Having been running BackupPC for the last several months, we wanted to hand off some of the periodic auditing that we do to a non-admin user. BackupPC allows for host-specific users that have full access to a specific host or hosts but there's currently no facility to allow for a user who can see data on each host in a read-only fashion. Read on for how we implemented this interface.
Ideally, this would take the form of a special “audit” user who could use the existing admin interface to view host information and possibly do a test restore of data to a temporary location but not be able to make configuration changes or start/stop backup jobs.
To get this setup, and lacking this built-in functionality, I chose to go with a de-featured copy of the admin interface. This allows for the continued, unmodified, use of the BackupPC code base for the admin interface and adds a separate audit interface that can be used to view, in a read-only fashion, the server status, host logs and backup set contents.
The changes shown here were done on an Ubuntu Hardy Heron system. These changes should work fine on other packaged systems, adjusting the paths and commands as necessary.
First, we'll create the audit interface CGI script. We'll put this in a separate directory from the existing admin interface CGI.
cd /usr/share/backuppc/ mkdir audit cp cgi-bin/index.cgi audit/audit.cgi chown backuppc:backuppc audit/audit.cgi chmod 4755 audit/audit.cgi
audit.cgi, removing the items from the
ActionDispatch hash that you don't want the audit interface to have access to. The remaining actions defined here will be those that the audit user will be able to use. Something like this should work:
my %ActionDispatch = ( "summary" => "Summary", "view" => "View", "LOGlist" => "LOGlist", "browse" => "Browse", "dirHistory" => "DirHistory", "hostInfo" => "HostInfo", "generalInfo" => "GeneralInfo", );
Create a new
htpasswd file for the audit interface to use using the backuppc username and a different password from the one used by the existing backuppc user used by the default admin interface:
htpasswd -c /etc/backuppc/htpasswd.audit backuppc
/etc/backuppc/apache.conf configuration file. You'll want to change the
AllowOverride entry in the existing
Directory block for the
/usr/share/backuppc/cgi-bin/ directory and add a new
Directory block for the
First, change the
AllowOverride entry in the
Directory block to read:
AllowOverride AuthConfig Limit
Then add a block, similar to the existing block, to point to the audit directory:
Alias /audit /usr/share/backuppc/audit/ <Directory /usr/share/backuppc/audit/> AllowOverride None Options ExecCGI FollowSymlinks AddHandler cgi-script .cgi DirectoryIndex audit.cgi AuthGroupFile /etc/backuppc/htgroup AuthUserFile /etc/backuppc/htpasswd.audit AuthType basic AuthName "BackupPC Audit" require valid-user </Directory>
/usr/share/backuppc/image/.htaccess file so that
audit.cgi can access the image, css and js files located therein. Modify the “Allow” entry as needed. This will effectively restrict access for the audit interface to the hosts or networks allowed, but continue to allow authenticated admin interface users to work normally.
Allow from 192.168.1 Satisfy Any
Connect to http://HOSTNAME/audit/ with the new backuppc password and you should see what looks like the normal admin interface. This presents all of the admin options but selecting them simply results in the re-display of the status page. No actions are taken. The audit interface will allow the user to browse backups looking for files, checking backup results and status, but they won't be able to start/stop any backup jobs, nor will they be able to restore any files or make any configuration changes.
This is by no means a perfect implementation, but it meets our need for a read-only audit interface without getting elbow-deep in the BackupPC code base.comments powered by Disqus