Univention Bugzilla – Attachment 5787 Details for
Bug 30216
Best Practice Backup/Restore Samba4 DCs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
backup_samba4.sh initial version
backup_samba4.sh (text/plain), 4.23 KB, created by
Arvid Requate
on 2014-02-10 22:06 CET
(
hide
)
Description:
backup_samba4.sh initial version
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2014-02-10 22:06 CET
Size:
4.23 KB
patch
obsolete
>#!/bin/bash > >BACKUP_DIR=/var/tmp/targetdir >if ! [ -d "${BACKUP_DIR}" ]; then > echo "${BACKUP_DIR} does not exist, please adjust the script or create the directory" > exit 1 >fi > >argv0="$0" > >stop_services() { > for service in slapd univention-directory-listener univention-s4-connector samba-ad-dc; do > invoke-rc.d "$service" stop > done >} > >start_services() { > local rc > > for service in slapd univention-directory-listener samba-ad-dc univention-s4-connector; do > invoke-rc.d "$service" start > rc=$? > if [ "$rc" != 0 ]; then > return "$rc" > fi > done >} > >usage() { > echo "$0 [backup|restore <backup-archive>|stopservices|startservices]" >} > >backup() { > stop_services > local TIMESTAMP > local FATTR_FILE > > TIMESTAMP=`date +%d%m%y%H%M%S` > FATTR_FILE="${BACKUP_DIR}/samba_sysvol.fattr" > getfattr -R -d -m - /var/lib/samba/sysvol > "$FATTR_FILE" > tar cjf "${BACKUP_DIR}/samba_${TIMESTAMP}.tar.bz2" \ > --exclude /var/lib/samba/private/smbd.tmp \ > --exclude /var/lib/samba/private/ldapi \ > --exclude /var/lib/samba/private/ldap_priv/ldapi \ > --exclude /var/lib/samba/winbindd_privileged/pipe \ > --exclude /var/lib/samba/ntp_signd/socket \ > /etc/samba \ > /var/lib/samba \ > "$FATTR_FILE" \ > /var/lib/univention-connector/s4 \ > /etc/univention/connector/s4internal.sqlite # >/dev/null 2>&1 > rm "$FATTR_FILE" > > start_services >} > >replace_invocationID() { > local new_uuid > local ldif > local account_dn > local serverReference > local ntds_settings_dn > local REPLY > > new_uuid=$(python -c 'import uuid; print uuid.uuid1()') > if [ -z "$new_uuid" ]; then > echo "ERROR: Generation of a new uuid failed" > return 1 > fi > > > eval "$(univention-config-registry shell)" > ldif=$(ldbsearch -H var/lib/samba/private/sam.ldb samaccountname="$hostname\$" serverReferenceBL) > account_dn=$(echo "$ldif" | ldapsearch-wrapper | sed -n 's/^dn: //p') > if [ -z "$account_dn" ]; then > echo "ERROR: The server $hostname does not have an account in the restored var/lib/samba/private/sam.ldb" > return 1 > fi > > serverReference=$(echo "$ldif" | ldapsearch-wrapper | sed -n 's/^serverReferenceBL: //p') > if [ -z "$serverReference" ]; then > echo "ERROR: The account for $hostname not have the attribute serverReferenceBL in the restored var/lib/samba/private/sam.ldb" > return 1 > fi > > ldif=$(ldbsearch -H var/lib/samba/private/sam.ldb -b "$serverReference" objectClass=nTDSDSA invocationId) > ntds_settings_dn=$(echo "$ldif" | ldapsearch-wrapper | sed -n 's/^dn: //p') > > if [ -z "$ntds_settings_dn" ]; then > echo "ERROR: The server $hostname does not have an associated invocationId in the restored var/lib/samba/private/sam.ldb" > return 1 > fi > > ldbmodify -H var/lib/samba/private/sam.ldb <<-%EOF > dn: $ntds_settings_dn > changetype: modify > replace: invocationId > invocationId: $new_uuid > %EOF >} > >restore() { > local FATTR_FILE > local REPLY > local rc > > if ! [ -e "$1" ]; then > echo "The file '$1' does not exist." > return 1 > fi > > echo "This will overwrite the following files: (press return to see the list)" > read > tar tjvf "$1" > echo > read -p "Are you absolutely sure you want to procede? [y/N] " > if [ "${REPLY^^}" != "Y" ]; then > return 0 > fi > > stop_services > > FATTR_FILE="${BACKUP_DIR#/}/samba_sysvol.fattr" > ( > cd / > tar xjf "$1" >/dev/null 2>&1 > setfattr --restore="$FATTR_FILE" > rm -f "$FATTR_FILE" > > read -p "Shall the SAM database invocationID be reset? [y/N] " > if [ "${REPLY^^}" = "Y" ]; then > replace_invocationID > rc=$? > if [ "$rc" != 0 ]; then > echo "Changing the invocationID failed. Services have not been startet again yet, please check." > echo "The services may be startet again by running '$argv0 startservices'". > return "$rc" > fi > fi > ) > > read -p "Run ucr commit on the standard samba configuration files? [Y/n] " > if [ "${REPLY^^}" != "N" ]; then > univention-config-registry commit /etc/samba/smb.conf /etc/samba/base.conf > fi > > read -p "Start the services again (Samba4, Univention S4 Connector, LDAP server, Univention Directory Listener ? [Y/n] " > if [ "${REPLY^^}" != "N" ]; then > start_services > rc=$? > if [ "$rc" != 0 ]; then > return "$rc" > fi > fi >} > >case "$1" in > backup) > backup > exit $? > ;; > restore) > if [ -z "$2" ]; then > usage > exit 1 > fi > restore "$2" > exit $? > ;; > startservices) > start_services > exit $? > ;; > stopservices) > stop_services > exit $? > ;; > *) > usage > ;; >esac >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=5787">View the attachment on a separate page</a>.</b>
Actions:
View
Attachments on
bug 30216
: 5787