Simple Backup Server using ftp
January 8, 2010
At work I had to set up as fast as possible a server to be acting as a backup for some of our main servers.
So this post is about setting up a “poor mans” backup server using FTP.
- Grab your favourite OpenBSD distro
- add the ftp user and group account:
backup:*:1000:1000:Ftp Backup Account:/backup:/sbin/nologin - add the account to /etc/ftpchroot
- Add the new class for setting the file creation mask for this account:
backup:\
:umask=0777:\
:tc=default: - add the login class to /etc/master.passwd (with vipw) for the account
- create the $HOME directory for the user
mkdir /backup
chown backup:backup /backup - create the different directories for the backup
mkdir /backup/machine1
mkdir /backup/machine2
chown -R backup:backup /backup
chmod -R 300 /backup - Apply the following patch to ftpd :
diff -Naur /usr/src/libexec/ftpd/ftpcmd.y ./ftpd/ftpcmd.y
--- /usr/src/libexec/ftpd/ftpcmd.y Thu Nov 5 16:43:15 2009
+++ ./ftpd/ftpcmd.y Tue Nov 10 16:50:04 2009
@@ -82,6 +82,7 @@
extern int portcheck;
extern union sockunion his_addr;
extern int umaskchange;
+extern int no_dele;off_t restart_point;
@@ -394,10 +395,16 @@
}
| DELE check_login SP pathname CRLF
{
- if ($2 && $4 != NULL)
- delete($4);
- if ($4 != NULL)
- free($4);
+ if (no_dele) {
+ reply(550,
+ “No permission to delete files”);+ }
+ else {
+ if ($2 && $4 != NULL)
+ delete($4);
+ if ($4 != NULL)
+ free($4);
+ }
}
| RNTO check_login SP pathname CRLF
{
diff -Naur /usr/src/libexec/ftpd/ftpd.c ./ftpd/ftpd.c
— /usr/src/libexec/ftpd/ftpd.c Thu Nov 5 16:43:16 2009
+++ ./ftpd/ftpd.c Tue Nov 10 16:51:13 2009
@@ -154,6 +154,7 @@
#endif
mode_t defumask = CMASK; /* default umask value */
int umaskchange = 1; /* allow user to change umask value. */
+int no_dele = 0 ; /* disallow ftp delete */
char tmpline[7];
char hostname[MAXHOSTNAMELEN];
char remotehost[MAXHOSTNAMELEN];
@@ -252,13 +253,13 @@
return (guest ? path+1 : path);
}-char *argstr = “AdDhnlMSt:T:u:UvP46″;
+char *argstr = “AdDhnlMSt:T:u:UvP46p”;static void
usage(void)
{
syslog(LOG_ERR,
- “usage: ftpd [-46ADdlMnPSU] [-T maxtimeout] [-t timeout] [-u mask]“);
+ “usage: ftpd [-46ADdlMnPSUp] [-T maxtimeout] [-t timeout] [-u mask]“);
exit(2);
}@@ -371,7 +372,9 @@
case ‘6′:
family = AF_INET6;
break;
-
+ case ‘p’:
+ no_dele = 1;
+ break;
default:
usage();
break; - start ftpd in inetd.conf with the new option:
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -USnp -u 0777
I put the permission of all folders as d-wx—— so that the user can create the necessary files but not being able to list the files that already exist. FTP is not an encrypted protocol, and even if all the tranfers are done in the local network I have the paranoia that someone might sniff the username/password. Being unable to list the files just gives a smaller surface of attacks. All the files created have mode 000 , so that after the file creation the file cannot be tampered. Finaly the purpose of the patch is to prevent someone from sniffing the password and logging in to the backup server and removing all the backup files (not much for a backup solution, is it then?? 
).
After setting up the “backup server”, i installed scripts to the servers in order to push there their backup data.
Not the best solution, but having this ready in < 1 hour, was really ok 
HTC Magic Battery life
November 14, 2009
Since a few days ago, I’ve been the happy owner of a HTC Magic. I really like this phone, and i believe that they have made a really nice work. The main minus point that i see is the battery life. In my own tests , if you have the phone using only 2G, no Wireless, no Background data synchronisation and also using the Task Manager to kill any unnecessary applications (that are a lot running each time), the battery goes off about 25-30% per day. (I’m having the bluetooth always on, and i’m using a bluetooth handsfree all the time, so i assume that by having bluetooth off, you might get somewhere arround 20 %). It is not so bad, but i don’t think it is good either. I would like my phone to last (using it only as a mobile phone and not a game machine) about a week.
Having all the above on (so that you can have the full experience ) leads to having the battery off about 90% per day. So every night (when it remains only 20% of the battery) you have to recharge it. This is something that i believe is acceptable, since all these consume quite a lot of power. However, even in this case i have a feeling that the battery drains too quickly.
Anyhow, since i’m mostly using the phone as a phone, and don’t want all the hi-speed connections, i can survive for now
(On the plus side is that you can change the battery. This is something quite nice, since in about a year the battery will start to wear off, and the ratios described above will change to the worse ).
Quote about DNS
November 7, 2009
From here :
What DNS is not is a mapping service or a mechanism for delivering policy-based information. DNS was designed to express facts, not policies. Because it works so well and is ubiquitous, however, it’s all too common for entrepreneurs to see it as a greenfield opportunity.
One of the best parts of this article is that describes the way people try to take advantage of something that is was designed with a different state of mind. As a result the designers come back and try to change this design to deal with this “new era”. This leads to complicating things, making harder to set up a system working correctly .. and things eventually will break. If it stopped here, it would be ok, but unfortunately a new round of messing, trying to fix things, messing again , and so on will start.
Coming to the internet .. near you.
Error source quote updated to the recent fires.
August 30, 2009
The famous quote for errors :
«At the source of every error which is blamed on the computer, you will find at least two human errors, including the error of blaming it on the computer
has been adapted by a friend for the recent fires and the reaction of the press officer you blamed the forest:
«At the source of every fire which is blamed on the forest, you will find at least two human errors, including the error of blaming it on the forest.
.
Credits to stef.
Stupid network modeling
August 30, 2009
I was skimming[1] through the book:
Forecasting Oracle Performance
and i read this part:
«The world is much too complex for us to understand. To compensate, we create models to simplify the world around us, turning it into something we can comprehend. Models help us understand our world. When focused on a specific area in which the scope is very limited, a model can teach, expose, describe, reveal, and draw out the understanding we may desperately need. Modeling is all about making the complex simple.»
This part made me pause and think for a second, which models I’m using involuntary in order to understand some aspects of my work. And then it hit me. Most of the times, in my mind I model networks using streets, junctions, and cars. After driving for something like 12 years in Athens (which is notorious of traffic, and driving skills needed to stay alive), and having a tendency to always trying to find new paths to get to places avoiding the problems of the day (demonstrations that close the city center, accidents, trucks, taxi drivers stopping at any place, etc) I have an instinct of how I should drive to get where I want on time (not always 100% success though 
). I drive quite a lot everyday, so this has become something like a second nature to me, and my mind has been wired to operate in these conditions. As a result I tend to model networks, using my driving experience.
I model links between routers or switches as roads, and the routers or switches as junctions that have either traffic signs or a police officer to guide the traffic. VPNs or tunnels, are just special lanes that special vehicles travel (think something like the emergency lane in national roads, if the road suddenly is totally destructed, or the police office on the junction has gone bananas .. there goes the VPN). The packets are just the vehicles. I model different types of packets, as different type of vehicles. This is a extremely simple model (that’s the reason i say stupid in the title ) but sometimes it helps to diagnose problems, or explain to myself (or others) some concepts. Let me give some examples.
- Suddenly I realise that a network link is congested. The first think is to identify which packets are passing through this link. Then in my mind I create a simple “street” map that represents the network and I place myself as a driver in one of the packets stuck in the traffic. Which is the first question that pops in my mind?? “How did I ended up being stuck here???” Answering this question provides me info if this the path that I would normally choose, and if not how the heck I got here. Also it makes me think of alternative paths that I could follow to get to my destination. If I have the network map in my head like a street map, then I can easily spot the alternative ways, and find different solutions (well I could go that way .. but this is an one-way street on the opposite direction. Bummer! But .. what if I could make it for a while .. a two way street. AHA! There’s a possible solution.
- What about the firewalls. Simple solution. Each firewall is a junction with the swat team that says: Only red vehicles pass. Other type of vehicles are darn to heck. Hey suddenly I see a pink car on the other side. Something is wrong, what happened (and usually I first blame the equipment, just to realise after a while that it was a human error[2]).
- QoS. Think of 2004 in the Olympic games, that a special lane was designated for vehicles that were used for the olympic games. Each car that got a “special olympic pass” could be in this lane passing by all the other suckers .. eeer drivers I mean that have to pile up in queues in the remaining lanes. However when no special olympic vehicle was in sight (and no police officer of course) noumerous drivers could just go the “special olympic lane” so they could use the whole street (Greek people are not known for the law abiding behaviour). However when a olympic vehicle appeared, everybody else was back in the other lanes. This special olympic lane of course could be congested, but only by olympic vehicles, but this is another story.
- Bandwidth vs Latency. A bit more complicated. We have the national road that has 3 lanes per direction, and then we have the side street that has 1 lane per direction. Now imagine (it’s a model .. we can imagine anything we want .. even little green alliens to make it interesting), that on the national road there is a speed limit of 80km/h, whereas in the side road the speed limit is 120km/h. (normally, the speed limit would be lower on the side road, but usually there are not any policemen … so the speed limit is deduced by the holes in the street). So if we want to take the bandwidth (assuming all the cars are 5m) on the national road it is 13.32 cars/sec. On the other hand on the side street the bandwidth is 6.666 cars/sec. (The calculations are made on the top of my head so bear with the numerical errors).The national road provides more bandwidth. However if two cars start from the same point and the one travels on the national road and the other travels on the side street, the one on the side street will arrive faster. So more bandwidth on the national road, lower latency on the side street.
These are some examples of my poor-man’s modeling of computer networks. Is the model ultra precise?? I doubt. Does it help me have the feeling of what is going on. Absolutely. I quote again the book:
«I like to say that models are an abstraction of reality. From paper airplanes to supermodels, they are not real but an abstraction. One of the dangers to those of us deeply involved with modeling is believing that our models are real.[...] So please remember that models are not reality. They are not perfect, cannot be expected to be perfect, and are not designed to be perfect. It would be foolish to think what a model says will absolutely 100% occur.»
Finally, I do not claim that this model is by any means pioneer or novel. I am sure that most people in the network business would be using something like this, or even on some text books they present this type of model. But at least it has been a tool that has helped be noumerous times in the past, and I hope in the future.
[1] I said skim for two reasons:
- I read the book on my free time (read structured procrastination), usually before bed time
- I don’t have much of a knowlegde of database systems (I know and understand some of the principles but that is about it), let alone Oracle which is a beast of it’s own. (so i’ve heard)
[2] «At the source of every error which is blamed on the computer, you will find at least two human errors, including the error of blaming it on the computer.»
Α-σήμαντος.
August 29, 2009
Ζούμε στην εποχή που ο καθένας μας έχει τουλάχιστον 1 blog, συμμετέχει σε 1 social network, χρησιμοποιεί twitter και διάφορες υπηρεσίες. Όλα αυτά όχι μόνο από το pc του σπιτιού/δουλείας, αλλά πλέον netbook με Wifi, 3G κτλ κτλ, PDAs, κινητά τηλέφωνα και γενικά κάθε συσκευή όσο μικρή και αν είναι προσφέρει την δυνατότητα επικοινωνίας/ανταλαγής πληροφοριών. Και από την άλλη οι περισσότεροι από εμάς συνηθίζουμε σιγά σιγά να βασιζόμαστε στον τεράστιο όγκο πληροφοριών που μπορούμε να έχουμε σχεδόν αναπάσα στιγμή στις άκρες των δακτύλων μας (pun intented) όπως Google maps + GPS, athinorama online, να δούμε το tweet με τις σημερινές προτάσεις (ok , λιγάκι υπεβολικό ακόμη, αλλά καλομελέτα και έρχεται).
Ίσως έφτασε η εποχή που όταν δεν έχουμε σήμα (Wifi, 3G, 2G, κάτι) μπορούμε να λέμε ότι είμαστε .. α-σήμαντοι
Κάποτε υπήρχε το ρητό στο irc: offline – onlife. Ίσως πλέον να μην είμαστε και τόσο offline όσο πιστεύουμε, αλλά ας ελπίσουμε ότι μένουνε onlife.
Τελικά φυτοφάγο ή όχι??
August 27, 2009
marmozet info
Η φωτογραφία είναι από το θεσαλλικό ζωολογικό πάρκο που είναι στην αγροικία Φώτη στο χωριό Κρυοπηγή. Η απορία μου είναι τελικά τί είναι φυτοφάγα ή σαρκοφάγα .. ή κάτι άλλο?? :p
(Εγώ απλά gimpara λιγάκι για να φαίνεται πιο καθαρά το τι γράφει)
Heavy Multitasker ?? :(
August 26, 2009
As i’m writing this post, i also have an irc session (3 channels and 1 private chat), 2 IM windows, 4 other browser tabs, 1 email client. This is quite typical of the simultaneous applications that i have at each moment open, and most of the times i switch from the one to the other. This makes me a heavy multitasker i think.
Lately i’m read noumerous posts about the effect of heavy multitasking, with the latest being this one. I can see some symptoms that they describe. I do have a harder time concetrating, and habitually even while i’m thinking i switch desktops watching what is happening to the other applications (and if something happens, then i can be lost). I used to do the same thing a few years ago, but i could easily concentrate (and since i was a kid i had a really good ability at concentrating which helped a lot of times) and didn’t loose focus that much.
I’ve started to worry, is this the heavy multitasking that affects me, or this is just getting older?? I wonder if I stop doing the heavy multitasking will i revert to my previous condition?? Did other people have the same issues, and how did they solve them??
light a fire!!!
August 25, 2009
Για μια ακόμη φορά το καλοκαίρι μας τελειώνει πολύ όμορφα με την παραδοσιακή φωτιά στην Αττική. Βέβαια αυτή τη φορά καταφέρανε και ξεπεράσανε τον εαυτό τους και το καταστρέψανε ότι σχεδόν είχε μείνει.
Και βέβαια μετά από αυτή την καταστροφή έχουνε αρχίσει και αναλύουνε κάθε πιθανό και απίθανο σενάριο με τα στοιχήματα να δίνουνε προβάδισμα στους οικοπεδοφάγους. Κλασσικό. Όπως έχει ειπωθεί:
Το πρώτο βήμα για να λύσεις ένα πρόβλημα, είναι να καταλάβεις ότι υπάρχει πρόβλημα
Προφανώς για να μην το λύνουμε τόσο καιρό, μάλλον δεν είναι πρόβλημα. Άλλωστε η λύση του θα ήταν πάρα πολύ εύκολη. Τόσα χρόνια το πού είναι δάσος (ιδίως γύρω από την Αττική) όλοι σχεδόν το ξέρουνε, και μέχρι και φωτογραφίες απο δορυφόρους έχουμε. Αυτές οι περιοχές να χαρακτηρίζονται δασικές. Όποιος χτίζει μέσα σε αυτές τις περιοχές, αυτόματα να δημεύονται η περιουσία του, καθώς και των πρώτων βαθμών συγγενών του. Όποιος μηχανικός, πολεοδόμος υπέγραψε για το χτίσιμο αυτού του αυθαίρετου, να έχει την ίδια μοίρα. Το ίδιο να παθαίνει και όποιος δώσει άδεια από ΔΕΗ, ΕΥΔΑΠ, ΟΤΕ για φώς, νερό, τηλέφωνο.
Πολύ αυστηρό?? Μπα, δυστυχώς, σε μερικά πράγματα αφού δεν υπάρχει σεβασμός, θα πρέπει να υπάρχει φόβος. Τουλάχιστον κόβεις μια μορφή εκμετάλευσης από τις καμμένες περιοχές. Άρα θα σου μένουνε τα άλλα σενάρια να επεξεργάζεσαι.
Αλλά βέβαια με αυτά και αυτά .. ποιός θυμάται την Siemens?? Τώρα καιγόμαστε :p
//Edit: Τελικά αυτά τα είχα γράψει αρκετά πιο παλιά σε ένα post. Τόσο παλιό που και εγώ είχα ξεχάσει ότι είχα γράψει. Εκεί μάλλον τα λέω και καλύτερα.
Scarface’s wisdom translated to software development
June 4, 2009
We have the famous quote from the movie Scarface :
In this country, you gotta make the money first. Then when you get the money, you get the power. Then when you get the power, then you get the women.
So a possible translation for software development could be:
In this business, you gotta take the requirements correct. Then when you get the requirements correct, you can do a proper design. Then when you have a proper design, then you can create a sane implementation.
But you have to get the requirements correct. Otherwise everything will be a huge fail.
(Having the requirements correct doesn’t necessarily lead to correct design, or correct implementation, but is somewhere to start, specially when a number of people have to work on something)
