From: Steve R. <Ste...@sa...> - 2010-03-09 18:28:05
|
Hi everyone! I think this idea to have automatic access to backup config files makes a lot of sense. >>> If you really want to be complete save-config could increment the version number. I'd support this - save config could either brand the date-timestamp into the filename or just increment a sequence number. If the system has a configured system-clock, then I routinely use a bash script code fragment like: myDateStamp=`date +"-%Y%m%d-%H%M%S"` myFileName="`uname -n`${myDateStamp}" tar czvf ./${myFileName}.tgz --files-from=/somewhere/over/the/rainbow/file-list" to generate a filename of "daffodil.mydomain.gov.uk-20100309-175916.tgz". If the date-timestamp idea doesn't appeal, then I'd suggest filenames built in the same way that /var/log/ files are named and logrotated. A special logrotate script could control the number of previous configs to be kept just before save-config generates a new one. I am testing a logrotate script that successfully handles filenames like "daffodil.mydomain.gov.uk-20100309-175916.tgz" and can post it if anyone is interested. Regards - Steve. Stephen H F Ralph Principal Computer Officer | Integration Team | ICT Services | Transform Sandwell Sandwell MBC | Freeth Street | Oldbury | West Midlands | B69 3DE Tel: 0121 569 3132 | Fax: 0121 569 3493 Email: ste...@sa... |
From: Steve R. <Ste...@sa...> - 2010-03-09 18:38:00
|
Hi everyone again, A colleague suggested that if the box did boot into a previous config file then it would be nice to see this in the Login Prompt. This would be good for headless boxes where the main access is SSH and would be an immediate visual clue that something is not quite right! Regards - Steve. Stephen H F Ralph Principal Computer Officer | Integration Team | ICT Services | Transform Sandwell Sandwell MBC | Freeth Street | Oldbury | West Midlands | B69 3DE Tel: 0121 569 3132 | Fax: 0121 569 3493 Email: ste...@sa... |
From: Heiko Z. <he...@zu...> - 2010-03-09 19:12:03
|
Quoting Steve Ralph <Ste...@sa...>: > Hi everyone again, > > A colleague suggested that if the box did boot into a previous > config file then it would be nice to see this in the Login Prompt. > This would be good for headless boxes where the main access is SSH > and would be an immediate visual clue that something is not quite > right! Patches are more than welcome folks. ;-) Here are some gotchas: - save-config would have to take into account the available disk space on the device - if a sign config is used, only a signed backup can be loaded (otherwise it would be too easy to hack) - save-config should always write out a checksum with the etc-mod.tar.bz2 in order to validate if it's good (we should do that anyway) -- Regards Heiko Zuerker http://www.devil-linux.org ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. |
From: Heiko Z. <he...@zu...> - 2010-03-10 19:46:55
|
Quoting Heiko Zuerker <he...@zu...>: > Quoting Steve Ralph <Ste...@sa...>: > >> Hi everyone again, >> >> A colleague suggested that if the box did boot into a previous >> config file then it would be nice to see this in the Login Prompt. >> This would be good for headless boxes where the main access is SSH >> and would be an immediate visual clue that something is not quite >> right! > > Patches are more than welcome folks. ;-) > > Here are some gotchas: > - save-config would have to take into account the available disk space > on the device > - if a sign config is used, only a signed backup can be loaded > (otherwise it would be too easy to hack) > - save-config should always write out a checksum with the > etc-mod.tar.bz2 in order to validate if it's good (we should do that > anyway) I'm pretty busy lately and won't be able to implement this feature request, so if anybody feels like doing it and then submitting a patch.... :) Otherwise please create a feature request in Mantis. -- Regards Heiko Zuerker http://www.devil-linux.org ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. |