[H-GEN] Fixes for excalibur's backup

Russell Stuart russell-humbug at stuart.id.au
Sun Jul 12 19:38:24 EDT 2009

The backup on excalibur is working fine, except the rdiff is growing far
too quickly.  In underlying reason they are growing two quickly seems to
be because something is modifying all the access times on all files.  I
don't know what is doing it is yet, but if I was forced to take a guess
now it would be rkhunter.

In any case it is not rkhunter's problem.  The backup should cope with
changing access times.  I have a plan of attack, and will send a fix
through this week.

Although that is the major problem, it is not the only one.  Other
issues are:

1.  Someone has installed a firewall that logs every ACCEPT packets.
    This causes the several log files to grow by 12M per day each.
    I would be interested to hear the justification for logging
    ACCEPT packets.  If there isn't one, please turn it off.

2.  The auth log is growing faster than I expected.  Turn out this
    is because of dictionary attacks against ssh.  Is it possible
    to move ssh to a non standard port?

Finally, could you apply this patches to the apache2 config.  They
make apache2 easier to work with on a local VM:

diff -Nur humbug-20090711113903/etc/apache2/sites-available/default humbug-chroot/etc/apache2/sites-available/default
--- humbug-20090711113903/etc/apache2/sites-available/default	2009-01-21 03:24:30.000000000 +1000
+++ humbug-chroot/etc/apache2/sites-available/default	2009-07-04 15:28:38.000000000 +1000
@@ -1,5 +1,8 @@
 <VirtualHost *:80>
 	ServerAdmin webmaster at localhost
+        ServerName localhost
+        ServerAlias localhost.*
+        ServerAlias
 	DocumentRoot /var/www/
 	<Directory />
diff -Nur humbug-20090711113903/etc/apache2/sites-available/humbug.org.au humbug-chroot/etc/apache2/sites-available/humbug.org.au
--- humbug-20090711113903/etc/apache2/sites-available/humbug.org.au	2009-07-01 00:38:29.000000000 +1000
+++ humbug-chroot/etc/apache2/sites-available/humbug.org.au	2009-07-04 15:53:40.000000000 +1000
@@ -1,10 +1,8 @@
 <VirtualHost *:80>
 	ServerAdmin webmaster at humbug.org.au
         ServerName www.humbug.org.au
-        ServerAlias humbug.org.au
-        ServerAlias
-        ServerAlias localhost
-        ServerAlias localhost.localdomain
+        ServerAlias www.*
+        ServerAlias humbug.*
 	DirectoryIndex index.cgi index.html index.shtml index.pl index.php index.xhtml
 	DocumentRoot /srv/http/humbug.org.au/www/
@@ -22,6 +20,7 @@
 	Alias /moin_static171/ /usr/share/moin/htdocs/
 	Alias /images/ /srv/http/humbug.org.au/www/images/
 	Alias /machine-image/ /srv/http/humbug.org.au/www/machine-image/
+	Alias /s3-backup-log.txt /srv/http/humbug.org.au/www/s3-backup-log.txt
 	ScriptAlias /cgi-bin/ /srv/http/humbug.org.au/cgi-bin/
 	<Directory "/usr/lib/cgi-bin">
 		AllowOverride None
diff -Nur humbug-20090711113903/etc/apache2/sites-available/services.humbug.org.au humbug-chroot/etc/apache2/sites-available/services.humbug.org.au
--- humbug-20090711113903/etc/apache2/sites-available/services.humbug.org.au	2009-07-01 01:05:00.000000000 +1000
+++ humbug-chroot/etc/apache2/sites-available/services.humbug.org.au	2009-07-13 09:36:04.000000000 +1000
@@ -1,5 +1,6 @@
 <VirtualHost *:80>
 	ServerName services.humbug.org.au
+	ServerAlias services.*
 	Include /etc/request-tracker3.6/apache2-speedycgi.conf
 	LogLevel Info

More information about the General mailing list