initial commit of file from CVS for smeserver-BackupPC on Sat Sep 7 20:10:07 AEST 2024

root/etc/BackupPC/localArchive.conf

@@ -0,0 +1,40 @@
+# Destination directory, where the archive will be created
+destination = /tmp/
+
+# Split size in MBytes. If different from 0, the archive will be cut at this size
+split = 0
+
+# Compression. Can be gzip, bzip2 or none
+compress = gzip
+
+# Encryption of the archives, using OpenSSL
+# You can put here the name of the cipher you want to use
+# To obtain a list of available cipher, run the command
+# man enc
+# eg: cipher = aes-256-cbc
+# If encryption is turned on, .enc will be appended
+# At the end of the archive's name.
+# To be able tu use this archive talter, you'll have to
+# decrypt it using the same key
+# cat archive.tar.gz.enc | openssl enc aes-256-cbc -d -pass file:/etc/BackupPC/archive.key > archive.tar.gz
+cipher = off
+
+# The key file to use to encrypt the archive
+# You should backup this key somewhere. If you lost it
+# your archives will be unusuable
+key = /etc/BackupPC/archive.key
+
+# The backup number to archive, -1 means the last one
+backupNum = -1
+
+# The share to archive
+share = '*'
+
+# The amount of parity (using par2)
+parity = 0
+
+# The hosts to archive, separate them with a space eg: localhost server1 server2
+hosts = localhost
+
+# The user who will receive the log of the archive, you can set a email address out of the server if you want
+sendMailTo = admin

root/etc/BackupPC/localCopyPool.conf

@@ -0,0 +1,17 @@
+# Destination directory, where the pool will be copied
+destination = /tmp/
+
+# The source directory, the topdir of the data
+source = /var/lib/BackupPC
+
+# Compression used for the "pc" archive. Can be gzip, bzip2 or none
+compress = gzip
+
+# If you want to extract the "pc" archive on the destination, can be set to 'yes' or 'no'
+extract = yes
+
+# Stop BackupPC daemon. You should let this to 'yes' unless you use something like LVM snapshots
+stop = yes
+
+# The user who will receive the log of the archive, you can set a email address out of the server if you want
+sendMailTo = admin

root/etc/BackupPC/pc/localserver-template.pl

@@ -0,0 +1,32 @@
+$Conf{RsyncShareName} = [
+  '/'
+];
+$Conf{BackupFilesExclude} = {
+  '/' => [
+    '/var/lib/BackupPC',
+    '/proc',
+    '/tmp',
+    '/sys',
+    '/dev',
+    '/boot',
+    '/mnt',
+    '/media',
+    '/selinux',
+    '/aquota.*',
+    '/lost+found',
+    '/initrd',
+    '/var/tmp',
+    '/var/lib/mysql'
+  ]
+};
+$Conf{DumpPreUserCmd} = '/usr/bin/sudo /usr/share/BackupPC/bin/BackupPC_SME_pre-backup';
+$Conf{XferMethod} = 'rsync';
+$Conf{RsyncClientCmd} = '/usr/bin/sudo $rsyncPath $argList+';
+$Conf{RsyncClientRestoreCmd} = '/usr/bin/sudo $rsyncPath $argList+';
+$Conf{ClientNameAlias} = '127.0.0.1';
+$Conf{BackupsDisable} = 1;
+$Conf{RsyncSshArgs} = [
+  '-e',
+  '/usr/bin/sudo -p'
+];
+

root/etc/BackupPC/pc/smeserver-template.pl

@@ -0,0 +1,26 @@
+$Conf{RsyncShareName} = [
+  '/'
+];
+$Conf{BackupFilesExclude} = {
+  '/' => [
+    '/var/lib/BackupPC/',
+    '/proc',
+    '/tmp',
+    '/sys',
+    '/dev',
+    '/boot',
+    '/mnt',
+    '/media',
+    '/selinux',
+    '/aquota.*',
+    '/lost+found',
+    '/initrd',
+    '/var/tmp',
+    '/var/lib/mysql',
+    '/var/spool/squid'
+  ]
+};
+$Conf{DumpPreUserCmd} = '$sshPath -l root $host /sbin/e-smith/signal-event pre-backup';
+$Conf{XferMethod} = 'rsync';
+$Conf{BackupsDisable} = 1;
+

root/etc/BackupPC/pc/windows-template.pl

@@ -0,0 +1,38 @@
+$Conf{ClientCharset} = 'cp1252';
+$Conf{RsyncShareName} = [
+  'cDrive'
+];
+$Conf{RsyncdPasswd} = 'secret';
+$Conf{RsyncdUserName} = 'backuppc';
+$Conf{XferMethod} = 'rsyncd';
+$Conf{BackupFilesExclude} = {
+  '*' => [
+    '*/hiberfil.sys',
+    '*/pagefile.sys',
+    '*/WUTemp',
+    '*/RECYCLER',
+    '*/UsrClass.dat',
+    '*/UsrClass.dat.LOG',
+    '*/NTUSER.DAT',
+    '*/NTUSER.DAT.LOG',
+    '*/Temporary?Internet?Files/*',
+    '*/Documents?and?Settings/*/Recent',
+    '*/Cache',
+    '*/parent.lock',
+    '*/Thumbs.db',
+    '*/IconCache.db',
+    '*/System?Volume?Information',
+    '*/Temp/*',
+    '*.tmp',
+    '*.bak',
+    '*/WINDOWS/system32/config/SYSTEM',
+    '*/WINDOWS/system32/config/SOFTWARE',
+    '*/WINDOWS/system32/config/SECURITY',
+    '*/WINDOWS/system32/config/SECURITY.LOG',
+    '*/WINDOWS/system32/config/SAM',
+    '*/WINDOWS/system32/config/SAM.LOG',
+    '*/WINDOWS/system32/config/DEFAULT',
+  ]
+};
+$Conf{BackupsDisable} = 1;
+

root/etc/BackupPC/remoteArchive.conf

@@ -0,0 +1,41 @@
+# The host you to send archives to
+remoteHost = remote.host.com
+
+# The remote user to use for the ssh connection
+remoteUser = root
+
+# Destination directory, where the archive will be created
+remoteDir = /tmp/
+
+# Compression. Can be gzip, bzip2 or none
+compress = gzip
+
+# Encryption of the archives, using OpenSSL
+# You can put here the name of the cipher you want to use
+# To obtain a list of available cipher, run the command
+# man enc
+# eg: cipher = aes-256-cbc
+# If encryption is turned on, .enc will be appended
+# At the end of the archive's name.
+# To be able tu use this archive talter, you'll have to
+# decrypt it using the same key
+# cat archive.tar.gz.enc | openssl enc aes-256-cbc -d -pass file:/etc/BackupPC/archive.key > archive.tar.gz
+cipher = off
+
+# The key file to use to encrypt the archive
+# You should backup this key somewhere. If you lost it
+# your archives will be unusuable
+key = /etc/BackupPC/archive.key
+
+# The backup number to archive, -1 means the last one
+backupNum = -1
+
+# The share to archive
+share = '*'
+
+# The hoststo archive, separate them with a space eg: localhost server1 server2
+hosts = localhost
+
+# The user who will receive the log of the archive, you can set a email address out of the server if you want
+sendMailTo = admin
+

root/etc/BackupPC/remoteCopyPool.conf

@@ -0,0 +1,23 @@
+# The host you to send the pool to
+remoteHost = remote.host.com
+
+# The remote user to use for the ssh connection
+remoteUser = root
+
+# Destination directory, where the archive will be created
+remoteDir = /tmp/
+
+# The source directory, the topdir of the data
+source = /var/lib/BackupPC
+
+# Compression used for the "pc" archive. Can be gzip, bzip2 or none
+compress = gzip
+
+# If you want to extract the "pc" archive on the destination, can be set to 'yes' or 'no'
+extract = yes
+
+# Stop BackupPC daemon. You should let this to 'yes' unless you use something like LVM snapshots
+stop = yes
+
+# The user who will receive the log of the archive, you can set a email address out of the server if you want
+sendMailTo = admin

root/etc/BackupPC/usbArchive.conf

@@ -0,0 +1,40 @@
+# The device you want to use, where the archive will be created
+device = /dev/sdc1
+
+# Split size in MBytes. If different from 0, the archive will be cut at this size
+split = 0
+
+# Compression. Can be gzip, bzip2 or none
+compress = gzip
+
+# Encryption of the archives, using OpenSSL
+# You can put here the name of the cipher you want to use
+# To obtain a list of available cipher, run the command
+# man enc
+# eg: cipher = aes-256-cbc
+# If encryption is turned on, .enc will be appended
+# At the end of the archive's name.
+# To be able tu use this archive talter, you'll have to
+# decrypt it using the same key
+# cat archive.tar.gz.enc | openssl enc aes-256-cbc -d -pass file:/etc/BackupPC/archive.key > archive.tar.gz
+cipher = off
+
+# The key file to use to encrypt the archive
+# You should backup this key somewhere. If you lost it
+# your archives will be unusuable
+key = /etc/BackupPC/archive.key
+
+# The backup number to archive, -1 means the last one
+backupNum = -1
+
+# The share to archive
+share = '*'
+
+# The amount of parity (using par2)
+parity = 0
+
+# The hoststo archive, separate them with a space eg: localhost server1 server2
+hosts = localhost
+
+# The user who will receive the log of the archive, you can set a email address out of the server if you want
+sendMailTo = admin

root/etc/BackupPC/usbCopyPool.conf

@@ -0,0 +1,18 @@
+# The device you want to use, where the archive will be created
+device = /dev/sdc1
+
+# Compression to use for the "pc" archive. Can be gzip, bzip2 or none
+compress = gzip
+
+# The source directory, the topdir of the data
+source = /var/lib/BackupPC
+
+# If you want to extract the "pc" archive on the destination, can be set to 'yes' or 'no'
+extract = yes
+
+# Stop BackupPC daemon. You should let this to 'yes' unless you use something like LVM snapshots
+stop = yes
+
+# The user who will receive the log of the archive, you can set a email address out of the server if you want
+sendMailTo = admin
+

root/etc/e-smith/db/accounts/defaults/backuppc/type

@@ -0,0 +1 @@
+system

root/etc/e-smith/db/configuration/defaults/backuppc/examples

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/backuppc/status

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/backuppc/sudo

@@ -0,0 +1 @@
+/usr/bin/rsync,/bin/gtar

root/etc/e-smith/db/configuration/defaults/backuppc/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/db/configuration/defaults/httpd-bkpc/TCPPort

@@ -0,0 +1 @@
+950

root/etc/e-smith/db/configuration/defaults/httpd-bkpc/status

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/httpd-bkpc/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/events/actions/backuppc-checkupgrade

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+# We may need to update some configuration if we have upgraded from smeserver-backuppc.fws
+if [ -e /etc/BackupPC/config.pl ]; then
+
+	# The new URL for backuppc images is /BackupPC/images
+	sed -i 's|^\$Conf{CgiImageDirURL} .*|$Conf{CgiImageDirURL}     = "/BackupPC/images";|' /etc/BackupPC/config.pl
+
+	# Update paths
+	sed -i 's|/opt/backuppc/files|/var/lib/BackupPC|' /etc/BackupPC/config.pl
+	sed -i 's|/usr/local/BackupPC|/usr/share/BackupPC|' /etc/BackupPC/config.pl
+	sed -i 's|/opt/backuppc/cgi-bin|/usr/share/BackupPC/sbin|' /etc/BackupPC/config.pl
+	sed -i 's|/opt/backuppc/images|/usr/share/BackupPC/html|' /etc/BackupPC/config.pl
+
+	# Update the admin user and the user whi receives the alerts
+	sed -i "s|$Conf{CgiAdminUsers}     = '';|$Conf{CgiAdminUsers}     = 'admin';|" /etc/BackupPC/config.pl
+	sed -i "s|$Conf{EMailAdminUserName} = 'backuppc';|$Conf{EMailAdminUserName} = 'admin';|" /etc/BackupPC/config.pl
+
+	# Update the CgiURL
+	SystemName=$(/sbin/e-smith/db configuration get SystemName)
+	DomainName=$(/sbin/e-smith/db configuration get DomainName)
+	sed -i "s|$Conf{CgiURL} = 'http://localhost/.*|$Conf{CgiURL} = 'https://$SystemName.$DomainName/BackupPC';|" /etc/BackupPC/config.pl
+
+	# If par2 is not present, then put /bin/true in the config file to prevent an error
+	if [ ! -x /usr/local/bin/par2 ]; then
+		sed -i 's|^$Conf{ParPath} .*|$Conf{ParPath}     = "/bin/true";|' /etc/BackupPC/config.pl
+	fi
+fi
+
+
+
+# Same for localhost.pl, the default config in previous release
+if [ -e /etc/BackupPC/pc/localhost.pl ]; then
+		sed -i "s|$Conf{DumpPreUserCmd} = '/usr/bin/sudo /usr/local/BackupPC/bin/BackupPC_SME_pre-backup';|$Conf{DumpPreUserCmd} = '/usr/bin/sudo /usr/share/BackupPC/bin/BackupPC_SME_pre-backup';|" /etc/BackupPC/pc/localhost.pl
+fi
+
+# Add the example configs
+EX=$(/sbin/e-smith/db configuration getprop backuppc examples)
+if [ $EX == 'enabled' ]; then
+	if [ $(grep -c windows-template /etc/BackupPC/hosts) -lt 1 ]; then
+		echo "windows-template 0 admin" >> /etc/BackupPC/hosts
+	fi
+	if [ $(grep -c localserver-template /etc/BackupPC/hosts) -lt 1 ]; then
+		echo "localserver-template 0 admin" >> /etc/BackupPC/hosts
+	fi
+	if [ $(grep -c smeserver-template /etc/BackupPC/hosts) -lt 1 ]; then
+		echo "smeserver-template 0 admin" >> /etc/BackupPC/hosts
+	fi
+fi
+
+# Ensure permissions are ok
+chown -R backuppc:backuppc /etc/BackupPC/
+chown -R backuppc:backuppc /var/log/BackupPC/
+find /etc/BackupPC/ -type f -exec chmod 640 {} \;
+

root/etc/e-smith/events/actions/backuppc-genkey

@@ -0,0 +1,33 @@
+#!/usr/bin/perl -w
+
+# Generate a keyfile for archives encryption
+
+my $keyfile = '/etc/BackupPC/archive.key';
+
+if (! -e $keyfile){
+    use MIME::Base64 qw(encode_base64);
+
+    my $key = "not set due to error";
+    if ( open( RANDOM, "/dev/urandom" ) ){   
+        my $buf;
+        # 57 bytes is a full line of Base64 coding, and contains
+        # 456 bits of randomness - given a perfectly random /dev/random
+        if ( read( RANDOM, $buf, 57 ) != 57 )
+        {   
+            warn("Short read from /dev/random: $!");
+        }
+        else
+        {   
+            $key = encode_base64($buf);
+            chomp $key;
+        }
+        close RANDOM;
+    }
+    else
+    {   
+        warn "Could not open /dev/urandom: $!";
+    }
+    open( KEYFILE, ">$keyfile") || warn "Could not open $keyfile: $!";
+    print KEYFILE $key;
+    close KEYFILE;
+}

root/etc/e-smith/templates/etc/httpd/bkpc-conf/httpd.conf/01localAccessString

@@ -0,0 +1,23 @@
+{
+    #---------------------------------------------------------------------
+    # Grab ValidFrom access list property of httpd-admin
+    # SSL enabled virtual hosts should only allow access from IP's in
+    # this list, as well as local networks.
+    #---------------------------------------------------------------------
+    use esmith::NetworksDB;
+
+    my $ndb = esmith::NetworksDB->open_ro();
+
+    my @localAccess = $ndb->local_access_spec();
+    my $validFrom = ${'httpd-admin'}{'ValidFrom'};
+    if ($validFrom)
+    {   
+        push @localAccess, split /,/, $validFrom;
+    }
+    $localAccess .= join ' ',
+        map { s:/255.255.255.255::; $_ }
+            @localAccess;
+
+    "";
+}
+

root/etc/e-smith/templates/etc/httpd/bkpc-conf/httpd.conf/19AuthTKT

@@ -0,0 +1,8 @@
+{
+    $OUT .= "LoadModule auth_tkt_module modules/mod_auth_tkt.so\n";
+
+    my $secret = ${'httpd-admin'}{TKTAuthSecret} || "34322500-7330-4400-423A-3A00434F5245";
+    $OUT .= "TKTAuthSecret \"$secret\"\n";
+    $OUT .= "TKTAuthDigestType SHA256\n";
+}
+

root/etc/e-smith/templates/etc/httpd/bkpc-conf/httpd.conf/20Modules

@@ -0,0 +1,153 @@
+{
+    my $port = ${'httpd-bkpc'}{TCPPort} || '950'; 
+    $OUT .= "Listen 127.0.0.1:$port\n";
+    
+    $OUT .= <<HERE;
+    
+HostnameLookups off
+    
+ServerAdmin admin@$DomainName
+ServerRoot /etc/httpd
+ServerTokens ProductOnly
+    
+User backuppc
+Group backuppc
+    
+ErrorLog /var/log/httpd/bkpc_error_log
+LogLevel warn
+HERE
+
+foreach (qw(
+    env
+    log_config
+    mime
+    negotiation
+    status
+    info
+    include
+    autoindex
+    dir
+    asis
+    imap
+    imagemap
+    actions
+    userdir
+    proxy
+    proxy_http
+    alias
+    rewrite
+    access
+    authz_host
+    authz_user
+    auth
+    auth_anon
+    auth_digest
+    expires
+    headers
+    usertrack
+    setenvif
+    ssl
+    cgi
+    mpm_prefork
+    unixd
+    access_compat
+    authn_core
+    authz_core
+    ))
+{
+    next unless -f "/usr/lib/httpd/modules/mod_${_}.so" ||
+                -f "/usr/lib64/httpd/modules/mod_${_}.so";
+    $OUT .= "LoadModule ${_}_module modules/mod_${_}.so\n";
+}
+
+$OUT .=<<"HERE";
+
+PidFile /var/run/httpd-bkpc.pid
+ScoreBoardFile /var/run/httpd-bkpc.scoreboard
+UseCanonicalName off
+LogFormat "%h %l %u %t \\"%r\\" %>s %b" common
+LogFormat "%{User-agent}i" agent
+
+CustomLog /var/log/httpd/bkpc_access_log common
+
+KeepAlive On
+MaxKeepAliveRequests 100
+KeepAliveTimeout 15
+
+MaxClients 150
+MaxRequestsPerChild 100
+
+ServerName www.$DomainName
+
+MinSpareServers 1
+MaxSpareServers 5
+StartServers 1
+Timeout 300
+
+DefaultIcon /icons/unknown.gif
+DirectoryIndex index.htm index.html index.php index.cgi
+IndexOptions FancyIndexing VersionSort NameWidth=*
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+AccessFileName .htaccess
+
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+TypesConfig /etc/mime.types
+
+AddEncoding x-compress Z
+AddEncoding x-gzip gz
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+AddLanguage en .en
+AddLanguage fr .fr
+AddLanguage de .de
+AddLanguage da .da
+AddLanguage el .el
+AddLanguage it .it
+
+LanguagePriority en fr de
+
+AddType text/html .shtml
+AddType application/x-pkcs7-crl    .crl
+
+AddType application/x-x509-ca-cert .crt
+
+BrowserMatch "Mozilla/2" nokeepalive
+BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+BrowserMatch "RealPlayer 4\.0" force-response-1.0
+BrowserMatch "Java/1\.0" force-response-1.0
+BrowserMatch "JDK/1\.0" force-response-1.0
+
+AddHandler cgi-script .cgi
+AddHandler server-parsed .shtml
+AddHandler imap-file map
+
+DocumentRoot         /usr/share/BackupPC/html
+
+HERE
+}
+

root/etc/e-smith/templates/etc/httpd/bkpc-conf/httpd.conf/85DefaultAccess

@@ -0,0 +1,11 @@
+
+# First, we configure the "default" to be a very restrictive set of 
+# permissions.  
+
+<Directory />
+    Options None
+    AllowOverride None
+    Require all denied
+</Directory>
+
+

root/etc/e-smith/templates/etc/httpd/bkpc-conf/httpd.conf/90BackupPC

@@ -0,0 +1,31 @@
+
+Alias           /BackupPC/images        /usr/share/BackupPC/html/
+ScriptAlias     /BackupPC               /usr/share/BackupPC/sbin/BackupPC_Admin
+
+<Directory /usr/share/BackupPC/html/>
+    Options None
+    AllowOverride None
+    Require ip 127.0.0.1
+</Directory>
+
+<Directory /usr/share/BackupPC/sbin/>
+        Options ExecCGI
+        AllowOverride None
+        AuthName "BackupPC"
+		AuthType Basic
+        TKTAuthLoginURL /server-common/cgi-bin/login
+{
+        my $ManagerTimeout = ${'httpd-admin'}{ManagerTimeout} || "30m";
+        $OUT = "    TKTAuthTimeout $ManagerTimeout\n";
+        my $Cookie = ${'httpd-admin'}{Cookie} || "disabled";
+        $OUT .= "    TKTAuthCookieExpires $ManagerTimeout\n" if "$Cookie" eq "enabled";
+        my $ManagerTimeoutReset = ${'httpd-admin'}{ManagerTimeoutReset} || "0.66";
+        $OUT .= "    TKTAuthTimeoutRefresh $ManagerTimeoutReset\n";
+}
+	<RequireAll>
+	    Require valid-user
+	    Require ip 127.0.0.1
+        </RequireAll>
+</Directory>
+
+

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28BackupPCProxyPass

@@ -0,0 +1,29 @@
+{
+    # vim: ft=perl:
+
+    $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ?  'yes' : 'no';
+
+    $OUT = '';
+    if ((${'backuppc'}{'status'} || 'disabled') eq 'enabled' &&
+        (${'httpd-bkpc'}{'status'} || 'disabled') eq 'enabled'){
+
+		$OUT .= "    RewriteRule ^/backuppc(/.*|\$)    https://%{HTTP_HOST}/BackupPC\$1 [L,R]\n";
+
+        if (($port eq "80") && ($haveSSL eq 'yes')){
+            $OUT .= "    RewriteRule ^/BackupPC(/.*|\$)    https://%{HTTP_HOST}/BackupPC\$1 [L,R]\n";
+        }
+        else{
+            $OUT .= "    ProxyPass /BackupPC http://127.0.0.1:${'httpd-bkpc'}{TCPPort}/BackupPC\n";
+            $OUT .= "    ProxyPassReverse /BackupPC http://127.0.0.1:${'httpd-bkpc'}{TCPPort}/BackupPC\n";
+        }
+
+        $OUT .=<<"HERE";
+
+    <Location /BackupPC>
+        SSLRequireSSL on
+        Require ip $localAccess $externalSSLAccess
+    </Location>
+
+HERE
+    }
+}

root/etc/e-smith/templates/etc/sudoers/00BackupPCAlias

@@ -0,0 +1,7 @@
+{
+$OUT .= "Cmnd_Alias      BACKUPPC_CMD = /usr/share/BackupPC/bin/BackupPC_SME_pre-backup, /etc/rc.d/init.d/backuppc *";
+foreach( split( /[;,]/,( $backuppc{'sudo'} || '' ) ) ){
+    $OUT .= ", $_";
+}
+}
+

root/etc/e-smith/templates/etc/sudoers/20BackupPC

@@ -0,0 +1 @@
+backuppc ALL=(root) NOPASSWD: BACKUPPC_CMD

root/etc/e-smith/templates/etc/updatedb.conf/05BackupPC

@@ -0,0 +1,4 @@
+{
+  $PRUNEPATHS .= " /var/lib/BackupPC ";
+  $OUT ="";
+}

root/etc/e-smith/web/functions/backuppc

@@ -0,0 +1,32 @@
+#!/usr/bin/perl
+#----------------------------------------------------------------------
+# heading     : Administration
+# description : BackupPC
+# navigation  : 4000 4200
+#----------------------------------------------------------------------
+
+use strict;
+use CGI':all';
+use CGI::Carp qw(fatalsToBrowser);
+
+
+BEGIN
+{
+    $ENV {'PATH'} = '/bin:/usr/bin:/sbin';
+    $ENV {'SHELL'} = '/bin/bash';
+    delete $ENV {'ENV'};
+}
+
+
+my $q = new CGI;
+my $content="0; url=https://".$ENV {'HTTP_X_FORWARDED_HOST'}."/BackupPC";
+$q->default_dtd('-//W3C//DTD XHTML 1.0 Transitional//EN');
+
+print $q->header ('text/html');
+print $q->start_html (-head=>meta({-http_equiv=>'refresh', -content=>$content}));
+
+
+
+print $q->end_html;
+
+

root/etc/httpd/bkpc-conf/httpd.conf

@@ -0,0 +1,187 @@
+#------------------------------------------------------------
+#	       !!DO NOT MODIFY THIS FILE!!
+# 
+# Manual changes will be lost when this file is regenerated.
+#
+# Please read the developer's guide, which is available
+# at http://www.contribs.org/development/
+#
+# Copyright (C) 1999-2006 Mitel Networks Corporation
+#------------------------------------------------------------
+
+
+LoadModule auth_tkt_module modules/mod_auth_tkt.so
+TKTAuthSecret "1234"
+
+
+Listen 127.0.0.1:950
+    
+HostnameLookups off
+    
+ServerAdmin admin
+ServerRoot /etc/httpd
+ServerTokens ProductOnly
+    
+User backuppc
+Group backuppc
+    
+ErrorLog /var/log/httpd/bkpc_error_log
+LogLevel warn
+LoadModule env_module modules/mod_env.so
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule negotiation_module modules/mod_negotiation.so
+LoadModule status_module modules/mod_status.so
+LoadModule info_module modules/mod_info.so
+LoadModule include_module modules/mod_include.so
+LoadModule autoindex_module modules/mod_autoindex.so
+LoadModule dir_module modules/mod_dir.so
+LoadModule asis_module modules/mod_asis.so
+LoadModule imap_module modules/mod_imap.so
+LoadModule actions_module modules/mod_actions.so
+LoadModule userdir_module modules/mod_userdir.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule alias_module modules/mod_alias.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule access_module modules/mod_access.so
+LoadModule auth_module modules/mod_auth.so
+LoadModule auth_anon_module modules/mod_auth_anon.so
+LoadModule auth_digest_module modules/mod_auth_digest.so
+LoadModule expires_module modules/mod_expires.so
+LoadModule headers_module modules/mod_headers.so
+LoadModule usertrack_module modules/mod_usertrack.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule cgi_module modules/mod_cgi.so
+
+LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
+LoadModule unixd_module modules/mod_unixd.so
+LoadModule authn_core_module modules/mod_authn_core.so
+LoadModule : modules/mod_authz_core.so
+
+
+PidFile /var/run/httpd-bkpc.pid
+ScoreBoardFile /var/run/httpd-bkpc.scoreboard
+UseCanonicalName off
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+LogFormat "%{User-agent}i" agent
+
+CustomLog /var/log/httpd/bkpc_access_log common
+
+KeepAlive On
+MaxKeepAliveRequests 100
+KeepAliveTimeout 15
+
+MaxClients 150
+MaxRequestsPerChild 100
+
+ServerName www.domain.tld
+
+MinSpareServers 1
+MaxSpareServers 5
+StartServers 1
+Timeout 300
+
+DefaultIcon /icons/unknown.gif
+DirectoryIndex index.htm index.html index.php index.cgi
+IndexOptions FancyIndexing VersionSort NameWidth=*
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+AccessFileName .htaccess
+
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+DefaultType text/plain
+TypesConfig /etc/mime.types
+
+AddEncoding x-compress Z
+AddEncoding x-gzip gz
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+AddLanguage en .en
+AddLanguage fr .fr
+AddLanguage de .de
+AddLanguage da .da
+AddLanguage el .el
+AddLanguage it .it
+
+LanguagePriority en fr de
+
+AddType text/html .shtml
+AddType application/x-pkcs7-crl    .crl
+
+AddType application/x-x509-ca-cert .crt
+
+BrowserMatch "Mozilla/2" nokeepalive
+BrowserMatch "MSIE 4.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+BrowserMatch "RealPlayer 4.0" force-response-1.0
+BrowserMatch "Java/1.0" force-response-1.0
+BrowserMatch "JDK/1.0" force-response-1.0
+
+AddHandler cgi-script .cgi
+AddHandler server-parsed .shtml
+AddHandler imap-file map
+
+DocumentRoot         /usr/share/BackupPC/html
+
+
+
+
+# First, we configure the "default" to be a very restrictive set of 
+# permissions.  
+
+<Directory />
+    Options None
+    AllowOverride None
+    Require all denied
+</Directory>
+
+
+
+Alias           /BackupPC/images        /usr/share/BackupPC/html/
+ScriptAlias     /BackupPC               /usr/share/BackupPC/sbin/BackupPC_Admin
+
+<Directory /usr/share/BackupPC/html/>
+    Options None
+    AllowOverride None
+    Require ip 127.0.0.1
+</Directory>
+
+<Directory /usr/share/BackupPC/sbin/>
+        Options ExecCGI
+        AllowOverride None
+        AuthName "BackupPC"
+        AuthType Basic
+        TKTAuthLoginURL /server-common/cgi-bin/login
+        SetEnv IMGHDR_SRC "/server-common/server-manager.jpg"
+        <RequireAll>
+          Require valid-user
+          Require ip 127.0.0.1
+        </RequireAll>
+</Directory>
+
+