[BackupPC-users] Solved: rsyncd via ssh-redirected port
2010-01-16 10:01:09
Guido Schmidt schrieb:
> I'm now trying to backup a public host (host.example.com) via an
> ssh-redirected port. I don't allow any command execution on that host (and
> therefore cannot use the wait command), so I wrote a script
> (sshtunnelcontrol, see below) to open and close the tunnel when needed. It is
> called as DumpPreUserCmd and DumpPostUserCmd.
>
> What works? The opening and closing of the tunnel.
> What does not? The connection to it. Nothing in the rsyncd-logs on
> host.example.com.
>
> If I leave DumpPostUserCmd empty the tunnel stays open and I can use it with
> rsync as user backuppc on a shell providing the password by hand:
>
> rsync -av --list-only --port=32323 backuppc@localhost::Alles
> /home/backuppc/test/
>
> XferMethod is rsyncd.
The problem was that BackupPC tried to connect before the tunnel was
ready. Inserting
sleep 3
in my tunnel-control-script solved that.
In case anybody else wants to use it, here's the current version (tested
only on a Linux box):
-------- Begin /usr/local/bin/sshtunnelcontrol2 ----------
#!/bin/bash
###
### Provide ssh-tunnel for BackupPC
###
### by Guido Schmidt
### Version 2.2 2010/01/16
###
# Arguments BackupPC needs to provide:
# 1 2 [3] [4] [5]
[6] [7] [8] [9]
# ACTION $client $sshPath SSH-Options local
tunnelport $host rsync port ssh login ssh port
# [d]start|[d]stop host.example.com /path/to/ssh -CN 11111
localhost 873 backuppc 22222
# Crude argument-handling
ACTION=$1
CLIENT=$2
SSH_PATH=$3
SSH_OPTS=$4
SSH_TUNNEL_PORT=$5
SSH_HOST=$6
RSYNC_PORT=$7
SSH_USER=$8
SSH_PORT=$9
# Are we in debug-mode?
case "$ACTION" in
dstart)
DEBUG="1"
ACTION="start"
;;
dstop)
DEBUG="1"
ACTION="stop"
;;
*)
esac
# Base settings
PRG_NAME="SSH Tunnel Control 2"
RSYNC_PATH="/usr/bin/rsync"
BASEDIR="/home/backuppc"
PIDFILE="${BASEDIR}/sshtunnel-${CLIENT}.pid"
TUNNEL_START="$SSH_PATH $SSH_OPTS -L
$SSH_TUNNEL_PORT:$SSH_HOST:$RSYNC_PORT -l $SSH_USER -p $SSH_PORT $CLIENT"
### tunnel_PID ()
### Check for $PIDFILE
tunnel_PID () {
if [ -e "${PIDFILE}" ]; then
debecho "$PRG_NAME: Found ${PIDFILE}"
else
debecho "$PRG_NAME: ${PIDFILE} does not exist"
return 1
fi
}
### tunnel_proc ()
### Check for process $PID
tunnel_proc () {
PID=`cat ${PIDFILE}`
debecho "$PRG_NAME: Looking for Process $PID"
if ps -ef | grep -E "^backuppc +$PID.*$CLIENT" > /dev/null ; then
debecho "$PRG_NAME: Found process $PID"
else
debecho "$PRG_NAME: Process $PID does not exist"
return 1
fi
}
### rsync_connect ()
### Check for connection to remote rsyncd
rsync_connect () {
debecho "$PRG_NAME: Trying rsync --list-only --port=$SSH_TUNNEL_PORT
$SSH_USER@$SSH_HOST::"
if $RSYNC_PATH --list-only --port=$SSH_TUNNEL_PORT
$SSH_USER@$SSH_HOST:: ; then
debecho "$PRG_NAME: Connection to remote rsyncd tested successfully"
else
debecho "$PRG_NAME: Connection to remote rsyncd failed"
return 1
fi
}
### create_tunnel ()
### Open a new tunnel via SSH
create_tunnel () {
debecho "$PRG_NAME: Opening tunnel"
debecho "$PRG_NAME: $TUNNEL_START &"
$TUNNEL_START 1>/dev/null 2>/dev/null &
PID=$!
if [ "$PID" -gt "0" ] ; then
debecho "$PRG_NAME: Process ID is $PID"
if echo $PID > "${PIDFILE}" ; then
debecho "$PRG_NAME: Created ${PIDFILE}"
else
debecho "$PRG_NAME: Error: Could not create ${PIDFILE}"
return 2
fi
else
debecho "$PRG_NAME: Error: No Process ID"
return 1
fi
# wait a bit for the tunnel to get ready
sleep 3
}
### destroy_tunnel ()
### Close an existing tunnel
destroy_tunnel () {
PID=`cat ${PIDFILE}`
if kill -15 $PID ; then
debecho "$PRG_NAME: Process $PID killed"
else
debecho "$PRG_NAME: Error: Could not kill $PID"
return 1
fi
}
### remove_tunnel_PID ()
### Remove an existing tunnel-PID-file
remove_tunnel_PID () {
if rm ${PIDFILE} ; then
debecho "$PRG_NAME: ${PIDFILE} deleted"
else
debecho "$PRG_NAME: Error: Could not delete ${PIDFILE}"
return 1
fi
}
### debecho ()
### Will echo passed parameters only if DEBUG is set to a value
debecho () {
if [ ! -z "$DEBUG" ]; then
echo "$1" >&2
fi
}
case "$ACTION" in
start)
###
### Action: provide tunnel
###
# check for (remains of) old tunnel
if tunnel_PID ; then
if tunnel_proc ; then
if rsync_connect ; then
echo "$PRG_NAME: [$ACTION] Old tunnel still working. Nothing
to do."
exit 0
else
if ! destroy_tunnel ; then
echo "$PRG_NAME: [$ACTION] Fatal: Could not kill old
tunnel-process. Aborting"
exit 20
fi
fi
else
if ! remove_tunnel_PID ; then
echo "$PRG_NAME: [$ACTION] Fatal: Could not delete ${PIDFILE}.
Aborting"
exit 21
fi
fi
fi
# create a new tunnel
create_tunnel
# check if created tunnel works as expected
if tunnel_proc ; then
# try to connect
if rsync_connect ; then
echo "$PRG_NAME: [$ACTION] Tunnel created"
exit 0
else
echo "$PRG_NAME: [$ACTION] Error: Tunnel not working"
destroy_tunnel
exit 30
fi
else
echo "$PRG_NAME: [$ACTION] Error: Tunnel-Process $PID not found"
remove_tunnel_PID
exit 31
fi
;;
stop)
###
### Action: remove tunnel
###
# anything to remove?
if tunnel_PID ; then
if tunnel_proc ; then
destroy_tunnel
fi
remove_tunnel_PID
echo "$PRG_NAME: [$ACTION] Tunnel removed"
else
echo "$PRG_NAME: [$ACTION] Nothing to do"
fi
;;
*)
###
### Action: unknown
###
echo "$PRG_NAME: Usage"
echo ""
echo "$0 start|dstart CLIENT SSH_PATH SSH_OPTS SSH_TUNNEL_PORT
SSH_HOST RSYNC_PORT SSH_USER SSH_PORT"
echo "$0 stop|dstop CLIENT"
echo ""
echo " CLIENT: Hostname to connect to"
echo " SSH_HOST: localhost"
echo " SSH_USER: Username on CLIENT"
echo " Debug: precede start or stop with d"
exit 10
;;
esac
--------- End /usr/local/bin/sshtunnelcontrol2 -----------
--
Schalloch Musikhandel GmbH
Percussionsabteilung
Firmensitz: Karolinenstraße 4-5, 20357 Hamburg
Registergericht: Amtsgericht Hamburg, HRB 22770
Geschäftsführer: Christoph Scheffler
Tel 040-43 84 94
Fax 040-430 29 47
Öffnungszeiten:
Mo-Mi 10-19 Uhr
Do+Fr 10-20 Uhr
Sa 10-16 Uhr
Sie erreichen mich:
Mo 13-19 Uhr
Di 10-19 Uhr
Do 11-20 Uhr
Jeden 2. Sa 10-16 Uhr
------------------------------------------------------------------------------
Throughout its 18-year history, RSA Conference consistently attracts the
world's best and brightest in the field, creating opportunities for Conference
attendees to learn about information security's most important issues through
interactions with peers, luminaries and emerging and established companies.
http://p.sf.net/sfu/rsaconf-dev2dev
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|
<Prev in Thread] |
Current Thread |
[Next in Thread> |
- [BackupPC-users] Solved: rsyncd via ssh-redirected port,
Guido Schmidt <=
|
|
|