• EN

script for an immutable configuration backup on linux

  • 5 February 2024
  • 3 comments
  • 212 views
BertrandFR
Userlevel 7
Badge +8

Hello,

I could say better late than never, i’m using a script since many years to make my configuration configuration immutable on a linux repos.
Even it is now available for object storage and it will probably be immutable in future release, i think it could useful to share it.

 

#!/bin/bash

# Define a list of target directories
target_directories=("/path/to/your/target_directory1" "/path/to/your/target_directory2")
attribute_to_apply=" +i" # The chattr attribute to apply (e.g., immutable)
time_to_wait_days=10 # Time to wait in days before removing chattr attribute
log_path="/path/to/your/logfile.log" # Replace with your desired log path

# Calculate the time to wait in seconds
time_to_wait_seconds=$((time_to_wait_days * 24 * 60 * 60))

# Log the start time
echo "$(date): Chattr attribute application started for files in ${target_directories[*]}" >> $log_path

# Loop through all target directories
for target_directory in "${target_directories[@]}"; do
    # Loop through all files in the target directory
    for file_path in "$target_directory"/*; do
        if [ -f "$file_path" ]; then
            # Apply chattr attribute
            chattr $attribute_to_apply "$file_path"

            # Log the applied attribute for each file
            echo "$(date): Chattr attribute applied to $file_path" >> $log_path
        fi
    done
done

# Loop through all target directories again to remove chattr attribute if older than 10 days
current_time=$(date +%s)
for target_directory in "${target_directories[@]}"; do
    for file_path in "$target_directory"/*; do
        if [ -f "$file_path" ]; then
            # Get file modification time
            file_modification_time=$(stat -c %Y "$file_path")

            # Check if the file is older than 10 days
            if [ $((current_time - file_modification_time)) -ge $time_to_wait_seconds ]; then
                # Remove chattr attribute
                chattr -i "$file_path"

                # Log the removed attribute for each file
                echo "$(date): Chattr attribute removed from $file_path" >> $log_path
            fi
        fi
    done
done

# Log the end time
echo "$(date): Chattr attribute application completed for files in ${target_directories[*]}" >> $log_path

echo "Chattr attribute applied and removed after $time_to_wait_days days for files older than 10 days. Check $log_path for details."

target directories can be many or single, you could use * but please use “” “” because it’s special character.

Time is in days and should be equal or higher than your retention.

Logs target could be /var/log/VeeamBackup :)

crontab everyday:

crontab -e

@daily bash +x /example/veeam/scripts/chattr_configuration_backup.sh

Please feel free to suggest any improvements. 

@EricM @Julien Mousqueton 

3 comments

coolsport00
Userlevel 7
Badge +17

Ah, ok...a BASH script. Nice @BertrandFR !! Thanks for sharing!

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
leduardoserrano
Userlevel 7
Badge +6

Thanks for sharing, @BertrandFR ! 👏🏻

Luiz Eduardo Serrano. Cloud Architect, Systems Engineer for Veeam and Object First. Veeam Vanguard/VMCA 2024/VMCE. VMware Tanzu Vanguard 2024/VCP Security/VMware User Group, 4xHPE Master ASE/Instructor, RedHat Ansible SE/Instructor, AWS Architect, Nutanix NCA, Cisco-HPE Cloud & DC champion. My blog: https://cloudnroll.com
Chris.Childerhose
Userlevel 7
Badge +20

This is a very nice script and may just come in handy.  Going to take a look at it more with my repos. 😁

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech

Comment


Terms & Conditions