matches the top-level # directories and not any inner ones. RegExDir = "^C:/Documents and Settings/[^/]+$"

# Ditto all users’ My Documents directories.
WildDir = "C:/Documents and Settings/*/My Documents"

# Ditto all users’ My Documents/My Pictures directories.
WildDir = "C:/Documents and Settings/*/My Documents/My Pictures"

# Include the contents of the My Documents/My Pictures directories and
# any subdirectories.
Wild = "C:/Documents and Settings/*/My Documents/My Pictures/*"
}

Options {
Exclude = yes
IgnoreCase = yes

# Exclude everything else, in particular any files at the top level and
# any other directories or files in the users’ directories.
Wild = "C:/Documents and Settings/*"
}
}
}

#### 9.5.4 Windows FileSets

If you are entering Windows file names, the directory path may be preceded by the drive and a colon (as in c:). However, the path separators must be specified in Unix convention (i.e. forward slash (/)). If you wish to include a quote in a file name, precede the quote with a backslash (\). For example you might use the following for a Windows machine to backup the ”My Documents” directory:

 FileSet {   Name = "Windows Set"   Include {     Options {        WildFile = "*.obj"        WildFile = "*.exe"        exclude = yes      }      File = "c:/My Documents"   } }

Configuration 9.11: Windows FileSet

For exclude lists to work correctly on Windows, you must observe the following rules:

• Filenames are case sensitive, so you must use the correct case.
• To exclude a directory, you must not have a trailing slash on the directory name.
• If you have spaces in your filename, you must enclose the entire name in double-quote characters (”). Trying to use a backslash before the space will not work.
• If you are using the old Exclude syntax (noted below), you may not specify a drive letter in the exclude. The new syntax noted above should work fine including driver letters.

Thanks to Thiago Lima for summarizing the above items for us. If you are having difficulties getting includes or excludes to work, you might want to try using the estimate job=xxx listing command documented in the Console chapter of this manual.

On Win32 systems, if you move a directory or file or rename a file into the set of files being backed up, and a Full backup has already been made, Bareos will not know there are new files to be saved during an Incremental or Differential backup (blame Microsoft, not us). To avoid this problem, please copy any new directory or files into the backup area. If you do not have enough disk to copy the directory or files, move them, but then initiate a Full backup.

Example Fileset for Windows The following example demostrates a Windows FileSet. It backups all data from all fixed drives and only excludes some Windows temporary data.

 FileSet {   Name = "Windows All Drives"   Enable VSS = yes   Include {     Options {       Signature = MD5       Drive Type = fixed       IgnoreCase = yes       WildFile = "[A-Z]:/pagefile.sys"       WildDir = "[A-Z]:/RECYCLER"       WildDir = "[A-Z]:/$RECYCLE.BIN" WildDir = "[A-Z]:/System Volume Information" Exclude = yes } File = / } }  Configuration 9.12: Windows All Drives FileSet File = / includes all Windows drives. Using Drive Type = fixed excludes drives like USB-Stick or CD-ROM Drive. Using WildDir = "[A-Z]:/RECYCLER" excludes the backup of the directory RECYCLER from all drives. #### 9.5.5 Testing Your FileSet If you wish to get an idea of what your FileSet will really backup or if your exclusion rules will work correctly, you can test it by using the estimate command in the Console program. See the estimate in the Console chapter of this manual. As an example, suppose you add the following test FileSet: FileSet { Name = Test Include { File = /home/xxx/test Options { regex = ".*\\.c$"
}
}
}

You could then add some test files to the directory /home/xxx/test and use the following command in the console:

estimate job=<any-job-name> listing client=<desired-client> fileset=Test

to give you a listing of all files that match. In the above example, it should be only files with names ending in .c.

### 9.6 Client Resource

The Client resource defines the attributes of the Clients that are served by this Director; that is the machines that are to be backed up. You will need one Client resource definition for each machine to be backed up.

Client (or FileDaemon)
Start of the Client directives.
Name = <name>

The client name which will be used in the Job resource directive or in the console run command. This directive is required.
Protocol = <protocolname>

The backup protocol to use to run the Job. If not set it will default to Native currently the director understand the following protocols:
1. Native - The native Bareos protocol
2. NDMP - The NDMP protocol
Authtype = <Client-Authtype>

Specifies the authentication type that must be supplied when connecting to a backup protocol that uses a specific authentication type.

The following values are allowed:

1. None - Use no password
2. Clear - Use clear text password
3. MD5 - Use MD5 hashing

Where the address is a host name, a fully qualified domain name, or a network address in dotted quad notation for a Bareos File server daemon. This directive is required.
FD Port = <port-number>

Where the port is a port number at which the Bareos File server daemon can be contacted. The default is 9102. For NDMP backups set this to 10000.
Catalog = <Catalog-resource-name>

This specifies the name of the catalog resource to be used for this Client. If none is specified the first defined catalog is used.

Specifies the username that must be supplied when authenticating. Only used for the non Native protocols at the moment.

This is the password to be used when establishing a connection with the File services, so the Client configuration file on the machine to be backed up must have the same password defined for this Director. This directive is required. If you have either /dev/random bc on your machine, Bareos will generate a random password during the configuration process, otherwise it will be left blank.

The password is plain text. It is not generated through any special process, but it is preferable for security reasons to make the text random.

Hard Quota = <amount>

This is the maximal amount this client can backup before any backup Job will be aborted.
Soft Quota = <amount>

This is the amount after which there will be a warning issued that a client is over his softquota. A client can keep doing backups until it hits the hardquota or when the Soft Quota Graceperiod is expired.
Soft Quota Grace Period = <time interval>

Time allowed for a client to be over its softquota before it will be enforced.
Strict Quotas = <yes|no>

The directive Strict Quotas determines, if after the Grace Time Period is over, the Burst Limit is enforced (Strict Quotas = No) or the Soft Limit is enforced (Strict Quotas = Yes).
Quota Include Failed Jobs = <yes|no>

When calculating the amount a client used take into consideration any failed Jobs. Default Yes.
File Retention = <time-period-specification>

The File Retention directive defines the length of time that Bareos will keep File records in the Catalog database after the End time of the Job corresponding to the File records. When this time period expires, and if AutoPrune is set to yes Bareos will prune (remove) File records that are older than the specified File Retention period. Note, this affects only records in the catalog database. It does not affect your archive backups.

File records may actually be retained for a shorter period than you specify on this directive if you specify either a shorter Job Retention or a shorter Volume Retention period. The shortest retention period of the three takes precedence. The time may be expressed in seconds, minutes, hours, days, weeks, months, quarters, or years. See the Configuration chapter of this manual for additional details of time specification.

The default is 60 days.

Job Retention = <time-period-specification>

The Job Retention directive defines the length of time that Bareos will keep Job records in the Catalog database after the Job End time. When this time period expires, and if AutoPrune is set to yes Bareos will prune (remove) Job records that are older than the specified File Retention period. As with the other retention periods, this affects only records in the catalog and not data in your archive backup.

If a Job record is selected for pruning, all associated File and JobMedia records will also be pruned regardless of the File Retention period set. As a consequence, you normally will set the File retention period to be less than the Job retention period. The Job retention period can actually be less than the value you specify here if you set the Volume Retention directive in the Pool resource to a smaller duration. This is because the Job retention period and the Volume retention period are independently applied, so the smaller of the two takes precedence.

The Job retention period is specified as seconds, minutes, hours, days, weeks, months, quarters, or years. See the Configuration chapter of this manual for additional details of time specification.

The default is 180 days.

AutoPrune = <yes|no>

If AutoPrune is set to yes (default), Bareos (version 1.20 or greater) will automatically apply the File retention period and the Job retention period for the Client at the end of the Job. If you set AutoPrune = no, pruning will not be done, and your Catalog will grow in size each time you run a Job. Pruning affects only information in the catalog and not data stored in the backup archives (on Volumes).
Maximum Concurrent Jobs = <number>

where <number> is the maximum number of Jobs with the current Client that can run concurrently. Note, this directive limits only Jobs for Clients with the same name as the resource in which it appears. Any other restrictions on the maximum concurrent jobs such as in the Director, Job, or Storage resources will also apply in addition to any limit specified here. The default is set to 1, but you may set it to a larger number.
Maximum Bandwidth Per Job = <speed>

The speed parameter specifies the maximum allowed bandwidth that a job may use when started for this Client. The speed parameter should be specified in k/s, Kb/s, m/s or Mb/s.
NDMP Loglevel = <level>

This directive sets the loglevel for the NDMP protocol library.
NDMP Blocksize = <blocksize>

This directive sets the default NDMP blocksize for this client.
Priority = <number>

The number specifies the priority of this client relative to other clients that the Director is processing simultaneously. The priority can range from 1 to 1000. The clients are ordered such that the smaller number priorities are performed first (not currently implemented).

The following is an example of a valid Client resource definition:

Client {
Name = minimatou
}

### 9.7 Storage Resource

The Storage resource defines which Storage daemons are available for use by the Director.

Storage
Start of the Storage resources. At least one storage resource must be specified.
Name = <name>

The name of the storage resource. This name appears on the Storage directive specified in the Job resource and is required.

Where the address is a host name, a fully qualified domain name, or an IP address. Please note that the <address> as specified here will be transmitted to the File daemon who will then use it to contact the Storage daemon. Hence, it is not, a good idea to use localhost as the name but rather a fully qualified machine name or an IP address. This directive is required.
SD Port = <port>

Where port is the port to use to contact the storage daemon for information and to start jobs. This same port number must appear in the Storage resource of the Storage daemon’s configuration file. The default is 9103.

This is the password to be used when establishing a connection with the Storage services. This same password also must appear in the Director resource of the Storage daemon’s configuration file. This directive is required. If you have either /dev/random bc on your machine, Bareos will generate a random password during the configuration process, otherwise it will be left blank.

The password is plain text. It is not generated through any special process, but it is preferable for security reasons to use random text.

Device = <device-name>

This directive specifies the Storage daemon’s name of the device resource to be used for the storage. If you are using an Autochanger, the name specified here should be the name of the Storage daemon’s Autochanger resource rather than the name of an individual device. This name is not the physical device name, but the logical device name as defined on the Name directive contained in the Device or the Autochanger resource definition of the Storage daemon configuration file. You can specify any name you would like (even the device name if you prefer) up to a maximum of 127 characters in length. The physical device name associated with this device is specified in the Storage daemon configuration file (as Archive Device). Please take care not to define two different Storage resource directives in the Director that point to the same Device in the Storage daemon. Doing so may cause the Storage daemon to block (or hang) attempting to open the same device that is already open. This directive is required.

Media Type = <MediaType>

This directive specifies the Media Type to be used to store the data. This is an arbitrary string of characters up to 127 maximum that you define. It can be anything you want. However, it is best to make it descriptive of the storage media (e.g. File, DAT, ”HP DLT8000”, 8mm, ...). In addition, it is essential that you make the Media Type specification unique for each storage media type. If you have two DDS-4 drives that have incompatible formats, or if you have a DDS-4 drive and a DDS-4 autochanger, you almost certainly should specify different Media Types. During a restore, assuming a DDS-4 Media Type is associated with the Job, Bareos can decide to use any Storage daemon that supports Media Type DDS-4 and on any drive that supports it.

If you are writing to disk Volumes, you must make doubly sure that each Device resource defined in the Storage daemon (and hence in the Director’s conf file) has a unique media type. Otherwise for Bareos versions 1.38 and older, your restores may not work because Bareos will assume that you can mount any Media Type with the same name on any Device associated with that Media Type. This is possible with tape drives, but with disk drives, unless you are very clever you cannot mount a Volume in any directory – this can be done by creating an appropriate soft link.

Currently Bareos permits only a single Media Type per Storage and Device definition. Consequently, if you have a drive that supports more than one Media Type, you can give a unique string to Volumes with different intrinsic Media Type (Media Type = DDS-3-4 for DDS-3 and DDS-4 types), but then those volumes will only be mounted on drives indicated with the dual type (DDS-3-4).

If you want to tie Bareos to using a single Storage daemon or drive, you must specify a unique Media Type for that drive. This is an important point that should be carefully understood. Note, this applies equally to Disk Volumes. If you define more than one disk Device resource in your Storage daemon’s conf file, the Volumes on those two devices are in fact incompatible because one can not be mounted on the other device since they are found in different directories. For this reason, you probably should use two different Media Types for your two disk Devices (even though you might think of them as both being File types). You can find more on this subject in the Basic Volume Management chapter of this manual.

The MediaType specified in the Director’s Storage resource, must correspond to the Media Type specified in the Device resource of the Storage daemon configuration file. This directive is required, and it is used by the Director and the Storage daemon to ensure that a Volume automatically selected from the Pool corresponds to the physical device. If a Storage daemon handles multiple devices (e.g. will write to various file Volumes on different partitions), this directive allows you to specify exactly which device.

As mentioned above, the value specified in the Director’s Storage resource must agree with the value specified in the Device resource in the Storage daemon’s configuration file. It is also an additional check so that you don’t try to write data for a DLT onto an 8mm device.

Autochanger = <yes|no>

If you specify yes for this command (the default is no), when you use the label command or the add command to create a new Volume, Bareos will also request the Autochanger Slot number. This simplifies creating database entries for Volumes in an autochanger. If you forget to specify the Slot, the autochanger will not be used. However, you may modify the Slot associated with a Volume at any time by using the update volume or update slots command in the console program. When autochanger is enabled, the algorithm used by Bareos to search for available volumes will be modified to consider only Volumes that are known to be in the autochanger’s magazine. If no in changer volume is found, Bareos will attempt recycling, pruning, ..., and if still no volume is found, Bareos will search for any volume whether or not in the magazine. By privileging in changer volumes, this procedure minimizes operator intervention. The default is no.

For the autochanger to be used, you must also specify Autochanger = yes in the Device Resource in the Storage daemon’s configuration file as well as other important Storage daemon configuration information. Please consult the Using Autochangers manual of this chapter for the details of using autochangers.

Maximum Concurrent Jobs = <number>

where <number> is the maximum number of Jobs with the current Storage resource that can run concurrently. Note, this directive limits only Jobs for Jobs using this Storage daemon. Any other restrictions on the maximum concurrent jobs such as in the Director, Job, or Client resources will also apply in addition to any limit specified here. The default is set to 1, but you may set it to a larger number. However, if you set the Storage daemon’s number of concurrent jobs greater than one, we recommend that you read the waring documented under Maximum Concurrent Jobs in the Director’s resource or simply turn data spooling on as documented in the Data Spooling chapter of this manual.
Maximum Concurrent Read Jobs = <number>

where <number> is the maximum number of Jobs with the current Storage resource that can read concurrently.
AllowCompression = <yes|no>

This directive is optional, and if you specify No (the default is Yes), it will cause backups jobs running on this storage resource to run without client File Daemon compression. This effectively overrides compression options in FileSets used by jobs which use this storage resource.

Heartbeat Interval = <time-interval>

This directive is optional and if specified will cause the Director to set a keepalive interval (heartbeat) in seconds on each of the sockets it opens for the Storage resource. This value will override any specified at the Director level. It is implemented only on systems (Linux, ...) that provide the setsockopt TCP_KEEPIDLE function. The default value is zero, which means no change is made to the socket.
Paired Storage = <Storage-resource-name>

For NDMP backups this points to the definition of the Native Storage that is accesses via the NDMP protocol. For now we only support NDMP backups and restores to access Native Storage Daemons via the NDMP protocol. In the future we might allow to use Native NDMP storage which is not bound to a Bareos Storage Daemon.

The following is an example of a valid Storage resource definition:

# Definition of tape storage device
Storage {
Name = DLTDrive
Device = "HP DLT 80"    # same as Device in Storage daemon
Media Type = DLT8000    # same as MediaType in Storage daemon
}

### 9.8 Pool Resource

The Pool resource defines the set of storage Volumes (tapes or files) to be used by Bareos to write the data. By configuring different Pools, you can determine which set of Volumes (media) receives the backup data. This permits, for example, to store all full backup data on one set of Volumes and all incremental backups on another set of Volumes. Alternatively, you could assign a different set of Volumes to each machine that you backup. This is most easily done by defining multiple Pools.

Another important aspect of a Pool is that it contains the default attributes (Maximum Jobs, Retention Period, Recycle flag, ...) that will be given to a Volume when it is created. This avoids the need for you to answer a large number of questions when labeling a new Volume. Each of these attributes can later be changed on a Volume by Volume basis using the update command in the console program. Note that you must explicitly specify which Pool Bareos is to use with each Job. Bareos will not automatically search for the correct Pool.

Most often in Bareos installations all backups for all machines (Clients) go to a single set of Volumes. In this case, you will probably only use the Default Pool. If your backup strategy calls for you to mount a different tape each day, you will probably want to define a separate Pool for each day. For more information on this subject, please see the Backup Strategies chapter of this manual.

To use a Pool, there are three distinct steps. First the Pool must be defined in the Director’s configuration file. Then the Pool must be written to the Catalog database. This is done automatically by the Director each time that it starts, or alternatively can be done using the create command in the console program. Finally, if you change the Pool definition in the Director’s configuration file and restart Bareos, the pool will be updated alternatively you can use the update pool console command to refresh the database image. It is this database image rather than the Director’s resource image that is used for the default Volume attributes. Note, for the pool to be automatically created or updated, it must be explicitly referenced by a Job resource.

Next the physical media must be labeled. The labeling can either be done with the label command in the console program or using the btape program. The preferred method is to use the label command in the console program.

Finally, you must add Volume names (and their attributes) to the Pool. For Volumes to be used by Bareos they must be of the same Media Type as the archive device specified for the job (i.e. if you are going to back up to a DLT device, the Pool must have DLT volumes defined since 8mm volumes cannot be mounted on a DLT drive). The Media Type has particular importance if you are backing up to files. When running a Job, you must explicitly specify which Pool to use. Bareos will then automatically select the next Volume to use from the Pool, but it will ensure that the Media Type of any Volume selected from the Pool is identical to that required by the Storage resource you have specified for the Job.

If you use the label command in the console program to label the Volumes, they will automatically be added to the Pool, so this last step is not normally required.

It is also possible to add Volumes to the database without explicitly labeling the physical volume. This is done with the add console command.

As previously mentioned, each time Bareos starts, it scans all the Pools associated with each Catalog, and if the database record does not already exist, it will be created from the Pool Resource definition. Bareos probably should do an update pool if you change the Pool definition, but currently, you must do this manually using the update pool command in the Console program.

The Pool Resource defined in the Director’s configuration file (bareos-dir.conf) may contain the following directives:

Pool
Start of the Pool resource. There must be at least one Pool resource defined.
Name = <name>

The name of the pool. For most applications, you will use the default pool name Default. This directive is required.

Maximum Volumes = <number>

This directive specifies the maximum number of volumes (tapes or files) contained in the pool. This directive is optional, if omitted or set to zero, any number of volumes will be permitted. In general, this directive is useful for Autochangers where there is a fixed number of Volumes, or for File storage where you wish to ensure that the backups made to disk files do not become too numerous or consume too much space.
Pool Type = <type>

This directive defines the pool type, which corresponds to the type of Job being run. It is required and may be one of the following:
Backup
*Archive
*Cloned
*Migration
*Copy
*Save

Note, only Backup is currently implemented.

Storage = <storage-resource-name>

The Storage directive defines the name of the storage services where you want to backup the FileSet data. For additional details, see the Storage Resource Chapter of this manual. The Storage resource may also be specified in the Job resource, but the value, if any, in the Pool resource overrides any value in the Job. This Storage resource definition is not required by either the Job resource or in the Pool, but it must be specified in one or the other. If not configuration error will result.
Use Volume Once = <yes|no>

This directive if set to yes specifies that each volume is to be used only once. This is most useful when the Media is a file and you want a new file for each backup that is done. The default is no (i.e. use volume any number of times). This directive will most likely be phased out (deprecated), so you are recommended to use Maximum Volume Jobs = 1 instead.

The value defined by this directive in the bareos-dir.conf file is the default value used when a Volume is created. Once the volume is created, changing the value in the bareos-dir.conf file will not change what is stored for the Volume. To change the value for an existing Volume you must use the update command in the Console.

Please see the notes below under Maximum Volume Jobs concerning using this directive with multiple simultaneous jobs.

Maximum Volume Jobs = <positive-integer>

This directive specifies the maximum number of Jobs that can be written to the Volume. If you specify zero (the default), there is no limit. Otherwise, when the number of Jobs backed up to the Volume equals positive-integer the Volume will be marked Used. When the Volume is marked Used it can no longer be used for appending Jobs, much like the Full status but it can be recycled if recycling is enabled, and thus used again. By setting MaximumVolumeJobs to one, you get the same effect as setting UseVolumeOnce = yes.

The value defined by this directive in the bareos-dir.conf file is the default value used when a Volume is created. Once the volume is created, changing the value in the bareos-dir.conf file will not change what is stored for the Volume. To change the value for an existing Volume you must use the update command in the Console.

If you are running multiple simultaneous jobs, this directive may not work correctly because when a drive is reserved for a job, this directive is not taken into account, so multiple jobs may try to start writing to the Volume. At some point, when the Media record is updated, multiple simultaneous jobs may fail since the Volume can no longer be written.

Maximum Volume Files = <positive-integer>

This directive specifies the maximum number of files that can be written to the Volume. If you specify zero (the default), there is no limit. Otherwise, when the number of files written to the Volume equals positive-integer the Volume will be marked Used. When the Volume is marked Used it can no longer be used for appending Jobs, much like the Full status but it can be recycled if recycling is enabled and thus used again. This value is checked and the Used status is set only at the end of a job that writes to the particular volume.

The value defined by this directive in the bareos-dir.conf file is the default value used when a Volume is created. Once the volume is created, changing the value in the bareos-dir.conf file will not change what is stored for the Volume. To change the value for an existing Volume you must use the update command in the Console.

Maximum Volume Bytes = <size>

This directive specifies the maximum number of bytes that can be written to the Volume. If you specify zero (the default), there is no limit except the physical size of the Volume. Otherwise, when the number of bytes written to the Volume equals size the Volume will be marked Used. When the Volume is marked Used it can no longer be used for appending Jobs, much like the Full status but it can be recycled if recycling is enabled, and thus the Volume can be re-used after recycling. This value is checked and the Used status set while the job is writing to the particular volume.

This directive is particularly useful for restricting the size of disk volumes, and will work correctly even in the case of multiple simultaneous jobs writing to the volume.

The value defined by this directive in the bareos-dir.conf file is the default value used when a Volume is created. Once the volume is created, changing the value in the bareos-dir.conf file will not change what is stored for the Volume. To change the value for an existing Volume you must use the update command in the Console.

Volume Use Duration = <time-period-specification>
(default: 0 (no limit))
The Volume Use Duration directive defines the time period that the Volume can be written beginning from the time of first data write to the Volume. If the time-period specified is zero (the default), the Volume can be written indefinitely. Otherwise, the next time a job runs that wants to access this Volume, and the time period from the first write to the volume (the first Job written) exceeds the time-period-specification, the Volume will be marked Used, which means that no more Jobs can be appended to the Volume, but it may be recycled if recycling is enabled. Once the Volume is recycled, it will be available for use again.

You might use this directive, for example, if you have a Volume used for Incremental backups, and Volumes used for Weekly Full backups. Once the Full backup is done, you will want to use a different Incremental Volume. This can be accomplished by setting the Volume Use Duration for the Incremental Volume to six days. I.e. it will be used for the 6 days following a Full save, then a different Incremental volume will be used. Be careful about setting the duration to short periods such as 23 hours, or you might experience problems of Bareos waiting for a tape over the weekend only to complete the backups Monday morning when an operator mounts a new tape.

Please note that the value defined by this directive in the bareos-dir.conf file is the default value used when a Volume is created. Once the volume is created, changing the value in the bareos-dir.conf file will not change what is stored for the Volume. To change the value for an existing Volume you must use the update volume command in the Console.

Catalog Files = <yes|no>

This directive defines whether or not you want the names of the files that were saved to be put into the catalog. The default is yes. The advantage of specifying Catalog Files = No is that you will have a significantly smaller Catalog database. The disadvantage is that you will not be able to produce a Catalog listing of the files backed up for each Job (this is often called Browsing). Also, without the File entries in the catalog, you will not be able to use the Console restore command nor any other command that references File entries.
Catalog = <Catalog-resource-name>

This specifies the name of the catalog resource to be used for this Pool. When a catalog is defined in a Pool it will override the definition in the client (and the Catalog definition in a Job since 13.4.0). e.g. this catalog setting takes precedence over any other definition.

AutoPrune = <yes|no>

If AutoPrune is set to yes (default), Bareos (version 1.20 or greater) will automatically apply the Volume Retention period when new Volume is needed and no appendable Volumes exist in the Pool. Volume pruning causes expired Jobs (older than the Volume Retention period) to be deleted from the Catalog and permits possible recycling of the Volume.

Volume Retention = <time-period-specification>

The Volume Retention directive defines the length of time that Bareos will keep records associated with the Volume in the Catalog database after the End time of each Job written to the Volume. When this time period expires, and if AutoPrune is set to yes Bareos may prune (remove) Job records that are older than the specified Volume Retention period if it is necessary to free up a Volume. Recycling will not occur until it is absolutely necessary to free up a volume (i.e. no other writable volume exists). All File records associated with pruned Jobs are also pruned. The time may be specified as seconds, minutes, hours, days, weeks, months, quarters, or years. The Volume Retention is applied independently of the Job Retention and the File Retention periods defined in the Client resource. This means that all the retentions periods are applied in turn and that the shorter period is the one that effectively takes precedence. Note, that when the Volume Retention period has been reached, and it is necessary to obtain a new volume, Bareos will prune both the Job and the File records. This pruning could also occur during a status dir command because it uses similar algorithms for finding the next available Volume.

It is important to know that when the Volume Retention period expires, Bareos does not automatically recycle a Volume. It attempts to keep the Volume data intact as long as possible before over writing the Volume.

By defining multiple Pools with different Volume Retention periods, you may effectively have a set of tapes that is recycled weekly, another Pool of tapes that is recycled monthly and so on. However, one must keep in mind that if your Volume Retention period is too short, it may prune the last valid Full backup, and hence until the next Full backup is done, you will not have a complete backup of your system, and in addition, the next Incremental or Differential backup will be promoted to a Full backup. As a consequence, the minimum Volume Retention period should be at twice the interval of your Full backups. This means that if you do a Full backup once a month, the minimum Volume retention period should be two months.

The default Volume retention period is 365 days, and either the default or the value defined by this directive in the bareos-dir.conf file is the default value used when a Volume is created. Once the volume is created, changing the value in the bareos-dir.conf file will not change what is stored for the Volume. To change the value for an existing Volume you must use the update command in the Console.

Action On Purge = <Truncate>

This directive ActionOnPurge=Truncate instructs Bareos to truncate the volume when it is purged with the purge volume action=truncate command. It is useful to prevent disk based volumes from consuming too much space.

Pool {
Name = Default
Action On Purge = Truncate
...
}

You can schedule the truncate operation at the end of your CatalogBackup job like in this example:

Job {
Name = CatalogBackup
...
RunScript {
RunsWhen=After
RunsOnClient=No
Console = "purge volume action=all allpools storage=File"
}
}

NextPool = <pool-resource-name>

This directive specifies the Next pool a Migration or Copy Job and a Virtual Backup Job will write their data too.

ScratchPool = <pool-resource-name>

This directive permits to specify a dedicate Scratch for the current pool. This pool will replace the special pool named Scrach for volume selection. For more information about Scratch see Scratch Pool section of this manual. This is useful when using multiple storage sharing the same mediatype or when you want to dedicate volumes to a particular set of pool.

RecyclePool = <pool-resource-name>

This directive defines to which pool the Volume will be placed (moved) when it is recycled. Without this directive, a Volume will remain in the same pool when it is recycled. With this directive, it can be moved automatically to any existing pool during a recycle. This directive is probably most useful when defined in the Scratch pool, so that volumes will be recycled back into the Scratch pool. For more on the see the Scratch Pool section of this manual.

Although this directive is called RecyclePool, the Volume in question is actually moved from its current pool to the one you specify on this directive when Bareos prunes the Volume and discovers that there are no records left in the catalog and hence marks it as Purged.

Recycle = <yes|no>

This directive specifies whether or not Purged Volumes may be recycled. If it is set to yes (default) and Bareos needs a volume but finds none that are appendable, it will search for and recycle (reuse) Purged Volumes (i.e. volumes with all the Jobs and Files expired and thus deleted from the Catalog). If the Volume is recycled, all previous data written to that Volume will be overwritten. If Recycle is set to no, the Volume will not be recycled, and hence, the data will remain valid. If you want to reuse (re-write) the Volume, and the recycle flag is no (0 in the catalog), you may manually set the recycle flag (update command) for a Volume to be reused.

Please note that the value defined by this directive in the bareos-dir.conf file is the default value used when a Volume is created. Once the volume is created, changing the value in the bareos-dir.conf file will not change what is stored for the Volume. To change the value for an existing Volume you must use the update command in the Console.

When all Job and File records have been pruned or purged from the catalog for a particular Volume, if that Volume is marked as Append, Full, Used, or Error, it will then be marked as Purged. Only Volumes marked as Purged will be considered to be converted to the Recycled state if the Recycle directive is set to yes.

Recycle Oldest Volume = <yes|no>

This directive instructs the Director to search for the oldest used Volume in the Pool when another Volume is requested by the Storage daemon and none are available. The catalog is then pruned respecting the retention periods of all Files and Jobs written to this Volume. If all Jobs are pruned (i.e. the volume is Purged), then the Volume is recycled and will be used as the next Volume to be written. This directive respects any Job, File, or Volume retention periods that you may have specified, and as such it is much better to use this directive than the Purge Oldest Volume.

This directive can be useful if you have a fixed number of Volumes in the Pool and you want to cycle through them and you have specified the correct retention periods.

However, if you use this directive and have only one Volume in the Pool, you will immediately recycle your Volume if you fill it and Bareos needs another one. Thus your backup will be totally invalid. Please use this directive with care. The default is no.

Recycle Current Volume = <yes|no>

If Bareos needs a new Volume, this directive instructs Bareos to Prune the volume respecting the Job and File retention periods. If all Jobs are pruned (i.e. the volume is Purged), then the Volume is recycled and will be used as the next Volume to be written. This directive respects any Job, File, or Volume retention periods that you may have specified, and thus it is much better to use it rather than the Purge Oldest Volume directive.

This directive can be useful if you have: a fixed number of Volumes in the Pool, you want to cycle through them, and you have specified retention periods that prune Volumes before you have cycled through the Volume in the Pool.

However, if you use this directive and have only one Volume in the Pool, you will immediately recycle your Volume if you fill it and Bareos needs another one. Thus your backup will be totally invalid. Please use this directive with care. The default is no.

Purge Oldest Volume = <yes|no>

This directive instructs the Director to search for the oldest used Volume in the Pool when another Volume is requested by the Storage daemon and none are available. The catalog is then purged irrespective of retention periods of all Files and Jobs written to this Volume. The Volume is then recycled and will be used as the next Volume to be written. This directive overrides any Job, File, or Volume retention periods that you may have specified.

This directive can be useful if you have a fixed number of Volumes in the Pool and you want to cycle through them and reusing the oldest one when all Volumes are full, but you don’t want to worry about setting proper retention periods. However, by using this option you risk losing valuable data.

Please be aware that Purge Oldest Volume disregards all retention periods. If you have only a single Volume defined and you turn this variable on, that Volume will always be immediately overwritten when it fills! So at a minimum, ensure that you have a decent number of Volumes in your Pool before running any jobs. If you want retention periods to apply do not use this directive. To specify a retention period, use the Volume Retention directive (see above).

We highly recommend against using this directive, because it is sure that some day, Bareos will recycle a Volume that contains current data. The default is no.

File Retention = <time-period-specification>

The File Retention directive defines the length of time that Bareos will keep File records in the Catalog database after the End time of the Job corresponding to the File records.

This directive takes precedence over Client directives of the same name. For example, you can decide to increase Retention times for Archive or OffSite Pool.

Note, this affects only records in the catalog database. It does not affect your archive backups.

Job Retention = <time-period-specification>

The Job Retention directive defines the length of time that Bareos will keep Job records in the Catalog database after the Job End time. As with the other retention periods, this affects only records in the catalog and not data in your archive backup.

This directive takes precedence over Client directives of the same name. For example, you can decide to increase Retention times for Archive or OffSite Pool.

Cleaning Prefix = <string>

This directive defines a prefix string, which if it matches the beginning of a Volume name during labeling of a Volume, the Volume will be defined with the VolStatus set to Cleaning and thus Bareos will never attempt to use this tape. This is primarily for use with autochangers that accept barcodes where the convention is that barcodes beginning with CLN are treated as cleaning tapes.

The default value for this directive is consequently set to CLN, so that in most cases the cleaning tapes are automatically recognized without configuration. If you use another prefix for your cleaning tapes, you can set this directive accordingly.

Label Format = <format>

This directive specifies the format of the labels contained in this pool. The format directive is used as a sort of template to create new Volume names during automatic Volume labeling.

The format should be specified in double quotes, and consists of letters, numbers and the special characters hyphen (-), underscore (_), colon (:), and period (.), which are the legal characters for a Volume name. The format should be enclosed in double quotes (”).

In addition, the format may contain a number of variable expansion characters which will be expanded by a complex algorithm allowing you to create Volume names of many different formats. In all cases, the expansion process must resolve to the set of characters noted above that are legal Volume names. Generally, these variable expansion characters begin with a dollar sign ($) or a left bracket ([). If you specify variable expansion characters, you should always enclose the format with double quote characters (). For more details on variable expansion, please see the Variable Expansion Chapter of this manual. If no variable expansion characters are found in the string, the Volume name will be formed from the format string appended with the a unique number that increases. If you do not remove volumes from the pool, this number should be the number of volumes plus one, but this is not guaranteed. The unique number will be edited as four digits with leading zeros. For example, with a Label Format = ”File-”, the first volumes will be named File-0001, File-0002, ... With the exception of Job specific variables, you can test your LabelFormat by using the var command the Console Chapter of this manual. In almost all cases, you should enclose the format specification (part after the equal sign) in double quotes. Please note that this directive is deprecated and is replaced in version 1.37 and greater with a Python script for creating volume names. In order for a Pool to be used during a Backup Job, the Pool must have at least one Volume associated with it. Volumes are created for a Pool using the label or the add commands in the Bareos Console, program. In addition to adding Volumes to the Pool (i.e. putting the Volume names in the Catalog database), the physical Volume must be labeled with a valid Bareos software volume label before Bareos will accept the Volume. This will be automatically done if you use the label command. Bareos can automatically label Volumes if instructed to do so, but this feature is not yet fully implemented. The following is an example of a valid Pool resource definition: Pool { Name = Default Pool Type = Backup } #### 9.8.1 Scratch Pool In general, you can give your Pools any name you wish, but there is one important restriction: the Pool named Scratch, if it exists behaves like a scratch pool of Volumes in that when Bareos needs a new Volume for writing and it cannot find one, it will look in the Scratch pool, and if it finds an available Volume, it will move it out of the Scratch pool into the Pool currently being used by the job. ### 9.9 Catalog Resource The Catalog Resource defines what catalog to use for the current job. Currently, Bareos can only handle a single database server (SQLite, MySQL, PostgreSQL) that is defined when configuring Bareos. However, there may be as many Catalogs (databases) defined as you wish. For example, you may want each Client to have its own Catalog database, or you may want backup jobs to use one database and verify or restore jobs to use another database. Since SQLite is compiled in, it always runs on the same machine as the Director and the database must be directly accessible (mounted) from the Director. However, since both MySQL and PostgreSQL are networked databases, they may reside either on the same machine as the Director or on a different machine on the network. See below for more details. Catalog Start of the Catalog resource. At least one Catalog resource must be defined. Name = <name> The name of the Catalog. No necessary relation to the database server name. This name will be specified in the Client resource directive indicating that all catalog data for that Client is maintained in this Catalog. This directive is required. dbdriver = <postgresql | mysql | sqlite> (required) Selects the database type to use. dbname = <name> (required) This specifies the name of the database. If you use multiple catalogs (databases), you specify which one here. If you are using an external database server rather than the internal one, you must specify a name that is known to the server (i.e. you explicitly created the Bareos tables using this name). dbuser = <user> (required) This specifies what user name to use to log into the database. dbpassword = <password> (required) This specifies the password to use when logging into the database. DB Socket = <socket-name> This is the name of a socket to use on the local host to connect to the database. This directive is used only by MySQL and is ignored by SQLite. Normally, if neither DB Socket or DB Address are specified, MySQL will use the default socket. If the DB Socket is specified, the MySQL server must reside on the same machine as the Director. DB Address = <address> This is the host address of the database server. Normally, you would specify this instead of DB Socket if the database server is on another machine. In that case, you will also specify DB Port. This directive is used only by MySQL and PostgreSQL and is ignored by SQLite if provided. This directive is optional. DB Port = <port> This defines the port to be used in conjunction with DB Address to access the database if it is on another machine. This directive is used only by MySQL and PostgreSQL and is ignored by SQLite if provided. This directive is optional. Disable Batch Insert = <yes|no> This directive allows you to override at runtime if the Batch insert should be enabled or disabled. Normally this is determined by querying the database library if it is thread-safe. If you think that disabling Batch insert will make your backup run faster you may disable it using this option and set it to Yes Min Connections = <Number> This directive is used by the experimental database pooling functionality. Only use this for non production sites. This sets the minimum number of connections to a database to keep in this database pool. Max Connections = <Number> This directive is used by the experimental database pooling functionality. Only use this for non production sites. This sets the maximum number of connections to a database to keep in this database pool. Inc Connections = <Number> This directive is used by the experimental database pooling functionality. Only use this for non production sites. This sets the number of connections to add to a database pool when not enough connections are available on the pool anymore. Idle Timeout = <Number> This directive is used by the experimental database pooling functionality. Only use this for non production sites. This sets the idle time after which a database pool should be shrinked. Validate Timeout = <Number> alidate Timeout This directive is used by the experimental database pooling functionality. Only use this for non production sites. This sets the validation timeout after which the database connection is polled to see if its still alive. The following is an example of a valid Catalog resource definition: Catalog { Name = SQLite dbdriver = sqlite dbname = bareos; dbuser = bareos; dbpassword = "" # no password = no security } or for a Catalog on another machine: Catalog { Name = MySQL db Driver = mysql db Name = bareos db User = bareos db Password = "" db Address = remote.acme.com db Port = 1234 } ### 9.10 Messages Resource For the details of the Messages Resource, please see the Messages Resource Chapter of this manual. ### 9.11 Console Resource There are three different kinds of consoles, which the administrator or user can use to interact with the Director. These three kinds of consoles comprise three different security levels. • The first console type is an anonymous or default console, which has full privileges. There is no console resource necessary for this type since the password is specified in the Director’s resource and consequently such consoles do not have a name as defined on a Name = directive. Typically you would use it only for administrators. • The second type of console, is a ”named” console defined within a Console resource in both the Director’s configuration file and in the Console’s configuration file. Both the names and the passwords in these two entries must match much as is the case for Client programs. This second type of console begins with absolutely no privileges except those explicitly specified in the Director’s Console resource. Thus you can have multiple Consoles with different names and passwords, sort of like multiple users, each with different privileges. As a default, these consoles can do absolutely nothing – no commands whatsoever. You give them privileges or rather access to commands and resources by specifying access control lists in the Director’s Console resource. The ACLs are specified by a directive followed by a list of access names. Examples of this are shown below. • The third type of console is similar to the above mentioned one in that it requires a Console resource definition in both the Director and the Console. In addition, if the console name, provided on the Name = directive, is the same as a Client name, that console is permitted to use the SetIP command to change the Address directive in the Director’s client resource to the IP address of the Console. This permits portables or other machines using DHCP (non-fixed IP addresses) to ”notify” the Director of their current IP address. The Console resource is optional and need not be specified. The following directives are permitted within the Director’s configuration resource: Name = <name> The name of the console. This name must match the name specified in the Console’s configuration resource (much as is the case with Client definitions). Password = <password> Specifies the password that must be supplied for a named Bareos Console to be authorized. The same password must appear in the Console resource of the Console configuration file. For added security, the password is never actually passed across the network but rather a challenge response hash code created with the password. This directive is required. The password is plain text. It is not generated through any special process. However, it is preferable for security reasons to choose random text. JobACL = <name-list> This directive is used to specify a list of Job resource names that can be accessed by the console. Without this directive, the console cannot access any of the Director’s Job resources. Multiple Job resource names may be specified by separating them with commas, and/or by specifying multiple JobACL directives. For example, the directive may be specified as: JobACL = "Backup client 1", "Backup client 2" JobACL = "RestoreFiles" With the above specification, the console can access the Director’s resources for the four jobs named on the JobACL directives, but for no others. ClientACL = <name-list> This directive is used to specify a list of Client resource names that can be accessed by the console. StorageACL = <name-list> This directive is used to specify a list of Storage resource names that can be accessed by the console. ScheduleACL = <name-list> This directive is used to specify a list of Schedule resource names that can be accessed by the console. PoolACL = <name-list> This directive is used to specify a list of Pool resource names that can be accessed by the console. FileSetACL = <name-list> This directive is used to specify a list of FileSet resource names that can be accessed by the console. CatalogACL = <name-list> This directive is used to specify a list of Catalog resource names that can be accessed by the console. CommandACL = <name-list> This directive is used to specify a list of of console commands that can be executed by the console. WhereACL = <string> This directive permits you to specify where a restricted console can restore files. If this directive is not specified, only the default restore location is permitted (normally /tmp/bareos-restores. If *all* is specified any path the user enters will be accepted (not very secure), any other value specified (there may be multiple WhereACL directives) will restrict the user to use that path. For example, on a Unix system, if you specify ”/”, the file will be restored to the original location. This directive is untested. Aside from Director resource names and console command names, the special keyword *all* can be specified in any of the above access control lists. When this keyword is present, any resource or command name (which ever is appropriate) will be accepted. For an example configuration file, please see the Console Configuration chapter of this manual. ### 9.12 Counter Resource The Counter Resource defines a counter variable that can be accessed by variable expansion used for creating Volume labels with the LabelFormat directive. See the LabelFormat directive in this chapter for more details. Counter Start of the Counter resource. Counter directives are optional. Name = <name> The name of the Counter. This is the name you will use in the variable expansion to reference the counter value. Minimum = <integer> This specifies the minimum value that the counter can have. It also becomes the default. If not supplied, zero is assumed. Maximum = <integer> This is the maximum value value that the counter can have. If not specified or set to zero, the counter can have a maximum value of 2,147,483,648 (2 to the 31 power). When the counter is incremented past this value, it is reset to the Minimum. Catalog = <catalog-name> If this directive is specified, the counter and its values will be saved in the specified catalog. If this directive is not present, the counter will be redefined each time that Bareos is started. ### 9.13 Example Director Configuration File See below an example of a full Director configuration file: # # Default Bareos Director configuration file for disk-only backup # (C) 2013 Bareos GmbH & Co.KG # # Each configuration item has a reference number that shows # where this property can be changed in the configuration file. # Search for the number to find the correct line. # # You have to configure the following accoring to your environment: # # (#01)Email Address for bareos disaster recovery. # Specify a mailaddress outside of your backupserver. # There will be one mail per day. # # (#02)Email Address for bareos reports. (Mail Command) # This mail address will recieve a report about each backup job. # It will be sent after the backupjob is complete. # Has to be configured twice ("Standard" and "Daemon" Message Ressources) # # (#03)Email Address for bareos operator. (Operator Command) # This mail address will recieve a mail immediately when the # bareos system needs an operator intervention. # May be the same address as in (#02) # # # This disk-only setup stores all data into @archivedir@ # # The preconfigured backup scheme is as follows: # # Full Backups are done on first Saturday at 21:00 (#04) # Full Backups are written into the "Full" Pool (#05) # Full Backups are kept for 365 Days (#06) # # Differential Backups are done on 2nd to 5th Saturday at 21:00 (#07) # Differential Backups are written into the "Differential" Pool (#08) # Differential Backups are kept for 90 Days (#09) # # Incremental Backups are done monday to friday at 21:00 (#10) # Incremental Backups are written into the "Incremental" Pool (#11) # Incremental Backups are kept for 30 Days (#12) # # What you also have to do is to change the default fileset (#13) # to either one of the demo filesets given or create our own fileset. # # # # For Bareos release @VERSION@ (@DATE@) -- @DISTNAME@ @DISTVER@ # # Director { # define myself Name = @basename@-dir QueryFile = "@scriptdir@/query.sql" Maximum Concurrent Jobs = 10 Password = "@dir_password@" # Console password Messages = Daemon # remove comment in next line to load plugins from specified directory # Plugin Directory = @plugindir@ } JobDefs { Name = "DefaultJob" Type = Backup Level = Incremental Client = @basename@-fd FileSet = "SelfTest" # selftest fileset (#13) Schedule = "WeeklyCycle" Storage = File Messages = Standard Pool = Incremental Priority = 10 Write Bootstrap = "@working_dir@/%c.bsr" Full Backup Pool = Full # write Full Backups into "Full" Pool (#05) Differential Backup Pool = Differential # write Diff Backups into "Differential" Pool (#08) Incremental Backup Pool = Incremental # write Incr Backups into "Incremental" Pool (#11) } # # Define the main nightly save backup job # By default, this job will back up to disk in @archivedir@ Job { Name = "BackupClient1" JobDefs = "DefaultJob" } # # Backup the catalog database (after the nightly save) # Job { Name = "BackupCatalog" JobDefs = "DefaultJob" Level = Full FileSet="Catalog" Schedule = "WeeklyCycleAfterBackup" # This creates an ASCII copy of the catalog # Arguments to make_catalog_backup.pl are: # make_catalog_backup.pl <catalog-name> RunBeforeJob = "@scriptdir@/make_catalog_backup.pl MyCatalog" # This deletes the copy of the catalog RunAfterJob = "@scriptdir@/delete_catalog_backup" # This sends the bootstrap via mail for disaster recovery. # Should be sent to another system, please change recipient accordingly Write Bootstrap = "|@sbindir@/bsmtp -h @smtp_host@ -f \"$$Bareos$$ \" -s \"Bootstrap for Job %j\" @job_email@" # (#01) Priority = 11 # run after main backup } # # Standard Restore template, to be changed by Console program # Only one such job is needed for all Jobs/Clients/Storage ... # Job { Name = "RestoreFiles" Type = Restore Client=@basename@-fd FileSet = "Linux All" Storage = File Pool = Incremental Messages = Standard Where = /tmp/bareos-restores } FileSet { Name = "Windows All Drives" Enable VSS = yes Include { Options { Signature = MD5 Drive Type = fixed IgnoreCase = yes WildFile = "[A-Z]:/pagefile.sys" WildDir = "[A-Z]:/RECYCLER" WildDir = "[A-Z]:/$RECYCLE.BIN"
WildDir = "[A-Z]:/System Volume Information"
Exclude = yes
}
File = /
}
}

FileSet {
Name = "Linux All"
Include {
Options {
Signature = MD5 # calculate md5 checksum per file
One FS = No     # change into other filessytems
FS Type = ext2  # filesystems of given types will be backed up
FS Type = ext3  # others will be ignored
FS Type = ext4
FS Type = xfs
FS Type = reiserfs
FS Type = jfs
FS Type = btrfs
}
File = /
}
# Things that usually have to be excluded
# You have to exclude @archivedir@
# on your bareos server
Exclude {
File = @working_dir@
File = @archivedir@
File = /proc
File = /tmp
File = /.journal
File = /.fsck
}

}

# fileset just to backup some files for selftest
FileSet {
Name = "SelfTest"
Include {
Options {
Signature = MD5 # calculate md5 checksum per file
}
File = @sbindir@
}
}

Schedule {
Name = "WeeklyCycle"
Run = Full 1st sat at 21:00                   # (#04)
Run = Differential 2nd-5th sat at 21:00       # (#07)
Run = Incremental mon-fri at 21:00            # (#10)
}

# This schedule does the catalog. It starts after the WeeklyCycle
Schedule {
Name = "WeeklyCycleAfterBackup"
Run = Full mon-fri at 21:10
}

# This is the backup of the catalog
FileSet {
Name = "Catalog"
Include {
Options {
signature = MD5
}
File = "@working_dir@/@db_name@.sql" # database dump
File = "@sysconfdir@"                # configuration
}
}

# Client (File Services) to backup
Client {
Name = @basename@-fd
File Retention = 30 days            # 30 days
Job Retention = 6 months            # six months
AutoPrune = no                      # Prune expired Jobs/Files
}

#
# Definition of file storage device
#
Storage {
Name = File
# Do not use "localhost" here
Address = @hostname@                # N.B. Use a fully qualified name here
Device = FileStorage
Media Type = File
}

#
# Generic catalog service
#
Catalog {
Name = MyCatalog
# Uncomment the following lines if you want the dbi driver
@uncomment_dbi@ dbdriver = "dbi:@DEFAULT_DB_TYPE@"; dbaddress = 127.0.0.1; dbport = @db_port@
#dbdriver = "@DEFAULT_DB_TYPE@"
dbdriver = "XXX_REPLACE_WITH_DATABASE_DRIVER_XXX"
dbname = "@db_name@"
dbuser = "@db_user@"
}

#
# Reasonable message delivery -- send most everything to email address and to the console
#
Messages {
Name = Standard
mailcommand = "@sbindir@/bsmtp -h @smtp_host@ -f \"$$Bareos$$ \<%r\>\" -s \"Bareos: %t %e of %c %l\" %r"
operatorcommand = "@sbindir@/bsmtp -h @smtp_host@ -f \"$$Bareos$$ \<%r\>\" -s \"Bareos: Intervention needed for %j\" %r"
mail = @job_email@ = all, !skipped # (#02)
operator = @job_email@ = mount     # (#03)
console = all, !skipped, !saved
append = "@logdir@/bareos.log" = all, !skipped
catalog = all
}

#
# Message delivery for daemon messages (no job).
#
Messages {
Name = Daemon
mailcommand = "@sbindir@/bsmtp -h @smtp_host@ -f \"$$Bareos$$ \<%r\>\" -s \"Bareos daemon message\" %r"
mail = @job_email@ = all, !skipped # (#02)
console = all, !skipped, !saved
append = "@logdir@/bareos.log" = all, !skipped
}

#
# Full Pool definition
#
Pool {
Name = Full
Pool Type = Backup
Recycle = yes                       # Bareos can automatically recycle Volumes
AutoPrune = yes                     # Prune expired volumes
Volume Retention = 365 days         # How long should the Full Backups be kept? (#06)
Maximum Volume Bytes = 50G          # Limit Volume size to something reasonable
Maximum Volumes = 100               # Limit number of Volumes in Pool
Label Format = "Full-"              # Volumes will be labeled "Full-<volume-id>"
}

#
# Differential Pool definition
#
Pool {
Name = Differential
Pool Type = Backup
Recycle = yes                       # Bareos can automatically recycle Volumes
AutoPrune = yes                     # Prune expired volumes
Volume Retention = 90 days          # How long should the Differential Backups be kept? (#09)
Maximum Volume Bytes = 10G          # Limit Volume size to something reasonable
Maximum Volumes = 100               # Limit number of Volumes in Pool
Label Format = "Differential-"      # Volumes will be labeled "Differential-<volume-id>"
}

#
# Incremental Pool definition
#
Pool {
Name = Incremental
Pool Type = Backup
Recycle = yes                       # Bareos can automatically recycle Volumes
AutoPrune = yes                     # Prune expired volumes
Volume Retention = 30 days          # How long should the Incremental Backups be kept?  (#12)
Maximum Volume Bytes = 1G           # Limit Volume size to something reasonable
Maximum Volumes = 100               # Limit number of Volumes in Pool
Label Format = "Incremental-"       # Volumes will be labeled "Incremental-<volume-id>"
}

#
# Scratch pool definition
#
Pool {
Name = Scratch
Pool Type = Backup
}

#
# Restricted console used by tray-monitor to get the status of the director
#
Console {
Name = @basename@-mon
CommandACL = status, .status
}

## Chapter 10Client/File Daemon Configuration

The Client (or File Daemon) Configuration is one of the simpler ones to specify. Generally, other than changing the Client name so that error messages are easily identified, you will not need to modify the default Client configuration file.

For a general discussion of configuration file and resources including the data types recognized by Bareos, please see the Configuration chapter of this manual. The following Client Resource definitions must be defined:

• Client – to define what Clients are to be backed up.
• Director – to define the Director’s name and its access password.
• Messages – to define where error and information messages are to be sent.

### 10.1 Client Resource

The Client Resource (or FileDaemon) resource defines the name of the Client (as used by the Director) as well as the port on which the Client listens for Director connections.

Client (or FileDaemon)

Start of the Client records. There must be one and only one Client resource in the configuration file, since it defines the properties of the current client program.

Name = <name>

The client name that must be used by the Director when connecting. Generally, it is a good idea to use a name related to the machine so that error messages can be easily identified if you have multiple Clients. This directive is required.
Working Directory = <directory>
(default: platform specific)
This directive is optional and specifies a directory in which the File daemon may put its status files.

The bareos file daemon uses a platform specific default value, that is defined at compile time. For Linux systems, the default is /var/lib/bareos/. For Windows systems it is %TEMP%.

On Win32 systems, in some circumstances you may need to specify a drive letter in the specified working directory path. Also, please be sure that this directory is writable by the SYSTEM user otherwise restores may fail (the bootstrap file that is transferred to the File daemon from the Director is temporarily put in this directory before being passed to the Storage daemon).

Pid Directory = <directory>
(default: platform specific)
This directive specifies a directory in which the File Daemon may put its process Id file files. The process Id file is used to shutdown Bareos and to prevent multiple copies of Bareos from running simultaneously.

The bareos file daemon uses a platform specific default value, that is defined at compile time. Typically on Linux systems, it is set to /var/lib/bareos/ or /var/run/.

Plugin Directory = <directory>
(default: platform specific)
This directive specifies a directory in which the File Daemon searches for plugins with the name <pluginname>-fd.so which it will load at startup. Typically on Linux systems, it is set to /usr/lib/bareos/plugins/ or /usr/lib64/bareos/plugins/.
Heartbeat Interval = <time-interval>
(default: 0)
This record defines an interval of time in seconds. For each heartbeat that the File daemon receives from the Storage daemon, it will forward it to the Director. In addition, if no heartbeat has been received from the Storage daemon and thus forwarded the File daemon will send a heartbeat signal to the Director and to the Storage daemon to keep the channels active. The default interval is zero which disables the heartbeat. This feature is particularly useful if you have a router that does not follow Internet standards and times out a valid connection after a short duration despite the fact that keepalive is set. This usually results in a broken pipe error message.
Maximum Concurrent Jobs = <number>
(default: 2)
where <number> is the maximum number of Jobs that should run concurrently. The default is set to 2, but you may set it to a larger number. Each contact from the Director (e.g. status request, job start request) is considered as a Job, so if you want to be able to do a status request in the console at the same time as a Job is running, you will need to set this value greater than 1.

This record is optional, and if it is specified, it will cause the File daemon server (for Director connections) to bind to the specified IP-Address, which is either a domain name or an IP address specified as a dotted quadruple. If this record is not specified, the File daemon will bind to any available address (the default).

Specify the ports and addresses on which the File daemon listens for Director connections. Probably the simplest way to explain is to show an example:
ip = { addr = 1.2.3.4; port = 1205; }
ipv4 = {
addr = 1.2.3.4; port = http; }
ipv6 = {
port = 1205;
}
ip = {
port = 1205
}
ip = { addr = 1.2.3.4 }
ip = {
}
ip = {
}
}

where ip, ip4, ip6, addr, and port are all keywords. Note, that the address can be specified as either a dotted quadruple, or IPv6 colon notation, or as a symbolic name (only in the ip specification). Also, port can be specified as a number or as the mnemonic value from the /etc/services file. If a port is not specified, the default will be used. If an ip section is specified, the resolution can be made either by IPv4 or IPv6. If ip4 is specified, then only IPv4 resolutions will be permitted, and likewise with ip6.

FD Port = <port-number>
(default: 9102)
This specifies the port number on which the Client listens for Director connections. It must agree with the FDPort specified in the Client resource of the Director’s configuration file.

This record is optional, and if it is specified, it will cause the File daemon server (for Storage connections) to bind to the specified IP-Address, which is either a domain name or an IP address specified as a dotted quadruple. If this record is not specified, the kernel will choose the best address according to the routing table (the default).
SDConnectTimeout = <time-interval>

This record defines an interval of time that the File daemon will try to connect to the Storage daemon. The default is 30 minutes. If no connection is made in the specified time interval, the File daemon cancels the Job.
Maximum Network Buffer Size = <bytes>

where <bytes> specifies the initial network buffer size to use with the File daemon. This size will be adjusted down if it is too large until it is accepted by the OS. Please use care in setting this value since if it is too large, it will be trimmed by 512 bytes until the OS is happy, which may require a large number of system calls. The default value is 65,536 bytes.

Note, on certain Windows machines, there are reports that the transfer rates are very slow and this seems to be related to the default 65,536 size. On systems where the transfer rates seem abnormally slow compared to other systems, you might try setting the Maximum Network Buffer Size to 32,768 in both the File daemon and in the Storage daemon.

Compatible = <yes|no>
(default: yes)
This directive enables the compatible mode of the file daemon. In this mode the file daemon will try to be as compatible to a native Bacula file daemon as possible. Enabling this option means that certain new options available in Bareos cannot be used as they would lead to data not being able to be restored by a Native Bareos file daemon. When you want to use bareos-only features, you have to set it to false.
Maximum Bandwidth Per Job = <speed>

The speed parameter specifies the maximum allowed bandwidth that a job may use. The speed parameter should be specified in k/s, kb/s, m/s or mb/s.
Allow Bandwidth Bursting = <yes|no>

This option sets if there is Bandwidth Limiting in effect if the limiting code can use bursting e.g. when from a certain timeslice not all bandwidth is used this bandwidth can be used in a next timeslice. Which mean you will get a smoother limiting which will be much closer to the actual limit set but it also means that sometimes the bandwidth will be above the setting here. The default for this option is no.
PKI Encryption

See the Data Encryption chapter of this manual.
PKI Signatures

See the Data Encryption chapter of this manual.
PKI Keypair

See the Data Encryption chapter of this manual.
PKI Master Key

See the Data Encryption chapter of this manual.

The following is an example of a valid Client resource definition:

Client {                              # this is me
Name = rufus-fd
}

### 10.2 Director Resource

The Director resource defines the name and password of the Directors that are permitted to contact this Client.

Director

Start of the Director records. There may be any number of Director resources in the Client configuration file. Each one specifies a Director that is allowed to connect to this Client.
Name = <name>

The name of the Director that may contact this Client. This name must be the same as the name specified on the Director resource in the Director’s configuration file. Note, the case (upper/lower) of the characters in the name are significant (i.e. S is not the same as s). This directive is required.

Specifies the password that must be supplied for a Director to be authorized. This password must be the same as the password specified in the Client resource in the Director’s configuration file. This directive is required.
Maximum Bandwidth Per Job = <speed>

The speed parameter specifies the maximum allowed bandwidth that a job may use when started from this Director. The speed parameter should be specified in k/s, Kb/s, m/s or Mb/s.
Monitor = <yes|no>

If Monitor is set to no (default), this director will have full access to this Client. If Monitor is set to yes, this director will only be able to fetch the current status of this Client.

Please note that if this director is being used by a Monitor, we highly recommend to set this directive to yes to avoid serious security problems.

Thus multiple Directors may be authorized to use this Client’s services. Each Director will have a different name, and normally a different password as well.

The following is an example of a valid Director resource definition:

#
# List Directors who are permitted to contact the File daemon
#
Director {
}
Director {
Name = Worker
Monitor = Yes
}

### 10.3 Messages Resource

Please see the Messages Resource Chapter of this manual for the details of the Messages Resource.

There must be at least one Message resource in the Client configuration file.

### 10.4 Example Client Configuration File

An example File Daemon configuration file might be the following:

#
# Default  Bareos File Daemon Configuration file
#
#  For Bareos release 12.4.4 (12 June 2013)
#
# There is not much to change here except perhaps the
# File daemon Name to
#

#
# List Directors who are permitted to contact this File daemon
#
Director {
Name = bareos-dir
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
Name = client1-mon
Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
Name = client1-fd
Maximum Concurrent Jobs = 20

# remove comment in next line to load plugins from specified directory
# Plugin Directory = /usr/lib64/bareos/plugins
}

# Send all messages except skipped files back to Director
Messages {
Name = Standard
director = client1-dir = all, !skipped, !restored
}

## Chapter 11Storage Daemon Configuration

The Storage Daemon configuration file has relatively few resource definitions. However, due to the great variation in backup media and system capabilities, the storage daemon must be highly configurable. As a consequence, there are quite a large number of directives in the Device Resource definition that allow you to define all the characteristics of your Storage device (normally a tape drive). Fortunately, with modern storage devices, the defaults are sufficient, and very few directives are actually needed.

For a general discussion of configuration file and resources including the data types recognized by Bareos, please see the Configuration chapter of this manual. The following Storage Resource definitions must be defined:

• Storage – to define the name of the Storage daemon.
• Director – to define the Director’s name and his access password.
• Device – to define the characteristics of your storage device (tape drive).
• Messages – to define where error and information messages are to be sent.

Following resources are optional:

• AutoChanger – to define Autochanger devices.
• NDMP – to define the NDMP authentication context.

### 11.1 Storage Resource

In general, the properties specified under the Storage resource define global properties of the Storage daemon. Each Storage daemon configuration file must have one and only one Storage resource definition.

Name = <name>
(required)
Specifies the Name of the Storage daemon.
Working Directory = <directory>
(default: platform specific) (required)
This directive specifies a directory in which the Storage daemon may put its status files. This directory should be used only by Bareos, but may be shared by other Bareos daemons provided the names given to each daemon are unique.
Pid Directory = <directory>
(default: platform specific) (required)
This directive specifies a directory in which the Storage Daemon may put its process Id file files. The process Id file is used to shutdown Bareos and to prevent multiple copies of Bareos from running simultaneously. Standard shell expansion of the directory is done when the configuration file is read so that values such as \$HOME will be properly expanded.
Plugin Directory = <directory>
(default: platform specific) (required)
This directive specifies a directory in which the Storage Daemon searches for plugins with the name <pluginname>-sd.so which it will load at startup.
Heartbeat Interval = <time-interval>
(default: 0) (required)
This directive defines an interval of time in seconds. When the Storage daemon is waiting for the operator to mount a tape, each time interval, it will send a heartbeat signal to the File daemon. The default interval is zero which disables the heartbeat. This feature is particularly useful if you have a router that does not follow Internet standards and times out an valid connection after a short duration despite the fact that keepalive is set. This usually results in a broken pipe error message.
Client Connect Wait = <time-interval>
(default: 30 minutes) (required)
This directive defines an interval of time in seconds that the Storage daemon will wait for a Client (the File daemon) to connect. Be aware that the longer the Storage daemon waits for a Client, the more resources will be tied up.
Maximum Concurrent Jobs = <number>
(default: 10) (required)
where <number> is the maximum number of Jobs that may run concurrently. The default is set to 10, but you may set it to a larger number. Each contact from the Director (e.g. status request, job start request) is considered as a Job, so if you want to be able to do a status request in the console at the same time as a Job is running, you will need to set this value greater than 1. To run simultaneous Jobs, you will need to set a number of other directives in the Director’s configuration file. Which ones you set depend on what you want, but you will almost certainly need to set the Maximum Concurrent Jobs in the Storage resource in the Director’s configuration file and possibly those in the Job and Client resources.

This directive is optional, and if it is specified, it will cause the Storage daemon server (for Director and File daemon connections) to bind to the specified IP-Address, which is either a domain name or an IP address specified as a dotted quadruple. If this directive is not specified, the Storage daemon will bind to any available address (the default).

Specify the ports and addresses on which the Storage daemon will listen for Director connections. Normally, the default is sufficient and you do not need to specify this directive. Probably the simplest way to explain how this directive works is to show an example:
SDAddresses  = { ip = {
addr = 1.2.3.4; port = 1205; }
ipv4 = {
addr = 1.2.3.4; port = http; }
ipv6 = {
port = 1205;
}
ip = {
port = 1205
}
ip = {
}
ip = {
}
ip = {
}
}

where ip, ip4, ip6, addr, and port are all keywords. Note, that the address can be specified as either a dotted quadruple, or IPv6 colon notation, or as a symbolic name (only in the ip specification). Also, port can be specified as a number or as the mnemonic value from the /etc/services file. If a port is not specified, the default will be used. If an ip section is specified, the resolution can be made either by IPv4 or IPv6. If ip4 is specified, then only IPv4 resolutions will be permitted, and likewise with ip6.

Using this directive, you can replace both the SDPort and SDAddress directives shown below.

SD Port = <port-number>
(default: 9103) (required)
Specifies port number on which the Storage daemon listens for Director connections.
Compatible = <yes|no>
(default: yes) (required)
This directive enables the compatible mode of the storage daemon. In this mode the storage daemon will try to write the storage data in a compatible way with Bareos of which Bareos is a fork. This only works for the data streams both share and not for any new datastreams which are Bareos specific. Which may be read when used by a Bareos storage daemon but might not be understood by any of the Bareos components (dir/sd/fd).
NDMP Enable = <yes|no>

This directive enables the Native NDMP Tape Agent.
NDMP Snooping = <yes|no>

This directive enables the Snooping and pretty printing of NDMP protocol information in debugging mode.
NDMP Loglevel = <level>

This directive sets the loglevel for the NDMP protocol library.

This directive is optional, and if it is specified, it will cause the Storage daemon server (for NDMP Tape Server connections) to bind to the specified IP-Address, which is either a domain name or an IP address specified as a dotted quadruple. If this directive is not specified, the Storage daemon will bind to any available address (the default).

Specify the ports and addresses on which the Storage daemon will listen for NDMP Tape Server connections. Normally, the default is sufficient and you do not need to specify this directive.
NDMP Port = <port-specification>
(default: 10000)
Specifies port number on which the Storage daemon listens for NDMP Tape Server connections.
AutoXflateOnReplication = <yes|no>
(default: yes)(required)
This directive controls the autoxflate-sd plugin when replicating data inside one or between two storage daemons (Migration/Copy Jobs). Normally the storage daemon will use the autoinflate/autodeflate setting of the device when reading and writing data to it which could mean that while reading it inflates the compressed data and the while writing the other deflates it again. If you just want the data to be exactly the same e.g. don’t perform any on the fly uncompression and compression while doing the replication of data you can set this option to no and it will override any setting on the device for doing auto inflation/deflation when doing data replication. This will not have any impact on any normal backup or restore jobs.
Version >= 13.4

The following is a typical Storage daemon Storage definition.

 # # "Global" Storage daemon configuration specifications appear # under the Storage resource. # Storage {   Name = "Storage daemon"   Address = localhost }

Configuration 11.1: Storage daemon Storage definition

### 11.2 Director Resource

The Director resource specifies the Name of the Director which is permitted to use the services of the Storage daemon. There may be multiple Director resources. The Director Name and Password must match the corresponding values in the Director’s configuration file.

Name = <Director-Name>

Specifies the Name of the Director allowed to connect to the Storage daemon. This directive is required.

Specifies the password that must be supplied by the above named Director. This directive is required.
Monitor = <yes|no>

If Monitor is set to no (default), this director will have full access to this Storage daemon. If Monitor is set to yes, this director will only be able to fetch the current status of this Storage daemon.

Please note that if this director is being used by a Monitor, we highly recommend to set this directive to yes to avoid serious security problems.

Key Encryption Key = <KeyEncryptionKey>

This key is used to encrypt the Security Key that is exchanged between the Director and the Storage Daemon for supporting Application Managed Encryption (AME). For security reasons each Director should have a different Key Encryption Key.

The following is an example of a valid Director resource definition:

Director {
Name = MainDirector
}

### 11.3 NDMP Resource

The NDMP Resource specifies the authentication details of each NDMP client. There may be multiple NDMP resources for a single Storage daemon. In general, the properties specified within the NDMP resource are specific to one client.

Name = <Client-Name>

Specifies the name of the NDMP Client allowed to connect to the Storage daemon. This directive is required.

Specifies the username that must be supplied by the above named NDMP Client. This directive is required.

Specifies the password that must be supplied by the above named NDMP Client. This directive is required.
Authtype = <Client-Authtype>

Specifies the authentication type that must be supplied by the above named NDMP Client. This directive is required.

The following values are allowed:

1. None - Use no password
2. Clear - Use clear text password
3. MD5 - Use MD5 hashing
Loglevel = <NDMP-Loglevel>

Specifies the NDMP Loglevel which overrides the global NDMP loglevel for this client.

### 11.4 Device Resource

The Device Resource specifies the details of each device (normally a tape drive) that can be used by the Storage daemon. There may be multiple Device resources for a single Storage daemon. In general, the properties specified within the Device resource are specific to the Device.

Name = <name>
(required)
Specifies the Name that the Director will use when asking to backup or restore to or from to this device. This is the logical Device name, and may be any string up to 127 characters in length. It is generally a good idea to make it correspond to the English name of the backup device. The physical name of the device is specified on the Archive Device directive described below. The name you specify here is also used in your Director’s conf file on the Device directive in its Storage resource.
Archive Device = <device | directory | fifo>
(required)
Specifies where to read and write the backup data. The type of the Archive Device can be specified by the Device Type directive. If Device Type is not specified, Bareos tries to guess the Device Type accordingly to the type of the specified Archive Device file type.

There are three different types that are supported:

device
Usually the device file name of a removable storage device (tape drive), for example ”/dev/nst0” or ”/dev/rmt/0mbn”, preferably in the ”non-rewind” variant. In addition, on systems such as Sun, which have multiple tape access methods, you must be sure to specify to use Berkeley I/O conventions with the device. The b in the Solaris (Sun) archive specification /dev/rmt/0mbn is what is needed in this case. Bareos does not support SysV tape drive behavior.
directory
If a directory is specified, it is used as file storage. The directory must be existing and be specified as absolute path. Bareos will write to file storage in the specified directory and the filename used will be the Volume name as specified in the Catalog. If you want to write into more than one directory (i.e. to spread the load to different disk drives), you will need to define two Device resources, each containing an Archive Device with a different directory.
fifo
A FIFO is a special kind of file that connects two programs via kernel memory. If a FIFO device is specified for a backup operation, you must have a program that reads what Bareos writes into the FIFO. When the Storage daemon starts the job, it will wait for MaximumOpenWait seconds for the read program to start reading, and then time it out and terminate the job. As a consequence, it is best to start the read program at the beginning of the job perhaps with the RunBeforeJob directive. For this kind of device, you never want to specify AlwaysOpen, because you want the Storage daemon to open it only when a job starts, so you must explicitly set it to No. Since a FIFO is a one way device, Bareos will not attempt to read a label of a FIFO device, but will simply write on it. To create a FIFO Volume in the catalog, use the add command rather than the label command to avoid attempting to write a label.
Device {
Name = FifoStorage
Media Type = Fifo
Device Type = Fifo
Archive Device = /tmp/fifo
LabelMedia = yes
Random Access = no
AutomaticMount = no
RemovableMedia = no
MaximumOpenWait = 60
AlwaysOpen = no
}

During a restore operation, if the Archive Device is a FIFO, Bareos will attempt to read from the FIFO, so you must have an external program that writes into the FIFO. Bareos will wait MaximumOpenWait seconds for the program to begin writing and will then time it out and terminate the job. As noted above, you may use the RunBeforeJob to start the writer program at the beginning of the job.

A FIFO device can also be used to test your configuration, see the Howto section.

Device Type = <tape | file | fifo>

The Device Type specification allows you to explicitly tell Bareos what kind of device you are defining. It the type-specification may be one of the following:
Tape
The device is a tape device and thus is sequential access. Tape devices are controlled using ioctl() calls.
File
Tells Bareos that the device is a file. It may either be a file defined on fixed medium or a removable filesystem such as USB. All files must be random access devices.
Fifo
The device is a first-in-first out sequential access read-only or write-only device.

The Device Type directive is not required, and if not specified, Bareos will attempt to guess what kind of device has been specified using the Archive Device specification supplied. There are several advantages to explicitly specifying the Device Type. First, on some systems, block and character devices have the same type. Secondly, if you explicitly specify the Device Type, the mount point need not be defined until the device is opened. This is the case with most removable devices such as USB. If the Device Type is not explicitly specified, then the mount point must exist when the Storage daemon starts.

Media Type = <name-string>

The specified name-string names the type of media supported by this device, for example, ”DLT7000”. Media type names are arbitrary in that you set them to anything you want, but they must be known to the volume database to keep track of which storage daemons can read which volumes. In general, each different storage type should have a unique Media Type associated with it. The same name-string must appear in the appropriate Storage resource definition in the Director’s configuration file.

Even though the names you assign are arbitrary (i.e. you choose the name you want), you should take care in specifying them because the Media Type is used to determine which storage device Bareos will select during restore. Thus you should probably use the same Media Type specification for all drives where the Media can be freely interchanged. This is not generally an issue if you have a single Storage daemon, but it is with multiple Storage daemons, especially if they have incompatible media.

For example, if you specify a Media Type of ”DDS-4” then during the restore, Bareos will be able to choose any Storage Daemon that handles ”DDS-4”. If you have an autochanger, you might want to name the Media Type in a way that is unique to the autochanger, unless you wish to possibly use the Volumes in other drives. You should also ensure to have unique Media Type names if the Media is not compatible between drives. This specification is required for all devices.

In addition, if you are using disk storage, each Device resource will generally have a different mount point or directory. In order for Bareos to select the correct Device resource, each one must have a unique Media Type.

Autochanger = <yes|no>

If Yes, this device belongs to an automatic tape changer, and you must specify an Autochanger resource that points to the Device resources. You must also specify a Changer Device. If the Autochanger directive is set to No (default), the volume must be manually changed. You should also have an identical directive to the Storage resource in the Director’s configuration file so that when labeling tapes you are prompted for the slot.
Changer Device = <name-string>

The specified name-string must be the generic SCSI device name of the autochanger that corresponds to the normal read/write Archive Device specified in the Device resource. This generic SCSI device name should be specified if you have an autochanger or if you have a standard tape drive and want to use the Alert Command (see below). For example, on Linux systems, for an Archive Device name of /dev/nst0, you would specify /dev/sg0 for the Changer Device name. Depending on your exact configuration, and the number of autochangers or the type of autochanger, what you specify here can vary. This directive is optional. See the Using Autochangers chapter of this manual for more details of using this and the following autochanger directives.
Changer Command = <name-string>

The name-string specifies an external program to be called that will automatically change volumes as required by Bareos. Normally, this directive will be specified only in the AutoChanger resource, which is then used for all devices. However, you may also specify the different Changer Command in each Device resource. Most frequently, you will specify the Bareos supplied mtx-changer script as follows:
Changer Command = "/usr/lib/bareos/scripts/mtx-changer %c %o %S %a %d"

and you will install the mtx on your system. An example of this command is in the default —bareos-sd.conf— file. For more details on the substitution characters that may be specified to configure your autochanger please see the Autochangers chapter of this manual.

The name-string specifies an external program to be called at the completion of each Job after the device is released. The purpose of this command is to check for Tape Alerts, which are present when something is wrong with your tape drive (at least for most modern tape drives). The same substitution characters that may be specified in the Changer Command may also be used in this string. For more information, please see the Autochangers chapter of this manual.

Note, it is not necessary to have an autochanger to use this command. The example below uses the tapeinfo program that comes with the mtx package, but it can be used on any tape drive. However, you will need to specify a Changer Device directive in your Device resource (see above) so that the generic SCSI device name can be edited into the command (with the %c).

An example of the use of this command to print Tape Alerts in the Job report is:

and an example output when there is a problem could be:

between tape drive and initiator.

Drive Index = <number>

The Drive Index that you specify is passed to the mtx-changer script and is thus passed to the mtx program. By default, the Drive Index is zero, so if you have only one drive in your autochanger, everything will work normally. However, if you have multiple drives, you must specify multiple Bareos Device resources (one for each drive). The first Device should have the Drive Index set to 0, and the second Device Resource should contain a Drive Index set to 1, and so on. This will then permit you to use two or more drives in your autochanger.
Autoselect = <yes|no>

If this directive is set to yes (default), and the Device belongs to an autochanger, then when the Autochanger is referenced by the Director, this device can automatically be selected. If this directive is set to no, then the Device can only be referenced by directly using the Device name in the Director. This is useful for reserving a drive for something special such as a high priority backup or restore operations.
Maximum Concurrent Jobs = <number>

Maximum Concurrent Jobs is a directive that permits setting the maximum number of Jobs that can run concurrently on a specified Device. Using this directive, it is possible to have different Jobs using multiple drives, because when the Maximum Concurrent Jobs limit is reached, the Storage Daemon will start new Jobs on any other available compatible drive. This facilitates writing to multiple drives with multiple Jobs that all use the same Pool.
Maximum Changer Wait = <time>

This directive specifies the maximum time in seconds for Bareos to wait for an autochanger to change the volume. If this time is exceeded, Bareos will invalidate the Volume slot number stored in the catalog and try again. If no additional changer volumes exist, Bareos will ask the operator to intervene. The default is 5 minutes.
Maximum Rewind Wait = <time>

This directive specifies the maximum time in seconds for Bareos to wait for a rewind before timing out. If this time is exceeded, Bareos will cancel the job. The default is 5 minutes.
Maximum Open Wait = <time>

This directive specifies the maximum time in seconds for Bareos to wait for a open before timing out. If this time is exceeded, Bareos will cancel the job. The default is 5 minutes.
Always Open = <yes|no>
(default: no)
If Yes, Bareos will always keep the device open unless specifically unmounted by the Console program. This permits Bareos to ensure that the tape drive is always available, and properly positioned. If you set AlwaysOpen to no Bareos will only open the drive when necessary, and at the end of the Job if no other Jobs are using the drive, it will be freed. The next time Bareos wants to append to a tape on a drive that was freed, Bareos will rewind the tape and position it to the end. To avoid unnecessary tape positioning and to minimize unnecessary operator intervention, it is highly recommended that Always Open = yes. This also ensures that the drive is available when Bareos needs it.

If you have Always Open = yes (recommended) and you want to use the drive for something else, simply use the unmount command in the Console program to release the drive. However, don’t forget to remount the drive with mount when the drive is available or the next Bareos job will block.

For File storage, this directive is ignored. For a FIFO storage device, you must set this to No.

Please note that if you set this directive to No Bareos will release the tape drive between each job, and thus the next job will rewind the tape and position it to the end of the data. This can be a very time consuming operation. In addition, with this directive set to no, certain multiple drive autochanger operations will fail. We strongly recommend to keep Always Open set to Yes

Volume Poll Interval = <time>

If the time specified on this directive is non-zero, after asking the operator to mount a new volume Bareos will periodically poll (or read) the drive at the specified interval to see if a new volume has been mounted. If the time interval is zero (the default), no polling will occur. This directive can be useful if you want to avoid operator intervention via the console. Instead, the operator can simply remove the old volume and insert the requested one, and Bareos on the next poll will recognize the new tape and continue. Please be aware that if you set this interval too small, you may excessively wear your tape drive if the old tape remains in the drive, since Bareos will read it on each poll. This can be avoided by ejecting the tape using the Offline On Unmount and the Close on Poll directives. However, if you are using a Linux 2.6 kernel or other OSes such as FreeBSD or Solaris, the Offline On Unmount will leave the drive with no tape, and Bareos will not be able to properly open the drive and may fail the job.
Close on Poll= <yes|no>

If Yes, Bareos close the device (equivalent to an unmount except no mount is required) and reopen it at each poll. Normally this is not too useful unless you have the Offline on Unmount directive set, in which case the drive will be taken offline preventing wear on the tape during any future polling. Once the operator inserts a new tape, Bareos will recognize the drive on the next poll and automatically continue with the backup. Please see above for more details.
Maximum Open Wait = <time>

This directive specifies the maximum amount of time in seconds that Bareos will wait for a device that is busy. The default is 5 minutes. If the device cannot be obtained, the current Job will be terminated in error. Bareos will re-attempt to open the drive the next time a Job starts that needs the the drive.

Removable media = <yes|no>

If Yes, this device supports removable media (for example, tapes or CDs). If No, media cannot be removed (for example, an intermediate backup area on a hard disk). If Removable media is enabled on a File device (as opposed to a tape) the Storage daemon will assume that device may be something like a USB device that can be removed or a simply a removable harddisk. When attempting to open such a device, if the Volume is not found (for File devices, the Volume name is the same as the Filename), then the Storage daemon will search the entire device looking for likely Volume names, and for each one found, it will ask the Director if the Volume can be used. If so, the Storage daemon will use the first such Volume found. Thus it acts somewhat like a tape drive – if the correct Volume is not found, it looks at what actually is found, and if it is an appendable Volume, it will use it.

If the removable medium is not automatically mounted (e.g. udev), then you might consider using additional Storage daemon device directives such as Requires Mount, Mount Point, Mount Command, and Unmount Command, all of which can be used in conjunction with Removable Media.

Random access = <yes|no>

If Yes, the archive device is assumed to be a random access medium which supports the lseek (or lseek64 if Largefile is enabled during configuration) facility. This should be set to Yes for all file systems such as USB, and fixed files. It should be set to No for non-random access devices such as tapes and named pipes.
Requires Mount = <yes|no>

When this directive is enabled, the Storage daemon will submit a Mount Command before attempting to open the device. You must set this directive to yes for removable file systems such as USB devices that are not automatically mounted by the operating system when plugged in or opened by Bareos. It should be set to no for all other devices such as tapes and fixed filesystems. It should also be set to no for any removable device that is automatically mounted by the operating system when opened (e.g. USB devices mounted by udev or hotplug). This directive indicates if the device requires to be mounted using the Mount Command. To be able to write devices need a mount, the following directives must also be defined: Mount Point, Mount Command, and Unmount Command.
Mount Point = <directory>

Directory where the device can be mounted. This directive is used only for devices that have Requires Mount enabled such as USB file devices.
Mount Command = <name-string>

This directive specifies the command that must be executed to mount devices such as many USB devices. Before the command is executed, %a is replaced with the Archive Device, and %m with the Mount Point.

See the Edit Codes section below for more details of the editing codes that can be used in this directive.

If you need to specify multiple commands, create a shell script.

Unmount Command = <name-string>

This directive specifies the command that must be executed to unmount devices such as many USB devices. Before the command is executed, %a is replaced with the Archive Device, and %m with the Mount Point.

Most frequently, you will define it as follows:

Unmount Command = "/bin/umount %m"

See the Edit Codes section below for more details of the editing codes that can be used in this directive.

If you need to specify multiple commands, create a shell script.

Label Media = <yes|no>

If Yes, permits this device to automatically label blank media without an explicit operator command. It does so by using an internal algorithm as defined on the Label Format record in each Pool resource. If this is No as by default, Bareos will label tapes only by specific operator command (label in the Console) or when the tape has been recycled. The automatic labeling feature is most useful when writing to disk rather than tape volumes.
Automatic Mount = <yes|no>

If Yes (the default), permits the daemon to examine the device to determine if it contains a Bareos labeled volume. This is done initially when the daemon is started, and then at the beginning of each job. This directive is particularly important if you have set Always Open = no because it permits Bareos to attempt to read the device before asking the system operator to mount a tape. However, please note that the tape must be mounted before the job begins.
Block Checksum = <yes|no>
(default: yes)
You may turn off the Block Checksum (CRC32) code that Bareos uses when writing blocks to a Volume. Doing so can reduce the Storage daemon CPU usage slightly. It will also permit Bareos to read a Volume that has corrupted data.

We do not recommend to turn this off particularly on older tape drives or for disk Volumes where doing so may allow corrupted data to go undetected.

Minimum block size = <size-in-bytes>
(default: 0)
This statement applies only to non-random access devices (e.g. tape drives). Blocks written by the storage daemon to a non-random archive device will never be smaller than the given size-in-bytes. The Storage daemon will attempt to efficiently fill blocks with data received from active sessions but will, if necessary, add padding to a block to achieve the required minimum size.

To force the block size to be fixed, as is the case for some non-random access devices (tape drives), set the Minimum block size and the Maximum block size to the same value. The default is that both the minimum and maximum block size are zero and the default block size is 64,512 bytes.

For example, suppose you want a fixed block size of 100K bytes, then you would specify:

 Minimum block size = 100K Maximum block size = 100K

Configuration 11.2: Fixed Block Size

Please note that if you specify a fixed block size as shown above, the tape drive must either be in variable block size mode, or if it is in fixed block size mode, the block size (generally defined by mt) must be identical to the size specified in Bareos – otherwise when you attempt to re-read your Volumes, you will get an error.

If you want the block size to be variable but with a 64K minimum and 200K maximum (and default as well), you would specify:

 Minimum block size =  64K Maximum block size = 200K

Configuration 11.3: Variable Block Size
Maximum block size = <size-in-bytes>
(default: 64512)
The Storage daemon will always attempt to write blocks of the specified size-in-bytes to the archive device. As a consequence, this statement specifies both the default block size and the maximum block size. The size written never exceed the given size-in-bytes. If adding data to a block would cause it to exceed the given maximum size, the block will be written to the archive device, and the new data will begin a new block.

If no value is specified or zero is specified, the Storage daemon will use a default block size of 64,512 bytes (126 * 512).

This default size is far too low for modern tape drives. If you are using a modern tape drive like LTO-4 or newer, you should use a block size of 512k or 1M.

Please note! If your are using LTO drives, changing the block size after labeling the tape will result into unreadable tapes. So normally you will not change the block size in an existing configuration.

Label block size = <size-in-bytes>
(default: 64512)
The storage daemon will write the label blocks with the size configured here. Usually, you will not need to change this directive.

Hardware End of Medium = <yes|no>
(default: yes)
All modern (after 1998) tape drives should support this feature. In doubt, use the btape program to test your drive to see whether or not it supports this function. If the archive device does not support the end of medium ioctl request MTEOM, set this parameter to No. The storage daemon will then use the forward space file function to find the end of the recorded data. In addition, your SCSI driver must keep track of the file number on the tape and report it back correctly by the MTIOCGET ioctl. Note, some SCSI drivers will correctly forward space to the end of the recorded data, but they do not keep track of the file number. On Linux machines, the SCSI driver has a fast-eod option, which if set will cause the driver to lose track of the file number. You should ensure that this option is always turned off using the mt program.
Fast Forward Space File = <yes|no>
(default: yes)
If No, the archive device is not required to support keeping track of the file number (MTIOCGET ioctl) during forward space file. If Yes, the archive device must support the ioctl MTFSF call, which virtually all drivers support, but in addition, your SCSI driver must keep track of the file number on the tape and report it back correctly by the MTIOCGET ioctl. Note, some SCSI drivers will correctly forward space, but they do not keep track of the file number or more seriously, they do not report end of medium.
Use MTIOCGET = <yes|no>
(default: yes)
If No, the operating system is not required to support keeping track of the file number and reporting it in the (MTIOCGET ioctl). If you must set this to No, Bareos will do the proper file position determination, but it is very unfortunate because it means that tape movement is very inefficient. Fortunately, this operation system deficiency seems to be the case only on a few *BSD systems. Operating systems known to work correctly are Solaris, Linux and FreeBSD.
BSF at EOM = <yes|no>
(default: no)
If No, the default, no special action is taken by Bareos with the End of Medium (end of tape) is reached because the tape will be positioned after the last EOF tape mark, and Bareos can append to the tape as desired. However, on some systems, such as FreeBSD, when Bareos reads the End of Medium (end of tape), the tape will be positioned after the second EOF tape mark (two successive EOF marks indicated End of Medium). If Bareos appends from that point, all the appended data will be lost. The solution for such systems is to specify BSF at EOM which causes Bareos to backspace over the second EOF mark. Determination of whether or not you need this directive is done using the test command in the btape program.
Two EOF = <yes|no>
(default: no)
If Yes, Bareos will write two end of file marks when terminating a tape – i.e. after the last job or at the end of the medium. If No, the default, Bareos will only write one end of file to terminate the tape.
Backward Space Record = <yes|no>

If Yes, the archive device supports the MTBSR ioctl to backspace records. If No, this call is not used and the device must be rewound and advanced forward to the desired position. Default is Yes for non random-access devices. This function if enabled is used at the end of a Volume after writing the end of file and any ANSI/IBM labels to determine whether or not the last block was written correctly. If you turn this function off, the test will not be done. This causes no harm as the re-read process is precautionary rather than required.
Backward Space File = <yes|no>

If Yes, the archive device supports the MTBSF and MTBSF ioctls to backspace over an end of file mark and to the start of a file. If No, these calls are not used and the device must be rewound and advanced forward to the desired position. Default is Yes for non random-access devices.
Forward Space Record = <yes|no>

If Yes, the archive device must support the MTFSR ioctl to forward space over records. If No, data must be read in order to advance the position on the device. Default is Yes for non random-access devices.
Forward Space File = <yes|no>

If Yes, the archive device must support the MTFSF ioctl to forward space by file marks. If No, data must be read to advance the position on the device. Default is Yes for non random-access devices.
Offline On Unmount = <yes|no>