#!/bin/sh # configbackup -- copies various important files to some specified backup dir. # http://www.jpsdomain.org/linux/OnStream_DI-30-RedHat_Backup_mini-HOWTO.html # v1.0 25-Feb-2001 JP Vossen From CDBackup.bat and Srv-Bk.bat # v2.0 01-Jul-2001 JPV Updated for more (RedHat 7.1) stuff, changed to # create tar instead of copying to a directory, use find # instead of ls. Add notes. # Copyright 2001 JP Vossen # This script is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # In no event shall the author be liable for any damages whatsoever # (including, without limitation, damages for loss of business profits, # business interruption, loss of business information, or any other # pecuniary loss) arising out of the use of or inability to use this script. ##################################################################### # NOTES # # 1. Many of these files are sensitive! Protect them! E.g. passwd, # shadow, groups, ssh, tripwire. # 2. Not all of these files will be found on every system/distro! # 3. By default, gzip is used to compress the file. So you should # name it .tgz. If you don't want this, remove the -z in the # tar command. # 4. The various run-states are NOT backed-up. If you messed with # what gets run when, you're on your own. The actual run scripts # do get backed up, so changes to them are saved. With RedHat # 7.1, however, you should probably make the changes to /etc/sysconfig # not the run script itself. Same deal for xinet.d. # 5. May should review the paths and tar file to make sure everything # you think is/should be saved is. For example, my DNS is chrooted # but I have a symlink into the chroot dir from /var/named, so # from the "outside" of the named/chroot jail it does not look # chrooted. if you have a chroot DNS with no symlink, your DNS # files will not be saved! ##################################################################### if [ -z $1 ]; then echo "" echo "Usage: $0 {destination tar file}" echo " Copies various important files to {dest} as backups." echo " e.g. $0 `date +%Y-%M-%d-Configs.tgz`" echo "" echo "NOTE: Many of these files are sensitive! Protect them!" echo " e.g. ssh, passwd, shadow, groups" echo "" exit 1 fi # Could do other interesting things here, like making the destination file: # Mon, Tue, Wed, Jan, Feb, Mar, week number (+%W) etc. # Use the date command, like DESTFILE=/root/`date +%a` or `date +%b` # Then disable the usage above #DESTDIR=${1%%/} # Remove any trailing / DESTFILE=$1 # Make a temp file TEMPFILE=`mktemp -q /tmp/${0##/*/}.XXXXXX` if [ ! -e ${TEMPFILE} ]; then echo "$0: Can't create temp file, exiting..." exit 1 fi if [ -s ${TEMPFILE} ]; then echo "$0: Temp file not empty, exiting..." exit 1 fi # Output is suitable for redirection into a log file, if you care... echo "" echo "Starting $0 on `date`." echo "" echo "Finding Web Server stuff..." # This gets the Apache manual too. # find /home/home/httpd/ >> ${TEMPFILE} 2> /dev/null find /home/httpd/cgi-bin/ > ${TEMPFILE} 2> /dev/null # Note the single > to clobber! find /var/www/cgi-bin/ >> ${TEMPFILE} 2> /dev/null echo "Finding specific, individual config files..." find /etc/aliases* >> ${TEMPFILE} 2> /dev/null find /etc/at.deny >> ${TEMPFILE} 2> /dev/null find /etc/auto.* >> ${TEMPFILE} 2> /dev/null find /etc/bashrc >> ${TEMPFILE} 2> /dev/null find /etc/conf.* >> ${TEMPFILE} 2> /dev/null find /etc/crontab >> ${TEMPFILE} 2> /dev/null find /etc/csh.cshrc >> ${TEMPFILE} 2> /dev/null find /etc/DIR_COLORS >> ${TEMPFILE} 2> /dev/null find /etc/dosemu.users >> ${TEMPFILE} 2> /dev/null find /etc/dumpdates >> ${TEMPFILE} 2> /dev/null find /etc/exports >> ${TEMPFILE} 2> /dev/null find /etc/fstab* >> ${TEMPFILE} 2> /dev/null find /etc/ftp* >> ${TEMPFILE} 2> /dev/null find /etc/gettydefs >> ${TEMPFILE} 2> /dev/null find /etc/group >> ${TEMPFILE} 2> /dev/null find /etc/host* >> ${TEMPFILE} 2> /dev/null find /etc/HOSTNAME >> ${TEMPFILE} 2> /dev/null find /etc/inittab >> ${TEMPFILE} 2> /dev/null find /etc/inputrc >> ${TEMPFILE} 2> /dev/null find /etc/isapnp.gone >> ${TEMPFILE} 2> /dev/null find /etc/issue* >> ${TEMPFILE} 2> /dev/null find /etc/kderc >> ${TEMPFILE} 2> /dev/null find /etc/lmhosts >> ${TEMPFILE} 2> /dev/null find /etc/login.defs >> ${TEMPFILE} 2> /dev/null find /etc/logrotate.conf >> ${TEMPFILE} 2> /dev/null find /etc/lpd* >> ${TEMPFILE} 2> /dev/null find /etc/lynx.cfg >> ${TEMPFILE} 2> /dev/null find /etc/MACHINE.SID >> ${TEMPFILE} 2> /dev/null find /etc/mail* >> ${TEMPFILE} 2> /dev/null find /etc/man.config >> ${TEMPFILE} 2> /dev/null find /etc/modules >> ${TEMPFILE} 2> /dev/null find /etc/motd >> ${TEMPFILE} 2> /dev/null find /etc/mtab >> ${TEMPFILE} 2> /dev/null find /etc/named.boot >> ${TEMPFILE} 2> /dev/null find /etc/networks >> ${TEMPFILE} 2> /dev/null find /etc/nwserv.stations >> ${TEMPFILE} 2> /dev/null find /etc/passwd >> ${TEMPFILE} 2> /dev/null find /etc/print* >> ${TEMPFILE} 2> /dev/null find /etc/profile >> ${TEMPFILE} 2> /dev/null find /etc/protocols >> ${TEMPFILE} 2> /dev/null find /etc/redhat-release >> ${TEMPFILE} 2> /dev/null find /etc/rmt >> ${TEMPFILE} 2> /dev/null find /etc/rpc >> ${TEMPFILE} 2> /dev/null find /etc/screenrc >> ${TEMPFILE} 2> /dev/null find /etc/securetty >> ${TEMPFILE} 2> /dev/null find /etc/sendmail* >> ${TEMPFILE} 2> /dev/null find /etc/services >> ${TEMPFILE} 2> /dev/null find /etc/shadow >> ${TEMPFILE} 2> /dev/null find /etc/shells >> ${TEMPFILE} 2> /dev/null find /etc/smbpasswd >> ${TEMPFILE} 2> /dev/null find /etc/smbusers >> ${TEMPFILE} 2> /dev/null find /etc/snmpd.agentinfo >> ${TEMPFILE} 2> /dev/null find /etc/squid.conf.default >> ${TEMPFILE} 2> /dev/null find /etc/termcap >> ${TEMPFILE} 2> /dev/null find /etc/TextConfig >> ${TEMPFILE} 2> /dev/null find /etc/tw.config >> ${TEMPFILE} 2> /dev/null find /etc/wgetrc >> ${TEMPFILE} 2> /dev/null find /etc/X11/XF86Config >> ${TEMPFILE} 2> /dev/null find /etc/zlog* >> ${TEMPFILE} 2> /dev/null find /etc/zprofile >> ${TEMPFILE} 2> /dev/null find /etc/zsh* >> ${TEMPFILE} 2> /dev/null echo "Finding all rc, .conf, orig, rpm(save|orig), cfg, config files..." find /etc -iname *.cfg >> ${TEMPFILE} 2> /dev/null find /etc -iname *.cnf >> ${TEMPFILE} 2> /dev/null find /etc -iname *.conf >> ${TEMPFILE} 2> /dev/null find /etc -iname /*.config >> ${TEMPFILE} 2> /dev/null find /etc -iname *.ini >> ${TEMPFILE} 2> /dev/null find /etc -iname *.orig >> ${TEMPFILE} 2> /dev/null find /etc -iname *.rc* >> ${TEMPFILE} 2> /dev/null find /etc -iname *.rpm* >> ${TEMPFILE} 2> /dev/null find /etc -iname *rc >> ${TEMPFILE} 2> /dev/null echo "Finding rc.d files..." find /etc/rc.d/init.d >> ${TEMPFILE} 2> /dev/null echo "Finding autoupdate files..." find /etc/autoupdate.d >> ${TEMPFILE} 2> /dev/null echo "Finding banner files..." find /etc/banner >> ${TEMPFILE} 2> /dev/null echo "Finding cron files..." find /etc/cron >> ${TEMPFILE} 2> /dev/null echo "Finding junkbuster files..." find /etc/junkbuster >> ${TEMPFILE} 2> /dev/null #echo "Finding linuxconf files..." #find /etc/linuxconf >> ${TEMPFILE} 2> /dev/null echo "Finding logcheck files..." find /etc/logcheck >> ${TEMPFILE} 2> /dev/null echo "Finding config files for log rotations..." find /etc/logrotate.d >> ${TEMPFILE} 2> /dev/null echo "Finding mail files..." find /etc/mail >> ${TEMPFILE} 2> /dev/null echo "Finding profile.d files..." find /etc/profile.d >> ${TEMPFILE} 2> /dev/null echo "Finding samba files..." find /etc/samba -name codepages -prune -o -print >> ${TEMPFILE} 2> /dev/null echo "Finding security files..." find /etc/security >> ${TEMPFILE} 2> /dev/null echo "Finding ssh files..." find /etc/ssh >> ${TEMPFILE} 2> /dev/null echo "Finding sysconfig files..." find /etc/sysconfig >> ${TEMPFILE} 2> /dev/null echo "Finding tripwire config files..." find /etc/tripwire/tw* >> ${TEMPFILE} 2> /dev/null echo "Finding xinetd.d files..." find /etc/xinetd.d >> ${TEMPFILE} 2> /dev/null echo "Finding DNS files..." #find /home/dns/var/named/* >> ${TEMPFILE} 2> /dev/null find /var/named/* >> ${TEMPFILE} 2> /dev/null echo "" # sort and unique the temp file mv ${TEMPFILE} ${TEMPFILE}.tmp cat ${TEMPFILE}.tmp | sort | uniq > ${TEMPFILE} echo "Creating compressed tar file ${DESTFILE}, and setting tight perms..." tar czf ${DESTFILE} -T ${TEMPFILE} chmod 400 ${DESTFILE} # Clean up rm -f ${TEMPFILE} ${TEMPFILE}.tmp echo "" echo "Finished $0 on `date`." echo "" echo "NOTE: Many of these files are sensitive! Protect them!" echo " e.g. ssh, passwd, shadow, groups" echo ""