[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[rdiff-backup-users] My rdiff-backup web interface
From: |
Justin Chevrier |
Subject: |
[rdiff-backup-users] My rdiff-backup web interface |
Date: |
Wed, 14 Jul 2004 11:57:05 -0400 |
User-agent: |
Mozilla Thunderbird 0.6 (Windows/20040502) |
Hello all,
I found out about rdiff-backup a few months ago when I was looking for a
method of doing
autonomous backups that could take place efficiently over a network
link. rdiff-backup fit
the bill perfectly. My primary use for rdiff-backup is to do backups
remotely for shares
on our windows active directory network. I am using a custom built dual
Athlon rig running
Linux on 6 250GB IDE drives in a RAID 5 array all tied together with a
3ware RAID card.
After getting it up and running I personally saw to restoring any files
that were lost
or corrupt as they appeared. After a while this became somewhat
burdensome to have to do
and was a problem if I happened not to be around. So I set to work on
creating an
interface for restoring files in a way that any member of our department
could do with
ease. Below I will outline what I did to create my interface, what tools
I used and
libraries that I rely on and any pitfalls along the way.
I decided right away to do a web interface for speed of development as
well as being
able to restore files from any web enabled workstation. I also settled
on PHP for the
script to use in creating the interface; I hadn't programmed much in it
up until this point
and I felt like a bit of a challenge :). I'm sure the php gurus out
there will see
some bad things I've done! Okay, to the specifics:
Details of Operation:
When first loading the script it will ask for a username and password.
This is authenticated
via PAM modules and in my case the PAM module for PHP uses winbind to
allow users to have the
same password here as they do on our windows domain. After successfully
logging in it will
present you with a list of directories and the increments available in
them. You first
choose an increment, it will then list all of changed/deleted/new files
in the increment or
you can search that particular increment for specific files. Do not use
wild cards here
(ala *.doc) instead just search as the text appears in the filename. For
example, if you
wanted to find all the '.doc' files search for '.doc'. After either
searching or listing
the increment it will then list all of the matching files. You can place
a checkbox
beside how ever many files/directories you want to restore. If you chose
to list the
increment: Red means deleted from this increment to the latest
increment, green means
something new added between this increment and the latest and yellow
means that the file
has changed. After choosing the files you would like to restore you can
choose a Windows
share (note: must point to share directly, not to directories under the
share) to restore
the files to. Put in the username and password of someone that has
access to the share
you're restoring to. Click 'restore' and the files will appear at that
location!
Some Notes:
1) As stated, the path to the restore location must be a share, and not
a directory under a
share, or a local path (eg. use: //server/share, not:
//server/share/directory)
2) The script does not restore the full path when you choose a single
file, it will just
create that file in the path it is pointed to. As a result if you have
two files with the
same name in different directories and restore them both in one step
they will smash each
other, in other words the next file in the list of files to be restored
will overwrite the
previously restored one. You can restore a full path by choosing a
directory in the list.
3) The script calls mount, rdiff-backup, etc directly by their command
line and doing a 'sudo'
to access the required functionality. This is probably bad in general
but less of a
concern here as it is a secure network and the script will be accessed
internally only.
4) The list directories to be searched for increments by the script are
collected from
'/etc/rdiff-man.conf' This is just a simple file with each directory to
be checked listed
on a line of its own.
eg.
**BOF
/mnt/backup/finance
/mnt/backup/users
/mnt/backup/groups
**EOF
5) To set the domain for your windows network chanage the 'DOMAIN in
'$restore_domain = "DOMAIN";'
to whatever is correct on your domain
6) There is not as much error checking as there should be
Libraries and versions used:
pam_auth for php - http://www.math.ohio-state.edu/~ccunning/pam_auth/
Version: 4.3
I placed the source for this right in the PHP extention source directory
before compiling PHP
(eg. ./php-4.3.7/ext/pam_auth)
* The above is for the initial login authentication. If no login
authentication is required
that portion of the php script can be ripped out. I liked this approach
because I am
running Samba with winbind on this server as well and I simply tied
pam's php module
into winbind to authenticate against the AD.
I have attached the PAM file i used for PHP at the end of this email.
This file, called 'php'
is placed in '/etc/pam.d/'
PHP - http://www.php.net
Version: 4.3.7
Config: ./configure -prefix=/usr/local/php
-with-apxs2=/usr/local/apache2/bin/apxs --with-pam_auth
* I custom compiled PHP from source to include the pam_auth module. This
was the only
way that I could get the pam_auth module to work
Apache - http://www.apache.org
Version: 2.0.49
Config: ./configure –prefix=/usr/local/apache2 –enable-mods-shared=most
RedHat Linux
Version: 9.0 with custom compiled kernel 2.6.7, CIFS file system support
compiled in
Assumptions:
I used the CIFS file system to connect to Windows shares for restoring
files. If you would like to
use SMBFS, NFS, etc the appropriate changes can be made to the mount
commands.
I have created a 'php' user for the script to run under. This user is in
the wheel group to access
the sudo command (see '/etc/group').
I have granted users in the 'wheel' group access to sudo without
requiring a password:
'%wheel ALL=(ALL) NOPASSWD: ALL'
I believe that is all (or all that I can think of right now). Hopefully
someone out there has some
use for this script/interface, I know it's made things a lot easier for
me! :)
Justin Chevrier
#%PAM-1.0
auth sufficient pam_winbind.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_limits.so
session optional pam_console.so
%s | \n",$file_list[$j]);
} else if (substr($file_list[$j],0,7) == "deleted") {
$file_list[$j]=strstr($file_list[$j],' ');
$file_list[$j]=trim($file_list[$j]);
printf("%s |
\n",$file_list[$j]);
} else if (substr($file_list[$j],0,7) == "changed") {
$file_list[$j]=strstr($file_list[$j],' ');
$file_list[$j]=trim($file_list[$j]);
printf("%s |
\n",$file_list[$j]);
} else {
printf("%s |
\n",$file_list[$j]);
}
}
}
if (isset($_POST['search']) && $_POST['search'] == 'Search') {
?>
" method="post">
Restore Path:
UserName:
Password:
%s
",$session);
$list_cmd = `sudo rdiff-backup --list-at-time $session $path |grep "$search_text"`;
$list = split("[\n\r]",$list_cmd);
$list_length = count($list);
for ($n=0; $n<=$list_length; $n++)
{
if($list[$n]!='')
$list[$n]="changed $list[$n]";
}
show_files($path, $list);
?>
">
">
";
echo "Source | Destination |
";
$text=$_POST['file'];
foreach ($text as $file_list ) {
$pos = strrpos($file_list,"/");
$len = strlen($file_list);
$filename = substr($file_list, $pos+1, $len-pos-1);
$back_path=$_POST['path'];
$back_date=$_POST['date'];
$cmd = `sudo rdiff-backup -r $back_date "$back_path/$file_list" "$restore_mount_point/$filename"`;
echo "$file_list | ";
echo "$restore_path/$filename |
";
}
echo "";
$cmd = `sudo umount /mnt/restore`;
echo "
Successfully Restored!";
} else {
printf("%s",$mount_cmd);
}?>
" method="post">
" method="post">
Restore Path:
UserName:
Password:
" method="post">
Go Back';
}
} else if (isset($_POST['logged']) && ($_POST['logged'] == 'Logged In') || ($_POST['logged'] == 'Return')){
$restore_path = file('/etc/rdiff-man.conf');
$num_directories = count($restore_path);
echo "";
for ($k=0; $k<$num_directories; $k++) {
$restore_path[$k] = trim($restore_path[$k]);
printf("%s | ",$restore_path[$k]);
$cmd = `sudo rdiff-backup -l $restore_path[$k]`;
$list[$k] = split("\n",$cmd);
$length[$k] = count($list[$k]);
?>
" method="post">
">
|
|
Search:
|
";
} else {
?>
" method="post">
UserName:
Password:
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [rdiff-backup-users] My rdiff-backup web interface,
Justin Chevrier <=