:: Re: [DNG] What not to back up
Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Rod Rodolico
Fecha:  
A: dng
Asunto: Re: [DNG] What not to back up
Or, tell bind to place the zone files where they originally were, in
/etc/bind/zones or something.

The change was made about 10 years ago as a "security feature" and is
mainly used for running bind in a jail, so if it gets hacked, they can't
mess up the rest of the server. I remember when Debian went that way and
it confused me quite a bit.

Of course, if you have a dedicated server only for BIND, that reason
goes away.

So, simply edit /etc/bind/* and change /var/lib/bind to whatever you
want. For the most part, I just store them in /etc/bind/SEC or
/etc/bind/ZONES or something. BIND doesn't care; it is the distro people
doing that.

Rod

On 11/26/21 7:07 AM, Mike Tubby wrote:
>
>
> On 24/11/2021 10:08, Olaf Meeuwissen via Dng wrote:
>> Hi Hendrik,
>>
>> Hendrik Boom writes:
>>
>>> I'm setting up a new backup script that will do it all piecemeal so
>>> that if a part of it fails, it can be retried without having to start
>>> *everythng* over from scratch.
>>>
>>> Which top-level filesystems should *not* be backed up.
>>>
>>> To start with, I presumably shouldn't back up
>>>
>>> /proc
>>> /tmp
>>> /dev (cause I'm using some version of *udev)
>>> /mnt
>> ACK.
>>
>>> and I certainly should back up /var, /usr. /root, /bin,
>>> /boot, /etc, /home, /lib, /lib64, /sbin
>> I wouldn't bother with /var/cache and /var/log but you're talking
>> top-level ;-)
>
> ... but if you run a nameserver you may well need:
>
>     /var/cache/bind
>
> as that's where your zonefiles are ;-)
>
>
>> /boot is managed by installing kernel images and grub (using settings in
>> /etc/grub) so isn't all that important to include.  At least on amd64.
>>
>>> But what about
>>>
>>> /run
>>> /srv
>>> /sys
>>> ?
>> Both /run and /sys are tmpfs file systems.  Not worth backing up.
>
>
> However some admins put services in:
>
>     /srv
>
> and some third-party suppliers of software place it in:
>
>     /opt
>
> for example Sophos anti-virus.
>
>> Basically, you should only care about a subset of what lives below the
>> mount points listed by
>>
>>    df | grep ^/ | awk '{print $6}'
>>
>> and make sure your backup command doesn't cross file system boundaries.
>> That should automatically exclude things like /dev, /proc, /run, /sys
>> and may (or may not) exclude /tmp (depending on installation choices).
>> As /mnt is meant for temporary mounts, that should be excluded too.
>>
>>> What are those even used for?
>> I would have pointed you to the FHS but as Lars pointed out already `man
>> 7 hier` will tell.
>>
>> Of course, if you don't use things like /srv and /opt, there's not much
>> of a cost to backing up the empty directories :-)
>>
>> Hope this helps,
>> --
>> Olaf Meeuwissen, LPIC-2            FSF Associate Member since 2004-01-27
>>   GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
>>   Support Free Software                        https://my.fsf.org/donate
>>   Join the Free Software Foundation              https://my.fsf.org/join
>> _______________________________________________
>> Dng mailing list
>> Dng@???
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng


--
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465 US
https://dailydata.net
214.827.2170 ext 100