Tested some of it
I think I’m just going to run a test, wish me luck:>)
Ok I logged on and renamed did a full backup of /home with webmin. Webmin just basically uses the dump command. This was backed up to a file called “backups”.
After dumping everything I renamed the /home directory to /homeb and re-booted.
Everything of course broke as expected.
I restored the backup from “backups” and re-booted.
Everything came back up just fine with everything intact.
Then I renamed one if my /home/sitename directories.
Verified the site was not available.
Restored /home/sitename from “backups”.
Site was available with no problems.
This is a very basic test, however it seems to work so far.
I’m thinking that if I found a rootkit on this server today, then after I got a fresh system, got interworx reinstalled and working and ready for sites, then I could restore
/etc
/home
/var
/root
And reboot and I’d pretty much be where I was at the time of the backup. Anyone have any comments?
Also, I noticed the siteworx backup I took backed up to /home/sitename/backups. Using that directory, If something happened to /sitename, perhaps in a drunken stupor I accidentaly delete it or perhaps in a fit of rage at an old girlfriend who has a couple of sites on my server and is not very keen on paying me for them, I delete them, or perhaps a bad guy from 24 targets an EMP device at a specific site on my server.
I guess the question is can I backup to a directory outside of my /sitename directory for saftey’s sake, cause if that’s gone the backups are gone with it…
Back when I started in the IT biz, one of my early jobs as a newbie systems programmer trainee was to check the backups each morning and insure reruns, this consisted of checking the return code for the backup in the backup printouts for the backup jobs (this was an MVS system) and filing them away for safekeeping every day.
This was a very tedious job with over 200 jobs that had to be checked, that I focused on very well early on but after a few weeks at it and the fact that I had not had any errors show up in quite a while I got lazy sort of going through the motions checking some here and there.
Then came the day we had a couple of disk drive failures, these things always happened in twos because the actual volumes were in tandem on a pyhsical drum.
Needless to say, I as luck would have it one of the failures was on a drive that I had not checked very carefully, the backup had been failing for about a week and we had to restore from a backup that was nearly two weeks old as a result.
Thus was it beaten into my pea brain the importance of backups and after the dang rootkit I’ve developed backup phobia:>)
Mind you, I was prepared for a disk drive failure, the RK was a new twist because of the fact that it basically renders your backups useless unless you can make sure it does not live within any of the backup files and many of them do hook themselves into many places.
That’s why I’m taking pains to iron all of this out now…
Thanks for everyone’s input and advice…