Re: [BackupPC-users] Wake-on-LAN setup - no ping response
Hi, Russ Russ wrote on 2015-03-06 09:07:30 +0300 [[BackupPC-users] Wake-on-LAN setup - no ping response]: [...] I have backuppc server on Gentoo which works fine with regular client backups. Now I am configuring wake-on-lan to wake windows clients up before backup. [...] 3. Appropriate 777 rights have been granted to wolping.sh. a=rwx is hardly appropriate. Actually, having 'others' being able to modify the script is an attack waiting to happen. Anyone at all with access to the machine can put anything they want into the script and just have to wait for it to be executed by the BackupPC daemon with its associated privileges. That is basically the same as giving anyone a free backuppc uid shell, including full access to all backups and presumably root access to all client machines you are backing up. Not necessarily a good idea ;-). I don't believe BackupPC actually checks the permissions before executing the PingCmd (or any other), but I wouldn't blame *anything* (BackupPC, Perl, bash, kernel) for blandly refusing to execute a world-writable file as a general security measure. This is output of ls ???l: -rwxrwxrwx 1 backuppc backuppc 1246 12:00 wolping.sh The ownership looks good enough, though 'root:root' might be more suitable, now you just have to 'chmod go-w' it. And afterwards check it has not been modified. We'll just assume no malicious party has the file opened for writing across your chmod and review, but for the record I'll mention the theoretical possibility. Curious that your 'ls -l' output contains no date :-). 4. I have tested wolping.sh and it works great from terminal under backuppc user Well, you use 'sudo'. You haven't by chance previously input a sudo password in your terminal session? You are sure you are executing /usr/local/bin/wolping.sh and not a different version of the script somewhere in your path? ;-) What is the return code of the script when you execute it from a shell? Your standard shell usually doesn't tell you if you don't ask explicitly, but it might make a difference for BackupPC. Seems that backuppc does not even fire the script as ???logger??? does not appear in tail -f /var/log/messages You should see more in BackupPC's log files. I don't regularly use the 'logger' command, so I'm not familiar with its intricacies. Is it not called, or does it fail to log, or does it log somewhere else than you are looking? Does the command line invocation of wolping.sh cause a log entry (in /var/log/messages)? Looking at your script, I am wondering what your $Conf{PingCmd} looks like (out of habit, I'd also like to see $Conf{PingPath}). It's obviously not the default ('$pingPath -c 1 $host'), because you get your host name from $5: [...] WAKEHOST=$5 [...] function fwol { TO_WAKEUP=$1 (apparently never used) sudo $ETHWAKE $1 I suppose you've got an entry similar to this in your /etc/sudoers: backuppc ALL=NOPASSWD: /sbin/etherwake -i enp3s0 * You use different invocations of the ping command - is that intentional? [...] $PING $ARG1 $ARG2 $ARG3 $ARG4 $WAKEHOST /dev/null 21 $PING $ARG1 $ARG2 $WAKEHOST $PING $ARG1 $ARG2 $ARG3 $ARG4 $WAKEHOST Wouldn't it make more sense to control that in the script and call it with the parameters that are truely variable, e.g. wolping.sh hostname interval Your script is implying semantics for $ARG3 and $ARG4, so you can't really configure PingCmd to use wolping.sh with arbitrary 'ping' switches (let alone a variable number of them) in arbitrary order, as it might first appear. You might also want to replace the sleep command with a fancy ping invocation to be more adaptive to the time an individual host actually requires to boot. You could experiment with something like ping -i 10 -c 18 -A -q hostname which should wait at most 180 seconds (like your sleep command), probe your host in 10 second intervals and terminate shortly after the host begins to respond. That way, you could increase the tolerance (raise the -c argument) to accomodate for slow hosts and yet not have to unnecessarily wait for a fixed long time for fast hosts. Of course, you would also wait the maximum time for hosts which simply fail to wake up. Hope that helps. Regards, Holger -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List:https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki:http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
Re: [BackupPC-users] Wake-on-LAN setup - no ping response
I took a slightly different approach. The ping replacement script is called with 1 argument (the hostname) for ping, or 2 arguments hostname MAC_address for wol. It means putting the mac address in $conf{PingCmd} for hosts that need wol rather than in a separate file like Michael uses. My default PingCmd is: $Conf{PingCmd} = '$pingPath $host' On WOL hosts I over ride it with: $Conf{PingCmd} = '$pingPath $host mac_address' where mac_address is replaced with the actual value for that host. My script is messy since I did home-rolled wake-on-lan with xxd and netcat. That avoided installing wakeonlan as an extra dependency on FreeBSD. If you already have wakeonlan you'd want to change the script to use that instead of xxd. WOL of course needs to be configured on the windows machines, possibly in bios as well as in windows. I'd test that from the command line before putting it into backuppc. RP The script: #!/bin/sh # BackupPC_pingwol # Ping replacement for use with BackupPC that sends optional wake on lan packets # Russ Poyner 9/8/2014 PATH=/sbin:/bin:/usr/bin:/usr/local/bin export PATH # No wol by default wakeme= # Send wol with xxd. # Best re-write this to use linux wakeonlan if you have it. wol() { # Convert the wol packet to binary with xxd # and send it to the client through netcat. echo Sending wake on lan packet to $hostname at $cleanmac echo $packet | xxd -r -p | nc -w 1 -v -u $hostname 9 } # Minimal argument parsing if [ $# = 2 ] then wakeme=yes hostname=$1 # Construct the wol packet in hexadecimal cleanmac=`echo $2 | sed -r 's/:|-//g' | tr '[:lower:]' '[:upper:]'` # Next 2 lines not needed if you use a real wakeonlan utility mac4=${cleanmac}${cleanmac}${cleanmac}${cleanmac} packet=${mac4}${mac4}${mac4}${mac4} elif [ $# = 1 ] then hostname=$1 else echo Usage: echo $0 hostname [mac address] echo Including the mac address will cause $0 to send WOL packets echo if the host doesn't answer the first ping fi ping -qc 1 $hostname ret=$? if [ $ret != 0 -a $wakeme = yes ] then for n in $(seq 1 15) do wol ping -qc 1 $hostname ret=$? if [ $ret = 0 ] then exit 0 fi done fi exit $ret On 03/06/2015 12:07 AM, Russ Russ wrote: Dear all, Any ideas/assistance will be highly appreciated. I have backuppc server on Gentoo which works fine with regular client backups. Now I am configuring wake-on-lan to wake windows clients up before backup. The following has been done: 1.Bash script has been a bit modified from the one suggested on this forum (details of the current script are provided at the end of the message). 2.Config.pl has been modified on server as the following: $Conf{PingPath} = '/usr/local/bin/wolping.sh'; $Conf{NmbLookupFindHostCmd} = ' '; 3.Appropriate 777 rights have been granted to wolping.sh. This is output of ls –l: -rwxrwxrwx 1 backuppc backuppc 1246 12:00 wolping.sh 4.I have tested wolping.sh and it works great from terminal under backuppc user But when I fire manual backup on any client which is in standby mode, I got the following message: “2015-03-06 11:29:14 no ping response” Seems that backuppc does not even fire the script as “logger”does not appear in tail -f /var/log/messages Could you please advise what might cause such an issue Many thanks wolping.sh: -- #!/bin/bash #this script is totally designed for the backuppc ping command #which is the first thing it does before it starts a backup #this is a substitute which pings the machine, if it is not #awake then it wakes it using a magic packet - using the wol.bsh script #then pings again to make sure PING=/bin/ping ARG1=$1 ARG2=$2 ARG3=$3 ARG4=$4 WAKEHOST=$5 ETHWAKE=/sbin/ether-wake -i enp3s0 SLEEPTIME=3m logger Backuppc pinging$1 $2 $3 $4 $5 function fwol { TO_WAKEUP=$1 sudo $ETHWAKE $1 if [ $? -eq 0 ] then WOL_RES=OK else WOL_RES=FAIL fi } $PING $ARG1 $ARG2 $ARG3 $ARG4 $WAKEHOST /dev/null 21 if [ $? -ne 0 ]; then fwol $WAKEHOST if [ $WOL_RES = FAIL ]; then exit 1 fi sleep $SLEEPTIME $PING $ARG1 $ARG2 $WAKEHOST if [ $? -eq 0 ] then logger success waking $WAKEHOST. else logger unable to wake $WAKEHOST. exit 1 fi else $PING $ARG1 $ARG2 $ARG3 $ARG4 $WAKEHOST fi exit 0 -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net
Re: [BackupPC-users] Wake-on-LAN setup - no ping response
On 2015-03-06 00:07, Russ Russ wrote: Dear all, Any ideas/assistance will be highly appreciated. I have backuppc server on Gentoo which works fine with regular client backups. Now I am configuring wake-on-lan to wake windows clients up before backup. Not that I see anything wrong with what you've put together, but I my BackupPC server also happens to be running on Gentoo, nor do I have a theory on why it would behave any differently for automatic and manual backups. For what it's worth, the complete scripts I use are here: http://www.michaelstowe.com/backuppc/ -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List:https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki:http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
[BackupPC-users] Wake-on-LAN setup - no ping response
Dear all, Any ideas/assistance will be highly appreciated. I have backuppc server on Gentoo which works fine with regular client backups. Now I am configuring wake-on-lan to wake windows clients up before backup. The following has been done: 1. Bash script has been a bit modified from the one suggested on this forum (details of the current script are provided at the end of the message). 2. Config.pl has been modified on server as the following: $Conf{PingPath} = '/usr/local/bin/wolping.sh'; $Conf{NmbLookupFindHostCmd} = ' '; 3. Appropriate 777 rights have been granted to wolping.sh. This is output of ls –l: -rwxrwxrwx 1 backuppc backuppc 1246 12:00 wolping.sh 4. I have tested wolping.sh and it works great from terminal under backuppc user But when I fire manual backup on any client which is in standby mode, I got the following message: “2015-03-06 11:29:14 no ping response” Seems that backuppc does not even fire the script as “logger” does not appear in tail -f /var/log/messages Could you please advise what might cause such an issue Many thanks wolping.sh: -- #!/bin/bash #this script is totally designed for the backuppc ping command #which is the first thing it does before it starts a backup #this is a substitute which pings the machine, if it is not #awake then it wakes it using a magic packet - using the wol.bsh script #then pings again to make sure PING=/bin/ping ARG1=$1 ARG2=$2 ARG3=$3 ARG4=$4 WAKEHOST=$5 ETHWAKE=/sbin/ether-wake -i enp3s0 SLEEPTIME=3m logger Backuppc pinging $1 $2 $3 $4 $5 function fwol { TO_WAKEUP=$1 sudo $ETHWAKE $1 if [ $? -eq 0 ] then WOL_RES=OK else WOL_RES=FAIL fi } $PING $ARG1 $ARG2 $ARG3 $ARG4 $WAKEHOST /dev/null 21 if [ $? -ne 0 ]; then fwol $WAKEHOST if [ $WOL_RES = FAIL ]; then exit 1 fi sleep $SLEEPTIME $PING $ARG1 $ARG2 $WAKEHOST if [ $? -eq 0 ] then logger success waking $WAKEHOST. else logger unable to wake $WAKEHOST. exit 1 fi else $PING $ARG1 $ARG2 $ARG3 $ARG4 $WAKEHOST fi exit 0 -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/___ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List:https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki:http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/