Restoring data from backups

Restoring server data from backups can, at best, be described as "awkward". The biggest issue I've come up against is the need to be the root user at both ends of the connection so that file modes and permissions are correctly preserved.

If the data is small then it might be best to tar up the whole directory on the mirror machine and then scp that to the machine on which you want to do the restore. You will want the -p / --same-permissions option when packing and unpacking the archive.

If there is a lot of data there won't be enough working space (or time) for this approach. The simplest method then is to use rsync and push the data from the mirror to the target machine. The first step is to allow root login access to the target machine via ssh, in terms of LCFG resources this can be done like this:

!openssh.sshdopts                mADD(PermitRootLogin)
!openssh.sshdopt_PermitRootLogin mSET(yes)
!auth.accessrules                mADD(restore)
!auth.accessrule_restore         mSET(+:root:pegasus.inf.ed.ac.uk)

If the backup is on a different host than pegasus then substitute the correct hostname. In case the LCFG master service is not operational, the aim is the following:

  • /etc/ssh/sshd_config should contain:
PermitRootLogin yes
(and then /etc/init.d/sshd restart)

  • /etc/security/access.conf should contain:
+:root:pegasus.inf.ed.ac.uk

Again, substitute your mirror server of choice. Having done that you should now go onto the mirror server and nsu to root, having identified the location of the mirror data and where it should be copied you can do something like this:

$ /usr/local/bin/rsync -av --delete -e ssh /disk/rmirror111/lcfgsvn/ root@bigfan:/var/lcfg/svndump

Note that rsync is in the /usr/local/bin directory for Sun machines, on Linux it will be in the standard path. Be careful with the trailing slash (/) on the source and target directories as they are important to rsync and will affect the final directory structure.

When you've completed restoring your data you MUST remove the root login access as it's a potential security issue.

-- StephenQuinney - 16 Sep 2009

Topic revision: r1 - 16 Sep 2009 - 11:03:58 - StephenQuinney
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
This Wiki uses Cookies