|
BackupPC |
This documentation describes BackupPC version 2.0.2, released on 6 Oct 2003.
BackupPC is a high-performance, enterprise-grade system for backing up Linux and WinXX PCs, desktops and laptops to a server's disk. BackupPC is highly configurable and easy to install and maintain.
Given the ever decreasing cost of disks and raid systems, it is now practical and cost effective to backup a large number of machines onto a server's local disk or network storage. For some sites this might be the complete backup solution. For other sites additional permanent archives could be created by periodically backing up the server to tape.
Features include:
BackupPC can also be configured to keep a certain number of incremental backups, and to keep a smaller number of very old incremental backups. (BackupPC does not support multi-level incremental backups, although it would be easy to do so.)
BackupPC's CGI interface ``fills-in'' incremental backups based on the last full backup, giving every backup a ``full'' appearance. This makes browsing and restoring backups easier.
BackupPC saves backups onto disk. Because of pooling you can relatively economically keep several weeks of old backups. But BackupPC does not provide permanent storage to tape. Other Open Source applications can do this by backing up BackupPC's pool directories to tape.
At some sites the disk-based backup will be adequate, without a secondary tape backup. This system is robust to any single failure: if a client disk fails or loses files, the BackupPC server can be used to restore files. If the server disk fails, BackupPC can be restarted on a fresh file system, and create new backups from the clients. The chance of the server disk failing can be made very small by spending more money on increasingly better RAID systems.
At other sites a secondary tape backup will be required. This tape backup can be done perhaps weekly from the BackupPC pool file system.
http://backuppc.sourceforge.net
This page has links to the current documentation, the SourceForge project page and general information.
http://sourceforge.net/projects/backuppc
This page has links to the current releases of BackupPC.
You can subscribe to these lists by visiting:
http://lists.sourceforge.net/lists/listinfo/backuppc-announce
http://lists.sourceforge.net/lists/listinfo/backuppc-users
http://lists.sourceforge.net/lists/listinfo/backuppc-devel
The backuppc-announce list is moderated and is used only for important announcements (eg: new versions). It is low traffic. You only need to subscribe to one of backuppc-announce and backuppc-users: backuppc-users also receives any messages on backuppc-announce.
The backuppc-devel list is only for developers who are working on BackupPC. Do not post questions or support requests there. But detailed technical discussions should happen on this list.
To post a message to the backuppc-users list, send an email to
backuppc-users@lists.sourceforge.net
Do not send subscription requests to this address!
Unison is a utility that can do two-way, interactive, synchronization. See http://www.cis.upenn.edu/~bcpierce/unison.
Three popular open source packages that do tape backup are Amanda (http://www.amanda.org), afbackup (http://sourceforge.net/projects/afbackup), and Bacula (http://www.bacula.org). Amanda can also backup WinXX machines to tape using samba. These packages can be used as back ends to BackupPC to backup the BackupPC server data to tape.
Various programs and scripts use rsync to provide hardlinked backups. See, for example, Mike Rubel's site (http://www.mikerubel.org), J. W. Schultz's dirvish (http://www.pegasys.ws/dirvish), and John Bowman's rlbackup (http://www.math.ualberta.ca/imaging/rlbackup). BackupPC provides many additional features, such as compressed storage, hardlinking any matching files (rather than just files with the same name), and storing special files without root privileges. But these other scripts provide simple and effective solutions and are worthy of consideration.
Here are some ideas for new features that might appear in future releases of BackupPC:
(Note: this has already been implemented in 2.0.0.)
Comments and suggestions are welcome.
BackupPC is free. I work on BackupPC because I enjoy doing it and I like to contribute to the open source community.
BackupPC already has more than enough features for my own needs. The main compensation for continuing to work on BackupPC is knowing that more and more people find it useful. So feedback is certainly appreciated. Even negative feedback is helpful, for example ``We evaluated BackupPC but didn't use it because it doesn't ...''.
Beyond being a satisfied user and telling other people about it, everyone is encouraged to add links to http://backuppc.sourceforge.net (I'll see then via Google) or otherwise publicize BackupPC. Unlike the commercial products in this space, I have a zero budget (in both time and money) for marketing, PR and advertising, so it's up to all of you!
Also, everyone is encouraged to contribute patches, bug reports, feature and design suggestions, code, and documentation corrections or improvements.
BackupPC requires:
When BackupPC starts with an empty pool, all the backup data will be written to the pool on disk. After more backups are done, a higher percentage of incoming files will already be in the pool. BackupPC is able to avoid writing to disk new files that are already in the pool. So over time disk writes will reduce significantly (by perhaps a factor of 20 or more), since eventually 95% or more of incoming backup files are typically in the pool. Disk reads from the pool are still needed to do file compares to verify files are an exact match. So, with a mature pool, if a relatively fast client generates data at say 1MB/sec, and you run 4 simultaneous backups, there will be an average server disk load of about 4MB/sec reads and 0.2MB/sec writes (assuming 95% of the incoming files are in the pool). These rates will be perhaps 40% lower if compression is on.
The File::RsyncP module is available from http://perlrsync.sourceforge.net or CPAN. You'll need to install the File::RsyncP module if you want to use Rsync as a transport method.
See http://www.samba.org for source and binaries. It's pretty easy to fetch and compile samba, and just grab smbclient and nmblookup, without doing the installation. Alternatively, http://www.samba.org has binary distributions for most platforms.
Note: samba version 3.0.0 (the first official 3.0 release as of 9/24/03) still has two known smbclient bugs. If you want to use samba 3.0.0, be sure to use the latest release. For 3.0.0 please apply the following two patches:
https://bugzilla.samba.org/show_bug.cgi?id=389
https://bugzilla.samba.org/show_bug.cgi?id=563
Hopefully any release after 3.0.0 will have these patches applied. Smbclient does not work correctly in earlier versions of 3.0.0 (eg: 3.0.0rc1); you must use the official 3.0.0.
For BackupPC to use Rsync you will also need to install the perl File::RsyncP module, which is available from http://perlrsync.sourceforge.net. Version 0.44 or later is required.
Here's one real example for an environment that is backing up 65 laptops with compression off. Each full backup averages 3.2GB. Each incremental backup averages about 0.2GB. Storing one full backup and two incremental backups per laptop is around 240GB of raw data. But because of the pooling of identical files, only 87GB is used. This is without compression.
Another example, with compression on: backing up 95 laptops, where each backup averages 3.6GB and each incremental averages about 0.3GB. Keeping three weekly full backups, and six incrementals is around 1200GB of raw data. Because of pooling and compression, only 150GB is needed.
Here's a rule of thumb. Add up the C drive usage of all the machines you want to backup (210GB in the first example above). This is a rough minimum space estimate that should allow a couple of full backups and at least half a dozen incremental backups per machine. If compression is on you can reduce the storage requirements by maybe 30-40%. Add some margin in case you add more machines or decide to keep more old backups.
Your actual mileage will depend upon the types of clients, operating systems and applications you have. The more uniform the clients and applications the bigger the benefit from pooling common files.
For example, the Eudora email tool stores each mail folder in a separate file, and attachments are extracted as separate files. So in the sadly common case of a large attachment emailed to many recipients, Eudora will extract the attachment into a new file. When these machines are backed up, only one copy of the file will be stored on the server, even though the file appears in many different full or incremental backups. In this sense Eudora is a ``friendly'' application from the point of view of backup storage requirements.
An example at the other end of the spectrum is Outlook. Everything (email bodies, attachments, calendar, contact lists) is stored in a single file, which often becomes huge. Any change to this file requires a separate copy of the file to be saved during backup. Outlook is even more troublesome, since it keeps this file locked all the time, so it cannot be read by smbclient whenever Outlook is running. See the Limitations section for more discussion of this problem.
Download the latest version from http://backuppc.sourceforge.net.
First off, there are three perl modules you should install. These are all optional, but highly recommended:
To build and install these packages, fetch the tar.gz file and then run these commands:
tar zxvf Archive-Zip-1.01.tar.gz
cd Archive-Zip-1.01
perl Makefile.PL
make
make test
make install
The same sequence of commands can be used for each module.
Now let's move onto BackupPC itself. After fetching BackupPC-2.0.2.tar.gz, run these commands as root:
tar zxf BackupPC-2.0.2.tar.gz
cd BackupPC-2.0.2
perl configure.pl
You will be prompted for the full paths of various executables, and you will be prompted for the following information:
On this installation, this is backuppc.
On this installation, this is /var/lib/backuppc.
On this installation, this is /usr/share/backuppc.
On this installation, this is /usr/share/backuppc/cgi-bin.
After running configure.pl, browse through the config file, /usr/share/backuppc/conf/config.pl, and make sure all the default settings are correct. In particular, you will need to decide whether to use smb or tar transport (or whether to set it on a per-PC basis), set the smb share password (if using smb), set the backup policies and modify the email message headers and bodies.
BackupPC needs to know the smb share user name and password for each PC that uses smb (ie: all the WinXX clients). The user name is specified in $Conf{SmbShareUserName}. There are four ways to tell BackupPC the smb share password:
Placement and protection of the smb share password is a possible security risk, so please double-check the file and directory permissions. In a future version there might be support for encryption of this password, but a private key will still have to be stored in a protected place. Suggestions are welcome.
The file /var/lib/backuppc/conf/hosts contains the list of clients to backup. BackupPC reads this file in three cases:
Whenever you change the hosts file (to add or remove a host) you can either do a kill -HUP BackupPC_pid or simply wait until the next regular wakeup period.
Each line in the hosts file contains three fields, separated by white space:
Please read the section How BackupPC Finds Hosts.
In certain cases you might want several distinct clients to refer to the same physical machine. For example, you might have a database you want to backup, and you want to bracket the backup of the database with shutdown/restart using $Conf{DumpPreUserCmd} and $Conf{DumpPostUserCmd}. But you also want to backup the rest of the machine while the database is still running. In the case you can specify two different clients in the host file, using any mnemonic name (eg: myhost_mysql and myhost), and use $Conf{ClientNameAlias} in myhost_mysql's config.pl to specify the real host name of the machine.
You only need to set DHCP to 1 if your client machine doesn't respond to the NetBios multicast request:
nmblookup myHost
but does respond to a request directed to its IP address:
nmblookup -A W.X.Y.Z
If you do set DHCP to 1 on any client you will need to specify the range of DHCP addresses to search is specified in $Conf{DHCPAddressRanges}.
Note also that the $Conf{ClientNameAlias} feature does not work for clients with DHCP set to 1.
=item User name
This should be the unix login/email name of the user who ``owns'' or uses this machine. This is the user who will be sent email about this machine, and this user will have permission to stop/start/browse/restore backups for this host. Leave this blank if no specific person should receive email or be allowed to stop/start/browse/restore backups for this host. Administrators will still have full permissions.
The first non-comment line of the hosts file is special: it contains the names of the columns and should not be edited.
Here's a simple example of a hosts file:
host dhcp user moreUsers
farside 0 craig jim,dave
larson 1 gary andy
Two methods for getting backup data from a client are supported: smb and tar. Smb is the preferred method for WinXX clients and tar is preferred method for linux/unix clients.
The transfer method is set using the $Conf{XferMethod} configuration setting. If you have a mixed environment (ie: you will use smb for some clients and tar for others), you will need to pick the most common choice for $Conf{XferMethod} for the main config.pl file, and then override it in the per-PC config file for those hosts that will use the other method. (Or you could run two completely separate instances of BackupPC, with different data directories, one for WinXX and the other for linux/unix, but then common files between the different machine types will duplicated.)
Here are some brief client setup notes:
If you want to use rsyncd for WinXX clients you can find a pre-packaged zip file on http://backuppc.sourceforge.net. The package is called cygwin-rsync. It contains rsync.exe, template setup files and the minimal set of cygwin libraries for everything to run. The README file contains instructions for running rsync as a service, so it starts automatically everytime you boot your machine.
Otherwise, to use SMB, you need to create shares for the data you want to backup. Open ``My Computer'', right click on the drive (eg: C), and select ``Sharing...'' (or select ``Properties'' and select the ``Sharing'' tab). In this dialog box you can enable sharing, select the share name and permissions. Many machines will be configured by default to share the entire C drive as C$ using the administrator password.
If this machine uses DHCP you will also need to make sure the NetBios name is set. Go to Control Panel|System|Network Identification (on Win2K) or Control Panel|System|Computer Name (on WinXP). Also, you should go to Control Panel|Network Connections|Local Area Connection|Properties|Internet Protocol (TCP/IP)|Properties|Advanced|WINS and verify that NetBios is not disabled.
As an alternative to setting $Conf{XferMethod} to ``smb'' (using smbclient) for WinXX clients, you can use an smb network filesystem (eg: ksmbfs or similar) on your linux/unix server to mount the share, and then set $Conf{XferMethod} to ``tar'' (use tar on the network mounted file system).
Also, to make sure that file names with 8-bit characters are correctly transferred by smbclient you should add this to samba's smb.conf file:
[global]
# Accept the windows charset
client code page = 850
character set = ISO8859-1
This setting should work for western europe. See http://www.oreilly.com/catalog/samba/chapter/book/ch08_03.html for more information about settings for other languages.
You can use either rsync, smb, or tar for linux/unix machines. Smb requires that the Samba server (smbd) be run to provide the shares. Since the smb protocol can't represent special files like symbolic links and fifos, tar and rsync are the better transport methods for linux/unix machines. (In fact, by default samba makes symbolic links look like the file or directory that they point to, so you could get an infinite loop if a symbolic link points to the current or parent directory. If you really need to use Samba shares for linux/unix backups you should turn off the ``follow symlinks'' samba config setting. See the smb.conf manual page.)
The requirements for each Xfer Method are:
The relevant configuration settings are $Conf{TarClientPath}, $Conf{TarShareName}, $Conf{TarClientCmd}, $Conf{TarFullArgs}, $Conf{TarIncrArgs}, and $Conf{TarClientRestoreCmd}.
The relevant configuration settings are $Conf{RsyncClientPath}, $Conf{RsyncClientCmd}, $Conf{RsyncClientRestoreCmd}, $Conf{RsyncShareName}, $Conf{RsyncArgs}, $Conf{RsyncRestoreArgs} and $Conf{RsyncLogLevel}.
The relevant configuration settings are $Conf{RsyncdClientPort}, $Conf{RsyncdUserName}, $Conf{RsyncdPasswd}, $Conf{RsyncdAuthRequired}, $Conf{RsyncShareName}, $Conf{RsyncArgs}, $Conf{RsyncRestoreArgs} and $Conf{RsyncLogLevel}. In the case of rsyncd, $Conf{RsyncShareName} is the name of an rsync module (ie: the thing in square brackets in rsyncd's conf file -- see rsyncd.conf), not a file system path.
For linux/unix machines you should not backup ``/proc''. This directory contains a variety of files that look like regular files but they are special files that don't need to be backed up (eg: /proc/kcore is a regular file that contains physical memory). See $Conf{BackupFilesExclude}. It is safe to back up /dev since it contains mostly character-special and block-special files, which are correctly handed by BackupPC (eg: backing up /dev/hda5 just saves the block-special file information, not the contents of the disk).
Alternatively, rather than backup all the file systems as a single share (``/''), it is easier to restore a single file system if you backup each file system separately. To do this you should list each file system mount point in $Conf{TarShareName} or $Conf{RsyncShareName}, and add the --one-file-system option to $Conf{TarClientCmd} or add --one-file-system (note the different punctuation) to $Conf{RsyncArgs}. In this case there is no need to exclude /proc explicitly since it looks like a different file system.
Next you should decide whether to run tar over ssh, rsh or nfs. Ssh is the preferred method. Rsh is not secure and therefore not recommended. Nfs will work, but you need to make sure that the BackupPC user (running on the server) has sufficient permissions to read all the files below the nfs mount.
Ssh allows BackupPC to run as a privileged user on the client (eg: root), since it needs sufficient permissions to read all the backup files. Ssh is setup so that BackupPC on the server (an otherwise low privileged user) can ssh as root on the client, without being prompted for a password. There are two common versions of ssh: v1 and v2. Here are some instructions for one way to setup ssh. (Check which version of SSH you have by typing ``ssh'' or ``man ssh''.)
ssh-keygen -t rsa -N ''
This will save the public key in ~/.ssh/id_rsa.pub and the private key in ~/.ssh/id_rsa.
ssh-keygen -t rsa -N ''
cp ~/.ssh/id_rsa.pub ~/.ssh/BackupPC_id_rsa.pub
See the ssh and sshd manual pages for extra configuration information.
touch ~/.ssh/authorized_keys2
cat BackupPC_id_rsa.pub >> ~/.ssh/authorized_keys2
You should edit ~/.ssh/authorized_keys2 and add further specifiers, eg: from, to limit which hosts can login using this key. For example, if your BackupPC host is called backuppc.my.com, there should be one line in ~/.ssh/authorized_keys2 that looks like:
from="backuppc.my.com" ssh-rsa [base64 key, eg: ABwBCEAIIALyoqa8....]
chmod -R go-rwx ~/.ssh
You should do the same thing for the BackupPC user on the server.
ssh -l root clientHostName whoami
prints
root
You might be prompted the first time to accept the client's host key and you might be prompted for root's password on the client. Make sure that this command runs cleanly with no prompts after the first time. You might need to check /etc/hosts.equiv on the client. Look at the man pages for more information. The ``-v'' option to ssh is a good way to get detailed information about what fails.
ssh-keygen2 -t rsa -P
or:
ssh-keygen -t rsa -N ''
(This command might just be called ssh-keygen on your machine.)
This will save the public key in /.ssh2/id_rsa_1024_a.pub and the private key in /.ssh2/id_rsa_1024_a.
echo "IdKey id_rsa_1024_a" > /.ssh2/identification
ssh-keygen2 -t rsa -P
mv ~/.ssh2/id_rsa_1024_a.pub ~/.ssh2/BackupPC_id_rsa_1024_a.pub
mv ~/.ssh2/id_rsa_1024_a ~/.ssh2/BackupPC_id_rsa_1024_a
echo "IdKey BackupPC_id_rsa_1024_a" > ~/.ssh2/identification
Based on your ssh2 configuration, you might also need to turn off StrictHostKeyChecking and PasswordAuthentication:
touch ~/.ssh2/ssh2_config
echo "StrictHostKeyChecking ask" >> ~/.ssh2/ssh2_config
echo "PasswordAuthentication no" >> ~/.ssh2/ssh2_config
touch /.ssh2/authorization
echo "Key BackupPC_id_rsa_1024_a.pub" >> /.ssh2/authorization
chmod -R go-rwx /.ssh2
You should do the same thing for the BackupPC user on the server.
ssh2 -l root clientHostName whoami
prints
root
You might be prompted the first time to accept the client's host key and you might be prompted for root's password on the client. Make sure that this command runs cleanly with no prompts after the first time. You might need to check /etc/hosts.equiv on the client. Look at the man pages for more information. The ``-v'' option to ssh2 is a good way to get detailed information about what fails.
First, run ssh-keygen on the client (as root) and server (as the BackupPC user) and simply hit enter when prompted for the pass-phrase:
ssh-keygen
This will save the public key in /.ssh/identity.pub and the private key in /.ssh/identity.
Next, append BackupPC's ~/.ssh/identity.pub (from the server) to root's /.ssh/authorized_keys file on the client. It's a single long line that you can cut-and-paste with an editor (make sure it remains a single line).
Next, force protocol version 1 by adding:
Protocol 1
to BackupPC's ~/.ssh/config on the server.
Next, run ``chmod -R go-rwx ~/.ssh'' on the server and ``chmod -R go-rwx /.ssh'' on the client.
Finally, test using:
ssh -l root clientHostName whoami
Finally, if this machine uses DHCP you will need to run nmbd (the NetBios name server) from the Samba distribution so that the machine responds to a NetBios name request. See the manual page and Samba documentation for more information.
The installation contains an init.d backuppc script that can be copied to /etc/init.d so that BackupPC can auto-start on boot. See init.d/README for further instructions.
BackupPC should be ready to start. If you installed the init.d script, then you should be able to run BackupPC with:
/etc/init.d/backuppc start
(This script can also be invoked with ``stop'' to stop BackupPC and ``reload'' to tell BackupPC to reload config.pl and the hosts file.)
Otherwise, just run
/usr/share/backuppc/bin/BackupPC -d
as user backuppc. The -d option tells BackupPC to run as a daemon (ie: it does an additional fork).
Any immediate errors will be printed to stderr and BackupPC will quit. Otherwise, look in /var/lib/backuppc/log/LOG and verify that BackupPC reports it has started and all is ok.
Note: as of version 1.5.0, BackupPC no longer supports telnet to its TCP port. First off, a unix domain socket is used instead of a TCP port. (The TCP port can still be re-enabled if your installation has apache and BackupPC running on different machines.) Secondly, even if you still use the TCP port, the messages exchanged over this interface are now protected by an MD5 digest based on a shared secret (see $Conf{ServerMesgSecret}) as well as sequence numbers and per-session unique keys, preventing forgery and replay attacks.
You should verify that BackupPC is running by using BackupPC_serverMesg. This sends a message to BackupPC via the unix (or TCP) socket and prints the response.
You can request status information and start and stop backups using this interface. This socket interface is mainly provided for the CGI interface (and some of the BackupPC sub-programs use it too). But right now we just want to make sure BackupPC is happy. Each of these commands should produce some status output:
/usr/share/backuppc/bin/BackupPC_serverMesg status info
/usr/share/backuppc/bin/BackupPC_serverMesg status jobs
/usr/share/backuppc/bin/BackupPC_serverMesg status hosts
The output should be some hashes printed with Data::Dumper. If it looks cryptic and confusing, and doesn't look like an error message, then all is ok.
The jobs status should initially show just BackupPC_trashClean. The hosts status should produce a list of every host you have listed in /var/lib/backuppc/conf/hosts as part of a big cryptic output line.
You can also request that all hosts be queued:
/usr/share/backuppc/bin/BackupPC_serverMesg backup all
At this point you should make sure the CGI interface works since it will be much easier to see what is going on. That's our next subject.
The CGI interface script, BackupPC_Admin, is a powerful and flexible way to see and control what BackupPC is doing. It is written for an Apache server. If you don't have Apache, see http://www.apache.org.
There are two options for setting up the CGI interface: standard mode and using mod_perl. Mod_perl provides much higher performance (around 15x) and is the best choice if your Apache was built with mod_perl support. To see if your apache was built with mod_perl run this command:
httpd -l | egrep mod_perl
If this prints mod_perl.c then your Apache supports mod_perl.
Using mod_perl with BackupPC_Admin requires a dedicated Apache to be run as the BackupPC user (backuppc). This is because BackupPC_Admin needs permission to access various files in BackupPC's data directories. In contrast, the standard installation (without mod_perl) solves this problem by having BackupPC_Admin installed as setuid to the BackupPC user, so that BackupPC_Admin runs as the BackuPC user.
Here are some specifics for each setup:
You should be very careful about permissions on BackupPC_Admin and the directory /usr/share/backuppc/cgi-bin: it is important that normal users cannot directly execute or change BackupPC_Admin, otherwise they can access backup files for any PC. You might need to change the group ownership of BackupPC_Admin to a group that Apache belongs to so that Apache can execute it (don't add ``other'' execute permission!). The permissions should look like this:
ls -l /usr/share/backuppc/cgi-bin/BackupPC_Admin
-swxr-x--- 1 backuppc web 82406 Jun 17 22:58 /usr/share/backuppc/cgi-bin/BackupPC_Admin
The setuid script won't work unless perl on your machine was installed with setuid emulation. This is likely the problem if you get an error saying such as ``Wrong user: my userid is 25, instead of 150'', meaning the script is running as the httpd user, not the BackupPC user. This is because setuid scripts are disabled by the kernel in most flavors of unix and linux.
To see if your perl has setuid emulation, see if there is a program called sperl5.6.0 or sperl5.6.1 in the place where perl is installed. If you can't find this program, then you have two options: rebuild and reinstall perl with the setuid emulation turned on (answer ``y'' to the question ``Do you want to do setuid/setgid emulation?'' when you run perl's configure script), or switch to the mod_perl alternative for the CGI script (which doesn't need setuid to work).
To use mod_perl you need to run Apache as user backuppc. If you need to run multiple Apache's for different services then you need to create multiple top-level Apache directories, each with their own config file. You can make copies of /etc/init.d/httpd and use the -d option to httpd to point each http to a different top-level directory. Or you can use the -f option to explicitly point to the config file. Multiple Apache's will run on different Ports (eg: 80 is standard, 8080 is a typical alternative port accessed via http://yourhost.com:8080).
Inside BackupPC's Apache http.conf file you should check the settings for ServerRoot, DocumentRoot, User, Group, and Port. See http://httpd.apache.org/docs/server-wide.html for more details.
For mod_perl, BackupPC_Admin should not have setuid permission, so you should turn it off:
chmod u-s /usr/share/backuppc/cgi-bin/BackupPC_Admin
To tell Apache to use mod_perl to execute BackupPC_Admin, add this to Apache's 1.x httpd.conf file:
<IfModule mod_perl.c>
PerlModule Apache::Registry
PerlTaintCheck On
<Location /cgi-bin/BackupPC/BackupPC_Admin> # <--- change path as needed
SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
PerlSendHeader On
</Location>
</IfModule>
Apache 2.0.44 with Perl 5.8.0 on RedHat 7.1, Don Silvia reports that this works:
LoadModule perl_module modules/mod_perl.so
PerlModule Apache2
<Location /path/to/cgi/>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
Order deny,allow
Deny from all
Allow from 192.168.0
AuthName "Backup Admin"
AuthType Basic
AuthUserFile /path/to/user_file
Require valid-user
</Location>
There are other optimizations and options with mod_perl. For example, you can tell mod_perl to preload various perl modules, which saves memory compared to loading separate copies in every Apache process after they are forked. See Stas's definitive mod_perl guide at http://perl.apache.org/guide.
BackupPC_Admin requires that users are authenticated by Apache. Specifically, it expects that Apache sets the REMOTE_USER environment variable when it runs. There are several ways to do this. One way is to create a .htaccess file in the cgi-bin directory that looks like:
AuthGroupFile /etc/httpd/conf/group # <--- change path as needed
AuthUserFile /etc/http/conf/passwd # <--- change path as needed
AuthType basic
AuthName "access"
require valid-user
You will also need ``AllowOverride Indexes AuthConfig'' in the Apache httpd.conf file to enable the .htaccess file. Alternatively, everything can go in the Apache httpd.conf file inside a Location directive. The list of users and password file above can be extracted from the NIS passwd file.
One alternative is to use LDAP. In Apache's http.conf add these lines:
LoadModule auth_ldap_module modules/auth_ldap.so
AddModule auth_ldap.c
# cgi-bin - auth via LDAP (for BackupPC)
<Location /cgi-binBackupPC/BackupPC_Admin> # <--- change path as needed
AuthType Basic
AuthName "BackupPC login"
# replace MYDOMAIN, PORT, ORG and CO as needed
AuthLDAPURL ldap://ldap.MYDOMAIN.com:PORT/o=ORG,c=CO?uid?sub?(objectClass=*)
require valid-user
</Location>
If you want to disable the user authentication you can set $Conf{CgiAdminUsers} to '*', which allows any user to have full access to all hosts and backups. In this case the REMOTE_USER environment variable does not have to be set by Apache.
Alternatively, you can force a particular user name by getting Apache to set REMOTE_USER, eg, to hardcode the user to www you could add this to Apache's httpd.conf:
<Location /cgi-bin/BackupPC/BackupPC_Admin> # <--- change path as needed
Setenv REMOTE_USER www
</Location>
Finally, you should also edit the config.pl file and adjust, as necessary, the CGI-specific settings. They're near the end of the config file. In particular, you should specify which users or groups have administrator (privileged) access: see the config settings $Conf{CgiAdminUserGroup} and $Conf{CgiAdminUsers}. Also, the configure.pl script placed various images into $Conf{CgiImageDir} that BackupPC_Admin needs to serve up. You should make sure that $Conf{CgiImageDirURL} is the correct URL for the image directory.
See the section Debugging installation problems for suggestions on debugging the Apache authentication setup.
Starting with v2.0.0 the way hosts are discovered has changed. In most cases you should specify 0 for the DHCP flag in the conf/hosts file, even if the host has a dynamically assigned IP address.
BackupPC (starting with v2.0.0) looks up hosts with DHCP = 0 in this manner:
gethostbyname() function. This should succeed for machines
that have fixed IP addresses that are known via DNS. You can manually
see whether a given host have a DNS entry according to perls'
gethostbyname function with this command:
perl -e 'print(gethostbyname("myhost") ? "ok\n" : "not found\n");'
gethostbyname() fails, BackupPC then attempts a NetBios multicast to
find the host. Provided your client machine is configured properly,
it should respond to this NetBios multicast request. Specifically,
BackupPC runs a command of this form:
nmblookup myhost
If this fails you will see output like:
querying myhost on 10.10.255.255
name_query failed to find name myhost
If this success you will see output like:
querying myhost on 10.10.255.255
10.10.1.73 myhost<00>
Depending on your netmask you might need to specify the -B option to nmblookup. For example:
nmblookup -B 10.10.1.255 myhost
If necessary, experiment on the nmblookup command that will return the IP address of the client given its name. Then update $Conf{NmbLookupFindHostCmd} with any necessary options to nmblookup.
For hosts that have the DHCP flag set to 1, these machines are discovered as follows:
nmblookup -A W.X.Y.Z
where W.X.Y.Z is each candidate address from $Conf{DHCPAddressRanges}. Any host that has a valid NetBIOS name returned by this command (ie: matching an entry in the hosts file) will be backed up. You can modify the specific nmblookup command if necessary via $Conf{NmbLookupCmd}.
nmblookup myHost
but does respond to a request directed to its IP address:
nmblookup -A W.X.Y.Z
To disable backups for a client there are two special values for $Conf{FullPeriod} in that client's per-PC config.pl file:
This will still allow that client's old backups to be browsable and restorable.
To completely remove a client and all its backups, you should remove its entry in the conf/hosts file, and then delete the /var/lib/backuppc/pc/$host directory. Whenever you change the hosts file, you should send BackupPC a HUP (-1) signal so that it re-reads the hosts file. If you don't do this, BackupPC will automatically re-read the hosts file at the next regular wakeup.
Note that when you remove a client's backups you won't initially recover a lot of disk space. That's because the client's files are still in the pool. Overnight, when BackupPC_nightly next runs, all the unused pool files will be deleted and this will recover the disk space used by the client's backups.
The backup data directories contain large numbers of hardlinks. If you try to copy the pool the target directory will occupy a lot more space if the hardlinks aren't re-established.
The GNU cp program with the -a option is aware of hardlinks and knows to re-establish them. So GNU cp -a is the recommended way to copy the data directory and pool. Don't forget to stop BackupPC while the copy runs.
BackupPC_compressPool compresses all the files in the uncompressed pool (/var/lib/backuppc/pool) and moves them to the compressed pool (/var/lib/backuppc/cpool). It rewrites the files in place, so that the existing hardlinks are not disturbed.
The rest of this section discusses how to run BackupPC_compressPool.
BackupPC_compressPool takes three command line options:
Here are the recommended steps for running BackupPC_compressPool:
BackupPC_compressPool -t -r
The -t option (test mode) makes BackupPC_compressPool do all the steps, but not actually change anything. The -r option re-reads the compressed file and compares it against the original.
BackupPC_compressPool gives a status as it completes each 1% of the job. It also shows the cumulative compression ratio and estimated completion time. Once you are comfortable that things look ok, you can kill BackupPC_compressPool or wait for it to finish.
BackupPC_compressPool
You should put the output into a file and tail this file. (The running time could be twice as long as the test mode since the test mode file writes are immediately followed by an unlink, so in test mode it is likely the file writes never make it to disk.)
It is critical that BackupPC_compressPool runs to completion before re-starting BackupPC. Before BackupPC_compressPool completes, none of the existing backups will be in a consistent state. If you must stop BackupPC_compressPool for some reason, send it an INT or TERM signal and give it several seconds (or more) to clean up gracefully. After that, you can re-run BackupPC_compressPool and it will start again where it left off. Once again, it is critical that it runs to 100% completion.
After BackupPC_compressPool completes you should have a complete set of compressed backups (and your disk usage should be lower). You can now re-start BackupPC.
This section will probably grow based on the types of questions on the BackupPC mail list. Eventually the FAQ at http://backuppc.sourceforge.net/faq/ will include more details than this section.
First, try running BackupPC_Admin manually as the BackupPC user, eg:
su backuppc
/usr/share/backuppc/cgi-bin/BackupPC_Admin
Now try running it as the httpd user (which ever user apache runs as);
su httpd
/usr/share/backuppc/cgi-bin/BackupPC_Admin
In both cases do you get normal html output?
If the first case works but the second case fails with an error that the wrong user is running the script then you have a setuid problem. (This assumes you are running BackupPC_Admin without mod_perl, and you therefore need seduid to work. If you are using mod_perl then apache should run as user backuppc.)
First you should make sure the cgi-bin directory is on a file system that doesn't have the ``nosuid'' mount option.
Next, experiment by creating this script:
#!/bin/perl
printf("My userid is $> (%s)\n", (getpwuid($>))[0]);
then chown it to backuppc and chmod u+s:
root# chown backuppc testsetuid
root# chmod u+s testsetuid
root# chmod a+x testsetuid
root# ls -l testsetuid
-rwsr-xr-x 1 backuppc wheel 76 Aug 26 09:46 testsetuid*
Now run this program as a normal user. What uid does it print? Try changing the first line of the script to directly call sperl:
#!/usr/bin/sperl5.8.0
(modify according to your version and path). Does this work instead?
Finally, you should invoke the CGI script from a browser, using a URL like:
http://myHost/cgi-bin/BackupPC/BackupPC_Admin
You should make sure REMOTE_USER is being set by apache (see the earlier section) so that user authentication works. Make sure the config settings $Conf{CgiAdminUserGroup} and $Conf{CgiAdminUsers} correctly specify the privileged administrator users.
Only privileged users can view information about host xyz
it means that BackupPC_Admin is unable to match the user's login name (supplied by Apache via the REMOTE_USER environment variable) with either that host's user name (in the conf/hosts file) or with the administrators specified in the $Conf{CgiAdminUsers} or $Conf{CgiAdminUserGroup} settings.
The most common problem is that REMOTE_USER is not set because the Apache authentication is not correctly configured. In this case BackupPC_Admin will report this additional error:
Note: $ENV{REMOTE_USER} is not set, which could mean there is an
installation problem. BackupPC_Admin expects Apache to authenticate
the user and pass their user name into this script as the REMOTE_USER
environment variable. See the documentation.
You should review the configuration instructions to setup Apache authentication correctly. To test if REMOTE_USER is being set correctly, there is a simple script called printenv that is included with Apache. This is a simple CGI script that prints out all the environment variables. Place this script in the same directory as BackupPC_Admin and run it with a URL like:
http://myHost/cgi-bin/BackupPC/printenv
Check the value of the REMOTE_USER environment variable. Here's a copy of the printenv script:
#!/usr/bin/perl
##
## printenv -- demo CGI program which just prints its environment
##
print "Content-type: text/plain\n\n";
foreach $var (sort(keys(%ENV))) {
$val = $ENV{$var};
$val =~ s|\n|\\n|g;
$val =~ s|"|\\"|g;
print "${var}=\"${val}\"\n";
}
The BackupPC_dump command now has a -v option, so the easiest way to debug backup problems on a specific host is to run BackupPC_dump manually as the BackupPC user:
su backuppc
/usr/share/backuppc/bin/BackupPC_dump -v -f hostName
This will run a full dump on hostName (replace with your host name). It will show each command (eg: ping, nmblookup and the full dump commands) and the output from each command. Reading the output carefully should show you what the problem is.
You can also verify that nmblookup correctly returns the netbios name. This is essential for DHCP hosts, and depending upon the setting of $Conf{FixedIPNetBiosNameCheck} might also be required for fixed IP address hosts too. Run this command:
nmblookup -A hostName
Verify that the host name is printed. The output might look like:
received 7 names
DELLLS13 <00> - P <ACTIVE>
DOMAINNAME <00> - <GROUP> P <ACTIVE>
DELLLS13 <20> - P <ACTIVE>
DOMAINNAME <1e> - <GROUP> P <ACTIVE>
DELLLS13 <03> - P <ACTIVE>
DELLLS13$ <03> - P <ACTIVE>
CRAIG <03> - P <ACTIVE>
The first name, converted to lower case, is used for the host name.
su backuppc
/usr/share/backuppc/bin/BackupPC_dump -v -f hostName
This will run a full dump on hostName (replace with your host name) and will print all the output from each command, including the log output.
The most likely problems will relate to connecting to the smb shares on each host. On each failed backup, a file /var/lib/backuppc/pc/$host/XferLOG.bad.z will be created. This is the stderr output from the transport program. You can view this file via the CGI interface, or manually uncompress it with;
/usr/share/backuppc/bin/BackupPC_zcat /var/lib/backuppc/pc/$host/XferLOG.bad.z | more
The first line will show the full command that was run (eg: rsync, tar or smbclient). Based on the error messages you should figure out what is wrong. Possible errors on the server side are invalid host, invalid share name, bad username or password. Possible errors on the client side are misconfiguration of the share, username or password.
You should try running the command manually to see what happens. For example, for smbclient you should it manually and verify that you can connect to the host in interactive mode, eg:
smbclient '\\hostName\shareName' -U userName
shareName should match the $Conf{SmbShareName} setting and userName should match the the $Conf{SmbShareUserName} setting.
You will be prompted for the password. You should then see this prompt:
smb: \>
Verify that ``ls'' works and then type ``quit'' to exit.
BackupPC supports several different methods for restoring files. The most convenient restore options are provided via the CGI interface. Alternatively, backup files can be restored using manual commands.
By selecting a host in the CGI interface, a list of all the backups for that machine will be displayed. By selecting the backup number you can navigate the shares and directory tree for that backup.
BackupPC's CGI interface automatically fills incremental backups with the corresponding full backup, which means each backup has a filled appearance. Therefore, there is no need to do multiple restores from the incremental and full backups: BackupPC does all the hard work for you. You simply select the files and directories you want from the correct backup vintage in one step.
You can download a single backup file at any time simply by selecting it. Your browser should prompt you with the file name and ask you whether to open the file or save it to disk.
Alternatively, you can select one or more files or directories in the currently selected directory and select ``Restore selected files''. (If you need to restore selected files and directories from several different parent directories you will need to do that in multiple steps.)
If you select all the files in a directory, BackupPC will replace the list of files with the parent directory. You will be presented with a screen that has three options:
Once you select ``Start Restore'' you will be prompted one last time with a summary of the exact source and target files and directories before you commit. When you give the final go ahead the restore operation will be queued like a normal backup job, meaning that it will be deferred if there is a backup currently running for that host. When the restore job is run, smbclient or tar is used (depending upon $Conf{XferMethod}) to actually restore the files. Sorry, there is currently no option to cancel a restore that has been started.
A record of the restore request, including the result and list of files and directories, is kept. It can be browsed from the host's home page. $Conf{RestoreInfoKeepCnt} specifies how many old restore status files to keep.
When you select ``Download Zip File'' you should be prompted where to save the restore.zip file.
BackupPC does not consider downloading a zip file as an actual restore operation, so the details are not saved for later browsing as in the first case. However, a mention that a zip file was downloaded by a particular user, and a list of the files, does appear in BackupPC's log file.
Apart from the CGI interface, BackupPC allows you to restore files and directories from the command line. The following programs can be used:
/usr/share/backuppc/bin/BackupPC_zcat /var/lib/backuppc/pc/host/5/fc/fcraig/fexample.txt > example.txt
It's your responsibility to make sure the file is really compressed: BackupPC_zcat doesn't check which backup the requested file is from.
The usage is:
BackupPC_tarCreate [-t] [-h host] [-n dumpNum] [-s shareName]
[-r pathRemove] [-p pathAdd]
files/directories...
The command-line files and directories are relative to the specified shareName. The tar file is written to stdout.
The required options are:
Other options are:
The -h, -n and -s options specify which dump is used to generate the tar archive. The -r and -p options can be used to relocate the paths in the tar archive so extracted files can be placed in a location different from their original location.
The usage is:
BackupPC_zipCreate [-t] [-h host] [-n dumpNum] [-s shareName]
[-r pathRemove] [-p pathAdd] [-c compressionLevel]
files/directories...
The command-line files and directories are relative to the specified shareName. The zip file is written to stdout.
The required options are:
Other options are:
The -h, -n and -s options specify which dump is used to generate the zip archive. The -r and -p options can be used to relocate the paths in the zip archive so extracted files can be placed in a location different from their original location.
Each of these programs reside in /usr/share/backuppc/bin.
Identical files on multiples backups are represented by hard links. Hardlinks are used so that identical files all refer to the same physical file on the server's disk. Also, hard links maintain reference counts so that BackupPC knows when to delete unused files from the pool.
For the computer-science majors among you, you can think of the pooling system used by BackupPC as just a chained hash table stored on a (big) file system.
Using the file length and just the first 4096 bytes of the file for the MD5 digest produces some repetitions. One example: with 900,000 unique files in the pool, this hash gives about 7,000 repeated files, and in the worst case 500 files have the same hash. That's not bad: we only have to do a single file compare 99.2% of the time. But in the worst case we have to compare as many as 500 files checking for a match.
With a modest increase in CPU time, if we use the file length and the first 256K of the file we now only have 500 repeated files and in the worst case around 20 files have the same hash. Furthermore, if we instead use the first and last 128K of the file (more specifically, the first and eighth 128K chunks for files larger than 1MB) we get only 300 repeated files and in the worst case around 20 files have the same hash.
Based on this experimentation, this is the hash function used by BackupPC. It is important that you don't change the hash function after files are already in the pool. Otherwise your pool will grow to twice the size until all the old backups (and all the old files with old hashes) eventually expire.
The $Conf{CompressLevel} setting specifies the compression level to use. Zero (0) means no compression. Compression levels can be from 1 (least cpu time, slightly worse compression) to 9 (most cpu time, slightly better compression). The recommended value is 3. Changing it to 5, for example, will take maybe 20% more cpu time and will get another 2-3% additional compression. Diminishing returns set in above 5. See the zlib documentation for more information about compression levels.
BackupPC implements compression with minimal CPU load. Rather than compressing every incoming backup file and then trying to match it against the pool, BackupPC computes the MD5 digest based on the uncompressed file, and matches against the candidate pool files by comparing each uncompressed pool file against the incoming backup file. Since inflating a file takes roughly a factor of 10 less CPU time than deflating there is a big saving in CPU time.
The combination of pooling common files and compression can yield a factor of 8 or more overall saving in backup storage.
BackupPC reads the configuration information from /var/lib/backuppc/conf/config.pl. It then runs and manages all the backup activity. It maintains queues of pending backup requests, user backup requests and administrative commands. Based on the configuration various requests will be executed simultaneously.
As specified by $Conf{WakeupSchedule}, BackupPC wakes up periodically to queue backups on all the PCs. This is a four step process:
The backup is done using samba's smbclient or tar over ssh/rsh/nfs piped into BackupPC_tarExtract, extracting the backup into /var/lib/backuppc/pc/$host/new. The smbclient or tar output is put into /var/lib/backuppc/pc/$host/XferLOG.
As BackupPC_tarExtract extracts the files from smbclient, it checks each file in the backup to see if it is identical to an existing file from any previous backup of any PC. It does this without needed to write the file to disk. If the file matches an existing file, a hardlink is created to the existing file in the pool. If the file does not match any existing files, the file is written to disk and the file name is saved in /var/lib/backuppc/pc/$host/NewFileList for later processing by BackupPC_link. BackupPC_tarExtract can handle arbitrarily large files and multiple candidate matching files without needing to write the file to disk in the case of a match. This significantly reduces disk writes (and also reads, since the pool file comparison is done disk to memory, rather than disk to disk).
Based on the configuration settings, BackupPC_dump checks each old backup to see if any should be removed. Any expired backups are moved to /var/lib/backuppc/trash for later removal by BackupPC_trashClean.
BackupPC_link reads the NewFileList written by BackupPC_dump and inspects each new file in the backup. It re-checks if there is a matching file in the pool (another BackupPC_link could have added the file since BackupPC_dump checked). If so, the file is removed and replaced by a hard link to the existing file. If the file is new, a hard link to the file is made in the pool area, so that this file is available for checking against each new file and new backup.
Then, assuming $Conf{IncrFill} is set, for each incremental backup, hard links are made in the new backup to all files that were not extracted during the incremental backups. The means the incremental backup looks like a complete image of the PC (with the exception that files that were removed on the PC since the last full backup will still appear in the backup directory tree).
As of v1.03, the CGI interface knows how to merge unfilled incremental backups will the most recent prior filled (full) backup, giving the incremental backups a filled appearance. The default for $Conf{IncrFill} is off, since there is now no need to fill incremental backups. This saves some level of disk activity, since lots of extra hardlinks are no longer needed (and don't have to be deleted when the backup expires).
Also, once each night, BackupPC_nightly is run to complete some additional administrative tasks, such as cleaning the pool. This involves removing any files in the pool that only have a single hard link (meaning no backups are using that file). Again, to avoid race conditions, BackupPC_nightly is only run when there are no BackupPC_dump or BackupPC_link processes running.
BackupPC also listens for TCP connections on $Conf{ServerPort}, which is used by the CGI script BackupPC_Admin for status reporting and user-initiated backup or backup cancel requests.
BackupPC resides in three directories:
Below /var/lib/backuppc are several directories:
Each file is stored in a subdirectory X/Y/Z, where X, Y, Z are the first 3 hex digits of the MD5 digest.
For example, if a file has an MD5 digest of 123456789abcdef0, the file is stored in /var/lib/backuppc/pool/1/2/3/123456789abcdef0.
The MD5 digest might not be unique (especially since not all the file's contents are used for files bigger than 256K). Different files that have the same MD5 digest are stored with a trailing suffix ``_n'' where n is an incrementing number starting at 0. So, for example, if two additional files were identical to the first, except the last byte was different, and assuming the file was larger than 1MB (so the MD5 digests are the same but the files are actually different), the three files would be stored as:
/var/lib/backuppc/pool/1/2/3/123456789abcdef0
/var/lib/backuppc/pool/1/2/3/123456789abcdef0_0
/var/lib/backuppc/pool/1/2/3/123456789abcdef0_1
Both BackupPC_dump (actually, BackupPC_tarExtract) and BackupPC_link are responsible for checking newly backed up files against the pool. For each file, the MD5 digest is used to generate a file name in the pool directory. If the file exists in the pool, the contents are compared. If there is no match, additional files ending in ``_n'' are checked. (Actually, BackupPC_tarExtract compares multiple candidate files in parallel.) If the file contents exactly match, the file is created by simply making a hard link to the pool file (this is done by BackupPC_tarExtract as the backup proceeds). Otherwise, BackupPC_tarExtract writes the new file to disk and a new hard link is made in the pool to the file (this is done later by BackupPC_link).
Therefore, every file in the pool will have at least 2 hard links (one for the pool file and one for the backup file below /var/lib/backuppc/pc). Identical files from different backups or PCs will all be linked to the same file. When old backups are deleted, some files in the pool might only have one link. BackupPC_nightly checks the entire pool and removes all files that have only a single link, thereby recovering the storage for that file.
One other issue: zero length files are not pooled, since there are a lot of these files and on most file systems it doesn't save any disk space to turn these files into hard links.
The compressed file format is as generated by Compress::Zlib::deflate with one minor, but important, tweak. Since Compress::Zlib::inflate fully inflates its argument in memory, it could take large amounts of memory if it was inflating a highly compressed file. For example, a 200MB file of 0x0 bytes compresses to around 200K bytes. If Compress::Zlib::inflate was called with this single 200K buffer, it would need to allocate 200MB of memory to return the result.
BackupPC watches how efficiently a file is compressing. If a big file
has very high compression (meaning it will use too much memory when it
is inflated), BackupPC calls the flush() method, which gracefully
completes the current compression. BackupPC then starts another
deflate and simply appends the output file. So the BackupPC compressed
file format is one or more concatenated deflations/flushes. The specific
ratios that BackupPC uses is that if a 6MB chunk compresses to less
than 64K then a flush will be done.
Back to the example of the 200MB file of 0x0 bytes. Adding flushes every 6MB adds only 200 or so bytes to the 200K output. So the storage cost of flushing is negligible.
To easily decompress a BackupPC compressed file, the script BackupPC_zcat can be found in /usr/share/backuppc/bin. For each file name argument it inflates the file and writes it to stdout.
Backup file names are stored in ``mangled'' form. Each node of a path is preceded by ``f'' (mnemonic: file), and special characters (\n, \r, % and /) are URI-encoded as ``%xx'', where xx is the ascii character's hex value. So c:/craig/example.txt is now stored as fc/fcraig/fexample.txt.
This was done mainly so meta-data could be stored alongside the backup files without name collisions. In particular, the attributes for the files in a directory are stored in a file called ``attrib'', and mangling avoids file name collisions (I discarded the idea of having a duplicate directory tree for every backup just to store the attributes). Other meta-data (eg: rsync checksums) could be stored in file names preceded by, eg, ``c''. There are two other benefits to mangling: the share name might contain ``/'' (eg: ``/home/craig'' for tar transport), and I wanted that represented as a single level in the storage tree. Secondly, as files are written to NewFileList for later processing by BackupPC_link, embedded newlines in the file's path will cause problems which are avoided by mangling.
The CGI script undoes the mangling, so it is invisible to the user. Old (unmangled) backups are still supported by the CGI interface.
Linux/unix file systems support several special file types: symbolic links, character and block device files, fifos (pipes) and unix-domain sockets. All except unix-domain sockets are supported by BackupPC (there's no point in backing up or restoring unix-domain sockets since they only have meaning after a process creates them). Symbolic links are stored as a plain file whose contents are the contents of the link (not the file it points to). This file is compressed and pooled like any normal file. Character and block device files are also stored as plain files, whose contents are two integers separated by a comma; the numbers are the major and minor device number. These files are compressed and pooled like any normal file. Fifo files are stored as empty plain files (which are not pooled since they have zero size). In all cases, the original file type is stored in the attrib file so it can be correctly restored.
Hardlinks are also supported. When GNU tar first encounters a file with more than one link (ie: hardlinks) it dumps it as a regular file. When it sees the second and subsequent hardlinks to the same file, it dumps just the hardlink information. BackupPC correctly recognizes these hardlinks and stores them just like symlinks: a regular text file whose contents is the path of the file linked to. The CGI script will download the original file when you click on a hardlink.
Also, BackupPC_tarCreate has enough magic to re-create the hardlinks dynamically based on whether or not the original file and hardlinks are both included in the tar file. For example, imagine a/b/x is a hardlink to a/c/y. If you use BackupPC_tarCreate to restore directory a, then the tar file will include a/b/x as the original file and a/c/y will be a hardlink to a/b/x. If, instead you restore a/c, then the tar file will include a/c/y as the original file, not a hardlink.
The unix attributes for the contents of a directory (all the files and directories in that directory) are stored in a file called attrib. There is a single attrib file for each directory in a backup. For example, if c:/craig contains a single file c:/craig/example.txt, that file would be stored as fc/fcraig/fexample.txt and there would be an attribute file in fc/fcraig/attrib (and also fc/attrib and ./attrib). The file fc/fcraig/attrib would contain a single entry containing the attributes for fc/fcraig/fexample.txt.
The attrib file starts with a magic number, followed by the concatenation of the following information for each file:
The attrib file is also compressed if compression is enabled. See the lib/BackupPC/Attrib.pm module for full details.
Attribute files are pooled just like normal backup files. This saves space if all the files in a directory have the same attributes across multiple backups, which is common.
BackupPC doesn't care about the access time of files in the pool since it saves attribute meta-data separate from the files. Since BackupPC mostly does reads from disk, maintaining the access time of files generates a lot of unnecessary disk writes. So, provided BackupPC has a dedicated data disk, you should consider mounting BackupPC's data directory with the noatime attribute (see mount(1)).
BackupPC isn't perfect (but it is getting better). Here are some limitations of BackupPC:
This is especially troublesome for Outlook, which stores all its data in a single large file and keeps it locked whenever it is running. Since many users keep Outlook running all the time their machine is up their Outlook file will not be backed up. Sadly, this file is the most important file to backup. As one workaround, Microsoft has a user-level application that periodically asks the user if they want to make a copy of their outlook.pst file. This copy can then be backed up by BackupPC. See http://office.microsoft.com/downloads/2002/pfbackup.aspx.
Similarly, all of the data for WinXX services like SQL databases, Exchange etc won't be backed up. If these applications support some kind of export or utility to save their data to disk then this can =used to create files that BackupPC can backup.
So far, the best that BackupPC can do is send warning emails to the user saying that their outlook files haven't been backed up in X days. (X is configurable.) The message invites the user to exit Outlook and gives a URL to manually start a backup.
I suspect there is a way of mirroring the outlook.pst file so that at least the mirror copy can be backed up. Or perhaps a manual copy can be started at login. Does some WinXX expert know how to do this?
Comment: two users have noted that there are commercial OFM (open file manager) products that are designed to solve this problem, for example from St. Bernard or Columbia Data Products. Apparently Veritas and Legato bundle this product with their commercial products. See for example http://www.stbernard.com/products/docs/ofm_whitepaperV8.pdf. If anyone tries these programs with BackupPC please tell us whether or not they work.
It is likely that linux/unix backups done using tar (rather than smb) can be used to reconstruct a complete file system, although I haven't tried it.
perl -V | egrep largefiles
Without this, the maximum file size will be 2GB.
Without this, the maximum file size will be 2GB.
GNU tar maximum file size is limited by the tar header format. The tar header uses 11 octal digits to represent the file size, which is 33 bits or 8GB. But GNU tar has a binary file size convention for files bigger than 8GB, which is supported in BackupPC as of 2.0.1. So GNU tar can support very large files.
Smbclient 2.2.x is limited to 4GB file sizes. Moreover, a bug in smbclient (mixing signed and unsigned 32 bit values) causes it to incorrectly do the tar octal conversion for file sizes from 2GB-4GB. Up to 2.0.0, BackupPC_tarExtract knows about this bug and can recover the correct file size. So smbclient 2.2.x transport works up to 4GB file sizes with BackupPC 2.0.0.
But as of BackupPC 2.0.1 this repair was removed. The reason is that smbclient 3.0.x now supports large files, so it can validly generate file sizes that would have been incorrectly ``repaired'' by BackupPC_tarExtract. So with smbclient 3.0.x and BackupPC 2.0.1 or later, files bigger than 4GB are supported. Files larger than 8GB have been tested, provided the patch in this smbclient bug is applied to samba 3.0.0:
https://bugzilla.samba.org/show_bug.cgi?id=563
However, due to some bug in smbclient, restores only work up to 2GB file sizes. This is mentioned in this bug report.
Rsync running on linux supports large files, bigger than 4GB. Cygwin 1.3.x is limited to either 2GB or 4GB file sizes. Cygwin 1.5.x allows large file support but I haven't tested it yet with rsync. More testing needs to be done to verify the file size limit for rsync on various platforms.
Using the example at the start of the installation section, 65 hosts are backed up with each full backup averaging 3.2GB. Storing one full backup and two incremental backups per laptop is around 240GB of raw data. But because of the pooling of identical files, only 87GB is used (with compression the total is lower). If you run du or tar on the data directory, there will appear to be 240GB of data, plus the size of the pool (around 87GB), or 327GB total.
If your tape backup system is not smart about hard links an alternative is to periodically backup just the last successful backup for each host to tape. Another alternative is to do a low-level dump of the pool file system (ie: /dev/hda1 or similar) using dump(1).
Supporting more efficient tape backup is an area for further development.
However, if a file was deleted by a user after the last full backup, that file will still appear in the ``filled-in'' incremental backup. This is not really a specific problem with BackupPC, rather it is a general issue with the full/incremental backup paradigm. This minor problem could be solved by having smbclient list all files when it does the incremental backup. Volunteers anyone?
Comments or suggestions on these issues are welcome.
Please read this section and consider each of the issues carefully.
If you use any of the latter three methods please make sure that the file's permission is appropriately restricted. If you also use RCS or CVS, double check the file permissions of the config.pl,v file.
In future versions there will probably be support for encryption of the smb share password, but a private key will still have to be stored in a protected place. Comments and suggestions are welcome.
If the Apache server and BackupPC_Admin run on a different host to BackupPC then a TCP port must be enabled by setting $Conf{ServerPort}. Anyone can connect to this port. To avoid possible attacks via the TCP socket interface, every client message is protected by an MD5 digest. The MD5 digest includes four items:
The message is sent in plain text preceded by the MD5 digest. A snooper can see the plain-text seed sent by BackupPC and plain-text message from the client, but cannot construct a valid MD5 digest since the secret in $Conf{ServerMesgSecret} is unknown. A replay attack is not possible since the seed changes on a per-connection and per-message basis.
So if you do enable the TCP port, please set $Conf{ServerMesgSecret} to some hard-to-guess string. A denial-of-service attack is possible with the TCP port enabled. Someone could simply connect many times to this port, until BackupPC had exhausted all its file descriptors, and this would cause new backups and the CGI interface to fail. The most secure solution is to run BackupPC and Apache on the same machine and disable the TCP port.
By the way, if you have upgraded from a version of BackupPC prior to v1.5.0 you should set $Conf{ServerPort} to -1 to disable the TCP port.
The Apache configuration should be setup for AuthConfig style, using a .htaccess file so that the user's name is passed into the script as $ENV{REMOTE_USER}.
If normal users could directly run BackupPC_Admin then there is a serious security hole: since it is setuid to backuppc any user can browse and restore any backups. Be aware that anyone who is allowed to edit or create cgi scripts on your server can execute BackupPC_Admin as any user! They simply write a cgi script that sets $ENV{REMOTE_USER} and then execs BackupPC_Admin. The exec succeeds since httpd runs the first script as user httpd/apache, which in turn has group permission to execute BackupPC_Admin.
While this setup should be safe, a more conservative approach is to run a dedicated Apache as user backuppc on a different port. Then BackupPC_Admin no longer needs to be setuid, and the cgi directories can be locked down from normal users. Moreover, this setup is exactly the one used to support mod_perl, so this provides both the highest performance and the lowest security risk.
Comments and suggestions are welcome.
The BackupPC configuration file resides in /var/lib/backuppc/conf/config.pl. Optional per-PC configuration files reside in /var/lib/backuppc/pc/$host/config.pl. This file can be used to override settings just for a particular PC.
The configuration file is a perl script that is executed by BackupPC, so you should be careful to preserve the file syntax (punctuation, quotes etc) when you edit it. It is recommended that you use CVS, RCS or some other method of source control for changing config.pl.
BackupPC reads or re-reads the main configuration file and the hosts file in three cases:
Whenever you change the configuration file you can either do a kill -HUP BackupPC_pid or simply wait until the next regular wakeup period.
Each time the configuration file is re-read a message is reported in the LOG file, so you can tail it (or view it via the CGI interface) to make sure your kill -HUP worked. Errors in parsing the configuration file are also reported in the LOG file.
The optional per-PC configuration file (/var/lib/backuppc/pc/$host/config.pl) is read whenever it is needed by BackupPC_dump, BackupPC_link and others.
If you have a heterogeneous set of clients (eg: a variety of WinXX and linux/unix machines) you will need to create host-specific config.pl files for some or all of these machines to customize the default settings from the master config.pl file (at a minimum to set $Conf{XferMethod}).
Since the config.pl file is just regular perl code, you can include one config file from another. For example, imagine you had three general classes of machines: WinXX desktops, linux machines in the DMZ and linux desktops. You could create three config files in /var/lib/backuppc/conf:
/var/lib/backuppc/conf/ConfigWinDesktop.pl
/var/lib/backuppc/conf/ConfigLinuxDMZ.pl
/var/lib/backuppc/conf/ConfigLinuxDesktop.pl
From each client's directory you can either add a symbolic link to the appropriate config file:
cd /var/lib/backuppc/pc/$host
ln -s ../../conf/ConfigWinDesktop.pl config.pl
or, better yet, create a config.pl file in /var/lib/backuppc/pc/$host that includes the default config.pl file using perl's ``do'' command:
do "/var/lib/backuppc/conf/ConfigWinDesktop.pl";
This alternative allows you to set other configuration options specific to each host after the ``do'' command (perhaps even overriding the settings in the included file).
Note that you could also include snippets of configuration settings from the main configuration file. However, be aware that the modification-time checking that BackupPC does only applies to the main configuration file: if you change one of the included files, BackupPC won't notice. You will need to either touch the main configuration file too, or send BackupPC a HUP (-1) signal.
The configuration parameters are divided into five general groups. The first group (general server configuration) provides general configuration for BackupPC. The next two groups describe what to backup, when to do it, and how long to keep it. The fourth group are settings for email reminders, and the final group contains settings for the CGI interface.
All configuration settings in the second through fifth groups can be overridden by the per-PC config.pl file.
To avoid possible attacks via the TCP socket interface, every client message is protected by an MD5 digest. The MD5 digest includes four items: - a seed that is sent to the client when the connection opens - a sequence number that increments for each message - a shared secret that is stored in $Conf{ServerMesgSecret} - the message itself.
The message is sent in plain text preceded by the MD5 digest. A snooper can see the plain-text seed sent by BackupPC and plain-text message from the client, but cannot construct a valid MD5 digest since the secret $Conf{ServerMesgSecret} is unknown. A replay attack is not possible since the seed changes on a per-connection and per-message basis.
If the hosts you are backing up are always connected to the network you might have only one or two wakeups each night. This will keep the backup activity after hours. On the other hand, if you are backing up laptops that are only intermittently connected to the network you will want to have frequent wakeups (eg: hourly) to maximized the chance that each laptop is backed up.
Examples:
$Conf{WakeupSchedule} = [22.5]; # once per day at 10:30 pm.
$Conf{WakeupSchedule} = [1..23]; # every hour except midnight
$Conf{WakeupSchedule} = [2,4,6,8,10,12,14,16,18,20,22]; # every 2 hours
The default value is every hour except midnight.
If you decrease this number after BackupPC has been running for a while you will have to manually remove the older log files.
$dfPath path to df ($Conf{DfPath})
$topDir top-level BackupPC data directory
Examples:
# to specify 192.10.10.20 to 192.10.10.250 as the DHCP address pool
$Conf{DHCPAddressRanges} = [
{
ipAddrBase => '192.10.10',
first => 20,
last => 250,
},
];
# to specify two pools (192.10.10.20-250 and 192.10.11.10-50)
$Conf{DHCPAddressRanges} = [
{
ipAddrBase => '192.10.10',
first => 20,
last => 250,
},
{
ipAddrBase => '192.10.11',
first => 10,
last => 50,
},
];
$Conf{SmbShareName} = 'c'; # backup 'c' share
$Conf{SmbShareName} = ['c', 'd']; # backup 'c' and 'd' shares
This setting only matters if $Conf{XferMethod} = 'smb'.
This setting only matters if $Conf{XferMethod} = 'smb'.
This setting only matters if $Conf{XferMethod} = 'smb'.
$Conf{TarShareName} = '/'; # backup everything
$Conf{TarShareName} = '/home'; # only backup /home
$Conf{TarShareName} = ['/home', '/src']; # backup /home and /src
The fact this parameter is called 'TarShareName' is for historical consistency with the Smb transport options. You can use any valid directory on the client: there is no need for it to correspond to any Smb share or device mount point.
Note also that you can also use $Conf{BackupFilesOnly} to specify a specific list of directories to backup. It's more efficient to use this option instead of $Conf{TarShareName} since a new tar is run for each entry in $Conf{TarShareName}.
On the other hand, if you add --one-file-system to $Conf{TarClientCmd} you can backup each file system separately, which makes restoring one bad file system easier. In this case you would list all of the mount points here, since you can't get the same result with $Conf{BackupFilesOnly}:
$Conf{TarShareName} = ['/', '/var', '/data', '/boot'];
This setting only matters if $Conf{XferMethod} = 'tar'.
Typically this is set slightly less than an integer number of days. The time taken for the backup, plus the granularity of $Conf{WakeupSchedule} will make the actual backup interval a bit longer.
There are two special values for $Conf{FullPeriod}:
-1 Don't do any regular backups on this machine. Manually
requested backups (via the CGI interface) will still occur.
-2 Don't do any backups on this machine. Manually requested
backups (via the CGI interface) will be ignored.
These special settings are useful for a client that is no longer being backed up (eg: a retired machine), but you wish to keep the last backups available for browsing or restoring to other machines.
Also, you might create a virtual client (by setting $Conf{ClientNameAlias}) for restoring to a DVD or permanent media and you would set $Conf{FullPeriod} to -2 so that it is never backed up.
Typically this is set slightly less than an integer number of days. The time taken for the backup, plus the granularity of $Conf{WakeupSchedule} will make the actual backup interval a bit longer.
In the steady state, each time a full backup completes successfully the oldest one is removed. If this number is decreased, the extra old backups will be removed.
If filling of incremental dumps is off the oldest backup always has to be a full (ie: filled) dump. This might mean an extra full dump is kept until the second oldest (incremental) dump expires.
In the steady state, each time an incr backup completes successfully the oldest one is removed. If this number is decreased, the extra old backups will be removed.
BackupPC, and the cgi interface in particular, do the right thing on un-filled incremental backups. It will correctly display the merged incremental backup with the most recent filled backup, giving the un-filled incremental backups a filled appearance. That means it invisible to the user whether incremental dumps are filled or not.
Filling backups takes a little extra disk space, and it does cost some extra disk activity for filling, and later removal. Filling is no longer useful, since file mangling and compression doesn't make a filled backup very useful. It's likely the filling option will be removed from future versions: filling will be delegated to the display and extraction of backup data.
If filling is off, BackupPC makes sure that the oldest backup is a full, otherwise the following incremental backups will be incomplete. This might mean an extra full backup has to be kept until the following incremental backups expire.
The default is off. You can turn this on or off at any time without affecting existing backups.
Note: files/dirs delivered via Zip or Tar downloads don't count as restores. Only the first restore option (where the files and dirs are written to the host) count as restores that are logged.
For Smb, only one of $Conf{BackupFilesExclude} and $Conf{BackupFilesOnly} can be specified per share. If both are set for a particular share, then $Conf{BackupFilesOnly} takes precedence and $Conf{BackupFilesExclude} is ignored.
This can be set to a string, an array of strings, or, in the case of multiple shares, a hash of strings or arrays. A hash is used to give a list of directories or files to backup for each share (the share name is the key). If this is set to just a string or array, and $Conf{SmbShareName} contains multiple share names, then the setting is assumed to apply to only the first share name.
Examples:
$Conf{BackupFilesOnly} = '/myFiles';
$Conf{BackupFilesOnly} = ['/myFiles']; # same as first example
$Conf{BackupFilesOnly} = ['/myFiles', '/important'];
$Conf{BackupFilesOnly} = {
'c' => ['/myFiles', '/important'], # these are for 'c' share
'd' => ['/moreFiles', '/archive'], # these are for 'd' share
};
This can be set to a string, an array of strings, or, in the case of multiple shares, a hash of strings or arrays. A hash is used to give a list of directories or files to exclude for each share (the share name is the key). If this is set to just a string or array, and $Conf{SmbShareName} contains multiple share names, then the setting is assumed to apply to only the first share name.
The exact behavior is determined by the underlying transport program, smbclient or tar. For smbclient the exlclude file list is passed into the X option. Simple shell wild-cards using ``*'' or ``?'' are allowed.
For tar, if the exclude file contains a ``/'' it is assumed to be anchored at the start of the string. Since all the tar paths start with ``./'', BackupPC prepends a ``.'' if the exclude file starts with a ``/''. Note that GNU tar version >= 1.13.7 is required for the exclude option to work correctly. For linux or unix machines you should add ``/proc'' to $Conf{BackupFilesExclude} unless you have specified --one-file-system in $Conf{TarClientCmd} or --one-file-system in $Conf{RsyncArgs}. Also, for tar, do not use a trailing ``/'' in the directory name: a trailing ``/'' causes the name to not match and the directory will not be excluded.
Examples:
$Conf{BackupFilesExclude} = '/temp';
$Conf{BackupFilesExclude} = ['/temp']; # same as first example
$Conf{BackupFilesExclude} = ['/temp', '/winnt/tmp'];
$Conf{BackupFilesExclude} = {
'c' => ['/temp', '/winnt/tmp'], # these are for 'c' share
'd' => ['/junk', '/dont_back_this_up'], # these are for 'd' share
};
To allow for periodic rebooting of a PC or other brief periods when a PC is not on the network, a number of consecutive bad pings is allowed before the good ping count is reset. This parameter is $Conf{BlackoutBadPingLimit}.
Note that bad and good pings don't occur with the same interval. If a machine is always on the network, it will only be pinged roughly once every $Conf{IncrPeriod} (eg: once per day). So a setting for $Conf{BlackoutGoodCnt} of 7 means it will take around 7 days for a machine to be subject to blackout. On the other hand, if a ping is failed, it will be retried roughly every time BackupPC wakes up, eg, every one or two hours. So a setting for $Conf{BlackoutBadPingLimit} of 3 means that the PC will lose its blackout status after 3-6 hours of unavailability.
To disable the blackout feature set $Conf{BlackoutGoodCnt} to a negative value. A value of 0 will make all machines subject to blackout. But if you don't want to do any backups during the day it would be easier to just set $Conf{WakeupSchedule} to a restricted schedule.
The valid values are:
- 'smb': backup and restore via smbclient and the SMB protocol.
Best choice for WinXX.
- 'rsync': backup and restore via rsync (via rsh or ssh).
Best choice for linux/unix. Can also work on WinXX.
- 'rsyncd': backup and restre via rsync daemon on the client.
Best choice for linux/unix if you have rsyncd running on
the client. Can also work on WinXX.
- 'tar': backup and restore via tar, tar over ssh, rsh or nfs.
Good choice for linux/unix.
smbclient is from the Samba distribution. smbclient is used to actually extract the incremental or full dump of the share filesystem from the PC.
This setting only matters if $Conf{XferMethod} = 'smb'.
The following variables are substituted at run-time:
$smbClientPath same as $Conf{SmbClientPath}
$host host to backup/restore
$hostIP host IP address
$shareName share name
$userName user name
$fileList list of files to backup (based on exclude/include)
$I_option optional -I option to smbclient
$X_option exclude option (if $fileList is an exclude list)
$timeStampFile start time for incremental dump
See the documentation for more information about setting up ssh2 keys.
If you plan to use NFS then tar just runs locally and ssh2 is not needed. For example, assuming the client filesystem is mounted below /mnt/hostName, you could use something like:
$Conf{TarClientCmd} = '$tarPath -c -v -f - -C /mnt/$host/$shareName'
. ' --totals';
In the case of NFS or rsh you need to make sure BackupPC's privileges are sufficient to read all the files you want to backup. Also, you will probably want to add ``/proc'' to $Conf{BackupFilesExclude}.
The following variables are substituted at run-time:
$host host name
$hostIP host's IP address
$incrDate newer-than date for incremental backups
$shareName share name to backup (ie: top-level directory path)
$fileList specific files to backup or exclude
$tarPath same as $Conf{TarClientPath}
$sshPath same as $Conf{SshPath}
If a variable is followed by a ``+'' it is shell escaped. This is necessary for the command part of ssh or rsh, since it ends up getting passed through the shell.
This setting only matters if $Conf{XferMethod} = 'tar'.
If you are running tar locally (ie: without rsh or ssh) then remove the ``+'' so that the argument is no longer shell escaped.
This setting only matters if $Conf{XferMethod} = 'tar'.
Note that GNU tar has several methods for specifying incremental backups, including:
--newer-mtime $incrDate+
This causes a file to be included if the modification time is
later than $incrDate (meaning its contents might have changed).
But changes in the ownership or modes will not qualify the
file to be included in an incremental.
--newer=$incrDate+
This causes the file to be included if any attribute of the
file is later than $incrDate, meaning either attributes or
the modification time. This is the default method. Do
not use --atime-preserve in $Conf{TarClientCmd} above,
otherwise resetting the atime (access time) counts as an
attribute change, meaning the file will always be included
in each new incremental dump.
If you are running tar locally (ie: without rsh or ssh) then remove the ``+'' so that the argument is no longer shell escaped.
This setting only matters if $Conf{XferMethod} = 'tar'.
See $Conf{TarClientCmd} for full details.
This setting only matters if $Conf{XferMethod} = ``tar''.
This setting only matters if $Conf{XferMethod} = 'tar'.
$host host name being backed up
$hostIP host's IP address
$shareName share name to backup (ie: top-level directory path)
$rsyncPath same as $Conf{RsyncClientPath}
$sshPath same as $Conf{SshPath}
$argList argument list, built from $Conf{RsyncArgs},
$shareName, $Conf{BackupFilesExclude} and
$Conf{BackupFilesOnly}
This setting only matters if $Conf{XferMethod} = 'rsync'.
$host host name being backed up
$hostIP host's IP address
$shareName share name to backup (ie: top-level directory path)
$rsyncPath same as $Conf{RsyncClientPath}
$sshPath same as $Conf{SshPath}
$argList argument list, built from $Conf{RsyncArgs},
$shareName, $Conf{BackupFilesExclude} and
$Conf{BackupFilesOnly}
This setting only matters if $Conf{XferMethod} = 'rsync'.
For $Conf{XferMethod} = ``rsyncd'' this should be the name of the module to backup (ie: the name from /etc/rsynd.conf).
This can also be a list of multiple file system paths or modules. For example, by adding --one-file-system to $Conf{RsyncArgs} you can backup each file system separately, which makes restoring one bad file system easier. In this case you would list all of the mount points:
$Conf{RsyncShareName} = ['/', '/var', '/data', '/boot'];
Examples of additional arguments that should work are --exclude/--include, eg:
$Conf{RsyncArgs} = [
# original arguments here
'-v',
'--exclude', '/proc',
'--exclude', '*.tmp',
];
nmblookup is from the Samba distribution. nmblookup is used to get the netbios name, necessary for DHCP hosts.
$nmbLookupPath path to nmblookup ($Conf{NmbLookupPath})
$host IP address
This command is only used for DHCP hosts: given an IP address, this command should try to find its NetBios name.
$nmbLookupPath path to nmblookup ($Conf{NmbLookupPath})
$host NetBios name
In some cases you might need to change the broadcast address, for example if nmblookup uses 192.168.255.255 by default and you find that doesn't work, try 192.168.1.255 (or your equivalent class C address) using the -B option:
$Conf{NmbLookupFindHostCmd} = '$nmbLookupPath -B 192.168.1.255 $host';
If you use a WINS server and your machines don't respond to multicast NetBios requests you can use this (replace 1.2.3.4 with the IP address of your WINS server):
$Conf{NmbLookupFindHostCmd} = '$nmbLookupPath -R -U 1.2.3.4 $host';
This is preferred over multicast since it minimizes network traffic.
Experiment manually for your site to see what form of nmblookup command works.
If you want to disable ping checking, set this to some program that exits with 0 status, eg:
$Conf{PingPath} = '/bin/echo';
$pingPath path to ping ($Conf{PingPath})
$host host name
Wade Brown reports that on solaris 2.6 and 2.7 ping -s returns the wrong exit status (0 even on failure). Replace with ``ping $host 1'', which gets the correct exit status but we don't get the round-trip time.
Changing compression on or off after backups have already been done will require both compressed and uncompressed pool files to be stored. This will increase the pool storage requirements, at least until all the old backups expire and are deleted.
It is ok to change the compression value (from one non-zero value to another non-zero value) after dumps are already done. Since BackupPC matches pool files by comparing the uncompressed versions, it will still correctly match new incoming files against existing pool files. The new compression level will take effect only for new files that are newly compressed and added to the pool.
If compression was off and you are enabling compression for the first time you can use the BackupPC_compressPool utility to compress the pool. This avoids having the pool grow to accommodate both compressed and uncompressed backups. See the documentation for more information.
Note: compression needs the Compress::Zlib perl library. If the Compress::Zlib library can't be found then $Conf{CompressLevel} is forced to 0 (compression off).
Note that stdout buffering combined with huge files being backed up could cause longish delays in the output from smbclient that BackupPC_dump sees, so in rare cases you might want to increase this value.
Despite the name, this parameter sets the timeout for all transport methods (tar, smb etc).
If you decrease this number after BackupPC has been running for a while you will have to manually remove the older log files.
$Conf{DumpPreUserCmd} = '$sshPath -l root $host /usr/bin/dumpMysql';
The following variable substitutions are made at run time for $Conf{DumpPreUserCmd} and $Conf{DumpPostUserCmd}:
$type type of dump (incr or full)
$xferOK 1 if the dump succeeded, 0 if it didn't
$client client name being backed up
$host host name (could be different from client name if
$Conf{ClientNameAlias} is set)
$hostIP IP address of host
$user user name from the hosts file
$moreUsers list of additional users from the hosts file
$share the first share name
$shares list of all the share names
$XferMethod value of $Conf{XferMethod} (eg: tar, rsync, smb)
$sshPath value of $Conf{SshPath},
The following variable substitutions are made at run time for $Conf{RestorePreUserCmd} and $Conf{RestorePostUserCmd}:
$client client name being backed up
$xferOK 1 if the restore succeeded, 0 if it didn't
$host host name (could be different from client name if
$Conf{ClientNameAlias} is set)
$hostIP IP address of host
$user user name from the hosts file
$moreUsers list of additional users from the hosts file
$share the first share name
$XferMethod value of $Conf{XferMethod} (eg: tar, rsync, smb)
$sshPath value of $Conf{SshPath},
$type set to "restore"
$bkupSrcHost host name of the restore source
$bkupSrcShare share name of the restore source
$bkupSrcNum backup number of the restore source
$pathHdrSrc common starting path of restore source
$pathHdrDest common starting path of destination
$fileList list of files being restored
$Conf{ClientNameAlias} = 'realHostName';
$Conf{ClientNameAlias} = '192.1.1.15';
will cause the relevant smb/tar/rsync backup/restore commands to be directed to realHostName, not the client name.
Note: this setting doesn't work for hosts with DHCP set to 1.
$Cong{EMailUserDestDomain} = '@mydomain.com';
With this setting user email will be set to 'user@mydomain.com'.
These values are language-dependent. The default versions can be found in the language file (eg: lib/BackupPC/Lang/en.pm). If you need to change the message, copy it here and edit it, eg:
$Conf{EMailNoBackupEverMesg} = <<'EOF';
To: $user$domain
cc:
Subject: $subj
Dear $userName,
This is a site-specific email message. EOF
These values are language-dependent. The default versions can be found in the language file (eg: lib/BackupPC/Lang/en.pm). If you need to change the message, copy it here and edit it, eg:
$Conf{EMailNoBackupRecentMesg} = <<'EOF';
To: $user$domain
cc:
Subject: $subj
Dear $userName,
This is a site-specific email message. EOF
These values are language-dependent. The default versions can be found in the language file (eg: lib/BackupPC/Lang/en.pm). If you need to change the message, copy it here and edit it, eg:
$Conf{EMailOutlookBackupMesg} = <<'EOF';
To: $user$domain
cc:
Subject: $subj
Dear $userName,
This is a site-specific email message. EOF
Administrative users have full access to all hosts, plus overall status and log information.
The administrative users are the union of the unix/linux group $Conf{CgiAdminUserGroup} and the manual list of users, separated by spaces, in $Conf{CgiAdminUsers}. If you don't want a group or manual list of users set the corresponding configuration setting to undef or an empty string.
If you want every user to have admin privileges (careful!), set $Conf{CgiAdminUsers} = '*'.
Examples:
$Conf{CgiAdminUserGroup} = 'admin';
$Conf{CgiAdminUsers} = 'craig celia';
--> administrative users are the union of group admin, plus
craig and celia.
$Conf{CgiAdminUserGroup} = '';
$Conf{CgiAdminUsers} = 'craig celia';
--> administrative users are only craig and celia'.
Currently the Language setting applies to the CGI interface and email messages sent to users. Log files and other text is still in English.
sprintf() strings,
that each contain a single '%s' that will be replaced by the user
name. The default is a mailto: link.
$Conf{CgiUserHomePageCheck} should be an absolute file path that is used to check (via ``-f'') that the user has a valid home page. Set this to undef or an empty string to turn off this check.
$Conf{CgiUserUrlCreate} should be a full URL that points to the user's home page. Set this to undef or an empty string to turn off generation of URLs for user names.
Example:
$Conf{CgiUserHomePageCheck} = '/var/www/html/users/%s.html';
$Conf{CgiUserUrlCreate} = 'http://myhost/users/%s.html';
--> if /var/www/html/users/craig.html exists, then 'craig' will
be rendered as a link to http://myhost/users/craig.html.
Example:
$Conf{CgiImageDir} = '/usr/local/apache/htdocs/BackupPC';
$Conf{CgiExt2ContentType} = {
'pl' => 'text/plain',
};
Example:
$Conf{CgiImageDirURL} = '/BackupPC';
Starting with v1.4.0 BackupPC switched to a X.Y.Z version numbering system, instead of X.0Y. The first digit is for major new releases, the middle digit is for significant feature releases and improvements (most of the releases have been in this category), and the last digit is for bug fixes. You should think of the old 1.00, 1.01, 1.02 and 1.03 as 1.0.0, 1.1.0, 1.2.0 and 1.3.0.
Craig Barratt <cbarratt@users.sourceforge.net>
See http://backuppc.sourceforge.net.
Copyright (C) 2001-2003 Craig Barratt
Xavier Nicollet, with additions from Guillaume Filion, added the internationalization (i18n) support to the CGI interface for v2.0.0. Xavier provided the French translation fr.pm, with additions from Guillaume.
Ryan Kucera contributed the directory navigation code and images for v1.5.0. He also contributed the first skeleton of BackupPC_restore.
Guillaume Filion wrote BackupPC_zipCreate and added the CGI support for zip download, in addition to some CGI cleanup, for v1.5.0.
Javier Gonzalez provided the Spanish translation, es.pm.
Manfred Herrmann provided the German translation, de.pm.
Many people have reported bugs, made useful suggestions and helped with testing; see the ChangeLog and the mail lists.
Your name could appear here in the next version!
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License in the LICENSE file along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
|
BackupPC |