bakiServer


1 DESCRIPTION

The bakiServer package contains of one binary, bakibackup, that handles retrieval and storing of backup archives according to the configuration file, baki.conf.

Some supplementary scripts are also provided, namely:

backup_shell.py and restore_shell.py are intended to be used as login shell for maintenance user accounts on the backup server.

2 INSTALLATION

To compile and install bakiServer from its source code you can use the following commands:

      # tar xzvf bakiServer-0.91.tar.gz
      # cd bakiServer-0.91
      # ./configure
      # make
      # make install
    

Then you need to create a few user accounts on your system. You can do this by inserting the following lines in your /etc/passwd file:

      baki:x:20001:20001:bakiBackup:/usr/local/lib/baki:/bin/bash
      edit:x:20001:20001:bakiBackup Maintenance Interface:/usr/local/lib/baki:/usr/local/lib/baki/backup_shell.py
      read:x:20001:20001:bakiBackup Restore Interface:/usr/local/lib/baki:/usr/local/lib/baki/restore_shell.py
    

It's not a typo that all 3 users have the same UID. You can also choose other usernames for the edit and read users if you want. They are for the dialog based interfaces.

Don't forget to check if the UID/GID you use are actually free and not used by another user/software on your system. If not, you can choose any UID/GID you like (except for 0, which is not a good idea).

These are for /etc/group:

      baki:x:1001:
    

For /etc/shadow:

      baki:!:11142:0:99999:7:::
      edit:*:11176:0:99999:7:::
      read:*:11176:0:99999:7:::
    

And for /etc/gshadow:

      baki:!::
    

Then you can set passwords for the edit and read users by issuing the following commands as root:

      # passwd edit
      # passwd read
    

Then you need to create a SSH key for the baki user. To do this, type:

      # su - baki
      $ ssh-keygen
    

Follow the directions of ssh-keygen and create a key without a password (just press enter).

The public key gets stored in /usr/local/lib/baki/.ssh/identity.pub. You need to copy the contents of this file to the file authorized_keys on the machines to be backuped. See the documentation of bakiClient for details.

3 CONFIGURATION

bakiServer is configured using a configuration file in XML format. The file is named baki.conf and normally resides in /usr/local/lib/baki/etc (this can be specified using commandline options to configure, see configure --help for details).

The config file consists of two parts:

  1. A section where multiple global options can be specified (enclosed in <options> tags).
  2. Multiple sections declaring backup sets (enclosed in <backup> tags).

Each host tag in the backup set declaration allows 3 parameters to be set: the hostname, the name of the file set on this host, and the desired history length (how many old copies of the backup archive are kept). The history length option is only valid when backup up to a directory.

Just use the provided baki.conf.sample file as a template for creating your own baki.conf. The config file's syntax is very simple and easily recognizable.

You need to make sure that baki.conf is owned by baki.baki so that the bakiBackup Maintenance Interface is able to change its contents.