Date: Wed, 17 Nov 1999 09:10:37 -0600 (CST) From: Mark Tinguely <tinguely@plains.NoDak.edu> To: mark@whetstonelogic.com, questions@FreeBSD.ORG Subject: Re: Backup several hosts with dump Message-ID: <199911171510.JAA21239@plains.NoDak.edu>
next in thread | raw e-mail | index | archive | help
> I guess my question then becomes: is there a way I can enable the
> computers to log on to each other as needed without sacrificing
> security?
you can minimumize the exposure by running the backup program using
a regular account (for example "rbackup") on the tape and client machines.
you need to change the permissions of rdump on the client machines to
be setuid root, executable by group "rbackup", and not executable by
others; the group for each slice that you wish to backup must also be
"rbackup"; "rbackup" should own /etc/dumpdates also (these chmod instruction
can be done by root from cron on at the needed time only to also limit
exposure, also there needs to be a "~rbackup/.rhosts" on the client machine
listing the tape machine's "rbackup" account, this can be placed in by cron)
on the tape machine, the ownership of dump should be changed, the tape
device needs to be owned by "rbackup", the group of the slices need to be
"rbackup", and the appropriate client machine needs an entry in
"~rbackup/.rhost"s file (all of these changes can be updated by cron, but
keep the machines times synced).
the tape machine can run a script file that does the backup:
#!/usr/local/bin/bash
case `date| awk '{print $3}'` in
1 | 2 | 3 | 4 | 5 | 6 | 7) level=0;;
8 | 9 | 10 | 11 | 12 | 13 | 14) level=1;;
15 | 16 | 17 | 18 | 19 | 20 | 21) level=2;;
22 | 23 | 24 | 25 | 26 | 27 | 28) level=3;;
29 | 30 | 31) level=4;;
esac
# uncomment below to force a full backup
#level=0
echo "Start of level ${level} backup."
echo "dumping host: client1"
/usr/bin/rsh -n client1 /sbin/rdump ${level}usdf 39400 61000 tapemachine:/dev/nrsa0 /dev/rwd0s1a
sleep 5
...
sleep 5
/usr/bin/rsh -n client1 /sbin/rdump ${level}usdf 39400 61000 tapemachine:/dev/nrsa0 /dev/rwd0s1g
echo "dumping host: tapemachine"
/sbin/dump ${level}usdf 39400 61000 /dev/nrsa0 /dev/rda0s1a
...
/sbin/dump ${level}usdf 39400 61000 /dev/nrsa0 /dev/rda0s1g
...
echo "dumping host: clientN"
/usr/bin/rsh -n clientN /sbin/rdump ${level}usdf 39400 61000 tapemachine:/dev/nrsa0 /dev/rwd0s1a
sleep 5
...
sleep 5
/usr/bin/rsh -n clientN /sbin/rdump ${level}usdf 39400 61000 tapemachine:/dev/nrsa0 /dev/rwd0s1e
mt -f /dev/nrsa0 stat
mt -f /dev/nrsa0 off
echo "End of level ${level} backup."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911171510.JAA21239>