Linux/obackup
1
0
Fork 0
mirror of https://github.com/deajan/obackup.git synced 2025-02-06 03:13:49 +01:00
Code Issues Releases Wiki Activity

Backported some minor stuff from osync

Browse Source
This commit is contained in:
deajan 2015-08-25 15:26:36 +02:00
parent 48c1ef4140
commit 2080da1565
3 changed files with 67 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -21,7 +21,9 @@ UNDER WORK
CHANGELOG CHANGELOG
--------- ---------
- Backported some fixes from Osync
- Small improvments on install script
- Copy ssh_filter.sh from osync project
- Quick and dirty hack to get the full last run log in SendAlert email - Quick and dirty hack to get the full last run log in SendAlert email
- Added detection of obackup.sh script in obackup-batch.sh to overcome mising path in crontab - Added detection of obackup.sh script in obackup-batch.sh to overcome mising path in crontab
- Moved command line arguments after config file load for allowing command line overrides - Moved command line arguments after config file load for allowing command line overrides

13
install.sh
View File

@ -1,14 +1,25 @@
#!/usr/bin/env bash #!/usr/bin/env bash
SCRIPT_BUILD=2404201501 SCRIPT_BUILD=2015082501
## Obackup install script ## Obackup install script
## Tested on RHEL / CentOS 6 & 7 ## Tested on RHEL / CentOS 6 & 7
## Please adapt this to fit your distro needs ## Please adapt this to fit your distro needs
if [ "$(whoami)" != "root" ]
then
echo "Must be run as root."
exit 1
fi
mkdir /etc/obackup mkdir /etc/obackup
cp ./host_backup.conf /etc/obackup/host_backup.conf.example cp ./host_backup.conf /etc/obackup/host_backup.conf.example
cp ./exclude.list.example /etc/obackup cp ./exclude.list.example /etc/obackup
cp ./obackup.sh /usr/local/bin cp ./obackup.sh /usr/local/bin
cp ./obackup-batch.sh /usr/local/bin cp ./obackup-batch.sh /usr/local/bin
cp ./ssh_filter.sh /usr/local/bin
chmod 755 /usr/local/bin/obackup.sh
chmod 755 /usr/local/bin/obackup-batch.sh
chmod 755 /usr/local/bin/ssh_filter.sh
chown root:root /usr/local/bin/ssh_filter.sh

61
ssh_filter.sh
View File

@ -1,10 +1,13 @@
#!/bin/bash #!/bin/bash
##### Obackup / Osync ssh command filter build 2306201301 ##### Osync ssh command filter build 2015070203
##### This script should be located in /usr/local/bin in the remote system that will be backed up / synced ##### This script should be located in /usr/local/bin in the remote system to sync / backup
##### It will filter the commands that can be run remotely via ssh. ##### It will filter the commands that can be run remotely via ssh.
##### Please chmod 755 and chown root:root this file ##### Please chmod 755 and chown root:root this file
##### Obackup needed commands: rsync find du mysql mysqldump (sudo)
##### Osync needed commands: rsync find du echo mkdir rm if df (sudo)
## If enabled, execution of "sudo" command will be allowed. ## If enabled, execution of "sudo" command will be allowed.
SUDO_EXEC=yes SUDO_EXEC=yes
## Paranoia option. Don't change this unless you read the documentation and still feel concerned about security issues. ## Paranoia option. Don't change this unless you read the documentation and still feel concerned about security issues.
@ -30,22 +33,35 @@ function Go
case ${SSH_ORIGINAL_COMMAND%% *} in case ${SSH_ORIGINAL_COMMAND%% *} in
"$RSYNC_EXECUTABLE") "$RSYNC_EXECUTABLE")
Go ;; Go ;;
"mysqldump")
Go ;;
"mysql")
Go ;;
"echo") "echo")
Go ;; Go ;;
"find") "find")
Go ;; Go ;;
"du") "du")
Go ;; Go ;;
"mkdir")
Go ;;
"rm")
Go ;;
"df")
Go ;;
"mv")
Go ;;
"$CMD1") "$CMD1")
Go ;; if [ "$CMD1" != "" ]
then
Go ;;
fi
"$CMD2") "$CMD2")
Go ;; if [ "$CMD2" != "" ]
then
Go ;;
fi
"$CMD3") "$CMD3")
Go ;; if [ "$CMD3" != "" ]
then
Go ;;
fi
"sudo") "sudo")
if [ "$SUDO_EXEC" == "yes" ] if [ "$SUDO_EXEC" == "yes" ]
then then
@ -58,22 +74,49 @@ case ${SSH_ORIGINAL_COMMAND%% *} in
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo find"* ]] elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo find"* ]]
then then
Go Go
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo mkdir"* ]]
then
Go
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo rm"* ]]
then
Go
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo echo"* ]]
then
Go
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo df"* ]]
then
Go
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo mv"* ]]
then
Go
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD1"* ]] elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD1"* ]]
then then
if [ "$CMD1" != "" ]
then
Go Go
fi
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD2"* ]] elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD2"* ]]
then then
if [ "$CMD2" != "" ]
then
Go Go
fi
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD3"* ]] elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD3"* ]]
then then
if [ "$CMD3" != "" ]
then
Go Go
fi
else else
Log "Command [$SSH_ORIGINAL_COMMAND] not allowed." Log "Command [$SSH_ORIGINAL_COMMAND] not allowed."
exit 1
fi fi
else else
Log "Command [$SSH_ORIGINAL_COMMAND] not allowed. sudo not enabled." Log "Command [$SSH_ORIGINAL_COMMAND] not allowed. sudo not enabled."
exit 1
fi fi
;; ;;
*) *)
Log "Command [$SSH_ORIGINAL_COMMAND] not allowed." Log "Command [$SSH_ORIGINAL_COMMAND] not allowed."
exit 1
esac esac