Monthly Archives: August 2009

Backing up system

0
Posted by admin on August 25, 2009 – 6:47 pm
Filed under BSD, WEB-DEV-LOG
Tagged as

Ok, this is defiantly worth writing… especially for new users

Here i will cover how to backup/restore (to file) FreeBSD using native utilities called dump and restore

note: dump and restore works only for UFS (aka FFS)

Backing up system

To backup system you need to use dump utility

backup:

Code:
$ dump -0Lauf /path/to/backups/ad0s1d.dump /dev/ad0s1d

Backup and compress on the fly

Code:
$ dump -0Lauf - /dev/ad0s1d | bzip2 > /path/to/backups/ad0s1d.dump

-0 – means to backup entire filesystem

-f name – output to file/device, or to stdout if you use -

-a – you need this if you output to file.

-L – needed if you backup mounted filesystem

Restoring system

to restore system restart in single user mode

format filesystem that you want to restore

in backup example, we backed up /dev/ad0s1d, so let’s format it now

Code:
$ newfs -U /dev/ad0s1d

now you need to mount it

Code:
$ mkdir /mnt/target
$ mount /dev/ad0s1d /mnt/target

Let’s imagine you backed up files to usb stick (da0, in root directory)

we need to mount it

Code:
$ mount -t msdosfs /dev/da0 /mnt/usb

Important note: you need space in temp to be able to restore

if you run out of space in tmp, mount some filesystem somewhere and

create symbolic links from /tmp and /var/tmp to that mount point

now to restore from backup you need to cd to dir where you mounted partition that you want to restore

Code:
$ cd /mnt/target

to restore from uncompressed backup

Code:
$ restore -rf /mnt/usb/ad0s1d.dump

to restore from compressed backup

Code:
$ bzcat /mnt/usb/ad0s1d.dump.bz2 | restore -rf -

And that is it

now you can delete file dumpdates (or something like that, check for weird file in target directory, in our case /mnt/target)

now unmount filesystems and reboot

Some notes

you can do incremental backups – backup everything and then backup only files that have changed since (on current backup level) see manual for more info

you can use dump/restore to clone your system to other PC’s

you will probably need to copy Master Boot Record (MBR) as well

to backup MBR:

Code:
$ dd if=/dev/ad0 of=/path/to/mbr.img bs=512 count=1

to restore MBR:

Code:
$ dd if=/path/to/mbr.img of=/dev/ad0 bs=512 count=1

Tips

* I prefer to compress backup, you can guess why

* if you backup /usr you may delete content of ports directory

this will speed up backup process, and reduce size of backup…

It’s good thing because by the time you will restore /usr from backups

/usr/ports will be outdated, and you will need to update them anyway.

And portsnap works very well (fast) in fetching ports

* I prefer to do full backups, that way you can be 100% sure, there won’t

be any confusing situations

* if you want to do backups while using filesystem, make sure you haven’t

deleted .snap directory, on partition that you want to backup

* if you have backed up encrypted drive, you need to somehow encrypt backups

because if someone gets these files, he can restore them to his pc, and read your files at will. (I used this method in FreeBSD + Geli guide, to encrypt drive, but process can be reversed)

Resources

dump(8)

restore(8)

Update 1

Moving system

You can move system from disk to disk on fly with

Code:
$ newfs -U /dev/ad2s1a
$ mount /dev/ad2s1a.... /target
$ cd /target
$ dump -0Lauf - /dev/ad1s1a  | restore -rf -

you can do the same using sudo

Code:
$ sudo echo
$ sudo dump -0Lauf - /dev/ad1s1a  | sudo restore -rf -

Update 2

as OpenBSD suggests using gzip instead of bzip2 will seed up compression at cost of larger (very little) archives

so now i suggest using gzip to compress and zcat to uncompress on fly

I’ve tested it, and i was amazed.

No more Bzip2 for me

STOLEN FROM HERE

BACKUP BASICS

.bashrc

0
Posted by admin on August 25, 2009 – 6:41 pm
Filed under BSD
Tagged as

By default the shell for root is csh. Choose the configure option followed by the User Management, where you add users and groups. After creating users, it will ask for the shell for the users. Choose bash (easiest Shell in FreeBSD). Assuming that you have installed bash, now login as the unprivileged user (non-root) and create. bashrc and .bash_profile files in the home directory.

Edit these files to contain the following. In .bashrc put these statements.

# .bashrc – Bourne Again Shell configuration file # for interactive shells. # file permissions: rwxr-xr-x umask 022 BLOCKSIZE=K; export BLOCKSIZE EDITOR=pico; export EDITOR PAGER=/usr/bin/more; export PAGER

# some useful aliases alias h=’fc -l’ alias j=jobs alias m=$PAGER alias ll=’ls -laFo’ alias ls=’ls -la -G’ alias g=’egrep -i’ alias ll=’ls -laFo’ alias ls=’ls -la -G’ alias g=’egrep -i’

# set prompt PS1=”u@ w $> “

Now for .bash_profile put the following statements:

# .bash_profile – Bourne Again Shell configuration file # for login shells. PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/bin: # file permissions: rwxr-xr-x umask 022 BLOCKSIZE=K; export BLOCKSIZE EDITOR=pico; export EDITOR PAGER=/usr/bin/more; export PAGER

# set ENV to a file invoked each time bash is started # for interactive use. ENV=$HOME/.shrc; export ENV # some useful aliases alias h=’fc -l’ alias j=jobs alias m=$PAGER alias ll=’ls -laFo’ alias ls=’ls -la -G’ alias g=’egrep -i’

# set prompt PS1=”u@w $> “

The above line sets the prompt like this: addy@ ~ $> When you change directory to the following cd /usr/bin, it looks like: addy@ /usr/bin $>

You can also make changes in these files to alter the editor option, as people have their own favourite editors like vi, emacs, pico etc. Also add the following to your .login file in your home directory exec /bin/bash. Here my bash is symbolically linked to /usr/local/bin/bash. Login after that to get bash running .

Now whenever a user (non-root ) wants to use a system administrator command or perform tasks that can be done only by root, he has to `su to root’ using the `su’ command. In order to be a super user (root), the user must be member of group wheel. Normally this is done when you add a user or put the username at the end of the line containing wheel :*: 0: root in /etc/group.

For eg. if user addy is a member of the group wheel. wheel:*:0:root,addy So addy is able to `su to root’. Now is the time for accessing floppy disks.

FROM HERE

.bashrc

0
Posted by admin on August 25, 2009 – 6:39 pm
Filed under BSD
Tagged as

# .bashrc – Bourne Again SHell configuration file for interactive shells.

# file permissions: rwxr-xr-x
umask 022

#BlockSize in K. Environment variable.

BLOCKSIZE=K; export BLOCKSIZE

#Default editor. In this case its VIM, but you don’t have it yet installed. EDITOR=/usr/local/bin/vim; export EDITOR

#The pager. Again environment variable

PAGER=/usr/bin/less; export PAGER

# some useful aliases

#User friendly alias for updatedb in Linux systems.
alias updatedb=’/usr/libexec/locate.updatedb’

#Shutdown alias.
alias down=’shutdown -h now’

#Alias to show the recent history commands.
alias h=’fc -l’

#Alias to show the jobs.
alias j=jobs

#Alias to pager.
alias m=$PAGER

#Egrep alias.
alias g=’egrep -i’

#renew alias which will read the .bashrc and executes it

alias renew=’source ~/.bashrc’

#Colorful ls alias. Procuses nice colors :)
alias ls=’/bin/ls -aFG’

#Ailas to disksize i.e df command.
alias disksize=’df -kh’

#Same for the current dir.
alias dirsize=’du -h -d 1 .’

#alias to free command in Linux
alias free=’top -d1 | head -5 | tail -2′

#Display the path variable.
alias showpath=’echo $PATH | tr -s ”:” ”\012”’

#Counts the files in the directory i.e ls -la | wc -l
alias llc=’echo Total number of files `ll | wc -l` in `pwd`’

#Alias to vim instead of the default vi.
alias vi=vim

# set prompt. A very nice colors :)
PS1=”[�33[1;30m][[�33[1;34m]u[�33[1;30m]@[�33[0;35m]h[�33[1;30m]] [�33[0;37m]W [�33[1;30m]$[�33[0m] ”

#Three functions to ease your admin tasks. Found them out in the internet. Credits – unknown.

function findfile() { find . -type f -iname ‘*’$*’*’ -ls ;}
function findtext() { find . -exec egrep $* {} /dev/null ; ; }
function finddir () { find . -type d -iname ‘*’$*’*’ -ls ; }

0
Posted by admin on August 22, 2009 – 8:08 pm
Filed under WEB-DEV-LOG
Tagged as

20:20:49 Mozilla/5.0 (PLAYSTATION 3; 1.00) Playstation 3 Playstation 3

Creating a FreeBSD Jail /etc/make.conf

0
Posted by admin on August 21, 2009 – 8:06 pm
Filed under WEB-DEV-LOG
Tagged as

NO_ACPI= true # do not build acpiconf(8) and related programs
NO_BOOT= true # do not build boot blocks and loader
NO_BLUETOOTH= true # do not build Bluetooth related stuff
NO_FORTRAN= true # do not build g77 and related libraries
NO_GDB= true # do not build GDB
NO_GPIB= true # do not build GPIB support
NO_I4B= true # do not build isdn4bsd package
NO_IPFILTER= true # do not build IP Filter package
NO_PF= true # do not build PF firewall package
NO_AUTHPF= true # do not build and install authpf (setuid/gid)
NO_KERBEROS= true # do not build and install Kerberos 5 (KTH Heimdal)
NO_LPR= true # do not build lpr and related programs
NO_MAILWRAPPER=true # do not build the mailwrapper(8) MTA selector
NO_MODULES= true # do not build modules with the kernel
NO_NETCAT= true # do not build netcat
NO_NIS= true # do not build NIS support and related programs
NO_SENDMAIL= true # do not build sendmail and related programs
NO_SHAREDOCS= true # do not build the 4.4BSD legacy docs
NO_USB= true # do not build usbd(8) and related programs
NO_VINUM= true # do not build Vinum utilities
NO_ATM= true # do not build ATM related programs and libraries
NO_CRYPT= true # do not build any crypto code
NO_GAMES= true # do not build games (games/ subdir)
NO_INFO= true # do not make or install info files
NO_MAN= true # do not build manual pages
NO_PROFILE= true # Avoid compiling profiled libraries

# BIND OPTIONS
NO_BIND= true # Do not build any part of BIND
NO_BIND_DNSSEC= true # Do not build dnssec-keygen, dnssec-signzone
NO_BIND_ETC= true # Do not install files to /etc/namedb
NO_BIND_LIBS_LWRES= true # Do not install the lwres library
NO_BIND_MTREE= true # Do not run mtree to create chroot directories
NO_BIND_NAMED= true # Do not build named, rndc, lwresd, etc.

src.conf on FreeBSD 7 for the average installation

0
Posted by admin on August 21, 2009 – 8:04 pm
Filed under WEB-DEV-LOG
Tagged as

If we consider common available technology and the average use of a FreeBSD installation as desktop or server then I think these are sensible defaults for /etc/src.conf under FreeBSD 7.

WITHOUT_ATM=yes

How many of you run ATM to your FreeBSD box?

WITHOUT_BIND_DNSSEC=yes
WITHOUT_BIND_ETC=yes
WITH_BIND_LIBS=yes
WITHOUT_BIND_MTREE=yes
WITHOUT_BIND_NAMED=yes

Do you really need a full installation of BIND on your machine? In most cases you simply need a caching, recursive resolver. For this just install unbound (found in ports/dns/unbound). Do note that I did not specify WITHOUT_BIND_UTILS so tools like dig and nslookup will still be installed. Only if you need an authoratative nameserver might you want BIND. On the other hand, you might prefer to install NSD (ports/dns/nsd).

WITHOUT_BLUETOOTH=yes

Most systems will probably not use Bluetooth at all.

WITHOUT_I4B=yes

Do you even use ISDN?

WITHOUT_IPFILTER=yes

Most people I know use either ipfw or pf, so little need for ipf.

WITHOUT_IPX=yes

You seriously still use IPX? Even NetWare is IP-native nowadays.

WITHOUT_NIS=yes

I would hope most systems are using some sort of LDAP lookup nowadays. NIS seriously doesn’t scale.

WITHOUT_SENDMAIL=yes

Given the ease of configuring Postfix, why would one want to bother with the archaic syntax of Sendmail? It has served faithfully for many, many years, but its design and configuration are archaic.

www.in-nomine.org/2008/05/22/srcconf-on-freebsd-7-for-the-average-installation/

Etc/make.conf

0
Posted by admin on August 21, 2009 – 8:03 pm
Filed under WEB-DEV-LOG
Tagged as

WITHOUT_X11= yes

0
Posted by admin on August 21, 2009 – 8:02 pm
Filed under WEB-DEV-LOG
Tagged as

go into /usr/ports and type in

# make update

and update all my ports. Likewise, I can go into /usr/src and run the same command and update all my system sources.

linux backup

0
Posted by admin on August 10, 2009 – 7:20 am
Filed under WEB-DEV-LOG
Tagged as

tar –create –gzip –totals –preserve-permissions –ignore-failed-read –file /root/backup.tar.gz / /dev/null /dev/console –exclude mnt/* –exclude tmp/* –exclude proc/* –exclude dev/ –exclude mnt/* –exclude /root/backup.tar.gz –exclude sys/*

tar -cjvpf mycomputer$(date +%Y%m%d).bz2 –exclude=/media –exclude=/lib64 –exclude=/proc –exclude=/tmp –exclude=/sys /

dd if=/dev/hda of=/dev/hdb conv=noerror,sync

BackupPC is a high-performance, enterprise-grade system for backing up Linux, WinXX and MacOSX PCs and laptops to a server’s disk. BackupPC is highly configurable and easy to install and maintain.

backuppc.sourceforge.net/index.html

FreeBSD postfix notes

0
Posted by admin on August 1, 2009 – 3:08 pm
Filed under WEB-DEV-LOG
Tagged as

Warning: you still need to edit myorigin/mydestination/mynetworks
parameter settings in /usr/local/etc/postfix/main.cf.

See also www.postfix.org/STANDARD_CONFIGURATION_README.html
for information about dialup sites or about sites inside a
firewalled network.

BTW: Check your /etc/aliases file and be sure to set up aliases
that send mail for root and postmaster to a real person, then
run /usr/local/bin/newaliases.

#sh
#for i in `ps auxwww|grep sendmail|awk ‘{print $2}’`;do kill $i;done && exit

Create and secure the SMTP SSL certificate:

#mkdir -p /etc/ssl/postfix #cd /etc/ssl/postfix
#openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650
#chmod 640 /etc/ssl/postfix/smtpd.pem
#chgrp -R postfix /etc/ssl/postfix

Secure PostfixAdmin files:

#cd /usr/local/www/postfixadmin
#find . -type f -exec chmod 640 {} \;
#find . -type d -exec chmod 750 {} \;