diff --git a/README.md b/README.md index aa6746f..004fbbe 100644 --- a/README.md +++ b/README.md @@ -77,10 +77,13 @@ docker run -p 80:80 -v /path/to/xodata:/var/lib/xo-server -v /path/to/redisdata: Tool has been tested to work with following distros: -- CentOS 7 +- CentOS 7 (note LVM file level restore issue from below) - Debian 9 - Ubuntu 16.04 +In order to use file level restore from delta backups, the service needs to be ran as root. +CentOS installation is currently not able to do file level restore if the backed up disk contains LVM. + CentOS setup is confirmed to work with fresh minimal installation and SELinux enabled. Although script doesn't do any SELinux checks or modifications, so you need to take care of possible changes by yourself according to your system. @@ -105,6 +108,7 @@ CentOS: - python - git - nfs-utils +- libvhdi-tools Debian/Ubuntu: - apt-transport-https diff --git a/docker/Dockerfile b/docker/Dockerfile index f4a1154..8c942b3 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -15,7 +15,11 @@ RUN yum -y install yarn RUN yum -y install epel-release # build dependencies, git for fetching source and redis server for storing data -RUN yum -y install gcc gcc-c++ make openssl-devel redis libpng-devel python git +RUN yum -y install gcc gcc-c++ make openssl-devel redis libpng-devel python git nfs-utils + +# libvhdi-tools for file-level restore +RUN rpm -ivh https://forensics.cert.org/cert-forensics-tools-release-el7.rpm +RUN yum --enablerepo=forensics install -y libvhdi-tools # monit to keep an eye on processes RUN yum -y install monit diff --git a/docker/monit-services b/docker/monit-services index 8d6bc09..3dfaf5a 100644 --- a/docker/monit-services +++ b/docker/monit-services @@ -8,3 +8,7 @@ check process xo-server with pidfile /var/run/xo-server.pid check process redis with pidfile /var/run/redis_6379.pid start program = "/usr/bin/redis-server /etc/redis.conf --daemonize yes" stop program = "/usr/bin/redis-cli shutdown" + +check process rpcbind + matching "rpcbind" + start program = "/usr/sbin/rpcbind" diff --git a/xo-install.sh b/xo-install.sh index 7027c43..79aff88 100755 --- a/xo-install.sh +++ b/xo-install.sh @@ -88,6 +88,16 @@ function InstallDependenciesCentOS { echo "done" fi + # only install libvhdi-tools if vhdimount is not present + if [[ -z $(which vhdimount) ]]; then + echo + echo -n "Installing libvhdi-tools from forensics repository" + rpm -ivh https://forensics.cert.org/cert-forensics-tools-release-el7.rpm >/dev/null + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/cert-forensics-tools.repo + yum --enablerepo=forensics install -y libvhdi-tools >/dev/null + echo "done" + fi + # install echo echo -n "Installing build dependencies, redis server, python, git, nfs-utils..." @@ -98,6 +108,9 @@ function InstallDependenciesCentOS { echo "Enabling and starting redis service" /bin/systemctl enable redis >/dev/null && /bin/systemctl start redis >/dev/null + echo "Enabling and starting rpcbind service" + /bin/systemctl enable rpcbind >/dev/null && /bin/systemctl start rpcbind >/dev/null + } 2>$LOGFILE function InstallDependenciesDebian { @@ -151,12 +164,14 @@ function InstallDependenciesDebian { # install packages echo - echo -n "Installing build dependencies, redis server, python, git, libvhdi-utils, lvm2..." - apt-get install -y build-essential redis-server libpng-dev git python-minimal libvhdi-utils lvm2 >/dev/null + echo -n "Installing build dependencies, redis server, python, git, libvhdi-utils, lvm2, nfs-common..." + apt-get install -y build-essential redis-server libpng-dev git python-minimal libvhdi-utils lvm2 nfs-common >/dev/null echo "Enabling and starting redis service" /bin/systemctl enable redis-server >/dev/null && /bin/systemctl start redis-server >/dev/null + echo "Enabling and starting rpcbind service" + /bin/systemctl enable rpcbind >/dev/null && /bin/systemctl start rpcbind >/dev/null } 2>$LOGFILE