Backup Central

On Mon, Jan 23, 2012 at 11:22 PM, Kenneth L. Owen
<tx836519 < at > bellsouth.net> wrote:


I am not wanting to generate a new private key on the archiver for
backuppc user for just the reason you gave -- the clients are in sync
with this key.


And you don't need a new key, you just need the public key that
matches your existing private key added to the appropriate
authorized_keys file.

backuppc ssh connects to the client as backuppc where he has an account.
The clients sudoers file gives backuppc root privilege for the commands
needed to perform backup and no others.  If I need to do a restore, I
must revise the sodoers file to to switch to the commands for restore so
backuppc can write the files.  Then when the restore is complete it is
changed back so that only the backup function is allowed.

On the archiver, backuppc has a logon ID.  The sudoers file gives
backuppc root authority on archiver system, but only for the commands
needed to perform a tar backup of /home.

So, to switch to rsync, I revise sudoers to give backuppc root privilege
for the commands to perform rsync backup of /home.  Then BackupPC
application will ssh connect to localhost as user backuppc on localhost.

Am I missing something here?

That is more complicated than just ssh'ing as root (where sshd has
approximately equivalent facilities to sudo to control what can be
executed) but if that is working correctly elsewhere it should work
the same with localhost as the target.

--
Les Mikesell
lesmikesell < at > gmail.com

------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Thank you, Les!

That was my total problem. My backups are scheduled to begin at 01:00
and I just had time to get there, logon as backuppc and issue the
ssh-copy-id archiver. Immediately the tar backup began!

What I can't figure out now is why it was working some of the time
without the public key on file in authorized_keys.

I'll update my notes for the next time I have to setup a system!

Again, thanks for your help and putting up with a barely literate Linux
user. -- ken



On Mon, 2012-01-23 at 23:42 -0600, Les Mikesell wrote:
On Mon, Jan 23, 2012 at 11:22 PM, Kenneth L. Owen
<tx836519 < at > bellsouth.net> wrote:


I am not wanting to generate a new private key on the archiver for
backuppc user for just the reason you gave -- the clients are in sync
with this key.


And you don't need a new key, you just need the public key that
matches your existing private key added to the appropriate
authorized_keys file.

backuppc ssh connects to the client as backuppc where he has an account.
The clients sudoers file gives backuppc root privilege for the commands
needed to perform backup and no others. If I need to do a restore, I
must revise the sodoers file to to switch to the commands for restore so
backuppc can write the files. Then when the restore is complete it is
changed back so that only the backup function is allowed.

On the archiver, backuppc has a logon ID. The sudoers file gives
backuppc root authority on archiver system, but only for the commands
needed to perform a tar backup of /home.

So, to switch to rsync, I revise sudoers to give backuppc root privilege
for the commands to perform rsync backup of /home. Then BackupPC
application will ssh connect to localhost as user backuppc on localhost.

Am I missing something here?

That is more complicated than just ssh'ing as root (where sshd has
approximately equivalent facilities to sudo to control what can be
executed) but if that is working correctly elsewhere it should work
the same with localhost as the target.




------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Hi Les & Carl,

I was pre-mature in thinking that the problem was solved. I am still
getting the same result: No files transferred.

I will rework the archiver system to switch from tar to rsync transfer.
I believe that this will work as the rsync method is working on all
other hosts.

But, I do have another question. Do I need to remove the old tar
history for localhost? I don't trust any of the data anyway and it will
free the storage.

Now, that provokes a second question. What is the best way to do this?
I could totally remove localhost from the backup system and then tell
the system to purge the old files for this machine. Then, recreate it
using rsync transport mechanism. I am just not sure exactly how to
perform this evolution.

I believe I'm seeing light at the end of the tunnel and just pray that
it is not an incoming freight train. -- ken


On Tue, 2012-01-24 at 01:10 -0500, Kenneth L. Owen wrote:
Thank you, Les!

That was my total problem. My backups are scheduled to begin at 01:00
and I just had time to get there, logon as backuppc and issue the
ssh-copy-id archiver. Immediately the tar backup began!

What I can't figure out now is why it was working some of the time
without the public key on file in authorized_keys.

I'll update my notes for the next time I have to setup a system!

Again, thanks for your help and putting up with a barely literate Linux
user. -- ken



On Mon, 2012-01-23 at 23:42 -0600, Les Mikesell wrote:
On Mon, Jan 23, 2012 at 11:22 PM, Kenneth L. Owen
<tx836519 < at > bellsouth.net> wrote:


I am not wanting to generate a new private key on the archiver for
backuppc user for just the reason you gave -- the clients are in sync
with this key.


And you don't need a new key, you just need the public key that
matches your existing private key added to the appropriate
authorized_keys file.

backuppc ssh connects to the client as backuppc where he has an account.
The clients sudoers file gives backuppc root privilege for the commands
needed to perform backup and no others. If I need to do a restore, I
must revise the sodoers file to to switch to the commands for restore so
backuppc can write the files. Then when the restore is complete it is
changed back so that only the backup function is allowed.

On the archiver, backuppc has a logon ID. The sudoers file gives
backuppc root authority on archiver system, but only for the commands
needed to perform a tar backup of /home.

So, to switch to rsync, I revise sudoers to give backuppc root privilege
for the commands to perform rsync backup of /home. Then BackupPC
application will ssh connect to localhost as user backuppc on localhost.

Am I missing something here?

That is more complicated than just ssh'ing as root (where sshd has
approximately equivalent facilities to sudo to control what can be
executed) but if that is working correctly elsewhere it should work
the same with localhost as the target.




------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/




------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

On Tue, Jan 24, 2012 at 2:09 PM, Kenneth L. Owen <tx836519 < at > bellsouth.net> wrote:
Hi Les & Carl,

I was pre-mature in thinking that the problem was solved.  I am still
getting the same result:  No files transferred.

I will rework the archiver system to switch from tar to rsync transfer.
I believe that this will work as the rsync method is working on all
other hosts.

I think your real issue has to do with the quoting differences needed
to pass commands through the right number of shell parsings when sudo
is involved and when possibly not using ssh.

But, I do have another question.  Do I need to remove the old tar
history for localhost?  I don't trust any of the data anyway and it will
free the storage.

Shouldn't matter.

--
Les Mikesell
lesmikesell < at > gmail.com

------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

On 01/24 03:09 , Kenneth L. Owen wrote:
But, I do have another question. Do I need to remove the old tar
history for localhost? I don't trust any of the data anyway and it will
free the storage.

You will likely free less space than you think. This is due to the fact that
BackupPC 'pools' (hardlinks) duplicate files together.

You do not need to remove history. If you desire to do so anyway, the basic
method is:
# cd /var/lib/backuppc/pc/localhost
# ls -l
compare the numbers of the backups there with the numbers visible in the
BackupPC web interface and pick out the one(s) you wish to delete
# rm -rf <number>

This does not free much space at all, since the files are stored in
/var/lib/backuppc/cpool and hardlinked to /var/lib/backuppc/pc/<hostname>.

The BackupPC_nightly process goes through the pool and looks for files that
have a refcount of 1. These are files that have only one name (directory
entry) associated with them. If the only name for them is in the pool, that
means they aren't used by any backups and may be deleted.

You can wait overnight for the BackupPC_nightly job to run (tho it may take
several nights depending on the settings in config.pl); or to run it by hand
across the whole pool, I think the syntax is:

$ /usr/share/backuppc/bin/BackupPC_nightly 0 255

As always, your paths may vary if you didn't use a Debian package for your
install (or I made a typo).

Now, that provokes a second question. What is the best way to do this?
I could totally remove localhost from the backup system and then tell
the system to purge the old files for this machine. Then, recreate it
using rsync transport mechanism. I am just not sure exactly how to
perform this evolution.

Don't worry about it. Just set up the backup the new way.

--
Carl Soderstrom
Systems Administrator
Real-Time Enterprises
www.real-time.com

------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/