Tech Musings

Wednesday, March 28, 2007

Backing Up OS 10.3.9 Server Using Rsync +hfsmode

I found some time to better document the process I've been using to mirror data from my OS X Server (which I primarily use for Web services) across the network to a box residing in another physical location. I regularly use Bombich's CCC psync feature to clone local drives, but I prefer to use remote network backups whenever possible. I'm using an "HFS+ aware" version of Rsync to mirror data from my OS X 10.3.x Server (source) over the network to a different box (target) daily through cron jobs.

Step 1:
Originally, I was going to use RsyncX for network backups but decided against it after reading this article on afp548. RsyncX sounds a little buggy to me. Instead, I download and install Andrew Reynhout's patched binary version of rsync which addresses the HFS+ resource fork problem. I'm not too worried about potential lchown problems that could occur when copying symbolic links from one machine to another, mainly because I'm only synching data files and not full directory architectures. Thus, I usually skip the Hoffman patch discussed in the article (plus I'm too dumb and lazy to figure out how to utilize it).

My hope is that there will be no need to go through this "rig-a-ma-roll" and use this patched version after Apple finally gets their act together and includes a workable version of rsync bundled with the OS. In fact, Apple did introduce an "HFS aware" version of rsync in 10.4 Tiger-- but I read somewhere that it's crap. Maybe apple engineers will get on the ball and improve it when Leopard Server rolls out.

I install Reynhout's 2.6.3 version of rsync (named Rsync+hfsmode) on BOTH my source and target machines. To install, download and mount the binary .dmg (linked above) and type the commands listed below into the Terminal window. These commands add the rsync+hfsmode version of rsync into the user account's PATH on both boxes. Truthfully, I'm still a little fuzzy as to which box rsync actually runs on when backups take place (nice, huh?). To address this little technicality, I always install it on both machines to cover my stupidity.

There's no binary package to the enhanced rsync+hfsmode installation. Instead, make a backup of your current rsync program and then overwrite it with the newer, "better" version available inside the disk image.

$sudo mv /usr/bin/rsync /usr/bin/rsync-apple
$sudo cp /Volumes/rsync+hfsmode/rsync-2.6.3+hfsmode-1.2b2 /usr/bin/rsync
$sudo chown root:wheel /usr/bin/rsync
$sudo chmod 755 /usr/bin/rsync


Step 2: Next, prep for SSH transfers between machines using authorized keys as explained in the AFP548 article above. I generate a public/private dsa key pair on the source (OS X Server) under my identified user account with no passphrase. This creates a key fingerprint for the user that I then copy over to my target box. This allows the user account on my OS X server (source) to authenticate to the target box without the need to physically type a password in the Terminal. I couldn't run this network backup as an unattended cron job without this host based authentication. The instructions for doing this are in the aforementioned article on afp548 under "Setting Up SSH."

Here's a screen shot showing the commands for the generation of the key pairs in the terminal window:


Generating public and private dsa key pair in Terminal Window


Step 3: The next step is to implement Bombich's rsync wrapper shell script on my target box. Bombich devotes an entire page about rsync backups on his Web site. His instructions for setting up the public/private ssh keys were confusing to me because of his use of the words server and client. I feel like his instructions are backwards from the way I do it. Anyway, his wrapper envokes a layer of security to ensure the privileges of the user logging in from my OS X Server are limited to the functionalities the rsync script. You add the following line to the beginning of the key present in the authorized_keys files. Use the vi editor rather than pico to make the edit to alleviate line break problems.

command="/private/etc/rsync-wrapper.sh"

Step 4: I searched for and found a decent rsync shell script that was originally created by Art Mulder which includes log rotations and email notifications. I modify it to suit my purposes including adding the appledouble flag to utilize the HFS fix. The source and destination directories targeted for backup are identified as variables $SOURCE and $DEST in the script in the screen shot.

rsync -e ssh --archive --update --delete --verbose --hfs-mode=appledouble $SOURCE $LOGIN:$DEST | tee -a $LOG




Step 5: After I test to make sure everything works I add the shell script to the root account's cron job (type crontab -e in the terminal window) on my source OS X Server box.

0 Comments:

Post a Comment

<< Home