SUMMARY: Remote Backup & Recovery

From: Asadoorian, Paul (Paul.Asadoorian@GTECH.COM)
Date: Wed Jul 26 2000 - 07:43:44 CDT


The question was:

We are trying to construct a secure plan to backup our servers in our DMZ.
We have a DLT drive and a couple of DDS2 SCSI drives attached to some of the
machines. We would like to backup four systems to the DLT drive over the
network. We have gotten this working using SSH and a special version of
ufsdump that will use ssh (instead of rsh). The problem is that we have to
allow root login in order for the backup to work. Do you have to be root to
get a GOOD backup? Is there another approach that we are missing? Will
summarize.....

Our answer is:

Using SSH and ufsdump together (sorry, I was mistaken, there is no special
version of ufsdump) we kick off the backups on the other systems. We create
a backup user that is in the sys group, and also be sure that ufsdump is
setuid and owned by root. The backup users login script is actually the
backup script. So all we have to do from the machine with the tape drive is
login as the backup user on each machine. We dont need a password because,
well, there really isn't a shell, besides we are using private keys
generated from within ssh.

Thanks for all the help....

 <<Re: Remote Backup & Recovery>> <<RE: Remote Backup & Recovery>> <<Re:
Remote Backup & Recovery>> <<Re: Remote Backup & Recovery>> <<Re: Remote
Backup & Recovery>> <<RE: Remote Backup & Recovery>> <<Re: Remote Backup &
Recovery>> <<RE: Remote Backup & Recovery>> <<Re: Remote Backup &
Recovery>>

Paul Asadoorian
Systems Administrator
UWin!


attached mail follows:


On 25.Jul.2000 -- 10:40 AM, Asadoorian, Paul wrote:
> We are trying to construct a secure plan to backup our servers in our DMZ.
> We have a DLT drive and a couple of DDS2 SCSI drives attached to some of
the
> machines. We would like to backup four systems to the DLT drive over the
> network. We have gotten this working using SSH and a special version of
> ufsdump that will use ssh (instead of rsh). The problem is that we have
to
> allow root login in order for the backup to work. Do you have to be root
to
> get a GOOD backup? Is there another approach that we are missing? Will
> summarize.....

You need to be root because you need to have access to all files.
You don't need to be root to access the tape.
So you need to find a way to trigger root to execute ufsdump. (cron,
ssh + ~/.shosts, ssh + ~/.ssh/authorized_keys, sudo)
You could have an sshd on a non-standard port, additionally protected
by ipf.

Where did you get an ufsdump version that uses ssh? I'm very
interested in one.

        Christian Haul

-- 
Technische Universität Darmstadt 
Datenbanken  & Verteilte Systeme	+49.6151.16 -6232 (Tel) / -6229
(Fax)
C h r i s t i a n        H a u l
http://www.informatik.tu-darmstadt.de/DVS1/
haul@informatik.tu-darmstadt.de         See Personal Homepage for PGP-Key

attached mail follows:


On 25-Jul-00 at 14:40:48 Asadoorian, Paul wrote:
> We are trying to construct a secure plan to backup our servers in our DMZ.
> We have a DLT drive and a couple of DDS2 SCSI drives attached to some of
> the machines. We would like to backup four systems to the DLT drive over
> the network. We have gotten this working using SSH and a special version
> of ufsdump that will use ssh (instead of rsh).
>
Intersting. Could I ask where you got the special version of ufsdump? We
currently use ufsdump piped through openssh (or is it the other way round?)
It works, but an ssh-aware ufsdump would probably be nicer/cleaner.

In answer to your question I would say (1) okay so you allow root logins,
but it is secure since you are using ssh; (2) I *think* you can allow full
backups by using slice 2 of the disk partition (the one that shows the whole
disk) - set the operations (or whoever) group on /dev/rdsk/c?t?d?s2. It may
be that they have to be in group 14 - the sysadmin group. However you get a
raw backup of the whole disk I gather - not partitioned as with a regular
ufsdump.

Regards,

John.

--------------------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: jhorne@plymouth.ac.uk
PGP key available from public key servers


attached mail follows:


On Tue, Jul 25, 2000 at 10:40:48AM -0400, Asadoorian, Paul wrote:
> All,
>
> We are trying to construct a secure plan to backup our servers in our DMZ.
> We have a DLT drive and a couple of DDS2 SCSI drives attached to some of
the
> machines. We would like to backup four systems to the DLT drive over the
> network. We have gotten this working using SSH and a special version of
> ufsdump that will use ssh (instead of rsh). The problem is that we have
to
> allow root login in order for the backup to work. Do you have to be root
to
> get a GOOD backup?

No. But you do need to be able to read /dev/rdsk/*:

    % ls -lLg /dev/rdsk/c0t0d0s0
    crw-r----- 1 root sys 32, 0 Apr 25 12:01
/dev/rdsk/c0t0d0s0

So you can make an otherwise-innocuous user, put them in group "sys" and
let them run ufsdump.

You still need to guard this "backup-only" user carefully, they have
read access to everything. But it's arguably better than root.

-- 
Jay Lessert                              jay.lessert@latticesemi.com
Lattice Semiconductor Corp.                    (voice)1.503.268.8000
Hillsboro, OR, USA                               (fax)1.503.268.8459

attached mail follows:


Use SUDO to allow non-root users to use particular commands
(ufsdump, etc.):

        ftp.cs.colorado.edu : /pub/sysadmin/sudo/

Dave Foster

> From owner-sun-managers@sunmanagers.ececs.uc.edu Tue Jul 25 07:56:06 2000
> Delivered-To: sun-managers-tiaowodt@sunmanagers.ececs.uc.edu
> Delivered-To: sun-managers@sunmanagers.ececs.uc.edu
> From: "Asadoorian, Paul" <Paul.Asadoorian@GTECH.COM>
> To: "'sun-managers@sunmanagers.ececs.uc.edu'"
<sun-managers@sunmanagers.ececs.uc.edu>
> Subject: Remote Backup & Recovery
> Date: Tue, 25 Jul 2000 10:40:48 -0400
> MIME-Version: 1.0
>
> All,
>
> We are trying to construct a secure plan to backup our servers in our DMZ.
> We have a DLT drive and a couple of DDS2 SCSI drives attached to some of
the
> machines. We would like to backup four systems to the DLT drive over the
> network. We have gotten this working using SSH and a special version of
> ufsdump that will use ssh (instead of rsh). The problem is that we have
to
> allow root login in order for the backup to work. Do you have to be root
to
> get a GOOD backup? Is there another approach that we are missing? Will
> summarize.....
>
> Paul Asadoorian
> Systems Administrator
> UWin!
>
>
>
> S
> U BEFORE POSTING please READ the FAQ located at
> N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq
> . and the list POLICY statement located at
> M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy
> A To submit questions/summaries to this list send your email message to:
> N sun-managers@ececs.uc.edu
> A To unsubscribe from this list please send an email message to:
> G majordomo@sunmanagers.ececs.uc.edu
> E and in the BODY type:
> R unsubscribe sun-managers
> S Or
> . unsubscribe sun-managers original@subscription.address
> L To view an archive of this list please visit:
> I http://www.latech.edu/sunman.html
> S
> T
>

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   David Foster National Center for Microscopy and Imaging Research
    Programmer/Analyst University of California, San Diego
    dfoster@ucsd.edu Department of Neuroscience
    (858) 534-7968 http://www-ncmir.ucsd.edu/
          [All opinions expressed are mine -- duh]
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


attached mail follows:


Well, you have to be able to read the raw disk (/dev/rdsk/xxx). Normally
that is restricted to root, because reading the raw disk bypasses all
file protections for the data on the disk. You can, however, make
the disks readable by some group, and put the account from which you run
ufsdump in that group. Then you don't have to be in /.rhosts, just
/home/backupacct/.rhosts. I don't know if its better or worse than root.
I used this method with than standard ufsdump to back up dmz machines the
last place I worked. Something like
        ufsdump 0f - /whatever | ssh tapehost buffer -0 /dev/rmt/0 -b 126
give or take some brain fade.

Cheers,
Ric Anderson (ric@Opus1.com)

"Asadoorian, Paul" wrote:
>
> All,
>
> We are trying to construct a secure plan to backup our servers in our DMZ.
> We have a DLT drive and a couple of DDS2 SCSI drives attached to some of
the
> machines. We would like to backup four systems to the DLT drive over the
> network. We have gotten this working using SSH and a special version of
> ufsdump that will use ssh (instead of rsh). The problem is that we have
to
> allow root login in order for the backup to work. Do you have to be root
to
> get a GOOD backup? Is there another approach that we are missing? Will
> summarize.....
>
> Paul Asadoorian
> Systems Administrator
> UWin!
>
> S
> U BEFORE POSTING please READ the FAQ located at
> N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq
> . and the list POLICY statement located at
> M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy
> A To submit questions/summaries to this list send your email message to:
> N sun-managers@ececs.uc.edu
> A To unsubscribe from this list please send an email message to:
> G majordomo@sunmanagers.ececs.uc.edu
> E and in the BODY type:
> R unsubscribe sun-managers
> S Or
> . unsubscribe sun-managers original@subscription.address
> L To view an archive of this list please visit:
> I http://www.latech.edu/sunman.html
> S
> T


attached mail follows:



>allow root login in order for the backup to work. Do you have
>to be root to
>get a GOOD backup? Is there another approach that we are

Any user who is in the 'sys' group can run backups. You may want to create
a "backup" user account for this purpose.

--
Tim Evans, T.Rowe Price Investment Technologies	| tkevans@troweprice.com
11550 Cronridge Drive, Owings Mills, MD 21117
410-345-3174; Pager: 800-946-4646, PIN 1716638; FAX 410-345-3030

attached mail follows:


"Asadoorian, Paul" wrote:
>
> All,
>
> We are trying to construct a secure plan to backup our servers in our DMZ.
> We have a DLT drive and a couple of DDS2 SCSI drives attached to some of
the
> machines. We would like to backup four systems to the DLT drive over the
> network. We have gotten this working using SSH and a special version of
> ufsdump that will use ssh (instead of rsh). The problem is that we have
to
> allow root login in order for the backup to work. Do you have to be root
to
> get a GOOD backup? Is there another approach that we are missing? Will
> summarize.....
>
> Paul Asadoorian
> Systems Administrator
> UWin!

ufsdump is by default setuid root, so you could easily create a
"backup" user which doesn't have root privs and used for the dumps.

I'm curious as to your "special version of ufsdump that uses ufsdump"
-- are you willing to share that information. I'm in to process of
migrating our current backup system to one using ssh and am interested
in how others have been solving the problem.

-- John

-- 
John T. Douglass			Phone: 208 533 7992
Argonne National Laboratory-West	Email: john.douglass@anl.gov

attached mail follows:


>allow root login in order for the backup to work. Do you have
>to be root to
>get a GOOD backup? Is there another approach that we are

Any user who is in the 'sys' group can run backups. You may want to create
a "backup" user account for this purpose.

--
Tim Evans, T.Rowe Price Investment Technologies	| tkevans@troweprice.com
11550 Cronridge Drive, Owings Mills, MD 21117
410-345-3174; Pager: 800-946-4646, PIN 1716638; FAX 410-345-3030

attached mail follows:


Use SUDO to allow non-root users to use particular commands
(ufsdump, etc.):

        ftp.cs.colorado.edu : /pub/sysadmin/sudo/

Dave Foster

> From owner-sun-managers@sunmanagers.ececs.uc.edu Tue Jul 25 07:56:06 2000
> Delivered-To: sun-managers-tiaowodt@sunmanagers.ececs.uc.edu
> Delivered-To: sun-managers@sunmanagers.ececs.uc.edu
> From: "Asadoorian, Paul" <Paul.Asadoorian@GTECH.COM>
> To: "'sun-managers@sunmanagers.ececs.uc.edu'"
<sun-managers@sunmanagers.ececs.uc.edu>
> Subject: Remote Backup & Recovery
> Date: Tue, 25 Jul 2000 10:40:48 -0400
> MIME-Version: 1.0
>
> All,
>
> We are trying to construct a secure plan to backup our servers in our DMZ.
> We have a DLT drive and a couple of DDS2 SCSI drives attached to some of
the
> machines. We would like to backup four systems to the DLT drive over the
> network. We have gotten this working using SSH and a special version of
> ufsdump that will use ssh (instead of rsh). The problem is that we have
to
> allow root login in order for the backup to work. Do you have to be root
to
> get a GOOD backup? Is there another approach that we are missing? Will
> summarize.....
>
> Paul Asadoorian
> Systems Administrator
> UWin!
>
>
>
> S
> U BEFORE POSTING please READ the FAQ located at
> N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq
> . and the list POLICY statement located at
> M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy
> A To submit questions/summaries to this list send your email message to:
> N sun-managers@ececs.uc.edu
> A To unsubscribe from this list please send an email message to:
> G majordomo@sunmanagers.ececs.uc.edu
> E and in the BODY type:
> R unsubscribe sun-managers
> S Or
> . unsubscribe sun-managers original@subscription.address
> L To view an archive of this list please visit:
> I http://www.latech.edu/sunman.html
> S
> T
>

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   David Foster National Center for Microscopy and Imaging Research
    Programmer/Analyst University of California, San Diego
    dfoster@ucsd.edu Department of Neuroscience
    (858) 534-7968 http://www-ncmir.ucsd.edu/
          [All opinions expressed are mine -- duh]
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

S
U BEFORE POSTING please READ the FAQ located at
N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq
. and the list POLICY statement located at
M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy
A To submit questions/summaries to this list send your email message to:
N sun-managers@ececs.uc.edu
A To unsubscribe from this list please send an email message to:
G majordomo@sunmanagers.ececs.uc.edu
E and in the BODY type:
R unsubscribe sun-managers
S Or
. unsubscribe sun-managers original@subscription.address
L To view an archive of this list please visit:
I http://www.latech.edu/sunman.html
S
T



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:13 CDT