FOCUS==Automating System Backup==[[Category: SAMBAOPS335]][[Category:OPS335 Labs]]This lab will show you how to set up a Fedora installed system to be used for file backups and introduce you to some tools used in backups.

PART A{{Admon/important|Prerequistites: Connecting to a Linux SMB Server (Matrix) from a Windows Client (Windows 7)Power up a Windows 7 system in the lab |Your Centos machine should have three Fedora 20 virtual machines already installed and login using your LEARN username and passwordupdated.You should see an icon of Tux, <br />Ensure the Linux penguin, clocks on your desktop. Double-click it to login all machines are set to your Matrix account. A window of your Matrix home directory should open.Use the mouse to drag and drop files to and from your Matrix account correct date and your Windows 7 lab machinetime.Once <br />If you are satisfied that you can easily move files to/from have not already done so, remove the iptables rules preventing your Matrix account power off the PC.Set the HD selector switch to boot host from pinging or SSH'ing your Fedora 13 Linux drive and power on VMs, but leave the PCother rules intact.PART B: Connecting to a Linux SMB Server (Matrix) from a Linux Client (Fedora 13)}}

There are 4 ways that a Linux client can connect ===Using rsync and cron to automate system backup===*Your host machine will be used to an SMB serverbackup files from the virtual machines. Start by logging into *Login to your host using your Fedora 13 system as joker learnid and opening open a terminal window.The first way is to use the Then "Placessu -" menu from a Gnome desktop:Switch to root and ensure you are using run the default Fedora 13 firewall.As root, ensure Samba is installed. Use these following two commands: "yum install samba" and "yum install samba mkdir -client"p /backup/vm1NOTE: Fedora encrypts passwords when authenticating SMB connections rsync -avz 192. Unfortunately Windows clients (here at Seneca) insist on passwords being sent in plain text168. For this reason Matrix SMB is set to use plain text passwordsx. To change Fedora to use plain text passwords switch to root and edit the 2:/etc/samba/smb.conf file and immediately after backup/vm1*Still on the [global] section header insert these two lineshost run this command to verify rsync worked correctly:client plaintext auth = yes ls /backup/vm1client lanman auth = yesCreate a new account *Notice that when running rsync you had to enter the password for root on Fedora with the same name as your LEARN acountvm1. Set the To automate this process so that it will run without requiring a password to we'seneca99ll use an RSA public/private key pair for passwordless authentication. To do this we'.Logout of joker and login ll have to Fedora using your LEARN namegenerate an RSA public/private key pair on the host.Now try the followingWe'll use an openssh command like this:From the "Places" menu at the top of your screen, select "Network" ssh-keygen -t rsaand wait until *when you enter this command just hit ENTER for all the network scan completesquestions. Then click Here's what I got when I ran it on themy host"Windows Network" and then click the "File" menu and select Generating public/private rsa key pair."Connect Enter file in which to Server" and input matrixsave the key (/root/.senecacssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.onssh/id_rsa.ca for the server, your username for the ShareName and UserName fields Your public key has been saved in /root/. Then click theConnect buttonssh/id_rsa. You should now be able to browse your Matrix filespub. The second way key fingerprint is to use a web browser with support for the SMB protocol such as Konqueror: f5:07:8c:aa:b6:08:e0:45:81:ca:d6:88:8c:aa:1a:7b root@host.pcallagh.orgIf Konqueror The key's randomart image is not installed then install it with the command: 'yum install kdebase' +--[ RSA 2048]----+ | o+++ | | E .ooo.. |Start Konqueror, the web/file browser, and in the Location edit box enter the following: | ...o. | smb://matrix/xxxxxx | ...o .|where xxxxxx is your Matrix username | .S+ + o.|Login to your Matrix account | . Konqueror should open a window of your Matrix home directory= . Use the mouse to drag and drop files to and from your Matrix account and your Fedora Linux machineo .|Close Konqueror | o + | | o + | | .. | +-----------------+The third way is *Now you'll need to use copy the "smbclient" command in a terminal windowhost's public rsa key over to vm1.At Still on the host use this command prompt enter (be sure you have the following/root/.ssh/ directory on vm1 - if you don't then make it first): smbclient '\\matrix\xxxxxx' -U xxxxxx scp /root/.ssh/id_rsa.pub 192.168.x.2:/root/.ssh/authorized_keys where xxxxxx *Now verify that your new authentication method is your Matrix usernameYou should get a prompt similar working. Still on the host try to smb: \>Enter the ls command ssh to see a list of your Matrix filesvm1 as root.Enter ? You should be able to see login without entering a list of smbclient commandspassword.Use the get and put commands (similar to ftp) to If you were successful then move files on to the next step, otherwise repeat steps 3 and from your Matrix account and your Fedora 13 Linux system4.When done enter *Install mailx on the quit commandhost if it's not already installed.The fourth way is to yum -y install mailx*Now, still as root on the host, use the mount command'crontab -e' to edit root's cron table. THIS PART IS IN RED BECAUSE IT PROBABLY WILL NOT WORK !Use Insert the following line:(Instead of the mount command to mount your matrix home directoryIP Address "192.168.X. NOTE: This mount command will only work if 2", use the IP address of your kernel was configured to allow mounting CIFS with unencrypted passwords.vm1) mount 55 * * * * /usr/bin/rsync -t cifs avz 192.168.X.2:/etc/matrix/xxxxxx backup/mnt -o username=xxxxxxvm1 where xxxxxx is your your Matrix username.If *At 55 minutes past the hour rsync should synchronize the previous step worked, browse your /mnt etc/ directory using cd and ls commands and when done use of vm1 to the umount command to unmount your Matrix home /backup/vm1/etc/ directoryon the host.PART C: Configuring If this time has passed and you don't want to wait an SMB Server hour for the next time rsync runs, just edit root's cron table on LinuxLogin to Fedora as joker the host and open a terminal window.Use "su -" enter another time for the backup to become roottake place.Ensure SAMBA *You should check that /etc/ is installed: yum install sambaEdit the being backed up by adding some file (say 'touch /etc/sambajunk' on vm1) to /smbetc and then see if it was indeed copied to the host.conf*After the cron job runs, delete all original lines and include root on the host should have received an email containing the following: [global] workgroup = OPS335 server string = "put your real name here without output of the quotes" encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd hosts allow = 142cron job.204Verify this by using the mail command to check root's mail.141Note that that mail may take a minute to show up. ; note: *Finally, edit root's cron table and add another record to backup the above line will allow access from /home directory of vm1 to /backup/vm1/home on the Seneca domain in lab T2107 host once each week at 2am on Saturday.

[home] comment = "put your real name here without the quotes" path = /home/xxxxxxx valid users = xxxxxxx ; remember xxxxxxx is your LEARN/MATRIX account name public = no writable Using syslog to route log files to a remote host= yes printable = no create mask = 0765You can comment out all other lines in the file.Create a SAMBA password for user xxxxxxx with the command smbpasswd -a xxxxxxxTest your configuration with the command testparmYou can now start *Now we will configure your SAMBA server /etc/init.d/smb start or service smb startTest if you have a connection with the command smbclient -L 142.204.141.yyy -Uxxxxxxx%pppppppwhere 142.204.141.yyy is your Fedora Linux IP addressand xxxxxxx is your Matrix account nameand ppppppp is your SAMBA passwordIf the previous command worked, use another PC (Fedora then Windows) to establish a connection with the SMB server on your Fedora Linux machine. This step is important to ensure your SMB server on Linux is working. NOTE: If your set up looks correct but you can't connect to your SMB server from the outside then you may need machines to adjust your firewall copy their logs to allow SMB connectionsVM 3.From another Linux PC, use the mount command to mount your home directory onto /mnt. Step 4 in PART B should help you with this. Record this command as you'll need it for PART D.PART D: Answer the following questions

What is *Go on your full name VM 3 and 9 digit Seneca student ID?edit /etc/rsyslog.conf and uncomment the following: $ModLoad imtcp $InputTCPServerRun 514In PART C step 9, explain how you connected * Use the firewalld command language to open up tcp port 514 to your SMB server internal network only.*Still on Linux from a Windows PCVM 3, restart rsyslog.  *On your vm1 edit /etc/rsyslog. List exactly what you had to do on conf and make the Windows PC following change: #*.* @@remote-host:514*to test your Linux server *.* @@192.168.x.4:514What *where x is the purpose IP of your VM 3.*Now restart your rsyslog service  *Now on vm1 use the testparm logger command?to verify logging messages are getting through to your Vm 3. Try this command logger -p user.warn "Hello World"What is *Use the command "tail /var/log/messages" on the logging VM to view the purpose results of the smbclient command?previous step. What *Make the needed changes to have logging of all machines (including your host) take place on your VM 3. Note that your VM3 is already logging to itself and does SMB stand for? CIFS?not need further changes. What does ==Completing the text inside square brackets in Lab==Upon completion of this lab you should have your host automatically backing up your VM1's /etc and /home directories, and all of your machines should be sending copies of their logs to your VM3. You have now gained experience using tools to make, and to automate, remote backups Exploration questions:#Show the smbRSA public key generated on your host. i.conf file mean? (e.gthe file called id_rsa., "[homes]")pub.#Explain the meaning of the line "create mask = 0765" in -avz options on the smbrsync command.conf file#What were the last two lines of the email sent to root upon completion of the cron job?#What does command could you use to view only the smbpasswd command dolog messages from your host on VM 3?#What exact mount command option did you use in PART C step 10to limit the iptables rule for port 514 to the local network?