Category Archives: Unix

Simple MySQL Backup Script

Below is a simple database backup script to use with MySQL.

#!/usr/bin/perl -w

use strict;

# Backup – Script used to backup MySQL databases to an NFS share.
# VERSION: 1.2
# DATE: 12152005
# AUTHOR: packetmad

# This is a Freebsd 4.x-centric script. It may run on other
# versions of Freebsd, or any other BSD for that matter, but I
# wrote it on a Freebsd 4.7 system. It’s not even guaranteed
# to run on that.

# Speaking of guarantees, warranties, etc., there ain’t one, so
# don’t even try. :P
# I am not responsible for the output of this script, nor am I
# responsible for any damage or data loss as a result of using
# this script. In short, I am not responsible for anything
# regarding this script.
# Furthermore, I am not responsible if this script causes
# Your dog to die, your wife to leave you, or
# your truck to break down.
# I am releasing this script under the conventions of the BSD
# license. You can use it, modify it, sleep with it, or
# whatever. If you do find this script useful or have
# suggestions on a better way to do some things contained here
# in, I welcome all correspondence.
# The latest version of this script can be obtained at:
# http://tech.kulish.com

# USE THIS SCRIPT AT YOUR OWN RISK!!!!!!!!!!!!!!!!!!

# Change Log
# v1.1
# Date: 11302002
# Initial Release, absolutely BUG FREE! :)
# v1.2
# Date: 12152005
# Added compression functionality
# Added naming of backup files by date
# Changed longterm storeage directory for 1back to store1

###
# Declare variables and arrays.
###

my (
$bdir, $sysname, $logfile, %databases, $key, $database, $rightnow
);

$bdir = ‘/databases/’;
chomp ( $sysname = `uname -n` );
chomp ( $rightnow = `date +%m%d%G%H%M` );
#print $rightnow;
# Databases we want to backup and associated archive names.
# Database => sql file pairs.

%databases = (‘testdb1’ => ‘testdb1.sql’,
‘testdb2’ => ‘testdb2.sql’);

###
# Backup Section
###
foreach $key (sort keys %databases) {
$database = $databases{$key};
`mysqldump -uUSERNAME -pPASSWORD $key >> $bdir$sysname/$database`;}

###
# Compression Functionality
###

foreach $key (sort keys %databases) {
$database = $databases{$key};
`gzip -c $bdir$sysname/$database > $bdir$sysname/$rightnow$database.gz`;}

# scp them to the fileshare
#`scp $bdir$sysname/*.gz USERNAME\@SERVER:databases`;

###
# Clean backup dir
###

`rm -rf $bdir$sysname/*.sql`;
`mv $bdir$sysname/*.gz $bdir$sysname/store1`;

Security Audit Time Again!

So, I’m sitting there, minding my own business because it’s towards the end of the work day and I just want to get home. Then an email comes in, another security audit is coming down the pipe. No big deal, been through them before, but they are a pain in the ass.

I figured what the hell, I’ll read through the requirements to see what they are looking for. I get to about line 5 of the email, and right there, amidst all the other ludicrous requests is them asking for my “/etc/shadow report”. There is no “report” that can be yielded from the shadow file, other than brute forcing the passwords and seeing what comes up. I know for a fact that these jackasses aren’t bright enough to actually asking for that, so that must mean… The light comes on, WHAT IN THE *censored* DO THEY NEED MY SHADOW FILE FOR? IT’S GOT ALL THE GODDAMN PASSWORDS.

Well, I start thinking, could just be a test, seeing if I’ll just upchuck the guts to my servers without asking why. So, I grind out a short email to the ol’ manager stating the fact (adlib here) that I wouldn’t give that file to my own mother.

Gets to be time to go, and as usual, I do a quick round to make sure none of the developers need anything from the “server god” before I go home for the day. I pop my head into the manager’s office, exchange a little chit chat. He then informs that “they (meaning the audit firm) got a lot out of us last time and I’m sure there is something in the contract.” I about breached my BVD’s on the spot.

Now, I don’t want to make it look like my manager is the devil himself. He does try hard afterall, but that comment got me thinking there is no conductor on this train and I’m just behind the coal car. This is gonna hurt.

So, if I am, in the end, forced to surrender that file to the audit team, I do so under protest. Nasty, rioting in the streets type peaceful protest. If and when my servers are r00ted, every swingin’ richard better be there with me while I rebuild. Everyone down from the CIO of the Americas to the audit team.

**Edited by Request**