Do Automated Cross-Platform Network Backups The Easy Way (Part 3)

Networked backup software can introduce a bewildering variety of licensing issues and costs. Some free and open source choices come to the rescue.

By Carla Schroder | Posted Jun 13, 2006
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Part 1 included an overview of BackupPC, and some of the issues of making backups on a mixed LAN. Part 2 covered server hardware, and setting up a BackupPC server. Today we'll configure the BackupPC clients, and use Partimage and SystemRescueCD to create and restore Windows system images.

Enabling User Administration
In part 2 we edited /etc/backuppc/hosts to include all the clients to be backed up, plus users authorized to start and stop backups, and to perform restores. These users need to have BackupPC server logins in order to do anything. Add them this way:

# htpasswd /etc/backuppc/htpasswd carla
New password:
Re-type new password:
Adding password for user carla

Now user "carla" can access BackupPC via her Web browser, http://[server name or ip]/backuppc. She will see only the options for her own computer.

BackupPC Client Files
While you can put client entries in config.pl, it's tidier and more flexible to put them in their own individual files. On a mixed LAN, it's a necessity. On Debian, this is /var/lib/backuppc/pc/$hostname. On a source install, this is the .../pc/$hostname directory in whatever parent directory you specified in the configuration.

Windows Client Configuration
BackupPC communicates with Windows hosts via the SMB protocol. This is supported on all Windows versions and requires no additional software to work. You don't need a Samba server to be running, because BackupPC uses smbclient to communicate with your Windows hosts.

Your Windows hosts need to have NetBIOS names, and to have the folders you want to back up configured for sharing. The easy way is to use the administrative shares, because this requires no additional steps to enable sharing. You'll see these in Control Panel -> Administrative Tools -> Computer Management -> Shared Folders -> Shares. You can also see them from your BackupPC server with smbclient:

$ smbclient -L stinkpad -U administrator
Password:
Domain=[STINKPAD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

        Sharename       Type      Comment
        ---------       ----      -------
        IPC$            IPC       Remote IPC
        SharedDocs      Disk
        print$          Disk      Printer Drivers
        xp-pics         Disk
        F$              Disk      Default share
        ADMIN$          Disk      Remote Admin
        C$              Disk      Default share
Domain=[STINKPAD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

This example shows two data partitions, C$ and F$. Don't back up IPC$, print$, or ADMIN$, because these do not store data; they have other purposes.

NetBIOS names are set with the Network Identification Wizard; Windows just calls this your computer name. Don't make your Windows PCs domain members unless you actually have a domain controller. You'll need to enter some kind of workgroup name. If you're not using Windows workgroups, any old name will work for backup purposes. If you are already using workgroups, it won't matter to BackupPC what they are.

You should create a Windows user just for backups, and make this user a member of the Backup Operators group. This improves security a wee bit by protecting the Administrator login, and still gives BackupPC access to all files. Here is a sample configuration, called /var/lib/backuppc/pc/stinkpad/config.pl on my Debian system:

##backuppc host file for stinkpad
$Conf{XferMethod} = 'smb';
$Conf{SmbShareName} = ['C$', 'F$'];
$Conf{BackupFilesExclude} = ['*/Cache', '*/Temp'];
$Conf{SmbShareUserName} = 'backup';
$Conf{SmbSharePasswd} = 'password';
$Conf{XferLogLevel} = '3';

This file should be owned by backuppc:backuppc, mode 600. It contains Stinkpad's login, so it must be protected.

You may use either $Conf{BackupFilesExclude} or $Conf{BackupFilesInclude}, but not both. Pay close attention to syntax- mind your apostrophes, brackets, commas, and semi-colons.

Linux Client Configuration
Linux clients can use smb, rsync or tar. I prefer rsync, because it is fast and efficient. Set up rsync on your Linux hosts to run in daemon mode. On Fedora, this means editing /etc/xinetd.d/rsync, and changing "disable = yes" to "disable = no". On Debian, edit /etc/default/rsync to include "RSYNC_ENABLE=true."

Next, create /etc/rsyncd.conf, and put these lines in it:

[backup]
    comment = BackupPC share config
    path = /
    #use your own server IP here
    hosts allow = 192.168.1.10
    secrets file = /etc/rsyncd.secrets
    auth users = backuppc
    uid = root
    gid = root
    read only = no
Now create /etc/rsync.secrets and put the backuppc user's login in it:

backuppc:password

Make sure this file is mode 600.

The host configuration file looks different from a Windows PC configuration file:

##backuppc host file for uberpc 
$Conf{XferMethod} = 'rsyncd';
$Conf{XferLogLevel} = 3;
$Conf{RsyncShareName} = 'backup';
$Conf{RsyncdClientPort} = 873;
$Conf{RsyncdUserName} = 'backuppc';
$Conf{RsyncdPasswd} = 'password';
$Conf{RsyncdAuthRequired} = 1;
$Conf{BackupFilesExclude} = ['/proc', '/dev', '/cdrom', '/media', '/floppy', '/mnt', '/lost+found'];
Start or restart rsync, and away you go.

Creating Windows Restore Images
The easiest way I have found to clone Windows installations, using Free software, is to use the SystemRescueCD. g4U is a great program, but Partimage is more efficient, because it only copies used blocks. g4U, which is based on dd, copies all blocks on a partition, and it takes a long time.

First, create your perfect Windows installation: all the applications you want on it, all the updates and Service Packs, all the little tweaks and refinements, and ideally completely disconnected from the Internet while you're doing this. Or any network, which you can do if you have all the updates and Service Packs on CD.

Next, set up a Partimage server somewhere on your network. This needs to be on a machine with a lot of disk space for storing your Windows images. You could even put it on your BackupPC server. Get the static binary from Partimage.org for the easiest installation. This does not include login or SSL support, which is perfect for use with a SystemRescueCD. Unpack the tarball into the directory where you want to store your Windows images. Then run the partimaged binary:

$ ./partimaged

This opens a window showing partimaged waiting for a connection.

Boot up your Windows PC with the SystemRescueCD, and after it boots up type partimage. This opens up a nice graphical interface that's easy to follow: select the partition you want to copy, save it into a new image file, and give the image file either a .bz or .gz extension. This decides what kind of compression to use. .bz creates smaller images, but takes longer.

Check "connect to server", enter the IP, then hit F5. On the Splitting option, check Automatic. Make it go, then go have a nice healthy walk while it works.

To restore a Windows image, use partimaged and SystemRescueCD in reverse to pull the image off the server. You must have a partition prepared in advance. After restoring the image, you may need to run fixmbr and fixboot from your Windows CD in restore mode. If you are doing multiple XP/2000 installations from a single image, which of course you are properly licensed for, you'll need to run sysprep to fix security IDs. This is not necessary when you're restoring a single PC from an un-shared image.

Once everything is up and running, you have a highly-reliable, efficient, automatic network backup system. Be sure to read the fine manuals, which contain a lot of great information and help.

Resources

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter