Unix/Linux System Backup Script

Download it using this link:

bak3.tar.gz



Information about the Script

System Requirements:

Linux/Unix

Perl

OpenSSH (For secure, remote backups)

Gnupg (For encryption, if desired)

General Info:

This script performs file backups on your Linux/Unix system. It will archive (tar), compress and secure ftp transfer a specified list of files or directories to a remote server. The backups can be compressed with gzip compression, or encrypted and compressed with gnupg. Two scripts are provided: One does the full backup, and the other does incremental backups to save your precious bandwidth and storage space. The scripts are configurable through a typical .conf file, so there are a number of options available to tune your backup to your needs. I set the incremental script to run daily in cron, so my backups are always fresh when the inevitable hardware failure occurs.

Installation Instructions:

Download the file. Unzip it using gunzip. Now, unpack the tar archive:

tar -xvf bak3.tar

Once the tar extraction is complete, you will find 3 directories: usr, var, and etc. These correspond the same directories you have on your Unix/Linux machine. Move the following files into the appropriate system directories:

../etc/bak3/backup.files.list

../etc/bak3/bak3.conf

../var/bak3/last-full

../var/bak3/last-incr

../usr/local/sbin/bak3/full-bak.pl

../usr/local/sbin/bak3/incr-bak.pl


Be SURE to set the permissions on these files so that only the desired user, usually root, can edit or execute them. If you don't, you are taking a big security risk!

At this point, you need to do two things to configure your backups.


1. Configure your options by editing /etc/bak3/bak3.conf. Most of this should be self explanatory, but it does have a couple of quirks. If you want to encrypt your backups, you need to install and configure gnupg so that you have the appropriate keys. See the links at the bottom of this page to get it. Also, your remote backups won't happen automatically without having OpenSSH configured on both client and host, so that you can do the secure file transfer without using a password. If you don't want remote backups, then you can live without OpenSSH. Again, see the links at the bottom of the page. There is an option to run a utility script upon completion of incremental backups. You'll see this at the bottom of the bak3.conf. BE SURE to lock this file up, as in chmod 600. In fact, set the whole bak3 directory (all of them) to chmod 700, so that only the owner can get in, or even see them. If you run backups as root (you probably will), this would be the perfect place for the "bad guys" to launch their finest trojan!


2. Set up the list of files/directories you want to back up. Edit /etc/bak3/backup.files.list. Pretty easy, huh? Just remember, if you want to back up the whole directory, be sure to leave the "/" on the end of the path. It'll back up the whole directory recursively!


Be sure you have your .gnupg and .ssh directories and keys configured properly in the home directory of the user who will execute the backup (usually root), and the home directory of the user who will receive the them on the remote machine. If you don't, it won't work right. As I recall, gnupg will work nicely if you follow the man page & gnupg website. For ssh, generating your key requires a few options, and I have a reference that suggested:

ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -C '' -N ''

It works for me! Also, once your keys are generated, you'll need to take your public key, id_rsa.pub, and move it to the remote machine. Create a copy of it in authorized_keys file in the .ssh directory on the remote machine:

cat ~/id_rsa.pub >> ~/.ssh/authorized_keys

Be sure to set your privelages carefully, so nobody gets your secret key!

How to Run it:

There are 2 scripts, one for full backup, and one for incremental. I have 3 copies of full backups in rotation, and I usually run it manually. You can automate it using cron, if you like. I run the incremental daily in cron, and usually keep 22 copies in rotation. This is good for 3 weeks. To use cron, log in as the user you want to execute the program, and type "crontab -e" at the command prompt. Type "i" for insert mode, and hit the return key. Enter the following line: 30 3 * * * /usr/local/sbin/bak3/incr-bak.pl Now hit the Esc key to leave insert mode, and type "ZZ". This will save your crontab. Your incremental backup will run every morning at 3:30. If you need more info on this, get a good unix book, or search for cron howto on Google. Perhaps you might consider the cron man page on your system, as well.


So, now you've discovered this thing is a pain-in-the-patoot to get it all working right. Be patient and work with it. It's worth it. Once you get it all going, it is automatic and dependable. You'll be glad when you use those backups to recover your data!

Licensing Info:

This software is licensed under the terms of the GPL, or GNU Public License

Links

www.gnupg.org

www.openssh.org




gpo 9/07/05