
Installation of AF's backup system
==================================


Super easy installation for nervous people
------------------------------------------

Run Install and answer the questions.

Afterwards you may run the following programs to
configure the backup system ($BASEDIR is the
installation directory):

$BASEDIR/server/bin/serverconfig    to configure the server side
$BASEDIR/client/bin/clientconfig    to configure the client side

If you are running X, you can use instead:

$BASEDIR/server/bin/xserverconfig    to configure the server side
$BASEDIR/client/bin/xclientconfig    to configure the client side


Detailed installation procedure
-------------------------------

There are three types of hosts that can be configured.
A host may be of only one type or of all three types.
I will call them as follows:

backup server         a host with a streamer device connected,
                      that all backup data is written
backup client         a host that desires to backup it's data
                      to the server
remote start client   a host that a backup on another host
                      can be started. This can simplify the
                      administration by starting the backups on
                      all clients from one central point.

What you have to do depends on the type of host that you actually
want to configure. For a backup server, install and configure
the server side (see below). For a client, install and configure
the client side (see below). For a remote start client, install
the client side (see below). Configuration is not necessary.
For a backup client that offers the possibility to be
triggered remotely (by a remote start client), you also have to
install the server side and the remote start server side (see
below). Further configuration is not necessary.

Client Side
-----------

1) Build the distribution, enter:

        make client

   Warnings can usually be ignored.
   You will be asked to enter a key for authentication. This
   key is needed, so that no one else can connect to the service but
   a real backup client. This is to prevent other people or
   programs getting access to the backup media. Note that
   the stuff you enter is somewhat converted and used for
   processing some bytes sent from the server to the client.
   Both sides do some calculation, then the client sends
   back the result and the server decides whether the client
   may take control. After the successful installation you
   should do a "make distclean", so the file with the key is
   removed and cannot be used by hackers to rebuild the stuff.
   You might have the idea that it's even more secure to
   have the sources and programs read protected during
   installation so nobody can steal them.

2) Install the files and programs

   Choose an installation directory (e.g. /usr/backup)
   and enter:

     make install.client BASEDIR=/your/installation/directory

3) Configure the client side

   To do this run the program

    $BASEDIR/client/bin/clientconfig

   Everything should be self-explaining (help-command available)

   I suggest to backup as first file one containing the name of
   the client machine. On Linux the file /etc/HOSTNAME could be
   used for this purpose with the most distributions.

4) If you want the logfiles to reside in the /var-directory,
   move the $BASEDIR/client/var diretory to a subdiretory of
   /var with a name of your choice. I'd suggest
    /var/logs/backup/client .
   Then generate a symbolic link in $BASEDIR/client with the
   name var, that points to the newly created diretory under
   /var. E.g. enter:

  rmdir $BASEDIR/client/var
  mkdir -p /var/logs/backup/client
  ln -s $BASEDIR/client/var /var/logs/backup/client

5) If ordinary users should be able to restore files without
   administrator help the restore-utility must be installed
   executable for all users and setuid root. This can be achieved
   entering:

   rm -f $BASEDIR/client/bin/restore $BASEDIR/client/bin/backout
   cp $BASEDIR/client/bin/full_backup $BASEDIR/client/bin/restore
   ln $BASEDIR/client/bin/restore $BASEDIR/client/bin/backout
   chmod 4755 $BASEDIR/client/bin/restore


Server Side
-----------

1) To build the distribution enter:

     make server

   And see: Client Side

2) Install the files and programs

   Choose an installation directory (e.g. /usr/backup)
   and enter:

     make install.server BASEDIR=/your/installation/directory

3) Add a service entry to the system

   This entry must be present in /etc/services. You have to
   select a port number (i suggest 2988, what is hexadecimal
   0xbac (like backup ;-) ). The name of the service could be
   simply "afbackup". So you have to add the following line to
   /etc/services:

    afbackup   2988/tcp

   You might first want to check whether there is already an
   entry with port number 2988 for the TCP-protocol, but
   usually it is not.

4) Add a user to the system, under whose ID the service will run
   (this makes sense for a server-only system. In all other
   cases this user should be root)

   This is usually done adding a line to /etc/passwd (before
   the line starting with a +, if present):

    backup:x:2988:14:Backup Server:$BASEDIR/bu/server:

   In this entry the user's ID is 2988. Make sure that this ID
   does not already exist. If it does choose an unused one.

5) Tell the inetd about the new service

   The inetd-Superdaemon reads the file /etc/inetd.conf, so
   you have to add a line to this file. Assuming the service-
   name "afbackup" (made known in the file /etc/services) this
   line should be like this:

    afbackup stream tcp nowait <username> $BASEDIR/server/bin/server server $BASEDIR/server/lib/backup.conf

   <username> is either the user you added to the system in
   case of a server-only host, otherwise root (see above).

6) Activate the service

   This is done by sending a HANGUP-signal to the inetd.
   Find out the process-ID of inetd
   (ps -ef | grep inetd | grep -v grep
    on many systems,
    ps -uxa | grep inetd | grep -v grep
    on the others).
   Something like this will be output:

    root   431     1 0.0 Sep 27   ??    0:00.35 /usr/sbin/inetd

   The second number in the line with inetd at it's end
   (and no grep) is the process ID. Then enter:

    kill -HUP <process-id>

   In the example case:

    kill -HUP 431

7) Test the availability of the service

   Enter:

    telnet localhost backup

   If you see a greeting message like:

    AF's backup server ready.

   everything is fine.

   If you get an error message like:  backup: bad port number
   something is wrong with the entry in /etc/services.
   If you get an error like: ... connection refused
   the inetd did not start the service. Then you can have a
   look at the syslog file to find out what went wrong. There
   are usually error messages from inetd that can be found.

8) Configure the server side

   To do this, run the program

    $BASEDIR/server/bin/serverconfig

   Everything should be self-explaining (help-command available)

9) Give the backup service exclusive access to your tape

  This is simply done with

  chown <username> /dev/whatever
  chmod 600 /dev/whatever

10) If you want the logfiles to reside in the /var-directory,
   move the $BASEDIR/server/var diretory to a subdiretory of
   /var with a name of your choice. I'd suggest
    /var/logs/backup/server .
   Then generate a symbolic link in $BASEDIR/server with the
   name var, that points to the newly created diretory under
   /var. E.g. enter:

  rmdir $BASEDIR/server/var
  mkdir -p /var/logs/backup/server
  ln -s $BASEDIR/server/var /var/logs/backup/server

Remote Start Server Side
------------------------

1) To build the distribution enter:

     make server

   And see: Client Side

2) Install the files and programs

   Choose an installation directory (e.g. /usr/backup)
   and enter:

     make install.rclient install.server BASEDIR=/your/installation/directory

3) Edit the file $BASEDIR/server/lib/backup.conf

   Change the entry in the line starting with
   "Program-directory", so it reflects your installation
   directory. This Editing can be done using the program
   $BASEDIR/server/bin/serverconfig
