Rsync is an amazing and versatile program for Linux that is capable of keeping versioned backups of just about anything, via the magic of symbolic links, or symlinks.
Today we’ll setting up rsync to mount a remote SMB share over NFS ( network file system ) and then configuring a schedule with crontab to schedule automatic backups. Of course this particular directory will be dedicated to rsync only, but you could use any partition or directory that you like. You’ll need a couple of things to pull this off – a Server 2008 server with Active Directory / File Services, which you can read more about setting up here. The second thing you’ll need is a Centrify enabled Linux box, which I setup here in this previous post. Rsync comes default with every Debian/Ubuntu distribution out there, so there’s no need to install it – just hop onto your Linux machine over SSH and get to it. Here’s how to mount a remote SMB share in the latest version of Ubuntu, and use rsync to backup this share
First things first, let’s go ahead and create a mount point for the target SMB2 share and name it something logical.
sudo mkdir shares
Now adjust the permissions appropriately on the “share” directory.
sudo chmod 755 /shares/
Now let’s use tasksel to make sure that we’ve installed the samba packages; this will help down the road when we’re mounting the remote SMB share.
Using Tasksel To Install Samba File Server
Now that’s out of the way, go ahead and open up the /etc/network/interfaces file and prep your networking environment for two things: our DNS server, and our DNS namespace. Your interfaces file should look similar to below adjusted for your specific domain controller of course. The key things to set here are the dns-nameservers / dns-search directives of course ;)
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.113
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.112
dns-search techstaty.private
Now open up your /etc/hosts configuration file and designate the appropriate name server – the domain controller of course. Make sure to use the FQDN as opposed to just the plain-jane hostname.
192.168.1.112 rsync-2008DC.techstaty.private
Basic leg work for the Ubuntu machine is done and now we’re ready to turn our eye towards prepping the domain controller. Hop onto your DC and set a forward static A record pointing back to the Ubuntu box.
Setting A Static A Record
Ping the ubuntu hostname to make sure that you set the correct IP address for the A record.
C:\Users\Administrator>ping rsync
Pinging rsync.techstaty.private [192.168.1.113] with 32 bytes of data:
Reply from 192.168.1.113: bytes=32 time<1ms TTL=64
Reply from 192.168.1.113: bytes=32 time<1ms TTL=64
Reply from 192.168.1.113: bytes=32 time<1ms TTL=64
Reply from 192.168.1.113: bytes=32 time<1ms TTL=64
Now do likewise from the Ubuntu box to make sure you’re getting the expected IP address of the domain controller.
PING rsync-2008DC (192.168.1.112) 56(84) bytes of data.
64 bytes from rsync-2008DC (192.168.1.112): icmp_req=1 ttl=128 time=0.983 ms
Awesome. Hop back onto your domain controller and create a new folder that will serve as our remote SMB share. Remove the ‘everyone’ group and add the ‘authenticated users’ group on the folder permissions after you’ve created it.
Setting Permissions SMB Share
Alright! We’re ready to install CentrifyDC on our Ubuntu machine which will allow us to mount this SMB/Windows Share. There are other ways to do it, but they are sloppy – some require that you put credentials in a flat file, a big security no no, and furthermore they aren’t persistent connections. Nothing is worse than losing your mount point and have rsync sync a blank folder – this basically eliminates your backups since rsync recognizes this as a change by design. Back to CentrifyDC – add the necessary repos to install the package with aptitude. You can refer to this previous post here regarding installation of CentrifyDC on Ubuntu, or continue to follow along :)
Firstly, you need to install an additional package to add non standard repositories:
sudo apt-get update; sudo apt-get install software-properties-common
Now add the oneric repositories to your list:
sudo add-apt-repository “deb http://archive.canonical.com/ oneiric partner”
Then update your repositories:
sudo apt-get update
Now we’re ready to install CentrifyDC and join the Ubuntu machine to the domain. Install CentrifyDC first:
sudo apt-get install centrifydc
Sweet – now we can run the adjoin command and integrate this machine into our Active Directory environment. This is hands down the easiest way to mount a remote SMB share between UNIX/Microsoft. Note that I’m simply going to use the default Administrator account, but as a best practice you would most definitely want to provision this with a service account.
sudo adjoin -w techstaty.private
Administrator’s Active Directory password:
Using writable domain controller: rsync-2008dc.techstaty.private
Join to domain:techstaty.private, zone:Auto Zone successful
Restart your Ubuntu server before proceeding, otherwise you might run into some nasty errors with DNS / name resolution. Now, remember earlier in the post where I mentioned that putting your credentials in a regular file to authenticate against the remote SMB share was a bad idea? It absolutely is – so let’s create a special, hidden file and lock down the permissions to restrict access. Use a text editor and a create the following file, with the following contents :
sudo nano ~/.smbcredentials
username=administrator
password=passwordhere
Now let’s secure the file to the least possible privilege :
sudo chmod 600 ~/.smbcredentials
Open up /etc/fstab and add the following line to the configuration, making sure to customize the paths and usernames to your installation.
//rsync-2008DC/rsync_shares /shares cifs credentials=/home/rsync/.smbcredentials,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0
Test your fstab entry out by running sudo mount -a
sudo mount -a
If you don’t receive any errors – then you’ve successfully mounted the remote SMB share to your local Ubuntu filesystem. Whew. That was a good amount of prep-work to get to a point where we could actually start using rsync to backup the windows shares, but there’s a right way to do things and a wrong way to do things I suppose. Now it’s time to create a /backups directory on our box which will rsync the files from /shares to /backup.
sudo mkdir /backups
CHMOD it to 755 :
sudo chmod 755
Now we’re ready for a test run :
sudo rsync -azvv /shares/ /backups/
Check the contents of /backups with ls to make sure our data made it over :
ls /backups/Acunetix WVS 8 BioWare cc_20121201_230745.reg cc_20121225_220859.reg Fax Install Mass Effect 2.log installscript_log.txt Mass Effect 2 1.01.log My Games Scanned Documents shafer.kdbx Uninstall Mass Effect 2.log
Now add the rsync command to cron and schedule it according to your needs, I’m setting mine to backup every hour on the hour.
crontab -e
@ hourly sudo rsync -azvv /shares/ /backups/
And that’s how you configure rsync with cron jobs to backup remote SMB shares in an Active Directory environment. Keep in mind that there is most definitely more than one way to accomplish this – this is just the way I chose to implement it this particular time around. Also keep in mind this is purely for learning / tutorial purposes and should be scrutinized heavily before implementing in a production environment.
Cheers!
