Introduction
These instructions are provided for the installation and configuration of BackupPC 4.3.2 on a Linux server, and the configuration for remote backup of Windows clients.Note that later version (4.3.2) configuration method is different to previous version 3
Installation
Create Some Storage Areasmkdir /disk/backup/backuppcConfigure Apache2 to Support BackupPC
mkdir /disk/media/www/cgi-bin
mkdir /disk/media/www/html
mkdir /disk/media/www/log
mkdir /disk/media/www/etc
Install Apache2
Add a new virtual host .conf file in /etc/apache2/sites-enabled
<VirtualHost *:80>
DocumentRoot /disk/media/www/html
ErrorLog /disk/media/www/log/error.log
CustomLog /disk/media/www/log/access.log combined
ScriptAlias /cgi-bin/ /disk/media/www/cgi-bin/
<Directory "/disk/media/www/cgi-bin" >
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
AllowOverride None
Require all granted
</Directory>
<Location "/cgi-bin">
AuthType Basic
AuthName "Backup PC"
AuthUserFile /disk/media/www/etc/htpasswd
Require valid-user
</Location>
</VirtualHost>
Create a user and group called 'backuppc'
useradd backuppcInstalling and Configuring BackupPC on Server
htpasswd -c /disk/media/www/etc/htpasswd backuppc
Download latest backuppc from https://github.com/backuppc
Also, download and build rsync-bpc
Install BackupPC::XS libraries from github, or with cpan:
sudo cpan install BackupPC::XSUnpack and install the backuppc application:
sudo ./configure.pl
Install Directory: /usr/local/BackupPC
Data Directory: /disk/backup/backuppc
CGI Directory: /disk/media/www/cgi-bin
Apache Image Directory: /disk/media/www/html/BackupPC
Windows 10 Backup Configuration
On a Windows ClientNote that you don't have to create any special backuppc user on the Windows machine
Install cygwin-rsyncd on Windows PC
Control Panel Firewall, and allow c:\rsyncd\bin\rsyncd.exe access
Set Username / Password and Share in c:\rsyncd\rsyncd.conf and rsyncd.secrets
rsyncd.conf[UserName-Share]path = /cygdrive/c/Users/USERNAMEauth users = USERNAMEhosts allow = IP-ADDRESS-OF-BACKUP-SERVERread only = false
rsyncd.secretsUSERNAME:PASSWORD <carriage-return>
On Backup Server
Set client to have static IP
Set client to have static IP
XferMethod = rsyncdRsyncShareName = UserName-Share <must match section in rsyncd.conf>RsyncUserName = USERNAMERsyncPasswd = PASSWORDBackupFilesExclude =
/AppData
/Cookies
/NTUSER.*
/Temp
Linux Backup Configuration
On a Remote Linux Machine
Configure ssh such that root logins are accepted from the backuppc user on the backup server
Configure server to use rsync
Empty Admin Web Page, or Error: Unable to read config.pl or language strings!!
If you've not been prompted for a username / password, check the AuthUserFile configuration.
Then, check the user and permissions of the files in /etc/BackupPC, and the permissions of the executable program in /disk/media/www/cgi-bin.
It is possible that your configuration is not allowing setuid on perl scripts. If so, re-name the BackupPC_Admin file to BackupPC_Admin.pl, and then build this program:
Unable to Add or Manage Hosts / Only Privileged Users ...
Edit /etc/BackupPC/config.pl, and set the users to include backuppc
Check the service is running on the Windows machine, and check the firewall is not blocking it (look for port 873 being open).
Windows Defender Firewall / Advanced / Inbound Rules / New Rule / Port 873/tcp, Open for Domain and Private Netoworks.
Configure ssh such that root logins are accepted from the backuppc user on the backup server
backuppc@backupserver$ sshkeygen -t rsa
backuppc@backupserver$ cat id_rsa.pub | ssh -l root client "cat >> ~/.ssh/authorized_keys"
root@client's password: ******
backuppc@backupserver$ ssh -l root client
root@client#
Configure server to use rsync
Specify location of client's rsync as /usr/bin/rsync
And the location of ther server's rsyng to /usr/local/bin/rsync_rpc
No username or password is required, because this is done over ssh
Add the name of the path to backup, e.g. /home
Add Excludes for /home, for example:
And the location of ther server's rsyng to /usr/local/bin/rsync_rpc
No username or password is required, because this is done over ssh
Add the name of the path to backup, e.g. /home
Add Excludes for /home, for example:
*.ts
*~
tmp/*
Common Errors
ssh: connect to host xxx port 22: Connection timed out (connecting to Linux PC)
Ensure that it is possible to remote log in to the remote host using ssh.
1. Log into the backup server as the 'backuppc' user.
2. Attempt to remote log in to the remote server as root with:
ping remotepc
ssh -l root remotepc
If the ping fails, add the remotepc into the /etc/hosts file, or try using 'remotepc.local' instead.
If the remote login hangs, or reports that the server could not be accessed on port 22, ensure that the firewall for the remote server is allowing connections, by logging into the server and issuing the following command:
sudo ufw allow 22
If the remote login indicates that the remote PC identity has changed, follow the instructions to remove the record from the local known_hosts file.
If the remote login demands a password, enter it, and when logged in, copy the backup pc public key for the 'backuppc' user and append it to the end of the ~/.ssh/authorized_users file, ensuring that there are no line breaks in the file.
This can be achieved from the backup pc (logged in as 'backuppc') with the following command:
cat ~/.ssh/id_rsa.pub | ssh -l root remotepc "cat >> ~/.ssh/authorized_users"
AH01215: (13)Permission denied: exec of BackupPC_Admin failed
Ensure the file is in the same group as the www server
chgrp htdocs /disk/meida/www/cgi-bin/BackupPC_Admin
If you've not been prompted for a username / password, check the AuthUserFile configuration.
Then, check the user and permissions of the files in /etc/BackupPC, and the permissions of the executable program in /disk/media/www/cgi-bin.
It is possible that your configuration is not allowing setuid on perl scripts. If so, re-name the BackupPC_Admin file to BackupPC_Admin.pl, and then build this program:
#include <unistd.h>#define REAL_PATH "/disk/media/www/cgi-bin/BackupPC_Admin.pl"int main(ac, av)char **av;{ execv(REAL_PATH, av); return 0;}
Then set the programme's permissions:
chown backuppc:httpservergroup BackupPC_Adminchmod ug+s BackupPC_Admin
Unable to Add or Manage Hosts / Only Privileged Users ...
Edit /etc/BackupPC/config.pl, and set the users to include backuppc
$Conf{CgiAdminUserGroup} = 'httpservergroup';$Conf{CgiAdminUsers} = 'backuppc';
xfer start failed: $Conf{RsyncBackupPCPath} is set to , which isn't a valid executable
Set global rsync application in Server/Edit Config to /usr/bin/rsync (or appropriate path)
ssh port 22 connection denied (windows PC)
Ensure rsyncd is selected as the protocol and not rsync
rsync_bpc: failed to connect to windows10machine (192.168.1.10): Connection timed out (110)
or 4 Bytes Copied
or 4 Bytes Copied
Check the service is running on the Windows machine, and check the firewall is not blocking it (look for port 873 being open).
Task Manager Services should show RsyncServer running.
Port 873 should be open and listening.
netstat -aofn | findstr :873
TCP 0.0.0.0:873 0.0.0.0:0 LISTENING 4200TCP [::]:873 [::]:0 LISTENING 4200
The firewall should not be blocking the port.
nmap 192.168.1.10
Starting Nmap 7.01 ( https://nmap.org ) at 2020-03-30 15:06 BST
Nmap scan report for zenbook-martine (192.168.1.10)
Host is up (0.0022s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
873/tcp open rsync
5357/tcp open wsdapi
MAC Address: AA:BB:CC:DD:EE:FF (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 23.31 seconds
If you don't see 873/tcp, you will need to make sure rsync is running, and also ensure the firewall port is open:
Windows Defender Firewall / Advanced / Inbound Rules / New Rule / Port 873/tcp, Open for Domain and Private Netoworks.
@ERROR: Unknown module 'xxxx'
Ensure that the share name in the rsyncd.conf matches the in the backup pc configuration, e.g. [cDrive] in rsyncd.conf should be configured in the RsyncShareName.
@ERROR: auth failed on module 'xxxx'Ensure that the rsyncd.conf 'auth users' includes the user in the rsyncd.secrets file, and this user (and password) are correctly configured in the backuppc RsyncdUserName and RsyncdPassword.Re-start the RsyncServer server on the Windows PC (Found in Task Manager, Services)
No comments:
Post a Comment