peppiv has asked for the wisdom of the Perl Monks concerning the following question:

Good day y'all,

I've been reviewing our web server backup plan and I've realized that while we do tape backups and have boot/root disks, there's a fair amount of work to be done to restore all the perl modules I've installed.

The contingency for our server getting cracked has been to unplug the network cable, take a snap shot of the box's system for forensic evidence (we also have tripwire installed), reformat the entire hard drive and reinstall RedHat. Then I'd have to reinstall all the Perl modules I need and test them and sheeesh, it gets rather manually intensive at this point.

My question is, is there a script written or could I develop a script to automate most of this? It would be great to have a perl script that would reinstall all the modules (yes I know how to MCPAN) and do other system tasks preparing the box for use again. I've got a three page list of commands I need to run in order to be back to where I was.

Does anyone have an idea of where I should start? (If you want to RTFM me, please tell me which M you're talking about)

I think it would be great to have such a program. If one doesn't exist, it might be good to create one and share it. Would save a lot of time after HD crashes and getting cracked. This might be the one utility even Batman didn't have in his utility belt!


Replies are listed 'Best First'.
Re: Using Perl to help backup Linux server
by Abigail-II (Bishop) on Jul 18, 2003 at 12:48 UTC
    What I would do: install perl such that everything is below a certain directory - say install it with prefix /opt/perl. Once you have done that, burn the directory to CD-ROM.

    Recovering means putting the CD-ROM in a drive, mounting it, cp -a, umount of CD-ROM and you are done.

    Works even better if you have a test system. You burn the CD-ROM on your test system and install/upgrade/recover your production system with it.

    This solution of course doesn't scale. If you have a gazillion package to recover, you'd need a good backup solution. HP Omniback or Veritas Netbackup. But they aren't cheap.


Re: Using Perl to help backup Linux server
by castaway (Parson) on Jul 18, 2003 at 13:15 UTC
    Using the CPAN modules autobundle might be a good place to start.

    Which 'other system tasks' did you mean?


      I've got crontab's to setup. I've got to makemap hash my access.db for SMTP auth. All those little hardening things you do to try and keep your box secure.

      One thing I haven't tried is, if you copy a file to a CD and then put it back on to a new system, would it keep the same UID and GID? Or would you have to chown and all that stuff?


        That depends how the copy is done, and who is copying. Read the cp manual page. If it doesn't give you the features you want, consider using tar or cpio.


Re: Using Perl to help backup Linux server
by pboin (Deacon) on Jul 18, 2003 at 16:02 UTC
    I'd recommend a little-known utility called 'faubackup'.

    It's written in perl, and available in Debian for sure.

    Faubackup is really slick in that 1) when it does a new backup, it creates links for unchanged files, saving mucho disk space and 2) it comes pre-configured (on Debian at least) to keep something like 2 yearly images, 12 monthlies, 4 weeklies, and 14 dailys. It's designed to go disk-->disk, but you can then take those backup dirs and put them on media of your choice.

    Very slick and small little utility -- one of my favorites.

Re: Using Perl to help backup Linux server
by hatter (Pilgrim) on Jul 18, 2003 at 13:44 UTC
    Not actually relevant to the perl bit, but when you say "copy the harddisk for forensics then reformat" surely you mean "pull out the old disk, put it somewhere safe, put the new disk in" Disks are cheap, doing so will ensure the 'copy' is 100% perfect and most importantly, won't take ages to copy across, while your server is sitting unusable.

    the hatter
Re: Using Perl to help backup Linux server
by blue_cowdawg (Monsignor) on Jul 18, 2003 at 19:26 UTC

    First off, I would (and there is a similar thought elsewhere in this thread) set up any "Non-OS" packages that you install in their own nest complete with the customizations you need. Once that is done I'd create RPMS of it all and then write those RPMS someplace safe. CDs will work or even (how quaint!) tapes.

    Secondly, I would keep that anaconda.conf file that gets generated when you build the system from scratch and use that to set up a kickstart environment for your servers. This will pay off in simplifying the task of rebuilding your servers. If you further modify the kickstart with your RPMS that you made and integrate your RPMS onto your kickstart server you have further enhanced your recovery process.

    Thirdly, set up some sort of CVS mechanism whereby you only modify configuration files system wide and keep them in a CVS repository. A deployment script could then be used to check your changes out of CVS and write them to your production system. Optionally you could write some sanity checking into your deployment scripts (I leave how as an intellectual excersize for you to solve).

    Last thought: Will all the above you could write postinstall scripts to run during the kickstart build to perform any last moment tweaking, CVS checkouts or whatever to bring your system up to a known state. It is even possible for you to do a restore from tape or whatever from inside the post install scripts.

    Linux and the Open Source Community provide lots of tools to get this job done and with Kickstart, well... Kickstart is your friend.

    I just helped someone set up an environment where they keep their Kickstart servers turned off except when they need to do a rebuild. Then the boot up the KS, reboot the machine that needs rebuilding and away they go. In fact they will rebuild their machines while the standby machine takes over once in a while just to make sure their procedures work.

    Peter L. BergholdBrewer of Belgian Ales
    Unix Professional
Re: Using Perl to help backup Linux server
by peppiv (Curate) on Jul 18, 2003 at 18:59 UTC