From 4324829135860d9d1fbbebe7deeb9113802a238b Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Wed, 5 Dec 2018 14:31:19 +0100 Subject: [PATCH] First version of the package --- WAPT/control | 32 ++++++ WAPT/wapt.psproj | 295 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ rsyncd.conf | 24 +++++ setup.py | 89 +++++++++++++++++ 4 files changed, 440 insertions(+) create mode 100644 WAPT/control create mode 100644 WAPT/wapt.psproj create mode 100644 rsyncd.conf create mode 100644 setup.py diff --git a/WAPT/control b/WAPT/control new file mode 100644 index 0000000..8ab56ae --- /dev/null +++ b/WAPT/control @@ -0,0 +1,32 @@ +package : fws-backuppc_agent +version : 1.3.4-1 +architecture : all +section : base +priority : optional +maintainer : Daniel Berteaud +description : BackupPC Agent +depends : +conflicts : +maturity : DEV +locale : all +target_os : windows +min_os_version : 5.0 +max_os_version : +min_wapt_version : 1.3.12 +sources : +installed_size : +impacted_process : +description_fr : Agent de sauvegarde BackupPC +description_pl : +description_de : +description_es : +audit_schedule : 4w +editor : +keywords : +licence : GPLv2+ +homepage : http://www.michaelstowe.com/backuppc/ +package_uuid : +signer : Daniel Berteaud +signer_fingerprint: +signature_date : +signed_attributes : \ No newline at end of file diff --git a/WAPT/wapt.psproj b/WAPT/wapt.psproj new file mode 100644 index 0000000..29acc4b --- /dev/null +++ b/WAPT/wapt.psproj @@ -0,0 +1,295 @@ +[PyScripter] +Version=3.3.2.0 + +[Project] +ClassName=TProjectRootNode +StoreRelativePaths=TRUE +ShowFileExtensions=FALSE + +[Project\ChildNodes\Node0] +ClassName=TProjectFilesNode + +[Project\ChildNodes\Node0\ChildNodes\Node0] +ClassName=TProjectFolderNode +Name=wapt + +[Project\ChildNodes\Node0\ChildNodes\Node0\ChildNodes\Node0] +ClassName=TProjectFileNode +FileName=C:\Program Files (x86)\wapt\common.py + +[Project\ChildNodes\Node0\ChildNodes\Node0\ChildNodes\Node1] +ClassName=TProjectFileNode +FileName=C:\Program Files (x86)\wapt\setuphelpers.py + +[Project\ChildNodes\Node0\ChildNodes\Node0\ChildNodes\Node2] +ClassName=TProjectFileNode +FileName=C:\Program Files (x86)\wapt\wapt-get.ini + +[Project\ChildNodes\Node0\ChildNodes\Node0\ChildNodes\Node3] +ClassName=TProjectFileNode +FileName=C:\Program Files (x86)\wapt\wapt-get.py + +[Project\ChildNodes\Node0\ChildNodes\Node0\ChildNodes\Node4] +ClassName=TProjectFileNode +FileName=C:\Program Files (x86)\wapt\waptpackage.py + +[Project\ChildNodes\Node0\ChildNodes\Node0\ChildNodes] +Count=5 + +[Project\ChildNodes\Node0\ChildNodes\Node1] +ClassName=TProjectFileNode +FileName=$[Project-Path]changelog.txt + +[Project\ChildNodes\Node0\ChildNodes\Node2] +ClassName=TProjectFileNode +FileName=$[Project-Path]control + +[Project\ChildNodes\Node0\ChildNodes\Node3] +ClassName=TProjectFileNode +FileName=$[Project-Path]..\setup.py + +[Project\ChildNodes\Node0\ChildNodes] +Count=4 + +[Project\ChildNodes\Node1] +ClassName=TProjectRunConfiguationsNode + +[Project\ChildNodes\Node1\ChildNodes\Node0] +ClassName=TProjectRunConfiguationNode +Name=install + +[Project\ChildNodes\Node1\ChildNodes\Node0\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=install "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node0\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node1] +ClassName=TProjectRunConfiguationNode +Name=remove + +[Project\ChildNodes\Node1\ChildNodes\Node1\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=remove "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node1\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node2] +ClassName=TProjectRunConfiguationNode +Name=session-setup + +[Project\ChildNodes\Node1\ChildNodes\Node2\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=session-setup "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node2\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node3] +ClassName=TProjectRunConfiguationNode +Name=update + +[Project\ChildNodes\Node1\ChildNodes\Node3\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=update +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node3\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node4] +ClassName=TProjectRunConfiguationNode +Name=upgrade + +[Project\ChildNodes\Node1\ChildNodes\Node4\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=-f upgrade +WorkingDir=$[ActiveScript-Dir] +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node4\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node5] +ClassName=TProjectRunConfiguationNode +Name=-i build-upload + +[Project\ChildNodes\Node1\ChildNodes\Node5\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=-i build-upload "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node5\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node6] +ClassName=TProjectRunConfiguationNode +Name=svn update + +[Project\ChildNodes\Node1\ChildNodes\Node6\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=sources "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node6\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node7] +ClassName=TProjectRunConfiguationNode +Name=uninstall + +[Project\ChildNodes\Node1\ChildNodes\Node7\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=uninstall "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node7\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[Project-Path].. +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node8] +ClassName=TProjectRunConfiguationNode +Name=update-package-sources + +[Project\ChildNodes\Node1\ChildNodes\Node8\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=update-package-sources "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node8\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes\Node9] +ClassName=TProjectRunConfiguationNode +Name=audit + +[Project\ChildNodes\Node1\ChildNodes\Node9\RunConfig] +ScriptName=C:\Program Files (x86)\wapt\wapt-get.py +EngineType=peRemote +ReinitializeBeforeRun=TRUE +Parameters=audit "$[Project-Path].." +WorkingDir=$[Project-Path].. +WriteOutputToFile=FALSE +OutputFileName=$[ActiveScript-NoExt].log +AppendToFile=FALSE + +[Project\ChildNodes\Node1\ChildNodes\Node9\RunConfig\ExternalRun] +Caption=External Run +Description=Run script using an external Python Interpreter +ApplicationName=$[PythonExe-Short] +Parameters=$[ActiveScript-Short] +WorkingDirectory=$[ActiveScript-Dir] +ShortCut=0 +MessagesFormat=$[FileName] $[LineNumber] + +[Project\ChildNodes\Node1\ChildNodes] +Count=10 + +[Project\ChildNodes] +Count=2 + +[Project\ExtraPythonPath] +Count=0 + diff --git a/rsyncd.conf b/rsyncd.conf new file mode 100644 index 0000000..0113a61 --- /dev/null +++ b/rsyncd.conf @@ -0,0 +1,24 @@ +use chroot = false +strict modes = false +pid file = rsyncd.pid +socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=65536 + +[PART1] +path = /cygdrive/B/ +auth users = backup +secrets file = rsyncd.secrets + +[PART2] +path = /cygdrive/L/ +auth users = backup +secrets file = rsyncd.secrets + +[PART3] +path = /cygdrive/M/ +auth users = backup +secrets file = rsyncd.secrets + +[PART4] +path = /cygdrive/N/ +auth users = backup +secrets file = rsyncd.secrets \ No newline at end of file diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..bc6a81d --- /dev/null +++ b/setup.py @@ -0,0 +1,89 @@ +# -*- coding: utf-8 -*- +from setuphelpers import * +from cryptography.fernet import Fernet +import json +import os + +uninstallkey = [] + +variables = { + 'backup_servers': [ '192.168.100.31' ], + 'backup_rsync_pass': 's3cretp@ssw0rd' +} + +# Read local variables file if available +if isfile(makepath(programfiles32,'wapt','private','symetric.txt')) and isfile(makepath(programfiles32,'wapt','private','variables.txt')): + print('Reading local encrypted variables file') + f = Fernet(open(makepath(programfiles32,'wapt','private','symetric.txt'),'r').read()) + variables.update(json.loads(f.decrypt(open(makepath(programfiles32,'wapt','private','variables.txt'),'r').read()))) + +overrides = ['rsyncd.conf', 'pre-exec.cmd', 'vsrsync.cmd', 'cygiconv-2.dll', 'cygwin1.dll', 'cygz.dll', 'rsync.exe'] + +def install(): + print('Installing BackupPC Agent') + version = control['version'].split('-',1)[0] + install_exe_if_needed("backuppc-client.exe",silentflags='/S',key='BackupPC',min_version=version,killbefore=['rsync.exe']) + # We override some files + # cygwin and rsync are needed because version 3.1.1 is very unreliable on Win2012, so we downgrade to 3.0.9 + # our own pre-exec adds an exclusive lock + # And vsrsync.cmd fixes an issue when PATH contains a & char + print('Overriding scripts and binaries') + for file in overrides: + print('Copying %s' % file) + filecopyto(file,makepath(os.getenv('SYSTEMDRIVE','C:\\'),'BackupPC')) + + # We write credential file + print('Writing credential file') + open(makepath(os.getenv('SYSTEMDRIVE','C:\\'),'BackupPC','rsyncd.secrets'),'w').write('backup:%s' % variables['backup_rsync_pass']) + + # The default behaviour is to add a firewall rule allowing local network. We'll remove this rule to create a more restrictive one + print('Adding firewall rules') + run('netsh advfirewall firewall del rule name="Agent BackupPC"', accept_returncodes=[0,1]) + run('netsh advfirewall firewall add rule name="Agent BackupPC" dir=in action=allow program="%s" enable=yes remoteip=%s' % (makepath(os.getenv('SYSTEMDRIVE','C:\\'),'BackupPC','rsync.exe'),','.join(variables['backup_servers']))) + # Port 445 is needed for winexe + run('netsh advfirewall firewall add rule name="remote admin" dir=in action=allow protocol=TCP localport=445 enable=yes remoteip=%s' % ','.join(variables['backup_servers'])) + + # Create the backup account + print('Create a local account and add it to the admin group') + run('net user lbkp /add', accept_returncodes=[0,2]) + if 'backup_pass' in variables: + run('net user lbkp %s' % variables['backup_pass']) + run('net localgroup Administrateurs lbkp /add', accept_returncodes=[0,2]) + + # For vista and newer, UAC prevents admin shares, we need to enable it + print('Enabling remote access to admin shares') + if windows_version() > Version('6'): + reg_key = reg_openkey_noredir(HKEY_LOCAL_MACHINE,r'SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system',sam=KEY_WRITE,create_if_missing=True) + reg_setvalue(reg_key, 'LocalAccountTokenFilterPolicy', 1, REG_DWORD) + + +def uninstall(): + print('Removing BackupPC Agent') + print('Removing firewall rules') + run('netsh advfirewall firewall del rule name="Agent BackupPC"', accept_returncodes=[0,1]) + run('netsh advfirewall firewall del rule name="remote admin"', accept_returncodes=[0,1]) + print('Removing lbkp from Admin group') + run('net localgroup Administrateurs lbkp /delete', accept_returncodes=[0,2]) + print('Disabling remote access to admin shares') + if windows_version() > Version('6'): + reg_key = reg_openkey_noredir(HKEY_LOCAL_MACHINE,r'SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system',sam=KEY_WRITE) + reg_delvalue(reg_key, 'LocalAccountTokenFilterPolicy') + print('Removing files') + for file in overrides: + path =makepath(os.getenv('SYSTEMDRIVE','C:\\'),'BackupPC',file) + if isfile(path): + os.unlink(path) + +def audit(): + filter_policy = registry_readstring(HKEY_LOCAL_MACHINE,r'SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system','LocalAccountTokenFilterPolicy') + if not filter_policy : + print(r"key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system\LocalAccountTokenFilterPolicy doesn't exist") + return "ERROR" + elif int(filter_policy) != 1 : + print("Wrong value for LocalAccountTokenFilterPolicy") + return "ERROR" + for file in overrides + ['rsyncd.secrets','part.cmd' ]: + if not isfile(makepath(os.getenv('SYSTEMDRIVE','C:\\'),'BackupPC',file)): + print('%s is missing' % makepath(os.getenv('SYSTEMDRIVE','C:\\'),'BackupPC',file)) + return "ERROR" + return "OK" \ No newline at end of file