#!/usr/local/cpanel/3rdparty/bin/perl # cpanel - scripts/cpbackup Copyright 2022 cPanel, L.L.C. # All rights reserved. # copyright@cpanel.net http://cpanel.net # This code is subject to the cPanel license. Unauthorized copying is prohibited use strict; use Try::Tiny; use Capture::Tiny (); use Cwd (); use Cpanel::ExitValues::rsync (); use Cpanel::PwCache::Build (); use Cpanel::SafeDir::MK (); use Cpanel::LoadFile (); use Cpanel::BackupMount (); use Cpanel::Backup::SystemResources (); use Cpanel::Hostname (); use Cpanel::Binaries (); use Cpanel::OSSys (); use Cpanel::OSSys::Capabilities (); use Cpanel::CpuWatch (); use Cpanel::Exception (); use Cpanel::Logger (); use Cpanel::FileUtils::TouchFile (); use Cpanel::FileUtils::Copy (); use Cpanel::FileUtils::Move (); use Cpanel::Config::Backup (); use Cpanel::Config::LoadConfig (); use Cpanel::Config::FlushConfig (); use Cpanel::Config::LoadCpConf (); use Cpanel::Config::LoadCpUserFile (); use Cpanel::Config::IPs::RemoteDNS (); use Cpanel::Config::IPs::RemoteMail (); use Cpanel::Config::Users (); use Cpanel::ConfigFiles (); use Cpanel::Kill::Single (); use Cpanel::Mailman::Filesys (); use Cpanel::MysqlUtils::Dir (); use Cpanel::SafeRun::Errors (); use Cpanel::SimpleSync (); use Cpanel::Tar (); use Cpanel::IONice (); use Cpanel::Gzip::Config (); use Cpanel::Usage (); use Cpanel::Backup::Sync (); use Cpanel::Update::InProgress (); use Cpanel::Locale (); use Cpanel::ConfigFiles::Apache (); use Cpanel::StringFunc::Trim (); use Cpanel::Waitpid (); use Cpanel::FtpUtils::ResponseCodes (); use Cpanel::SignalManager (); use Cpanel::OS (); # # These constants identify the backup type # which is running and to name the pid file # We'll be passing this to the set of common functions # used by the old and new backup systems to avoid collisions # use constant BACKUP_ID => Cpanel::Backup::Sync::BACKUP_TYPE_OLD; use constant BACKUP_ID_OTHER => Cpanel::Backup::Sync::BACKUP_TYPE_NEW; my $start_time = time(); my $apacheconf = Cpanel::ConfigFiles::Apache->new(); my $logger = Cpanel::Logger->new(); our $VERSION = 2.1; $Cpanel::BackupMount::VERBOSE = 1; $ENV{'PATH'} .= ":/sbin"; our $logdir = '/usr/local/cpanel/logs/cpbackup'; my $force = 0; my $debug = 0; my $allow_override = 0; my $monthly = 0; my $weekly = 0; my $locale; my $LAST_CPUSYSTEM_ERROR; $locale ||= Cpanel::Locale->get_handle(); my %opts = ( 'force' => \$force, 'debug' => \$debug, 'monthly' => \$monthly, 'weekly' => \$weekly, 'allow-override' => \$allow_override, ); Cpanel::Usage::wrap_options( \@ARGV, \&usage, \%opts ); my $host = Cpanel::Hostname::gethostname(); my %CPCONF = Cpanel::Config::LoadCpConf::loadcpconf(); if ( Cpanel::Update::InProgress->is_on() ) { $logger->warn("An update is in progress. Backups are disabled at this time."); exit 1; } # # Handle the case where another instance of the script # is already running # Cpanel::Backup::Sync::handle_already_running( BACKUP_ID, $logdir, $logger ) or exit 1; # Load the configuration and do some preliminary checks as to whether we # actually need to run before trying to wait for the other backup to complete # and warning the user. my %CONF = Cpanel::Config::Backup::load(); if ( $CONF{'BACKUPENABLE'} ne "yes" ) { if ( -t \*STDOUT ) { print STDERR "[cpbackup] Backup Not Enabled (This can be adjusted in WHM => Backup => Legacy Backup Configuration)\n"; } exit 1; } if ( $CONF{'BACKUPENABLE'} ne "restoreonly" && $CONF{'BACKUPENABLE'} ne "yes" ) { print STDERR "[cpbackup] Backup Not Enabled (restore only) (This can be adjusted in WHM => Backup => Legacy Backup Configuration)\n"; exit 1; } if ( $CONF{'BACKUPCHECK'} ne "yes" ) { print STDERR "[cpbackup] Backup must be re-enabled in your WHM (This can be adjusted in WHM => Backup => Legacy Backup Configuration)\n"; exit 1; } # # If the other backup type is running wait for it to finish, # then flag that we are running so the other backup type can not # start # my $rc = Cpanel::Backup::Sync::set_backup_as_running_after_other_finishes( BACKUP_ID, BACKUP_ID_OTHER, time(), $logger ); if ( $rc == Cpanel::Backup::Sync::OTHER_TYPE_RUNNING ) { print STDERR "[backup] Unable start backup script"; require Cpanel::iContact::Class::Backup::Failure; require Cpanel::Notify; Cpanel::Notify::notification_class( 'class' => 'Backup::Failure', 'application' => 'Backup::Failure', 'constructor_args' => [ 'origin' => 'Legacy cPanel Backup System', 'start_time' => $start_time, 'end_time' => time(), 'reason' => $locale->maketext('The system could not complete the backup because legacy and current backup processes may not run concurrently, and the first backup process has not finished.') ] ); exit 1; } if ( $rc != Cpanel::Backup::Sync::SUCCESS ) { print STDERR "[backup] Unable start backup script"; require Cpanel::iContact::Class::Backup::Failure; require Cpanel::Notify; Cpanel::Notify::notification_class( 'class' => 'Backup::Failure', 'application' => 'Backup::Failure', 'constructor_args' => [ 'origin' => 'Legacy cPanel Backup System', 'start_time' => $start_time, 'end_time' => time(), 'reason' => $locale->maketext( 'The system could not complete the backup because a test of “[_1]” resulted in an error.', '/bin/backup' ) ] ); exit 1; } # # If stats are running, request that they pause # if ( $CPCONF{'nocpbackuplogs'} ) { Cpanel::Backup::Sync::pause_stats_if_needed($logger); } my $gzip_cfg = Cpanel::Gzip::Config->load(); my $gzip_bin = $gzip_cfg->{'bin'}; if ( !-x $gzip_bin ) { $logger->info('Unable to locate suitable gzip binary'); exit 1; } my $rsync_bin = Cpanel::Binaries::path('rsync'); if ( !-x $rsync_bin ) { $logger->info('Unable to locate suitable rsync binary'); exit 1; } my $tarcfg = Cpanel::Tar::load_tarcfg(); my ( $status, $message ) = Cpanel::Tar::checkperm(); exit 1 if !$status; # No need to show message here, handled in checkperm routine my $tar_bin = $tarcfg->{'bin'}; my $now = time; my $rsyncopts = '-rlptD'; #recusive, copy symlinks as symlinks, preserve permissions, #preserve times, preserve devices $ENV{'CPBACKUP'} = 1; if ( !$CPCONF{'skipnotifyacctbackupfailure'} ) { $ENV{'CPBACKUP_NOTIFY_FAIL'} = 1; } my $CAPABILITIES = Cpanel::OSSys::Capabilities->load; my $pkgacct = -x '/usr/local/cpanel/bin/pkgacct' ? '/usr/local/cpanel/bin/pkgacct' : '/usr/local/cpanel/scripts/pkgacct'; if ($allow_override) { if ( -e '/var/cpanel/lib/Whostmgr/Pkgacct/pkgacct' && -x _ ) { $pkgacct = '/var/cpanel/lib/Whostmgr/Pkgacct/pkgacct'; } } my $has_link_dest = 0; if ( $CONF{'BACKUPINC'} eq 'yes' && $CONF{'LINKDEST'} && ( $CONF{'LINKDEST'} eq 'yes' || $CONF{'LINKDEST'} eq '1' ) ) { my $rsync_help = Cpanel::SafeRun::Errors::saferunallerrors( $rsync_bin, '--help' ); $has_link_dest = ( $rsync_help =~ /link-dest/ ? 1 : 0 ); } if ( ( !exists $CONF{'PREBACKUP'} || $CONF{'PREBACKUP'} eq '-1' || $CONF{'PREBACKUP'} eq '' ) && -e '/usr/local/cpanel/scripts/precpbackup' && -x _ ) { if ( !exists $CONF{'PREBACKUP'} ) { require Cpanel::Redirect; my $url_host = Cpanel::Redirect::getserviceSSLdomain('cpanel') || $host; if ( my $pid = fork() ) { Cpanel::Waitpid::sigsafe_blocking_waitpid($pid); if ( $? && $? & 127 ) { my $signum = $? & 127; print STDERR "[cpbackup] WARNING: Process $pid died from signal $signum!\n"; } } else { require Cpanel::Notify; Cpanel::Notify::notification_class( 'class' => 'Backup::PreBackupNotice', 'application' => 'Legacy cPanel Backup System', 'status' => 'prebackup deprecation', 'priority' => 2, 'interval' => 60 * 60 * 24, 'constructor_args' => [ 'origin' => 'Legacy cPanel Backup System' ] ); exit(0); } } if ( -t STDIN ) { print "[cpbackup] Executing user defined pre backup script (/usr/local/cpanel/scripts/precpbackup) [LEGACY].\n"; } system '/usr/local/cpanel/scripts/precpbackup'; $CONF{'PREBACKUP'} = 0; # Prevent from running again } if ( exists $CONF{'GZIPRSYNCOPTS'} ) { $ENV{'GZIP'} .= $CONF{'GZIPRSYNCOPTS'}; } else { $CONF{'GZIPRSYNCOPTS'} = $gzip_cfg->{'rsyncable'} ? '--rsyncable' : ''; $ENV{'GZIP'} .= $CONF{'GZIPRSYNCOPTS'}; Cpanel::Config::Backup::save( \%CONF ); } $ENV{'pkgacct-cpbackup'} = 1; #BACKUPDIR /backup #BACKUPINT daily #BACKUPENABLE yes #BACKUPCHECK yes #BACKUPMOUNT no #BACKUPINC no #BACKUPFILES yes #BACKUPACCTS #DIEIFNOTMOUNTED no #BACKUPDAYS 0,1,2,3,4,5,6 #BACKUPLOGS no #MYSQLBACKUP accounts #BACKUPTYPE normal,ftp if ( $> == 0 ) { $ENV{'USER'} = 'root'; $ENV{'HOME'} = '/root'; } # my %SKIPUSERS; # if ( open my $userskip_fh, '<', '/etc/cpbackup-userskip.conf' ) { # while (<$userskip_fh>) { # chomp; # $SKIPUSERS{$_} = 1; # } # close $userskip_fh; # } my @FILES = ( qw( /etc/exim.conf /etc/exim.conf.local /etc/exim.conf.localopts /etc/namedb/named.conf /etc/rc.conf /etc/named.conf /etc/proftpd.conf /etc/pure-ftpd.conf /etc/localdomains /etc/httpd/conf/httpd.conf /usr/local/apache/conf/httpd.conf /etc/group /etc/shadow /etc/digestshadow /etc/master.passwd /etc/passwd /etc/fstab /root/.my.cnf /etc/ips /etc/reservedips /etc/reservedipreasons /etc/wwwacct.conf /etc/remotedomains /etc/rndc.conf /etc/secondarymx /etc/senderverifybypasshosts /etc/spammeripblocks /etc/blocked_incoming_email_countries /etc/blocked_incoming_email_country_ips /etc/blocked_incoming_email_domains /etc/cpanel_exim_system_filter /etc/global_spamassassin_enable /etc/spammers /etc/my.cnf /etc/dovecot/sni.conf /var/cpanel/greylist/conf /var/cpanel/greylist/greylist.sqlite /var/cpanel/mysql/remote_profiles/profiles.json ), $apacheconf->file_conf(), Cpanel::Config::IPs::RemoteDNS->PATH(), Cpanel::Config::IPs::RemoteMail->PATH(), ); my @DIRS = ( $Cpanel::ConfigFiles::VALIASES_DIR, $Cpanel::ConfigFiles::VDOMAINALIASES_DIR, $Cpanel::ConfigFiles::VFILTERS_DIR, $Cpanel::ConfigFiles::FTP_PASSWD_DIR, Cpanel::Mailman::Filesys::MAILMAN_DIR(), Cpanel::OS::user_crontab_dir(), qw( /etc/cpanel /etc/namedb /etc/ssl /usr/share/ssl /var/cpanel /var/cron/tabs /var/lib/named/chroot/var/named/master /var/lib/rpm /var/log/bandwidth /var/named /var/spool/cron /var/spool/fcron /var/ssl ), ); if ( $CONF{'BACKUPDAYS'} ne "" ) { my @BACKUPDAYS = split( /\,/, $CONF{'BACKUPDAYS'} ); my ( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst ) = localtime($now); my $backupthisday = 0; foreach (@BACKUPDAYS) { if ( $wday eq $_ ) { $backupthisday = 1; } } if ( !$backupthisday && !$force ) { print STDERR "[cpbackup] Backups are not scheduled to run today (This can be adjusted in WHM => Backup => Legacy Backup Configuration)\n"; exit 1; } } my $basedir = $CONF{'BACKUPDIR'}; # Create log dir and rotate log files setup_and_clean_logs(); my $log_file_path = Cpanel::Backup::Sync::log_file_path( $logdir, $now ); my ( $SIGNAL_MANAGER, $at_perl_end ); if ( !$debug ) { ( $SIGNAL_MANAGER, $at_perl_end ) = Cpanel::Backup::Sync::fork_and_redirect_output( BACKUP_ID, $logdir, $now, $logger, \&send_message ); } $ENV{'CPBACKUP_LOGFILE'} = $log_file_path; if ( $CONF{'BACKUPTYPE'} eq 'ftp' ) { my $ftpuser = $CONF{'BACKUPFTPUSER'}; my $ftppass = $CONF{'BACKUPFTPPASS'}; if ( !defined($ftpuser) || $ftpuser eq '' ) { my $status = 'FTP user for backups is not defined.'; my $subject = $status; exit_STDERR_log_and_notify( $status, $subject, $locale->maketext( 'The “[_1]” of the Legacy Backup System is set to “[_2]”, but the [asis,FTP] user is not defined.', $locale->maketext('Backup Type'), $locale->maketext('Remote FTP (Accounts Only)'), ), ); } elsif ( !defined($ftppass) || $ftppass eq '' ) { my $status = "FTP password for $ftpuser is not defined."; my $subject = $status; exit_STDERR_log_and_notify( $status, $subject, $locale->maketext( 'The “[_1]” of the Legacy Backup System is set to “[_2]”, but the [asis,FTP] password for “[_3]” is not defined.', $locale->maketext('Backup Type'), $locale->maketext('Remote FTP (Accounts Only)'), $ftpuser, ), ); } my $net_ftp_ok = 0; eval { require Net::FTP; $net_ftp_ok = 1; }; if ( !$net_ftp_ok ) { my $status = 'loading Net::FTP failed'; my $subject = qq{Remote FTP backup failed because Net::FTP could not be loaded on $host}; exit_STDERR_log_and_notify( $status, $subject, $locale->maketext( 'The “[_1]” of the Legacy Backup System is set to “[_2]”, but the backup failed because “[asis,Net::FTP]” could not be loaded on “[_3]”.', $locale->maketext('Backup Type'), $locale->maketext('Remote FTP (Accounts Only)'), $host, ), ); } my $ftptimeout = $CONF{'BACKUPFTPTIMEOUT'} || 120; my $ftppassive = ( $CONF{'BACKUPFTPPASSIVE'} eq 'yes' ); my $ftphost = $CONF{'BACKUPFTPHOST'}; my $ftp = Net::FTP->new( $ftphost, Debug => 1, Passive => $ftppassive, Timeout => $ftptimeout ); unless ($ftp) { my $status = "Unable to connect to remote FTP server ($ftphost)."; my $subject = qq{Remote FTP backup on $host failed because unable to connect to remote FTP server ($ftphost)}; exit_STDERR_log_and_notify( $status, $subject, $locale->maketext( 'Remote [asis,FTP] backup on “[_1]” failed because the system was unable to connect to the remote [asis,FTP] server ([_2]).', $host, $ftphost ), ); } if ( !$ftp->login( $ftpuser, $ftppass ) ) { $ftp->quit(); my $status = 'Unable to login to remote FTP server.'; my $subject = $status; exit_STDERR_log_and_notify( $status, $subject, $locale->maketext( 'Remote [asis,FTP] backup on “[_1]” failed because the server was unable to log into the remote [asis,FTP] server, [_2], with the provided credentials.', $host, $ftphost ), ); } $ftp->quit(); mkdir( "/home/cpbackuptmp", 0711 ); chmod( 0711, "/home/cpbackuptmp" ); $basedir = "/home/cpbackuptmp"; $CONF{'BACKUPINC'} = "no"; $CONF{'BACKUPFILES'} = "no"; $CONF{'BACKUPACCTS'} = "yes"; $CONF{'BACKUPMOUNT'} = "no"; $CONF{'DIEIFNOTMOUNTED'} = "no"; } my $original_child_pid = $$; my $basemount = $basedir; my $need_to_mount_backup; $need_to_mount_backup = !Cpanel::BackupMount::backup_disk_is_mounted($basemount) if ( $CONF{'BACKUPMOUNT'} eq 'yes' ); if ($need_to_mount_backup) { Cpanel::BackupMount::mount_backup_disk( $basemount, 'cpbackup', 86400 ); } die_if_not_mounted_check(); if ( !$basedir ) { if ( !-t STDIN ) { require Cpanel::iContact::Class::Backup::Failure; require Cpanel::Notify; Cpanel::Notify::notification_class( 'class' => 'Backup::Failure', 'application' => 'Backup::Failure', 'constructor_args' => [ 'origin' => 'Legacy cPanel Backup System', 'start_time' => $start_time, 'end_time' => time(), 'reason' => $locale->maketext('The system could not complete the backup because the configuration does not specify the backup directory.') ] ); } print STDERR "[cpbackup] Backup failed! Base directory for backups not set!\n"; exit 1; } chmod( 0711, $basedir ); $basedir .= '/cpbackup'; $basedir =~ s{//}{/}; Cpanel::SafeDir::MK::safemkdir( $basedir, 0711 ); chmod( 0711, $basedir ); Cpanel::OSSys::nice(18); # needs to be one higher for cpuwatch if ( $CAPABILITIES->capable_of('ionice') ) { if ( Cpanel::IONice::ionice( 'best-effort', exists $CPCONF{'ionice_cpbackup'} ? $CPCONF{'ionice_cpbackup'} : 6 ) ) { print "[cpbackup] Setting I/O priority to reduce system load: " . Cpanel::IONice::get_ionice() . "\n"; } } if ($has_link_dest) { print "[cpbackup] EXPERIMENTAL Hard Linking enabled (link-dest)\n"; } if ( $CONF{'PREBACKUP'} && -e '/usr/local/cpanel/scripts/precpbackup' && -x _ ) { print "[cpbackup] Executing user defined pre backup script (/usr/local/cpanel/scripts/precpbackup).\n"; system '/usr/local/cpanel/scripts/precpbackup'; } # # If precpbackup unmounts the disk, mount it again # if ( $CONF{'BACKUPMOUNT'} eq 'yes' && !Cpanel::BackupMount::backup_disk_is_mounted($basemount) ) { Cpanel::BackupMount::mount_backup_disk( $basemount, 'cpbackup', 86400 ); die_if_not_mounted_check(); } my %BACKUP_TTLS = ( 'monthly' => 29, 'weekly' => 6, 'daily' => .5 ); my ( @backups_to_run, @backups_to_skip ); # We are using an array becuse the order of the backups matter # when we push them in below the first backup will be the one we run # anything after the first are just retention backups which may or may be due # to be copied from the backup we just made. # # Pick the first backup based on the BACKUPINT setting # if ( exists $BACKUP_TTLS{ $CONF{'BACKUPINT'} } ) { if ( $force || !-e $basedir . '/' . $CONF{'BACKUPINT'} || isolderthan( $BACKUP_TTLS{ $CONF{'BACKUPINT'} }, $basedir . '/' . $CONF{'BACKUPINT'} ) ) { push @backups_to_run, $CONF{'BACKUPINT'}; } else { push @backups_to_skip, $CONF{'BACKUPINT'}; } } # additionnal backups should be treated only when performing the original BAKUPINT # if not we will not preserve the hardlinks when launch multiple times # you should use --force option for multiple launch if (@backups_to_run) { # # If we are doing daily backups we have the option to retain weekly backups # if ( $CONF{'BACKUPINT'} eq "daily" && $CONF{'BACKUPRETWEEKLY'} ) { if ( !-e "${basedir}/weekly" || isolderthan( $BACKUP_TTLS{'weekly'}, "${basedir}/weekly" || $weekly ) ) { push @backups_to_run, 'weekly'; } else { push @backups_to_skip, 'weekly'; } } # # If we are doing daily or weekly backups we have the option to retain monthly backups # if ( ( $CONF{'BACKUPINT'} eq "weekly" || $CONF{'BACKUPINT'} eq "daily" ) && $CONF{'BACKUPRETMONTHLY'} ) { if ( !-e "${basedir}/monthly" || isolderthan( $BACKUP_TTLS{'monthly'}, "${basedir}/monthly" || $monthly ) ) { push @backups_to_run, 'monthly'; } else { push @backups_to_skip, 'monthly'; } } } #BACKUPLOGS no #MYSQLBACKUP accounts if ( $CONF{'MYSQLBACKUP'} eq "both" || $CONF{'MYSQLBACKUP'} eq 'dir' ) { backup_all_mysql_databases( \%CONF ); } # # Only send the message if there are backups to run # my $send_message = ( @backups_to_run ? 1 : 0 ); my ( $rsync_err_str, $rsync_stderr ); my $user_error_map; if (@backups_to_run) { print "[cpbackup] The following backups will be updated: " . join( ',', @backups_to_run ) . "\n"; my $current_backup = $backups_to_run[0]; my $curr_backup_dir = "$basedir/$current_backup"; Cpanel::SafeDir::MK::safemkdir( $curr_backup_dir, 0711 ) if ( !-e $curr_backup_dir ); chmod( 0711, $curr_backup_dir ); $user_error_map = backupaccts( $curr_backup_dir, \@backups_to_run ); # we include the list of backups to run so we can avoid # having to do the backup process for each backup when ftping update_last_run_time($curr_backup_dir); # # Make a copy of the current_backup (BACKUPINT setting) into the next type we need to retain # shift(@backups_to_run); # the first one is the kind of backup we are running # The next are the ones we need to keep (they are only pushed in if we need to make a copy) while ( my $retention_backup = shift @backups_to_run ) { # We are shifting them out as they are done # so we know they have been completed next if ( !$retention_backup ); print "[cpbackup] Copying $current_backup backups to $retention_backup backups for retention\n"; my $target_dir = "$basedir/$retention_backup"; my @rsync_opts = ( $rsyncopts, '--delete', ( $has_link_dest ? ( "--link-dest=../$current_backup", "--exclude=$curr_backup_dir/cpbackupstatus.cfg", ) : () ), "$curr_backup_dir/", $target_dir, ); my $rsync_exit_code; ( $rsync_stderr, $rsync_exit_code ) = Capture::Tiny::tee_stderr( sub { cpusystem( $rsync_bin, @rsync_opts ) }, ); my $rsync_status = $rsync_exit_code ? Cpanel::ExitValues::rsync->number_to_string($rsync_exit_code) : q<>; if ($has_link_dest) { if ( $rsync_exit_code != 0 ) { $rsync_err_str = "Incremental hard link copy of $current_backup backups to $retention_backup backups failed because of an error: $rsync_status"; } else { unlink "$target_dir/cpbackupstatus.cfg" if -e "$target_dir/cpbackupstatus.cfg"; Cpanel::FileUtils::Copy::safecopy( "$curr_backup_dir/cpbackupstatus.cfg", "$target_dir/cpbackupstatus.cfg" ); } } elsif ( $rsync_exit_code != 0 ) { $rsync_err_str = "Incremental copy of $current_backup backups to $retention_backup backups failed because of an error: $rsync_status"; } if ($rsync_err_str) { print STDERR "[cpbackup] $rsync_err_str\n"; } # case 42741: no need to update the file again as it will be copied from the $current_backup #update_last_run_time( $basedir . '/' . $retention_backup ); last; # Only do one per run so at least we have one day where monthly and weekly backups are not the same at the end of the month } if (@backups_to_run) { print STDERR "[cpbackup] The following backups will be updated next time cpbackup runs: " . join( ',', @backups_to_run ) . "\n"; # we do not want to cobber the monthly backups # at the end of the month so we will wait till the next run } } if (@backups_to_skip) { print "[cpbackup] The following backups were already up to date: " . join( ',', @backups_to_skip ) . "\n"; } if ( -e '/usr/local/cpanel/scripts/postcpbackup' && -x _ && ( !exists $CONF{'POSTBACKUP'} || $CONF{'POSTBACKUP'} ) ) { print "[cpbackup] Executing user defined post backup script (/usr/local/cpanel/scripts/postcpbackup).\n"; system '/usr/local/cpanel/scripts/postcpbackup'; } # unmount the disk if it was initially unmounted if ($need_to_mount_backup) { Cpanel::BackupMount::unmount_backup_disk( $basemount, 'cpbackup' ); } Cpanel::Backup::Sync::clean_up_pid_files(BACKUP_ID); my $complete_localtime = localtime(); print "[cpbackup] Completed at $complete_localtime\n"; sub send_message { my ($signal) = @_; $signal ||= 0; if ($send_message) { my $major_error; # Parse the log for known problems to highlight. #Just take the first one due to space restraints in subject line. if ( open( my $log_file, '<', $log_file_path ) ) { while (<$log_file>) { if (m/<<<\s552\s(.*)/) { $major_error = $locale->maketext("The backup destination server has exceeded storage allocation (for current directory or dataset)."); last; } elsif (m/<<<\s452\s(.*)/) { $major_error = $locale->maketext("The backup destination server has insufficient storage space."); last; } } close($log_file); } my @transport_errors = (); if ( keys %$user_error_map ) { for my $user ( sort keys %$user_error_map ) { for my $target_type ( sort keys %{ $user_error_map->{$user}{'transport'} } ) { push @transport_errors, [ $user, $target_type, $user_error_map->{$user}{'transport'}{$target_type}{'error_message'}, ]; } } } my @account_errors = (); if ( keys %$user_error_map ) { for my $user ( sort keys %$user_error_map ) { if ( $user_error_map->{$user}{'account'} ) { push @account_errors, [ $user, $user_error_map->{$user}{'account'}{'error_message'} ]; } } } my @local_copy_errors = ( $rsync_err_str ? ( [ $rsync_err_str => $rsync_stderr ] ) : () ); require Cpanel::Notify; my @attach_files = ( { "name" => "${now}.log.txt", "content" => Cpanel::LoadFile::loadfile_r($log_file_path), 'number_of_preview_lines' => 25, }, ); my $had_error = $major_error || @account_errors || @transport_errors || @local_copy_errors; my $class = $had_error ? 'Backup::PartialFailure' : 'Backup::Success'; print "[cpbackup] Final state is $class ($signal)\n"; Cpanel::Notify::notification_class( 'application' => "Legacy cPanel Backup System", 'class' => $class, 'status' => '', 'priority' => 2, 'interval' => 1, # Always notify 'constructor_args' => [ 'origin' => "Legacy cPanel Backup System", is_legacy => 1, 'start_time' => $start_time, 'end_time' => time(), major_error => $major_error, transport_errors => \@transport_errors, account_errors => \@account_errors, local_copy_errors => \@local_copy_errors, 'attach_files' => \@attach_files, 'signal' => $signal, 'log_file_path' => $log_file_path, ], ); } } sub isolderthan { my ( $days, $file ) = @_; return 1 if !-e $file; my $last_run_time = ( stat($file) )[9]; # We want the trust the earliest time so we do not miss out on a backup. Its better to backup again # if we are unsure. We now create a cpbackupstatus.cfg if it is missing if ( -e $file . '/cpbackupstatus.cfg' ) { my $backup_status_ref = Cpanel::Config::LoadConfig::loadConfig( $file . '/cpbackupstatus.cfg', {}, '=' ); # Always take the oldest date if ( exists $backup_status_ref->{'last_run_time'} && $backup_status_ref->{'last_run_time'} && $backup_status_ref->{'last_run_time'} < $last_run_time ) { $last_run_time = $backup_status_ref->{'last_run_time'}; } } else { my $backup_status_ref = { 'last_run_time' => $last_run_time }; Cpanel::Config::FlushConfig::flushConfig( $file . '/cpbackupstatus.cfg', $backup_status_ref, '=' ); } my $days_old = ( time() - ($last_run_time) ) / ( 60 * 60 * 24 ); #9 =mtime print "[cpbackup] backup point $file is " . sprintf( '%0.2f', $days_old ) . " days old\n"; return ( ( $days_old < 0 || $days_old > $days ) ? 1 : 0 ); #case 19450:: now time warp safe } sub update_last_run_time { my $dir = shift; my $time = shift || time(); my $backup_status_ref; my $cfg_file = $dir . '/cpbackupstatus.cfg'; if ( -e $cfg_file ) { $backup_status_ref = Cpanel::Config::LoadConfig::loadConfig( $cfg_file, {}, '=' ); #This file gets unlink()ed immediately down below. #It’s conceivable that this is here in event of failure in #flushConfig(), except flushConfig() doesn’t throw exceptions. #So, it’s unclear what’s intended. TODO FIXME XXX Cpanel::FileUtils::Move::safemv( $cfg_file, "$cfg_file.bak" ); } $backup_status_ref->{'last_run_time'} = $time; Cpanel::Config::FlushConfig::flushConfig( $cfg_file, $backup_status_ref, '=' ); unlink "$cfg_file.bak" if -e "$cfg_file.bak"; } sub backup_all_mysql_databases { my ($conf) = @_; my $mysqldatadir = Cpanel::MysqlUtils::Dir::getmysqldir() || '/var/lib/mysql'; while ( -l $mysqldatadir ) { $mysqldatadir = readlink($mysqldatadir); } my $rawdir = $mysqldatadir; $rawdir =~ s/\//_/g; my $basedir = $conf->{'BACKUPDIR'}; $basedir .= '/cpbackup'; my $curr_backup_dir = $basedir . '/' . $conf->{'BACKUPINT'}; my @EXCLUDES = Cpanel::Backup::SystemResources::get_excludes_args_by_path($mysqldatadir); Cpanel::SafeDir::MK::safemkdir("$curr_backup_dir/dirs") if !-d "$curr_backup_dir/dirs"; # Added exclude for /proc for chroot bind setups to prevent error messages if ( $conf->{'BACKUPINC'} eq "yes" ) { print "[cpbackup] Starting incremental MySQL database backups\n"; if ( cpusystem( $rsync_bin, $rsyncopts, @EXCLUDES, '--delete', "$mysqldatadir/", "$curr_backup_dir/dirs/$rawdir" ) != 0 ) { print STDERR "[cpbackup] Failed to perform incremental MySQL database backup\n"; } } else { print "[cpbackup] Starting full MySQL database backups\n"; if ( cpusystem( $tar_bin, '--use-compress-program=/usr/local/cpanel/bin/gzip-wrapper', '--create', '--preserve-permissions', '--file', "$curr_backup_dir/dirs/$rawdir.tar.gz", @EXCLUDES, $mysqldatadir ) == 0 ) { chmod( 0600, "$curr_backup_dir/dirs/$rawdir.tar.gz" ) if $status == 0; } else { print STDERR "[cpbackup] Failed to perform full MySQL database backup\n"; } } return; } sub backupaccts { ## no critic qw(Subroutines::ProhibitExcessComplexity) my $target = shift; my $all_targets = shift; Cpanel::FileUtils::TouchFile::touchfile($target); #if another cpbackup starts just go bye bye if ( !( $CONF{'BACKUPFILES'} eq "no" ) ) { print "[cpbackup] Running dir & file backup with target : $target\n"; if ( !-e "$target/files" ) { mkdir( "$target/files", 0700 ); } if ( !-e "$target/dirs" ) { mkdir( "$target/dirs", 0700 ); } chmod( 0700, "$target/files", "$target/dirs" ); my ( $syncstatus, $syncmessage ); foreach my $file (@FILES) { next if ( !-e $file ); my $rawfile = $file; $rawfile =~ s/\//_/g; if ( $CONF{'BACKUPINC'} eq "yes" ) { ( $syncstatus, $syncmessage ) = Cpanel::SimpleSync::syncfile( $file, "$target/files/$rawfile", 0, 1 ); } else { ( $syncstatus, $syncmessage ) = Cpanel::SimpleSync::syncfile( $file, "$target/files/$rawfile", 0, 1 ); if ( $syncstatus != 0 ) { if ( cpusystem( $gzip_bin, "-f", "$target/files/$rawfile" ) != 0 ) { print STDERR "[cpbackup] Failed to compress file $target/files/$rawfile\n"; } } } if ( $syncstatus == 0 ) { print STDERR "[cpbackup] Failed to backup $file ($syncmessage)\n"; } } foreach my $dir (@DIRS) { next if ( !-e $dir ); my $rawdir = $dir; $rawdir =~ s/\//_/g; my @EXCLUDES = Cpanel::Backup::SystemResources::get_excludes_args_by_path($dir); # Added exclude for /proc for chroot bind setups to prevent error messages if ( $CONF{'BACKUPINC'} eq "yes" ) { if ( cpusystem( $rsync_bin, $rsyncopts, @EXCLUDES, '--delete', "$dir/", "$target/dirs/$rawdir" ) != 0 ) { print STDERR "[cpbackup] Failed to perform incremental backup of $dir/ to $target/dirs/$rawdir\n"; } } else { if ( cpusystem( $tar_bin, '--use-compress-program=/usr/local/cpanel/bin/gzip-wrapper', '--create', '--preserve-permissions', '--file', "$target/dirs/$rawdir.tar.gz", @EXCLUDES, $dir ) == 0 ) { chmod( 0600, "$target/dirs/$rawdir.tar.gz" ); } else { print STDERR "[cpbackup] Failed to perform full backup of $dir/ to $target/dirs/$rawdir.tar.gz\n"; } } } } print "[cpbackup] Running account backup with target : $target\n"; #BACKUPLOGS no #MYSQLBACKUP accounts #BACKUPBWDATA yes $ENV{'pkgacct-logs'} = ( $CONF{'BACKUPLOGS'} eq "yes" ? 'yes' : 'no' ); $ENV{'pkgacct-mysql'} = ( ( $CONF{'MYSQLBACKUP'} eq "dir" || $CONF{'MYSQLBACKUP'} eq "no" ) ? 'no' : 'yes' ); $ENV{'pkgacct-psql'} = ( $CONF{'PSQLBACKUP'} eq "no" ? 'no' : 'yes' ); $ENV{'pkgacct-bwdata'} = ( $CONF{'BACKUPBWDATA'} eq "no" ? 'no' : 'yes' ); my %user_error_map = (); if ( $CONF{'BACKUPACCTS'} ne 'no' ) { Cpanel::PwCache::Build::init_passwdless_pwcache(); my @cpusers = Cpanel::Config::Users::getcpusers(); foreach my $user ( sort @cpusers ) { my $user_conf = Cpanel::Config::LoadCpUserFile::load($user); $user_conf->{'LEGACY_BACKUP'} = 0 if !exists $user_conf->{'LEGACY_BACKUP'}; next if !$user_conf->{'LEGACY_BACKUP'}; if ( $CONF{'BACKUPINC'} eq 'yes' ) { my $last_update_time = time(); utime( $last_update_time, $last_update_time, "$target/$user" ); } if ( cpusystem( $pkgacct, ( $CONF{'COMPRESSACCTS'} eq 'no' ? '--nocompress' : () ), ( $CONF{'BACKUPINC'} eq "yes" ? '--incremental' : () ), $user, $target, 'backup' ) != 0 ) { print STDERR "[cpbackup] Failed to back up account $user\n"; $user_error_map{$user}{'account'} = { 'error_message' => ( $LAST_CPUSYSTEM_ERROR || 'Failed to backup account' ) # FIXME: This is a hack to avoid refactoring cpusystem }; } else { if ( $CONF{'BACKUPTYPE'} eq 'ftp' ) { my $target_file = ( $CONF{'COMPRESSACCTS'} eq 'no' ? "$user.tar" : "$user.tar.gz" ); foreach my $remote_target (@$all_targets) { # If we are going to update multiple targets we send the file multiple times # previously we would build the backup once for every target. Now we just upload it once # instead as we know all the targets before we get here now my %ftp_error_info = ftpsend( $remote_target, $target . '/' . $target_file, $target_file ); $user_error_map{$user}{'transport'}{$remote_target} = \%ftp_error_info if keys %ftp_error_info; } unlink( $target . '/' . $target_file ); } } } } return \%user_error_map; } sub ftpsend { my ( $targetdir, $targetfile, $remotefile ) = @_; my $ftpuser = $CONF{'BACKUPFTPUSER'}; my $ftppass = $CONF{'BACKUPFTPPASS'}; my $ftproot = $CONF{'BACKUPFTPDIR'}; my $ftphost = $CONF{'BACKUPFTPHOST'}; my $ftppassive = ( $CONF{'BACKUPFTPPASSIVE'} eq 'yes' ? 1 : 0 ); my $ftptimeout = $CONF{'BACKUPFTPTIMEOUT'} || 120; my @FD = split( /\//, $targetdir ); my $backtype = $FD[$#FD]; my $ftp = Net::FTP->new( $ftphost, Debug => 1, Passive => $ftppassive, Timeout => $ftptimeout ); unless ($ftp) { my $msg = 'Unable to connect to remote FTP server.'; my $localized_message = $locale->maketext('The system was unable to connect to the remote [asis,FTP] server.'); print "$msg\n"; $logger->info($msg); return ( 'error_message' => $localized_message ); } my $status = $ftp->login( $ftpuser, $ftppass ); if ( !$status ) { my $ftp_message = $ftp->message() || get_ftp_error($ftp); $ftp_message = Cpanel::StringFunc::Trim::ws_trim($ftp_message); $ftp->quit(); my $msg = 'Unable to log in to remote FTP server.'; my $localized_message = $locale->maketext( 'The system was unable to log in to the remote [asis,FTP] server due to an error: “[_1]”', $ftp_message ); print "$msg\n"; $logger->info($msg); return ( 'error_message' => $localized_message ); } $ftp->binary(); # if $ftproot is not defined by the user, default to cpbackup if ( $ftproot eq "" ) { $ftproot = 'cpbackup'; } $ftp->mkdir($ftproot); $ftp->mkdir("${ftproot}/${backtype}"); $ftp->cwd("${ftproot}/${backtype}"); $status = $ftp->put( $targetfile, $remotefile ); if ( !$status ) { my $ftp_message = $ftp->message() || get_ftp_error($ftp); $ftp_message = Cpanel::StringFunc::Trim::ws_trim($ftp_message); $ftp->quit(); my $msg = 'Unable to upload the backup to the remote FTP server.'; my $localized_message = $locale->maketext( 'The system was unable to upload the backup to the remote [asis,FTP] server due to an error: “[_1]”', $ftp_message ); print "$msg\n"; $logger->info($msg); return ( 'error_message' => $localized_message ); } $ftp->quit; return; } sub get_ftp_error { my ($ftp_obj) = @_; my $response = Cpanel::FtpUtils::ResponseCodes::get_response_text( $ftp_obj->code() ); return $response if $response; return $locale->maketext('An unknown error occurred.'); } #Returns the exit status of the given command, or -1 if the exec() failed. #NOTE: If the command died from a signal, this will falsely report success! # sub cpusystem { my ( $program, @args ) = @_; my $sigman; $LAST_CPUSYSTEM_ERROR = ''; # FIXME: This is a hack to avoid refactoring cpusystem my $ok; try { # before_exec is slow, avoid it local $ENV{'CPBACKUP'} = 1; Cpanel::CpuWatch::run( program => $program, args => \@args, stdout => \*STDOUT, stderr => \*STDERR, after_fork => sub { my ($child_pid) = @_; my $infanticide_cr = sub { Cpanel::Kill::Single::safekill_single_pid($child_pid); }; $sigman = $SIGNAL_MANAGER || Cpanel::SignalManager->new(); for my $sig ( $sigman->FATAL_SIGNALS() ) { $sigman->push( signal => $sig, name => 'infanticide', handler => $infanticide_cr, ); } }, ); $ok = 1; } catch { NONFATAL: { last NONFATAL if !try { $_->isa('Cpanel::Exception::ProcessFailed::Error') }; my $err_code = $_->get('error_code'); my ($base_program) = $program =~ m<.*/(.+)>; if ( $base_program eq 'gtar' || $base_program eq 'gnutar' ) { $base_program = 'tar'; } my $mod = "Cpanel::ExitValues::$base_program"; last NONFATAL if !$mod->can('error_is_nonfatal_for_cpanel'); if ( $mod->error_is_nonfatal_for_cpanel($err_code) ) { $ok = 1; my $errstr = $mod->number_to_string($err_code); #warn() would print a stack trace, which we don’t want. print STDERR "$program returned a non-fatal error code, $err_code ($errstr).\n"; } } if ( !$ok ) { $LAST_CPUSYSTEM_ERROR = Cpanel::Exception::get_string($_); # FIXME: This is a hack to avoid refactoring cpusystem warn "[cpbackup] " . Cpanel::Exception::get_string($_); } } finally { if ($SIGNAL_MANAGER) { for my $sig ( $sigman->FATAL_SIGNALS() ) { $sigman->delete( name => 'infanticide', signal => $sig ); } } }; return $ok ? 0 : 1; #Historical: 0 for success, 1 for failure. } sub _nonzero_status_is_ok { return 0; } sub setup_and_clean_logs { if ( !-d $logdir ) { unlink $logdir; mkdir $logdir, 0700; } else { chmod 0700, $logdir; } if ( opendir my $logdir_dh, $logdir ) { while ( my $file = readdir($logdir_dh) ) { if ( -f $logdir . '/' . $file && ( stat(_) )[9] < ( $now - ( 86400 * 10 ) ) ) { unlink $logdir . '/' . $file; } } closedir $logdir_dh; } else { die "Unable to read directory $logdir: $!"; } } sub die_if_not_mounted_check { if ( $CONF{'DIEIFNOTMOUNTED'} eq "yes" ) { my ( $ismounted, $mountline ) = Cpanel::BackupMount::backup_disk_is_mounted($basemount); if ( !$ismounted ) { if ( !-t STDIN ) { require Cpanel::iContact::Class::Backup::Failure; require Cpanel::Notify; Cpanel::Notify::notification_class( 'class' => 'Backup::Failure', 'application' => 'Backup::Failure', 'constructor_args' => [ 'origin' => 'Legacy cPanel Backup System', 'start_time' => $start_time, 'end_time' => time(), 'reason' => $locale->maketext( 'The system could not complete the backup because it could not mount “[_1]”.', $basemount ) ] ); } print STDERR "[cpbackup] Backup failed! $basemount is not mounted!\n"; exit 1; } else { print "[cpbackup] Mount found ($mountline)\n"; } } } sub exit_STDERR_log_and_notify { my ( $status, $subject, $reason ) = @_; print STDERR "[cpbackup] $status\n"; unlink('/var/cpanel/backups_need_to_run'); require Cpanel::Notify; my $app = 'Legacy cPanel Backup System'; Cpanel::Notify::notification_class( 'class' => 'Backup::Failure', 'application' => $app, 'interval' => 1, # Always notify 'priority' => 2, 'status' => $status, 'constructor_args' => [ 'origin' => $app, 'start_time' => $start_time, 'end_time' => time(), 'reason' => $reason, ], ); $logger->info($status); exit(1); } sub usage { my $prog = $0; $prog =~ s{^.+/(.+)$}{$1}; print <