Sunday 16 February 2014

How to setup BackUp PC in centos

BackupPC is an entirely disk-based backup and recovery system.

Backup PC Support any client OS and has a Web interface to allows user control of and access to backups.

How BackupPC Works, Install BackupPC server

The BackupPC model has one user per client. BackupPC emails the owner if it cannot back up the client after a configurable time, and the owner can control restores using the web interface.

# yum install perl-Compress-Zlib perl-Archive-Zip perl-File-RsyncP perl-XML-RSS mod_perl perl httpd

# wget http://dev.centos.org/centos/5/testing/i386/RPMS/backuppc-3.1.0-1.el5.centos.i386.rpm

if error came
error: Failed dependencies:
    perl(Time::ParseDate) is needed by backuppc-3.1.0-1.el5.centos.i386
 

search
 

# yum whatprovides "perl(Time::ParseDate)"
perl-Time-modules-2006.0814-1.el5.rf.noarch

# yum install perl-Time-modules

# rpm -ivh backuppc-3.1.0-1.el5.centos.i386.rpm

1. Add user backuppc to your machine, User backuppc will be created upon installation. Change apache user to backuppc.

 # vim /etc/httpd/conf/httpd.conf

     Change ‘User apache‘ to ‘User backuppc

2. Edit file /etc/httpd/conf.d/backuppc.conf

# vim /etc/httpd/conf.d/backuppc.conf

change ‘Allow from 127.0.0.1‘ to ‘Allow from all‘

3. Create password for cgi-bin admin user

# htpasswd -c /var/lib/backuppc/passwd/htpasswd admin

passwd: backup

4. Edit backuppc config file

# vi /etc/BackupPC/config.pl

 Find and change accordingly

$Conf{ServerHost} = 'localhost';
$Conf{SplitPath} = '/usr/bin/split';
$Conf{CatPath} = '/bin/cat';
$Conf{GzipPath} = '/bin/gzip';
$Conf{Bzip2Path} = '/usr/bin/bzip2';
$Conf{BackupPCUser} = 'backuppc';
$Conf{TopDir} = '/var/lib/backuppc';
$Conf{ConfDir} = '/etc/BackupPC';
$Conf{LogDir} = '/var/log/BackupPC';
$Conf{InstallDir} = '/usr';
$Conf{CgiDir} = '/usr/share/backuppc/cgi-bin';
$Conf{ServerInitdPath} = '/etc/init.d/backuppc';
$Conf{ServerInitdStartCmd} = '$sshPath -q -x -l root $serverHost$serverInitdPath start';
$Conf{SshPath} = '/usr/bin/ssh';
$Conf{NmbLookupPath} = '/usr/bin/nmblookup';
$Conf{PingPath} = '/bin/ping';
$Conf{CgiAdminUsers} = 'admin';

5.Grant passwordless sudo for user backuppc to run /bin/gtar and  /bin/tar

# visudo

Add these entries :

Defaults !lecture  # to disable lecture

backuppc ALL=NOPASSWD:/bin/gtar,/bin/tar   # enable user backuppc to run /bin/tar and /bin/gtar without authentication.

Comment this entry,

# Defaults requiretty

Restart apache and backuppc service

# /etc/init.d/httpd start

# /etc/init.d/backuppc restart

Open your browser and point it to ‘http://backuppc_server_ip/backuppc‘ and you should see the backuppc web interface

http://192.168.1.67/backuppc
admin
backup

After this, you have to do almost all the configuration through the web interface. To test, you can run localhost backup first. You have to create the host, fill up all the setting and you are ready to go. Record the host and ip in /etc/hosts.

# vim /etc/hosts
192.168.1.67  cloudcc.ctechz.blogspot.com cloudcc  ---------. add every machines host name here.

Once you have hosts with backups, there will be some very useful graphs displaying pool storage size.

Changing the Backuppc Pool Directory

By default, all your backups are stored at /var/lib/backuppc. However, I wish to store my backups on another disk drive that has a lot more storage than my system disk.  To do this we need to create a soft link from the default backup directory to whatever directory you wish to store the backups.  You will notice that we create two directories called "pc" and "cpool".

"pc" is where all the files are stored, and those two directories were originally causing permission issues.


# cd /var/lib/backuppc
 

# sudo mkdir pc cpool    ----- done this only if there is no 'pc' and 'cpool' directories.
 

# sudo chown -R backuppc * ----> check the ownership of directories in /vae/lib/backuppc/

If you have problems, it may be a permissions issue:
# sudo chmod -R 777 backuppc

I would recommend not leaving the permissions wide open... just make sure it is a permission error and slowly restrict the permissions until everything works correctly.  Now the backups should redirect directly to your new drive.

Adding Hosts in BackupPC

Now we need to add some hosts for backup.  Select "Edit Config" from the left menu.  Click on the "Hosts" tab.  Here we can add hosts for backup. I personally have DNS reservations for all of my hosts, so I can add by IP, however if your hosts will have different IP's I would highly recommend checking the DHCP option. As long as your hosts are registered in DNS backuppc can track them and back them up no matter where they are.  Add the hosts you will be backing up, hit save, and then click on the "Xfer" tab.

Setting Default Xfer Options (for Windows)

we need to set the default transfer settings. This is mostly a setting for large networks of pc's that are set up the same way, which makes it unnecessary for the admin to configure each pc individually. Click on "Edit Config" on the menu on the left, and select "Xfer" from the top menu.  How you set this up depends entirely on your network setup.  I have two Windows 7 PC's, so I will be setting the default settings for a SMB share.

The above screen shot shows the settings I set for the default.  I chose SMB for the transfer method.  The advantage of using SMB is that it is already built into Windows... which is good from an ease of use scenario, but is not as good from a security standpoint.  For the SMB share name, I added the administrative C$ share, which is the entire C$.  In this instance I also should have set default "Include/Exclude" settings.  This part is not extremely intuitive.

To ensure that only the right files are backed up, we need to add first the "SmbShareName" to the "New Key" field, and click "Add".  Once we have added the base share name, we can add the individual paths that we wish to backup.  You will notice above that I told backuppc to backup only the "Users" directory under the C$ share.  So now, instead of backing up the entire OS, backuppc will only backup "C:\Users", which is a much better option. You can obviously add more than one folder.  You can also add folders to exclude, which is a nice option as well. Notice that the "Override" box is checked... that just means that this host differs from the default configuration in this area.

Backing up the Localhost

The easiest way to backup your linux localhost is through "tar".  In the top host drop-drop menu, select "localhost".  Click on "Edit Config" which will enter the host-specific configuration.  Select "tar" and from the "XferMethod" drop-down menu. Next, we need to select the tar share names that we wish to back up.  Since the localhost is not running a whole lot of services, and is not mission critical, I am only backing up the /var and /etc directories.  Go ahead and save the config and you should be ready to backup your localhost!.

Samba Configuration

----> $Conf{XferMethod} = 'smb';
       What transport method to use to backup each host. If you have a mixed set of WinXX and linux/unix hosts you will need to override this in the per-PC config.pl.

----> $Conf{XferLogLevel} = 1;
       Level of verbosity in Xfer log files. 0 means be quiet, 1 will give will give one line per file, 2 will also show skipped files on incrementals, higher values give more output.

----> $Conf{ClientCharset} = '';
        Filename charset encoding on the client. BackupPC uses utf8 on the server for filename encoding. If this is empty, then utf8 is assumed and client filenames will not be modified. If set to
         a different encoding then filenames will converted to/from utf8 automatically during backup and restore.

----> $Conf{SmbShareName} = 'C$';
        Name of the host share that is backed up when using SMB. This can be a string or an array of strings if there are multiple shares per host. Examples:
        
$Conf{SmbShareName} = 'c';          # backup 'c' share
$Conf{SmbShareName} = ['c', 'd'];   # backup 'c' and 'd' shares

   This setting only matters if $Conf{XferMethod} = 'smb'.

----> $Conf{SmbShareUserName} = '';
 

Smbclient share user name. This is passed to 
 smbclient's -U argument.

----> $Conf{SmbSharePasswd} = '';
        Smbclient share password. This is passed to smbclient via its PASSWD environment variable. There are several ways you can tell BackupPC the smb share password.

----> $Conf{SmbClientPath} = '';
 Full path for smbclient. Security caution: normal users should not allowed to write to this file or directory.
 

smbclient is from the Samba distribution. smbclient is used to actually extract the incremental or full dump of the share filesystem from the PC.

Tar Configuration

Which host directories to backup when using tar transport. This can be a string or an array of strings if there are multiple directories to backup per host. Examples:

$Conf{TarShareName} = '/';                  # backup everything
$Conf{TarShareName} = '/home';              # only backup /home
$Conf{TarShareName} = ['/home', '/src'];    # backup /home and /src

The fact this parameter is called 'TarShareName' is for historical consistency with the Smb transport options. You can use any valid directory on the client: there is no need for it to correspond to any Smb share or device mount point.

you can also use $Conf{BackupFilesOnly} to specify a specific list of directories to backup. It's more efficient to use this option instead of $Conf{TarShareName} since a new tar is run for each entry in $Conf{TarShareName}.

On the other hand, if you add --one-file-system to $Conf{TarClientCmd} you can backup each file system separately, which makes restoring one bad file system easier. In this case you would list all of the mount points here, since you can't get the same result with $Conf{BackupFilesOnly}:

$Conf{TarShareName} = ['/', '/var', '/data', '/boot'];



Linux History Tricks

Showing timestamp using HISTTIMEFORMAT

# export HISTTIMEFORMAT='%F %T '

Repeat previous commands

# !! ---------> execute the last run command
 

# !-4 --------> executed the 4th command executed
                from backward
 

# !c  --------> execute the command that you run last, 
                which start with the specific word c
 

# ctrl+P -----> will display the previous command
 

# ctrl+r -----> for reverse search the commands
 

# history | more,less ----> check the command that you 
               looking for and note its line number also
 

141  08:55:33 2012-02-02 clear ( her line number is 141) to execute this command run
 

    # !141
 

# cd !^   --------> !^ will get the next argument after cd command

Control the total number of lines in the history using HISTSIZE

Append the following two lines to the .bash_profile
 

HISTSIZE=450
HISTFILESIZE=450

Change the history file name using HISTFILE

By default, history is stored in ~/.bash_history file. Add the following line to the .bash_profile to store the history command in .commandline_warrior file instead of .bash_history file.


# vi ~/.bash_profile
HISTFILE=/root/.commandline_warrior

Eliminate the repeated entry from history using HISTCONTROL

In the following example pwd was typed three times, when you do history, you can see all the 3 continuous occurrences of it. To eliminate duplicates, set HISTCONTROL to ignoredups as shown below.


# export HISTCONTROL=ignoredups --- after giving this if u type any comands repeately it shows only once in commandline


Erase duplicates across the whole history using HISTCONTROL

The ignoredups shown above removes duplicates only if they are consecutive commands. To eliminate duplicates across the whole history, set the HISTCONTROL to erasedups as shown below.


# export HISTCONTROL=erasedups  ------> previous commands will not go, only commands that come after this will have its effect.

Force history not to remember a particular command using HISTCONTROL

When you execute a command, you can instruct history to ignore the command by setting HISTCONTROL to ignorespace AND typing a space in front of the command as shown below.


# export HISTCONTROL=ignorespace  ------> and when u execute a particular command, put a space before the command and that command will not showing in the history.

example:- # export HISTCONTROL=ignorespace
 

#  service httpd stop [Note that there is a space at the beginning of service,to ignore this command from history]

Disable the usage of history using HISTSIZE

If you want to disable history all together and don’t want bash shell to remember the commands you’ve typed, set the HISTSIZE to 0 as shown below.
 

# export HISTSIZE=0

Ignore specific commands from the history using HISTIGNORE

Sometimes you may not want to clutter your history with basic commands such as pwd and ls. Use HISTIGNORE to specify all the commands that you want to ignore from the history.


Please note that adding ls to the HISTIGNORE ignores only ls and not ls -l. So, you have to provide the exact command that you would like to ignore from the history.

# export HISTIGNORE="pwd:ls:ls -ltr:"

after this history will not record pwd, ls and ls -ltr

Samba File Server / Install SWAT

I. Server

# yum install samba samba-common samba-client
# yum install xinetd samba-swat

Daemon: /usr/sbin/smbd

Configuration File:  vim /etc/samba/smb.conf

Ports: 445 ------ smbd (tcp) linux service
       137 ------ nmbd (udp) windows servicing


# vim /etc/samba/smb.conf


[global]
workgroup = MYGROUP
server string = Samba Server Version %v

hosts allow = 127. 10.21. 192.168.

log file = /var/log/samba/%m.log

security = user
passdb backend = tdbsam

## Public Share With Read-Wright


[SAM]
comment = SharE DiR
path = /ctechz-samba
# Public is for anonymous user
public = yes
#valid users = jeff manu
writable = yes
browseable = yes
printable = yes
write list = +groupname /
#            @groupname

# service smb restart
# chkconfig smb on

# mkdir /ctechz-samba  ----> Share directory

# If writable = Yes and public access only then give,
# setfacl -m u:nobody:rwx /ctechz-samba

## Check the status of the samba configuration file using testparm

# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[SAM]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
        workgroup = MYGROUP
        server string = Samba Server Version %v
        passdb backend = tdbsam
        log file = /var/log/samba/%m.log
        hosts allow = 127., 10.21., 192.168.
        cups options = raw


[SAM]
        comment = SharE DiR
        path = /ctechz-samba
        read only = No
        guest ok = Yes
        printable = Yes
           

II. Client side access

# smbclient //10.21.2.110/SAM   -----------> It will ask for password, just press enter to ignore it
Password:
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.0.33-3.39.el5_8]
smb: \> ls
  .             D        0  Thu Dec 12 17:00:35 2013
  ..            D        0  Thu Dec 12 16:53:38 2013
  apr-0.9.4-24.5.i386.rpm  89620  Thu Dec 12 17:00:35 2013
  j             D        0  Thu Dec 12 17:00:37 2013

       50378 blocks of size 524288. 36841 blocks available

               
[root@localhost ~]# smbclient -N //10.21.2.110/SAM    

-----------> If we add -N it won't ask any password, It will neglect only for public access
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.0.33-3.39.el5_8]
smb: \> ls
  .          D        0  Thu Dec 12 17:00:35 2013
  ..         D        0  Thu Dec 12 16:53:38 2013
  apr-0.9.4-24.5.i386.rpm  89620  Thu Dec 12 17:00:35 2013
  j          D        0  Thu Dec 12 17:00:37 2013

        50378 blocks of size 524288. 36841 blocks available
smb: \>

III. Configuration with a valid user's

# vim /etc/samba/smb.conf


[global]
workgroup = MYGROUP
server string = Samba Server Version %v

hosts allow = 127. 10.21. 192.168.

log file = /var/log/samba/%m.log

security = user
passdb backend = tdbsam

## Public Share With Read-Wright


[SAM]
comment = SharE DiR
path = /ctechz-samba
valid users = jeff manu
writable = yes
browseable = yes
printable = yes
write list = +groupname /
#            @groupname

# service smb restart
# chkconfig smb on

# mkdir /ctechz-samba

# useradd jeffy
# smbpasswd -a jeffy
New SMB password:
Retype new SMB password:
Added user jeffy.

# smbpasswd -e jeffy   -------> For enabling smb user
Enabled user jeffy.

If it is a valid user,
# chmod 700 /ctechz-samba
# setfacl -m u:jeffy:rwx /ctechz-samba

# service smb restart
# chkconfig smb on

IV. SMB Client for temporary mounting

# smbclient //serverIP/ShareName

# smbclient //serverIP/ShareName -U username 

------> If their is a valid user

# smbclient //10.21.2.110/SAM -U jeffy
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
[root@localhost ~]#
[root@localhost ~]# smbclient //10.21.2.110/SAM -U jeffy
Password:
Domain=[LOCALHOST] OS=[Unix] Server=[Samba 3.0.33-3.39.el5_8]
smb: \> ls
  .             D        0  Thu Dec 12 17:00:35 2013
  ..            D        0  Thu Dec 12 16:53:38 2013
  apr-0.9.4-24.5.i386.rpm 89620  Thu Dec 12 17:00:35 2013
  j             D        0  Thu Dec 12 17:00:37 2013

       50378 blocks of size 524288. 36841 blocks available

If browsing from the client take a web browser and give the URL, Or take it in the file browser first


# smb://ServerIP/ShareName

V. Permenent Mounting

# vim /etc/fstab
//10.21.2.110/SAM  /ctechz-samba  cifs  defaults,username = jeffy, password = jeffy 0 0
# mount -a

# mount.cifs //10.21.2.110/SAM /ctechz-samba -o username=jeffy,password=jeffy
# vim /etc/fstab
//10.21.2.110/SAM  /ctechz-samba  cifs  defaults,credentials=/opt/smbpasswdFile:wq

# mount -a

# vim /opt/smbpasswdFile
username=jeffy
password=jeffy


# chmod 600 /opt/smbpasswdFile