1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
#!/bin/bash
#==============================================================
# author: Karsten Hilbert
# license: GPL v2 or later
#
# anacron
# -------
# The following line could be added to a system's
# /etc/anacrontab to make sure it creates daily
# database backups for GNUmed:
#
# 1 15 gnumed-<your-company>-sign-backups /usr/bin/gm-zip+sign_backups.sh
#
#
# cron
# ----
# Add the following line to a crontab file to sign
# database backups at 12:47 and 19:47 every day:
#
# 47 12,19 * * * * /usr/bin/gm-zip+sign_backups.sh
#
#
# It is useful to have a PROCMAIL rule for the GNotary server replies
# piping them into the stoarage area where the backups are kept.
#==============================================================
CONF="/etc/gnumed/gnumed-backup.conf"
#==============================================================
# There really should not be any need to
# change anything below this line.
#==============================================================
# load config file
if [ -r ${CONF} ] ; then
. ${CONF}
else
echo "Cannot read configuration file ${CONF}. Aborting."
exit 1
fi
TS=`date +%Y-%m-%d-%H-%M-%S`
BACKUP_BASENAME="backup-${GM_DATABASE}-${INSTANCE_OWNER}"
cd ${BACKUP_DIR}
if test "$?" != "0" ; then
echo "Cannot change into backup directory [${BACKUP_DIR}]. Aborting."
exit 1
fi
shopt -s -q nullglob
# zip up any backups
for BACKUP in ${BACKUP_BASENAME}-*.tar ; do
# are the backup and ...
TAR_OPEN=`lsof | grep ${BACKUP}`
# ... the corresponding bz2 both open at the moment ?
BZ2_OPEN=`lsof | grep ${BACKUP}.bz2`
if test -z "${TAR_OPEN}" -a -z "${BZ2_OPEN}" ; then
# no: remove the bz2 and start over compressing
rm -f ${BACKUP}.bz2
else
# yes: skip to next backup
continue
fi
# I have tried "xz -9 -e" and it did not make much of
# a difference (48 MB in a 1.2 GB backup)
bzip2 -zq -${COMPRESSION_LEVEL} ${BACKUP}
bzip2 -tq ${BACKUP}.bz2
# FIXME: add check for exit code
chmod ${BACKUP_MASK} ${BACKUP}.bz2
chown ${BACKUP_OWNER} ${BACKUP}.bz2
# Reed-Solomon error protection support
# if test -n ${ADD_ECC} ; then
# rsbep
# fi
# GNotary support
if test -n ${GNOTARY_TAN} ; then
LOCAL_MAILER=`which mail`
#SHA512="SHA 512:"`sha512sum -b ${BACKUP_FILENAME}.tar.bz2`
SHA512=`openssl dgst -sha512 -hex ${BACKUP}.bz2`
RMD160=`openssl dgst -ripemd160 -hex ${BACKUP}.bz2`
export REPLYTO=${SIG_RECEIVER}
# send mail
(
echo " "
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>"
echo "<message>"
echo " <tan>$GNOTARY_TAN</tan>"
echo " <action>notarize</action>"
echo " <hashes number=\"2\">"
echo " <hash file=\"${BACKUP}.bz2\" modified=\"${TS}\" algorithm=\"SHA-512\">${SHA512}</hash>"
echo " <hash file=\"${BACKUP}.bz2\" modified=\"${TS}\" algorithm=\"RIPE-MD-160\">${RMD160}</hash>"
echo " </hashes>"
echo "</message>"
echo " "
) | $LOCAL_MAILER -s "gnotarize" $GNOTARY_SERVER
fi
done
exit 0
#==============================================================
|
