Adventures in Networking

Main menu:

Linux

Raspberry Pi DNS Server

I have been running dual DNS servers on my home network for a while, see my previous post about setting them up: Debian Server on a Thin Client with a Flash Drive

The inevitable finally happened–after a year of faithful service (and years past its expected life), my primary server (the DevonIT box) finally died. I traced it down to a couple of blown capacitors in the power supply, and while I am perfectly capable of replacing them, I decided to use the opportunity to put my Christmas present to good use.

I decided that if my Raspberry was going to find permanent usage in my stack of equipment it needed a real case on it to protect from electrical shorts and other damage. Why I choose the “blueberry” case for the Raspberry, I can’t explain, I guess I just like the look.

Raspberry Pi

http://www.amazon.com/gp/product/B00A42HTLC/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1

 

I first attempted to get this running on an 8GB Class 2 SD I stole from my wife’s camera. While it was technically functional, it was vvveeerrryyy ssslllooowww, convincing me I needed a proper card like this:

Panasonic Gold Series 8GB Class 10 SDHC Memory Card

http://www.adorama.com/PCSDUB08GAK.html

 

I also needed a good power supply. The Pi takes about 500-700 mA by itself, significantly more if you plug in a USB stick or WiFi adapter (potentially 500 mA each). I found most typical cell chargers run in to 500 mA-1 A range. I ended using a 1 A charger I had lying around, but I’d recommend something like this:

USA Raspberry Pi Micro USB Power Supply Charger – 5v 1500ma

http://www.amazon.com/Raspberry-Pi-Micro-Supply-Charger/dp/B00DZLSEVI/ref=pd_sim_pc_4?ie=UTF8&refRID=0KYXTRMBV9RDNRNCK34Z

Alternatively, if you plan to have several devices you’re probably better off with a multi-port charger that can safely supply enough juice:
http://www.amazon.com/gp/product/B00LMIA9L4/ref=ox_sc_sfl_title_4?ie=UTF8&psc=1&smid=ANWBAWAHYG3PL

One word of caution–make sure the charger/power supply is UL listed (or certified by an equivalent regulatory body) . As my father (the electrical inspector) reminded me, if you’re going to run this 24×7 with cables all tucked in a dark corner, the last thing you want to stress about is everything going up in flames because you saved a few dollars buying a cheap charged from Asia.

I went with the standard Raspbian distro downloaded from official sources (http://www.raspberrypi.org/downloads/). The advantage of this is a simple, easy to install distro that is optimized for the Pi, yet resembles standard Debian as closely as possible. The main disadvantage is that it comes loaded with junk not required/desired on a small, headless server. I followed the instructions on this thread to clean up unwanted packages:
http://raspberrypi.stackexchange.com/questions/4745/how-to-uninstall-x-server-and-desktop-manager-when-running-as-headless-server

As of now, I’m down to 800MB of disk space used, and I’m not done yet.

Tasks left to be completed:

  • Continue to search out and remove undesired packages
  • Follow Linux hardening guidelines to make the system more secure
  • Set up remote logging — I have an internal syslog server, but I’m considering trying out https://papertrailapp.com/

Being a busy guy, this posting isn’t nearly as complete and polished as I’d like it to be, but hopefully someone will find it useful.

Finding Files or Directories in Linux

find . -type d -exec ls -la {} \;

Debian Server on a Thin Client with a Flash Drive

Recommend 600Mhz+ CPU, 512MB+ RAM, 2GB+ Flash. Raspberry Pi 2 would work great.

On first server (DevonIT 6020A), used internal 128MB IDE Flash for /boot, used external flash for /. Purpose-built internal flash drive is fast for loading kernal. Advantages to this hardware: cheap, built-in power supply.

On second server (Wyse WinTerm?), had trouble with drive re-ordering. Expected same behavior, 512MB flash would be /dev/sda, USB would be /dev/sdb. However, once booting from USB, it became /dev/sda, flash was /dev/sdb. Long story short, went into BIOS and disabled IDE controller. Only disadvantage…slightly slower boot time. Advantage…whole system is on a single removable flash drive that can easily be backed up, replaced, or moved to new hardware. Advantages to this hardware: almost as cheap, newer. External power supply means easier DC power feed.

Use ext2, or see ext3 tweaks at: http://www.cyrius.com/debian/nslu2/linux-on-flash.html

Uncheck GUI, selected DNS, openSSH and base utilities only. Could go back and remove unneeded packages to shrink install even more. Could possible fit in 512MB, but flash is so cheap it’s not worth it unless you are paranoid about security and truly want to limit uneccesary packages. Although that limits future usage as well (no room to play).

Use syslog server for logging

No swap, move all temp directories to ram drive

  • /run
  • /tmp
  • /var

Tweak fstab, remove user mount for USB (what’s the point?)

See http://wiki.debian.org/RunningOnFlash

 

Useful Tips for Linux

Handy reference on frequently used Bash constructs:

http://www.codecoffee.com/tipsforlinux/index-linux.html

Summarize Unique IP Addresses in a Log File

Loops through each log file and dump output to a single file:

for file in `ls *.log`
do
cat $file |awk '{print $4}' |sort |uniq -c |sort -n >> output.txt
done

 

Now consolidate entries from each section of original file to a new file:

cat output.txt |awk '{print $2}' |sort |uniq -c |sort -n >> output2.txt

Where the $4 or $2 is the field to look at (space delimitated)

Bash example: Listing files in a directory

Simple example of how to perform an operation on every file in a directory:

for file in `ls *.pdf`
do
 convert -density 300 $file `echo $file | sed 's/\.pdf$/\.jpg/'`
done

OES 2 Installation and Setup

Complete the installation of SLES 10 first as per http://danobarrjr.net/2010/01/sles-10-installation-and-setup.html.

Install OES Components and Configure eDirectory:

  • Start the OES install:
    • YaST: Software, Add-on Product
  • Select Local Directory or NFS (depending on where your ISO images are)
  • If using NFS, specify the source server’s fully qualified name address
  • Check the ISO Image box and set the path to /install/OES2-SP1-x86_64-CD1.iso
  • Select and install the following packages:
    • Novell Backup / Storage Management
    • Novell eDirectory
    • Novell iManager
    • Novell iPrint (if needed)
    • Novell Linux User Management
    • Novell NCP Server
    • Novell Remote Manager
    • Novell CIFS (if needed – only works on NSS volumes)
    • Novell Storage Services (if needed)
  • eDirectory Configuration – New or Existing Tree
    • Select Existing Tree
    • eDirectory Tree Name: (enter the existing tree name)
    • Check Use eDirectory Certificates
  • eDirectory Configuration – Existing Tree Information
    • IP Address of an existing eDirectory server: (use the IP of a server hold a replica of root)
    • FDN Existing admin name: cn=admin,o=xxxxx
    • Enter Admin Password
  • eDirectory Configuration – Local Server Configuration
    • Enter Server Context: ou=Servers,ou=Sitename,o=XXXX
  • eDirectory Configuration – NTP & SLP
    • Network Time Protocol Server: (use the IP address of a server holding the master replica of root)
    • Select Configure SLP to use an existing Directory Agent
    • Service Location Protocol Scopes: (enter your scope name)
    • Add SLP Directory Agents: XX.XX.XX.XX
  • Novell Modular Authentication Service – accept defaults
  • You’ll now be at the Novell Open Enterprise Server Configuration summary screen
  • Click on LDAP Configuration for Open Enterprise Services
    • Remove the IP address of your master replica server
  • Click on Linux User Management
    • Accept the defaults on the first screen
    • Select All services to LUM-enable
  • IF installing CIFS, click on Novell CIFS
    • Change the Proxy user name to: cn=cifsProxyUser,o=xxxx
    • Set Search context to o=DOC
    • Set the Proxy user password
  • Click Next on the summary screen to start the installation into eDirectory
  • There will be a few miscellaneous prompts to respond to, such as to restart eDirectory
  • iManager/ConsoleOne Tasks:

    • Add an eDirectory replica to new server:
      • In iManager, go to Partition and Replica Management, Replica View
      • Enter SITE.XXXX, click OK
      • Click Add Replica. Select the new server and click OK.

    Configure NSS (not needed if only re-installing the OS for a failed server – following these steps will delete existing NSS pool/volumes):

    • Run nssmu from the command shell
    • Go to Devices, select the logical drive for the NSS pool, and hit F3 to Initialize it (be careful, make sure you have selected the correct drive!)
    • Create new pool named DATA using all of the logical drive
    • Create new volumes on DATA pool

    Turn off oplocks:

    • Edit /etc/opt/novell/nspserv.conf and make sure it has these two lines:
      • OPLOCK_SUPPORT_LEVEL 0
      • CROSS_PROTOCOL_LOCKS 1
    • This change requires a restart of NCP server (reboot)

    Register and Patch the server:

    • Register the server with Novell:
      • At the command prompt:
        suse_register -a email=xxx@xxxxx -a regcode-sles=XXXXXXXXXXXX -a regcode-oes=XXXXXXXXXXXX

    • Update the server using YaST, Software, Online Update (this works in text mode with screen)

    Updating Java on SLED 10


    How to install the latest version of Sun Java JRE on SLED 10 and use it as default.

    Download and installing the latest version of Java:

    • Download and install the latest Sun Java RPM.
    • Use su to become root for the rest of these steps.
    • Set the downloaded file to executable (chmod +x) and run it.
    • Accept the license agreement, and it will the extract the RPM and install the JRE to /usr/java.
    • The installer will automatically update the symlink /usr/java/latest to point at the most recently installed JRE.

    The following steps are performed the first time only. For future updates, just follow the above steps to download and install the latest version, and everything should use the new version automatically.

    To make it the default JRE for your system:

    • cd /usr/lib/jvm
    • rm jre (it should be a symlink)
    • ln -s /usr/java/latest jre

    To make it the default JRE for GroupWise Client:

    • cd /opt/novell/groupwise/client
    • rm -rf jre (GroupWise installs its own JRE, you can delete or just rename with mv jre jre.bkp)
    • ln -s /usr/java/latest jre

    To make it the default JRE for GroupWise Messenger:

    • cd /opt/novell/messenger/client
    • rm -rf jre (Messenger installs its own JRE, you can delete or just rename with mv jre jre.bkp)
    • ln -s /usr/java/latest jre

    To make it your default JRE for FireFox:

    1. cd /usr/lib/firefox/plugins
    2. rm libjavaplugin_oji.so
    3. ln -s /usr/java/latest/libjavaplugin_oji.so
    4. cd /usr/lib/mozilla/plugins
    5. Repeat steps 2 & 3
    6. cd /usr/lib/browser-plugins
    7. Repeat steps 2 & 3

    Possibly you don’t need to add the symlink to all three locations for FireFox, but it takes essentially no space on disk and guarantees you get the latest version loaded.

    SLES 10 Installation and Setup


    Setup instructions for base SUSE Linux Enterprise Server in preparation for OES install

    Staging Step 1 – Initial Install:

    • Storage setup for a standard file and print server:
      • Need two logical drives, RAID 1, 5 or 10
      • First logical drive is for /boot, swap and / partitions (recommend 50GB)
      • Second logical drive is for NSS pool (size accordingly)
    • Installation options:
      • Local DVD install: Boot SLES 10 SP1 DVD and start a new install
      • Network install: Boot SLES 10 SP1 CD1 and use the following options:
        • hostip=xx.xx.xx.xx/24
        • gateway=xx.xx.xx.xx
        • nameserver=xx.xx.xx.xx
        • nfs://servername/install/SLES-10-SP2-DVD-x86_64-GM-DVD1.iso
      • To perform install remotely with VNC (DVD or network), add these options:
        • vnc=1
        • vncpassword=password
    • Select Language, Accept License, select New Installation
    • Set Clock and Time Zone info:
      • Set Hardware Clock Set To UTC
      • Region: USA, Time Zone: Pacific
      • Set Time and Date to current at your location (look at your watch)
    • Click Partitioning:
      • Create Custom Partition Setup, Custom Partitioning (for experts)
      • You should have two logical drives available, sda and sdb:
        • Create 1GB primary partition on sda, format as ext2, mount as /boot
        • Create 2GB primary partition on sda, format as swap
        • Create a primary partition on sda, use remaining space, format as ext3, mount as /
        • sdb will hold the NSS pool, which will be configured after OES installation
    • You can leave the defaults for software selection.
    • Click Accept to start installation – Server will format partitions, install software, and reboot.

    Staging Step 2 – Final Setup After Reboot:

    • Enter password for root
    • Enter hostname and domain (use lower case)
      • Uncheck Change Hostname via DHCP
    • Network Configuration:
      • Click to Enable Firewall for SSH
      • Make sure VNC Remote Administration is enabled
      • Click Network Interfaces, Edit:
        • Add Name Servers
        • Add search domains
    • Don’t check for Internet connectivity
    • Accept defaults on CA Management and click Next
    • Leave Authentication Method on Local, click Next
    • Don’t create a local user, just click Next, and Yes that it’s OK
    • Next on Release Notes
    • Next on Hardware Configuration
    • Uncheck Clone This System for Autoyast
    • Base install is finished at this point. If you’re doing a VNC install, your installation session will die here. You can reconnect to the new server at this point if needed.

    Staging Step 3 – Other Settings:

    • If it is a normal file server, copy SLES and OES source ISO’s to server:
      • Create /install
      • Copy the following ISO’s to /install:
        • SLES-10-SP2-DVD-x86_64-GM-DVD1.iso
        • OES2-SP1-x86_64-CD1.iso
    • Delete CD/DVD or network install source and add local source for SLES:
      • YaST: Software, Installation Source
    • Delete any CD/DVD or network sources
    • Click Add new, then select Local Directory (if it is a normal site file server, otherwise select NFS and use stewart-mis or hdsp-mis)
    • Set Path to /install/SLES-10-SP2-DVD-x86_64-GM-DVD1.iso
    • Check ISO Image
    • YaST: Network Services, NTP Configuration:
      • Change Automatically Start NTP Daemon to start During Boot
      • Go to Advanced Configuration
      • Add server ntp.doc.nv.gov and Enable for initial sync
    • Configure and start SNMP:
      • Copy /etc/snmp/snmpd.conf from another server
      • Enter chkconfig snmpd on to set daemon to auto-start
      • Enter rcsnmpd start to start the daemon
    • Enable Systat:
    • Enable with chkconfig systat on
    • Start with /etc/init.d/xinetd restart

    Reverse Differential Backup

    Setup for Backup Server:

    • Configure forwarding of root’s email to GroupWise System Admin resource:
      echo user@test.com > /root/.forward
    • Create/modify /etc/rsyncd.conf. See example Backup Server rsyncd.conf.
    • Enable rsync daemon: chkconfig rsyncd on
    • Start rsyncd: rcrsyncd start
    • Change into the backup volume/directory:
      • For a NSS BACKUP volume: cd /media/nss/BACKUP
      • For a XFS /backup directory: cd /backup
    • Create the backup folders for the primary server:
      mkdir primaryservername
      mkdir primaryservername/APPS
      mkdir primaryservername/backup
      mkdir primaryservername/boot
      mkdir primaryservername/etc
      mkdir primaryservername/GW
      mkdir primaryservername/mbr
      mkdir primaryservername/SHARED
      mkdir primaryservername/USERS
    • Create the backup folders for the backup server:
      mkdir backupservername
      mkdir backupservername/backup
      mkdir backupservername/boot
      mkdir backupservername/etc
      mkdir backupservername/mbr
    • Modify /etc/exports to export the BACKUP volume and /install directory:
      • /install *(ro,sync,root_squash) 10.1.1.0/255.255.255.0(rw,no_root_squash,sync) 10.1.2.0/255.255.255.0(rw,no_root_squash,sync)
      • For NSS BACKUP Volume:
        /media/nss/BACKUP primaryservername(rw,no_root_squash,sync,fsid=20) backup1(rw,no_root_squash,sync,fsid=20)
      • For XFS /backup directory:
        /backup primaryservername(rw,no_root_squash,sync) backup1(rw,no_root_squash,sync)
    • Enable nfsserver: chkconfig nfsserver on
    • Start nfsserver: rcnfsserver start
    • Create backup script bkp_backupservername.sh. See example Backup Server Backup Script.
    • Set executable permission: chmod +x bkp_backupservername.sh
    • Create lst file. See example exclude.lst.
    • Use crontab -e to edit the cron jobs and add the backup script:
      • For a NSS BACKUP volume: @daily /media/nss/BACKUP/bkp_backupservername.sh
      • For a XFS /backup directory: @daily /backup/bkp_backupservername.sh

     

    Backup Setup for Primary Server:

    • Configure forwarding of root’s email to GroupWise System Admin resource:
      echo user@test.com > /root/.forward
    • Create the backup folder: mkdir /backup
    • Change into backup folder: cd /backup
    • Create the mount folder: mkdir primaryservername
    • Modify /etc/fstab to auto-mount the backup volume:
      • NSS BACKUP volume:
        backupservername:/media/nss/BACKUP/primaryservername /backup/primaryservername nfs rw,intr,proto=tcp,rsize=32768,wsize=32768 0 0
      • XFS /backup directory:
        backupservername:/backup/primaryservername /backup/primaryservername nfs rw,intr,proto=tcp,rsize=32768,wsize=32768 0 0
    • Mount the backup volume: mount -a
    • Create backup script bkp_primaryservername.sh. See example Primary Server Backup Script.
    • Set executable permission: chmod +x bkp_primaryservername.sh
    • Create lst file. See example exclude.lst.
    • Use crontab -e to edit the cron jobs and add:
      @daily /backup/bkp_primaryservername.sh

     

    Example: Backup Server rsyncd.conf (NSS BACKUP volume):

    uid = root
    gid = root
    read only = false
    use chroot = true
    transfer logging = false
    log format = %h %o %f %l %b
    log file = /var/log/rsyncd.log
    pid file = /var/run/rsyncd.pid
    hosts allow = primaryservername.test.com backup.test.com
    slp refresh = 300
    
    [primaryservername_APPS]
    path = /media/nss/BACKUP/primaryservername/APPS
    
    [primaryservername_boot]
    path = /media/nss/BACKUP/primaryservername/boot
    
    [primaryservername_etc]
    path = /media/nss/BACKUP/primaryservername/etc
    
    [primaryservername_GW]
    path = /media/nss/BACKUP/primaryservername/GW
    
    [primaryservername_USERS]
    path = /media/nss/BACKUP/primaryservername/USERS
    
    [primaryservername_SHARED]
    path = /media/nss/BACKUP/primaryservername/SHARED

     

    Example: Backup Server rsyncd.conf (XFS /backup directory):

    uid = root
    gid = root
    read only = false
    use chroot = true
    transfer logging = false
    log format = %h %o %f %l %b
    log file = /var/log/rsyncd.log
    pid file = /var/run/rsyncd.pid
    hosts allow = primaryservername.test.com backup1.test.com
    slp refresh = 300
    
    [primaryservername_APPS]
    path = /backup/primaryservername/APPS
    
    [primaryservername_boot]
    path = /backup/primaryservername/boot
    
    [primaryservername_etc]
    path = /backup/primaryservername/etc
    
    [primaryservername_GW]
    path = /backup/primaryservername/GW
    
    [primaryservername_USERS]
    path = /backup/primaryservername/USERS
    
    [primaryservername_SHARED]
    path = /backup/primaryservername/SHARED

     

    Example: Backup Server Backup Script:

    #!/bin/bash
    # Version: 2008-02-27 03:10pm
    # Modified By: Dan O.
    
    StartTime=`date`
    Today=`date +%F`
    Yesterday=`date --date=yesterday +%F`
    PurgeDate=`date --date='31 days ago' +%F`
    
    echo "**********************************************************************"
    echo "Starting backup of system files on $HOSTNAME at $StartTime..."
    
    echo -e "\nChanging into backup directory '/backup/$HOSTNAME'..."
    cd /backup/$HOSTNAME
    
    echo -e "\nPurging backup folders older than 30 days..."
    echo -e "backup
    boot
    etc
    mbr" |
    while read DirName
    do
      find $DirName/* -type d ! -name . -prune -mtime +30 -exec rm -rf {} \;
    done
    
    echo -e "\nCreating new backup directories for $Today:"
    echo -e "backup
    boot
    etc
    mbr" |
    while read DirName
    do
      mkdir -v $DirName/$Today
    done
    
    echo -e "\nRotating files from $Yesterday/ to $Today/..."
    # No rotation for /backup/ scripts or mbr (too small to worry about differential)
    echo -e "boot
    etc" |
    while read DirName
    do
      mv $DirName/$Yesterday/* $DirName/$Today/
    done
    
    echo -e "\nSaving backup scripts..."
    cp /backup/* backup/$Today/
    touch backup/$Today
    
    echo -e "\nSaving Master Boot Record for sda & sdb..."
    dd if=/dev/sda of=mbr/$Today/sda-mbr bs=512 count=1
    dd if=/dev/sdb of=mbr/$Today/sdb-mbr bs=512 count=1
    touch mbr/$Today
    
    echo -e "\nBacking up /boot/ directory:"
    rsync -azb --stats --delete --backup-dir boot/$Yesterday/ /boot/ boot/$Today/
    touch boot/$Today
    
    echo -e "\nBacking up /etc/ directory:"
    rsync -azb --stats --delete --backup-dir etc/$Yesterday/ /etc/ etc/$Today/
    touch etc/$Today
    
    EndTime=`date`
    
    echo -e "\n\nBackup of system files on $HOSTNAME completed at $EndTime."
    echo "**********************************************************************"

     

    Example: exclude.lst:

    ._NETWARE
    ~DFSINFO.8-P
    VOLDATA.TDF
    .Trash-root
    Thumbs.db
    thumbs.db
    THUMBS.DB

     

    Example: Primary Server Backup Script:

    #!/bin/bash
    # Version: 2008-02-27 03:00pm
    # Modified By: Dan O.
    
    StartTime=`date`
    Today=`date +%F`
    Yesterday=`date --date=yesterday +%F`
    PurgeDate=`date --date='31 days ago' +%F`
    BackupHost="backupservername"
    
    echo "**********************************************************************"
    echo "Starting backup from $HOSTNAME to $BackupHost at $StartTime..."
    
    echo -e "\nMaking sure backup directory is mounted with 'mount -a'..."
    mount -a
    # Would rather do a check to make sure it's already mounted. If not, try to mount. If it fails, abort.
    
    echo -e "\nChanging into backup directory '/backup/$HOSTNAME'..."
    cd /backup/$HOSTNAME
    # Need to add check to make sure this directory change was successful, or abort.
    
    echo -e "\nPurging backup folders older than 30 days..."
    echo -e "backup
    boot
    etc
    GW
    mbr
    SHARED
    USERS" |
    while read DirName
    do
    #  rm -rf $DirName/$PurgeDate
    #  find $DirName/* -type d ! -name . -prune -mtime +30 -exec echo {} \;
      find $DirName/* -type d ! -name . -prune -mtime +30 -exec rm -rf {} \;
    done
    
    # Creating a new new "$Today" directory, then moving $Yesterday/* $Today/
    # keeps the timestamp on $Yesterday/, and makes the script better able to handle
    # manual backups (no nested $Today/$Yesterday, which can happen on a restart)
    echo -e "\nCreating new backup directories for $Today:"
    echo -e "backup
    boot
    etc
    GW
    mbr
    SHARED
    USERS" |
    while read DirName
    do
      mkdir -v $DirName/$Today
    done
    
    echo -e "\nRotating files from $Yesterday/ to $Today/..."
    # No rotation for /backup/ scripts or mbr (too small to worry about differential)
    echo -e "boot
    etc
    GW
    SHARED
    USERS" |
    while read DirName
    do
      mv $DirName/$Yesterday/* $DirName/$Today/
    done
    
    echo -e "\nSaving backup scripts..."
    cp /backup/* backup/$Today/
    touch backup/$Today
    
    echo -e "\nSaving Master Boot Record for sda & sdb..."
    dd if=/dev/sda of=mbr/$Today/sda-mbr bs=512 count=1
    dd if=/dev/sdb of=mbr/$Today/sdb-mbr bs=512 count=1
    touch mbr/$Today
    
    echo -e "\n\nBacking up APPS volume:"
    rsync -az --stats --delete --exclude-from=/backup/exclude.lst /media/nss/APPS/ "$BackupHost"::"$HOSTNAME"_APPS/
    touch APPS/
    
    BackupOptions="-azb --stats --delete --exclude-from=/backup/exclude.lst --backup-dir /$Yesterday/"
    echo -e "\nBackup options set to '$BackupOptions'..."
    
    echo -e "\nBacking up /boot/ directory:"
    rsync $BackupOptions /boot/ "$BackupHost"::"$HOSTNAME"_boot/$Today/
    touch boot/$Today
    
    echo -e "\nBacking up /etc/ directory:"
    rsync $BackupOptions /etc/ "$BackupHost"::"$HOSTNAME"_etc/$Today/
    touch etc/$Today
    
    echo
    /etc/init.d/grpwise stop
    echo "Backing up GW volume:"
    rsync $BackupOptions /media/nss/GW/ "$BackupHost"::"$HOSTNAME"_GW/$Today/
    /etc/init.d/grpwise start
    touch GW/$Today
    
    echo -e "\n\nSaving Trustees for USERS volume..."
    /opt/novell/nss/sbin/metamig save USERS -m t > /media/nss/USERS/trustees.xml
    echo "Backing up USERS volume:"
    rsync $BackupOptions /media/nss/USERS/ "$BackupHost"::"$HOSTNAME"_USERS/$Today/
    touch USERS/$Today
    
    echo -e "\n\nSaving Trustees for SHARED volume..."
    /opt/novell/nss/sbin/metamig save SHARED -m t > /media/nss/SHARED/trustees.xml
    echo "Backing up SHARED volume:"
    rsync $BackupOptions /media/nss/SHARED/ "$BackupHost"::"$HOSTNAME"_SHARED/$Today/
    touch SHARED/$Today
    
    EndTime=`date`
    
    echo -e "\n\nBackup of $HOSTNAME to $BackupHost completed at $EndTime."
    echo "**********************************************************************"