1. Assignment: Install a debian ssh server on a VirtualBox and access to it

config apt-cacher 192.168.10.1 port 3128

sed -i 's#http://#http://192.168.10.1:3142/#g' /etc/apt/sources.list

install emacs

sudo aptitude install emacs

install config openssh server and make it work

eval `ssh-agent`
exec ssh-agent bash (if ssh-add is not working)

add sam_sshkey.pub to .ssh/authorized_keys

add to /etc/ssh/sshd_config:

AllowUsers xxx

changed in the same file:

PasswordAuthentication no
PermitRootLogin no

If ssh doesn't work check the grp and own of .ssh/authorized_keys

install bash completion

aptitude install bash-completion

add the following to ~/.bashrc or ~/.bash_profile

if [ -f /etc/bash_completion ]; then . /etc/bash_completion fi

Document the work done

Well, that's kind of done but the editing interface of the wiki is not yet clear to me. Few shortcut:

create a code box:

{code 'Enter'

heading

'ctrl' AND '1' XOR '2' XOR '3'

bullet list

'shift' AND 'ctrl' AND 'b'

bold, underline, italic

'ctrl' AND 'b'
'ctrl' AND 'u'
'ctrl' AND 'i'

save

'ctrl' AND 's'

Problems encountered after installation of debian

On start and halt

PROBLEM:

exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken

SOLUTION:

rm /var/log/exim4/paniclog

need to start the network manually dhclient eth0

PROBLEM: when auto eth0 added to interfaces. Nfs interfaces gets stuck on boot.

SOLUTION: there was no 'auto lo' in /etc/network/interfaces. That added plus 'auto eth0' makes it work.

2. Assignement: Install a graphic interface on Debian installation

Install Debian with nothing else than the minimum (except for laptop)

Install XOrg

apt-get install xorg

Install Gnome

apt-get install gnome-core

to test the installation:

starx

change the resolution

CTRL + ALT + '+'  and CTRL + ALT + '-'

screen the available resolution and change it

xrandr -q
wrands -s resolution

Install a display manager

apt-get install gdm

to start it

gdm

Install proprietary graphic card drivers:

If the kernel isn't compiled you need to install the kernel headers.

Check the kernel version

uname -r

Install the kernel header and link it to the linux file

apt-get install linux-header-...
rm /usr/src/linux
ln -s /usr/src/linux-header-... /usr/src/linux

Install the compilers

apt-get install gcc g++

For the nvidia cards

Download the latest drivers from the nvidia website.

Stop gdm (might need a kill)

/etc/init.d/gdm stop

Install the driver

sh NVIDIA...

Don't download the kernel interface. Ask for a compilation of a new interface. Start xconfig ans restart gdm

nvidia-xconfig
/etc/init.d/gdm restart

To remove the logo in xorg.conf

Option "NoLogo" "1"

3. Assignment: Install Amanda & use it

Installation

create the directory structure for the folders to keep the backup

mkdir /mnt/backup
#mount $DISK /mnt/backup/
mkdir /mnt/backup/vtapes /mnt/backup/holding /mnt/backup/holding/sam
chown backup.disk -R /mnt/backup/*

create the config in /etc/amanda

mkdir /etc/amanda/sam-daily
touch /etc/amanda/sam-daily/amanda.conf
touch /etc/amanda/sam-daily/disklist
chown -R backup.backup /etc/amanda/sam-daily

/etc/amanda/sam-daily/amanda.conf

org "sam"
mailto "root"
dumpcycle 7
runspercycle 5
tapecycle 30
dumpuser "backup"
tpchanger "chg-disk:/mnt/backup/vtapes/sam" # a virtual tape changer
#tapedev "/dev/nst0a" # the tapechanger
#tapedev "file:/mnt/backup/vtapes/offering"
changerfile "/var/lib/amanda/sam/changerfile"
labelstr "SAM.*"
label_new_tapes "SAM-%%"
tapetype DVD_SIZED_DISK
logdir "/var/lib/amanda/sam"
infofile "/var/lib/amanda/sam/curinfo"
indexdir "/var/lib/amanda/sam/index"
tapelist "/var/lib/amanda/sam/tapelist"
runtapes 5
#usetimestamps YES
dtimeout 3600 #seconds per client per dump
holdingdisk hd1 {
 directory "/mnt/backup/holding/sam"
}
define dumptype comp-tar {
 program "GNUTAR"
 index yes
# record no # Important! avoid interfering with production runs
 auth "bsdtcp"
 
}
define dumptype user-tar-span {
 comp-tar
 tape_splitsize 445 MB
 auth "bsd"
 #holdingdisk no
 #split_diskbuffer "/mnt/holding/diskbuffer"
 #fallback_splitsize 100M
 comment "tape-spanning user partitions dumped with tar"
 #exclude list "/etc/amanda/sam-daily/exclude-list"
}
define dumptype user-tar-span-home {
 user-tar-span
 comment "exluding all the unwanted things from /home"
# exclude list "/etc/amanda/sam-daily/exclude-list"
}
define tapetype DVD_SIZED_DISK {
 filemark 4 KB
 length 4482 MB
}

echo debian-server-test-sam.bluelight.av backup amdump >> /var/backups/.amandahosts

/etc/amanda/sam-daily/disklist

debian-server-test-sam.bluelight.av /etc user-tar-span
debian-server-test-sam.bluelight.av /var user-tar-span
debian-server-test-sam.bluelight.av /root user-tar-span
#debian-server-test-sam.bluelight.av /home/./all /home/ {
#user-tar-span
#exclude append "./media_no_backup"
#}

as the backup user create all the virtual tapes and label them

su backup -c "mkdir /mnt/backup/vtapes/sam"
for i in `seq 30`; do su backup -c "mkdir /mnt/backup/vtapes/sam/slot$i"; done
cd /mnt/backup/vtapes/sam && ln -s slot1 data

create the tapelist

su backup -c "mkdir /var/lib/amanda/sam"
su backup -c "touch /var/lib/amanda/sam/tapelist"

label the tapes

for i in `seq 30`; do su backup -c "/usr/sbin/amlabel sam-daily SAM-$i slot $i"; done

/root/scripts/amanda-backup (after creating the folder)

#!/bin/bash
#mount ${DISK} /mnt/backup
su backup -c "/usr/sbin/amdump sam-daily"
#sleep 5
#umount /mnt/backup
exit 0

chmod +x /root/scripts/amanda-backup

Recover (example for /etc)

In order to be able to run a recovery add the following line to /etc/amandahosts

localhost root amindexd amidxtaped

Go to the /etc folder

amrecover sam-daily
listhost
sethost  debian-server-test-sam.bluelight.av
listdisk
setdisk /etc
cd (folder name - ls works too)
add (name of the folder to recover or * for everything)    
extract
exit

If the backuo is restored from an external drive:

- make sure you have /etc/amanda and /var/lib/amanda on the external drive
- copy these 2 folders to the system to restore
- mount --bind the folder containing the vtapes to the folder on the system which supposed to have the vtapes (cf /etc/amanda/sam-daily/amanda.conf)
- follow the steps above

Problems encountered

...amanda.conf ...Line 54: end of line expected

SOLUTION: Press 'ENTER' at the end of the file and save.

4. Assignment: Weekly backup for server cupcake

First phase: Test on VirtualBox

Clone the amanda disk already created.

Do it by exporting Appliance and then import it preferably with new name.

PROBLEM: the virtual disks use the same lan card and the same MAC address.

SOLUTION: change the MAC address in VirtualBox and change it in the OS:

emacs /etc/udev/rules.d/70-persistent-net-rules

keep the interface with the new MAC address and make sure it is named eth0. Restart the OS.

Create to virtual drive and mount then on the server

Create 1 drive in virtual box and create 2 partitions:

fidsk -l
cfdisk /dev/sdb

format the partitions and mount them:

mkfs.ext3 /dev/sdb1
mkfs.ext3 /dev/sdb2
mkdir /media/backup-data
mkdir /media/backup-data2
mount -t ext3 /dev/sdb1 /media/backup-data
mount -t ext3 /dev/sdb2 /media/backup-data2

Create a daily backup of the second virtual OS

Second phase: Configure CUPCAKE

Explanation of runscycle and other in amanda.conf

	dumpcycle	runs per cycle	runtapes	tapecycle	tapetype
	The amount of days you will have a full backup (ex: every 4 weeks = 28)	How many backup runs per dumpcycle (ex: every week = 4)	How many tapes to use per run (ex: Biggest disklist + a bit / tapetype size = 12)	How many tapes are available. The number decrease at every run. Runtapes * runs per cycle + a bit(ex: 50)	defines the size of a tape (ex: DVD size: 4,5G)
1
2						DLE_1	10G
3						DLE_2	45G
4						DLE_3	1G
5
6
7		run	12
8
9
10
11
12
13
14		run	12
15
16
17
18
19
20
21		run	12
22
23
24
25
26
27
28	dumpcycle	run	12

Creating the script adapted to the present situation of the server (12/2011)

#!/bin/bash
## this is to automate the amanda setup
## variables used.
SERVICE=bluelight
FREQ=-weekly # frequence of the backup
MOUNTPOINT1=/media/backup-data # mountpoint for holding
MOUNTPOINT2=/media/backup-data2 # mountpoint for backup
TAPE=`echo ${SERVICE}${FREQ} | tr [a-z] [A-Z]`
## create the directory structure for the folders to keep the backup
mkdir ${MOUNTPOINT1}/amanda ${MOUNTPOINT1}/amanda/holding ${MOUNTPOINT1}/amanda/holding/${SERVICE}${FREQ}
chown backup.disk -R ${MOUNTPOINT2}/amanda/*
chown backup.disk -R ${MOUNTPOINT1}/amanda/*
## create the config in /etc/amanda
mkdir /etc/amanda/${SERVICE}${FREQ}
touch /etc/amanda/${SERVICE}${FREQ}/amanda.conf
touch /etc/amanda/${SERVICE}${FREQ}/disklist
chown -R backup.backup /etc/amanda/${SERVICE}${FREQ}
## The config files
cat << EOF > /etc/amanda/${SERVICE}${FREQ}/amanda.conf
org "Bluelight"
mailto "bluelight@auroville.org.in"
dumpcycle 28
runspercycle 4
runtapes 15
tapecycle 60
dumpuser "backup"
tpchanger "chg-disk" # a virtual tape changer
tapedev "file:/media/backup-data2/amanda/vtapes/bluelight-weekly"
changerfile "/var/lib/amanda/bluelight-weekly/changerfile"
labelstr "BLUELIGHT-WEEKLY-.*"
#label_new_tapes "BLUELIGHT-WEEKLY-%%"
tapetype DVD_SIZED_DISK
logdir "/var/lib/amanda/bluelight-weekly"
infofile "/var/lib/amanda/bluelight-weekly/curinfo"
indexdir "/var/lib/amanda/bluelight-weekly/index"
tapelist "/var/lib/amanda/bluelight-weekly/tapelist"
holdingdisk hd1 {
 directory "/media/backup-data/amanda/holding/bluelight-weekly"
}
define dumptype comp-tar {
 program "GNUTAR"
 compress fast
 index yes
# record no # Important! avoid interfering with production runs
} 
define dumptype user-tar-span {
 comp-tar
 tape_splitsize 445 MB
 holdingdisk no
 split_diskbuffer "/media/backup-data/amanda/holding/diskbuffer"
 fallback_splitsize 100M
 comment "tape-spanning user partitions dumped with tar"
 compress none
}
define dumptype user-tar-span-home {
 user-tar-span
 comment "exluding all the unwanted things from /home"
 exclude list "/etc/exclude-list"
 compress none
}
define tapetype DVD_SIZED_DISK {
 filemark 4 KB
 length 4482 MB
}
EOF

## create the disklist
cat <<EOF > /etc/amanda/${SERVICE}${FREQ}/disklist
rose.bluelight.av /etc user-tar-span
rose.bluelight.av /root user-tar-span
rose.bluelight.av /var user-tar-span
#192.168.10.12 /home/aufilduweb/data/Entreprises/Auroville/ user-tar-span
#
#192.168.10.12 /var/www/./programming /var/www {
# user-tar-span
## auth "bsdtcp"
# include "./meeting"
# include "./act"
# include "./mm_visitor_access"
#} 2
#this section is for everything in /home
######
rose.bluelight.av /home/./bharathy /home/ {
 user-tar-span-home 
 include "./bharathy"
} 1
rose.bluelight.av /home/./juergen /home/ {
 user-tar-span-home 
 include "./juergen"
} 1
rose.bluelight.av /home/./resources /home/ {
 user-tar-span-home 
 include "./resources"
} 1
rose.bluelight.av /home/./rest /home/ {
 user-tar-span-home 
 exclude append "./bharathy"
 exclude append "./juergen"
 exclude append "./resources"
 exclude append "./backup"
 exclude append "./backup_services"
 exclude append "./rdiff-backup"
 exclude append "./classes"
 exclude append "./joy"
 exclude append "./sincerity"
 exclude append "./surrender"
 exclude append "./music"
} 1
######
EOF

## as the backup user create all the virtual tapes and label them
su backup -c "mkdir ${MOUNTPOINT2}/amanda/vtapes/${SERVICE}${FREQ}"
for i in `seq 30`; do su backup -c "mkdir ${MOUNTPOINT2}/amanda/vtapes/${SERVICE}${FREQ}/slot$i"; done
cd ${MOUNTPOINT2}/amanda/vtapes/${SERVICE}${FREQ} && ln -s slot1 data

## create the tapelist
su backup -c "mkdir /var/lib/amanda/${SERVICE}${FREQ}"
su backup -c "touch /var/lib/amanda/${SERVICE}${FREQ}/tapelist"

## label the tapes
for i in `seq 30`; do su backup -c "/usr/sbin/amlabel ${SERVICE}${FREQ} ${TAPE}-$i slot $i"; done
[ -d /root/scripts ] || mkdir /root/scripts

## create the starting script
cat <<EOF > /root/scripts/amanda-${SERVICE}${FREQ}-backup
#!/bin/bash
su backup -c "/usr/sbin/amdump ${SERVICE}${FREQ}"
sleep 20
# if the machine should stay on after the backup create a file in / called no
# ie touch /no
if [ -f /no ]
then
 rm -f /no
 exit 0
else
 /sbin/halt
fi
exit 0
EOF
chmod +x /root/scripts/amanda-${SERVICE}${FREQ}-backup
exit 0

Create a crontab entry

 # m h dom mon dow command
17 12 * * 1-4 /root/scripts/backup-bluelight
17 12 * * 5 /root/scripts/backup-bluelight-weekly

changed the runscycle of the daily backup to 4 in amanda.conf

PROBLEM:

amrecover bluelight-weekly

AMRECOVER Version 2.5.2p1. Contacting server on localhost ...
[request failed: timeout waiting for ACK]

SOLUTION:

amrecover bluelight-weekly -s cupcake.bluelight.av -t cupcake.bluelight.av

5. Assignment: Make a weekly -Offsite backup of the TownHall

Rdiff-backup

Install rdiff on the server and the working station.

apt-get install rdiff-backup

and create a backup folder in the server (ex: /backup/servername/)

Login using ssh key

As root on the working station create the key, do not enter any paraphrase.

ssh-keygen -t rsa

Copy the public key to the server

scp /root/.ssh/id_rsa.pub root@192.168.10.91:/root/

Write the public into the .ssh/authorized_keys of the user (in his home folder) you want to login to

cat id_rsa.pub >> /root/.ssh/authorized_keys

change in /etc/ssh/sshd_config:

PasswordAuthentication no
PermitRootLogin without-password

If ssh doesn't work check the grp and own of .ssh/authorized_keys or check the name of the file...

Create a backup list

/root/rdiff-backups/backup-list-server

/home/
- /

Create an ssh alias to access the server

/root/.ssh/config

Host backup-server
 Hostname 192.168.10.91
 User root
 Identityfile /root/.ssh/id_rsa_backup_raspberry
 Protocol 2

test the backup with:

rdiff-backup --force --include-globbing-filelist /root/rdiff-backups/backup-list-server / backup-server::/backup/raspberry/

Secure the ssh authentication

In /root/.ssh/authorized_keys add the following before 'ssh-rsa....'

command="rdiff-backup --server",from="raspberry.bluelight.av",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty

so the file's line looks like:

command="rdiff-backup --server",from="raspberry.bluelight.av",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAA[......]3UV/ root@raspberry

Command line to remove old backup

rdiff-backup --remove-older-than 2W backup-server::/backup/raspberry/