|
#!/bin/sh /etc/rc.common
|
|
|
|
. /lib/functions.sh
|
|
|
|
START=95
|
|
STOP=10
|
|
|
|
USE_PROCD=1
|
|
BACKUPPC_BIN="/usr/share/backuppc/bin/BackupPC"
|
|
BACKUPPC_USER=backuppc
|
|
|
|
# it would be better if it was possible to do this at install time, but we
|
|
# can't, because in case of an openwrt image bundled with backuppc, all
|
|
# ownerships other than root are lost.
|
|
preconfigure() {
|
|
# create backuppc group and user if needed
|
|
if ! group_exists backuppc; then
|
|
group_add backuppc 864
|
|
fi
|
|
if ! user_exists backuppc; then
|
|
user_add backuppc 864 864 "BackupPC user" /data/backuppc /bin/sh
|
|
fi
|
|
# install default config if none exists, yet
|
|
if [ ! -e /data/backuppc/conf/config.pl ]; then
|
|
cp /usr/share/backuppc/conf/config.pl /data/backuppc/conf/config.pl
|
|
fi
|
|
# ensure proper ownerships and rights
|
|
chown backuppc:backuppc /data/backuppc /data/backuppc/* \
|
|
/www/cgi-bin/BackupPC_Admin
|
|
chmod 750 /data/backuppc /data/backuppc/*
|
|
chmod 755 /usr/share/backuppc/bin/BackupPC_Admin_real
|
|
# The CGI needs to be world-executable, because uhttpd-cgi.c:386 checks
|
|
# for exactly that. We don't want that, but can't avoid it, currently.
|
|
chmod 6751 /www/cgi-bin/BackupPC_Admin
|
|
chown -R :backuppc /data/backuppc/conf
|
|
chmod 2770 /data/backuppc/conf
|
|
# protect webinterface with a random password by default
|
|
if [ -x /usr/sbin/uhttpd ] && ! grep -q backuppc /etc/httpd.conf >/dev/null 2>&1; then
|
|
PASS=$(perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..8)')
|
|
PASSHASH=$(/usr/sbin/uhttpd -m "${PASS}")
|
|
echo "/cgi-bin/BackupPC_Admin:backuppc:${PASSHASH}" >> /etc/httpd.conf
|
|
uci set uhttpd.main.config=/etc/httpd.conf
|
|
/etc/init.d/uhttpd restart
|
|
# inform user
|
|
echo
|
|
echo "To protect access to the backuppc web interface, HTTP basic authentication in"
|
|
echo "uhttpd for http://$(/sbin/uci get "system.@system[0].hostname")/cgi-bin/BackupPC_Admin has been configured:"
|
|
echo "user: backuppc"
|
|
echo "pass: ${PASS}"
|
|
echo
|
|
echo "It is also recommended to follow the steps in"
|
|
echo "https://wiki.openwrt.org/doc/uci/uhttpd#securing_uhttpd"
|
|
echo "to secure access to uhttpd."
|
|
fi
|
|
}
|
|
|
|
start_service() {
|
|
# don't run preconfigure steps if called during image build
|
|
if [ -z "${IPKG_INSTROOT}" ]; then
|
|
preconfigure
|
|
fi
|
|
procd_open_instance
|
|
procd_set_param user $BACKUPPC_USER
|
|
procd_set_param reload_signal 1
|
|
procd_set_param command $BACKUPPC_BIN
|
|
}
|