[BackupPC-users] Solved: rsyncd via ssh-redirected port

Guido Schmidt schrieb:
> I'm now trying to backup a public host (host.example.com) via an 
> ssh-redirected port. I don't allow any command execution on that host (and 
> therefore cannot use the wait command), so I wrote a script 
> (sshtunnelcontrol, see below) to open and close the tunnel when needed. It is 
> called as DumpPreUserCmd and DumpPostUserCmd. 
> 
> What works? The opening and closing of the tunnel.
> What does not? The connection to it. Nothing in the rsyncd-logs on 
> host.example.com.
> 
> If I leave DumpPostUserCmd empty the tunnel stays open and I can use it with 
> rsync as user backuppc on a shell providing the password by hand:
> 
>   rsync -av --list-only --port=32323 backuppc@localhost::Alles 
> /home/backuppc/test/
> 
> XferMethod is rsyncd.

The problem was that BackupPC tried to connect before the tunnel was
ready. Inserting

  sleep 3

in my tunnel-control-script solved that.

In case anybody else wants to use it, here's the current version (tested
only on a Linux box):

-------- Begin /usr/local/bin/sshtunnelcontrol2 ----------

#!/bin/bash
###
### Provide ssh-tunnel for BackupPC
###
### by Guido Schmidt
### Version 2.2 2010/01/16
###

# Arguments BackupPC needs to provide:
#  1                 2                  [3]           [4]          [5]
             [6]        [7]         [8]        [9]
#  ACTION            $client            $sshPath      SSH-Options  local
tunnelport  $host      rsync port  ssh login  ssh port
#  [d]start|[d]stop  host.example.com   /path/to/ssh  -CN          11111
            localhost  873         backuppc   22222

# Crude argument-handling
ACTION=$1
CLIENT=$2
SSH_PATH=$3
SSH_OPTS=$4
SSH_TUNNEL_PORT=$5
SSH_HOST=$6
RSYNC_PORT=$7
SSH_USER=$8
SSH_PORT=$9

# Are we in debug-mode?
case "$ACTION" in
  dstart)
    DEBUG="1"
    ACTION="start"
    ;;
  dstop)
    DEBUG="1"
    ACTION="stop"
    ;;
  *)
esac

# Base settings
PRG_NAME="SSH Tunnel Control 2"
RSYNC_PATH="/usr/bin/rsync"
BASEDIR="/home/backuppc"
PIDFILE="${BASEDIR}/sshtunnel-${CLIENT}.pid"
TUNNEL_START="$SSH_PATH $SSH_OPTS -L
$SSH_TUNNEL_PORT:$SSH_HOST:$RSYNC_PORT -l $SSH_USER -p $SSH_PORT $CLIENT"

### tunnel_PID ()
###   Check for $PIDFILE
tunnel_PID () {
  if [ -e "${PIDFILE}" ]; then
    debecho "$PRG_NAME: Found ${PIDFILE}"
  else
    debecho "$PRG_NAME: ${PIDFILE} does not exist"
    return 1
  fi
}

### tunnel_proc ()
###   Check for process $PID
tunnel_proc () {
  PID=`cat ${PIDFILE}`
  debecho "$PRG_NAME: Looking for Process $PID"
  if ps -ef | grep -E "^backuppc +$PID.*$CLIENT" > /dev/null ; then
    debecho "$PRG_NAME: Found process $PID"
  else
    debecho "$PRG_NAME: Process $PID does not exist"
    return 1
  fi
}

### rsync_connect ()
###   Check for connection to remote rsyncd
rsync_connect () {
  debecho "$PRG_NAME: Trying rsync --list-only --port=$SSH_TUNNEL_PORT
$SSH_USER@$SSH_HOST::"
  if $RSYNC_PATH --list-only --port=$SSH_TUNNEL_PORT
$SSH_USER@$SSH_HOST:: ; then
    debecho "$PRG_NAME: Connection to remote rsyncd tested successfully"
  else
    debecho "$PRG_NAME: Connection to remote rsyncd failed"
    return 1
  fi
}

### create_tunnel ()
###   Open a new tunnel via SSH
create_tunnel () {
  debecho "$PRG_NAME: Opening tunnel"
  debecho "$PRG_NAME: $TUNNEL_START &"
  $TUNNEL_START 1>/dev/null 2>/dev/null &
  PID=$!
  if [ "$PID" -gt "0" ] ; then
    debecho "$PRG_NAME: Process ID is $PID"
    if echo $PID > "${PIDFILE}" ; then
      debecho "$PRG_NAME: Created ${PIDFILE}"
    else
      debecho "$PRG_NAME: Error: Could not create ${PIDFILE}"
      return 2
    fi
  else
    debecho "$PRG_NAME: Error: No Process ID"
    return 1
  fi
  # wait a bit for the tunnel to get ready
  sleep 3
}

### destroy_tunnel ()
###   Close an existing tunnel
destroy_tunnel () {
  PID=`cat ${PIDFILE}`
  if kill -15 $PID ; then
    debecho "$PRG_NAME: Process $PID killed"
  else
    debecho "$PRG_NAME: Error: Could not kill $PID"
    return 1
  fi
}

### remove_tunnel_PID ()
###   Remove an existing tunnel-PID-file
remove_tunnel_PID () {
  if rm ${PIDFILE} ; then
    debecho "$PRG_NAME: ${PIDFILE} deleted"
  else
    debecho "$PRG_NAME: Error: Could not delete ${PIDFILE}"
    return 1
  fi
}

### debecho ()
###   Will echo passed parameters only if DEBUG is set to a value
debecho () {
  if [ ! -z "$DEBUG" ]; then
     echo "$1" >&2
  fi
}


case "$ACTION" in

  start)
    ###
    ### Action: provide tunnel
    ###
    # check for (remains of) old tunnel
    if tunnel_PID ; then
      if tunnel_proc ; then
        if rsync_connect ; then
          echo "$PRG_NAME: [$ACTION] Old tunnel still working. Nothing
to do."
          exit 0
        else
          if ! destroy_tunnel ; then
            echo "$PRG_NAME: [$ACTION] Fatal: Could not kill old
tunnel-process. Aborting"
            exit 20
          fi
        fi
      else
        if ! remove_tunnel_PID ; then
          echo "$PRG_NAME: [$ACTION] Fatal: Could not delete ${PIDFILE}.
Aborting"
          exit 21
        fi
      fi
    fi

    # create a new tunnel
    create_tunnel

    # check if created tunnel works as expected
    if tunnel_proc ; then
      # try to connect
      if rsync_connect ; then
        echo "$PRG_NAME: [$ACTION] Tunnel created"
        exit 0
      else
        echo "$PRG_NAME: [$ACTION] Error: Tunnel not working"
        destroy_tunnel
        exit 30
      fi
    else
      echo "$PRG_NAME: [$ACTION] Error: Tunnel-Process $PID not found"
      remove_tunnel_PID
      exit 31
    fi
    ;;

  stop)
    ###
    ### Action: remove tunnel
    ###
    # anything to remove?
    if tunnel_PID ; then
      if tunnel_proc ; then
        destroy_tunnel
      fi
      remove_tunnel_PID
      echo "$PRG_NAME: [$ACTION] Tunnel removed"
    else
      echo "$PRG_NAME: [$ACTION] Nothing to do"
    fi
    ;;

  *)
    ###
    ### Action: unknown
    ###
    echo "$PRG_NAME: Usage"
    echo ""
    echo "$0 start|dstart CLIENT SSH_PATH SSH_OPTS SSH_TUNNEL_PORT
SSH_HOST RSYNC_PORT SSH_USER SSH_PORT"
    echo "$0 stop|dstop CLIENT"
    echo ""
    echo "  CLIENT:   Hostname to connect to"
    echo "  SSH_HOST: localhost"
    echo "  SSH_USER: Username on CLIENT"
    echo "  Debug:    precede start or stop with d"
    exit 10
    ;;
esac

--------- End /usr/local/bin/sshtunnelcontrol2 -----------


-- 
Schalloch Musikhandel GmbH
  Percussionsabteilung
  Firmensitz: Karolinenstraße 4-5, 20357 Hamburg
  Registergericht: Amtsgericht Hamburg, HRB 22770
  Geschäftsführer: Christoph Scheffler
  Tel 040-43 84 94
  Fax 040-430 29 47

Öffnungszeiten:
  Mo-Mi 10-19 Uhr
  Do+Fr 10-20 Uhr
  Sa    10-16 Uhr

Sie erreichen mich:
  Mo          13-19 Uhr
  Di          10-19 Uhr
  Do          11-20 Uhr
  Jeden 2. Sa 10-16 Uhr

------------------------------------------------------------------------------
Throughout its 18-year history, RSA Conference consistently attracts the
world's best and brightest in the field, creating opportunities for Conference
attendees to learn about information security's most important issues through
interactions with peers, luminaries and emerging and established companies.
http://p.sf.net/sfu/rsaconf-dev2dev
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/