X-Git-Url: https://git.stderr.nl/gitweb?p=matthijs%2Fupstream%2Fbackupninja.git;a=blobdiff_plain;f=handlers%2Fsys.in;h=b7e94b0f9411faa15136e079f3bd52fdd2c9f4ac;hp=83ed7b571e0dd7409d1bcf9f4bdc7181683157e9;hb=772af74c802c253d99c86eb7f9b40ced9faf47a9;hpb=ddce1197cb096e360e51e38c9a9f742424be71ff

diff --git a/handlers/sys.in b/handlers/sys.in
index 83ed7b5..b7e94b0 100755
--- a/handlers/sys.in
+++ b/handlers/sys.in
@@ -1,7 +1,7 @@
 # -*- mode: sh; sh-basic-offset: 3; indent-tabs-mode: nil; -*-
 #
 # this handler will save various reports of vital system information.
-# by default, all the reports are enabled and are saved in /var/backups.
+# by default, all the reports are saved in /var/backups.
 #
 # (1) a capture of the debconf package selection states. This file
 #     can be used to restore the answers to debconf questions for
@@ -24,6 +24,14 @@
 # (4) hardware information. 
 #     write to a text file the important things which hwinfo can gleen.
 #
+# (5) the Luks header of every Luks block device, if option luksheaders
+#     is enabled.
+#     in case you (have to) scramble such a Luks header (for some time),
+#     and restore it later by running "dd if=luksheader.sda2.bin of=/dev/sda2"
+#     (MAKE SURE YOU PASS THE CORRECT DEVICE AS of= !!!)
+#
+# (6) LVM metadata for every detected volume group, if "lvm = yes"
+#
 
 if [ -f /etc/debian_version ]
 then
@@ -82,6 +90,15 @@ getconf HWINFO `which hwinfo`
 getconf sfdisk_options ""
 getconf hwinfo_options ""
 
+getconf CRYPTSETUP `which cryptsetup`
+getconf DD `which dd`
+getconf luksheaders no
+getconf luksheadersfile $parentdir/luksheader.__star__.bin
+
+getconf VGS `which vgs`
+getconf VGCFGBACKUP `which vgcfgbackup`
+getconf lvm no
+
 getconf vsnames all
 
 # If vservers are configured, check that the ones listed in $vsnames are running.
@@ -97,6 +114,30 @@ if [ $vservers_are_available = yes ]; then
    usevserver=yes
 fi
 
+## SANITY CHECKS #########################
+
+if [ "$luksheaders" == "yes" ]; then
+   if [ ! -x "$DD" ]; then
+      warning "can't find dd, skipping backup of Luks headers."
+      luksheaders="no"
+   fi
+   if [ ! -x "$CRYPTSETUP" ]; then
+      warning "can't find cryptsetup, skipping backup of Luks headers."
+      luksheaders="no"
+   fi
+fi
+
+if [ "$lvm" == "yes" ]; then
+   if [ ! -x "$VGS" ]; then
+      warning "can't find vgs, skipping backup of LVM metadata"
+      lvm="no"
+   fi
+   if [ ! -x "$VGCFGBACKUP" ]; then
+      warning "can't find vgcfgbackup, skipping backup of LVM metadata"
+      lvm="no"
+   fi
+fi
+
 ## PACKAGES ##############################
 
 #
@@ -135,7 +176,7 @@ if [ "$packages" == "yes" ]; then
             [ -n "`$VSERVER $vserver exec which debconf-get-selections`" ] && found=yes
          fi
          if [ "$found" != yes ]; then
-            warning "can't find debconf-get-selections in vserver $vserver, skipping package selection states."
+            warning "can't find debconf-get-selections in vserver $vserver, skipping package selection states. You may want to install the debconf-utils package."
          else
             debug "$VSERVER $vserver exec $debconfgetselections > $VROOTDIR/$vserver$selectionsfile"
             $VSERVER $vserver exec $debconfgetselections > $VROOTDIR/$vserver$selectionsfile || fatal "can not save debconf-get-selections info to $selectionsfile"
@@ -155,7 +196,7 @@ if [ "$packages" == "yes" ]; then
       set +o noglob
    fi
    if [ -z "$debconfgetselections" ]; then
-      warning "can't find debconf-get-selections, skipping package selection states."
+      warning "can't find debconf-get-selections, skipping package selection states. You might want to install the debconf-utils package."
    else
       debug "$debconfgetselections > $selectionsfile"
       $debconfgetselections > $selectionsfile || fatal "can not save $debconfgetselections info to $selectionsfile"
@@ -510,7 +551,6 @@ if [ "$hardware" == "yes" ]; then
    fi
 fi
 
-
 ## PARTITIONS #############################
 
 # here we use sfdisk to dump a listing of all the partitions. 
@@ -541,3 +581,99 @@ if [ "$partitions" == "yes" ]; then
       $HWINFO --disk >> $hardwarefile
    fi
 fi
+
+if [ "$luksheaders" == "yes" ]; then
+   devices=`LC_ALL=C $SFDISK -l 2>/dev/null | grep "^Disk /dev" | @AWK@ '{print $2}' | cut -d: -f1`
+   [ -n "$devices" ] || warning "No block device found"
+   targetdevices=""
+   for dev in $devices; do
+      [ -b $dev ] || continue
+      debug "$CRYPTSETUP isLuks $dev"
+      $CRYPTSETUP isLuks $dev
+      [ $? -eq 0 ] && targetdevices="$targetdevices $dev"
+   done
+   for dev in $targetdevices; do
+      label=${dev#/dev/}
+      label=${label//\//-}
+      outputfile=${luksheadersfile//__star__/$label}
+      # the following sizes are expressed in terms of 512-byte sectors
+      debug "Let us find out the Luks header size for $dev"
+      debug "$CRYPTSETUP luksDump \"$dev\" | grep '^Payload offset:' | @AWK@ '{print $3}'"
+      headersize=`$CRYPTSETUP luksDump "$dev" | grep '^Payload offset:' | @AWK@ '{print $3}'`
+      if [ $? -ne 0 ]; then
+         warning "Could not compute the size of Luks header, skipping device $dev"
+         continue
+      elif [ -z "$headersize" -o -n "`echo \"$headersize\" | sed 's/[0-9]*//g'`" ]; then
+         warning "The computed size of Luks header is not an integer, skipping device $dev"
+         continue
+      fi
+      debug "Let us backup the Luks header of device $dev"
+      debug "$DD if=\"${dev}\" of=\"${outputfile}\" bs=512 count=\"${headersize}\""
+      output=`$DD if="${dev}" of="${outputfile}" bs=512 count="${headersize}" 2>&1`
+      exit_code=$?
+      if [ $exit_code -eq 0 ]; then
+         debug $output
+         info "The Luks header of $dev was saved to $outputfile."
+      else
+         debug $output
+         fatal "The Luks header of $dev could not be saved."
+      fi
+   done
+fi
+
+## LVM ####################################
+
+# returns 0 on success, 1 on error, 2 if not tried
+# outputs error message if error, reason if not tried
+function doLvmBackup () {
+   local lvmdir="$1"
+   if [ ! -d "$lvmdir" ]; then
+      if ! mkdir "$lvmdir"; then
+         echo "could not create $lvmdir"
+         return 2
+      else
+         info "successfully created $lvmdir"
+      fi
+   fi
+   if [ ! -w "$lvmdir" ]; then
+         echo "can not write to directory $lvmdir"
+         return 2
+   fi
+   debug "Let's try to gather the list of LVM volume groups"
+   debug "$VGS --options vg_name --noheadings | @SED@ 's/^[ ]*//' | @SED@ 's/[ ]*$//' | tr '\n' ' '"
+   vgs=`$VGS --options vg_name --noheadings | @SED@ 's/^[ ]*//' | @SED@ 's/[ ]*$//' | tr '\n' ' '`
+   debug "Let's try to backup LVM metadata for detected volume groups: $vgs"
+   debug "$VGCFGBACKUP --file \"${lvmdir}\"/\'%s\' $vgs"
+   output=`$VGCFGBACKUP --file "${lvmdir}"/'%s' $vgs`
+   exit_code=$?
+   debug $output
+   case $exit_code in
+      0)
+         info "LVM metadata was saved to $lvmdir for volume groups: $vgs"
+         return 0
+         ;;
+      *)
+         echo "LVM metadata could not be saved for at least one of these volume groups: $vgs"
+         return 1
+         ;;
+   esac
+}
+
+if [ "$lvm" == "yes" ]; then
+   output=`doLvmBackup "${parentdir}/lvm"`
+   exit_code=$?
+   case $exit_code in
+      0) # success. info message has already been displayed
+         true
+         ;;
+      1) # error
+         fatal "$output"
+         ;;
+      2) # could not even try
+         fatal "LVM metadata backup was not tried: $output"
+         ;;
+      *) # should never happen
+         fatal "Unhandled error ($exit_code) while trying to backup LVM metadata, please report a bug"
+         ;;
+   esac
+fi