Date: Sat, 11 Jul 2020 20:53:31 +0000 (UTC) From: Allan Jude <allanjude@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r363110 - in head: share/man/man5 usr.sbin/periodic usr.sbin/periodic/etc/daily Message-ID: <202007112053.06BKrVxv048643@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: allanjude Date: Sat Jul 11 20:53:31 2020 New Revision: 363110 URL: https://svnweb.freebsd.org/changeset/base/363110 Log: Add a periodic script to backup the partition table and boot code Optionally, alert you if the contents change from the previous backup PR: 86388 Submitted by: Rob Fairbanks <rob.fx907@gmail.com>, Miroslav Lachman <000.fbsd@quip.cz> (Original Version) MFC after: 4 weeks Relnotes: yes Sponsored by: Klara Inc. Event: July 2020 Bugathon Differential Revision: https://reviews.freebsd.org/D25628 Added: head/usr.sbin/periodic/etc/daily/221.backup-gpart (contents, props changed) Modified: head/share/man/man5/periodic.conf.5 head/usr.sbin/periodic/periodic.conf Modified: head/share/man/man5/periodic.conf.5 ============================================================================== --- head/share/man/man5/periodic.conf.5 Sat Jul 11 19:44:12 2020 (r363109) +++ head/share/man/man5/periodic.conf.5 Sat Jul 11 20:53:31 2020 (r363110) @@ -252,6 +252,22 @@ Files will be deleted using the same criteria as would normally use when determining whether to believe the cached information, as configured in .Pa /etc/mail/sendmail.cf . +.It Va daily_backup_efi_enable +.Pq Vt bool +Set to +.Dq Li YES +To create backup of EFI System Partion (ESP). +.It Va daily_backup_gpart_enable +.Pq Vt bool +Set to +.Dq Li YES +To create backups of partition tables, and bootcode partition contents. +.It Va daily_backup_gpart_verbose +.Pq Vt bool +Set to +.Dq Li YES +To be verbose if existing backups for kern.geom.conftxt or the partition tables differ +from the new backups. .It Va daily_backup_passwd_enable .Pq Vt bool Set to Added: head/usr.sbin/periodic/etc/daily/221.backup-gpart ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/usr.sbin/periodic/etc/daily/221.backup-gpart Sat Jul 11 20:53:31 2020 (r363110) @@ -0,0 +1,124 @@ +#!/bin/sh + +## $FreeBSD$ +## Created by: Miroslav Lachman <000.fbsd@quip.cz> + +## Backup of disk partitions layout, useful for gpart restore. +## Data are stored on local filesystem, in /var/backup. +## It is recommended to copy those files to off-site storage. + + +## If there is a global system configuration file, suck it in. +## +if [ -r /etc/defaults/periodic.conf ] +then + . /etc/defaults/periodic.conf + source_periodic_confs +fi + +bak_dir=/var/backups + +rotate() { + base_name=$1 + show_diff=$2 + file="$bak_dir/$base_name" + + if [ -f "${file}.bak" ] ; then + rc=0 + if cmp -s "${file}.bak" "${file}.tmp"; then + rm "${file}.tmp" + else + rc=1 + [ -n "$show_diff" ] && diff "${file}.bak" "${file}.tmp" + mv "${file}.bak" "${file}.bak2" || rc=3 + mv "${file}.tmp" "${file}.bak" || rc=3 + fi + else + rc=1 + mv "${file}.tmp" "${file}.bak" || rc=3 + [ -n "$show_diff" ] && cat "${file}.bak" + fi +} + +case "$daily_backup_gpart_verbose" in + [Yy][Ee][Ss]) show="YES" +esac + +case "$daily_backup_gpart_enable" in + [Yy][Ee][Ss]) + + echo "" + echo "Dump of kern.geom.conftxt:"; + sysctl -n kern.geom.conftxt > "$bak_dir/kern.geom.conftxt.tmp" + rotate "kern.geom.conftxt" $show + + gpart_devs=$(gpart show | awk '$1 == "=>" { print $4 }') + if [ -n "$daily_backup_gpart_exclude" ]; then + gpart_devs=$(echo ${gpart_devs} | grep -E -v "${daily_backup_gpart_exclude}") + fi + + if [ -z "$gpart_devs" ]; then + echo '$daily_backup_gpart_enable is set but no disk probed by kernel.' \ + "perhaps NFS diskless client." + rc=2 + else + echo "" + echo "Backup of partitions information for:"; + + for d in ${gpart_devs}; do + echo "$d" + safe_name=$(echo "gpart.${d}" | tr -cs ".[:alnum:]\n" "_") + gpart backup "$d" > "$bak_dir/$safe_name.tmp" + rotate "$safe_name" $show + done + + gpart_show=$(gpart show -p) + boot_part=$(echo "$gpart_show" | awk '$4 ~ /(bios|freebsd)-boot/ { print $3 }') + if [ -n "$boot_part" ]; then + echo "" + echo "Backup of boot partition content:" + for b in ${boot_part}; do + echo "$b" + safe_name=$(echo "boot.${b}" | tr -cs ".[:alnum:]\n" "_") + dd if="/dev/${b}" of="$bak_dir/$safe_name.tmp" 2> /dev/null + rotate "$safe_name" + done + fi + + mbr_part=$(echo "$gpart_show" | awk '$1 == "=>" && $5 == "MBR" { print $4 }') + if [ -n "$mbr_part" ]; then + echo "" + echo "Backup of MBR record:" + for mb in ${mbr_part}; do + echo "$mb" + safe_name=$(echo "boot.${mb}" | tr -cs ".[:alnum:]\n" "_") + dd if="/dev/${mb}" of="$bak_dir/$safe_name.tmp" bs=512 count=1 2> /dev/null + rotate "$safe_name" + done + fi + + fi + ;; + + *) rc=0 + ;; +esac + +case "$daily_backup_efi_enable" in + [Yy][Ee][Ss]) + + efi_part=$(gpart show -p | awk '$4 ~ /efi/ {print $3}') + if [ -n "$efi_part" ]; then + echo "" + echo "Backup of EFI partition content:" + for efi in ${efi_part}; do + echo "$efi" + safe_name=$(echo "efi.${efi}" | tr -cs ".[:alnum:]\n" "_") + dd if="/dev/${efi}" of="$bak_dir/$safe_name.tmp" 2> /dev/null + rotate "$safe_name" + done + fi + ;; +esac + +exit $rc Modified: head/usr.sbin/periodic/periodic.conf ============================================================================== --- head/usr.sbin/periodic/periodic.conf Sat Jul 11 19:44:12 2020 (r363109) +++ head/usr.sbin/periodic/periodic.conf Sat Jul 11 20:53:31 2020 (r363110) @@ -77,6 +77,11 @@ daily_backup_passwd_enable="YES" # Backup passwd & g # 210.backup-aliases daily_backup_aliases_enable="YES" # Backup mail aliases +# 221.backup-gpart +daily_backup_gpart_enable="YES" # Backup partition table/boot partition/MBR +daily_backup_gpart_verbose="NO" # Be verbose if new backup differs from the new one +daily_backup_efi_enable="NO" # Backup EFI system partition (ESP) + # 300.calendar daily_calendar_enable="NO" # Run calendar -a
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202007112053.06BKrVxv048643>