OK. I’m a bonehead. The link I provided to my backup script tarball was broken. The link is fixed.

But wait! A new version of the scripts will be posted in a few days. It’s got some bug fixes and some new features. With it, the little birds really do sing more cheerfully, and the colors really will be brighter.

(As an aside … I don’t know why none of the people who clicked on the broken link bothered to send me an email or leave a comment to tell me there was a problem. Could that all have been robot traffic?)

[Update — fixed the link!]

Automated Backups are a good thing. Automated Backups make the little birds sing, the rainbows shine, and little fauns gambol about in beautiful green forests. When computers are backed up, the butterflies flutter, the flowers bloom, and the fruit from the trees taste just a little sweeter. But when computers are not backed up, the universe becomes angry.

An angry universe is not a good thing. An angry universe makes little birds cry. An angry universe makes Cthulhu come and visit.

So. Automated backups. I’m partial to rdiff-backup because it allows me to not only back up data, but keep previous versions available. Backing up nightly doesn’t help if you accidentally overwrite the contents of a file with something, and don’t notice for a day or two. But with rdiff-backup, you can restore the version before the error.

Unfortunately, rdiff-backup really is designed for server-to-server backups, where each end of the transaction has shell access. Enter duplicity, a related project. It’s more designed for storing backups on servers that you don’t control and/or don’t trust. It allows encryption of your backup sets, as well as supporting a wider variety of protocols (ftp, scp, s3, etc.)

So with a combination of these two scripts, you can backup pretty much any POSIX-ish server to pretty much anything that you can ftp or ssh into. Still, it’d be nice if you could:

• Check that the backups completed successfully, and get email confirming that success or warning on a failure.
• Configure up all of your various backups by a simple text file, rather than remembering the different command-line formats.
• Create groups of options that can be applied to backup tasks.
• Issue commands on the backup source and destinations before and/or after the backup (good for dumping databases into a flat file, for example, and then deleting it after it’s backed up).
• Get email confirmation on completion of backups.
• Have some tools to simplify the securing of the backup process.

For these reasons, I put together this backup script, which is basically a Ruby wrapper for rdiff-backup and duplicity. It’s almost entirely configured via two human-readable yaml files.

It’s flexible, reasonably simple to use, and comes without any guarantees whatsoever. Feel free to use it yourself!

DISCLAIMER: it’s as-is. Not to be used in place of a certified Cthulhu-deterrent. Use at your own risk. To quote the duplicity page: “[it] is not stable yet. It is thought to have a few bugs, but will work for normal usage, and should continue to work fine until you depend on it for your business or to protect important personal data.” — that goes for me too, only double.

I’ve been busy setting up a new hosting environment for a bunch of static HTML and PHP-based web sites on a Go Daddy Virtual Server. It was going swimmingly, until I came to an old CMS Made Simple site (running 0.10.x), which merely returned blank pages. Newer versions of CMS Made Simple ran fine. I could find nothing in the virtual host’s web error logs, the php log, the mysql error logs, the eaccelerator error logs, or any other system logs — except in the main Apache error log, there was:

child pid XXXXX exit signal Segmentation fault (11)

Searching around, this looks like it could be some kind of threading issue; however, I’m following the recommendations and using the Apache 2 prefork MPM.

Eventually, the (weak) solution I came up with is to turn off eaccelerator for that virtual host. This remedies the situation, although I can’t say it makes me very happy, since I don’t understand exactly what’s going on (or what the problem is).

I’d welcome insight into this.

Details: Fedora Core 4, Apache/2.0.54 (Fedora), PHP 5.0.4, eAccelerator 0.9.5.

This is probably obvious to everyone in the universe but me, but I was having a problem where my outbound email was being scanned by sa-exim, in addition to the desired scanning of incoming email.

The trick is in setting your SAEximRunCond in sa-exim.conf correctly. This is probably documented somewhere, but I totally missed it. In any case, assuming you want to skip scanning of email originating in your local network (e.g., IP address of 10.3.2.0/24) and that you changed the secret SA-Do-Not-Run header’s name to SA-Do-Not-Think-Of-Running, you would use the following line in your sa-exim.conf:

SAEximRunCond: ${if and {{def:sender_host_address} {!eq {${mask:$sender_host_add
ress/24}}{10.3.2.0/24}} {!eq {$h_X-SA-Do-Not-Think-Of-Running:}{Yes}} } {1}{0}}


Voila, outbound emails are no longer checked. Of course, if you are sending spam, please do not make the above change, but instead please swallow whole six to ten large, unpeeled pineapples.

So, courtesy of the DWP, the Meier Quagg was without power for about 7.5 hours today. It’s not clear what was wrong. The other side of the street had power, as did several parallel streets nearby, but this side of Meier was out, as were patches of Venice like the Oakwood.
Anyway, when the power came back up, most of the servers came back with it. Intervention was required for the Golem, Pylonhead, and Sekhmet. Sekhmet was the worst. I only got the “LI” of LILO, which says that the /boot/boot.b file was bad, or the drive geometry was hosed.

So I tried my trusty Debian rescue disk. Typed rescue root=/dev/hda1 at the boot: prompt. The boot failed with a complaint that /dev/hda1 was an MSDOS partition. uh-oh… MSDOS?

Of course, it turns out that I was using the wrong rescue disk. I was using a Woody ISO, and I had upgraded the machine to Sarge — and EXT3, which evidently was not compiled into the rescue disk. When I finally tried the correct rescue disk, it came up neatly, repaired the journals, and gave me my precious root prompt.

I did the LILO replacement trick (lilo -u /dev/hda; lilo), popped out the CD, rebooted, and held my breath. Then I decided to breathe. It’s my second fastest server, but it’s still a four-plus-year-old Dell Optiplex. In any case, it came up cleanly and there was much rejoicing.

Now it’s just a matter of waiting for the mail secondary to forward on all the queued up spam.