From 113f733e3e26d71f1da00cc7f5934990b848cb92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Guerraz?= Date: Fri, 12 Apr 2024 13:50:44 +0200 Subject: [PATCH 1/3] Check if all required binaries exists before doing anything else --- check_deps.sh | 30 ++++++++++++++++++++++++++++++ restore_backup.sh | 2 ++ stream_backup.sh | 4 +++- 3 files changed, 35 insertions(+), 1 deletion(-) create mode 100755 check_deps.sh diff --git a/check_deps.sh b/check_deps.sh new file mode 100755 index 0000000..742b8af --- /dev/null +++ b/check_deps.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +if ! command -v age &> /dev/null; then + echo "command not found: age" + exit 3 +fi +if ! command -v aws &> /dev/null; then + echo "command not found: aws" + exit 3 +fi +if ! command -v lz4 &> /dev/null; then + echo "command not found: lz4" + exit 3 +fi +if ! command -v mbuffer &> /dev/null; then + echo "command not found: mbuffer" + exit 3 +fi +if ! command -v split &> /dev/null; then + echo "command not found: split" + exit 3 +fi +if ! command -v sed &> /dev/null; then + echo "command not found: sed" + exit 3 +fi +if ! command -v btrfs &> /dev/null; then + echo "command not found: btrfs" + exit 3 +fi diff --git a/restore_backup.sh b/restore_backup.sh index d124697..80343d7 100755 --- a/restore_backup.sh +++ b/restore_backup.sh @@ -5,6 +5,8 @@ if [ "$EUID" -ne 0 ] exit fi +./check_deps.sh || exit 3 + DELETE_PREVIOUS=false OPTSTRING="b:p:e:i:s:d" diff --git a/stream_backup.sh b/stream_backup.sh index 882db28..9642915 100755 --- a/stream_backup.sh +++ b/stream_backup.sh @@ -5,6 +5,8 @@ if [ "$EUID" -ne 0 ] exit fi +./check_deps.sh || exit 3 + DELETE_PREVIOUS=false CHUNK_SIZE="512M" SOURCE_EPOCH="" @@ -91,7 +93,7 @@ function cleanup () { exit 2 } -aws s3 ls s3://${BUCKET}/${PREFIX} >> /dev/null \ +aws s3 ls s3://${BUCKET}/${PREFIX} >/dev/null 2>&1 \ && echo "SECURITY WARNING: current AWS IAM entity is allowed to list bucket contents! This can allow an attacker using the same identity to overwrite files and ruin your backups!" >&2 SEQ=$(date +%s) From 97601ad806c096522561d6a07ccd1eace17fdadb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Guerraz?= Date: Fri, 12 Apr 2024 14:02:09 +0200 Subject: [PATCH 2/3] Document exit codes --- README.md | 9 +++++++++ restore_backup.sh | 2 +- stream_backup.sh | 2 +- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a7ef0ee..ee2074c 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,15 @@ Rather than dealing with the complexity of custom file formats and metadata file As such if you want to change the format (compression, encryption, file container, etc.), please start a new backup _epoch_ so as not to mix the two. +# Return value + +It is important that you check the return value of the back-up script for proper monitoring and alerting. + +* 0: everything went fine +* 1: a "usage" error occured. You used a unrecognised command switch, or referenced a volume or snapshot that does not exist +* 2: an error occurred after the snapshot was created, **you should pay close attention to these**! The script will have tried to delete the newly created snapshot so that subsequent incremental backups can be made from the last good known state +* 3: a required dependency is not installed + # Important security recommendations This is all rather common sense, but: diff --git a/restore_backup.sh b/restore_backup.sh index 80343d7..d038f50 100755 --- a/restore_backup.sh +++ b/restore_backup.sh @@ -2,7 +2,7 @@ # if [ "$EUID" -ne 0 ] then echo "Please run as root" - exit + exit 1 fi ./check_deps.sh || exit 3 diff --git a/stream_backup.sh b/stream_backup.sh index 9642915..cf0cfdb 100755 --- a/stream_backup.sh +++ b/stream_backup.sh @@ -2,7 +2,7 @@ # if [ "$EUID" -ne 0 ] then echo "Please run as root" - exit + exit 1 fi ./check_deps.sh || exit 3 From 085fe776d304ef9e19fcef29f81111822748f354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Guerraz?= Date: Sat, 13 Apr 2024 10:31:52 +0200 Subject: [PATCH 3/3] Allow running check_deps.sh from a different directory --- restore_backup.sh | 2 +- stream_backup.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/restore_backup.sh b/restore_backup.sh index d038f50..720f70c 100755 --- a/restore_backup.sh +++ b/restore_backup.sh @@ -5,7 +5,7 @@ if [ "$EUID" -ne 0 ] exit 1 fi -./check_deps.sh || exit 3 +$(dirname "$0")/check_deps.sh || exit 3 DELETE_PREVIOUS=false diff --git a/stream_backup.sh b/stream_backup.sh index cf0cfdb..a9dd7d2 100755 --- a/stream_backup.sh +++ b/stream_backup.sh @@ -5,7 +5,7 @@ if [ "$EUID" -ne 0 ] exit 1 fi -./check_deps.sh || exit 3 +$(dirname "$0")/check_deps.sh || exit 3 DELETE_PREVIOUS=false CHUNK_SIZE="512M"