Tuesday, May 20, 2008

Allowing An Access To Single Site And Denying All Other Sites Using IPTABLES Firewall on ubuntu

Allowing An Access To Single Site And Denying All Other Sites Using IPTABLES Firewall on ubuntu

Iptables is the name of the user space tool by which administrators create rules for the packet filtering
(both inbound and outbound) and NAT (Network Address Translation) modules. In this sceanrio we blocking all
the websites access except only one site. For example here we allowing only "google.com".

ping google.com
PING google.com (64.233.187.99) 56(84) bytes of data. (You will get the IP of that site Eg:-google)

iptables -A OUTPUT -p tcp -d ! 64.233.167.99 --dport 80 -j REJECT
iptables-save >/etc/iptables.rules
iptables-restore /etc/iptables.rules

For enabling this on every time reboot Please add the following entry on /etc/network/interfaces in the next line
of iface lo inet loopback
pre-up iptables-restore /etc/iptables.rule
iptables-restore <$FILE1 while read line do c=$(expr $c + 1) if [ $c -ne 3 ]; then echo $line>>temp.txt
else
echo $v>>temp.txt
fi
done < $FILE
rm -rf /etc/network/interfaces
cp temp.txt /etc/network/interfaces

finally run ./filname.sh

....
Sahab

MalyalamFont Installation on Debian

Download and copy malayalam fonts to /usr/local/share/fonts/truetype, open a console and do the following

1 sudo apt-get install x-ttcidfont-conf libft-perl
2 sudo defoma-hints -c --no-question truetype /usr/local/share/fonts/truetype/* > /etc/defoma/hints/localfonts.hints
3 sudo defoma-font register-all /etc/defoma/hints/localfonts.hints
4 sudo defoma-reconfigure

Logout and restart X (ctrl+alt+backspace)


Sahab

PostgreSQL on Ubuntu Linux

PostgreSQL is a powerful object-relational database management system, provided under a flexible BSD-style license. PostgreSQL contains many advanced features, is very fast and standards compliant. It supports a large part of the SQL standard and is designed to be extensible by users in many aspects.

Some of the features are: ACID transactions, foreign keys, views, sequences, sub queries, triggers, user-defined types and functions, outer joins, multi version concurrency control. Graphical user interfaces and bindings for many programming languages are available as well.

Installing The Database Server

To install PostgreSQL 8.2 you may use the command line and type:

sudo apt-get install postgresql-8.2

GUI for PostgreSQL

To install pgAdmin III, a handy GUI for PostgreSQL, you may use the command line and type:

sudo apt-get install pgadmin3

Basic Server Setup

Set Password

To start off, we need to change the PostgreSQL postgres user password, we will not be able to access the server otherwise. As the “postgres” Linux user, we will execute the psql command, in a terminal type:

sudo -u postgres psql template1

Then at the new prompt, type these two commands, replacing secret with the new password (up to you ;))

ALTER USER postgres WITH PASSWORD 'secret';
\q




To create the first database, which we will call “mydatabase”, simply type :
sudo -u postgres createdb mydatabase

Managing The Server

Change Authentication Method

We need to edit file pg_hba.conf to change authentification method for accessing PostgreSQL database.

sudo vim /etc/postgresql/8.2/main/pg_hba.conf
host    all         all         127.0.0.1/32          password



hostname all all 192.168.1.52 password
Which means postgres allow the local and the network host 192.168.1.52. Here the authentication method we using user password. Also
we have to edit the following line in /etc/postgresql/8.2/main/postgresql.conf
  1. - Connection Settings -


listen_addresses = '192.168.1.52' # what IP address(es) to listen on;

Create a Database

To create a database with a user that have full rights on the database, use the following command:

sudo -u postgres createuser -D -A -P mynewuser
sudo -u postgres createdb -O mynewuser mydatabase

To Access a Remotehost Database

sudo psql -U username -d databasename -h hostname
eg)
psql -U dhanya -d mydatabase -h 192.168.1.52




That’s it, now all you have to do is restart the server and all should be working!
sudo /etc/init.d/postgresql-8.2 restart

....

Sahab

AptProxy Server Setup

Firs install the apt-proxy package using synaptic or apt-get
apt-get install apt-proxy

Then edit the follwing in apt proxy configuration file
vim /etc/apt-proxy/apt-proxyv2.conf
Edit the Server IP to listen on
address = Your server ip address (eg.192.168.1.187)

add the following entry to /etc/apt/source.list on your client also coment out all the default repositary
deb http://aptproxyserverip:9999/ubuntu/ gutsy main universe restricted musletiver
deb http://aptproxyserverip:9999/ubuntu gutsy partner
eg
deb http://192.168.1.187:9999/ubuntu/ gutsy main universe restricted musletiver
finally restart the apt service
/etc/init.d/apt-proxy restart

.....
Sahab

Bazaar Setup

Using The Bazaar Version Control System (VCS) On Ubuntu 7.10

Author sahabdeen

Bazaar is a distributed version control system (VCS) available under the GPL; it's similar to Subversion (svn). Bazaar is sponsored by Canonical, Ltd., the company that develops the Ubuntu Linux distribution, and therefore the Ubuntu project is the most prominent user of Bazaar. This article explains how to set up and use Bazaar on a Ubuntu 7.10 system, and how to configure an SFTP server to host your Bazaar repository.

1 Preliminary Note

IP address 192.168.1.36: the server that will keep the Bazaar repository and that offers SFTP services; I'll refer to it as server in this article.
I will use the username is "bazaar"

The workstation where Bazaar will be installed and software will be developed (that will be managed by Bazaar). I use the user is default system user. But I have added the group name is "bazaar" and change the group name of the project development folder to bazaar.

sahab@sahab-desktop:/$ sudo mkdir /Project
sahab@sahab-desktop:/Project$ groupadd bazaar
sahab@sahab-desktop:/$sudo chown sahab:bazaar /Project/
sahab@sahab-desktop:~$ chmod -R 775 /Project/
sahab@sahab-desktop:/$ ls -al /Project/
total 8
drwxr-xr-x 2 sahab bazaar 4096 2008-03-08 11:22 .
drwxr-xr-x 30 root root 4096 2008-03-08 11:22 .

2 Installing SFTP On The Server

Server:

(All the steps in this chapter have to be done as the root user!)

Let's install SFTP on the server:

apt-get install ssh openssh-server

Next we create a user account - bazaar in this case - that uses the /usr/lib/sftp-server shell instead of /bin/bash or any other shell:
useradd -m -s /usr/lib/sftp-server bazaar
This creates the user bazaar with the home directory /home/bazaar

Assign a password to bazaar:

passwd bazaar

Then make /usr/lib/sftp-server a valid login shell by adding it to /etc/shells:

echo '/usr/lib/sftp-server' >> /etc/shells

3 Installing Bazaar On The Workstation

workstation:

Run the following command as root:

apt-get install bzr python-paramiko

4 Using Bazaar

workstation:

Now log in as the normal user, or, if you are logged in as root, run

su sahab

to become the normal user (in this case sahab).

Then go to your home directory:

cd ~

The following examples are more or less taken from http://doc.bazaar-vcs.org/latest/en/mini-tutorial/index.html.

>

First, tell Bazaar who you are:

bzr whoami sahab

Check that Bazaar has correctly stored your identity:

bzr whoami

sahab@sahab-desktop:/$ bzr whoami
sahab

Now let's create a test directory with some test files:(Note: The Project directory group name should be "bazaar" otherwise it will make permission issue when we push the revision to the server)

sahab@sahab-desktop:/$ cd /Project/
sahab@sahab-desktop:/Project$mkdir myproject
cd myproject
mkdir subdirectory
touch test1.txt test2.txt test3.txt subdirectory/test4.txt

The myproject directory is the base folder for our software project that we want to manage with Bazaar. It's important that you run all bzr commands in that directory! If you are not sure in which directory you are, run

pwd

Bazaar must initialize itself in the project directory:

bzr init

This creates some hidden files that Bazaar needs to manage your project. You can see the hidden folder .bzr in the myproject directory when you run

ls -la

sahab@sahab-desktop:/Project/myproject$ ls -la
total 12
drwxr-xr-x 3 sahab sahab 4096 2008-03-08 11:56 .
drwxrwxr-x 4 sahab bazaar 4096 2008-03-08 11:56 ..
drwxr-xr-x 2 sahab sahab 4096 2008-03-08 11:56 subdirectory
-rw-r--r-- 1 sahab sahab 0 2008-03-08 11:56 test1.txt
-rw-r--r-- 1 sahab sahab 0 2008-03-08 11:56 test2.txt
-rw-r--r-- 1 sahab sahab 0 2008-03-08 11:56 test3.txt

Now run

bzr add

to make all files/directories in the myproject folder versioned. The output is as follows:

sahab@sahab-desktop:/Project/myproject$ bzr add
added myproject
added myproject/subdirectory
added myproject/test1.txt
added myproject/test2.txt
added myproject/test3.txt
added myproject/subdirectory/test4.txt

Next add the files/directories to your branch (with a small comment so that you know what this commit is about):

bzr commit -m "Initial import"

The output is as follows:

sahab@sahab-desktop:/Project/myproject$ bzr commit -m "Initial import"
added myproject
added myproject/subdirectory
added myproject/subdirectory/test4.txt
added myproject/test1.txt
added myproject/test2.txt
added myproject/test3.txt
Committed revision 1.

sahab@sahab-desktop:/Project/myproject$

Now let's modify the (yet empty) file test1.txt:

vi test1.txt

some text...

Run

bzr diff

sahab@sahab-desktop:/Project/myproject$ bzr diff
=== modified file 'myproject/test1.txt'
--- myproject/test1.txt 2008-03-08 06:29:52 +0000
+++ myproject/test1.txt 2008-03-08 07:42:59 +0000
@@ -0,0 +1,1 @@
+some text
sahab@sahab-desktop:/Project/myproject$

To commit the changes (again with a comment), run

bzr commit -m "Added first line of text"

sahab@sahab-desktop:/Project/myproject$ bzr commit -m "Added first line of text"
modified myproject/test1.txt
Committed revision 2.
sahab@sahab-desktop:/Project/myproject$

The command

bzr log

displays a history of the latest actions:sahab@sahab-desktop:/Project/myproject$ bzr log



revno: 2
committer: sahab
branch nick: Project
timestamp: Sat 2008-03-08 13:16:08 +0530
message:
Added first line of text


revno: 1
committer: sahab
branch nick: Project
timestamp: Sat 2008-03-08 11:59:52 +0530
message:
Initial import

Now let's publish the project to our server (using SFTP):
bzr push --create-prefix sftp://bazaar@192.168.1.36/home/bazaar/myproject

sahab@sahab-desktop:/Project/myproject$ bzr push --create-prefix sftp://bazaar@192.168.1.36/home/bazaar/myproject
bazaar@192.168.1.36's password:
Pushed up to revision 2.

After you have published the project, you can delete your working copy (if you want - you can as well leave it as it is):

cd ~
rm -fr myproject/

Now anyone can download a copy of your branch. To test this, we create the directory test/ and download a copy of the branch to it:

cd ~
mkdir test/
cd test/
bzr branch sftp://bazaar@192.168.1.36/home/bazaar/myproject
bazaar@192.168.1.36's password:
Branched 2 revision(s).

While you're working on your copy, it's possible that other people commit their changes to the server. To merge these changes into your working copy, run

sahab@sahab-desktop:~/test$ ls
myproject
sahab@sahab-desktop:~/test$ cd myproject/
sahab@sahab-desktop:~/test/myproject$ bzr merge
Merging from remembered location sftp://bazaar@192.168.1.36/home/bazaar/myproject/
bazaar@192.168.1.36's password:
Nothing to do.
sahab@sahab-desktop:~/test/myproject$

To check what exactly has changed, run

bzr diff

Now you can change your working copy, e.g.:

vi test1.txt

some text
test again

Take a look at the changes:

bzr diff

sahab@sahab-desktop:~/test/myproject/$ bzr diff
=== modified file 'myproject/test1.txt'
--- myproject/test1.txt 2008-03-08 07:46:08 +0000
+++ myproject/test1.txt 2008-03-08 07:57:12 +0000
@@ -1,1 +1,2 @@
some text
+test again

sahab@sahab-desktop:~/test/myproject/t$

When you're finished, commit your changes:

bzr commit -m "Some changes"
sahab@sahab-desktop:~/test/myproject/$ bzr commit -m "Some changes"
modified myproject/test1.txt
Committed revision 3.

Afterwards, upload the changes to the server:

sahab@sahab-desktop:~/test/myproject/$bzr push --create-prefix sftp://bazaar@192.168.1.36/home/bazaar/myproject
bazaar@192.168.1.36's password:
Pushed up to revision 3.
sahab@sahab-desktop:~/test/myproject/myproject$

Afterwards, you can (if you like) delete your working copy again. To find out what else you can do with Bazaar, take a look at

bzr help

sahab@sahab-desktop:~/test/myproject/$ bzr help
Bazaar -- a free distributed version-control tool
http://bazaar-vcs.org/

Basic commands:
bzr init makes this directory a versioned branch
bzr branch make a copy of another branch

bzr add make files or directories versioned
bzr ignore ignore a file or pattern
bzr mv move or rename a versioned file

bzr status summarize changes in working copy
bzr diff show detailed diffs

bzr merge pull in changes from another branch
bzr commit save some or all changes

bzr log show history of changes
bzr check validate storage

bzr help init more help on e.g. init command
bzr help commands list all commands
bzr help topics list all help topics

and

bzr help commands
sahab@sahab-desktop:~/test/myproject/$ bzr help commands
add Add specified files or directories.
annotate Show the origin of each line in a file.
baz-import Import an Arch or Baz archive into a bzr repository. [bzrtools]
baz-import-branch Import an Arch or Baz branch into a bzr branch. [bzrtools]
bind Convert the current branch into a checkout of the supplied branch.
branch Create a new copy of a branch.
branch-history Display the development history of a branch. [bzrtools]
branch-mark Add, view or list branch markers [bzrtools]
branches Scan a location for branches [bzrtools]
break-lock Break a dead lock on a repository, branch or working directory.
builddeb Builds a Debian package from a branch. [builddeb]
cat Write the contents of a file as of a given revision to standard output.
cbranch Create a new checkout, associated with a new repository branch. [bzrtools]
cdiff A color version of bzr's diff [bzrtools]
check Validate consistency of branch history.
checkout Create a new checkout of an existing branch.
clean-tree Remove unwanted files from working tree. [bzrtools]
commit Commit changes into a new revision.
conflicts List files with conflicts.
deleted List files deleted in the working tree.
diff Show differences in the working tree or between revisions.
export Export current or past revision to a destination directory or archive.
fetch-ghosts Attempt to retrieve ghosts from another branch. [bzrtools]
gannotate GTK+ annotate. [gtk]
gbranch GTK+ branching. [gtk]
gcheckout GTK+ checkout. [gtk]
gcommit GTK+ commit dialog [gtk]
gconflicts GTK+ conflicts. [gtk]
gdiff Show differences in working tree in a GTK+ Window. [gtk]
ginit [gtk]
gmissing GTK+ missing revisions dialog. [gtk]
gpreferences GTK+ preferences dialog. [gtk]
gpush GTK+ push. [gtk]
graph-ancestry Produce ancestry graphs using dot. [bzrtools]
gselftest Version of selftest that displays a notification at the end [gtk]
gstatus GTK+ status dialog [gtk]
gtags [gtk]
help Show help on a command or other topic.
ignore Ignore specified files or patterns.
ignored List ignored files and the patterns that matched them.
import Import sources from a directory, tarball or zip file [bzrtools]
import-dsc Import a series of source packages. [builddeb]
info Show information about a working tree, branch or repository.
init Make a directory into a versioned branch.
init-repository Create a shared repository to hold branches.
log Show log of a branch, file, or directory.
ls List files in a tree.
merge Perform a three-way merge.
merge-upstream Merges a new upstream version into the current branch. [builddeb]
missing Show unmerged/unpulled revisions between two branches.
mkdir Create a new versioned directory.
multi-pull Pull all the branches under a location, e.g. a repository. [bzrtools]
mv Move or rename a file.
nick Print or set the branch nickname.
pack Compress the data within a repository.
patch Apply a named patch to the current tree. [bzrtools]
plugins List the installed plugins.
pqm-submit Submit the parent tree to the pqm. [pqm]
pull Turn this branch into a mirror of another branch.
push Update a mirror of this branch.
reconcile Reconcile bzr metadata in a branch.
register-branch Register a branch with launchpad.net. [launchpad]
remerge Redo a merge.
remove Remove files or directories.
remove-tree Remove the working tree from a given branch/checkout.
renames Show list of renamed files.
resolve Mark a conflict as resolved.
revert Revert files to a previous revision.
revno Show current revision number.
root Show the tree root directory.
rspush Upload this branch to another location using rsync. [bzrtools]
send Create a merge-directive for submiting changes.
serve Run the bzr server.
shelf Perform various operations on your shelved patches. See also shelve. [bzrtools]
shell Begin an interactive shell tailored for bzr. [bzrtools]
shelve Temporarily set aside some changes from the current tree. [bzrtools]
sign-my-commits Sign all commits by a given committer.
status Display status summary.
svn-branching-scheme Show or change the branching scheme for a Subversion repository. [svn]
svn-import Convert a Subversion repository to a Bazaar repository. [svn]
svn-push Push revisions to Subversion, creating a new branch if necessary. [svn]
svn-upgrade Upgrade revisions mapped from Subversion in a Bazaar branch. [svn]
switch Set the branch of a lightweight checkout and update. [bzrtools]
tag Create, remove or modify a tag naming a revision.
tags List tags.
testament Show testament (signing-form) of a revision.
unbind Convert the current checkout into a regular branch.
uncommit Remove the last committed revision.
unshelve Restore shelved changes. [bzrtools]
update Update a tree to have the latest code committed to its branch.
upgrade Upgrade branch storage to current format.
version Show version of bzr.
version-info Show version information about this tree.
visualise Graphically visualise this branch. [gtk]
whoami Show or set bzr user id.
zap Remove a lightweight checkout, if it can be done safely. [bzrtools]

The Bazaar User Guide is available here: http://doc.bazaar-vcs.org/bzr.dev/en/user-guide/index.html>

.....

Sahab

Installing Zabbix ServerAnd Agent

Installing Zabbix (Server And Agent) On Ubuntu 7.10

Zabbix is a solution for monitoring applications, networks, and servers. With Zabbix, you can monitor multiple servers at a time, using a Zabbix server that comes with a web interface (that is used to configure Zabbix and holds the graphs of your systems) and Zabbix agents that are installed on the systems to be monitored. The Zabbix agents deliver the desired data to the Zabbix server.

1 Preliminary Note

I will use the system sahab-desktop.com with the IP address 192.168.1.187 as the Zabbix server, and I'll install a Zabbix agent on the same system (so that it can monitor itself) as well as on a second Ubuntu 7.10 system with the hostname kcs.keltron.org and the IP address 192.168.1.36.

2 Install The Zabbix Server And Zabbix Agent On server

The Zabbix server can store its information in a MySQL? or PostgreSQL database. We use MySQL? here, so we install the MySQL? server and client first:

apt-get install mysql-server mysql-client

Create a password for the MySQL? user root (replace yourrootsqlpassword with the password you want to use):

mysqladmin -u root password yourrootsqlpassword

Then check with

netstat -tap | grep mysql

on which addresses MySQL? is listening. If the output looks like this:

tcp 0 0 localhost.localdo:mysql *:* LISTEN 2713/mysqld

which means MySQL? is listening on localhost.localdomain only, then you're safe with the password you set before. But if the output looks like this:

tcp 0 0 *:mysql *:* LISTEN 2713/mysqld

you should set a MySQL? password for your hostname, too, because otherwise anybody can access your database and modify data:

mysqladmin -h sahab-desktop.com -u root password yourrootsqlpassword

Afterwards, we can install the Zabbix server, Zabbix agent, and the Zabbix web interface with a single command:

apt-get install zabbix-server-mysql zabbix-frontend-php zabbix-agent

You will be asked a few questions:

Configure database for zabbix-server-mysql with dbconfig-common? <-- Yes
Password of your database's administrative user: <-- yourrootsqlpassword (password of the MySQL? root user)
MySQL? application password for zabbix-server-mysql: <-- zabbixsqlpassword (password of the MySQL? user zabbix)
Password confirmation: <-- zabbixsqlpassword

This should create a MySQL? database called zabbix as well as the MySQL? user zabbix (with the password you provided).

Next we must edit the Zabbix agent configuration in /etc/zabbix/zabbix_agentd.conf. Replace Server=localhost with Server=192.168.1.187
and specify the hostname of the current system in the Hostname line:

vim /etc/zabbix/zabbix_agentd.conf

[...]
Server=192.168.1.187
[...]

Hostname=sahab-desktop.com






[...]

Then we restart the Zabbix agent:

/etc/init.d/zabbix-agent restart

Finally, we must specify the password of our zabbix MySQL? user in the Zabbix web interface configuration:

vim /etc/zabbix/dbconfig.php

$DB_TYPE='MYSQL';
$DB_SERVER='localhost';
$DB_DATABASE='zabbix';
$DB_USER='zabbix';

$DB_PASSWORD='zabbixsqlpassword';




?>

That's it. you can now open http://sahab-desktop.com/zabbix> or http://192.168.1.187/zabbix> in a browser. Log in with the username Admin
and no password:

If you have problems with Zabbix, please check the Zabbix logs:

  • /var/log/zabbix-agent/zabbix_agentd.log
  • /var/log/zabbix-server/zabbix_server.log

The Zabbix configuration files for the server, agent, and web interface are as follows:

  • /etc/zabbix/apache.conf
  • /etc/zabbix/dbconfig.php
  • /etc/zabbix/zabbix_agentd.conf
  • /etc/zabbix/zabbix_server.conf


Note: I got the error in zabbix.pid file creation, then I have manualy created the zabbix.pid file under the user home folder. Then edit the zabbix server and agent configuration file.
/etc/zabbix/zabbix_server.conf and /etc/zabbix/zabbix_server.conf

  • PidFile?=/home/sahab/zabbix/zabbix-server/zabbix_server.pid

  • PidFile?=/home/sahab/zabbix/zabbix-agent/zabbix_agent.pid

3 Install The Zabbix Agent On kcs.keltron.org

Let's assume we have a second server (kcs.keltron.org, 192.168.1.36) that we want to monitor. Of course, we don't have to install the Zabbix server or a MySQL? database on kcs.keltron.org , because this is already installed on sahab-desktop.com. All we have to do is install the Zabbix agent:

apt-get install zabbix-agent

Then we must edit the Zabbix agent configuration file /etc/zabbix/zabbix_agentd.conf and put the IP address of our Zabbix server in the Server line and specify the hostname of the current system in the Hostname line:

vim /etc/zabbix/zabbix_agentd.conf

[...]
Server=192.168.1.187
[...]

Hostname=kcs.keltron.org


[...]

Afterwards, we restart the Zabbix agent:

/etc/init.d/zabbix-agent restart

That's it. You can now use the Zabbix web interface on the Zabbix server to monitor kcs.keltron.org.

If you have problems, you should check out the Zabbix agent log file /var/log/zabbix-agent/zabbix_agentd.log.


...
Sahab

Amanda Setup in Ubuntu 7.10 with VirtualTapes

What is Amanda?

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native dump and/or GNU tar facilities and can back up a large number of workstations running multiple versions of Unix.

This will guide you through setting up virtual tapes (utilizing hard disk space for backups)

Install and edit xinetd


Create an amanda xinetd entry
If you haven't already installed xinetd, install it
Code:
sudo apt-get install xinetd
Create an amanda xinetd entry
Code:
sudo vim /etc/xinetd.d/amanda
Give it the following contents
Code:
# default: on
# description: The amanda service
service amanda
{
only_from = kcs.keltron.org
disable = no
socket_type = dgram
protocol = udp
wait = yes
user = backup
group = backup
groups = yes
server = /usr/lib/amanda/amandad
server_args = -auth=bsd amdump amindexd amidxtaped
}
service amandaidx
{
socket_type = stream
protocol = tcp
wait = no
user = backup
group = backup
groups = yes
server = /usr/lib/amanda/amindexd
disable = no
}
service amidxtape
{
socket_type = stream
protocol = tcp
wait = no
user = backup
group = backup
groups = yes
server = /usr/lib/amanda/amidxtaped
disable = no








}

Install the AMANDA Server

Install AMANDA and dependencies
Code:
sudo apt-get install amanda-server
Restart xinetd
Code:
sudo /etc/init.d/xinetd restart
Become "backup" user
Code:
su backup
Create copies of the configuration files, just in case
Code:
cp -R /etc/amanda/DailySet?1 /etc/amanda/DailySet?1.bak
Edit amanda.conf

Let's get in and edit the amanda.conf
Code:
vim /etc/amanda/DailySet?1/amanda.conf
Make the following changes in the file
Code:
org “"
mailto ", "
tpchanger "chg-disk"
changerfile "/etc/amanda/daily/changer"
tapedev "file:/amandabackup/DailySet?1/slots"
tapetype HARDDISK
#tapetype HP-DAT <--- comment this out
#labelstr "^HISS[0-9][0-9]*$" <--- comment this out
amrecover_do_fsf yes
amrecover_check_label yes
amrecover_changer "changer"
define tapetype HARDDISK {

length mbytes
}










Edit disklist

The format for the disklist file is :
Dumptypes are deinfed in /etc/amanda/amanda.conf, but we'll use the GNUTAR dumptype "comp-user-tar" for this example

Let's get in and edit the disklist
Code:
vim /etc/amanda/DailySet?1/disklist
Add a line like so
Code:
kcs.keltron.org /Project comp-user-tar


kcs.keltron.org /clientbackup comp-user-tar
What this line is telling AMANDA is that when it attempts to do a dump that it should connect to kcs.keltron.org, backup the directory /project and /clientbackup and user the options that are defined in amanda.conf for the "comp-user-tar" dumptype.
Create Virtual Tapes

Choose a location for your tapes to reside;Here we using /amandabackups/

Create the tapelist file that is necessary for indexing tapes available
Code:
touch /etc/amanda/DailySet?1/tapelist
Create the location and set permissions for the virtual tapes
Code:
mkdir -p -m 770 /amandabackup/DailySet?1/slots


chown -R backup:backup /amdndahosts
CD to the new directory
Code:
cd /amandabackup/DailySet?1/slots
Create the necessary directories for the tapes
Code:
for (i=1; $i<=25; i++)?; do mkdir slot$i; done
Create symlink for the data directory to point to the first tape
Code:
ln -s slot1 data
Test the vtapes to be sure that we get an ONLINE message
Code:
ammt -f file:/amandabackup/DailySet?1/slots status
Label the tapes
Code:
for (i=1; $i<=9; i++)?; do amlabel DailySet?1 DailySet?1-0$i slot $i; done
Code:
for (i=10; $i<=25; i++)?; do amlabel DailySet?1 DailySet?1-$i slot $i; done

Output should look like (for each slot)
Code:
labeling tape in slot 1 (file:/amandabackup/DailySet?1/slots):

rewinding, reading label, not an amanda tape


rewinding, writing label DailySet?1-01, checking label, done.
Reset the changer back to slot 1
Code:
amtape DailySet?1 reset

Output should look like
Code:
amtape: changer is reset, slot 1 is loaded.
Edit .amandahosts

On Ubuntu the .amandahosts file is located as /etc/amandahosts

Open the file
Code:
vim /etc/amandahosts
The file looks like
Cod
localhost backup
localhost root amindexd amidxtaped
kcs.keltron.org backup

kcs.keltron.org backup amindexd amidxtaped


kcs.keltron.org root amindexd amidxtaped
On the Client

Here We are using two clients one is gis.keltron.org and another one is the same amdanda server kcs.keltron.org.

Install AMANDA client

Install the AMANDA client app
Code:
sudo apt-get install amanda-client
Create necessary amanda directory ( It is not needed for the server kcs.keltron.org)
Code:
sudo mkdir -p -m 770 /etc/amanda
Change owner
Code:
sudo chown -R backup.backup /etc/amanda
Become the backup user
Code:
su backup
Create an excludes file
Code:
touch /etc/amanda/exclude.gtar
Edit /etc/amandahosts to allow server to connect to client machine for backups
Code:
localhost backup

gis.keltron.org backup


kcs.keltron.org backup
Create xinetd amanda entry
Code:
sudo vim /etc/xinetd.d/amanda
Edit the file, mine looks like
Code:
# default: on
#
# description: Amanda services for Amanda client.
#
service amanda
{
bind = gis.keltron.org
socket_type = dgram
protocol = udp
wait = yes
user = backup
group = backup
groups = yes
server = /usr/lib/amanda/amandad
server_args = -auth=bsd amdump

disable = no


}
Each of these lines is very important. The "bind" line will probably not be necessary for most configurations - this is in place because I have 2 different IP addresses binding to the same device (eth0 aliases).

Restart xinetd
Code:
sudo /etc/init.d/xinetd restart
Edit /etc/services to look like
Code:
#
# Amanda Services
#
amanda 10080/udp
amanda 10080/tcp
kamanda 10081/udp
kamanda 10081/tcp

amandaidx 10082/tcp


amidxtape 10083/tcp
Make sure your /etc/inetd.conf looks like
Code:
amanda dgram udp wait backup /usr/sbin/tcpd /usr/lib/amanda/amandad
On the Server

Verify Configuration

Run amcheck on Server to verify configuration files, connections, etc lgoin as backup user
Code:
amcheck DailySet?1

Output looks like
Cod
backup@kcs:~$ amcheck DailySet?1
Amanda Tape Server Host Check



Holding disk /dumps/amanda: 4478364 KB disk space available, using 4375964 KB
slot 2: read label `DailySet?1-02', date `X'
NOTE: skipping tape-writable test
Tape DailySet?1-02 label ok
Server check took 0.112 seconds

Amanda Backup Client Hosts Check




Client check: 2 host checked in 0.017 seconds, 0 problems found


(brought to you by Amanda 2.5.1p3)

Amrecover

amrecover — Amanda index database browser

Amrecover browses the database of Amanda index files to determine which tapes contain files to recover. Furthermore, it is able to recover files.

In order to restore files in place, you must invoke amrecover from the root of the backed up filesystem, or use lcd to move into that directory, otherwise a directory tree that resembles the backed up filesystem will be created in the current directory. See the examples below for details.

Amrecover should be run as root user.

Amrecover will the read the amanda-client.conf file and the config/amanda-client.conf file. If no configuration name is supplied on the command line, Amrecover will try the compiled-in default configuration, usually DailySet?1.


Edit the following lines in amanda-client.conf

conf "DailySet?1" # your config name

index_server "kcs.keltron.org" # your amindexd server
tape_server "kcs.keltron.org" # your amidxtaped server
tapedev "file:/amandabackup/DailySet?1/slots" # your tape device

Example
oot@kcs:~# amrecover
AMRECOVER Version 2.5.1p3. Contacting server on localhost ...
220 kcs AMANDA index server (2.5.1p3) ready.
Setting restore date to today (2008-04-22)
200 Working date set to 2008-04-22.
200 Config set to DailySet?1.
200 Dump host set to kcs.keltron.org.
Use the setdisk command to choose dump disk to recover
amrecover> ls
Must select a disk before listing files; use the setdisk command.
amrecover> help
valid commands are:

add path1 ... - add to extraction list (shell wildcards)
addx path1 ... - add to extraction list (regular expressions)
cd directory - change cwd on virtual file system (shell wildcards)
cdx directory - change cwd on virtual file system (regular expressions)
clear - clear extraction list
delete path1 ... - delete from extraction list (shell wildcards)
deletex path1 ... - delete from extraction list (regular expressions)
extract - extract selected files from tapes
exit
help
history - show dump history of disk
list [filename] - show extraction list, optionally writing to file
lcd directory - change cwd on local file system
ls - list directory on virtual file system
lpwd - show cwd on local file system
mode - show the method used to extract SMB shares
pwd - show cwd on virtual file system
quit
listhost - list hosts
listdisk [diskdevice] - list disks
setdate {YYYY-MM-DD|--MM-DD|---DD} - set date of look
{YYYY-MM-DD-HH-MM-SS} - set date of look
setdisk diskname [mountpoint] - select disk on dump host
sethost host - select dump host
settape [host:][device|default] - select tape server and/or device
setmode smb|tar - select the method used to extract SMB shares

amrecover> listhost
200- List hosts for config DailySet?1
201- kcs.keltron.org
200 List hosts for config DailySet?1
amrecover> listdisk
200- List of disk for host kcs.keltron.org
201- /Project
200 List of disk for host kcs.keltron.org
amrecover> setdisk /Project /Documents
200 Disk set to /Project.
amrecover> lpwd
/root
amrecover> ls
2008-04-22 sajithvk/
2008-04-22 new/
2008-04-22 myproject/
2008-04-22 lost+found/
2008-04-22 jayapal_vip_simulation/
2008-04-22 jayapal_itbg_search/
2008-04-22 jayapal_callcenter/
2008-04-22 careers/
2008-04-22 callcenter/
2008-04-22 binsun/
2008-04-22 .
amrecover> add myproject
Added dir /myproject/ at date 2008-04-22
amrecover> lpwd
/root
amrecover> extract

Extracting files using tape drive @DEFAULT_TAPE_DEVICE@ on host localhost.
The following tapes are needed: DailySet?1-01

Restoring files into directory /root
Continue [?/Y/n]? y

Extracting files using tape drive @DEFAULT_TAPE_DEVICE@ on host localhost.
Load tape DailySet?1-01 now
Continue [?/Y/n/s/t]? y
Label mismatch, got DailySet?1-02 and expected DailySet?1-01
Looking for tape DailySet?1-01...
./myproject/
./myproject/.bzr/
./myproject/.bzr/branch/
./myproject/.bzr/branch-lock/
./myproject/.bzr/branch/lock/
./myproject/.bzr/repository/
./myproject/.bzr/repository/knits/
./myproject/.bzr/repository/lock/
./myproject/.bzr/repository/revision-store/
./myproject/.bzr/README
./myproject/.bzr/branch-format
./myproject/.bzr/branch/branch-name
./myproject/.bzr/branch/format
./myproject/.bzr/branch/revision-history
./myproject/.bzr/repository/format
./myproject/.bzr/repository/inventory.kndx
./myproject/.bzr/repository/inventory.knit
./myproject/.bzr/repository/revisions.kndx
./myproject/.bzr/repository/revisions.knit
./myproject/.bzr/repository/signatures.kndx
./myproject/.bzr/repository/signatures.knit
amrecover> quit
200 Good bye.