Re: Dump command on Debian
well, when using a non-standard filesystem like jfs on linux, i don't think you have much choice but to use gtar, which doesn't depend on the filesystem used. but anyone, feel free to correct me if i'm wrong about this.. -rodi. On Mon, 2004-07-12 at 22:28, John Bossert wrote: Gtar works fine (and I use it for my Dailies.) Here, I'm trying to establish a bare metal restore process. With Solaris, if _really bad things_ happen, I can take my ufs dumps and rebuild a machine fairly directly. Is the best practice in the Debian world to just use gtar for this? How do others manage this? Thx. -john R.M. Evers wrote: john, you say gtar and dump work on the sun boxes, but only state that dump fails on the debian boxes (which is probably correct, since it only dumps ext2 filesystems). did you try gtar? it should work.. :-) regards, -rodi. On Sat, 2004-07-10 at 17:07, John Bossert wrote: Adding a pair of Debian(woody) clients to a Solaris shop... Amanda is working just fine with both gtar and dump on the Sun boxes. Trying to dump filesystems, failed. Discovered that there's no dump on the debian boxes... All the filesystems are jfs, yet the dump package I find at debian.org (0.4b27-4) appears oriented towards ext2. What package do I want to install on these clients to play nice with Amanda? Thx.
Re: GNUTAR, mount points symbolic links ???
Michael D Schleif wrote: Does Amanda/GNUTAR _follow_ all mount points and symbolic links in a DLE? Everytime that I setup Amanda clients, I get confused on these issues. If this is covered in the FAQ-O-Matic, then I do not see it. If it has been covered on the mailing list countless times, then my searches are too lame. Hopefully, this post, including this subject line, will make this easier to find for those who come after ; If I am right, by default, Amanda/GNUTAR _does_ follow follow mount points contained within a DLE, but does _not_ follow symbolic links. Yes. gnutar is invoked as: gnutar ... --directory /the/DLE/entry ... By changing the working directory to /the/DLE/entry the symlink /the/DLE/entry, if it is one, is effectively resolved. Inside that toplevel directory, symlinks are never followed, just like you would expect from a decent backup program. Setting up a group of symlinks used to be a trick to shorten long pathnames when you have trouble with the size of a UDP dgram (for exchanging the estimates). This makes a difference regarding deploying exclude files. What do you think? -- Paul Bijnens, XplanationTel +32 16 397.511 Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax +32 16 397.512 http://www.xplanation.com/ email: [EMAIL PROTECTED] *** * I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, * * quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, * * stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, * * PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, * * kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ...* * ... Are you sure? ... YES ... Phew ... I'm out * ***
Re: Amanda Through firewall
Kaushal Shriyan wrote:
Can I allow amanda backup server to talk through firewall for accessing
amanda client host, Is there any way out
The general answer is to recompile amanda with a dedicated portrange
and open those ports in the firewall. See the explanation in
docs/PORT.USAGE .
If the firewall is running Linux, it could be as easy as loading the
amanda netfilter modules ip_conntrack_amanda and maybe ip_nat_amanda.
Beware of 2.6.6rc2 kernel that are reported to give some trouble:
http://www.mail-archive.com/[EMAIL PROTECTED]/msg26094.html
I've not yet verified this.
Personnally I use a third option (until I get my firewall upgraded
to use the amanda netfilter modules). My firewall does simple
connection tracking and NAT.
I commented out this block in common-src/security.c
230 /* next, make sure the remote port is a reserved one */
231 /* Avoid trouble with NAT changing reserved ports in random ports
232 if(ntohs(addr-sin_port) = IPPORT_RESERVED) {
233 ap_snprintf(number, sizeof(number), %d,
ntohs(addr-sin_port));
234 *errstr = vstralloc([,
235 host , remotehost, : ,
236 port , number, not secure,
237 ], NULL);
238 amfree(remotehost);
239 return 0;
240 }
241 */
It's because of NAT that ports below 1024 get translated to some
arbitrary high number. The security of this check is marginal in
these times when everyone can be root and use reserved ports on his
hackerbox.
With this setup, I only have to open ports from my amandaserver to
the DMZ-hosts. All the rest is taken care of by the normal connection
tracking. (Correct me, if I missed something.)
--
Paul Bijnens, XplanationTel +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax +32 16 397.512
http://www.xplanation.com/ email: [EMAIL PROTECTED]
***
* I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, *
* kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ...*
* ... Are you sure? ... YES ... Phew ... I'm out *
***
Re: Amanda Through firewall
On Tuesday 13 July 2004 00:48, Kaushal Shriyan wrote: Can I allow amanda backup server to talk through firewall for accessing amanda client host, Is there any way out Any help You'll have to open up some high numbered ports. I think its in the docs as to which ones, and which protocol. I really should let those who are doing it answer these questions, my whole system is behind a firewall, so the machines don't have to worry about that, leaving me inexperienced at advising.. -- Cheers, Gene There are 4 boxes to be used in defense of liberty. Soap, ballot, jury, and ammo. Please use in that order, starting now. -Ed Howdershelt, Author Additions to this message made by Gene Heskett are Copyright 2004, Maurice E. Heskett, all rights reserved.
Re: Dump command on Debian
John Bossert wrote: Gtar works fine (and I use it for my Dailies.) Here, I'm trying to establish a bare metal restore process. With Solaris, if _really bad things_ happen, I can take my ufs dumps and rebuild a machine fairly directly. Is the best practice in the Debian world to just use gtar for this? How do others manage this? Thx. Gnutar backups worked fine for me. My last bare metal recovery dated four years back now. I then use a bootable slackware Linux CD, and partioned and formatted the new disk, and, because the CD did not contains amanda utilities, I used netcat to connect the pipes over the network: on client: cd /mnt # my new formatted root filesystem nc -l -p 1234 | gtar -zxvf - on server: # locating the correct tape and file number with amadmin mt -t /dev/nst0 fsf 42 amrestore /dev/nst0 -cp host / | nc -w 1 client 1234 And when finished, run lilo on the client to make the new disk bootable too: # chroot /mnt lilo (or something like that -- it dates four years now.) Diagnosing that the harddisk had indeed unreparably failed, took about as long as restoring. I was up again in two hours, not lost a single byte. (Just that same monday, a Windows machine had a broken disk too, and my colegue worked two days to get that one up again, and even weeks later, we still had to adjust settings here and there, that were not in the backup, due to inability to backup up open files and software settings. -- OK, ok, I'm not a Windows expert, nor do we use expensive backup programs that claim to be able what I did using Amanda.) -- Paul Bijnens, XplanationTel +32 16 397.511 Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax +32 16 397.512 http://www.xplanation.com/ email: [EMAIL PROTECTED] *** * I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, * * quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, * * stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, * * PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, * * kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ...* * ... Are you sure? ... YES ... Phew ... I'm out * ***
Re: Amanda Through firewall
Paul Bijnens wrote: Kaushal Shriyan wrote: Can I allow amanda backup server to talk through firewall for accessing amanda client host, Is there any way out The general answer is to recompile amanda with a dedicated portrange and open those ports in the firewall. See the explanation in docs/PORT.USAGE . If the firewall is running Linux, it could be as easy as loading the amanda netfilter modules ip_conntrack_amanda and maybe ip_nat_amanda. Beware of 2.6.6rc2 kernel that are reported to give some trouble: http://www.mail-archive.com/[EMAIL PROTECTED]/msg26094.html I've not yet verified this. Just a quick note here.. the actual change that broke it were between 2.6.6-rc1 and 2.6.6-rc2. 2.6.7 still mess things up for me if I load the amanda nat modules. /Andreas
Re: Amanda Through firewall
Following up on myself...
Paul Bijnens wrote:
Personnally I use a third option (until I get my firewall upgraded
to use the amanda netfilter modules). My firewall does simple
connection tracking and NAT.
I commented out this block in common-src/security.c
230 /* next, make sure the remote port is a reserved one */
231 /* Avoid trouble with NAT changing reserved ports in random ports
232 if(ntohs(addr-sin_port) = IPPORT_RESERVED) {
233 ap_snprintf(number, sizeof(number), %d,
ntohs(addr-sin_port));
234 *errstr = vstralloc([,
235 host , remotehost, : ,
236 port , number, not secure,
237 ], NULL);
238 amfree(remotehost);
239 return 0;
240 }
241 */
It's because of NAT that ports below 1024 get translated to some
arbitrary high number. The security of this check is marginal in
these times when everyone can be root and use reserved ports on his
hackerbox.
With this setup, I only have to open ports from my amandaserver to
the DMZ-hosts. All the rest is taken care of by the normal connection
tracking. (Correct me, if I missed something.)
Using the standard ip_conntrack module, you have to live with the
standard rather short UDP connection tracking timeout (5 minutes I believe).
For amanda this means that all the estimates must be finished within
that timeframe.
When using the netfilter ip_conntrack_amanda master_timeout=3600
you can increase this timeout as you please.
--
Paul Bijnens, XplanationTel +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax +32 16 397.512
http://www.xplanation.com/ email: [EMAIL PROTECTED]
***
* I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, *
* kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ...*
* ... Are you sure? ... YES ... Phew ... I'm out *
***
Re: Amanda Through firewall
Paul Bijnens wrote: Following up on myself... Again :-) Paul Bijnens wrote: Using the standard ip_conntrack module, you have to live with the standard rather short UDP connection tracking timeout (5 minutes I believe). It is 3 minutes. From /usr/src/linux/net/ipv4/netfilter/ip_conntrack_proto_udp.c : #define UDP_TIMEOUT (30*HZ) #define UDP_STREAM_TIMEOUT (180*HZ) The first is for unreplied UDP packets, the second for UDP packets that did get a reply (yes, amanda ACK's the request for estimate before starting the estimate itself). -- Paul Bijnens, XplanationTel +32 16 397.511 Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax +32 16 397.512 http://www.xplanation.com/ email: [EMAIL PROTECTED] *** * I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, * * quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, * * stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, * * PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, * * kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ...* * ... Are you sure? ... YES ... Phew ... I'm out * ***
`RESULTS MISSING' error
Hi,
I'm trying to make Amanda backup my home network (several Linux machines) to
disk. My first plan is to specify a non-existent tape drive (I don't have a
tape drive anymore), and just copy the archives from the holding disk to a
remote disk.
However, I always (for both local and remote disks) get the following error
(after the missing tape error, of course):
anakin sda5 RESULTS MISSING
I started from the amanda.conf I used to backup to DDS tape some years ago, so
I'm quite sure it's not a problem with the config file. Basically I just added
`reserve 20'. Am I missing something?
If needed, I can tar-up /tmp/amanda/.
Or should I use the `file' output driver? It seems to be less flexible to me.
Thanks!
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [EMAIL PROTECTED]
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say programmer or something like that.
-- Linus Torvalds
Recovering tapeless amanda server
We've just had a disk crash on our Amanda 2.4.3 server on RedHat 7.3 Linux. I had it configured to do tapeless backups onto a different fileserver (via chg-multi (I think) and the file tapetype. However, I was shortsighted enough to backup the Amanda config files with Amanda herself. So, now I am left with a load of tape files but don't know how to get at their contents. Can someone, please, point me in the right direction? Best regards, Ralph. http://people.web.psi.ch/bearpark
Re: Recovering tapeless amanda server
On Tue, 13 Jul 2004 at 7:43pm, Ralph at yahoogroups wrote We've just had a disk crash on our Amanda 2.4.3 server on RedHat 7.3 Linux. I had it configured to do tapeless backups onto a different fileserver (via chg-multi (I think) and the file tapetype. However, I was shortsighted enough to backup the Amanda config files with Amanda herself. So, now I am left with a load of tape files but don't know how to get at their contents. Can someone, please, point me in the right direction? docs/RESTORE will still cover this I believe. Just treat the tape files as if they were tapes. 'dd if=tapefile of=header.out bs=32k count=1' will read the header of the first image in 'tapefile'... Come to think of it, though, I don't know a priori how to get to the second image in one of those files (you could do it with counting blocks). Your easiest path is probably just to get amanda installed on the rebuilt server and use amrestore on those tape files. amrestore doesn't need indices. Good luck. -- Joshua Baker-LePain Department of Biomedical Engineering Duke University
Re: Recovering tapeless amanda server
Hi Ralph! Ralph at yahoogroups wrote: So, now I am left with a load of tape files but don't know how to get at their contents. You could have a look at http://www.backupcentral.com/amanda-24.html Ciao, Simon -- Simon Frettloeh Institute AIFB (Applied Computer Science and Formal Description Methods) University of Karlsruhe Engler Str. 11 - 76128 Karlsruhe - Germany
Help with computing dump cycle
Hello, I need help on figuring out how to set up the dump cycle. The way I have previously done backups is a full dump on Friday night with incremental dumps Saturday through Thursday. I keep the full dumps for the past 5 Fridays, and full dumps done on the last Friday of the previous 3 months. I short, I want to have the ability to restore a system to its previous state for the last 7 days, 5 weeks, and 3 months. I have an Powervault 120T/DLT7000 that holds 7 tapes. With compression off each tape holds about 35G. A full dump of all of my systems uncompressed will fill nearly 6 tapes. I have plenty of tapes to swap out all tapes daily. Is there an easy way to set amanda.conf up to backup like this in only one configuration? Or do I need multiple configs? I have already read the Amanda chapter of the O'Reilly Backup book. I would just like to see someone's example config who may be doing something similar to what I am trying to do. Thanks! Jay -- __ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze
Re: Help with computing dump cycle
On Wed, 14 Jul 2004 at 6:20am, Jay Ted wrote I need help on figuring out how to set up the dump cycle. The way I have previously done backups is a full dump on Friday night with incremental dumps Saturday through Thursday. I keep the full dumps for the past 5 Fridays, and full dumps done on the last Friday of the previous 3 months. I short, I want to have the ability to restore a system to its previous state for the last 7 days, 5 weeks, and 3 months. I have an Powervault 120T/DLT7000 that holds 7 tapes. With compression off each tape holds about 35G. A full dump of all of my systems uncompressed will fill nearly 6 tapes. I have plenty of tapes to swap out all tapes daily. Is there an easy way to set amanda.conf up to backup like this in only one configuration? Or do I need multiple configs? I have already read the Amanda chapter of the O'Reilly Backup book. I would just like to see someone's example config who may be doing something similar to what I am trying to do. First, please fix your line lengths. It makes it rather hard to read. Reading the list archives, you'll see that forcing amanda into such a fixed schedule is rather difficult, and somewhat frowned upon. Amanda likes to do its own scheduling, with the goal of eqaulizing the night's backups. How many tapes do you have? If you have 7 days*12 weeks=84 tapes, you can have 3 months worth of history to the daily level, with several level 0s of each filesystem spread throughout your tapes. This is the easiest option, requiring only one config. You could do, e.g., dumpcycle=12 days, runspercycle=12, tapecycle=84. If you have 7 days*5 weeks=35 tapes + 6 tapes*3 months=18 for a total of 53 tapes, you could do 5 weeks worth of history to the daily level plus a separate config doing level 0s of everything once a month. -- Joshua Baker-LePain Department of Biomedical Engineering Duke University
Re: Help with computing dump cycle
On Wed, Jul 14, 2004 at 06:20:36AM +0800, Jay Ted wrote: Hello, I need help on figuring out how to set up the dump cycle. The way I have previously done backups is a full dump on Friday night with incremental dumps Saturday through Thursday. I keep the full dumps for the past 5 Fridays, and full dumps done on the last Friday of the previous 3 months. I short, I want to have the ability to restore a system to its previous state for the last 7 days, 5 weeks, and 3 months. I have an Powervault 120T/DLT7000 that holds 7 tapes. With compression off each tape holds about 35G. A full dump of all of my systems uncompressed will fill nearly 6 tapes. I have plenty of tapes to swap out all tapes daily. Is there an easy way to set amanda.conf up to backup like this in only one configuration? Or do I need multiple configs? I have already read the Amanda chapter of the O'Reilly Backup book. I would just like to see someone's example config who may be doing something similar to what I am trying to do. If you always do what you've always done, you will always have what you've always had. Consider trying the scheduling that amanda was designed to do. Namely it decides which days each disklist entry (DLE, nominally a file system) receives a level 0 and what incremental it gets other days. The aim is to have the administrator give broad specs, as in maximum time between level 0's for each DLE, and let amanda worry about the specifics. When balanced, amanda will be able to backup about the same amount of data (as in tape usage) each dump run. No one hour backups Sat-Thur and twelve hours on Fri, but two hours nightly. I started out with a 1 week dumpcycle for everything and later fine tuned some DLE's to only doing the level 0's, never any incrementals as they never seem to change, others extended to 2 weeks with incrementals too, and some shortened them to 3 days as they vary more rapidly and I wanted the level 0's closer together. jl -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road(609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)
