#!/bin/sh # Debian recommends this. Script exits on simple command failure. # set -e LOGDIR="/var/log/amanda/" SYSCONFDIR="/etc" LOCALSTATEDIR="/var" AMANDAHOMEDIR="${LOCALSTATEDIR}/lib/amanda" AMTMP="/tmp/amanda" amanda_user=amandabackup amanda_group=disk xinetd_reload="restart" if [ -d /etc/xinetd.d ] ; then if [ ! -f /etc/xinetd.d/amandaserver ] ; then cp ${AMANDAHOMEDIR}/example/xinetd.amandaserver /etc/xinetd.d/amandaserver || exit 1 chmod 0644 /etc/xinetd.d/amandaserver || exit 1 if [ -f /etc/xinetd.d/amandaclient ] ; then rm /etc/xinetd.d/amandaclient || exit 1 fi echo -n "`date +'%b %e %Y %T'`: Reloading xinetd configuration..." if [ "${xinetd_reload}" = "reload" ] ; then /usr/sbin/invoke-rc.d xinetd ${xinetd_reload} # don't exit yet! if [ $? -ne 0 ] ; then echo -n "reload failed. Attempting restart..." /usr/sbin/invoke-rc.d xinetd restart || exit 1 fi else /usr/sbin/invoke-rc.d xinetd ${xinetd_reload} || exit 1 fi fi fi echo "`date +'%b %e %Y %T'`: Installing '${LOCALSTATEDIR}/amanda/amandates'." if [ ! -f ${LOCALSTATEDIR}/amanda/amandates ] ; then touch ${LOCALSTATEDIR}/amanda/amandates || exit 1 fi echo "`date +'%b %e %Y %T'`: Ensuring correct permissions for '${LOCALSTATEDIR}/amanda/amandates'." chown ${amanda_user}:${amanda_group} ${LOCALSTATEDIR}/amanda/amandates || exit 1 chmod 0640 ${LOCALSTATEDIR}/amanda/amandates || exit 1 if [ -x /sbin/restorecon ] ; then /sbin/restorecon ${LOCALSTATEDIR}/amanda/amandates || exit 1 fi # Check for existence of and permissions on ${AMTMP} if [ ! -d ${AMTMP} ]; then mkdir ${AMTMP} || exit 1 fi echo "`date +'%b %e %Y %T'`: Ensuring correct permissions for '${AMTMP}'." chown ${amanda_user}:${amanda_group} ${AMTMP} || exit 1 chmod 0640 ${AMTMP} || exit 1 # install am_passphrase file to server echo "`date +'%b %e %Y %T'`: Checking '${AMANDAHOMEDIR}/.am_passphrase' file." if [ ! -f ${AMANDAHOMEDIR}/.am_passphrase ] ; then echo "`date +'%b %e %Y %T'`: Create '${AMANDAHOMEDIR}/.am_passphrase' file." touch ${AMANDAHOMEDIR}/.am_passphrase || exit 1 phrase=`echo $RANDOM | md5sum | awk '{print $1}'` echo ${phrase} >>${AMANDAHOMEDIR}/.am_passphrase chown ${amanda_user}:${amanda_group} ${AMANDAHOMEDIR}/.am_passphrase chmod 0600 ${AMANDAHOMEDIR}/.am_passphrase fi # Install .gnupg directory echo "`date +'%b %e %Y %T'`: Installing '${AMANDAHOMEDIR}/.gnupg'." if [ ! -d ${AMANDAHOMEDIR}/.gnupg ] ; then echo "`date +'%b %e %Y %T'`: '${AMANDAHOMEDIR}/.gnupg' will be created." mkdir ${AMANDAHOMEDIR}/.gnupg || exit 1 fi echo "`date +'%b %e %Y %T'`: Ensuring correct permissions for '${AMANDAHOMEDIR}/.gnupg'." chown ${amanda_user}:${amanda_group} ${AMANDAHOMEDIR}/.gnupg || exit 1 chmod 700 ${AMANDAHOMEDIR}/.gnupg || exit 1 # Install .amandahosts to server echo "`date +'%b %e %Y %T'`: Checking '${AMANDAHOMEDIR}/.amandahosts' file." if [ ! -f ${AMANDAHOMEDIR}/.amandahosts ] ; then touch ${AMANDAHOMEDIR}/.amandahosts || exit 1 fi for host in localhost localhost.localdomain ; do if [ -z "`grep \"^${host}[[:blank:]]\+root[[:blank:]]\+amindexd[[:blank:]]\+amidxtaped\" ${AMANDAHOMEDIR}/.amandahosts`" ] ; then echo "${host} root amindexd amidxtaped" >>${AMANDAHOMEDIR}/.amandahosts || exit 1 fi if [ -z "`grep \"^${host}[[:blank:]]\+${amanda_user}[[:blank:]]\+amdump\" ${AMANDAHOMEDIR}/.amandahosts`" ] ; then echo "${host} ${amanda_user} amdump" >>${AMANDAHOMEDIR}/.amandahosts || exit 1 fi done chown ${amanda_user}:${amanda_group} ${AMANDAHOMEDIR}/.amandahosts || exit 1 chmod 0600 ${AMANDAHOMEDIR}/.amandahosts || exit 1 # SSH RSA key generation for amdump KEYDIR="${AMANDAHOMEDIR}/.ssh" KEYFILE="id_rsa_amdump" COMMENT="${amanda_user}@server" if [ ! -d ${KEYDIR} ] ; then if [ -f ${KEYDIR} ] ; then echo "`date +'%b %e %Y %T'`: Directory '${KEYDIR}' exists as a file. Renaming to '${KEYDIR}.save'." mv ${KEYDIR} ${KEYDIR}.save || exit 1 fi echo "`date +'%b %e %Y %T'`: Creating directory '${KEYDIR}'." mkdir ${KEYDIR} || exit 1 fi if [ ! -f ${KEYDIR}/${KEYFILE} ] ; then echo "`date +'%b %e %Y %T'`: Creating ssh RSA key in '${KEYDIR}/${KEYFILE}'" ssh-keygen -q -C $COMMENT -t rsa -f ${KEYDIR}/${KEYFILE} -N '' || exit 1 fi echo "`date +'%b %e %Y %T'`: Setting ownership and permissions for '${KEYDIR}' and '${KEYDIR}/${KEYFILE}*'" chown ${amanda_user}:${amanda_group} ${KEYDIR} ${KEYDIR}/${KEYFILE}* || exit 1 chmod 0750 ${KEYDIR} || exit 1 chmod 0600 ${KEYDIR}/${KEYFILE}* || exit 1 # SSH RSA key generation on client for amrecover KEYDIR="${AMANDAHOMEDIR}/.ssh" KEYFILE="id_rsa_amrecover" COMMENT="root@client" if [ ! -d ${KEYDIR} ] ; then if [ -f ${KEYDIR} ] ; then echo "`date +'%b %e %Y %T'`: Directory '${KEYDIR}' exists as a file. Renaming to '${KEYDIR}.save'." mv ${KEYDIR} ${KEYDIR}.save || exit 1 fi echo "`date +'%b %e %Y %T'`: Creating directory '${KEYDIR}'." mkdir ${KEYDIR} || exit 1 fi if [ ! -f ${KEYDIR}/${KEYFILE} ] ; then echo "`date +'%b %e %Y %T'`: Creating ssh RSA key in '${KEYDIR}/${KEYFILE}'" ssh-keygen -q -C $COMMENT -t rsa -f ${KEYDIR}/${KEYFILE} -N '' || exit 1 fi echo "`date +'%b %e %Y %T'`: Setting permissions for '${KEYDIR}'" chown ${amanda_user}:${amanda_group} ${KEYDIR} || exit 1 chmod 0750 ${KEYDIR} || exit 1 chmod 0600 ${KEYDIR}/${KEYFILE}* || exit 1 # environment variables (~amandabackup/.profile) echo "`date +'%b %e %Y %T'`: Checking for '${AMANDAHOMEDIR}/.profile' and ensuring correct environment." if [ ! -f ${AMANDAHOMEDIR}/.profile ] ; then touch ${AMANDAHOMEDIR}/.profile || exit 1 fi if [ -z "`grep PATH ${AMANDAHOMEDIR}/.profile | grep '/usr/sbin'`" ] ; then echo "export PATH=\"\$PATH:/usr/sbin/\"" >> "${AMANDAHOMEDIR}/.profile" || exit 1 fi echo "`date +'%b %e %Y %T'`: Setting ownership and permissions for '${AMANDAHOMEDIR}/.profile'" chown ${amanda_user}:${amanda_group} ${AMANDAHOMEDIR}/.profile || exit 1 chmod 0640 ${AMANDAHOMEDIR}/.profile || exit 1 echo "`date +'%b %e %Y %T'`: === Amanda backup server installation complete. ==="