You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

66 lines
2.5 KiB

  1. #!/bin/sh /etc/rc.common
  2. . /lib/functions.sh
  3. START=95
  4. STOP=10
  5. USE_PROCD=1
  6. BACKUPPC_BIN="/usr/share/backuppc/bin/BackupPC"
  7. BACKUPPC_USER=backuppc
  8. # it would be better if it was possible to do this at install time, but we
  9. # can't, because in case of an openwrt image bundled with backuppc, all
  10. # ownerships other than root are lost.
  11. preconfigure() {
  12. # create backuppc group and user if needed
  13. if ! group_exists backuppc; then
  14. group_add backuppc 864
  15. fi
  16. if ! user_exists backuppc; then
  17. user_add backuppc 864 864 "BackupPC user" /data/backuppc /bin/sh
  18. fi
  19. # install default config if none exists, yet
  20. if [ ! -e /data/backuppc/conf/config.pl ]; then
  21. cp /usr/share/backuppc/conf/config.pl /data/backuppc/conf/config.pl
  22. fi
  23. # ensure proper ownerships and rights
  24. chown backuppc:backuppc /data/backuppc /data/backuppc/* \
  25. /www/cgi-bin/BackupPC_Admin
  26. chmod 750 /data/backuppc /data/backuppc/*
  27. chmod 755 /usr/share/backuppc/bin/BackupPC_Admin_real
  28. # The CGI needs to be world-executable, because uhttpd-cgi.c:386 checks
  29. # for exactly that. We don't want that, but can't avoid it, currently.
  30. chmod 6751 /www/cgi-bin/BackupPC_Admin
  31. chown -R :backuppc /data/backuppc/conf
  32. chmod 2770 /data/backuppc/conf
  33. # protect webinterface with a random password by default
  34. if [ -x /usr/sbin/uhttpd ] && ! grep -q backuppc /etc/httpd.conf >/dev/null 2>&1; then
  35. PASS=$(perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..8)')
  36. PASSHASH=$(/usr/sbin/uhttpd -m "${PASS}")
  37. echo "/cgi-bin/BackupPC_Admin:backuppc:${PASSHASH}" >> /etc/httpd.conf
  38. uci set uhttpd.main.config=/etc/httpd.conf
  39. /etc/init.d/uhttpd restart
  40. # inform user
  41. echo
  42. echo "To protect access to the backuppc web interface, HTTP basic authentication in"
  43. echo "uhttpd for http://$(/sbin/uci get "system.@system[0].hostname")/cgi-bin/BackupPC_Admin has been configured:"
  44. echo "user: backuppc"
  45. echo "pass: ${PASS}"
  46. echo
  47. echo "It is also recommended to follow the steps in"
  48. echo "https://wiki.openwrt.org/doc/uci/uhttpd#securing_uhttpd"
  49. echo "to secure access to uhttpd."
  50. fi
  51. }
  52. start_service() {
  53. # don't run preconfigure steps if called during image build
  54. if [ -z "${IPKG_INSTROOT}" ]; then
  55. preconfigure
  56. fi
  57. procd_open_instance
  58. procd_set_param user $BACKUPPC_USER
  59. procd_set_param reload_signal 1
  60. procd_set_param command $BACKUPPC_BIN
  61. }