As a side note: this is just a thread part of my
main thread which is destinated at securing debian!
This
script backups files to a FTP server. On the FTP server it should be chrooted to some incomming directory. After the upload a managing
script on the FTP server should move the data to a appropiate archive directory ...
Code:
----------------------------------------------------------------------
created ftp-backup script [ /usr/local/sbin/backup_ftp.sh ]
----------------------------------------------------------------------
#!/bin/sh
# --------------------------------------------------------------------
# purpose: backup files defined in config file to ftp-server
# args: 1 = base name (config filename, backup filename)
# deps: bash
# --------------------------------------------------------------------
# --------------------------------------------------------------------
# configuration
# --------------------------------------------------------------------
BACKUP_FILENAME="$1.tar.bz2"
CONFFILE="/etc/backup/$1.conf"
export PATH="/bin:/sbin:/usr/bin:/usr/sbin"
# --------------------------------------------------------------------
# --------------------------------------------------------------------
# backup data to ftp server
# --------------------------------------------------------------------
test -f $CONFFILE || exit 0
BACKUP_FILES=`cat $CONFFILE`
test -f etc/backup/ftp_details.conf || exit 0
. /etc/backup/ftp_details.conf
cd /
tar \
-cf $BACKUP_FILENAME \
-j -p --numeric-owner $BACKUP_FILES &> /dev/null
ftp -n $FTP_SERVER << EOF
user $FTP_USERNAME $FTP_PASSWORD
binary
put $BACKUP_FILENAME
chmod 600 $BACKUP_FILENAME
quit
EOF
rm $BACKUP_FILENAME
# --------------------------------------------------------------------
----------------------------------------------------------------------
----------------------------------------------------------------------
created backup configuration files and jobs
----------------------------------------------------------------------
mkdir /etc/backup
created /etc/backup/ftp_details.conf:
FTP_SERVER="backup.example.com"
FTP_USERNAME="debian.example.com"
FTP_PASSWORD="matrix"
created /etc/backup/log_daily.conf
/var/log/critical.1.gz
/var/log/emergency.1.gz
/var/log/error.1.gz
/var/log/info.1.gz
created /etc/backup/log_monthly.conf:
/var/log/aide/
/var/log/auth.log.1.gz
/var/log/auth.log.2.gz
/var/log/auth.log.3.gz
/var/log/auth.log.4.gz
/var/log/cron.log.1.gz
/var/log/cron.log.2.gz
/var/log/cron.log.3.gz
/var/log/cron.log.4.gz
/var/log/daemon.log.1.gz
/var/log/daemon.log.2.gz
/var/log/daemon.log.3.gz
/var/log/daemon.log.4.gz
/var/log/faillog
/var/log/kern.log.1.gz
/var/log/kern.log.2.gz
/var/log/kern.log.3.gz
/var/log/kern.log.4.gz
/var/log/mail.log.1.gz
/var/log/user.log.1.gz
/var/log/user.log.2.gz
/var/log/user.log.3.gz
/var/log/wtmp.1
created /etc/backup/main_config.conf:
/etc/aide/
/etc/aliases
/etc/backup/
/etc/cron.*
/etc/default/
/etc/fstab
/etc/gateways
/etc/group
/etc/gshadow
/etc/host*
/etc/init.d/
/etc/logcheck/
/etc/logrotate.d/
/etc/monit/
/etc/network/
/etc/passwd
/etc/postfix/
/etc/resolv.conf
/etc/shadow
/etc/ssl
/etc/ssh
/etc/sudoers
/etc/sysctl.conf
/etc/syslog.conf
/etc/xinetd.*
created /etc/cron.d/backup:
30 00 * * * root \
/usr/local/sbin/backup_ftp.sh log_daily
15 01 * * * root \
/usr/local/sbin/backup_ftp.sh main_config
30 01 1 * * root \
/usr/local/sbin/backup_ftp.sh log_monthly
----------------------------------------------------------------------