rsnapshot is a filesystem snapshot utility for making backups of local and remote systems.Using rsync and hard links, it is possible to keep multiple, full backups instantly available. The disk space required is just a little more than the space of one full backup, plus incrementals.
rsnapshot directory setup
Directory for snapshots: /.snapshots
General configuration file for rsnapshots: /etc/rsnapshot.conf
This file should have the following configuration. NOTE: DO NOT COPY and paste contents from here into the configuration file
no_create_root 1
cmd_cp /bin/cp
cmd_rm /bin/rm
cmd_rsync /usr/bin/rsync
cmd_logger /usr/bin/logger
cmd_du /usr/bin/du
interval daily 7
interval weekly 4
interval monthly 3
verbose 2
loglevel 3
logfile /var/log/rsnapshot
lockfile /var/run/rsnapshot.pid
rsync_short_args -aH
rsync_long_args --delete --numeric-ids --relative --delete-excluded --no-specials --no-devices
one_fs 1
exclude_file /etc/rsnapshot/excludes
link_dest 1
use_lazy_deletes 1
rsync_numtries 3
General excludes file: touch /etc/rsnapshot/excludes
The list of directories in this file will be excluded from all server backups.
/dev/*
/etc/egd_pool
/etc/gconf/*
/etc/selinux/*
lost+found
/.snapshots/*
/tmp/*
/usr/X11R6/*
/usr/tmp/*
/var/lib/mysql/*
/var/log/*
/var/tmp/*
Server snapshot config file: touch /etc/rsnapshot/configs.daily/servername
Copy the rsnapshot.conf file to /etc/rsnapshot/configs.daily/ and make changes as follows removing anything that is not required.
include_conf /etc/rsnapshot.conf
snapshot_root /.snapshots/SERVER
cmd_ssh /usr/bin/ssh
ssh_args -i /root/.ssh/rsnapshot_dsa
lockfile /var/run/rsnapshot-SERVER.pid
exclude /SERVER/data/*
backup root@SERVER:/ ./
backup root@SERVER:/boot/ ./
backup root@SERVER:/home/ ./
backup root@SERVER:/usr/ ./
ssh keys
Ensure the following permissions are true in the Rsnapshot server ssh directory
drwx------ 2 root root 4096 Apr 2 12:49 /root/.ssh/
-rw------- 1 root root 656 Apr 1 12:31 authorized_keys
Generate a blank key called rsnapshot_dsa using
ssh-keygen -t dsa
This will generate and rsnapshot_dsa and rsnapshot_dsa.pub. edit the rsnapshot_dsa.pub file and add the command in as shown below
command="/usr/local/sbin/validate-rsync.sh" ssh-dss AasdsadasdasdasddACBAOD281eB
GOuph+nsadasdasdasdasdasdadgagadadfafafafafwrwcqdAAAW"nr9Ww5mWRAR4HXkGMB9/B9PH7Qx
Xi1og6HpJxJHQF/uOgve/eA+8+GIoFCT2YO7UpIGnhzY6Guk3gM3m1aA9vS6CL5nZUGW4eg0gmMgBLyP
WJaRAAAAFQCfXj9LX4fSIcpWu92432qw4agrdf648u6ethsgew8u6qtehagoi74qj6et+Bp/9lHh2GW2X
2Jsdajhd79324ehd8237847299de83uem3udj9du39nxufmfwef/.lkf'pewoir032r94u234u3i24u3i
t4STYZoloBxLzIquPnbK9Z1LopiRJ6TfsZw3WhppshrAhW3JVwZ5gG7Ux+tXcE7jq7ykf00
Pipe in the contents of rsnapshot_dsa.pub into authorized_keys on local server and all remote servers
cat rsnapshot_dsa.pub >> authorized_keys
The command command="/usr/local/sbin/validate-rsync.sh" points to a script which only allows rsync communication between servers.
#!/bin/sh
# Validate rsync command for remote backups
case "$SSH_ORIGINAL_COMMAND" in
*\&*)
echo "Rejected"
;;
*\;*)
echo "Rejected"
;;
rsync\ --server*)
$SSH_ORIGINAL_COMMAND
;;
*)
echo "Rejected"
;;
esac
Ensure that rsync daemon is enabled in /etc/xinet.d/rsync
To execute an rsnapshot job run the following command: rsnapshot -c /etc/rsnapshot/configs.daily/servername daily
To add rsnashot as a daily cron add this script to /etc/cron.daily/mirrors/
vim /etc/cron.daily/mirrors/rsnapshot-daily.sh
RUN=/etc/rsnapshot/scripts/run-rsnapshot
if [ ! -x $RUN ]; then
echo Error: $RUN not found, exiting
exit 1
fi
FREQ=daily
CONFIGS=
CONFIGS="$CONFIGS hourly"
CONFIGS="$CONFIGS daily"
for name in $CONFIGS; do
CONFIGDIR=/etc/rsnapshot/configs.$name
$RUN $CONFIGDIR $FREQ
done
The following script will be called by the cron task.
vim /etc/rsnapshot/scripts/run-rsnapshot
#!/bin/bash
#
# run-rsnapshot - concept taken run-parts
# keep going when something fails
#set +e
progname=`basename $0`
if [ $# -lt 2 ]; then
echo "Usage: $1 [ options ] "
exit 1
fi
CONFIGDIR=$1
shift
if [ ! -d $CONFIGDIR/. ]; then
echo "Not a directory: $CONFIGDIR"
exit 1
fi
# Ignore *~ and *, scripts
for i in $CONFIGDIR/*[^~,] ; do
[ ! -f $i ] && continue
# Don't run *.{rpmsave,rpmorig,rpmnew,swp} scripts
[ "${i%.disable}" != "${i}" ] && continue
[ "${i%.rpmsave}" != "${i}" ] && continue
[ "${i%.rpmorig}" != "${i}" ] && continue
[ "${i%.rpmnew}" != "${i}" ] && continue
[ "${i%.swp}" != "${i}" ] && continue
[ "${i%,v}" != "${i}" ] && continue
# Make ure the host is alive!
host=`basename ${i}`
# Strip off trailing rsync
host=`echo $host | sed 's/-rsync$//g'`
ping -c3 $host >/dev/null 2>/dev/null
if [ $? -ne 0 ]; then
echo Error: Cannot ping $host, skipping
continue
fi
# Use rsnapshot instead of progname
DATE=`date "+%Y%m%d%H%M"`
echo "$progname:"
echo " $DATE: /usr/bin/rsnapshot -c $i $*"
/usr/bin/rsnapshot -c $i $*
DATE=`date "+%Y%m%d%H%M"`
echo " $DATE: Completed"
done
exit 0
Back to Resources