Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [opensuse] backup question to y'all
  • From: Christian Boltz <opensuse@xxxxxxxxx>
  • Date: Sun, 16 Apr 2006 23:45:29 +0200
  • Message-id: <200604162345.30008@xxxxxxxxxxxxxxx>

Am Dienstag, 11. April 2006 08:59 schrieb Leen de Braal:
> [Christian Boltz]
> > I use storeBackup + several types of network-based tools:
> >
> > PS: If someone is interested in the scripts, just ask.
> Well, I am interested. I am trying out the best way of backing up
> remote machines, now at the moment using rsync. But it is rather
> simple atm, because i only end up with a full copy of the machines.
> If remote users ask for something already deleted, then in the
> "backup" it will also be deleted, if the question comes overnight.
> So I am eager to know more about this, your scripts are welcome as
> "educative" material.

OK, here we are ;-)

My solution consists of several scripts in /home/backup/bin/:

### do_backup - main script including mail notification
(this script is run via cron)

# use running ssh-agent
eval `cat /root/.cron-ssh-agent`

# do the backup
time /home/backup/bin/do_rsync_backup2 2>&1
echo ; echo ; echo

time /home/backup/bin/do_storebackup 2>&1
echo ; echo ; echo
echo ">> df -h"
df -h 2>&1
df -ih 2>&1
) | mail -s "backup report" me@myhost

### do_rsync_backup - the script running rsync (called by do_backup)

function do_rsync {


echo -e "\n\n> Backup of $dir/"

test -d "$DEST" || {
echo "Creating directory $DEST..."
mkdir -p "$DEST"

rsync $OPTS -az $option --delete-after -e ssh "$SOURCE" "$DEST" ||
echo "> *** ERROR *** (Exitcode $?)"
echo "> rsync-Backup of $dir/ done." >&2

do_rsync "/boot" "-v"
do_rsync "/etc" "-v"
do_rsync "/home" ""
do_rsync "/root" "-v"
do_rsync "/srv" "-v"
do_rsync "/usr/local" ""
do_rsync "/var/lib/mailman" ""
do_rsync "/var/lib/rpm" "-v"
do_rsync "/var/log" ""

Of course, you should have a SSH key (passphrase protection recommended)
to allow passwordless login to the server you want to backup - and the
public key on the server's ~/.ssh/authorized_keys file.

In addition, you need a ssh-agent running:

### cb-keychain - RUN MANUALLY (once after booting), asks you to enter
the passphrase for the SSH key
ssh-agent > /root/.cron-ssh-agent
eval `cat /root/.cron-ssh-agent`

A note about security: If someone can hack your backup server, he can
access the ssh-agent also and connect to your server. You might want to
use command=the_one_and_only in authorized_keys (see man sshd) -
but this restricts you to _one_ (rsync) command (read: it won't work if
you rsync several directories separately as I do).

When your backup server is unplugged or rebooted, the ssh key will be
locked again until you run cb-keychain.

If you don't need root permissions for reading files on the server
(like /etc/shadow), connect as user.

### do_storebackup - the script running storeBackup, quite simple
(called by do_backup)
/usr/bin/storeBackup -f /home/backup/storebackup.conf

You can generate a storebackup.conf template using storeBackup -g
Then customize the settings as needed.

Hint: If you have lots of small files, storeBackup will need _lots_ of
inodes. Keep this in mind when creating the filesystem of the partition
used by StoreBackup...


Christian Boltz

PS: I don't claim this the perfect solution. If anyone finds a bug in
the above scripts, please tell me ;-)
Das ist mir jetzt ehrlich wirklich richtig peinlich...
Ich hätte geschworen, damals vsftp installiert zu haben. Hab' ich gar
nicht, sondern proFtp... Ähem... also gut, dann bin ich eben damit
sehr zufrieden. [Ratti in suse-linux]

< Previous Next >
Follow Ups