Skip to content

Instantly share code, notes, and snippets.

@SteveMcGrath
Last active November 15, 2022 12:13
Show Gist options
  • Save SteveMcGrath/6296691 to your computer and use it in GitHub Desktop.
Save SteveMcGrath/6296691 to your computer and use it in GitHub Desktop.
SecurityCenter Backup Script
#!/bin/bash
## SecurityCenter Backup Script
#
# This script is intended to create backups of all of the SecurityCenter data
# on a daily/weekly/monthly/etc. basis. This is intended to be run as a cronjob
# and expect the SysAdmin to have configured the root@localhost mail alias to
# route through their email system in-case of errors. An example of how to run
# this as a cronjob is below:
#
# 1 45 * * * root /opt/scripts/backups/sc-backup.sh
#
# The latest version can be found at:
# https://gist.github.com/SteveMcGrath/6296691
#
# Copyright (c) 2020 Steven McGrath
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
#### CONFIGURATION
# This is the base path for backups. This could be a NFS share, local storage,
# a backup LUN, etc.
BACKUP_PATH=/backup/sc
# Whats the maximum amount of time that we want to wait before timing out the
# backup?
TIMEOUT=1800
#### DO NOT EDIT BELOW THIS LINE
## Shutdown Function
#
# This function will shudown SecurityCenter and will not return back until all
# SecurityCenter related processes are completed. If we end up having to wait
# past the TIMEOUT value, then it will drop out as well.
function shutdown_securitycenter()
{
local is_running=1 # True
local start_time=$(date +%s)
local tns_process_count=1
service SecurityCenter stop
while [ $is_running -eq 1 ]; do
tns_process_count=$(set -o pipefail; ps -U tns --no-headers | wc -l)
if [ ${tns_process_count:-1} -eq 0 ]; then
is_running=0 # False
else
sleep 1
if [ $(( $(date +%s) - $start_time )) -gt $TIMEOUT ]; then
is_running=2 # Timeout
fi
fi
done
return $is_running
}
## Backup Generator
#
# Here is where we will actually perform the backup. The tarball that we
# generate will ONLY contain SecurityCenter data, not the binaries, scripts,
# or code that is installed along with SecurityCenter. This makes the data more
# portable in the end as its no longer dependent on architecture, simply just
# the version of SC that it was backed up from.
function backup_securitycenter()
{
local rc
local sc_version=$(rpm -q --qf '%{v}' SecurityCenter)
local bdate=$(date +%Y-%m-%d)
local tarball="${BACKUP_PATH}/sc-backup-${bdate}.${sc_version}.tar.gz"
local -a bfiles
local -a excludes
bfiles=(
~tns/admin
~tns/data
~tns/orgs
~tns/repositories
~tns/*db
)
# Uncomment the lines below if you want to exclude the data from the backup
excludes=(
# --exclude="VDB/*"
# --exclude="repositories/*"
)
tar -zcf "$tarball" ${excludes[@]} "${bfiles[@]}"
rc=$?
if [ $rc -ne 0 ]; then
mv $tarball "${tarball/sc-backup-/sc-backup-errors-}"
fi
return $rc
}
## Main Loop
#
# Now lets actually perform the backup. If there is an error with shutting
# everything down, then print out the processes that are still running. Lastly,
# start everything back up.
if shutdown_securitycenter; then
if ! backup_securitycenter; then
echo 'CRITICAL: Backup had errors.'
fi
else
echo 'CRITICAL: Could not Shutdown SecurityCenter within specified timeout.'
echo 'CRITICAL: Processes Still Running:'
ps fU tns
fi
service SecurityCenter start
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment