├── doc
    ├── img
    │   ├── gzip-9.png
    │   ├── lzma-9.png
    │   ├── bzip2-9.png
    │   └── pbzip2-9.png
    ├── ENCRYPTION.md
    ├── EXAMPLES.md
    ├── REQUIREMENTS.md
    ├── INSTALL.md
    ├── SECURITY.md
    ├── COMPRESSION.md
    └── SETUP.md
├── test
    ├── data
    │   ├── db
    │   │   ├── db_mds.sql.bz2
    │   │   ├── db_InnoDB_only.sql.bz2
    │   │   ├── db_MyISAM_only.sql.bz2
    │   │   └── db_InnoDB_and_MyISAM.sql.bz2
    │   ├── my-default.cnf
    │   ├── certs
    │   │   ├── mysql.client-req.pem
    │   │   ├── mysql.server-req.pem
    │   │   ├── mysql.client-cert.pem
    │   │   ├── mysql.server-cert.pem
    │   │   ├── mysqldump-secure.pub.pem
    │   │   ├── mysql.ca.pem
    │   │   ├── mysql.ca-key.pem
    │   │   ├── mysql.client-key.pem
    │   │   ├── mysql.server-key.pem
    │   │   └── mysqldump-secure.priv.pem
    │   ├── my-master.cnf
    │   └── my-slave.cnf
    ├── README.md
    ├── 99-uninstall.sh
    ├── 12-check_misc_settings.sh
    ├── 11-check_info_file.sh
    ├── 00-install.sh
    ├── 02-check_output_dirs.sh
    ├── 01-check_normal-operation.sh
    ├── 03-check_connection_settings.sh
    ├── 06-check_logging.sh
    ├── 08-check_encryption.sh
    ├── 05-check_consistency_settings.sh
    └── 10-check_nagios_log.sh
├── .gitmodules
├── bin
    ├── create-keypair.sh
    ├── encrypt.sh
    └── decrypt.sh
├── .editorconfig
├── etc
    └── mysqldump-secure.cnf
├── composer.json
├── .gitignore
├── CONTRIBUTING.md
├── .travis.yml
├── configure
├── man
    └── mysqldump-secure.1
├── Makefile
├── CHANGELOG.md
└── README.md


/doc/img/gzip-9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/gzip-9.png


--------------------------------------------------------------------------------
/doc/img/lzma-9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/lzma-9.png


--------------------------------------------------------------------------------
/doc/img/bzip2-9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/bzip2-9.png


--------------------------------------------------------------------------------
/doc/img/pbzip2-9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/pbzip2-9.png


--------------------------------------------------------------------------------
/test/data/db/db_mds.sql.bz2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/test/data/db/db_mds.sql.bz2


--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "nagios"]
2 | 	path = nagios
3 | 	url = https://github.com/cytopia/check_mysqldump-secure.git
4 | 
5 | 


--------------------------------------------------------------------------------
/test/data/db/db_InnoDB_only.sql.bz2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/test/data/db/db_InnoDB_only.sql.bz2


--------------------------------------------------------------------------------
/test/data/db/db_MyISAM_only.sql.bz2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/test/data/db/db_MyISAM_only.sql.bz2


--------------------------------------------------------------------------------
/test/data/db/db_InnoDB_and_MyISAM.sql.bz2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/test/data/db/db_InnoDB_and_MyISAM.sql.bz2


--------------------------------------------------------------------------------
/test/data/my-default.cnf:
--------------------------------------------------------------------------------
 1 | #
 2 | # This group is read both both by the client and the server
 3 | # use it for options that affect everything
 4 | #
 5 | [client-server]
 6 | 
 7 | #
 8 | # include all files from the config directory
 9 | #
10 | !includedir /usr/local/etc/my.cnf.d
11 | 
12 | 


--------------------------------------------------------------------------------
/bin/create-keypair.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | #
 3 | # Create 2048 bit public/private keypair
 4 | 
 5 | openssl req -x509 -nodes -newkey rsa:2048 \
 6 | 	-keyout mysqldump-secure.priv.pem \
 7 | 	-out mysqldump-secure.pub.pem
 8 | 
 9 | if [ $? -ne 0 ]; then
10 | 	exit 1
11 | else
12 | 	exit 0
13 | fi
14 | 


--------------------------------------------------------------------------------
/test/README.md:
--------------------------------------------------------------------------------
 1 | # Automated Tests
 2 | 
 3 | * use `00-install.sh` to install a mysql master/slave combination.
 4 | * use `99-uninstall.sh` to remove everything.
 5 | * use `XX-check_xxx.sh` to run a specific test.
 6 | 
 7 | All tests are run by `travis-ci` after every push.
 8 | 
 9 | You can also run the tests locally. They work on Linux and OSX.
10 | 


--------------------------------------------------------------------------------
/.editorconfig:
--------------------------------------------------------------------------------
 1 | # @see     http://editorconfig.org/
 2 | # @version 0.2
 3 | # @date    2015-11-02
 4 | 
 5 | # This is the top-most .editorconfig file; do not search in parent directories.
 6 | root = true
 7 | 
 8 | # All files.
 9 | [*]
10 | charset = utf-8
11 | end_of_line = LF
12 | indent_style = tab
13 | indent_size = 4
14 | trim_trailing_whitespace = true
15 | insert_final_newline = true
16 | 


--------------------------------------------------------------------------------
/bin/encrypt.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | usage() {
 4 | 	echo "Usage: ${0} pubkey inputfile"
 5 | }
 6 | 
 7 | 
 8 | if [ $# -ne 2 ]; then
 9 | 	echo "Invalid number of arguments."
10 | 	usage
11 | 	exit 1
12 | fi
13 | if [ ! -f "${1}" ]; then
14 | 	echo "pubkey ${1} not found,"
15 | 	usage
16 | 	exit 1
17 | fi
18 | if [ ! -f "${2}" ]; then
19 | 	echo "inputfile ${2} not found,"
20 | 	usage
21 | 	exit 1
22 | fi
23 | 
24 | 
25 | openssl smime -encrypt -binary -text -aes256 \
26 | 	-in "${2}" \
27 | 	-out "${2}.enc" \
28 | 	-outform DER "${1}"
29 | 
30 | if [ $? -ne 0 ]; then
31 | 	exit 1
32 | else
33 | 	exit 0
34 | fi
35 | 
36 | 


--------------------------------------------------------------------------------
/etc/mysqldump-secure.cnf:
--------------------------------------------------------------------------------
 1 | ; Mysqldump-secure database connection configuration
 2 | ;
 3 | ; Allowed sections: '[client]'
 4 | ; Allowed directives: 'host', 'port', 'user', 'password' and 'socket'
 5 | ; All other configuration is done via mysqldump-secure.conf
 6 | ;
 7 | ; Make sure to change user and password!
 8 | [client]
 9 | host = localhost
10 | port = 3306
11 | user = readonlyrootuser
12 | password = "verySecurePasswordWith$%&SpecialChars"
13 | 
14 | ; When you connect through localhost (via sockets)
15 | ; you can specify an alternative path of the
16 | ; mysql.sock (If it is not in the default location)
17 | #socket = /var/lib/mysql/mysql.sock
18 | 


--------------------------------------------------------------------------------
/composer.json:
--------------------------------------------------------------------------------
 1 | {
 2 | 	"name": "cytopia/mysqldump-secure",
 3 | 	"description": "Secure mysqldump script with encryption, compression, logging, blacklisting and Nagios monitoring integration",
 4 | 	"type": "library",
 5 | 	"keywords": ["backup", "mysqldump", "export", "dump", "mysql", "database", "encryption"],
 6 | 	"homepage": "https://github.com/cytopia/mysqldump-secure",
 7 | 	"license": "MIT",
 8 | 	"authors": [
 9 | 		{
10 | 			"name" : "cytopia",
11 | 			"homepage": "http://mysqldump-secure.org",
12 | 			"role": "Developer"
13 | 		}
14 | 	],
15 | 	"suggest": {
16 | 		"cytopia/check_mysqldump-secure": "Nagios Plugin to monitor mysqldump database backups."
17 | 	}
18 | }
19 | 


--------------------------------------------------------------------------------
/bin/decrypt.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | usage() {
 4 | 	echo "Usage: ${0} privkey encryptedfile"
 5 | }
 6 | 
 7 | 
 8 | if [ $# -ne 2 ]; then
 9 | 	echo "Invalid number of arguments."
10 | 	usage
11 | 	exit 1
12 | fi
13 | if [ ! -f "${1}" ]; then
14 | 	echo "privkey ${1} not found,"
15 | 	usage
16 | 	exit 1
17 | fi
18 | if [ ! -f "${2}" ]; then
19 | 	echo "encryptedfile ${2} not found,"
20 | 	usage
21 | 	exit 1
22 | fi
23 | 
24 | case "${2}" in
25 | 	*.enc)	OUT_FILENAME="$(basename "${2}" .enc)";;
26 | 	*)		OUT_FILENAME="${2}.decrypted"
27 | esac
28 | 
29 | openssl smime -decrypt \
30 | 	-in "${2}" \
31 | 	-binary -inform DEM \
32 | 	-inkey "${1}" \
33 | 	-out "${OUT_FILENAME}"
34 | 
35 | if [ $? -ne 0 ]; then
36 | 	exit 1
37 | else
38 | 	exit 0
39 | fi
40 | 
41 | 


--------------------------------------------------------------------------------
/test/99-uninstall.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | ERROR=0
 4 | 
 5 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 6 | . "${DIR}/config"
 7 | 
 8 | 
 9 | 
10 | ################################################################################
11 | #
12 | # mysqldump-secure installation
13 | #
14 | ################################################################################
15 | 
16 | 
17 | #
18 | # Kill servers
19 | #
20 | PID_SLAVE="$(sudo cat ${_INSTALL_PREFIX}/var/mysql-slave/*.pid)"
21 | PID_MASTER="$(sudo cat ${_INSTALL_PREFIX}/var/mysql-master/*.pid)"
22 | 
23 | sudo kill ${PID_SLAVE}
24 | sudo kill ${PID_MASTER}
25 | 
26 | 
27 | #
28 | # Remove existing directories
29 | #
30 | sudo rm -rif ${_INSTALL_PREFIX}
31 | 
32 | 
33 | 
34 | exit $ERROR
35 | 


--------------------------------------------------------------------------------
/test/data/certs/mysql.client-req.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE REQUEST-----
 2 | MIICmzCCAYMCAQAwVjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
 3 | ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAxMGQ2xp
 4 | ZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Jh28gPoaw7E1sCj
 5 | QLAgjLyR9BhmxR6Ohbf67CatvMC7+gk+bkxnIn8QqOpDjxPaEjKNxXeqbvXrRcDw
 6 | e8yG0URVyavUor4OT69HMqmVOUPO4nUv53esmXVxwnrEylcXeOzpQjBb6J9L688P
 7 | 2UEOjWWV4sH0inBbLkOs5mbCTVVsFv3kRKgVRPLWZVwVR2hL96n3hC+veyYbFNEx
 8 | JtScZLrAJgqgB98taRoUxiFA/84bc0p8ppMltPbkkWaP7k7Q6dFeR/dZPH+q8Eka
 9 | D77tO0dyFh98y1yBalqIk4IVQve0s3arWqQ1OCY0zQfvqrSJD+hdm4ErBGs5p9CT
10 | P/4sYQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAAtRYabhCNSVtmV0v/O7jri/
11 | ljzHlz+AZPp8OCBmVQAAIftw9vFS+k1auzUJrzjJPkR7AclSu48lhX6yhdLBh2Pz
12 | JzlwqlfdjiJRRwg3K60PUcelrLQsPKcU/oSR2fiBkRyruUZihNd+Y2YZP/MKxzjI
13 | Fka/ygNxYF5rr2VLOyDHQAK4YwDz5lrHjKB5WZkW5qGsKkyTo1e/+TCGVeGzaxuL
14 | si1mdMy7F0ac7R1zmv1ZlXQv3kfuFlficPqJxb9Q2WwjkfGj5bUtlWacqTqWQQY0
15 | RdxwW9b/R3MDS6BXOL8ufO18kYc/H0xpjS61Cz8vYCfX7aB9pcbhhW0WlBSDcUU=
16 | -----END CERTIFICATE REQUEST-----
17 | 


--------------------------------------------------------------------------------
/test/data/certs/mysql.server-req.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE REQUEST-----
 2 | MIICmzCCAYMCAQAwVjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
 3 | ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAxMGU2Vy
 4 | dmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2voDxFO25CrYsf4
 5 | VLvDYx5khsGWYlzIHCXSO1O6Bmg8VxK3q3znYGcLwtJ+aOz2azDNkYj+ruCqezUT
 6 | HalGyKDTL+YXc8MB+tonFG3ka8y3JIF2EIwhkoP2+yYn2osgZM0wnJ5aJ185G/qL
 7 | UbqJuSUi/4I8rJWC0N8DO2tTJ0bVAnVgAPCpkmWt2HN9qQrrNhDzvXxyt2aaUk+o
 8 | yTpaw2vIrJdovv5yk2STRhoB3yT+Coetu0HusedVtoUghsd7hD5+ebyYAInQZURa
 9 | 4582GcM7D8UwFaM8/SVjAWuqAFWqsvhqWqzuEr6H6FCneMoplPs185n23DGYnsER
10 | WCw21wIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAI+/A7eA6qg1tKRP/rvRMaww
11 | pA8HaKA7ryHGNv6Av+ldhlCzWJlIQY8/m9IjW/LY0dOMu9sIwn/gZGQ4KSByqXlH
12 | /3+n3j+GwClRIz5OnZv7ic0BNGedfyOXiy7WhvsE2RfcN6maiIZ6Ule6tulY2vFR
13 | ZaycYEFCYeK8NQvSy/7po5vlRpk1sT6F477W/ZDpeAbodOl1BWQgvdj6xyjna7kb
14 | Xef1YphflSaiZcWz+wCIQAAenSt2errZwITz5WJoH4sPnUwaMx5eQ31wsRIvhAiw
15 | hvaEBaN6yjdNZNctPp2N3AEBDfQTRBFJiZEhBTbZp9MYnirpUKYP/VB1a9xTSC0=
16 | -----END CERTIFICATE REQUEST-----
17 | 


--------------------------------------------------------------------------------
/test/data/my-master.cnf:
--------------------------------------------------------------------------------
 1 | [mysqld]
 2 | 
 3 | #
 4 | # User
 5 | #
 6 | user		= root
 7 | 
 8 | 
 9 | #
10 | # Networking
11 | #
12 | port		= ##SQL_MASTER_PORT##
13 | bind-address= 0.0.0.0
14 | socket		= ##_INSTALL_PREFIX##/var/log/mysql-master/mysql.sock
15 | 
16 | 
17 | #
18 | # Enable SSL
19 | #
20 | ssl
21 | ssl-ca		= ##_INSTALL_PREFIX##/etc/mysql.ca.pem
22 | ssl-cert	= ##_INSTALL_PREFIX##/etc/mysql.server-cert.pem
23 | ssl-key		= ##_INSTALL_PREFIX##/etc/mysql.server-key.pem
24 | 
25 | 
26 | #
27 | # Database files
28 | #
29 | datadir		= ##_INSTALL_PREFIX##/var/mysql-master
30 | 
31 | 
32 | #
33 | # REPLICATION (MASTER)
34 | #
35 | server-id	= 1
36 | log_bin		= ##_INSTALL_PREFIX##/var/log/mysql-master/mysql-bin.log
37 | 
38 | #
39 | # Logging
40 | #
41 | general_log_file				= ##_INSTALL_PREFIX##/var/log/mysql-master/mysql.log
42 | slow-query-log-file				= ##_INSTALL_PREFIX##/var/log/mysql-master/slow.log
43 | log-error						= ##_INSTALL_PREFIX##/var/log/mysql-master/error.log
44 | log-queries-not-using-indexes	= 1
45 | long_query_time					= 1
46 | slow-query-log					= 1
47 | 
48 | 
49 | #
50 | # Misc
51 | #
52 | lower_case_table_names = 2


--------------------------------------------------------------------------------
/test/data/certs/mysql.client-cert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDHDCCAgQCAQEwDQYJKoZIhvcNAQEFBQAwUjELMAkGA1UEBhMCQVUxEzARBgNV
 3 | BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
 4 | ZDELMAkGA1UEAxMCQ0EwHhcNMTYwMjIyMTQxODMxWhcNMjUxMjMxMTQxODMxWjBW
 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ8wDQYDVQQDEwZDbGllbnQwggEiMA0GCSqG
 7 | SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcmHbyA+hrDsTWwKNAsCCMvJH0GGbFHo6F
 8 | t/rsJq28wLv6CT5uTGcifxCo6kOPE9oSMo3Fd6pu9etFwPB7zIbRRFXJq9Sivg5P
 9 | r0cyqZU5Q87idS/nd6yZdXHCesTKVxd47OlCMFvon0vrzw/ZQQ6NZZXiwfSKcFsu
10 | Q6zmZsJNVWwW/eREqBVE8tZlXBVHaEv3qfeEL697JhsU0TEm1JxkusAmCqAH3y1p
11 | GhTGIUD/zhtzSnymkyW09uSRZo/uTtDp0V5H91k8f6rwSRoPvu07R3IWH3zLXIFq
12 | WoiTghVC97SzdqtapDU4JjTNB++qtIkP6F2bgSsEazmn0JM//ixhAgMBAAEwDQYJ
13 | KoZIhvcNAQEFBQADggEBAFn5n3dojG9qnBbgppw3cR2KWNPRmLUfJTK3OIJA9o3g
14 | 4Dwf9I5+lmqUS6iWSAd+z1L0mbvaKipKYyL2DLKB8wHNI+mA9k2kj7L9+5PSW0mC
15 | v2KPQjCM6fxY3w/Bjuh39NhV2rFoKlSsw+rPZGRbxKoN7BoOGUX1SyeTbmJrR2ui
16 | bQB4nUEWUkyfZ5XG2K+t7LUCUAI8LSy8RKUzSlE+lEk20VqjcIkfCDA3UszncG76
17 | 55obvege3rxZU42apo+wAtRaUape/UakFFBs2CWOSfeQvvEiICMX9bM9Lo612aVO
18 | xG1S0aUOwt+Dv3DoPxGBO0pdY3PixO2uA8jTaR4mgyc=
19 | -----END CERTIFICATE-----
20 | 


--------------------------------------------------------------------------------
/test/data/certs/mysql.server-cert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDHDCCAgQCAQEwDQYJKoZIhvcNAQEFBQAwUjELMAkGA1UEBhMCQVUxEzARBgNV
 3 | BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
 4 | ZDELMAkGA1UEAxMCQ0EwHhcNMTYwMjIyMTQxODA2WhcNMjUxMjMxMTQxODA2WjBW
 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ8wDQYDVQQDEwZTZXJ2ZXIwggEiMA0GCSqG
 7 | SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3a+gPEU7bkKtix/hUu8NjHmSGwZZiXMgc
 8 | JdI7U7oGaDxXErerfOdgZwvC0n5o7PZrMM2RiP6u4Kp7NRMdqUbIoNMv5hdzwwH6
 9 | 2icUbeRrzLckgXYQjCGSg/b7JifaiyBkzTCcnlonXzkb+otRuom5JSL/gjyslYLQ
10 | 3wM7a1MnRtUCdWAA8KmSZa3Yc32pCus2EPO9fHK3ZppST6jJOlrDa8isl2i+/nKT
11 | ZJNGGgHfJP4Kh627Qe6x51W2hSCGx3uEPn55vJgAidBlRFrjnzYZwzsPxTAVozz9
12 | JWMBa6oAVaqy+GparO4SvofoUKd4yimU+zXzmfbcMZiewRFYLDbXAgMBAAEwDQYJ
13 | KoZIhvcNAQEFBQADggEBAIPiqCpXPDl8BOx5D6TV13j7mWGu0T3qy0RYxFuFf5iq
14 | 6iJEcyXn5EpWw4feK1XtrOxMgQOnsMzauWFbtJP7hQug/0BdApGXkcuotsXJvU6x
15 | CE8y3mbLXn4vdQ3xmR1HO0sSx8ZoVnpndQ3YMiMqeME+iCllGmw8YgTeoCHXYR8h
16 | QTtLJ4VfsZs88fhG0p3ZDC3p/jk0wiq0XEWQXawCtbJByyyldzYRgL0x6qe5imYT
17 | E87FZQXI4HcaFHlD6bT6Af7dvv7W71JdNLNjuqjD3FA/4SBVg07w53odCaU/+3d3
18 | kjW4wSnseeI3p11DgAg0xW7sNzmCGdXF3NMPfFxNNvE=
19 | -----END CERTIFICATE-----
20 | 


--------------------------------------------------------------------------------
/test/data/my-slave.cnf:
--------------------------------------------------------------------------------
 1 | [mysqld]
 2 | 
 3 | #
 4 | # User
 5 | #
 6 | user		= root
 7 | 
 8 | 
 9 | #
10 | # Networking
11 | #
12 | port		= ##SQL_SLAVE_PORT##
13 | bind-address= 0.0.0.0
14 | socket		= ##_INSTALL_PREFIX##/var/log/mysql-slave/mysql.sock
15 | 
16 | 
17 | #
18 | # Enable SSL
19 | #
20 | ssl
21 | ssl-ca		= ##_INSTALL_PREFIX##/etc/mysql.ca.pem
22 | ssl-cert	= ##_INSTALL_PREFIX##/etc/mysql.server-cert.pem
23 | ssl-key		= ##_INSTALL_PREFIX##/etc/mysql.server-key.pem
24 | 
25 | 
26 | #
27 | # Database files
28 | #
29 | datadir		= ##_INSTALL_PREFIX##/var/mysql-slave
30 | 
31 | 
32 | #
33 | # REPLICATION (SLAVE)
34 | #
35 | server-id	= 2
36 | log_bin		= ##_INSTALL_PREFIX##/var/log/mysql-slave/mysql-bin.log
37 | relay-log	= ##_INSTALL_PREFIX##/var/log/mysql-slave/mysql-relay-bin.log
38 | replicate-ignore-db = mysql
39 | replicate-ignore-db = test
40 | 
41 | 
42 | #
43 | # Logging
44 | #
45 | general_log_file				= ##_INSTALL_PREFIX##/var/log/mysql-slave/mysql.log
46 | slow-query-log-file				= ##_INSTALL_PREFIX##/var/log/mysql-slave/slow.log
47 | log-error						= ##_INSTALL_PREFIX##/var/log/mysql-slave/error.log
48 | log-queries-not-using-indexes	= 1
49 | long_query_time					= 1
50 | slow-query-log					= 1
51 | 
52 | 
53 | #
54 | # Misc
55 | #
56 | lower_case_table_names = 2


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | ######################################
 2 | # CUSTOM
 3 | ######################################
 4 | 
 5 | build/*
 6 | configure.in
 7 | Makefile.in
 8 | 
 9 | 
10 | ######################################
11 | # GENERIC
12 | ######################################
13 | 
14 | ###### std ######
15 | .lock
16 | *.log
17 | 
18 | ###### patches/diffs ######
19 | *.patch
20 | *.diff
21 | *.orig
22 | *.rej
23 | 
24 | 
25 | ######################################
26 | # Operating Systems
27 | ######################################
28 | 
29 | ###### OSX ######
30 | ._*
31 | .DS*
32 | .Spotlight-V100
33 | .Trashes
34 | 
35 | ###### Windows ######
36 | Thumbs.db
37 | ehthumbs.db
38 | Desktop.ini
39 | $RECYCLE.BIN/
40 | *.lnk
41 | 
42 | 
43 | ######################################
44 | # Editors
45 | ######################################
46 | 
47 | ###### Sublime ######
48 | *.sublime-workspace
49 | *.sublime-project
50 | 
51 | ###### Eclipse ######
52 | .classpath
53 | .buildpath
54 | .project
55 | .settings/
56 | 
57 | ###### Netbeans ######
58 | nbproject/private/
59 | 
60 | ###### Intellij IDE ######
61 | .idea/
62 | .idea_modules/
63 | 
64 | ###### vim ######
65 | *.swp
66 | *.swo
67 | *~
68 | 
69 | ###### TextMate ######
70 | .tm_properties
71 | *.tmproj
72 | 
73 | ###### BBEdit ######
74 | *.bbprojectd
75 | *.bbproject
76 | 


--------------------------------------------------------------------------------
/test/data/certs/mysqldump-secure.pub.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDtTCCAp2gAwIBAgIJAJQOuVB4k5lCMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 3 | BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
 4 | aWRnaXRzIFB0eSBMdGQwHhcNMTYwMjE5MTExNTU1WhcNMTYwMzIwMTExNTU1WjBF
 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
 7 | CgKCAQEA8xRa0SF12Kmc50Y1Oongzrrd1XB18qcdKdjRTmV3PApx6FD4FNtkyNfq
 8 | dmulHS036s+dsDrxVfkDX1SACJvCyZsgCQUVADphCE4ku1DyhsMAltq8JcB3+UBv
 9 | KvQLZAujttFcZzcUNQ9BUQTiYWtWpSxCYSzmIHUSt9jF3ugJa6YcXKmYycX91nPc
10 | ipkC5NvKWQCcTC6lZbmKWUz7T2ywfMm0JrK/PwM/HNoHhgnXnNGxnAnYn0zFIjS+
11 | 2e+E3hPlxqB6LibuzZsizcbQFiEN1wB/5gttf4GLM06DYxuEQZT3bjOmDituBwK5
12 | ZB4hAxJJbXCAF9I37mWLPI6P2V772wIDAQABo4GnMIGkMB0GA1UdDgQWBBQ0ckWB
13 | Nzp2yxgjm50fU6/+rbe3jjB1BgNVHSMEbjBsgBQ0ckWBNzp2yxgjm50fU6/+rbe3
14 | jqFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
15 | BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJQOuVB4k5lCMAwGA1UdEwQF
16 | MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADcXkXhDrMaVFGWfMDmMgQCcuaY3ZdJG
17 | pYsDrNE8pB5Fd2PUpwazniR5LSWLKgwuqlYgwoGq0D0SgAY3YLUZjvb+tyDjCILR
18 | 1mP4TPt/C/FLZ98vanCgmr7oTjlhxhG2qZOV2y1BeV/zJWM8qUKaHnETgj/jS/NT
19 | MrQTziLNU/YMkyvAAFU1WAnecSrogLNOnEBatKW9PXHEvXzaYUY83qEJXmAohSoH
20 | DsdGbTNQwKdluOlY5kb3DlvuMQKf5O4vAxvXEUTtINPPpBm72SOx7rZ4h5oW8Ux7
21 | 9s3egMyItqqTLxwKVHamdsC+G91QZ/Bvi0nN/Z6Qyik/lT3V5+i2DT0=
22 | -----END CERTIFICATE-----
23 | 


--------------------------------------------------------------------------------
/test/data/certs/mysql.ca.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIID3TCCAsWgAwIBAgIJAN5g9uNiKweDMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
 3 | BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
 4 | aWRnaXRzIFB0eSBMdGQxCzAJBgNVBAMTAkNBMB4XDTE2MDIyMjE0MTc0M1oXDTI1
 5 | MTIzMTE0MTc0M1owUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
 6 | ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
 7 | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzSOlyXOaW0uir5slnXBcC
 8 | j44zmsfHaKTuM3hOmftynpctIClB/FnErBOm1jb05dNXyVB2Fkddd3IAsULCPADh
 9 | mUkTMU7FAM6gxoMS9FRlQqQYc+j9oF0nasmxlZ72MTOEhC3/vKKfr8zqjw0dzlnR
10 | HeWSsFhg46TCmeydtUNOeDZth6U9BKGRBMgsmQnVZBg1VD214+rbqba7Lb8CkQt/
11 | uOJYDfSNI9/D4OG2tvMN70FESkTZtlk0X958WqsDDbgcy9C4J6GiLHrY5vF8btvt
12 | nWzTO4/pEbpmGl1vsYxRfS5jI1FZigP9WM0o1VVi4ylmhyhrnUE84FFQXksjtY9t
13 | AgMBAAGjgbUwgbIwHQYDVR0OBBYEFLbHdAG4C09XCn7GvZSjtTOu7WMZMIGCBgNV
14 | HSMEezB5gBS2x3QBuAtPVwp+xr2Uo7Uzru1jGaFWpFQwUjELMAkGA1UEBhMCQVUx
15 | EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMg
16 | UHR5IEx0ZDELMAkGA1UEAxMCQ0GCCQDeYPbjYisHgzAMBgNVHRMEBTADAQH/MA0G
17 | CSqGSIb3DQEBBQUAA4IBAQCfDlVmUgtnoEHGTbW8wrx6+fJszy30jOg715URhwTA
18 | Kg9jvGcjFzfD/G47sqqIqv022FQdIKweE6yoQJuq50cYZmV5v5sVrylu9hYHqOqF
19 | TXDPk7F5pGF3edszVVoSWRQereE9KF5c4DpA4elw0w5tfo+mlsuu5cRnamtkrvTy
20 | KZzEMrXl2d+/5aoNJNtROuSdL8skEmz+kYs2q3tU1Vl498SU3Y3OTMW8HK3fOX8q
21 | z0yg1vOeNhfbGVI6u7MvWYwfmCPcegJxrWf4ZvmHJLHndeB4dkyfH/xuZxNMtP7K
22 | 5e0wZFPV0QOIB7YoLApwUp70pEekRry/nAILIrOfZB+d
23 | -----END CERTIFICATE-----
24 | 


--------------------------------------------------------------------------------
/doc/ENCRYPTION.md:
--------------------------------------------------------------------------------
 1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
 2 | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) |
 3 | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) |
 4 | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) |
 5 | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) |
 6 | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) |
 7 | Encryption |
 8 | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) |
 9 | [Contributing](https://github.com/cytopia/mysqldump-secure/blob/master/CONTRIBUTING.md)
10 | 
11 | ---
12 | 
13 | 
14 | # Encryption/Decrption
15 | 
16 | ## Create public/private key
17 | 
18 | In order to initially generate the public/private keys, use the bundles shell script [create-keypair.sh](https://github.com/cytopia/mysqldump-secure/blob/master/bin/create-keypair.sh). This creates a 2048bit pair as follows:
19 | ```shell
20 | openssl req -x509 -nodes -newkey rsa:2048 \
21 | 	-keyout mysqldump-secure.priv.pem \
22 | 	-out mysqldump-secure.pub.pem
23 | ```
24 | 
25 | ## Key performance
26 | 
27 | You can test the performance on your target machine yourself with:
28 | ```shell
29 | openssl speed rsa512
30 | ```
31 | 
32 | Values on my machine are
33 | 
34 | |               | rsa 512  | rsa 1024 | rsa 2048 | rsa 4096 |
35 | |---------------|---------:|---------:|---------:|---------:|
36 | | # of sign/s   |  6,878.4 |  2,075.8 |    398.8 |     66.4 |
37 | | # of verify/s | 99,898.4 | 42,966.3 | 15,396.4 |  4,751.5 |
38 | 


--------------------------------------------------------------------------------
/test/data/certs/mysql.ca-key.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN RSA PRIVATE KEY-----
 2 | MIIEpAIBAAKCAQEAs0jpclzmltLoq+bJZ1wXAo+OM5rHx2ik7jN4Tpn7cp6XLSAp
 3 | QfxZxKwTptY29OXTV8lQdhZHXXdyALFCwjwA4ZlJEzFOxQDOoMaDEvRUZUKkGHPo
 4 | /aBdJ2rJsZWe9jEzhIQt/7yin6/M6o8NHc5Z0R3lkrBYYOOkwpnsnbVDTng2bYel
 5 | PQShkQTILJkJ1WQYNVQ9tePq26m2uy2/ApELf7jiWA30jSPfw+DhtrbzDe9BREpE
 6 | 2bZZNF/efFqrAw24HMvQuCehoix62ObxfG7b7Z1s0zuP6RG6Zhpdb7GMUX0uYyNR
 7 | WYoD/VjNKNVVYuMpZocoa51BPOBRUF5LI7WPbQIDAQABAoIBAGjArUXY6hIt4Syv
 8 | h/YQZJFmd1vHj/r/NX7IK/8hET4DU6lWJUUcwQac1E6i0zF8J2QfiBe3JLOD2uR0
 9 | reD3Vjx6Z6wDH1cUBacC1gr5H2aa7W4sK3IlhMhHKNnN5jdKwCMpaAcInKxY944F
10 | T1CfBPOeWEjBKKJT4Cyj6xCqnEz4DcgyqhvRmW0PYswLg69mwrsn9ZhnFugglDt7
11 | xkx5K0aBfS46N2+DhribuuQGL89U1wfNPdPUSNnx2FQxQyKyBa2nuqjf2ZkI2cFQ
12 | xSyS1V7eNQIJ/ef6qtJF9jnwCYf+CbREEjzv3q0uohnb0jsNF03RHXKgZRIe11kz
13 | M2RjXAECgYEA24VHm01C0qArs+dIDYeDPj9OXfK4mXXpzDi4ignqDDgSV8rO92zv
14 | yCGDXijJUq2vaFsFCaeBRqtKtNbQiISEFFEavSByoF/WNXbDzRwH/FSFO61YgKxx
15 | XodiS3ybmip+FT3xMCbC85kLpg/R/41cklyuPIYw/GGQes1b1tbydC0CgYEA0RPx
16 | gl2I0Cc1clNk1HB3SXY7dbOgqnraOke7jYnq8zHZzrf7zVOU4gro3oFTWorzq6+4
17 | WBjQrciu/laBty3uDZa05gU5mfMH7Ogfuq8F3h2oJPO50uuznvxe2xpGMRo+VNgx
18 | r2DQIdIKkftREsXi4yBceD1B9yDC2E2doio4UEECgYEAwoXWMD5EipQ4ZdD6vlJo
19 | 8E30ybd98S7VoIxaqqeiaHV/e6BRylsUF8nquRN3YvZZyyVsz2NJYTAEoT8Bxxd2
20 | WvKLuS/5ozeJgBLf6u99/BGBhqJTHKKyS0u4xJ+E2xXwaC5dfYe7lVT3R44ZTlUb
21 | xO6vzx4yZlKmTsuPKE+MxXkCgYBmxr75rrEKYbvML2Jpa7+3xP8FpP9dznZoH8r6
22 | kMmGMwM2swp8rJGLbIF8n2YyJAwUYZTk+Y3bX8NmE3BAc7uJwoO6bucZ3nYO5yxx
23 | wIfJ4Bo/z++Q13y8sqKOYiQPDy+E1aHW7Ghjt7SqfjgkWlJmBApwsOw0Z05gtga/
24 | KLH2AQKBgQDZcopNpjjNsj0zfXSau0ncdysZffHqvvD3b8q+FawbZbrOUawks4xs
25 | DCPTdt18X2MpKuBsTiUalcUBqL3mxOWBs9dzToSfw+cu0v+wjuhVM7PSjhCclunm
26 | E7O9zrcBl1XyigiqgaESXJ1pTZe5SODVTiAeM+OwVlBvfGtORgl/RQ==
27 | -----END RSA PRIVATE KEY-----
28 | 


--------------------------------------------------------------------------------
/test/data/certs/mysql.client-key.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN RSA PRIVATE KEY-----
 2 | MIIEpAIBAAKCAQEA3Jh28gPoaw7E1sCjQLAgjLyR9BhmxR6Ohbf67CatvMC7+gk+
 3 | bkxnIn8QqOpDjxPaEjKNxXeqbvXrRcDwe8yG0URVyavUor4OT69HMqmVOUPO4nUv
 4 | 53esmXVxwnrEylcXeOzpQjBb6J9L688P2UEOjWWV4sH0inBbLkOs5mbCTVVsFv3k
 5 | RKgVRPLWZVwVR2hL96n3hC+veyYbFNExJtScZLrAJgqgB98taRoUxiFA/84bc0p8
 6 | ppMltPbkkWaP7k7Q6dFeR/dZPH+q8EkaD77tO0dyFh98y1yBalqIk4IVQve0s3ar
 7 | WqQ1OCY0zQfvqrSJD+hdm4ErBGs5p9CTP/4sYQIDAQABAoIBAHWsn0ba7tCtQDOO
 8 | 74dCbRqmPPWJTsk4U67hRelTeLqH1b67z6Hm/91XCvwQe5mHbXznmtkLzM8EQE0l
 9 | byObJw/a9ChwkS1/VQMM7V4JOKEjmukSuksve9Mg415rPy7w5oSLXKMCSQT+dPGF
10 | s16hZbHnztz3ugtfhERZtZHynxPA0C3A3FG/bkGGdh0b4VK8brhsGZmiVAM89mSz
11 | r95fuDg1FT7FlkdYOrz9ouM2SO1ss9FME46smBr2z1NHr456FyBvdhn4btWrbJai
12 | Z1aDl6jn9ROAJ83lo0m8dMkk9YkkghV2GmGOl6/QocCZJJJ5gVLM1KDEytD3gmyl
13 | Qst+E0ECgYEA7xaEXVDt0x7fgffbYK9W7xIugARf5E0xz+zrGI8BH2vwn5+bq5oN
14 | B5vAP5BTniJ0/BPL+7Xhpa1PXAmBs6cFHAaKW2YnBchD2+FbhjgrD3iyBt4G9K56
15 | kt2oKnnkvowYqdF1jT+HyMh6+AH1bfLw0hvtntAnueLzCgMhtAnmymsCgYEA7DMU
16 | z5LdhjaPlU9Cnu3Y4UEkKntFrSUo8jekVZ6f425SwdRiYaWZ5PkbvNWLs7V4v1B/
17 | hchFbTqCyT9vrV5MXDxjyQ1KskCbZZjV7O/8CXzB9JEZ2tgCfov+4q/c2bdEME1D
18 | 5r/Gl8xIk0AJroGISRTqZ8KcQcFDFjBI09dM72MCgYEAv3JqX0a0iX+JPcs48Xy1
19 | wg3vCjd2iZt+rZ5qymmIXp7SOR9XSdu7X0JKeRuauV+iCU/Y4R/NJhtXFr3ODAtL
20 | vhtGotVznd+05tbXsOw9HtBozbLwIvGr2PqA9DJTBnmsLh85X/dlRVOzk/ANlRMZ
21 | 30TZy3emt+SQ9I15aW8cTS0CgYB0ePfxJ83fCfahvPTwI/9HjHTGEgWYzPM1BeUe
22 | Z1sWrmdWt2FQH3YU6BYadv8tvfXt+Ub49Hnv0+N8U7DBP/fNn+Xg1ZIY9izq24Pa
23 | E7koAIIwFIE4Xj5UoroslGYGYg3Y97DdD4JhhlXfbruXdr56szqnsdqVvjRTs7ml
24 | 5MxGWwKBgQC3DhCLZF/RjvGyUpp4+9L40RUi2uoLmLfy5ZrBbkOzvLL2LK4TGdSI
25 | b4/5pbHKM3/6PwljQsUezttugxZH56TWsoczDNoEEmz0Kty9nTZrfBVYsUt7F8NU
26 | Aep1aRjy7BG7gUlDRcxB37EI+trj1HSi35tnEQx0qTxcJ7BQ1gGiCA==
27 | -----END RSA PRIVATE KEY-----
28 | 


--------------------------------------------------------------------------------
/test/data/certs/mysql.server-key.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN RSA PRIVATE KEY-----
 2 | MIIEpQIBAAKCAQEAt2voDxFO25CrYsf4VLvDYx5khsGWYlzIHCXSO1O6Bmg8VxK3
 3 | q3znYGcLwtJ+aOz2azDNkYj+ruCqezUTHalGyKDTL+YXc8MB+tonFG3ka8y3JIF2
 4 | EIwhkoP2+yYn2osgZM0wnJ5aJ185G/qLUbqJuSUi/4I8rJWC0N8DO2tTJ0bVAnVg
 5 | APCpkmWt2HN9qQrrNhDzvXxyt2aaUk+oyTpaw2vIrJdovv5yk2STRhoB3yT+Coet
 6 | u0HusedVtoUghsd7hD5+ebyYAInQZURa4582GcM7D8UwFaM8/SVjAWuqAFWqsvhq
 7 | WqzuEr6H6FCneMoplPs185n23DGYnsERWCw21wIDAQABAoIBADc8b63Z8H1+m54r
 8 | ykT6JmT7ChrqwXbtqfWQDjd/h03WphUytc0W2DbX0VriON8wPSUalU12i/vt/GkO
 9 | GqucBoz0oaSTDgz2dOouOAaW8WrlQ2Hi+sMQ8CtHQmFvpCDUNPUmNbV0moGw02nx
10 | kXMTUdZHsLpxZgQzIin0fuyt7WSuFV9koHa3jPKD4dmSlLYbwLDrO0ZRxHINfjhN
11 | oirfXI2Rp6w64dQPkcgnDaLE9UtCERhrZAuZ1Q5HTOYeow+5fiAOFHCPqjX8d8Vy
12 | GjPRmh3rVq9d8fD0fcWTjPskbU3+Gs/qI6/T/dP7l6zH4JNY2ioo85Ic5nX1MQNd
13 | L82EFgECgYEA4x0xzJAAsmUBdSO0GK/GI2pR3N5dwKF2frA/GSOVU1o7V2dPY89h
14 | DXhLdAwDp7caSKJ4KYE08djfRmlpiJCN/YSnxrKRJFXLSt+U5VAts9NHbB2mqyAx
15 | 9C24oOIMbTyBCM1vBdzGl3z0067y0oqFTCMJCztyE9myfcSPblvNWTcCgYEAzsAW
16 | pT8GH+6Zmzdwp8rgqIAms3CkuvXZEUjgYUFiGtsMQzlrHl+Qc6MhJBSXwJMJaCtm
17 | oAzVq32oV8QV+YbSD8ZbaDRIQ4xbWMXKcajf18muffhjnPGflQ3giDxox0QmSezx
18 | omq03tXLoNB2C1430oKcyzYgTdsEQT1rz3fOX2ECgYEArZDxLvlaXvuMOp53k2o5
19 | zXUCbP5Pvdhne3hsMGUeSJ4rvadJZ+jjreyiFWTdIj5vytTHakjBUpbAQ8ppiaGX
20 | sgjAQ7zR6WfbvjPSUdGNq+EqsziR2DP5mTeb4u/+OTlFD5oYX+2So9EuNdx83GRa
21 | bI5V6gybKQp1O2KNjvR/oc8CgYEAmS4gmRX0x7vT+vg8c1UQ1kb8ZX5TzmFQDkpc
22 | VDJJKXSZxUTJZJuRPtviNgU72eYW1iMxyes4c/KJw1z4mwOUpzNjjfUOhV18YG1K
23 | 7KMeFZbLvXFG/ITYo2rArK91Qg3wAF2ZOaitkVv9noxUqV+JJGK5IKZdkNFweZW0
24 | RuaQ9IECgYEAjAu6a3TBQTFXAel8n4QtVXTRXkY0MzHJNVCtYC+fCktAQi/mDLCv
25 | ZNCdOFbxwfsR5+Pg83mmc0Wc7fbn9CE7OoUxdUaJN88xa/9ppvYt5GXSm9Bod7MJ
26 | upKzDnIZmojIT+6dNSnxW/lHXLrXMDLA902gyQgiQUMEVoSMm8mN5Y4=
27 | -----END RSA PRIVATE KEY-----
28 | 


--------------------------------------------------------------------------------
/test/data/certs/mysqldump-secure.priv.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN RSA PRIVATE KEY-----
 2 | MIIEowIBAAKCAQEA8xRa0SF12Kmc50Y1Oongzrrd1XB18qcdKdjRTmV3PApx6FD4
 3 | FNtkyNfqdmulHS036s+dsDrxVfkDX1SACJvCyZsgCQUVADphCE4ku1DyhsMAltq8
 4 | JcB3+UBvKvQLZAujttFcZzcUNQ9BUQTiYWtWpSxCYSzmIHUSt9jF3ugJa6YcXKmY
 5 | ycX91nPcipkC5NvKWQCcTC6lZbmKWUz7T2ywfMm0JrK/PwM/HNoHhgnXnNGxnAnY
 6 | n0zFIjS+2e+E3hPlxqB6LibuzZsizcbQFiEN1wB/5gttf4GLM06DYxuEQZT3bjOm
 7 | DituBwK5ZB4hAxJJbXCAF9I37mWLPI6P2V772wIDAQABAoIBAQDZYxC9CsGLnFR3
 8 | +K/NxFTKTQ/qvAKfmZhZPlAhXli911F7RD442ORPQdmrQiWN7EyfsEEDxBLkoifD
 9 | 75v5FuOizRpfNq5LX+o7NTdgVcovfuFeCAxPbstcm6VPsqUlOcuVybJrlDR8J0Jw
10 | pH+YRBhe6zAKG89Ko6izxidfbABQxaVDx5jnzb7q4GE2KLOEgAyAB1TD6n9G7dUL
11 | 4tEXA0abuNPZnly01Bom/ttDEodKu/lGBWTLv673yF7jfcupD7rh8tBwEwLFp6Ww
12 | ihCeNm5sxacnx6ZQH654FUhzg2hbTURjxpsSzPrBti7OneVTpHqF6xYOUYa1VYY2
13 | 8XZGl6ihAoGBAP20oAOzG30JbgApdd6ccvHEMDRIxnhMltZ+Es2hFJpNgUdF7Xjp
14 | VsiDZH530e6pWHP8WpDGrxI//Ja9gWnLh9iFDTIyql2JDJcoiF+y2easYQn8PfPG
15 | /rZdt3sYE8JZaftjc886GFdpIdPPmAdoMT4KiJV8Nxkru4bXAudCHW4jAoGBAPVH
16 | IOCldQUb9jt3HeAhXOHpJADq8QHS8HRx77PGYhc4SrmDswz2SPEYdFigBLDe+5qL
17 | qNa/p+8TNk1Bgpy3I6bL4WKu/Ymsbmsc5eOIMMK1lN1Px6GBEMZ9x5nBtJ7JR7M+
18 | JVylBhdvUmFRabxEFPgEffhIJZOhuIL+FwXTrCrpAoGANykTdVp2yovHT9+z0e/A
19 | ChK2zFdaV4OHdCE7I1w3Z4kcZ4uroxNQnA39RoX0rehB5A3k/v9DxzsERx3yyjbH
20 | VWswQE7FvcpzY1YbuHrhZ4bpHkuqiJsmfC4KG4hTm3jnUxH/dvnRmwevpCbJjiq4
21 | Mh4GLkIwlJdukVWkOvWkAnMCgYBCwaosGjxAOL0KsD/cWZg7EEYxTcBsm6nAN6Zi
22 | ypK1+Sc1WKfp1jpCDELWQC8mqHnYNTytvhoJ0rPL0RGob5vvcLwWLMRqrRicZJAZ
23 | Hl8PD3bFyUnvJf6X13H04iizstql6Tsn/O4sgKruO8dIa0s9uZNDePdpN/HNDTTc
24 | 7CCGyQKBgBY2OCt1qDI3R0De1AeEAwOgseaL11X6X9suW/HOMH2iVVDWmiHMpaf0
25 | xFxjX68d3E65ra7Om/Z4JvM96UF2tI9k4FyQAXdtarX7L0u/cQcDp6PivtqFDEer
26 | Mqa4GovQj23H4Uh/UpnbXiQ6sTiVunAMsPrTliJiADEX7oxFZZum
27 | -----END RSA PRIVATE KEY-----
28 | 


--------------------------------------------------------------------------------
/doc/EXAMPLES.md:
--------------------------------------------------------------------------------
 1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
 2 | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) |
 3 | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) |
 4 | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) |
 5 | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) |
 6 | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) |
 7 | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) |
 8 | Examples |
 9 | [Contributing](https://github.com/cytopia/mysqldump-secure/blob/master/CONTRIBUTING.md)
10 | 
11 | ---
12 | 
13 | # Examples
14 | 
15 | ## Importing
16 | 
17 | ### All plain sql files at once
18 | 
19 | If your desired sql files that you want to import are prefixed with `2015-12-29_14-24__` you can use the following one-liner to import them all.
20 | 
21 | ```shell
22 | prefix="2015-12-29_14-24__"; \
23 | for i in ${prefix}*.sql ; do \
24 |     db="$(echo "$i" | sed "s/${prefix}//" | sed 's/\.sql//')"; \
25 |     mysql -u root -e "CREATE DATABASE IF NOT EXISTS \`$db\`;"; \
26 |     mysql -u root $db < $i; \
27 | done
28 | ```
29 | 
30 | ### All gzipped sql files at once
31 | 
32 | ```shell
33 | prefix="2015-12-29_14-24__"; \
34 | for i in ${prefix}*.sql.gz ; do \
35 |     db="$(echo "$i" | sed "s/${prefix}//" | sed 's/\.sql\.gz//')"; \
36 |     mysql -u root -e "CREATE DATABASE IF NOT EXISTS \`$db\`;"; \
37 |     gunzip < "$i" | mysql -u root $db; \
38 | done
39 | ```
40 | 
41 | ### All bzip2 sql files at once
42 | 
43 | ```shell
44 | prefix="2015-12-29_14-24__"; \
45 | for i in ${prefix}*.sql.bz2 ; do \
46 |     db="$(echo "$i" | sed "s/${prefix}//" | sed 's/\.sql\.bz2//')"; \
47 |     mysql -u root -e "CREATE DATABASE IF NOT EXISTS \`$db\`;"; \
48 |     bunzip < "$i" | mysql -u root $db; \
49 | done
50 | ```
51 | 


--------------------------------------------------------------------------------
/doc/REQUIREMENTS.md:
--------------------------------------------------------------------------------
 1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
 2 | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) |
 3 | Requirements |
 4 | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) |
 5 | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) |
 6 | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) |
 7 | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) |
 8 | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) |
 9 | [Contributing](https://github.com/cytopia/mysqldump-secure/blob/master/CONTRIBUTING.md)
10 | 
11 | ---
12 | 
13 | 
14 | # Requirements
15 | 
16 | | Program  | Required | Description |
17 | | ------------- | ------------- | -------- |
18 | | bourne shell (sh)  | yes  | The whole script is written in pure bourne shell (sh) and is 100% Posix compliant |
19 | | [mysql](https://dev.mysql.com/downloads/mysql/)  | yes  | The mysql binary is used to find all available databases and their corresponding size |
20 | | [mysqldump](https://dev.mysql.com/downloads/mysql/)  | yes  | This is used for the actual dump procedure |
21 | | [openssl](https://www.openssl.org)  | optional  | Optionally used for private/public key encrypting the database dump |
22 | | [gzip](http://www.gzip.org)  | optional  | Optionally used for compressing the database dump |
23 | | [pigz](http://zlib.net/pigz/)  | optional  | Optionally used for compressing the database dump (multithreaded) |
24 | | [bzip2](http://www.bzip.org/)  | optional  | Optionally used for compressing the database dump |
25 | | [pbzip2](http://compression.ca/pbzip2/)  | optional  | Optionally used for compressing the database dump (multithreaded) |
26 | | [xz](http://www.bzip.org/)  | optional  | Optionally used for compressing the database dump |
27 | | [lzma](http://tukaani.org/lzma/)  | optional  | Optionally used for compressing the database dump |
28 | | [lzop](http://www.lzop.org/)  | optional  | Optionally used for compressing the database dump |
29 | | [tmpwatch](https://fedorahosted.org/tmpwatch/)  | optional  | Optionally used to delete old database dumps |
30 | | [tmpreaper](https://packages.debian.org/sid/tmpreaper)  | optional  | Optionally used to delete old database dumps |
31 | | [check_mysqldump-secure](https://github.com/cytopia/check_mysqldump-secure)  | optional  | Optionally used to monitor the dump via nagios (already bundled as a submodule inside this repository) |
32 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
 2 | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) |
 3 | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) |
 4 | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) |
 5 | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) |
 6 | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) |
 7 | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) |
 8 | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) |
 9 | Contributing
10 | 
11 | ---
12 | 
13 | # Contributing
14 | 
15 | 
16 | ## Basics
17 | 
18 | 1. Do report errors when you encounter them
19 | 2. Do report suggestions for enhancements
20 | 3. Let me know if this runs successfully on an operating system I have not listed yet (see [README](README.md))
21 | 4. Add more exotic compression algorithm when you use them successfully (see [here](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md#122-compression))
22 | 5. Extend the [Example](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) section
23 | 
24 | 
25 | ## Repository integration
26 | 
27 | Anybody willing to help me get this into
28 | 
29 | 1. [X] ~~brew (OSX homebrew)~~
30 | 2. [ ] yum (CentOS)
31 | 3. [ ] apt (Debian)
32 | 4. [ ] apt (Ubuntu)
33 | 5. [ ] pkg (FreeBSD)
34 | 
35 | ## Website / Documentation
36 | 
37 | * Extend documentation
38 | * Improve project webpage
39 | * Fix grammatical errors
40 | * ...
41 | 
42 | 
43 | ## Pull requests
44 | 
45 | Whenever the code is changed or a pull-request is made, travis will trigger many hundred tests against the code and the program operation. All tests must pass without exception in order to accept the pull request.
46 | 
47 | The first check will run `shellcheck` in the most strict POSIX mode, after this test has passed the following will be checked for every single combination of configuration setting:
48 | 
49 | * Unbound variable tests (script runs with `#!/bin/sh -u`)
50 | * Syntax error tests
51 | * Abnormal program termination
52 | * Abnormal behaviour
53 | * Error handling and catching
54 | `
55 | Apart from this there are many more specific checks, some examples are:
56 | 
57 | * Backups cannot be overwritten
58 | * Proper deletion (`tmpwatch` / `tpmreaper`)
59 | * Checks against encryption
60 | * basically all configuration directives are checked ...
61 | 
62 | 
63 | ## Credits
64 | 
65 | Credit goes where credit belongs. All contributors will be listed on the project homepage in the contributors section.
66 | 
67 | 


--------------------------------------------------------------------------------
/doc/INSTALL.md:
--------------------------------------------------------------------------------
  1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
  2 | Installation |
  3 | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) |
  4 | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) |
  5 | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) |
  6 | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) |
  7 | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) |
  8 | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) |
  9 | [Contributing](https://github.com/cytopia/mysqldump-secure/blob/master/CONTRIBUTING.md)
 10 | 
 11 | ---
 12 | 
 13 | # mysqldump-secure Installation
 14 | 
 15 | ## 1. OSX
 16 | 
 17 | ### 1.1 Stable version
 18 | 
 19 | ```shell
 20 | brew tap cytopia/tap
 21 | brew install mysqldump-secure
 22 | ```
 23 | Or in one line
 24 | ```shell
 25 | brew install cytopia/tap/mysqldump-secure
 26 | ```
 27 | 
 28 | ### 1.2 Latest development version
 29 | 
 30 | ```shell
 31 | brew tap cytopia/tap
 32 | brew install --HEAD mysqldump-secure
 33 | ```
 34 | Or in one line
 35 | ```shell
 36 | brew install --HEAD cytopia/tap/mysqldump-secure
 37 | ```
 38 | 
 39 | ## 2. Linux, BSD and OSX
 40 | 
 41 | ### 2.1 Download
 42 | 
 43 | **Tarball (stable)**
 44 | ```shell
 45 | wget https://github.com/cytopia/mysqldump-secure/archive/0.16.5.tar.gz -O - | tar -xz
 46 | cd mysqldump-secure
 47 | ```
 48 | **Tarball (devel)**
 49 | ```shell
 50 | wget https://github.com/cytopia/mysqldump-secure/archive/master.tar.gz -O - | tar -xz
 51 | cd mysqldump-secure
 52 | ```
 53 | 
 54 | **Git (stable)**
 55 | ```shell
 56 | git clone https://github.com/cytopia/mysqldump-secure.git
 57 | cd mysqldump-secure
 58 | git checkout 0.16.5
 59 | ```
 60 | **Git (devel)**
 61 | ```shell
 62 | git clone https://github.com/cytopia/mysqldump-secure.git
 63 | cd mysqldump-secure
 64 | ```
 65 | 
 66 | **Composer (stable)**
 67 | ```shell
 68 | composer create-project cytopia/mysqldump-secure
 69 | cd mysqldump-secure
 70 | ```
 71 | **Composer (devel)**
 72 | ```shell
 73 | composer create-project -s dev cytopia/mysqldump-secure
 74 | cd mysqldump-secure
 75 | ```
 76 | 
 77 | 
 78 | 
 79 | ### 2.2 Configure
 80 | Configure for system default location
 81 | ```shell
 82 | ./configure
 83 | ```
 84 | Configure to custom location (e.g.: `/usr/local`)
 85 | ```shell
 86 | ./configure --prefix=/usr/local
 87 | ```
 88 | 
 89 | ### 2.3 Build and install
 90 | ```shell
 91 | make
 92 | sudo make install
 93 | ```
 94 | 
 95 | 
 96 | ### 3. Checking
 97 | 
 98 | Once mysqldump-secure is installed you should run the self-test which tells you all about the stuff that is wrong or missing. By default only the mysql connection will fail and the rest will be auto-configured:
 99 | ```shell
100 | mysqldump-secure --test
101 | ```
102 | 


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
  1 | dist: trusty
  2 | sudo: required
  3 | 
  4 | 
  5 | 
  6 | language: bash
  7 | 
  8 | 
  9 | 
 10 | addons:
 11 |   apt:
 12 |     packages:
 13 |       - mysql-server-5.6
 14 |       - mysql-client-core-5.6
 15 |       - mysql-client-5.6
 16 | 
 17 | 
 18 | 
 19 | services:
 20 |   - mysql
 21 | 
 22 | 
 23 | 
 24 | before_install:
 25 |   # Install 'shellcheck' and 'tmpreaper'
 26 |   - sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty-backports restricted main universe"
 27 |   - sudo apt-get update -qq
 28 |   - sudo apt-get install -qq shellcheck tmpreaper
 29 | 
 30 | 
 31 | 
 32 | before_script:
 33 | 
 34 |   # -------------------- MySQL --------------------
 35 | 
 36 | 
 37 |   # Installs mysqldump-secure and MySQL as with as master and a slave server
 38 |   - ./test/00-install.sh
 39 |   - sleep 10
 40 | 
 41 | 
 42 |   - sudo mysql --ssl-ca=/opt/mysqldump-secure/tests/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=13306 -e "status;"
 43 |   - sudo mysql --ssl-ca=/opt/mysqldump-secure/tests/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=13307 -e "status;"
 44 | 
 45 |   # 6. Show config
 46 |   # - sudo cat /etc/mysqldump-secure.conf
 47 | 
 48 | 
 49 | script:
 50 | 
 51 | 
 52 |   # --------------------------------------------------------------------------------
 53 |   #
 54 |   # SOURCE CODE LINTING
 55 |   #
 56 |   # --------------------------------------------------------------------------------
 57 | 
 58 |   # Shellcheck
 59 |   - shellcheck --shell=sh bin/mysqldump-secure
 60 |   - shellcheck --shell=sh bin/create-keypair.sh
 61 |   - shellcheck --shell=sh bin/decrypt.sh
 62 |   - shellcheck --shell=sh bin/encrypt.sh
 63 |   - shellcheck --shell=sh --exclude=SC2034,SC2148 etc/mysqldump-secure.conf
 64 | 
 65 | 
 66 |   # --------------------------------------------------------------------------------
 67 |   #
 68 |   # Checks
 69 |   #
 70 |   # --------------------------------------------------------------------------------
 71 | 
 72 |   - ./test/01-check_normal-operation.sh
 73 |   - ./test/02-check_output_dirs.sh
 74 |   - ./test/03-check_connection_settings.sh
 75 |   - ./test/04-check_mysqldump_settings.sh
 76 |   - ./test/05-check_consistency_settings.sh
 77 |   - ./test/06-check_logging.sh
 78 |   - ./test/07-check_compression.sh
 79 |   - ./test/08-check_encryption.sh
 80 |   - ./test/09-check_deletion.sh
 81 |   - ./test/10-check_nagios_log.sh
 82 |   - ./test/11-check_info_file.sh
 83 |   - ./test/12-check_misc_settings.sh
 84 | 
 85 | 
 86 |   # TODO:
 87 |   #  * Duplicate files testing!!!
 88 |   #  * Connection checking (host not found, access denied, etc)
 89 |   #  * master/slave tests
 90 |   #  * nagios check
 91 | 
 92 | 
 93 | 
 94 | 
 95 |   # --------------------------------------------------------------------------------
 96 |   #
 97 |   # Show info
 98 |   #
 99 |   # --------------------------------------------------------------------------------
100 | 
101 |   # Contents of dump folder
102 |   #- sudo ls -la /var/mysqldump-secure
103 | 


--------------------------------------------------------------------------------
/configure:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # This is a leight-weight self-styled configure script
  4 | 
  5 | 
  6 | PREFIX=""
  7 | 
  8 | print_help() {
  9 | 
 10 | 	echo "Usage: configure [--prefix]"
 11 | 	echo ""
 12 | 	echo "--prefix     Specify custom install prefix."
 13 | 	echo "             e.g. --prefix=/usr/local"
 14 | 	echo ""
 15 | }
 16 | 
 17 | 
 18 | while [ $# -gt 0  ]; do
 19 | 
 20 | 	case "$1" in
 21 | 
 22 | 		--help)
 23 | 			print_help
 24 | 			exit 0
 25 | 			;;
 26 | 
 27 | 		--prefix*)
 28 | 			CUSTOM_PREFIX="$(echo "$1" | $(which sed) 's/^--prefix=//g')"
 29 | 			# Remove trailing slash
 30 | 			CUSTOM_PREFIX="/$(echo "${CUSTOM_PREFIX}" | $(which sed) 's#/*$##;s#^/*##')"
 31 | 			PREFIX="${CUSTOM_PREFIX}"
 32 | 			;;
 33 | 
 34 | 		*)
 35 | 			echo "Invalid argument: '${1}'"
 36 | 			echo "Type '${0} --help' for available options."
 37 | 			exit 1
 38 | 			;;
 39 | 	esac
 40 | 	shift
 41 | done
 42 | 
 43 | 
 44 | 
 45 | 
 46 | # Create build directory
 47 | if [ ! -d build ]; then
 48 | 	$(which mkdir) build
 49 | fi
 50 | 
 51 | # Copy files to dist directory
 52 | $(which cp) -f bin/mysqldump-secure build/
 53 | $(which cp) -f etc/mysqldump-secure.conf build/
 54 | $(which cp) -f etc/mysqldump-secure.cnf build/
 55 | $(which cp) -f man/mysqldump-secure.1 build/
 56 | 
 57 | # Adjust auto-generated vars
 58 | $(which sed) -i'' -e "s|^_PREFIX_ETC=\"\"$|_PREFIX_ETC=\"${PREFIX}\"|g" build/mysqldump-secure
 59 | $(which sed) -i'' -e "s|^_PREFIX_LOG=\"\"$|_PREFIX_LOG=\"${PREFIX}\"|g" build/mysqldump-secure
 60 | $(which sed) -i'' -e "s|^_PREFIX_VAR=\"\"$|_PREFIX_VAR=\"${PREFIX}\"|g" build/mysqldump-secure
 61 | 
 62 | # Adjust prefix-paths in config
 63 | $(which sed) -i'' -e "s|^DUMP_DIR=\"/var/mysqldump-secure\"|DUMP_DIR=\"${PREFIX}/var/mysqldump-secure\"|g" build/mysqldump-secure.conf
 64 | $(which sed) -i'' -e "s|^MYSQL_CNF_FILE=\"/etc/mysqldump-secure.cnf\"|MYSQL_CNF_FILE=\"${PREFIX}/etc/mysqldump-secure.cnf\"|g" build/mysqldump-secure.conf
 65 | $(which sed) -i'' -e "s|^LOG_FILE=\"/var/log/mysqldump-secure.log\"|LOG_FILE=\"${PREFIX}/var/log/mysqldump-secure.log\"|g" build/mysqldump-secure.conf
 66 | $(which sed) -i'' -e "s|^OPENSSL_PUBKEY_PEM=\"/etc/mysqldump-secure.pub.pem\"|OPENSSL_PUBKEY_PEM=\"${PREFIX}/etc/mysqldump-secure.pub.pem\"|g" build/mysqldump-secure.conf
 67 | $(which sed) -i'' -e "s|^NAGIOS_LOG_FILE=\"/var/log/mysqldump-secure.nagios.log\"|NAGIOS_LOG_FILE=\"${PREFIX}/var/log/mysqldump-secure.nagios.log\"|g" build/mysqldump-secure.conf
 68 | 
 69 | if [ -z "${PREFIX}" ]; then
 70 | 	ETCDIR="/etc"
 71 | 	BINDIR="/usr/bin"
 72 | 	MANDIR="/usr/share/man"
 73 | else
 74 | 	ETCDIR="${PREFIX}/etc"
 75 | 	BINDIR="${PREFIX}/bin"
 76 | 	MANDIR="${PREFIX}/share/man"
 77 | fi
 78 | 
 79 | # Write configure configuration file
 80 | echo "PREFIX = ${PREFIX}"  > configure.in
 81 | echo "ETCDIR = ${ETCDIR}" >> configure.in
 82 | echo "BINDIR = ${BINDIR}" >> configure.in
 83 | echo "MANDIR = ${MANDIR}" >> configure.in
 84 | 
 85 | echo ""
 86 | echo "Configure run successfully"
 87 | echo ""
 88 | if [ -z "${PREFIX}" ]; then
 89 | 	echo "     Install prefix: /"
 90 | else
 91 | 	echo "     Install prefix: ${PREFIX}"
 92 | fi
 93 | echo ""
 94 | echo "Files will be installed to:"
 95 | echo "     ${BINDIR}/mysqldump-secure"
 96 | echo "     ${ETCDIR}/mysqldump-secure.conf"
 97 | echo "     ${ETCDIR}/mysqldump-secure.cnf"
 98 | echo "     ${MANDIR}/man1/mysqldump-secure.1"
 99 | echo ""
100 | echo "Run 'make' to build or 'make help' for options"
101 | exit 0
102 | 


--------------------------------------------------------------------------------
/test/12-check_misc_settings.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  12.  C H E C K I N G   M I S C   S E T T I N G S"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  12.1 \$TMP_DIR"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 12.1.1 #TMP_DIR=\"/tmp\""
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^TMP_DIR="  "#TMP_DIR="
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "WARN" "1" "\$TMP_DIR" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	echo "---------- NORMAL MODE ----------"
 39 | 	CMD="${CMD_NORM}"
 40 | 	if ! check "1" "1" "WARN" "1" "\$TMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 41 | 
 42 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 43 | 	CMD="${CMD_VERB}"
 44 | 	if ! check "1" "1" "WARN" "1" "\$TMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 45 | 
 46 | sed_change_config_file "^#TMP_DIR="  "TMP_DIR="
 47 | 
 48 | 
 49 | 
 50 | echo
 51 | echo "----------------------------------------"
 52 | echo " 12.1.2 TMP_DIR=\"\""
 53 | echo "----------------------------------------"
 54 | echo
 55 | sed_change_config_file "^TMP_DIR=\"/tmp\""  "TMP_DIR=\"\""
 56 | 
 57 | 	echo "---------- CRON MODE ----------"
 58 | 	CMD="${CMD_CRON}"
 59 | 	if ! check "1" "1" "WARN" "1" "\$TMP_DIR" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 60 | 
 61 | 	echo "---------- NORMAL MODE ----------"
 62 | 	CMD="${CMD_NORM}"
 63 | 	if ! check "1" "1" "WARN" "1" "\$TMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 64 | 
 65 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 66 | 	CMD="${CMD_VERB}"
 67 | 	if ! check "1" "1" "WARN" "1" "\$TMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 68 | 
 69 | sed_change_config_file "^TMP_DIR=\"\""  "TMP_DIR=\"/tmp\""
 70 | 
 71 | 
 72 | 
 73 | echo
 74 | echo "----------------------------------------"
 75 | echo " 12.1.3 TMP_DIR=\"/foo\""
 76 | echo "----------------------------------------"
 77 | echo
 78 | sed_change_config_file "^TMP_DIR=\"/tmp\""  "TMP_DIR=\"/foo\""
 79 | 
 80 | 	echo "---------- CRON MODE ----------"
 81 | 	CMD="${CMD_CRON}"
 82 | 	if ! check "1" "1" "ABORT" "1" "\$TMP_DIR" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 83 | 
 84 | 	echo "---------- NORMAL MODE ----------"
 85 | 	CMD="${CMD_NORM}"
 86 | 	if ! check "1" "1" "ABORT" "1" "\$TMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 87 | 
 88 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 89 | 	CMD="${CMD_VERB}"
 90 | 	if ! check "1" "1" "ABORT" "1" "\$TMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 91 | 
 92 | sed_change_config_file "^TMP_DIR=\"/foo\""  "TMP_DIR=\"/tmp\""
 93 | 
 94 | 
 95 | 
 96 | echo
 97 | echo
 98 | if [ "$ERROR" = "0" ]; then
 99 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
100 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [12] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
101 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
102 | else
103 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
104 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [12] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
105 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
106 | fi
107 | exit $ERROR
108 | 


--------------------------------------------------------------------------------
/man/mysqldump-secure.1:
--------------------------------------------------------------------------------
 1 | .TH mysqldump-secure 1 "23 March 2022" "version 0.16.5"
 2 | .SH NAME
 3 | mysqldump-secure - secure mysqldump wrapper with encryption
 4 | .SH SYNOPSIS
 5 |  mysqldump-secure
 6 | .BR
 7 |  mysqldump-secure [--conf] [--cron] [--test] [-v[-v]] [--help] [--version]
 8 | .SH DESCRIPTION
 9 | .PP
10 | Mysqldump-secure is a POSIX compliant shell wrapper for \fBmysqldump\fR(1) with strong security in mind. It will backup every available database (which is readable by the specified user) as a separate file with the possibility to opt out via blacklisting. Dumped databases can optionally be piped directly to gzip or openssl in order to compress and/or encrypt the backup. Encryption is done before the file is written to disk to avoid possible race conditions.
11 | .SH OPTIONS
12 | Usage: mysqldump-secure [--conf] [--cron] [--test] [-v[v]]
13 | .BR
14 |        mysqldump-secure --help
15 | .BR
16 |        mysqldump-secure --version
17 | .PP
18 | When invoked without any arguments, it will start dumping databases as defined in mysqldump-secure.conf.
19 | .PP
20 | --conf      Pass different configuration file than the default one. E.g.: --conf=/etc/mysqldump-secure-alt.conf
21 | .PP
22 | --cron      Use for cron run. It will only output errors and warnings and will silence all info, debug and trace output.
23 | .PP
24 | --test      Test requirements and exit. Combine with -v or -vv for more verbose output.
25 | .PP
26 | -v          Show debug output. Can be combined with --conf  and --test
27 | .PP
28 | -vv         Show debug and trace output. Can be combined with --conf  and --test
29 | .PP
30 | --help      Show help screen.
31 | .PP
32 | --version   Show version information.
33 | .SH FILES
34 | .PP
35 |  /etc/mysqldump-secure.cnf
36 |     This file stores mysql credentials.
37 | .PP
38 |  /etc/mysqldump-secure.conf
39 |     Main configuration file.
40 | .SH EXAMPLE
41 | .PP
42 | Prior using mysqldump-secure to backup databases, you should run the test mode in order to make sure everything is setup correctly. Running the test mode directly after installation should give you an error about the MySQL connection.
43 | .PP
44 |     > mysqldump-secure --test
45 | .PP
46 |     [INFO]  (OPT): Logging enabled
47 |     [INFO]  (OPT): MySQL SSL connection disabled
48 |     [INFO]  (OPT): Compression enabled
49 |     [INFO]  (OPT): Encryption disabled
50 |     [INFO]  (OPT): Deletion disabled
51 |     [INFO]  (OPT): Nagios log enabled
52 |     [INFO]  (OPT): Info files enabled
53 |     [FATAL] (RUN): Cannot connect to mysql database.
54 |     [FATAL] (RUN): Via: /usr/bin/mysql --defaults-file=/etc/mysqldump-secure.cnf
55 |     [FATAL] (RUN): SQL: ERROR 1045 (28000): Access denied for user 'readonlyuser'@'localhost' (using password: YES)
56 |     [FATAL] (HLP): Fix credentials in: /etc/mysqldump-secure.cnf
57 |     [FATAL] Aborting
58 | .PP
59 | So in order to fix that, you should change credentials in /etc/mysqldump-secure.cnf. Once done, the output should look like this:
60 | .PP
61 |     > mysqldump-secure --test
62 | .PP
63 |     [INFO]  (OPT): Logging enabled
64 |     [INFO]  (OPT): MySQL SSL connection disabled
65 |     [INFO]  (OPT): Compression enabled
66 |     [INFO]  (OPT): Encryption disabled
67 |     [INFO]  (OPT): Deletion disabled
68 |     [INFO]  (OPT): Nagios log enabled
69 |     [INFO]  (OPT): Info files enabled
70 | .PP
71 | If no errors or warnigs are shown and the program exits with 0, you are ready to go.
72 | .PP
73 | Add the verbose flag to get more information. Either use -v for debug or -vv for debug and trace output.
74 | 
75 | .SH EXIT STATUS
76 |  0          All fine, no fatals, no errors and no warnings occured.
77 |  1          Warnings occured, but all dumps were successfull.
78 |  2          Errors occured, but all dumps were successfull.
79 |  3          Failed. Mysqldump encountered errors.
80 |  4          Abort. The program aborted, due to missing requirements, wrong arguments or a misconfiguration.
81 | .SH BUGS
82 | Please report all bugs to https://github.com/cytopia/mysqldump-secure/issues
83 | .SH "SEE ALSO"
84 | .sp
85 | \fBmysqldump\fR(1), \fBmysql\fR(1)
86 | .SH AUTHOR
87 | Patrick Plocke (patrick@plocke.de)
88 | .PP
89 | http://mysqldump-secure.org
90 | 
91 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
  1 | # Unix Makefile
  2 | 
  3 | # Local files
  4 | DUMP_SH   = mysqldump-secure
  5 | DUMP_CONF = mysqldump-secure.conf
  6 | DUMP_CNF  = mysqldump-secure.cnf
  7 | MAN_PAGE  = mysqldump-secure.1
  8 | 
  9 | # Configuration
 10 | SHELL = /bin/sh
 11 | 
 12 | MKDIR_P = mkdir -p
 13 | 
 14 | # Check if './configure' has been run
 15 | ifneq ("$(wildcard configure.in)","")
 16 | CONFIGURED = 1
 17 | include configure.in
 18 | else
 19 | CONFIGURED = 0
 20 | endif
 21 | 
 22 | # Check if 'make' has been run
 23 | ifneq ("$(wildcard Makefile.in)","")
 24 | MAKED = 1
 25 | else
 26 | MAKED = 0
 27 | endif
 28 | 
 29 | # Check if any file is already installed
 30 | ifneq ("$(wildcard $(ETCDIR)/$(DUMP_CONF))","")
 31 | INSTALLED = 1
 32 | endif
 33 | ifneq ("$(wildcard $(ETCDIR)/$(DUMP_CNF))","")
 34 | INSTALLED = 1
 35 | endif
 36 | ifneq ("$(wildcard $(BINDIR)/$(DUMP_SH))","")
 37 | INSTALLED = 1
 38 | endif
 39 | ifneq ("$(wildcard $(MANDIR)/$(MAN_PAGE))","")
 40 | INSTALLED = 1
 41 | endif
 42 | 
 43 | 
 44 | all:
 45 | 
 46 | ifeq ($(CONFIGURED),0)
 47 | $(error Not configured, run ./configure)
 48 | endif
 49 | 
 50 | 	@touch Makefile.in
 51 | 
 52 | 	@echo "finished."
 53 | 	@echo "Type 'make install' or 'make reinstall'"
 54 | 
 55 | 
 56 | help:
 57 | 	@echo Options
 58 | 	@echo "   make install"
 59 | 	@echo "      Install everthing (might require root)"
 60 | 	@echo ""
 61 | 	@echo "   make reinstall"
 62 | 	@echo "      Install everthing even if it is already"
 63 | 	@echo "      installed (might require root)"
 64 | 	@echo ""
 65 | 	@echo "   make uninstall"
 66 | 	@echo "      Remove everything except the logfiles"
 67 | 	@echo "      (might require root)"
 68 | 	@echo ""
 69 | 	@echo "   make clean"
 70 | 	@echo "      Clean build"
 71 | 	@echo ""
 72 | 	@echo "   make help"
 73 | 	@echo "      Show this help screen"
 74 | 
 75 | 
 76 | install:
 77 | 
 78 | ifeq ($(MAKED),0)
 79 | 	$(error Run 'make' first or show help: 'make help')
 80 | endif
 81 | 
 82 | ifeq ($(INSTALLED),1)
 83 | 	$(error Already installed, use make reinstall)
 84 | endif
 85 | 
 86 | 	@echo "Installing files"
 87 | 	@echo ""
 88 | 
 89 | 	@# Create directories
 90 | 	${MKDIR_P} $(BINDIR)
 91 | 	${MKDIR_P} $(ETCDIR)
 92 | 	${MKDIR_P} $(MANDIR)/man1
 93 | 
 94 | 	@# Install binary
 95 | 	install -m 0755 build/$(DUMP_SH) $(BINDIR)/$(DUMP_SH)
 96 | 
 97 | 	@# Install config file and create backup if there is one already
 98 | 	install -b -m 0400 build/$(DUMP_CONF) $(ETCDIR)/$(DUMP_CONF)
 99 | 
100 | 	@# Install config file and create backup if there is one already
101 | 	install -b -m 0400 build/$(DUMP_CNF) $(ETCDIR)/$(DUMP_CNF)
102 | 	@echo ""
103 | 
104 | 	@# Install man pages
105 | 	install -b -m 0644 build/$(MAN_PAGE) $(MANDIR)/man1/$(MAN_PAGE)
106 | 	@echo ""
107 | 
108 | 	@echo "Installation complete:"
109 | 	@echo "    $(BINDIR)/$(DUMP_SH)"
110 | 	@echo "    $(ETCDIR)/$(DUMP_CONF)"
111 | 	@echo "    $(ETCDIR)/$(DUMP_CNF)"
112 | 	@echo "    $(MANDIR)/$(MAN_PAGE)"
113 | 	@echo ""
114 | 	@echo "----------------------------------------------------------------------"
115 | 	@echo "Note:"
116 | 	@echo ""
117 | 	@echo "Adjust values in $(ETCDIR)/$(DUMP_CONF)"
118 | 	@echo "Adjust values in $(ETCDIR)/$(DUMP_CNF)"
119 | 	@echo "----------------------------------------------------------------------"
120 | 	@echo ""
121 | 
122 | 
123 | reinstall:
124 | 
125 | ifeq ($(MAKED),0)
126 | 	$(error Type 'make' first)
127 | endif
128 | 
129 | 	@echo "Installing files"
130 | 	@echo ""
131 | 
132 | 	@# Create directories
133 | 	${MKDIR_P} $(BINDIR)
134 | 	${MKDIR_P} $(ETCDIR)
135 | 	${MKDIR_P} $(MANDIR)/man1
136 | 
137 | 	@# Install binary
138 | 	install -m 0755 build/$(DUMP_SH) $(BINDIR)/$(DUMP_SH)
139 | 	@echo ""
140 | 
141 | 	@# Install config file without overwriting
142 | 	test -f $(ETCDIR)/$(DUMP_CONF) \
143 | 		&& install -m 0400 build/$(DUMP_CONF) $(ETCDIR)/$(DUMP_CONF).new \
144 | 		|| install -m 0400 build/$(DUMP_CONF) $(ETCDIR)/$(DUMP_CONF)
145 | 
146 | 	@echo ""
147 | 
148 | 	@# Install config file without overwriting
149 | 	test -f $(ETCDIR)/$(DUMP_CNF) \
150 | 		&& install -m 0400 build/$(DUMP_CNF) $(ETCDIR)/$(DUMP_CNF).new \
151 | 		|| install -m 0400 build/$(DUMP_CNF) $(ETCDIR)/$(DUMP_CNF)
152 | 	@echo ""
153 | 
154 | 	@# Install man pages
155 | 	install -b -m 0644 build/$(MAN_PAGE) $(MANDIR)/man1/$(MAN_PAGE)
156 | 	@echo ""
157 | 
158 | 	@echo "Installation complete"
159 | 	@echo ""
160 | 	@echo "Compare new config: $(ETCDIR)/$(DUMP_CONF).new"
161 | 	@echo "Compare new config: $(ETCDIR)/$(DUMP_CNF).new"
162 | 	@echo "New configuration options might be available"
163 | 
164 | 
165 | 
166 | uninstall:
167 | 
168 | 	@# Keep the logfile, as we do not know its location (it is set in config)
169 | 	@# Just remove the binaries, man(1) and config files.
170 | 	rm -f $(BINDIR)/$(DUMP_SH)
171 | 	rm -f $(ETCDIR)/$(DUMP_CONF)
172 | 	rm -f $(ETCDIR)/$(DUMP_CNF)
173 | 	rm -f $(ETCDIR)/$(DUMP_CONF).new
174 | 	rm -f $(ETCDIR)/$(DUMP_CNF).new
175 | 	rm -f $(MANDIR)/man1/$(MAN_PAGE)
176 | 
177 | 
178 | 
179 | clean:
180 | 
181 | 	rm -rf build/*
182 | 	rm -f configure.in
183 | 	rm -f Makefile.in
184 | 
185 | 


--------------------------------------------------------------------------------
/doc/SECURITY.md:
--------------------------------------------------------------------------------
 1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
 2 | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) |
 3 | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) |
 4 | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) |
 5 | Security |
 6 | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) |
 7 | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) |
 8 | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) |
 9 | [Contributing](https://github.com/cytopia/mysqldump-secure/blob/master/CONTRIBUTING.md)
10 | 
11 | ---
12 | 
13 | 
14 | # Security
15 | 
16 | Mysqldump-secure was built with many security aspects in mind which are explained below.
17 | 
18 | ## Database password stealing
19 | 
20 | When you run `mysqldump` with `-p` or `--password` option from command line or automated via cron it is possible for other users to grab the password.
21 | 
22 | > ```shell
23 | > mysqldump --user=root --password=foo --host=localhost database > database.sql
24 | > ```
25 | **THIS IS REALLY DANGEROUS**
26 | 
27 | Even if run inside a script, you can see the mysql password in cleartext in `ps aux`.
28 | You should always define your credentials in a my.cnf file with `chmod 400` or you can loose all your databases to everybody with access to that machine.
29 | 
30 | > <sub>[MySQL End-User Guidelines for Password Security](https://dev.mysql.com/doc/refman/5.7/en/password-security-user.html)</sub>
31 | 
32 | > <sub>Specifying a password on the command line should be considered insecure. You can use an option file to avoid giving the password on the command line.</sub>
33 | 
34 | 
35 | One other mechanism to prevent this is to enable `hidepid` on the mounted `/proc` device which will then hide your processes to all other users.
36 | 
37 | [Linux Kernel commit](https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=0499680a42141d86417a8fbaa8c8db806bea1201)
38 | >> hidepid=1 means users may not access any /proc/<pid>/ directories, but
39 | >> their own.  Sensitive files like cmdline, sched*, status are now protected
40 | >> against other users.  As permission checking done in proc_pid_permission()
41 | >> and files' permissions are left untouched, programs expecting specific
42 | >> files' modes are not confused.
43 | 
44 | This however might not be possible on shared hostings.
45 | 
46 | The second more clever solution lies within the usage of mysql config files. Credentials specified in `my.cnf` (mysqldump section) are automatically used when running mysqldump without showing them in `ps auxw` or `top`.
47 | 
48 | Mysqldump-secure installs its own *.cnf* file where you can set the credentials for your mysqldump session.
49 | 
50 | In the best case you would create a user who only has read permissions on all databases you want to dump (including the mysql database).
51 | 
52 | 
53 | ## Default values
54 | 
55 | Mysqldump-secure's default permission values for files and folders are very strict and will only allow access (read/write) to the user starting the process (and obviously root, if it was not run by root).
56 | 
57 | Furthermore it will complain and in some cases abort if a file permission was not strict enough. For example if the password file was world readable, it will stop execution and inform you that the passwords could have been leaked.
58 | 
59 | For all other sensitive permissions, mysqldump-secure will auto-set them accordingly to the ones specified in `mysqldump-secure.conf`.
60 | 
61 | 
62 | ## Umask and chmod
63 | 
64 | If you have not set any special `umask` settings on the system, `mysqldump` (and any other program) will normally write the databases to disk with chmod `0644` permissions. If the parent folder is not protected, the dumps will be readable by anybody.
65 | 
66 | You could do a `chmod 0600` afterwards, but doing it afterwards is already too late, so `mysqldump-secure` is temporarily setting the `umask` prior writing the file to disk, so that it is possible to dump with `chmod 400`.
67 | 
68 | This can be accomplished in such a way:
69 | ```shell
70 | umask 377; mysqldump
71 | ```
72 | 
73 | This however is your responsibility, if you should change the following two variables from `mysqldump-secure.conf`:
74 | ```shell
75 | DUMP_DIR_CHMOD="0700"
76 | DUMP_FILE_CHMOD="0400"
77 | ```
78 | 
79 | Always make sure to protect the parent directory (where the dumps are going to be) as well as the dumps itself.
80 | 
81 | ## Encryption
82 | 
83 | Another layer of security is to also encrypt the database on the fly while dumping (before writing to disk). This is accomplished via hybrid encryption. It is using aes and private/public key encryption.
84 | 
85 | You will need to create a private/public keypair and only copy your public key to the server. Mysqldump-secure will make use of the public key to encrypt your dumps against (similar to pgp encryption).
86 | 
87 | Dump can only be decrypted with the private key, which should be somewhere safe and ideally not on the same server.
88 | 


--------------------------------------------------------------------------------
/test/11-check_info_file.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  11.  C H E C K I N G   I N F O   F I L E "
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  11.1 \$DUMP_FILE_INFO"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 11.1.1 #DUMP_FILE_INFO=1"
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^DUMP_FILE_INFO=1"  "#DUMP_FILE_INFO=1"
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 39 | 		echo "---------- NORMAL MODE ----------"
 40 | 		CMD="${CMD_NORM}"
 41 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 42 | 	fi
 43 | 
 44 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 45 | 	CMD="${CMD_VERB}"
 46 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 47 | 
 48 | sed_change_config_file "^#DUMP_FILE_INFO=1"  "DUMP_FILE_INFO=1"
 49 | 
 50 | 
 51 | 
 52 | echo
 53 | echo "----------------------------------------"
 54 | echo " 11.1.2 DUMP_FILE_INFO=2"
 55 | echo "----------------------------------------"
 56 | echo
 57 | sed_change_config_file "^DUMP_FILE_INFO=1"  "DUMP_FILE_INFO=2"
 58 | 
 59 | 	echo "---------- CRON MODE ----------"
 60 | 	CMD="${CMD_CRON}"
 61 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 62 | 
 63 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 64 | 		echo "---------- NORMAL MODE ----------"
 65 | 		CMD="${CMD_NORM}"
 66 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 67 | 	fi
 68 | 
 69 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 70 | 	CMD="${CMD_VERB}"
 71 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 72 | 
 73 | sed_change_config_file "^DUMP_FILE_INFO=2"  "DUMP_FILE_INFO=1"
 74 | 
 75 | 
 76 | 
 77 | echo
 78 | echo "----------------------------------------"
 79 | echo " 11.1.3 DUMP_FILE_INFO=\"wrong\""
 80 | echo "----------------------------------------"
 81 | echo
 82 | sed_change_config_file "^DUMP_FILE_INFO=1"  "DUMP_FILE_INFO=\"wrong\""
 83 | 
 84 | 	echo "---------- CRON MODE ----------"
 85 | 	CMD="${CMD_CRON}"
 86 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 87 | 
 88 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 89 | 		echo "---------- NORMAL MODE ----------"
 90 | 		CMD="${CMD_NORM}"
 91 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 92 | 	fi
 93 | 
 94 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 95 | 	CMD="${CMD_VERB}"
 96 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 97 | 
 98 | sed_change_config_file "^DUMP_FILE_INFO=\"wrong\""  "DUMP_FILE_INFO=1"
 99 | 
100 | 
101 | 
102 | echo
103 | echo "----------------------------------------"
104 | echo " 11.1.4 DUMP_FILE_INFO=\"\""
105 | echo "----------------------------------------"
106 | echo
107 | sed_change_config_file "^DUMP_FILE_INFO=1"  "DUMP_FILE_INFO=\"\""
108 | 
109 | 	echo "---------- CRON MODE ----------"
110 | 	CMD="${CMD_CRON}"
111 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
112 | 
113 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
114 | 		echo "---------- NORMAL MODE ----------"
115 | 		CMD="${CMD_NORM}"
116 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
117 | 	fi
118 | 
119 | 	echo "---------- NORMAL MODE VERBOSE ----------"
120 | 	CMD="${CMD_VERB}"
121 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_INFO" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
122 | 
123 | sed_change_config_file "^DUMP_FILE_INFO=\"\""  "DUMP_FILE_INFO=1"
124 | 
125 | 
126 | 
127 | echo
128 | echo "----------------------------------------"
129 | echo " 11.1.5 DUMP_FILE_INFO=0"
130 | echo "----------------------------------------"
131 | sed_change_config_file "^DUMP_FILE_INFO=1"  "DUMP_FILE_INFO=0"
132 | 
133 | 	echo "---------- CRON MODE ----------"
134 | 	CMD="${CMD_CRON}"
135 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
136 | 
137 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
138 | 		echo "---------- NORMAL MODE ----------"
139 | 		CMD="${CMD_NORM}"
140 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
141 | 	fi
142 | 
143 | 	echo "---------- NORMAL MODE VERBOSE ----------"
144 | 	CMD="${CMD_VERB}"
145 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
146 | 
147 | sed_change_config_file "^DUMP_FILE_INFO=0"  "DUMP_FILE_INFO=1"
148 | 
149 | 
150 | 
151 | 
152 | 
153 | echo
154 | echo
155 | if [ "$ERROR" = "0" ]; then
156 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
157 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [11] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
158 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
159 | else
160 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
161 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [11] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
162 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
163 | fi
164 | exit $ERROR
165 | 


--------------------------------------------------------------------------------
/doc/COMPRESSION.md:
--------------------------------------------------------------------------------
  1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
  2 | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) |
  3 | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) |
  4 | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) |
  5 | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) |
  6 | Compression |
  7 | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) |
  8 | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) |
  9 | [Contributing](https://github.com/cytopia/mysqldump-secure/blob/master/CONTRIBUTING.md)
 10 | 
 11 | ---
 12 | 
 13 | 
 14 | # Compression
 15 | 
 16 | ## Perfomance
 17 | 
 18 | When you choose a compression algorithm also keep in mind they have different performances. The following shows a direct comparison between `gzip -9`, `bzip2 -9` and the multithreaded version `pbzip2 -9` for smaller and medium sized databases.
 19 | 
 20 | It was tested on a MacBookPro (2014), Intel Core i7 2.5Ghz (8 cores) with 16GB RAM.
 21 | 
 22 | 
 23 | ### Time
 24 | 
 25 | The total time taken from `mysqldump-secure` to dump,  compress and write the data to disk. The size in brackets refers to the database size in `MySQL`. The following represents a mean time calculated from 10 rounds.
 26 | 
 27 | |                    | direct<sup>[1]</sup>  | gzip -9 | bzip2 -9 | pbzip2 -9 | lzop -9 | lzma -9<sup>[2]</sup>| xz -9   | xz -9 -e|
 28 | |--------------------|--------:|--------:|---------:|----------:|--------:|-------:|--------:|--------:|
 29 | | db_14 (6.74 MB)    |   1 sec |  1 sec  |   0 sec  |   0 sec   |   1 sec |  0 sec |   1 sec |   1 sec |
 30 | | db_13 (6.93 MB)    |   0 sec |  0 sec  |   0 sec  |   1 sec   |   1 sec |  1 sec |   1 sec |   1 sec |
 31 | | db_06 (10.71 MB)   |   0 sec |  1 sec  |   1 sec  |   0 sec   |   1 sec |  2 sec |   2 sec |   6 sec |
 32 | | db_16 (12.49 MB)   |   1 sec |  0 sec  |   1 sec  |   0 sec   |   1 sec |  2 sec |   2 sec |  18 sec |
 33 | | db_05 (14.39 MB)   |   1 sec |  1 sec  |   2 sec  |   1 sec   |   1 sec |  2 sec |   2 sec |  11 sec |
 34 | | db_03 (14.39 MB)   |   0 sec |  1 sec  |   1 sec  |   1 sec   |   1 sec |  2 sec |   2 sec |  10 sec |
 35 | | db_10 (17.24 MB)   |   1 sec |  0 sec  |   2 sec  |   0 sec   |   2 sec |  3 sec |   3 sec |  23 sec |
 36 | | db_12 (20.18 MB)   |   1 sec |  1 sec  |   2 sec  |   1 sec   |   2 sec |  3 sec |   3 sec |  20 sec |
 37 | | db_04 (39.28 MB)   |   2 sec |  2 sec  |   4 sec  |   1 sec   |   5 sec | 11 sec |  11 sec |  54 sec |
 38 | | db_08 (44.46 MB)   |   1 sec |  2 sec  |   3 sec  |   1 sec   |   5 sec |  8 sec |   8 sec |  21 sec |
 39 | | db_07 (44.48 MB)   |   2 sec |  2 sec  |   3 sec  |   2 sec   |   5 sec |  9 sec |   8 sec |  22 sec |
 40 | | db_15 (95.97 MB)   |   3 sec |  4 sec  |   6 sec  |   3 sec   |   8 sec | 15 sec |  15 sec |  36 sec |
 41 | | db_17 (158.29 MB)  |   6 sec | 4 sec   |  16 sec  |   4 sec   |   9 sec | 27 sec |  26 sec |  47 sec |
 42 | | db_02 (166.68 MB)  |   7 sec |  4 sec  |  26 sec  |  10 sec   |  11 sec | 23 sec |  22 sec | 503 sed |
 43 | | db_09 (266.39 MB)  |  11 sec |  15 sec |  29 sec  |  10 sec   |  23 sec | 77 sec |  79 sec | 427 sec |
 44 | | db_01 (433.66 MB)  |  15 sec |  19 sec |  45 sec  |  14 sec   |  44 sec |148 sec | 145 sec | 753 sec |
 45 | | db_11 (499.33 MB)  |  26 sec |  30 sec |  65 sec  |  22 sec   |  69 sec |181 sec | 171 sec | 930 sec |
 46 | | db_18 (1.919 GB)   | 634 sec | 422 sec |2464 sec  | 773 sec   |1078 sec |556 sec |2934 sec |15242 sec|
 47 | 
 48 | 
 49 | 
 50 | * [1] `Direct` (without compression) is usually much slower than this, because most server HDD's are ofteb the bottleneck (my machine has a very fast PCIe SSD).
 51 | * [2] On modern systems `lzma` is usually an alias to `xz --format=lzma`
 52 | 
 53 | 
 54 | Looks like `pbzip2` is generally faster than `gzip` (and a lot faster than `bzip2`), except for bigger files (see `db_18`).
 55 | 
 56 | 
 57 | ### Final filesize
 58 | 
 59 | This is the resulting file size from `ls -lh`.
 60 | 
 61 | |                    | direct | gzip -9 | bzip2 -9 | pbzip2 -9 | lzop -9 | lzma -9 | xz -9 |xz -9 -e |
 62 | |--------------------|-------:|--------:|---------:|----------:|--------:|--------:|------:|--------:|
 63 | | db_14 (6.74 MB)    | 1.3M   |  129K   | 102K     | 102K      |  167K   |   92K   |  92K  |   82K   |
 64 | | db_13 (6.93 MB)    | 1.5M   |  143K   | 112K     | 112K      |  183K   |  102K   | 102K  |   92K   |
 65 | | db_06 (10.71 MB)   | 5.1M   |  464K   | 339K     | 339K      |  618K   |  328K   | 328K  |  278K   |
 66 | | db_16 (12.49 MB)   | 9.8M   |  597K   | 385K     | 386K      |  855K   |  493K   | 493K  |  413K   |
 67 | | db_05 (14.39 MB)   | 8.4M   |  757K   | 556K     | 557K      | 1007K   |  509K   | 509K  |  446K   |
 68 | | db_03 (14.39 MB)   | 8.4M   |  757K   | 556K     | 557K      | 1007K   |  508K   | 508K  |  446K   |
 69 | | db_10 (17.24 MB)   |  12M   |  756K   | 505K     | 506K      |  1.1M   |  530K   | 538K  |  339K   |
 70 | | db_12 (20.18 MB)   |  13M   |  1.1M   | 802K     | 803K      |  1.5M   |  780K   | 781K  |  646K   |
 71 | | db_04 (39.28 MB)   |  30M   |  3.1M   | 2.3M     | 2.3M      |  4.1M   |  2.3M   | 2.3M  |  1.9M   |
 72 | | db_08 (44.46 MB)   |  21M   |  3.5M   | 2.8M     | 2.8M      |  4.5M   |  2.4M   | 2.4M  |  2.3M   |
 73 | | db_07 (44.48 MB)   |  21M   |  3.5M   | 2.8M     | 2.8M      |  4.5M   |  2.4M   | 2.4M  |  2.3M   |
 74 | | db_15 (95.97 MB)   |  38M   |  6.6M   | 5.2M     | 5.2M      |  8.4M   |  3.5M   | 3.5M  |  3.4M   |
 75 | | db_17 (158.29 MB)  | 120M   |   12M   | 8.9M     | 8.9M      |   15M   |  6.7M   | 6.7M  |  6.4M   |
 76 | | db_02 (166.68 MB)  | 153M   |  5.5M   | 3.8M     | 3.8M      |  8.6M   |  3.1M   | 3.1M  |  2.4M   |
 77 | | db_09 (266.39 MB)  | 214M   |   19M   |  14M     |  14M      |   25M   |   13M   |  13M  |   10M   |
 78 | | db_01 (433.66 MB)  | 394M   |   35M   |  26M     |  26M      |   46M   |   25M   |  25M  |   20M   |
 79 | | db_11 (499.33 MB)  | 454M   |   49M   |  36M     |  36M      |   66M   |   35M   |  35M  |   29M   |
 80 | | db_18 (1.919 GB)   |  15G   |  638M   | 464M     | 465M      |  810M   |  295M   | 295M  |  266M   |
 81 | 
 82 | 
 83 | 
 84 | 
 85 | 
 86 | The difference in file size is quiet noticable.
 87 | 
 88 | ### System Load
 89 | 
 90 | #### gzip -9
 91 | ![gzip -9](https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/gzip-9.png)
 92 | 
 93 | #### bzip2 -9
 94 | ![bzip2 -9](https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/bzip2-9.png)
 95 | 
 96 | #### pbzip2 -9
 97 | ![pbzip2 -9](https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/pbzip2-9.png)
 98 | 
 99 | #### lzma -9
100 | ![pbzip2 -9](https://raw.githubusercontent.com/cytopia/mysqldump-secure/master/doc/img/lzma-9.png)
101 | 


--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
  1 | Version 0.17 (unreleased)
  2 | ------------
  3 | 
  4 | 
  5 | Version 0.16.5
  6 | --------------
  7 | 
  8 | - [Fix]     Ensure `PATH` variable is set to survive cron runs
  9 | 
 10 | 
 11 | Version 0.16.4
 12 | --------------
 13 | 
 14 | - [Fix]     `empty` keyword is reserved in MySQL 8+
 15 | 
 16 | 
 17 | Version 0.16.3
 18 | --------------
 19 | 
 20 | - [Fix]     Changed SMIME size threshold from 12MB to 1200MB
 21 | 
 22 | 
 23 | Version 0.16.2
 24 | --------------
 25 | 
 26 | - [Fix]     Warn about SMIME bug if db size > 1200MB (https://github.com/cytopia/mysqldump-secure/issues/21)
 27 | 
 28 | 
 29 | Version 0.16.1
 30 | --------------
 31 | 
 32 | - [Enh]     Code refactoring
 33 | - [Enh]     Removed tput coloring (making it work under FreeBSD)
 34 | - [Enh]     Removed table list, as it was to slow with db: >1000 tables
 35 | - [Fix]     Fixed bug on systems with locales that use commas for floats
 36 | - [Fix]     Fixed configure to not stop when target directory does not exist
 37 | 
 38 | 
 39 | Version 0.16
 40 | ------------
 41 | 
 42 | - [Fix]     Show pipefail-emulation errors and warnings (now works as expected)
 43 | - [Fix]     Using `--defaults-file` instead of `--defaults-extra-file` to make sure no unwanted options are loaded.
 44 | - [Fix]     Wrong "finished with errors" on `tmpwatch` readonly files
 45 | - [Fix]     Exception Handling: Handle all unbound variables
 46 | - [Fix]     Catch error in case of wrong values in all 0/1 variables
 47 | - [Fix]     Catch `tmpwatch`/`tmpreaper` errors and show warn/err accordingly
 48 | - [Fix]     `tmpreaper`/`tmpwatch` values now accept/validate units (m, h, d)
 49 | - [Fix]     Output: stdout did not show all deleted files by tmpwatch/tmpreaper
 50 | - [Fix]     Testing: Validate MYSQL_OPTS
 51 | - [Enh]     Adding info files for each dump file (optionally).
 52 | - [Enh]     Logleves for logging to file (0-3)
 53 | - [Enh]     Adding info: Show SSL cyphers in use by server (If SSL is enabled)
 54 | - [Enh]     Adding info: Show if Server is master or slave
 55 | - [Enh]     Adding info: Show server name and version
 56 | - [Enh]     Adding info: Show current connection IP/Port or socket
 57 | - [Enh]     Improving Logic: Allow $REQUIRE to overwrite $IGNORE
 58 | - [Enh]     Improving Option: Allowing wildcards for ignored databases (e.g: IGNORE="*")
 59 | - [Enh]     Adding option: Conditional `--quick` dependent on database size
 60 | - [Enh]     Adding option: Consistend DB dumps (InnoDB, mixed, other)
 61 | - [Enh]     Adding option: SSL Connection
 62 | - [Enh]     Adding argument: --verbose argument
 63 | - [Enh]     Testing: Adding lots and lots of travis checks.
 64 | - [Enh]     Making /tmp folder settable via config
 65 | - [Enh]     Output: New debug level: trace
 66 | - [Enh]     Output: Colorized logging
 67 | - [Enh]     Output: Consolidate logging
 68 | - [Enh]     Script: Use #!/bin/sh -u to check against unset variables
 69 | - [Enh]     Removed ${_INSTALL_PREFIX} from config file
 70 | 
 71 | 
 72 | Version 0.15
 73 | ------------
 74 | 
 75 | - [Fix]     Exception Handling: Show error when file already exists on disk
 76 | - [Fix]     Fixed failed count and total dumped count
 77 | - [Fix]     [install] Fixed script install permissions
 78 | - [Fix]     [Nagios plugin] Submodule udpated
 79 | - [Enh]     [conf] Allow to specify custom config via argument
 80 | - [Enh]     Cleaned debug output
 81 | 
 82 | 
 83 | Version 0.14.1
 84 | --------------
 85 | 
 86 | - [Fix]     [install] Create man dir if not exists
 87 | 
 88 | 
 89 | Version 0.14
 90 | ------------
 91 | 
 92 | - [Fix]     Do not silently ignore empty databases, show that they were skipped with reason.
 93 | - [Enh]     Add man page: man 1 mysqldump-secure
 94 | - [Enh]     Improved install routine
 95 | 
 96 | 
 97 | Version 0.13
 98 | ------------
 99 | 
100 | - [Fix]     #17 [sec] chmod is done after dumping to disk (now using umask before)
101 | - [Fix]     #16 allow 0700 chmod formats as well as 700
102 | - [Enh]     Added documentation about security measurements
103 | - [Enh]     Improved code readability of integrity checks
104 | - [Enh]     Auto-fix Nagios Log chmod permissions.
105 | - [Enh]     Add chmod setting for Nagios Log in config.
106 | - [Enh]     Added compression preset: pigz
107 | 
108 | 
109 | Version 0.12
110 | ------------
111 | 
112 | - [Fix]     Now properly reports whether nagios plugin log is enabled/disabled
113 | - [Enh]     Code cleaning: created solid base for more cli arguments
114 | - [Enh]     Cron mode (--cron) (Silenced cron mode: no debug, only warnings and errors)
115 | - [Enh]     Test mode (--test)
116 | - [Enh]     Help screen (--help)
117 | - [Enh]     Version screen (--version)
118 | - [Enh]     Adjusted documentation
119 | 
120 | 
121 | Version 0.11.3
122 | --------------
123 | 
124 | - [Fix]     Try to create logfile directory if it does not exist
125 | 
126 | 
127 | Version 0.11.2
128 | --------------
129 | 
130 | - [Fix]     make install: Add directories if they don't exist
131 | 
132 | 
133 | Version 0.11.1
134 | --------------
135 | 
136 | - [Fix]     ./configure: ignore missing runtime requirements
137 | 
138 | 
139 | Version 0.11
140 | ------------
141 | 
142 | - [Fix]     make uninstall: Also remove *.new files
143 | - [Enh]     Prefix path for installation
144 | - [Enh]     ./configure && make && make install routine
145 | - [Enh]     Variable name refactoring
146 | - [Enh]     Added encryption performance documentation
147 | - [Enh]     Added compression performance documentation
148 | - [Enh]     Added xz default preset
149 | 
150 | 
151 | Version 0.10
152 | ------------
153 | 
154 | - [Enh]     More documentation about compression
155 | - [Enh]     Added pbzip2 as a much faster pre-configured compression algorithm
156 | 
157 | 
158 | Version 0.9
159 | -----------
160 | 
161 | - [Enh]     Added .editorconfig to the project
162 | - [Fix]     Documentation: dos file types changed to unix
163 | - [Fix]     Install in /usr/local/bin instead of /usr/local/sbin
164 | - [Enh]     Keep original filename after decryption (https://github.com/Paike)
165 | - [Enh]     Make compression algorithm dynamic (thanks to @Paike)
166 | 
167 | 
168 | Version 0.8
169 | -----------
170 | 
171 | - [Enh]     Plugin update
172 | - [Enh]     Documentation
173 | - [Enh]     Makefile adjustments
174 | 
175 | 
176 | Version 0.7
177 | -----------
178 | 
179 | - [Enh]     Better default dump options
180 | - [Enh]     Pass shellcheck
181 | 
182 | 
183 | Version 0.6
184 | -----------
185 | 
186 | - [Enh]     #11 Added choice to use either tmpwatch (redhat/centos/fedora) or tmpreaper (ubuntu/debian)
187 | - [Bug]     #12 Remove files even if EUID doesn’t have write access (have config option for that to enable)
188 | 
189 | 
190 | Version 0.5.1
191 | -----------
192 | 
193 | - [Enh]     Improved Nagios Long output
194 | 
195 | 
196 | Version 0.5
197 | -----------
198 | 
199 | - [Bug]     Do not overwrite configuration files during re-/install
200 | - [Enh]     Tied submodule check_mysqldump-secure to 0.5
201 | 
202 | 
203 | Version 0.4
204 | -----------
205 | 
206 | - [Bug]     Fixed bug when adding up two non integers (time and size)
207 | - [Bug]     Fixed bug when using compression AND encryption together
208 | - [Enh]     Display total Size and total Megabytes at the end
209 | - [Enh]     Adjustable file/folder permission for target dir and db dumps
210 | - [Enh]     List of required databases
211 | - [Enh]     Added evil/bad mysqldump option blacklist
212 | 
213 | 
214 | Version 0.3
215 | -----------
216 | 
217 | - [Enh]     Added Nagios Plugin submodule
218 | - [Enh]     Added Nagios Configuration Options
219 | 
220 | 
221 | Version 0.2
222 | -----------
223 | 
224 | - [Fix]     Added full POSIX compatibility
225 | - [Enh]     Show database size while dumping
226 | - [Enh]     Added installation via composer
227 | 
228 | 
229 | Version 0.1
230 | -----------
231 | 
232 | - [Fix]     Added full POSIX compatibility
233 | - [Enh]     Show database size while dumping
234 | 
235 | 


--------------------------------------------------------------------------------
/test/00-install.sh:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env bash
  2 | 
  3 | ERROR=0
  4 | 
  5 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  6 | . "${DIR}/config"
  7 | 
  8 | 
  9 | 
 10 | ################################################################################
 11 | #
 12 | # mysqldump-secure installation
 13 | #
 14 | ################################################################################
 15 | 
 16 | 
 17 | #
 18 | # Remove existing directories
 19 | #
 20 | if [ -d ${_INSTALL_PREFIX} ]; then
 21 | 	sudo rm -rf "${_INSTALL_PREFIX}"
 22 | fi
 23 | 
 24 | #
 25 | # Create directories
 26 | #
 27 | sudo mkdir -p ${_INSTALL_PREFIX}
 28 | 
 29 | #
 30 | # Install mysqldump-secure
 31 | #
 32 | ./configure --prefix="${_INSTALL_PREFIX}"
 33 | make
 34 | sudo make install
 35 | 
 36 | 
 37 | 
 38 | ################################################################################
 39 | #
 40 | # mysqldump-secure configuration
 41 | #
 42 | ################################################################################
 43 | 
 44 | #
 45 | # Adjust credentials file (MASTER server)
 46 | #
 47 | sudo sed -i'' "s/^host.*$/host = 127.0.0.1/" ${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf
 48 | sudo sed -i'' "s/^port.*$/port = ${SQL_MASTER_PORT}/" ${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf
 49 | sudo sed -i'' "s/^user.*$/user = root/" ${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf
 50 | sudo sed -i'' "s/^password.*$/password = /" ${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf
 51 | #printf "[client]\nhost = 127.0.0.1\nport = ${SQL_MASTER_PORT}\nuser = root\npassword =\n" | sudo tee ${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf
 52 | 
 53 | #
 54 | # Copy public/private keys
 55 | #
 56 | sudo cp -f ${DIR}/data/certs/mysqldump-secure.priv.pem ${_INSTALL_PREFIX}/etc/ && sudo chmod 600 ${_INSTALL_PREFIX}/etc/mysqldump-secure.priv.pem
 57 | sudo cp -f ${DIR}/data/certs/mysqldump-secure.pub.pem  ${_INSTALL_PREFIX}/etc/ && sudo chmod 600 ${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem
 58 | #
 59 | # Enable SSL Connection
 60 | #
 61 | sudo sed -i'' "s|MYSQL_SSL_ENABLE=0|MYSQL_SSL_ENABLE=1|g" ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 62 | sudo sed -i'' "s|MYSQL_SSL_CA_PEM=\"/path/to/ca.pem\"|MYSQL_SSL_CA_PEM=\"${_INSTALL_PREFIX}/etc/mysql.ca.pem\"|g" ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 63 | # TODO: Validate this!
 64 | #- sudo sed -i'' 's/#MYSQL_SSL_CLIENT_CERT_PEM="\/path\/to\/client-cert.pem"/MYSQL_SSL_CLIENT_CERT_PEM="\/etc\/mysql.client-cert.pem"/g' ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 65 | #- sudo sed -i'' 's/#MYSQL_SSL_CLIENT_KEY_PEM="\/path\/to\/client-key.pem"/MYSQL_SSL_CLIENT_KEY_PEM="\/etc\/mysql.client-key.pem"/g' ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 66 | 
 67 | # 3. Enable encryption
 68 | sudo sed -i'' 's/^ENCRYPT=0/ENCRYPT=1/' ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 69 | 
 70 | 
 71 | # 5. Enable Deletion (Delete all files older than 1 minute)
 72 | sudo sed -i'' 's/^DELETE=0/DELETE=1/'                                  ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 73 | sudo sed -i'' 's/^DELETE_FORCE=0/DELETE_FORCE=1/'                      ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 74 | sudo sed -i'' 's/^DELETE_IF_OLDER=30d/DELETE_IF_OLDER=1m/'             ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 75 | 
 76 | # Change tmpwatch to tmpreaper on debian based systems
 77 | if command -v apt-get >/dev/null 2>&1; then
 78 | 	sudo sed -i'' 's/^DELETE_METHOD="tmpwatch"/DELETE_METHOD="tmpreaper"/' ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 79 | fi
 80 | 
 81 | 
 82 | 
 83 | # 6. Show config
 84 | #sudo cat ${_INSTALL_PREFIX}/etc/mysqldump-secure.conf
 85 | 
 86 | 
 87 | 
 88 | 
 89 | 
 90 | ################################################################################
 91 | #
 92 | # MySQL configuration
 93 | #
 94 | ################################################################################
 95 | 
 96 | #
 97 | # Create directories for MySQL
 98 | #
 99 | sudo mkdir -p ${_INSTALL_PREFIX}/var/mysql-master
100 | sudo mkdir -p ${_INSTALL_PREFIX}/var/log/mysql-master/
101 | 
102 | sudo mkdir -p ${_INSTALL_PREFIX}/var/mysql-slave
103 | sudo mkdir -p ${_INSTALL_PREFIX}/var/log/mysql-slave/
104 | 
105 | 
106 | #
107 | # Copy MySQL certificates
108 | #
109 | sudo cp -f ${DIR}/data/certs/mysql.ca-key.pem      ${_INSTALL_PREFIX}/etc/ && sudo chmod 600 ${_INSTALL_PREFIX}/etc/mysql.ca-key.pem
110 | sudo cp -f ${DIR}/data/certs/mysql.ca.pem          ${_INSTALL_PREFIX}/etc/ && sudo chmod 644 ${_INSTALL_PREFIX}/etc/mysql.ca.pem
111 | sudo cp -f ${DIR}/data/certs/mysql.server-cert.pem ${_INSTALL_PREFIX}/etc/ && sudo chmod 644 ${_INSTALL_PREFIX}/etc/mysql.server-cert.pem
112 | sudo cp -f ${DIR}/data/certs/mysql.server-key.pem  ${_INSTALL_PREFIX}/etc/ && sudo chmod 644 ${_INSTALL_PREFIX}/etc/mysql.server-key.pem
113 | sudo cp -f ${DIR}/data/certs/mysql.client-cert.pem ${_INSTALL_PREFIX}/etc/ && sudo chmod 600 ${_INSTALL_PREFIX}/etc/mysql.client-cert.pem
114 | sudo cp -f ${DIR}/data/certs/mysql.client-key.pem  ${_INSTALL_PREFIX}/etc/ && sudo chmod 600 ${_INSTALL_PREFIX}/etc/mysql.client-key.pem
115 | 
116 | #
117 | # Copy MySQL Default file (in case it does not exist)
118 | #
119 | if [ -d /usr/share/mysql/ ]; then
120 | 	if [ ! -f /usr/share/mysql/my-default.cnf ]; then
121 | 		sudo cp ${DIR}/data/my-default.cnf /usr/share/mysql/my-default.cnf
122 | 	fi
123 | fi
124 | 
125 | #
126 | # Copy MySQL Configuration file
127 | #
128 | sudo cp -f ${DIR}/data/my-master.cnf ${_INSTALL_PREFIX}/etc/my-master.cnf
129 | sudo cp -f ${DIR}/data/my-slave.cnf ${_INSTALL_PREFIX}/etc/my-slave.cnf
130 | 
131 | 
132 | #
133 | # Replace placeholders in *.cnf files
134 | #
135 | sudo sed -i'' "s|##SQL_MASTER_PORT##|${SQL_MASTER_PORT}|g" ${_INSTALL_PREFIX}/etc/my-master.cnf
136 | sudo sed -i'' "s|##_INSTALL_PREFIX##|${_INSTALL_PREFIX}|g" ${_INSTALL_PREFIX}/etc/my-master.cnf
137 | 
138 | sudo sed -i'' "s|##SQL_SLAVE_PORT##|${SQL_SLAVE_PORT}|g" ${_INSTALL_PREFIX}/etc/my-slave.cnf
139 | sudo sed -i'' "s|##_INSTALL_PREFIX##|${_INSTALL_PREFIX}|g" ${_INSTALL_PREFIX}/etc/my-slave.cnf
140 | 
141 | 
142 | #
143 | # Start MySQL Master
144 | #
145 | echo "[mysql] [master] install_db"
146 | if sudo mysql_install_db --defaults-file=${_INSTALL_PREFIX}/etc/my-master.cnf > /dev/null 2>&1; then
147 | 	echo "[mysql] [master] install_db done"
148 | 
149 | 	echo "[mysql] [master] server start"
150 | 	sudo mysqld --defaults-file=${_INSTALL_PREFIX}/etc/my-master.cnf &
151 | 	sleep 10
152 | 	echo "[mysql] [master] server start done"
153 | fi
154 | 
155 | #
156 | # Add User to MySQL Master
157 | #
158 | echo "[mysql] [master] Adding User"
159 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e "CREATE USER 'slave_user'@'localhost' IDENTIFIED BY 'aaa';"
160 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e "CREATE USER 'slave_user'@'127.0.0.1' IDENTIFIED BY 'aaa';"
161 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e "CREATE USER 'slave_user'@'%' IDENTIFIED BY 'aaa';"
162 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e "GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'localhost' IDENTIFIED BY 'aaa';"
163 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e "GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'127.0.0.1' IDENTIFIED BY 'aaa';"
164 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e "GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'%' IDENTIFIED BY 'aaa';"
165 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e "FLUSH PRIVILEGES;"
166 | echo "[mysql] [master] Adding User done"
167 | 
168 | 
169 | 
170 | 
171 | 
172 | #
173 | # Start MySQL Slave
174 | #
175 | echo "[mysql] [slave] install_db"
176 | if sudo mysql_install_db --defaults-file=${_INSTALL_PREFIX}/etc/my-slave.cnf > /dev/null 2>&1; then
177 | 	echo "[mysql] [slave] install_db done"
178 | 
179 | 	echo "[mysql] [slave] server start"
180 | 	sudo mysqld --defaults-file=${_INSTALL_PREFIX}/etc/my-slave.cnf &
181 | 	sleep 10
182 | 	echo "[mysql] [slave] server start done"
183 | fi
184 | 
185 | 
186 | #
187 | # Start Slave mode
188 | #
189 | echo "[mysql] [slave] Adding Master replication on slave"
190 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_SLAVE_PORT} -e "CHANGE MASTER TO MASTER_HOST='127.0.0.1', MASTER_PORT=${SQL_MASTER_PORT}, MASTER_USER='slave_user', MASTER_PASSWORD='aaa', MASTER_LOG_FILE='mysql-bin.000001';"
191 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_SLAVE_PORT} -e "START SLAVE;"
192 | echo "[mysql] [slave] Adding Master replication on slave done"
193 | 
194 | 
195 | #
196 | # Status
197 | #
198 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e 'status;'
199 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_SLAVE_PORT} -e 'status;'
200 | 
201 | 
202 | #
203 | # Create databases (MASTER)
204 | #
205 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e 'create database my_empty_db1;'
206 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e 'create database my_empty_db2;'
207 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e 'create database db_InnoDB_only;'
208 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e 'create database db_MyISAM_only;'
209 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e 'create database db_InnoDB_and_MyISAM;'
210 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} -e 'create database mds;'
211 | 
212 | #
213 | # Import databases (MASTER)
214 | #
215 | bunzip2 < ${DIR}/data/db/db_InnoDB_only.sql.bz2       | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} db_InnoDB_only
216 | bunzip2 < ${DIR}/data/db/db_MyISAM_only.sql.bz2       | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} db_MyISAM_only
217 | bunzip2 < ${DIR}/data/db/db_InnoDB_and_MyISAM.sql.bz2 | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} db_InnoDB_and_MyISAM
218 | bunzip2 < ${DIR}/data/db/db_mds.sql.bz2               | sudo mysql --ssl-ca=${_INSTALL_PREFIX}/etc/mysql.ca.pem --user=root --host=127.0.0.1 --port=${SQL_MASTER_PORT} mds
219 | 
220 | 
221 | 
222 | #
223 | # Show listening ports
224 | #
225 | #netstat -an | grep LISTEN
226 | 
227 | 
228 | #
229 | # Show database error logs
230 | #
231 | #sudo cat ${_INSTALL_PREFIX}/var/log/mysql-master/error.log
232 | #sudo cat ${_INSTALL_PREFIX}/var/log/mysql-slave/error.log
233 | 
234 | 
235 | 
236 | 
237 | 
238 | exit $ERROR
239 | 


--------------------------------------------------------------------------------
/test/02-check_output_dirs.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  2.  C H E C K I N G   O U T P U T   F I L E S / F O L D E R S"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  2.1 \$DUMP_DIR"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 2.1.1 #DUMP_DIR=\"${_INSTALL_PREFIX}/var/mysqldump-secure/\""
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^DUMP_DIR="  "#DUMP_DIR="
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 39 | 		echo "---------- NORMAL MODE ----------"
 40 | 		CMD="${CMD_NORM}"
 41 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 42 | 	fi
 43 | 
 44 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 45 | 	CMD="${CMD_VERB}"
 46 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 47 | 
 48 | sed_change_config_file "^#DUMP_DIR="  "DUMP_DIR="
 49 | 
 50 | 
 51 | 
 52 | echo
 53 | echo "----------------------------------------"
 54 | echo " 2.1.2 DUMP_DIR=\"${_INSTALL_PREFIX}/var/mysqldump-secure/dir1/dir2\""
 55 | echo "----------------------------------------"
 56 | echo
 57 | sed_change_config_file "^DUMP_DIR=\"${_INSTALL_PREFIX}/var/mysqldump-secure\""  "DUMP_DIR=\"${_INSTALL_PREFIX}/var/mysqldump-secure/dir1/dir2\""
 58 | 
 59 | 	echo "---------- CRON MODE ----------"
 60 | 	CMD="${CMD_CRON}"
 61 | 	if ! check "1" "1" "WARN" "1" "dir1/dir2" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 62 | 	sudo rm -rf ${_INSTALL_PREFIX}/var/mysqldump-secure/dir1/
 63 | 
 64 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 65 | 		echo "---------- NORMAL MODE ----------"
 66 | 		CMD="${CMD_NORM}"
 67 | 		if ! check "1" "1" "WARN" "1" "dir1/dir2" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 68 | 		sudo rm -rf ${_INSTALL_PREFIX}/var/mysqldump-secure/dir1/
 69 | 	fi
 70 | 
 71 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 72 | 	CMD="${CMD_VERB}"
 73 | 	if ! check "1" "1" "WARN" "1" "dir1/dir2" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 74 | 	sudo rm -rf ${_INSTALL_PREFIX}/var/mysqldump-secure/dir1/
 75 | 
 76 | sed_change_config_file "^DUMP_DIR=\"${_INSTALL_PREFIX}/var/mysqldump-secure/dir1/dir2\"" "DUMP_DIR=\"${_INSTALL_PREFIX}/var/mysqldump-secure\""
 77 | 
 78 | 
 79 | 
 80 | 
 81 | echo
 82 | echo
 83 | echo
 84 | echo "--------------------------------------------------------------------------------"
 85 | echo "-"
 86 | echo "-  2.2 \$DUMP_DIR_CHMOD"
 87 | echo "-"
 88 | echo "--------------------------------------------------------------------------------"
 89 | 
 90 | echo
 91 | echo "----------------------------------------"
 92 | echo " 2.2.1 #DUMP_DIR_CHMOD=\"0700\""
 93 | echo "----------------------------------------"
 94 | echo
 95 | sed_change_config_file "^DUMP_DIR_CHMOD=\"0700\""  "#DUMP_DIR_CHMOD=\"0700\""
 96 | 
 97 | 	echo "---------- CRON MODE ----------"
 98 | 	CMD="${CMD_CRON}"
 99 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
100 | 
101 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
102 | 		echo "---------- NORMAL MODE ----------"
103 | 		CMD="${CMD_NORM}"
104 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
105 | 	fi
106 | 
107 | 	echo "---------- NORMAL MODE VERBOSE ----------"
108 | 	CMD="${CMD_VERB}"
109 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
110 | 
111 | sed_change_config_file "^#DUMP_DIR_CHMOD=\"0700\""  "DUMP_DIR_CHMOD=\"0700\""
112 | 
113 | 
114 | 
115 | echo
116 | echo "----------------------------------------"
117 | echo " 2.2.2 DUMP_DIR_CHMOD=\"0700a\""
118 | echo "----------------------------------------"
119 | echo
120 | sed_change_config_file "^DUMP_DIR_CHMOD=\"0700\""  "DUMP_DIR_CHMOD=\"0700a\""
121 | 
122 | 	echo "---------- CRON MODE ----------"
123 | 	CMD="${CMD_CRON}"
124 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
125 | 
126 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
127 | 		echo "---------- NORMAL MODE ----------"
128 | 		CMD="${CMD_NORM}"
129 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
130 | 	fi
131 | 
132 | 
133 | 	echo "---------- NORMAL MODE VERBOSE ----------"
134 | 	CMD="${CMD_VERB}"
135 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
136 | 
137 | sed_change_config_file "^DUMP_DIR_CHMOD=\"0700a\""  "DUMP_DIR_CHMOD=\"0700\""
138 | 
139 | 
140 | 
141 | echo
142 | echo "----------------------------------------"
143 | echo " 2.2.3 DUMP_DIR_CHMOD=\"abc\""
144 | echo "----------------------------------------"
145 | echo
146 | sed_change_config_file "^DUMP_DIR_CHMOD=\"0700\""  "DUMP_DIR_CHMOD=\"abc\""
147 | 
148 | 	echo "---------- CRON MODE ----------"
149 | 	CMD="${CMD_CRON}"
150 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
151 | 
152 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
153 | 		echo "---------- NORMAL MODE ----------"
154 | 		CMD="${CMD_NORM}"
155 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
156 | 	fi
157 | 
158 | 	echo "---------- NORMAL MODE VERBOSE ----------"
159 | 	CMD="${CMD_VERB}"
160 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
161 | 
162 | sed_change_config_file "^DUMP_DIR_CHMOD=\"abc\""  "DUMP_DIR_CHMOD=\"0700\""
163 | 
164 | 
165 | 
166 | echo
167 | echo "----------------------------------------"
168 | echo " 2.2.4 DUMP_DIR_CHMOD=\"\""
169 | echo "----------------------------------------"
170 | echo
171 | sed_change_config_file "^DUMP_DIR_CHMOD=\"0700\""  "DUMP_DIR_CHMOD=\"\""
172 | 
173 | 	echo "---------- CRON MODE ----------"
174 | 	CMD="${CMD_CRON}"
175 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
176 | 
177 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
178 | 		echo "---------- NORMAL MODE ----------"
179 | 		CMD="${CMD_NORM}"
180 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
181 | 	fi
182 | 
183 | 	echo "---------- NORMAL MODE VERBOSE ----------"
184 | 	CMD="${CMD_VERB}"
185 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_DIR_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
186 | 
187 | sed_change_config_file "^DUMP_DIR_CHMOD=\"\""  "DUMP_DIR_CHMOD=\"0700\""
188 | 
189 | 
190 | 
191 | 
192 | echo
193 | echo
194 | echo "--------------------------------------------------------------------------------"
195 | echo "-"
196 | echo "-  2.3 \$DUMP_FILE_CHMOD"
197 | echo "-"
198 | echo "--------------------------------------------------------------------------------"
199 | 
200 | echo
201 | echo "----------------------------------------"
202 | echo " 2.3.1 #DUMP_FILE_CHMOD=\"0400\""
203 | echo "----------------------------------------"
204 | echo
205 | sed_change_config_file "^DUMP_FILE_CHMOD=\"0400\""  "#DUMP_FILE_CHMOD=\"0400\""
206 | 
207 | 	echo "---------- CRON MODE ----------"
208 | 	CMD="${CMD_CRON}"
209 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
210 | 
211 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
212 | 		echo "---------- NORMAL MODE ----------"
213 | 		CMD="${CMD_NORM}"
214 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
215 | 	fi
216 | 
217 | 	echo "---------- NORMAL MODE VERBOSE ----------"
218 | 	CMD="${CMD_VERB}"
219 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
220 | 
221 | sed_change_config_file "^#DUMP_FILE_CHMOD=\"0400\""  "DUMP_FILE_CHMOD=\"0400\""
222 | 
223 | 
224 | 
225 | echo
226 | echo "----------------------------------------"
227 | echo " 2.3.2 DUMP_FILE_CHMOD=\"0400a\""
228 | echo "----------------------------------------"
229 | echo
230 | sed_change_config_file "^DUMP_FILE_CHMOD=\"0400\""  "DUMP_FILE_CHMOD=\"0400a\""
231 | 
232 | 	echo "---------- CRON MODE ----------"
233 | 	CMD="${CMD_CRON}"
234 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
235 | 
236 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
237 | 		echo "---------- NORMAL MODE ----------"
238 | 		CMD="${CMD_NORM}"
239 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
240 | 	fi
241 | 
242 | 	echo "---------- NORMAL MODE VERBOSE ----------"
243 | 	CMD="${CMD_VERB}"
244 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
245 | 
246 | sed_change_config_file "^DUMP_FILE_CHMOD=\"0400a\""  "DUMP_FILE_CHMOD=\"0400\""
247 | 
248 | 
249 | 
250 | echo
251 | echo "----------------------------------------"
252 | echo " 2.3.3 DUMP_FILE_CHMOD=\"abc\""
253 | echo "----------------------------------------"
254 | echo
255 | sed_change_config_file "^DUMP_FILE_CHMOD=\"0400\""  "DUMP_FILE_CHMOD=\"abc\""
256 | 
257 | 	echo "---------- CRON MODE ----------"
258 | 	CMD="${CMD_CRON}"
259 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
260 | 
261 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
262 | 		echo "---------- NORMAL MODE ----------"
263 | 		CMD="${CMD_NORM}"
264 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
265 | 	fi
266 | 
267 | 	echo "---------- NORMAL MODE VERBOSE ----------"
268 | 	CMD="${CMD_VERB}"
269 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
270 | 
271 | sed_change_config_file "^DUMP_FILE_CHMOD=\"abc\""  "DUMP_FILE_CHMOD=\"0400\""
272 | 
273 | 
274 | 
275 | 
276 | echo
277 | echo "----------------------------------------"
278 | echo " 2.3.4 DUMP_FILE_CHMOD=\"\""
279 | echo "----------------------------------------"
280 | echo
281 | sed_change_config_file "^DUMP_FILE_CHMOD=\"0400\""  "DUMP_FILE_CHMOD=\"\""
282 | 
283 | 	echo "---------- CRON MODE ----------"
284 | 	CMD="${CMD_CRON}"
285 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
286 | 
287 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
288 | 		echo "---------- NORMAL MODE ----------"
289 | 		CMD="${CMD_NORM}"
290 | 		if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
291 | 	fi
292 | 
293 | 	echo "---------- NORMAL MODE VERBOSE ----------"
294 | 	CMD="${CMD_VERB}"
295 | 	if ! check "1" "1" "WARN" "1" "\$DUMP_FILE_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
296 | 
297 | sed_change_config_file "^DUMP_FILE_CHMOD=\"\""  "DUMP_FILE_CHMOD=\"0400\""
298 | 
299 | 
300 | 
301 | 
302 | echo
303 | echo
304 | if [ "$ERROR" = "0" ]; then
305 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
306 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [02] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
307 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
308 | else
309 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
310 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [02] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
311 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
312 | fi
313 | exit $ERROR
314 | 


--------------------------------------------------------------------------------
/test/01-check_normal-operation.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  1.  C H E C K I N G   N O R M A L   O P E R A T I O N"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  1.1 Test mode"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 1.1.1 Test mode first run"
 30 | echo "----------------------------------------"
 31 | echo "\$ ${txtblu}${CMD_TEST}${txtrst}"
 32 | 
 33 | mds_remove_logfiles
 34 | mds_remove_datadir
 35 | if ! eval "${CMD_TEST}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK]${txtrst}"; fi
 36 | 
 37 | 
 38 | 
 39 | 
 40 | echo
 41 | echo "----------------------------------------"
 42 | echo " 1.1.2 Test mode second run"
 43 | echo "----------------------------------------"
 44 | echo "\$ ${txtblu}${CMD_TEST}${txtrst}"
 45 | 
 46 | mds_recreate_datadir
 47 | if ! eval "${CMD_TEST}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK]${txtrst}"; fi
 48 | 
 49 | 
 50 | 
 51 | 
 52 | 
 53 | echo
 54 | echo
 55 | echo "--------------------------------------------------------------------------------"
 56 | echo "-"
 57 | echo "-  1.2 Normal mode"
 58 | echo "-"
 59 | echo "--------------------------------------------------------------------------------"
 60 | 
 61 | echo
 62 | echo "----------------------------------------"
 63 | echo " 1.2.1 Normal mode first run"
 64 | echo "----------------------------------------"
 65 | echo "\$ ${txtblu}${CMD_VERB}${txtrst}"
 66 | 
 67 | mds_remove_logfiles
 68 | mds_remove_datadir
 69 | if eval "${CMD_VERB}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED] Unexpected OK${txtrst}"; else echo "${txtgrn}===> [OK] Expected not OK${txtrst}"; fi
 70 | 
 71 | 
 72 | 
 73 | echo
 74 | echo "----------------------------------------"
 75 | echo " 1.2.2 Normal mode second run"
 76 | echo "----------------------------------------"
 77 | echo "\$ ${txtblu}${CMD_VERB}${txtrst}"
 78 | 
 79 | mds_recreate_datadir
 80 | if ! eval "${CMD_VERB}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK]${txtrst}"; fi
 81 | 
 82 | 
 83 | 
 84 | echo
 85 | echo "----------------------------------------"
 86 | echo " 1.2.3 Normal mode third run (del files)"
 87 | echo "----------------------------------------"
 88 | echo "\$ ${txtblu}${CMD_VERB}${txtrst}"
 89 | 
 90 | mds_recreate_datadir
 91 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-1.txt && sudo chmod 400 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-1.txt
 92 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-2.txt && sudo chmod 400 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-2.txt
 93 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-3.txt && sudo chmod 400 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-3.txt
 94 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-4.txt && sudo chmod 400 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-4.txt
 95 | sudo ls -la ${_INSTALL_PREFIX}/var/mysqldump-secure/
 96 | if ! eval "${CMD_VERB}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK]${txtrst}"; fi
 97 | sudo ls -la ${_INSTALL_PREFIX}/var/mysqldump-secure/
 98 | 
 99 | 
100 | 
101 | 
102 | echo
103 | echo
104 | echo "--------------------------------------------------------------------------------"
105 | echo "-"
106 | echo "-  1.3 Cron mode (--cron)"
107 | echo "-"
108 | echo "--------------------------------------------------------------------------------"
109 | echo "\$ ${txtblu}${CMD_CRON}${txtrst}"
110 | 
111 | echo
112 | echo "----------------------------------------"
113 | echo " 1.3.1 Cron mode first run"
114 | echo "----------------------------------------"
115 | 
116 | mds_remove_logfiles
117 | mds_remove_datadir
118 | if eval "${CMD_CRON}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED] Unexpected OK${txtrst}"; else echo "${txtgrn}===> [OK] Expected not OK${txtrst}"; fi
119 | 
120 | 
121 | 
122 | echo
123 | echo "----------------------------------------"
124 | echo " 1.3.2 Cron mode second run"
125 | echo "----------------------------------------"
126 | echo "\$ ${txtblu}${CMD_CRON}${txtrst}"
127 | 
128 | mds_recreate_datadir
129 | if ! eval "${CMD_CRON}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK]${txtrst}"; fi
130 | 
131 | 
132 | 
133 | echo
134 | echo "----------------------------------------"
135 | echo " 1.3.3 Cron mode third run (del files)"
136 | echo "----------------------------------------"
137 | echo "\$ ${txtblu}${CMD_CRON}${txtrst}"
138 | 
139 | mds_recreate_datadir
140 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-1.txt
141 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-2.txt
142 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-3.txt
143 | sudo touch -a -m -t 201512180130.09 ${_INSTALL_PREFIX}/var/mysqldump-secure/delete-me-4.txt
144 | if ! eval "${CMD_CRON}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK]${txtrst}"; fi
145 | 
146 | 
147 | 
148 | 
149 | echo
150 | echo
151 | echo "--------------------------------------------------------------------------------"
152 | echo "-"
153 | echo "-  1.4 cmd arguments"
154 | echo "-"
155 | echo "--------------------------------------------------------------------------------"
156 | 
157 | echo
158 | echo "----------------------------------------"
159 | echo " 1.4.1 --help"
160 | echo "----------------------------------------"
161 | echo "\$ ${txtblu}${CMD_HELP}${txtrst}"
162 | 
163 | # MUST PASS
164 | mds_recreate_datadir
165 | if ! eval "${CMD_HELP}"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK]${txtrst}"; fi
166 | 
167 | 
168 | 
169 | echo
170 | echo "----------------------------------------"
171 | echo " 1.4.2 --conf (does not exist)"
172 | echo "----------------------------------------"
173 | echo "\$ ${txtblu}${CMD_VERB} --conf=${_INSTALL_PREFIX}/etc/nothere${txtrst}"
174 | 
175 | # MUST FAIL
176 | mds_recreate_datadir
177 | if eval "${CMD_VERB} --conf=${_INSTALL_PREFIX}/etc/nothere"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK] Expected error${txtrst}"; fi
178 | 
179 | 
180 | 
181 | echo
182 | echo "----------------------------------------"
183 | echo " 1.4.3 --conf (random file)"
184 | echo "----------------------------------------"
185 | echo "\$ ${txtblu}${CMD_VERB} --conf=${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf${txtrst}"
186 | 
187 | # MUST FAIL
188 | mds_recreate_datadir
189 | if eval "${CMD_VERB} --conf=${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK] Expected error${txtrst}"; fi
190 | 
191 | 
192 | 
193 | echo
194 | echo "----------------------------------------"
195 | echo " 1.4.4 wrong argument"
196 | echo "----------------------------------------"
197 | echo "\$ ${txtblu}${CMD_VERB} --wrong${txtrst}"
198 | 
199 | # MUST FAIL
200 | mds_recreate_datadir
201 | if eval "${CMD_VERB} --wrong"; then ERROR=$((ERROR+1)); echo "${txtpur}===> [FAILED]${txtrst}"; else echo "${txtgrn}===> [OK] Expected error${txtrst}"; fi
202 | 
203 | 
204 | 
205 | 
206 | 
207 | echo
208 | echo
209 | echo "--------------------------------------------------------------------------------"
210 | echo "-"
211 | echo "-  1.5 Importing files back into Database"
212 | echo "-"
213 | echo "--------------------------------------------------------------------------------"
214 | 
215 | echo
216 | echo "----------------------------------------"
217 | echo " 1.5.1 Compressed & Encrypted"
218 | echo "----------------------------------------"
219 | echo
220 | 
221 |   echo "---------- CRON MODE ----------"
222 |   CMD="${CMD_CRON}"
223 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "4" "${CMD}"; then ERROR=$((ERROR+1)); fi
224 | 
225 |   echo "---------- NORMAL MODE ----------"
226 |   CMD="${CMD_NORM}"
227 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "4" "${CMD}"; then ERROR=$((ERROR+1)); fi
228 | 
229 |   echo "---------- NORMAL MODE VERBOSE ----------"
230 |   CMD="${CMD_VERB}"
231 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "4" "${CMD}"; then ERROR=$((ERROR+1)); fi
232 | 
233 | 
234 | echo
235 | echo "----------------------------------------"
236 | echo " 1.5.2 Encrypted"
237 | echo "----------------------------------------"
238 | echo
239 | sed_change_config_file "^COMPRESS=1"  "COMPRESS=0"
240 | 
241 |   echo "---------- CRON MODE ----------"
242 |   CMD="${CMD_CRON}"
243 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "3" "${CMD}"; then ERROR=$((ERROR+1)); fi
244 | 
245 |   echo "---------- NORMAL MODE ----------"
246 |   CMD="${CMD_NORM}"
247 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "3" "${CMD}"; then ERROR=$((ERROR+1)); fi
248 | 
249 |   echo "---------- NORMAL MODE VERBOSE ----------"
250 |   CMD="${CMD_VERB}"
251 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "3" "${CMD}"; then ERROR=$((ERROR+1)); fi
252 | 
253 | sed_change_config_file "^COMPRESS=0"  "COMPRESS=1"
254 | 
255 | 
256 | echo
257 | echo "----------------------------------------"
258 | echo " 1.5.3 Compressed"
259 | echo "----------------------------------------"
260 | echo
261 | sed_change_config_file "^ENCRYPT=1"  "ENCRYPT=0"
262 | 
263 |   echo "---------- CRON MODE ----------"
264 |   CMD="${CMD_CRON}"
265 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "2" "${CMD}"; then ERROR=$((ERROR+1)); fi
266 | 
267 |   echo "---------- NORMAL MODE ----------"
268 |   CMD="${CMD_NORM}"
269 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "2" "${CMD}"; then ERROR=$((ERROR+1)); fi
270 | 
271 |   echo "---------- NORMAL MODE VERBOSE ----------"
272 |   CMD="${CMD_VERB}"
273 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "2" "${CMD}"; then ERROR=$((ERROR+1)); fi
274 | 
275 | sed_change_config_file "^ENCRYPT=0"  "ENCRYPT=1"
276 | 
277 | 
278 | echo
279 | echo "----------------------------------------"
280 | echo " 1.5.4 Plain"
281 | echo "----------------------------------------"
282 | echo
283 | sed_change_config_file "^COMPRESS=1"  "COMPRESS=0"
284 | sed_change_config_file "^ENCRYPT=1"  "ENCRYPT=0"
285 | 
286 |   echo "---------- CRON MODE ----------"
287 |   CMD="${CMD_CRON}"
288 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "1" "${CMD}"; then ERROR=$((ERROR+1)); fi
289 | 
290 |   echo "---------- NORMAL MODE ----------"
291 |   CMD="${CMD_NORM}"
292 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "1" "${CMD}"; then ERROR=$((ERROR+1)); fi
293 | 
294 |   echo "---------- NORMAL MODE VERBOSE ----------"
295 |   CMD="${CMD_VERB}"
296 |   if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "1" "${CMD}"; then ERROR=$((ERROR+1)); fi
297 | 
298 | sed_change_config_file "^ENCRYPT=0"  "ENCRYPT=1"
299 | sed_change_config_file "^COMPRESS=0"  "COMPRESS=1"
300 | 
301 | 
302 | 
303 | 
304 | 
305 | 
306 | 
307 | echo
308 | echo
309 | if [ "$ERROR" = "0" ]; then
310 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
311 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [01] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
312 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
313 | else
314 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
315 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [01] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
316 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
317 | fi
318 | exit $ERROR
319 | 


--------------------------------------------------------------------------------
/test/03-check_connection_settings.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  3.  C H E C K I N G   M Y S Q L   C O N N E C T I O N   S E T T I N G S"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  3.1 \$MYSQL_CNF_FILE"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 3.1.1 #MYSQL_CNF_FILE=\"/etc/mysqldump-secure.cnf\""
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^MYSQL_CNF_FILE="  "#MYSQL_CNF_FILE="
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_CNF_FILE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 39 | 		echo "---------- NORMAL MODE ----------"
 40 | 		CMD="${CMD_NORM}"
 41 | 		if ! check "1" "1" "ABORT" "1" "\$MYSQL_CNF_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 42 | 	fi
 43 | 
 44 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 45 | 	CMD="${CMD_VERB}"
 46 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_CNF_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 47 | 
 48 | sed_change_config_file "^#MYSQL_CNF_FILE="  "MYSQL_CNF_FILE="
 49 | 
 50 | 
 51 | 
 52 | echo
 53 | echo "----------------------------------------"
 54 | echo " 3.1.2 MYSQL_CNF_FILE=\"/etc/mysqldump-secure.cnf2\""
 55 | echo "----------------------------------------"
 56 | echo
 57 | sed_change_config_file "mysqldump-secure.cnf"  "mysqldump-secure.cnf.notfound"
 58 | 
 59 | 	echo "---------- CRON MODE ----------"
 60 | 	CMD="${CMD_CRON}"
 61 | 	if ! check "1" "1" "ABORT" "1" "mysqldump-secure.cnf.notfound" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 62 | 
 63 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 64 | 		echo "---------- NORMAL MODE ----------"
 65 | 		CMD="${CMD_NORM}"
 66 | 		if ! check "1" "1" "ABORT" "1" "mysqldump-secure.cnf.notfound" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 67 | 	fi
 68 | 
 69 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 70 | 	CMD="${CMD_VERB}"
 71 | 	if ! check "1" "1" "ABORT" "1" "mysqldump-secure.cnf.notfound" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 72 | 
 73 | sed_change_config_file "mysqldump-secure.cnf.notfound"  "mysqldump-secure.cnf"
 74 | 
 75 | 
 76 | 
 77 | echo
 78 | echo "----------------------------------------"
 79 | echo " 3.1.3 MYSQL_CNF_FILE=\"\""
 80 | echo "----------------------------------------"
 81 | echo
 82 | sed_change_config_file "^MYSQL_CNF_FILE=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf\""  "MYSQL_CNF_FILE=\"\""
 83 | 
 84 | 	echo "---------- CRON MODE ----------"
 85 | 	CMD="${CMD_CRON}"
 86 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_CNF_FILE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 87 | 
 88 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 89 | 		echo "---------- NORMAL MODE ----------"
 90 | 		CMD="${CMD_NORM}"
 91 | 		if ! check "1" "1" "ABORT" "1" "\$MYSQL_CNF_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 92 | 	fi
 93 | 
 94 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 95 | 	CMD="${CMD_VERB}"
 96 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_CNF_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 97 | 
 98 | sed_change_config_file "^MYSQL_CNF_FILE=\"\""  "MYSQL_CNF_FILE=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.cnf\""
 99 | 
100 | 
101 | 
102 | 
103 | 
104 | echo
105 | echo
106 | echo "--------------------------------------------------------------------------------"
107 | echo "-"
108 | echo "-  3.2 \$MYSQL_SSL_ENABLE"
109 | echo "-"
110 | echo "--------------------------------------------------------------------------------"
111 | 
112 | echo
113 | echo "----------------------------------------"
114 | echo " 3.2.1 #MYSQL_SSL_ENABLE=1"
115 | echo "----------------------------------------"
116 | echo
117 | sed_change_config_file "^MYSQL_SSL_ENABLE="  "#MYSQL_SSL_ENABLE="
118 | 
119 | 	echo "---------- CRON MODE ----------"
120 | 	CMD="${CMD_CRON}"
121 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
122 | 
123 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
124 | 		echo "---------- NORMAL MODE ----------"
125 | 		CMD="${CMD_NORM}"
126 | 		if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
127 | 	fi
128 | 
129 | 	echo "---------- NORMAL MODE VERBOSE ----------"
130 | 	CMD="${CMD_VERB}"
131 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
132 | 
133 | sed_change_config_file "^#MYSQL_SSL_ENABLE="  "MYSQL_SSL_ENABLE="
134 | 
135 | 
136 | 
137 | echo
138 | echo "----------------------------------------"
139 | echo " 3.2.2 MYSQL_SSL_ENABLE=2"
140 | echo "----------------------------------------"
141 | echo
142 | sed_change_config_file "^MYSQL_SSL_ENABLE=1"  "MYSQL_SSL_ENABLE=2"
143 | 
144 | 	echo "---------- CRON MODE ----------"
145 | 	CMD="${CMD_CRON}"
146 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
147 | 
148 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
149 | 		echo "---------- NORMAL MODE ----------"
150 | 		CMD="${CMD_NORM}"
151 | 		if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
152 | 	fi
153 | 
154 | 	echo "---------- NORMAL MODE VERBOSE ----------"
155 | 	CMD="${CMD_VERB}"
156 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
157 | 
158 | sed_change_config_file "^MYSQL_SSL_ENABLE=2"  "MYSQL_SSL_ENABLE=1"
159 | 
160 | 
161 | 
162 | echo
163 | echo "----------------------------------------"
164 | echo " 3.2.3 MYSQL_SSL_ENABLE="
165 | echo "----------------------------------------"
166 | echo
167 | sed_change_config_file "^MYSQL_SSL_ENABLE=1"  "MYSQL_SSL_ENABLE="
168 | 
169 | 	echo "---------- CRON MODE ----------"
170 | 	CMD="${CMD_CRON}"
171 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
172 | 
173 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
174 | 		echo "---------- NORMAL MODE ----------"
175 | 		CMD="${CMD_NORM}"
176 | 		if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
177 | 	fi
178 | 
179 | 	echo "---------- NORMAL MODE VERBOSE ----------"
180 | 	CMD="${CMD_VERB}"
181 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_ENABLE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
182 | 
183 | sed_change_config_file "^MYSQL_SSL_ENABLE="  "MYSQL_SSL_ENABLE=1"
184 | 
185 | 
186 | echo
187 | echo "----------------------------------------"
188 | echo " 3.2.4 MYSQL_SSL_ENABLE=0"
189 | echo "----------------------------------------"
190 | echo
191 | sed_change_config_file "^MYSQL_SSL_ENABLE=1"  "MYSQL_SSL_ENABLE=0"
192 | 
193 | 	echo "---------- CRON MODE ----------"
194 | 	CMD="${CMD_CRON}"
195 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
196 | 
197 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
198 | 		echo "---------- NORMAL MODE ----------"
199 | 		CMD="${CMD_NORM}"
200 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
201 | 	fi
202 | 
203 | 	echo "---------- NORMAL MODE VERBOSE ----------"
204 | 	CMD="${CMD_VERB}"
205 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
206 | 
207 | sed_change_config_file "^MYSQL_SSL_ENABLE=0"  "MYSQL_SSL_ENABLE=1"
208 | 
209 | 
210 | 
211 | echo
212 | echo
213 | echo "--------------------------------------------------------------------------------"
214 | echo "-"
215 | echo "-  3.3 \$MYSQL_SSL_CA_PEM"
216 | echo "-"
217 | echo "--------------------------------------------------------------------------------"
218 | 
219 | echo
220 | echo "----------------------------------------"
221 | echo " 3.3.1 #MYSQL_SSL_CA_PEM"
222 | echo "----------------------------------------"
223 | echo
224 | sed_change_config_file "^MYSQL_SSL_CA_PEM"  "#MYSQL_SSL_CA_PEM"
225 | 
226 | 	echo "---------- CRON MODE ----------"
227 | 	CMD="${CMD_CRON}"
228 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_CA_PEM" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
229 | 
230 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
231 | 		echo "---------- NORMAL MODE ----------"
232 | 		CMD="${CMD_NORM}"
233 | 		if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_CA_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
234 | 	fi
235 | 
236 | 	echo "---------- NORMAL MODE VERBOSE ----------"
237 | 	CMD="${CMD_VERB}"
238 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_CA_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
239 | 
240 | sed_change_config_file "^#MYSQL_SSL_CA_PEM"  "MYSQL_SSL_CA_PEM"
241 | 
242 | 
243 | 
244 | 
245 | echo
246 | echo "----------------------------------------"
247 | echo " 3.3.2 MYSQL_SSL_CA_PEM=\"ca.pem.notfound\""
248 | echo "----------------------------------------"
249 | echo
250 | sed_change_config_file "ca.pem"  "ca.pem.notfound"
251 | 
252 | 	echo "---------- CRON MODE ----------"
253 | 	CMD="${CMD_CRON}"
254 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_CA_PEM" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
255 | 
256 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
257 | 		echo "---------- NORMAL MODE ----------"
258 | 		CMD="${CMD_NORM}"
259 | 		if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_CA_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
260 | 	fi
261 | 
262 | 	echo "---------- NORMAL MODE VERBOSE ----------"
263 | 	CMD="${CMD_VERB}"
264 | 	if ! check "1" "1" "ABORT" "1" "\$MYSQL_SSL_CA_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
265 | 
266 | sed_change_config_file "ca.pem.notfound"  "ca.pem"
267 | 
268 | 
269 | 
270 | 	# 9.f [ABORT] $MYSQL_SSL_CLIENT_CERT_PEM
271 | 	# TODO:
272 | 	#- echo "---------- \$MYSQL_SSL_CLIENT_CERT_PEM ----------"
273 | 	#- sudo sed -i'' 's/MYSQL_SSL_CLIENT_CERT_PEM/#MYSQL_SSL_CLIENT_CERT_PEM/' /etc/mysqldump-secure.conf
274 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure --cron
275 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure
276 | 	#- sudo sed -i'' 's/#MYSQL_SSL_CLIENT_CERT_PEM/MYSQL_SSL_CLIENT_CERT_PEM/' /etc/mysqldump-secure.conf
277 | 
278 | 	#- echo "---------- \$MYSQL_SSL_CLIENT_CERT_PEM ----------"
279 | 	#- sudo sed -i'' 's/client-cert.pem/client-cert.pem2/' /etc/mysqldump-secure.conf
280 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure --cron
281 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure
282 | 	#- sudo sed -i'' 's/client-cert.pem2/client-cert.pem/' /etc/mysqldump-secure.conf
283 | 
284 | 
285 | 	# 9.g [ABORT] $MYSQL_SSL_CLIENT_KEY_PEM
286 | 	# TODO:
287 | 	#- echo "---------- \$MYSQL_SSL_CLIENT_KEY_PEM ----------"
288 | 	#- sudo sed -i'' 's/MYSQL_SSL_CLIENT_KEY_PEM/#MYSQL_SSL_CLIENT_KEY_PEM/' /etc/mysqldump-secure.conf
289 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure --cron
290 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure
291 | 	#- sudo sed -i'' 's/#MYSQL_SSL_CLIENT_KEY_PEM/MYSQL_SSL_CLIENT_KEY_PEM/' /etc/mysqldump-secure.conf
292 | 
293 | 	#- echo "---------- \$MYSQL_SSL_CLIENT_KEY_PEM ----------"
294 | 	#- sudo sed -i'' 's/client-key.pem/client-key.pem2/' /etc/mysqldump-secure.conf
295 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure --cron
296 | 	#- sudo ${_INSTALL_PREFIX}/bin/mysqldump-secure
297 | 	#- sudo sed -i'' 's/client-key.pem2/client-key.pem/' /etc/mysqldump-secure.conf
298 | 
299 | 
300 | 
301 | 
302 | 
303 | 
304 | 
305 | 
306 | 
307 | echo
308 | echo
309 | if [ "$ERROR" = "0" ]; then
310 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
311 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [03] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
312 | 	echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
313 | else
314 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
315 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [03] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
316 | 	echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
317 | fi
318 | exit $ERROR
319 | 


--------------------------------------------------------------------------------
/test/06-check_logging.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  6.  C H E C K I N G   L O G G I N G"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  6.1 \$LOG"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 6.1.1 #LOG=2"
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^LOG=2"  "#LOG=2"
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 39 | 		echo "---------- NORMAL MODE ----------"
 40 | 		CMD="${CMD_NORM}"
 41 | 		if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 42 | 	fi
 43 | 
 44 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 45 | 	CMD="${CMD_VERB}"
 46 | 	if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 47 | 
 48 | sed_change_config_file "^#LOG=2"  "LOG=2"
 49 | 
 50 | 
 51 | 
 52 | echo
 53 | echo "----------------------------------------"
 54 | echo " 6.1.2 LOG=4"
 55 | echo "----------------------------------------"
 56 | echo
 57 | sed_change_config_file "^LOG=2"  "LOG=4"
 58 | 
 59 | 	echo "---------- CRON MODE ----------"
 60 | 	CMD="${CMD_CRON}"
 61 | 	if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 62 | 
 63 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 64 | 		echo "---------- NORMAL MODE ----------"
 65 | 		CMD="${CMD_NORM}"
 66 | 		if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 67 | 	fi
 68 | 
 69 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 70 | 	CMD="${CMD_VERB}"
 71 | 	if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 72 | 
 73 | sed_change_config_file "^LOG=4"  "LOG=2"
 74 | 
 75 | 
 76 | 
 77 | echo
 78 | echo "----------------------------------------"
 79 | echo " 6.1.3 LOG=\"wrong\""
 80 | echo "----------------------------------------"
 81 | echo
 82 | sed_change_config_file "^LOG=2"  "LOG=\"wrong\""
 83 | 
 84 | 	echo "---------- CRON MODE ----------"
 85 | 	CMD="${CMD_CRON}"
 86 | 	if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 87 | 
 88 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 89 | 		echo "---------- NORMAL MODE ----------"
 90 | 		CMD="${CMD_NORM}"
 91 | 		if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 92 | 	fi
 93 | 
 94 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 95 | 	CMD="${CMD_VERB}"
 96 | 	if ! check "1" "1" "WARN" "1" "\$LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 97 | 
 98 | sed_change_config_file "^LOG=\"wrong\""  "LOG=2"
 99 | 
100 | 
101 | 
102 | echo
103 | echo "----------------------------------------"
104 | echo " 6.1.4 LOG=0"
105 | echo "----------------------------------------"
106 | echo
107 | sed_change_config_file "^LOG=2"  "LOG=0"
108 | 
109 | 	echo "---------- CRON MODE ----------"
110 | 	CMD="${CMD_CRON}"
111 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
112 | 
113 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
114 | 		echo "---------- NORMAL MODE ----------"
115 | 		CMD="${CMD_NORM}"
116 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
117 | 	fi
118 | 
119 | 	echo "---------- NORMAL MODE VERBOSE ----------"
120 | 	CMD="${CMD_VERB}"
121 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
122 | 
123 | sed_change_config_file "^LOG=0"  "LOG=2"
124 | 
125 | 
126 | 
127 | 
128 | echo
129 | echo
130 | echo "--------------------------------------------------------------------------------"
131 | echo "-"
132 | echo "-  6.2 \$LOG_CHMOD"
133 | echo "-"
134 | echo "--------------------------------------------------------------------------------"
135 | 
136 | echo
137 | echo "----------------------------------------"
138 | echo " 6.2.1 #LOG_CHMOD=\"0600\""
139 | echo "----------------------------------------"
140 | echo
141 | sed_change_config_file "^LOG_CHMOD=\"0600\""  "#LOG_CHMOD=\"0600\""
142 | 
143 | 	echo "---------- CRON MODE ----------"
144 | 	CMD="${CMD_CRON}"
145 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
146 | 
147 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
148 | 		echo "---------- NORMAL MODE ----------"
149 | 		CMD="${CMD_NORM}"
150 | 		if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
151 | 	fi
152 | 
153 | 	echo "---------- NORMAL MODE VERBOSE ----------"
154 | 	CMD="${CMD_VERB}"
155 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
156 | 
157 | sed_change_config_file "^#LOG_CHMOD=\"0600\""  "LOG_CHMOD=\"0600\""
158 | 
159 | 
160 | 
161 | echo
162 | echo "----------------------------------------"
163 | echo " 6.2.2 LOG_CHMOD=\"0600a\""
164 | echo "----------------------------------------"
165 | echo
166 | sed_change_config_file "^LOG_CHMOD=\"0600\""  "LOG_CHMOD=\"0600a\""
167 | 
168 | 	echo "---------- CRON MODE ----------"
169 | 	CMD="${CMD_CRON}"
170 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
171 | 
172 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
173 | 		echo "---------- NORMAL MODE ----------"
174 | 		CMD="${CMD_NORM}"
175 | 		if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
176 | 	fi
177 | 
178 | 	echo "---------- NORMAL MODE VERBOSE ----------"
179 | 	CMD="${CMD_VERB}"
180 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
181 | 
182 | sed_change_config_file "^LOG_CHMOD=\"0600a\""  "LOG_CHMOD=\"0600\""
183 | 
184 | 
185 | 
186 | echo
187 | echo "----------------------------------------"
188 | echo " 6.2.3 LOG_CHMOD=\"wrong\""
189 | echo "----------------------------------------"
190 | echo
191 | sed_change_config_file "^LOG_CHMOD=\"0600\""  "LOG_CHMOD=\"wrong\""
192 | 
193 | 	echo "---------- CRON MODE ----------"
194 | 	CMD="${CMD_CRON}"
195 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
196 | 
197 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
198 | 		echo "---------- NORMAL MODE ----------"
199 | 		CMD="${CMD_NORM}"
200 | 		if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
201 | 	fi
202 | 
203 | 	echo "---------- NORMAL MODE VERBOSE ----------"
204 | 	CMD="${CMD_VERB}"
205 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
206 | 
207 | sed_change_config_file "^LOG_CHMOD=\"wrong\""  "LOG_CHMOD=\"0600\""
208 | 
209 | 
210 | 
211 | echo
212 | echo "----------------------------------------"
213 | echo " 6.2.4 LOG_CHMOD=\"\""
214 | echo "----------------------------------------"
215 | echo
216 | sed_change_config_file "^LOG_CHMOD=\"0600\""  "LOG_CHMOD=\"\""
217 | 
218 | 	echo "---------- CRON MODE ----------"
219 | 	CMD="${CMD_CRON}"
220 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
221 | 
222 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
223 | 		echo "---------- NORMAL MODE ----------"
224 | 		CMD="${CMD_NORM}"
225 | 		if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
226 | 	fi
227 | 
228 | 	echo "---------- NORMAL MODE VERBOSE ----------"
229 | 	CMD="${CMD_VERB}"
230 | 	if ! check "1" "1" "WARN" "1" "\$LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
231 | 
232 | sed_change_config_file "^LOG_CHMOD=\"\""  "LOG_CHMOD=\"0600\""
233 | 
234 | 
235 | 
236 | 
237 | 
238 | 
239 | 
240 | echo
241 | echo
242 | echo "--------------------------------------------------------------------------------"
243 | echo "-"
244 | echo "-  6.3 \$LOG_FILE"
245 | echo "-"
246 | echo "--------------------------------------------------------------------------------"
247 | 
248 | echo
249 | echo "----------------------------------------"
250 | echo " 6.3.1 #LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.log\""
251 | echo "----------------------------------------"
252 | echo
253 | sed_change_config_file "^LOG_FILE="  "#LOG_FILE="
254 | 
255 | 	echo "---------- CRON MODE ----------"
256 | 	CMD="${CMD_CRON}"
257 | 	if ! check "1" "1" "WARN" "1" "\$LOG_FILE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
258 | 
259 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
260 | 		echo "---------- NORMAL MODE ----------"
261 | 		CMD="${CMD_NORM}"
262 | 		if ! check "1" "1" "WARN" "1" "\$LOG_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
263 | 	fi
264 | 
265 | 	echo "---------- NORMAL MODE VERBOSE ----------"
266 | 	CMD="${CMD_VERB}"
267 | 	if ! check "1" "1" "WARN" "1" "\$LOG_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
268 | 
269 | sed_change_config_file "^#LOG_FILE="  "LOG_FILE="
270 | 
271 | 
272 | 
273 | echo
274 | echo "----------------------------------------"
275 | echo " 6.3.2 LOG_FILE=\"/var/log/mysqldump-secure.log.wrong\""
276 | echo "----------------------------------------"
277 | echo
278 | sed_change_config_file "/var/log/mysqldump-secure.log"  "/var/log/mysqldump-secure.log.wrong"
279 | 
280 | 	echo "---------- CRON MODE ----------"
281 | 	CMD="${CMD_CRON}"
282 | 	if ! check "1" "1" "WARN" "1" "Log file does not exist" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
283 | 	sudo rm ${_INSTALL_PREFIX}/var/log/mysqldump-secure.log.wrong
284 | 
285 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
286 | 		echo "---------- NORMAL MODE ----------"
287 | 		CMD="${CMD_NORM}"
288 | 		if ! check "1" "1" "WARN" "1" "Log file does not exist" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
289 | 		sudo rm ${_INSTALL_PREFIX}/var/log/mysqldump-secure.log.wrong
290 | 	fi
291 | 
292 | 	echo "---------- NORMAL MODE VERBOSE ----------"
293 | 	CMD="${CMD_VERB}"
294 | 	if ! check "1" "1" "WARN" "1" "Log file does not exist" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
295 | 	sudo rm ${_INSTALL_PREFIX}/var/log/mysqldump-secure.log.wrong
296 | 
297 | sed_change_config_file "/var/log/mysqldump-secure.log.wrong"  "/var/log/mysqldump-secure.log"
298 | 
299 | 
300 | 
301 | echo
302 | echo "----------------------------------------"
303 | echo " 6.3.3 LOG_FILE=\"/var/log/dir1/dir2/mysqldump-secure.log\""
304 | echo "----------------------------------------"
305 | echo
306 | sed_change_config_file "/var/log/mysqldump-secure.log"  "/var/log/dir1/dir2/mysqldump-secure.log"
307 | 
308 | 	echo "---------- CRON MODE ----------"
309 | 	CMD="${CMD_CRON}"
310 | 	if ! check "1" "1" "WARN" "1" "/var/log/dir1/dir2/mysqldump-secure.log" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
311 | 	sudo rm -rf ${_INSTALL_PREFIX}/var/log/dir1
312 | 
313 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
314 | 		echo "---------- NORMAL MODE ----------"
315 | 		CMD="${CMD_NORM}"
316 | 		if ! check "1" "1" "WARN" "1" "/var/log/dir1/dir2/mysqldump-secure.log" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
317 | 		sudo rm -rf ${_INSTALL_PREFIX}/var/log/dir1
318 | 	fi
319 | 
320 | 	echo "---------- NORMAL MODE VERBOSE ----------"
321 | 	CMD="${CMD_VERB}"
322 | 	if ! check "1" "1" "WARN" "1" "/var/log/dir1/dir2/mysqldump-secure.log" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
323 | 	sudo rm -rf ${_INSTALL_PREFIX}/var/log/dir1
324 | 
325 | sed_change_config_file "/var/log/dir1/dir2/mysqldump-secure.log"  "/var/log/mysqldump-secure.log"
326 | 
327 | 
328 | 
329 | 
330 | 
331 | 
332 | 
333 | echo
334 | echo
335 | if [ "$ERROR" = "0" ]; then
336 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
337 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [06] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
338 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
339 | else
340 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
341 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [06] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
342 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
343 | fi
344 | exit $ERROR
345 | 


--------------------------------------------------------------------------------
/test/08-check_encryption.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  8.  C H E C K I N G   E N C R Y P T I O N"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  8.1 \$ENCRYPT"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 8.1.1 #ENCRYPT=1"
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^ENCRYPT=1"  "#ENCRYPT=1"
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 39 | 		echo "---------- NORMAL MODE ----------"
 40 | 		CMD="${CMD_NORM}"
 41 | 		if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 42 | 	fi
 43 | 
 44 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 45 | 	CMD="${CMD_VERB}"
 46 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 47 | 
 48 | sed_change_config_file "^#ENCRYPT=1"  "ENCRYPT=1"
 49 | 
 50 | 
 51 | 
 52 | echo
 53 | echo "----------------------------------------"
 54 | echo " 8.1.2 ENCRYPT=2"
 55 | echo "----------------------------------------"
 56 | echo
 57 | sed_change_config_file "^ENCRYPT=1"  "ENCRYPT=2"
 58 | 
 59 | 	echo "---------- CRON MODE ----------"
 60 | 	CMD="${CMD_CRON}"
 61 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 62 | 
 63 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 64 | 		echo "---------- NORMAL MODE ----------"
 65 | 		CMD="${CMD_NORM}"
 66 | 		if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 67 | 	fi
 68 | 
 69 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 70 | 	CMD="${CMD_VERB}"
 71 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 72 | 
 73 | sed_change_config_file "^ENCRYPT=2"  "ENCRYPT=1"
 74 | 
 75 | 
 76 | 
 77 | echo
 78 | echo "----------------------------------------"
 79 | echo " 8.1.3 ENCRYPT=\"wrong\""
 80 | echo "----------------------------------------"
 81 | echo
 82 | sed_change_config_file "^ENCRYPT=1"  "ENCRYPT=\"wrong\""
 83 | 
 84 | 	echo "---------- CRON MODE ----------"
 85 | 	CMD="${CMD_CRON}"
 86 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 87 | 
 88 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 89 | 		echo "---------- NORMAL MODE ----------"
 90 | 		CMD="${CMD_NORM}"
 91 | 		if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 92 | 	fi
 93 | 
 94 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 95 | 	CMD="${CMD_VERB}"
 96 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 97 | 
 98 | sed_change_config_file "^ENCRYPT=\"wrong\""  "ENCRYPT=1"
 99 | 
100 | 
101 | 
102 | echo
103 | echo "----------------------------------------"
104 | echo " 8.1.4 ENCRYPT=\"\""
105 | echo "----------------------------------------"
106 | echo
107 | sed_change_config_file "^ENCRYPT=1"  "ENCRYPT=\"\""
108 | 
109 | 	echo "---------- CRON MODE ----------"
110 | 	CMD="${CMD_CRON}"
111 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
112 | 
113 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
114 | 		echo "---------- NORMAL MODE ----------"
115 | 		CMD="${CMD_NORM}"
116 | 		if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
117 | 	fi
118 | 
119 | 	echo "---------- NORMAL MODE VERBOSE ----------"
120 | 	CMD="${CMD_VERB}"
121 | 	if ! check "1" "1" "ABORT" "1" "\$ENCRYPT" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
122 | 
123 | sed_change_config_file "^ENCRYPT=\"\""  "ENCRYPT=1"
124 | 
125 | 
126 | 
127 | echo
128 | echo "----------------------------------------"
129 | echo " 8.1.5 ENCRYPT=0"
130 | echo "----------------------------------------"
131 | echo
132 | sed_change_config_file "^ENCRYPT=1"  "ENCRYPT=0"
133 | 
134 | 	echo "---------- CRON MODE ----------"
135 | 	CMD="${CMD_CRON}"
136 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
137 | 
138 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
139 | 		echo "---------- NORMAL MODE ----------"
140 | 		CMD="${CMD_NORM}"
141 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
142 | 	fi
143 | 
144 | 	echo "---------- NORMAL MODE VERBOSE ----------"
145 | 	CMD="${CMD_VERB}"
146 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
147 | 
148 | sed_change_config_file "^ENCRYPT=0"  "ENCRYPT=1"
149 | 
150 | 
151 | 
152 | 
153 | 
154 | 
155 | 
156 | 
157 | echo
158 | echo
159 | echo "--------------------------------------------------------------------------------"
160 | echo "-"
161 | echo "-  8.2 \$OPENSSL_PUBKEY_PEM"
162 | echo "-"
163 | echo "--------------------------------------------------------------------------------"
164 | 
165 | echo
166 | echo "----------------------------------------"
167 | echo " 8.2.1 #OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem\""
168 | echo "----------------------------------------"
169 | echo
170 | sed_change_config_file "^OPENSSL_PUBKEY_PEM="  "#OPENSSL_PUBKEY_PEM="
171 | 
172 | 	echo "---------- CRON MODE ----------"
173 | 	CMD="${CMD_CRON}"
174 | 	if ! check "1" "1" "ABORT" "1" "\$OPENSSL_PUBKEY_PEM" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
175 | 
176 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
177 | 		echo "---------- NORMAL MODE ----------"
178 | 		CMD="${CMD_NORM}"
179 | 		if ! check "1" "1" "ABORT" "1" "\$OPENSSL_PUBKEY_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
180 | 	fi
181 | 
182 | 	echo "---------- NORMAL MODE VERBOSE ----------"
183 | 	CMD="${CMD_VERB}"
184 | 	if ! check "1" "1" "ABORT" "1" "\$OPENSSL_PUBKEY_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
185 | 
186 | sed_change_config_file "^#OPENSSL_PUBKEY_PEM="  "OPENSSL_PUBKEY_PEM="
187 | 
188 | 
189 | echo
190 | echo "----------------------------------------"
191 | echo " 8.2.2 OPENSSL_PUBKEY_PEM=\"\""
192 | echo "----------------------------------------"
193 | echo
194 | sed_change_config_file "^OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem\""  "OPENSSL_PUBKEY_PEM=\"\""
195 | 
196 | 	echo "---------- CRON MODE ----------"
197 | 	CMD="${CMD_CRON}"
198 | 	if ! check "1" "1" "ABORT" "1" "\$OPENSSL_PUBKEY_PEM" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
199 | 
200 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
201 | 		echo "---------- NORMAL MODE ----------"
202 | 		CMD="${CMD_NORM}"
203 | 		if ! check "1" "1" "ABORT" "1" "\$OPENSSL_PUBKEY_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
204 | 	fi
205 | 
206 | 	echo "---------- NORMAL MODE VERBOSE ----------"
207 | 	CMD="${CMD_VERB}"
208 | 	if ! check "1" "1" "ABORT" "1" "\$OPENSSL_PUBKEY_PEM" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
209 | 
210 | sed_change_config_file "^OPENSSL_PUBKEY_PEM=\"\""  "OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem\""
211 | 
212 | 
213 | 
214 | echo
215 | echo "----------------------------------------"
216 | echo " 8.2.3 OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem.notfound\""
217 | echo "----------------------------------------"
218 | echo
219 | sed_change_config_file "^OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem\""  "OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem.notfound\""
220 | 
221 | 	echo "---------- CRON MODE ----------"
222 | 	CMD="${CMD_CRON}"
223 | 	if ! check "1" "1" "ABORT" "1" "etc/mysqldump-secure.pub.pem.notfound" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
224 | 
225 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
226 | 		echo "---------- NORMAL MODE ----------"
227 | 		CMD="${CMD_NORM}"
228 | 		if ! check "1" "1" "ABORT" "1" "etc/mysqldump-secure.pub.pem.notfound" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
229 | 	fi
230 | 
231 | 	echo "---------- NORMAL MODE VERBOSE ----------"
232 | 	CMD="${CMD_VERB}"
233 | 	if ! check "1" "1" "ABORT" "1" "etc/mysqldump-secure.pub.pem.notfound" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
234 | 
235 | sed_change_config_file "^OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem.notfound\""  "OPENSSL_PUBKEY_PEM=\"${_INSTALL_PREFIX}/etc/mysqldump-secure.pub.pem\""
236 | 
237 | 
238 | 
239 | 
240 | 
241 | echo
242 | echo
243 | echo "--------------------------------------------------------------------------------"
244 | echo "-"
245 | echo "-  8.3 \$OPENSSL_ALGO_ARG"
246 | echo "-"
247 | echo "--------------------------------------------------------------------------------"
248 | 
249 | echo
250 | echo "----------------------------------------"
251 | echo " 8.3.1 #OPENSSL_ALGO_ARG=\"-aes256\""
252 | echo "----------------------------------------"
253 | echo
254 | sed_change_config_file "^OPENSSL_ALGO_ARG=\"-aes256\""  "#OPENSSL_ALGO_ARG=\"-aes256\""
255 | 
256 | 	echo "---------- CRON MODE ----------"
257 | 	CMD="${CMD_CRON}"
258 | 	if ! check "1" "1" "WARN" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
259 | 
260 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
261 | 		echo "---------- NORMAL MODE ----------"
262 | 		CMD="${CMD_NORM}"
263 | 		if ! check "1" "1" "WARN" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
264 | 	fi
265 | 
266 | 	echo "---------- NORMAL MODE VERBOSE ----------"
267 | 	CMD="${CMD_VERB}"
268 | 	if ! check "1" "1" "WARN" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
269 | 
270 | sed_change_config_file "^#OPENSSL_ALGO_ARG=\"-aes256\""  "OPENSSL_ALGO_ARG=\"-aes256\""
271 | 
272 | 
273 | 
274 | echo
275 | echo "----------------------------------------"
276 | echo " 8.3.2 OPENSSL_ALGO_ARG=\"\""
277 | echo "----------------------------------------"
278 | echo
279 | sed_change_config_file "^OPENSSL_ALGO_ARG=\"-aes256\""  "OPENSSL_ALGO_ARG=\"\""
280 | 
281 | 	echo "---------- CRON MODE ----------"
282 | 	CMD="${CMD_CRON}"
283 | 	if ! check "1" "1" "WARN" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
284 | 
285 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
286 | 		echo "---------- NORMAL MODE ----------"
287 | 		CMD="${CMD_NORM}"
288 | 		if ! check "1" "1" "WARN" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
289 | 	fi
290 | 
291 | 	echo "---------- NORMAL MODE VERBOSE ----------"
292 | 	CMD="${CMD_VERB}"
293 | 	if ! check "1" "1" "WARN" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
294 | 
295 | sed_change_config_file "^OPENSSL_ALGO_ARG=\"\""  "OPENSSL_ALGO_ARG=\"-aes256\""
296 | 
297 | 
298 | 
299 | echo
300 | echo "----------------------------------------"
301 | echo " 8.3.3 OPENSSL_ALGO_ARG=\"wrong\""
302 | echo "----------------------------------------"
303 | echo
304 | sed_change_config_file "^OPENSSL_ALGO_ARG=\"-aes256\""  "OPENSSL_ALGO_ARG=\"wrong\""
305 | 
306 | 	echo "---------- CRON MODE ----------"
307 | 	CMD="${CMD_CRON}"
308 | 	if ! check "1" "1" "ABORT" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
309 | 
310 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
311 | 		echo "---------- NORMAL MODE ----------"
312 | 		CMD="${CMD_NORM}"
313 | 		if ! check "1" "1" "ABORT" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
314 | 	fi
315 | 
316 | 	echo "---------- NORMAL MODE VERBOSE ----------"
317 | 	CMD="${CMD_VERB}"
318 | 	if ! check "1" "1" "ABORT" "1" "\$OPENSSL_ALGO_ARG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
319 | 
320 | sed_change_config_file "^OPENSSL_ALGO_ARG=\"wrong\""  "OPENSSL_ALGO_ARG=\"-aes256\""
321 | 
322 | 
323 | 
324 | 
325 | 
326 | echo
327 | echo
328 | if [ "$ERROR" = "0" ]; then
329 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
330 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [08] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
331 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
332 | else
333 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
334 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [08] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
335 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
336 | fi
337 | exit $ERROR
338 | 


--------------------------------------------------------------------------------
/test/05-check_consistency_settings.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  5.  C H E C K I N G   C O N S I S T E N C Y   S E T T I N G S"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  5.1 \$CONSISTENT_DUMP_ONLY_INNODB"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 5.1.1 #CONSISTENT_DUMP_ONLY_INNODB=1"
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^CONSISTENT_DUMP_ONLY_INNODB=1"  "#CONSISTENT_DUMP_ONLY_INNODB=1"
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 39 | 		echo "---------- NORMAL MODE ----------"
 40 | 		CMD="${CMD_NORM}"
 41 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 42 | 	fi
 43 | 
 44 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 45 | 	CMD="${CMD_VERB}"
 46 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 47 | 
 48 | sed_change_config_file "^#CONSISTENT_DUMP_ONLY_INNODB=1"  "CONSISTENT_DUMP_ONLY_INNODB=1"
 49 | 
 50 | 
 51 | 
 52 | echo
 53 | echo "----------------------------------------"
 54 | echo " 5.1.2 CONSISTENT_DUMP_ONLY_INNODB=2"
 55 | echo "----------------------------------------"
 56 | echo
 57 | sed_change_config_file "^CONSISTENT_DUMP_ONLY_INNODB=1"  "CONSISTENT_DUMP_ONLY_INNODB=2"
 58 | 
 59 | 	echo "---------- CRON MODE ----------"
 60 | 	CMD="${CMD_CRON}"
 61 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 62 | 
 63 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 64 | 		echo "---------- NORMAL MODE ----------"
 65 | 		CMD="${CMD_NORM}"
 66 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 67 | 	fi
 68 | 
 69 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 70 | 	CMD="${CMD_VERB}"
 71 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 72 | 
 73 | sed_change_config_file "^CONSISTENT_DUMP_ONLY_INNODB=2"  "CONSISTENT_DUMP_ONLY_INNODB=1"
 74 | 
 75 | 
 76 | 
 77 | echo
 78 | echo "----------------------------------------"
 79 | echo " 5.1.3 CONSISTENT_DUMP_ONLY_INNODB=0"
 80 | echo "----------------------------------------"
 81 | echo
 82 | sed_change_config_file "^CONSISTENT_DUMP_ONLY_INNODB=1"  "CONSISTENT_DUMP_ONLY_INNODB=0"
 83 | 
 84 | 	echo "---------- CRON MODE ----------"
 85 | 	CMD="${CMD_CRON}"
 86 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 87 | 
 88 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 89 | 		echo "---------- NORMAL MODE ----------"
 90 | 		CMD="${CMD_NORM}"
 91 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 92 | 	fi
 93 | 
 94 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 95 | 	CMD="${CMD_VERB}"
 96 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 97 | 
 98 | sed_change_config_file "^CONSISTENT_DUMP_ONLY_INNODB=0"  "CONSISTENT_DUMP_ONLY_INNODB=1"
 99 | 
100 | 
101 | 
102 | echo
103 | echo "----------------------------------------"
104 | echo " 5.1.4 CONSISTENT_DUMP_ONLY_INNODB=\"wrong\""
105 | echo "----------------------------------------"
106 | echo
107 | sed_change_config_file "^CONSISTENT_DUMP_ONLY_INNODB=1"  "CONSISTENT_DUMP_ONLY_INNODB=\"wrong\""
108 | 
109 | 	echo "---------- CRON MODE ----------"
110 | 	CMD="${CMD_CRON}"
111 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
112 | 
113 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
114 | 		echo "---------- NORMAL MODE ----------"
115 | 		CMD="${CMD_NORM}"
116 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
117 | 	fi
118 | 
119 | 	echo "---------- NORMAL MODE VERBOSE ----------"
120 | 	CMD="${CMD_VERB}"
121 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_ONLY_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
122 | 
123 | sed_change_config_file "^CONSISTENT_DUMP_ONLY_INNODB=\"wrong\""  "CONSISTENT_DUMP_ONLY_INNODB=1"
124 | 
125 | 
126 | 
127 | 
128 | 
129 | 
130 | 
131 | 
132 | echo
133 | echo
134 | echo "--------------------------------------------------------------------------------"
135 | echo "-"
136 | echo "-  5.2 \$CONSISTENT_DUMP_NO_INNODB"
137 | echo "-"
138 | echo "--------------------------------------------------------------------------------"
139 | 
140 | echo
141 | echo "----------------------------------------"
142 | echo " 5.2.1 #CONSISTENT_DUMP_NO_INNODB=1"
143 | echo "----------------------------------------"
144 | echo
145 | sed_change_config_file "^CONSISTENT_DUMP_NO_INNODB=1"  "#CONSISTENT_DUMP_NO_INNODB=1"
146 | 
147 | 	echo "---------- CRON MODE ----------"
148 | 	CMD="${CMD_CRON}"
149 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
150 | 
151 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
152 | 		echo "---------- NORMAL MODE ----------"
153 | 		CMD="${CMD_NORM}"
154 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
155 | 	fi
156 | 
157 | 	echo "---------- NORMAL MODE VERBOSE ----------"
158 | 	CMD="${CMD_VERB}"
159 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
160 | 
161 | sed_change_config_file "^#CONSISTENT_DUMP_NO_INNODB=1"  "CONSISTENT_DUMP_NO_INNODB=1"
162 | 
163 | 
164 | 
165 | echo
166 | echo "----------------------------------------"
167 | echo " 5.2.2 CONSISTENT_DUMP_NO_INNODB=2"
168 | echo "----------------------------------------"
169 | echo
170 | sed_change_config_file "^CONSISTENT_DUMP_NO_INNODB=1"  "CONSISTENT_DUMP_NO_INNODB=2"
171 | 
172 | 	echo "---------- CRON MODE ----------"
173 | 	CMD="${CMD_CRON}"
174 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
175 | 
176 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
177 | 		echo "---------- NORMAL MODE ----------"
178 | 		CMD="${CMD_NORM}"
179 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
180 | 	fi
181 | 
182 | 	echo "---------- NORMAL MODE VERBOSE ----------"
183 | 	CMD="${CMD_VERB}"
184 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
185 | 
186 | sed_change_config_file "^CONSISTENT_DUMP_NO_INNODB=2"  "CONSISTENT_DUMP_NO_INNODB=1"
187 | 
188 | 
189 | 
190 | echo
191 | echo "----------------------------------------"
192 | echo " 5.2.3 CONSISTENT_DUMP_NO_INNODB=0"
193 | echo "----------------------------------------"
194 | echo
195 | sed_change_config_file "^CONSISTENT_DUMP_NO_INNODB=1"  "CONSISTENT_DUMP_NO_INNODB=0"
196 | 
197 | 	echo "---------- CRON MODE ----------"
198 | 	CMD="${CMD_CRON}"
199 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
200 | 
201 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
202 | 		echo "---------- NORMAL MODE ----------"
203 | 		CMD="${CMD_NORM}"
204 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
205 | 	fi
206 | 
207 | 	echo "---------- NORMAL MODE VERBOSE ----------"
208 | 	CMD="${CMD_VERB}"
209 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
210 | 
211 | sed_change_config_file "^CONSISTENT_DUMP_NO_INNODB=0"  "CONSISTENT_DUMP_NO_INNODB=1"
212 | 
213 | 
214 | 
215 | echo
216 | echo "----------------------------------------"
217 | echo " 5.2.4 CONSISTENT_DUMP_NO_INNODB=\"wrong\""
218 | echo "----------------------------------------"
219 | echo
220 | sed_change_config_file "^CONSISTENT_DUMP_NO_INNODB=1"  "CONSISTENT_DUMP_NO_INNODB=\"wrong\""
221 | 
222 | 	echo "---------- CRON MODE ----------"
223 | 	CMD="${CMD_CRON}"
224 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
225 | 
226 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
227 | 		echo "---------- NORMAL MODE ----------"
228 | 		CMD="${CMD_NORM}"
229 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
230 | 	fi
231 | 
232 | 	echo "---------- NORMAL MODE VERBOSE ----------"
233 | 	CMD="${CMD_VERB}"
234 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_NO_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
235 | 
236 | sed_change_config_file "^CONSISTENT_DUMP_NO_INNODB=\"wrong\""  "CONSISTENT_DUMP_NO_INNODB=1"
237 | 
238 | 
239 | 
240 | 
241 | 
242 | 
243 | 
244 | 
245 | 
246 | 
247 | 
248 | echo
249 | echo
250 | echo "--------------------------------------------------------------------------------"
251 | echo "-"
252 | echo "-  5.3 \$CONSISTENT_DUMP_MIXED_INNODB"
253 | echo "-"
254 | echo "--------------------------------------------------------------------------------"
255 | 
256 | echo
257 | echo "----------------------------------------"
258 | echo " 5.3.1 #CONSISTENT_DUMP_MIXED_INNODB=1"
259 | echo "----------------------------------------"
260 | echo
261 | sed_change_config_file "^CONSISTENT_DUMP_MIXED_INNODB=1"  "#CONSISTENT_DUMP_MIXED_INNODB=1"
262 | 
263 | 	echo "---------- CRON MODE ----------"
264 | 	CMD="${CMD_CRON}"
265 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_MIXED_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
266 | 
267 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
268 | 		echo "---------- NORMAL MODE ----------"
269 | 		CMD="${CMD_NORM}"
270 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_MIXED_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
271 | 	fi
272 | 
273 | 	echo "---------- NORMAL MODE VERBOSE ----------"
274 | 	CMD="${CMD_VERB}"
275 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_MIXED_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
276 | 
277 | sed_change_config_file "^#CONSISTENT_DUMP_MIXED_INNODB=1"  "CONSISTENT_DUMP_MIXED_INNODB=1"
278 | 
279 | 
280 | 
281 | echo
282 | echo "----------------------------------------"
283 | echo " 5.3.2 CONSISTENT_DUMP_MIXED_INNODB=2"
284 | echo "----------------------------------------"
285 | echo
286 | sed_change_config_file "^CONSISTENT_DUMP_MIXED_INNODB=1"  "CONSISTENT_DUMP_MIXED_INNODB=2"
287 | 
288 | 	echo "---------- CRON MODE ----------"
289 | 	CMD="${CMD_CRON}"
290 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
291 | 
292 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
293 | 		echo "---------- NORMAL MODE ----------"
294 | 		CMD="${CMD_NORM}"
295 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
296 | 	fi
297 | 
298 | 	echo "---------- NORMAL MODE VERBOSE ----------"
299 | 	CMD="${CMD_VERB}"
300 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
301 | 
302 | sed_change_config_file "^CONSISTENT_DUMP_MIXED_INNODB=2"  "CONSISTENT_DUMP_MIXED_INNODB=1"
303 | 
304 | 
305 | 
306 | echo
307 | echo "----------------------------------------"
308 | echo " 5.3.3 CONSISTENT_DUMP_MIXED_INNODB=0"
309 | echo "----------------------------------------"
310 | echo
311 | sed_change_config_file "^CONSISTENT_DUMP_MIXED_INNODB=1"  "CONSISTENT_DUMP_MIXED_INNODB=0"
312 | 
313 | 	echo "---------- CRON MODE ----------"
314 | 	CMD="${CMD_CRON}"
315 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
316 | 
317 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
318 | 		echo "---------- NORMAL MODE ----------"
319 | 		CMD="${CMD_NORM}"
320 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
321 | 	fi
322 | 
323 | 	echo "---------- NORMAL MODE VERBOSE ----------"
324 | 	CMD="${CMD_VERB}"
325 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
326 | 
327 | sed_change_config_file "^CONSISTENT_DUMP_MIXED_INNODB=0"  "CONSISTENT_DUMP_MIXED_INNODB=1"
328 | 
329 | 
330 | 
331 | echo
332 | echo "----------------------------------------"
333 | echo " 5.3.4 CONSISTENT_DUMP_MIXED_INNODB=\"wrong\""
334 | echo "----------------------------------------"
335 | echo
336 | sed_change_config_file "^CONSISTENT_DUMP_MIXED_INNODB=1"  "CONSISTENT_DUMP_MIXED_INNODB=\"wrong\""
337 | 
338 | 	echo "---------- CRON MODE ----------"
339 | 	CMD="${CMD_CRON}"
340 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_MIXED_INNODB" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
341 | 
342 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
343 | 		echo "---------- NORMAL MODE ----------"
344 | 		CMD="${CMD_NORM}"
345 | 		if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_MIXED_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
346 | 	fi
347 | 
348 | 	echo "---------- NORMAL MODE VERBOSE ----------"
349 | 	CMD="${CMD_VERB}"
350 | 	if ! check "1" "1" "WARN" "1" "\$CONSISTENT_DUMP_MIXED_INNODB" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
351 | 
352 | sed_change_config_file "^CONSISTENT_DUMP_MIXED_INNODB=\"wrong\""  "CONSISTENT_DUMP_MIXED_INNODB=1"
353 | 
354 | 
355 | 
356 | 
357 | echo
358 | echo
359 | if [ "$ERROR" = "0" ]; then
360 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
361 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [05] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
362 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
363 | else
364 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
365 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [05] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
366 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
367 | fi
368 | exit $ERROR
369 | 


--------------------------------------------------------------------------------
/test/10-check_nagios_log.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash -e
  2 | #!/usr/bin/env bash
  3 | 
  4 | ERROR=0
  5 | 
  6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
  7 | . "${DIR}/config"
  8 | 
  9 | 
 10 | 
 11 | echo "##########################################################################################"
 12 | echo "#"
 13 | echo "#  10.  C H E C K I N G   N A G I O S   L O G"
 14 | echo "#"
 15 | echo "##########################################################################################"
 16 | 
 17 | 
 18 | 
 19 | echo
 20 | echo
 21 | echo "--------------------------------------------------------------------------------"
 22 | echo "-"
 23 | echo "-  10.1 \$NAGIOS_LOG"
 24 | echo "-"
 25 | echo "--------------------------------------------------------------------------------"
 26 | 
 27 | echo
 28 | echo "----------------------------------------"
 29 | echo " 10.1.1 #NAGIOS_LOG=1"
 30 | echo "----------------------------------------"
 31 | echo
 32 | sed_change_config_file "^NAGIOS_LOG=1"  "#NAGIOS_LOG=1"
 33 | 
 34 | 	echo "---------- CRON MODE ----------"
 35 | 	CMD="${CMD_CRON}"
 36 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 37 | 
 38 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 39 | 		echo "---------- NORMAL MODE ----------"
 40 | 		CMD="${CMD_NORM}"
 41 | 		if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 42 | 	fi
 43 | 
 44 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 45 | 	CMD="${CMD_VERB}"
 46 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 47 | 
 48 | sed_change_config_file "^#NAGIOS_LOG=1"  "NAGIOS_LOG=1"
 49 | 
 50 | 
 51 | 
 52 | echo
 53 | echo "----------------------------------------"
 54 | echo " 10.1.2 NAGIOS_LOG=2"
 55 | echo "----------------------------------------"
 56 | echo
 57 | sed_change_config_file "^NAGIOS_LOG=1"  "NAGIOS_LOG=2"
 58 | 
 59 | 	echo "---------- CRON MODE ----------"
 60 | 	CMD="${CMD_CRON}"
 61 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 62 | 
 63 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 64 | 		echo "---------- NORMAL MODE ----------"
 65 | 		CMD="${CMD_NORM}"
 66 | 		if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 67 | 	fi
 68 | 
 69 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 70 | 	CMD="${CMD_VERB}"
 71 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 72 | 
 73 | sed_change_config_file "^NAGIOS_LOG=2"  "NAGIOS_LOG=1"
 74 | 
 75 | 
 76 | 
 77 | echo
 78 | echo "----------------------------------------"
 79 | echo " 10.1.3 NAGIOS_LOG=\"wrong\""
 80 | echo "----------------------------------------"
 81 | echo
 82 | sed_change_config_file "^NAGIOS_LOG=1"  "NAGIOS_LOG=\"wrong\""
 83 | 
 84 | 	echo "---------- CRON MODE ----------"
 85 | 	CMD="${CMD_CRON}"
 86 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 87 | 
 88 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
 89 | 		echo "---------- NORMAL MODE ----------"
 90 | 		CMD="${CMD_NORM}"
 91 | 		if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 92 | 	fi
 93 | 
 94 | 	echo "---------- NORMAL MODE VERBOSE ----------"
 95 | 	CMD="${CMD_VERB}"
 96 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
 97 | 
 98 | sed_change_config_file "^NAGIOS_LOG=\"wrong\""  "NAGIOS_LOG=1"
 99 | 
100 | 
101 | 
102 | echo
103 | echo "----------------------------------------"
104 | echo " 10.1.4 NAGIOS_LOG=\"\""
105 | echo "----------------------------------------"
106 | echo
107 | sed_change_config_file "^NAGIOS_LOG=1"  "NAGIOS_LOG=\"\""
108 | 
109 | 	echo "---------- CRON MODE ----------"
110 | 	CMD="${CMD_CRON}"
111 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
112 | 
113 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
114 | 		echo "---------- NORMAL MODE ----------"
115 | 		CMD="${CMD_NORM}"
116 | 		if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
117 | 	fi
118 | 
119 | 	echo "---------- NORMAL MODE VERBOSE ----------"
120 | 	CMD="${CMD_VERB}"
121 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
122 | 
123 | sed_change_config_file "^NAGIOS_LOG=\"\""  "NAGIOS_LOG=1"
124 | 
125 | 
126 | 
127 | echo
128 | echo "----------------------------------------"
129 | echo " 10.1.5 NAGIOS_LOG=0"
130 | echo "----------------------------------------"
131 | sed_change_config_file "^NAGIOS_LOG=1"  "NAGIOS_LOG=0"
132 | 
133 | 	echo "---------- CRON MODE ----------"
134 | 	CMD="${CMD_CRON}"
135 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
136 | 
137 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
138 | 		echo "---------- NORMAL MODE ----------"
139 | 		CMD="${CMD_NORM}"
140 | 		if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
141 | 	fi
142 | 
143 | 	echo "---------- NORMAL MODE VERBOSE ----------"
144 | 	CMD="${CMD_VERB}"
145 | 	if ! check "1" "1" "PASS" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
146 | 
147 | sed_change_config_file "^NAGIOS_LOG=0"  "NAGIOS_LOG=1"
148 | 
149 | 
150 | 
151 | 
152 | 
153 | 
154 | echo
155 | echo
156 | echo "--------------------------------------------------------------------------------"
157 | echo "-"
158 | echo "-  10.2 \$NAGIOS_LOG_FILE"
159 | echo "-"
160 | echo "--------------------------------------------------------------------------------"
161 | 
162 | echo
163 | echo "----------------------------------------"
164 | echo " 10.2.1 #NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""
165 | echo "----------------------------------------"
166 | sed_change_config_file "^NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""  "#NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""
167 | 
168 | 	echo "---------- CRON MODE ----------"
169 | 	CMD="${CMD_CRON}"
170 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_FILE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
171 | 
172 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
173 | 		echo "---------- NORMAL MODE ----------"
174 | 		CMD="${CMD_NORM}"
175 | 		if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
176 | 	fi
177 | 
178 | 	echo "---------- NORMAL MODE VERBOSE ----------"
179 | 	CMD="${CMD_VERB}"
180 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
181 | 
182 | sed_change_config_file "^#NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""  "NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""
183 | 
184 | 
185 | 
186 | echo
187 | echo "----------------------------------------"
188 | echo " 10.2.2 NAGIOS_LOG_FILE=\"\""
189 | echo "----------------------------------------"
190 | sed_change_config_file "^NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""  "NAGIOS_LOG_FILE=\"\""
191 | 
192 | 	echo "---------- CRON MODE ----------"
193 | 	CMD="${CMD_CRON}"
194 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_FILE" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
195 | 
196 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
197 | 		echo "---------- NORMAL MODE ----------"
198 | 		CMD="${CMD_NORM}"
199 | 		if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
200 | 	fi
201 | 
202 | 	echo "---------- NORMAL MODE VERBOSE ----------"
203 | 	CMD="${CMD_VERB}"
204 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_FILE" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
205 | 
206 | sed_change_config_file "^NAGIOS_LOG_FILE=\"\""  "NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""
207 | 
208 | 
209 | 
210 | echo
211 | echo "----------------------------------------"
212 | echo " 10.2.3 NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log.notfound\""
213 | echo "----------------------------------------"
214 | sed_change_config_file "^NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""  "NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log.notfound\""
215 | 
216 | 	echo "---------- CRON MODE ----------"
217 | 	CMD="${CMD_CRON}"
218 | 	if ! check "1" "1" "WARN" "1" "mysqldump-secure.nagios.log.notfound" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
219 | 	sudo rm -rf "${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log.notfound"
220 | 
221 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
222 | 		echo "---------- NORMAL MODE ----------"
223 | 		CMD="${CMD_NORM}"
224 | 		if ! check "1" "1" "WARN" "1" "mysqldump-secure.nagios.log.notfound" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
225 | 		sudo rm -rf "${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log.notfound"
226 | 	fi
227 | 
228 | 	echo "---------- NORMAL MODE VERBOSE ----------"
229 | 	CMD="${CMD_VERB}"
230 | 	if ! check "1" "1" "WARN" "1" "mysqldump-secure.nagios.log.notfound" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
231 | 	sudo rm -rf "${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log.notfound"
232 | 
233 | sed_change_config_file "^NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log.notfound\""  "NAGIOS_LOG_FILE=\"${_INSTALL_PREFIX}/var/log/mysqldump-secure.nagios.log\""
234 | 
235 | 
236 | 
237 | 
238 | 
239 | 
240 | 
241 | echo
242 | echo
243 | echo
244 | echo "--------------------------------------------------------------------------------"
245 | echo "-"
246 | echo "-  10.3 \$NAGIOS_LOG_CHMOD"
247 | echo "-"
248 | echo "--------------------------------------------------------------------------------"
249 | 
250 | echo
251 | echo "----------------------------------------"
252 | echo " 10.3.1 #NAGIOS_LOG_CHMOD=\"0644\""
253 | echo "----------------------------------------"
254 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"0644\""  "#NAGIOS_LOG_CHMOD=\"0644\""
255 | 
256 | 	echo "---------- CRON MODE ----------"
257 | 	CMD="${CMD_CRON}"
258 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
259 | 
260 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
261 | 		echo "---------- NORMAL MODE ----------"
262 | 		CMD="${CMD_NORM}"
263 | 		if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
264 | 	fi
265 | 
266 | 	echo "---------- NORMAL MODE VERBOSE ----------"
267 | 	CMD="${CMD_VERB}"
268 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
269 | 
270 | sed_change_config_file "^#NAGIOS_LOG_CHMOD=\"0644\""  "NAGIOS_LOG_CHMOD=\"0644\""
271 | 
272 | 
273 | 
274 | echo
275 | echo "----------------------------------------"
276 | echo " 10.3.2 NAGIOS_LOG_CHMOD=\"0644a\""
277 | echo "----------------------------------------"
278 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"0644\""  "NAGIOS_LOG_CHMOD=\"0644a\""
279 | 
280 | 	echo "---------- CRON MODE ----------"
281 | 	CMD="${CMD_CRON}"
282 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
283 | 
284 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
285 | 		echo "---------- NORMAL MODE ----------"
286 | 		CMD="${CMD_NORM}"
287 | 		if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
288 | 	fi
289 | 
290 | 	echo "---------- NORMAL MODE VERBOSE ----------"
291 | 	CMD="${CMD_VERB}"
292 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
293 | 
294 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"0644a\""  "NAGIOS_LOG_CHMOD=\"0644\""
295 | 
296 | 
297 | echo
298 | echo "----------------------------------------"
299 | echo " 10.3.3 NAGIOS_LOG_CHMOD=\"abc\""
300 | echo "----------------------------------------"
301 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"0644\""  "NAGIOS_LOG_CHMOD=\"abc\""
302 | 
303 | 	echo "---------- CRON MODE ----------"
304 | 	CMD="${CMD_CRON}"
305 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
306 | 
307 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
308 | 		echo "---------- NORMAL MODE ----------"
309 | 		CMD="${CMD_NORM}"
310 | 		if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
311 | 	fi
312 | 
313 | 	echo "---------- NORMAL MODE VERBOSE ----------"
314 | 	CMD="${CMD_VERB}"
315 | 	if ! check "1" "1" "ERR" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
316 | 
317 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"abc\""  "NAGIOS_LOG_CHMOD=\"0644\""
318 | 
319 | 
320 | 
321 | echo
322 | echo "----------------------------------------"
323 | echo " 10.3.4 NAGIOS_LOG_CHMOD=\"\""
324 | echo "----------------------------------------"
325 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"0644\""  "NAGIOS_LOG_CHMOD=\"\""
326 | 
327 | 	echo "---------- CRON MODE ----------"
328 | 	CMD="${CMD_CRON}"
329 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
330 | 
331 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
332 | 		echo "---------- NORMAL MODE ----------"
333 | 		CMD="${CMD_NORM}"
334 | 		if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
335 | 	fi
336 | 
337 | 	echo "---------- NORMAL MODE VERBOSE ----------"
338 | 	CMD="${CMD_VERB}"
339 | 	if ! check "1" "1" "WARN" "1" "\$NAGIOS_LOG_CHMOD" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
340 | 
341 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"\""  "NAGIOS_LOG_CHMOD=\"0644\""
342 | 
343 | 
344 | 
345 | echo
346 | echo "----------------------------------------"
347 | echo " 10.3.5 NAGIOS_LOG_CHMOD=\"444\""
348 | echo "----------------------------------------"
349 | echo
350 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"0644\""  "NAGIOS_LOG_CHMOD=\"444\""
351 | 
352 | 	echo "---------- CRON MODE ----------"
353 | 	CMD="${CMD_CRON}"
354 | 	if ! check "1" "1" "WARN" "0" "" "1" "1" "0" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
355 | 
356 | 	if [ "${RUN_CHECK_NORM}" = "1" ]; then
357 | 		echo "---------- NORMAL MODE ----------"
358 | 		CMD="${CMD_NORM}"
359 | 		if ! check "1" "1" "WARN" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
360 | 	fi
361 | 
362 | 	echo "---------- NORMAL MODE VERBOSE ----------"
363 | 	CMD="${CMD_VERB}"
364 | 	if ! check "1" "1" "WARN" "0" "" "1" "1" "1" "0" "${CMD}"; then ERROR=$((ERROR+1)); fi
365 | 
366 | sed_change_config_file "^NAGIOS_LOG_CHMOD=\"444\""  "NAGIOS_LOG_CHMOD=\"0644\""
367 | 
368 | 
369 | 
370 | 
371 | echo
372 | echo
373 | if [ "$ERROR" = "0" ]; then
374 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
375 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [10] SUCCESS @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
376 |   echo "${txtgrn}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
377 | else
378 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
379 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@  [10] FAILED: ${ERROR} Errors   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
380 |   echo "${txtpur}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${txtrst}"
381 | fi
382 | exit $ERROR
383 | 


--------------------------------------------------------------------------------
/doc/SETUP.md:
--------------------------------------------------------------------------------
  1 | [Readme](https://github.com/cytopia/mysqldump-secure/blob/master/README.md) |
  2 | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) |
  3 | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) |
  4 | Configuration |
  5 | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) |
  6 | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) |
  7 | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) |
  8 | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) |
  9 | [Contributing](https://github.com/cytopia/mysqldump-secure/blob/master/CONTRIBUTING.md)
 10 | 
 11 | ---
 12 | 
 13 | # mysqldump-secure Configuration
 14 | 
 15 | ## 1.1 Configure MySQL Credentials
 16 | Setup MySQL username, password and host in [/etc/mysqldump-secure.cnf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.cnf) 
 17 | 
 18 | ```ini
 19 | [client]
 20 | host = localhost
 21 | user = readonlyrootuser
 22 | password = "verySecurePasswordWith$%&SpecialChars"
 23 | ```
 24 | 
 25 | Test if the connection settings are working
 26 | 
 27 | ```shell
 28 | $ mysqldump-secure --test -v
 29 | 
 30 | [INFO]  (OPT): Logging enabled
 31 | [DEBUG] (OPT): Log level: 1
 32 | [DEBUG] (OPT): Logfile: /var/log/mysqldump-secure.log
 33 | [DEBUG] (CFG): Destination dir: /var/mysqldump-secure
 34 | [DEBUG] (CFG): Using file Prefix: 2016-03-08_15-09__
 35 | [INFO]  (OPT): MySQL SSL connection enabled
 36 | [DEBUG] (OPT): MySQL SSL arguments: --ssl-ca=/usr/local/etc/certs/mysql.ca.pem.
 37 | [INFO]  (OPT): Compression enabled
 38 | [DEBUG] (OPT): Compression arguments: gzip -9 --stdout
 39 | [INFO]  (OPT): Encryption disabled
 40 | [INFO]  (OPT): Deletion enabled
 41 | [DEBUG] (OPT): Deleting files older than 30 days. Using: tmpwatch
 42 | [INFO]  (OPT): Nagios log enabled
 43 | [DEBUG] (OPT): Nagios logfile: /var/log/mysqldump-secure.nagios.log
 44 | [DEBUG] (SRV): MySQL server connection: Localhost via UNIX socket
 45 | [DEBUG] (SRV): MySQL server connection: Using SSL (Cipher in use is DHE-RSA-AES256-GCM-SHA384)
 46 | [DEBUG] (SRV): MySQL server version:    MariaDB 10.1.11-MariaDB-log Homebrew
 47 | [DEBUG] (SRV): MySQL server hostname:   mycoolhost:3306
 48 | [DEBUG] (SRV): MySQL server rep type:   master
 49 | ```
 50 | 
 51 | If you see the mysql section and the script does no abort everything went fine and you can continue configuring the program.
 52 | 
 53 | ## 1.2 Configure MySQLDump Options
 54 | Configure the backup behavior in [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf).
 55 | 
 56 | ### 1.2.1 Encryption
 57 | Encryption is done by public/private key via [OpenSSL SMIME](https://www.openssl.org/docs/apps/smime.html) which also supports encrypting large files.
 58 | 
 59 | > <sub>The primary advantage of public-key cryptography is increased security and convenience: private keys never need to be transmitted or revealed to anyone. In a secret-key system, by contrast, the secret keys must be transmitted (either manually or through a communication channel) since the same key is used for encryption and decryption. A serious concern is that there may be a chance that an enemy can discover the secret key during transmission.</sub>
 60 | > <sub>[[1]](http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/advantages-and-disadvantages.htm)</sub>
 61 | 
 62 | See [Encryption guidelines](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) for more info about how to create the keys and manually encrypt/decrypt.
 63 | 
 64 | #### 1.2.1.1 Create the keypair
 65 | In order to enable encryption you need a public/private keypair. If you don't know how to generate them you can use provided script: [create-keypair.sh](https://github.com/cytopia/mysqldump-secure/blob/master/bin/create-keypair.sh).
 66 | 
 67 | Once you have the keys
 68 | 
 69 | 1. Move the private key away from the server to a very secure location.
 70 | 2. Copy the public key to `/etc/mysqldump-secure.pub.pem`
 71 | 3. `chmod 400 /etc/mysqldump-secure.pub.pem`
 72 | 
 73 | Open [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf) and set the following variables
 74 | ```shell
 75 | ENCRYPT=1
 76 | OPENSSL_PUBKEY_PEM="/etc/mysqldump-secure.pub.pem"
 77 | OPENSSL_ALGO_ARG="-aes256"
 78 | ```
 79 | 
 80 | 
 81 | ### 1.2.2 Compression
 82 | MySQL database dumps can be piped directly to `gzip`, `bzip2`, `lzma` or `lzop` (depending on your choice) before writing them to disk.
 83 | 
 84 | Open [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf) and set the following variables
 85 | ```shell
 86 | COMPRESS=1
 87 | # Gzip
 88 | COMPRESS_BIN="gzip"
 89 | COMPRESS_ARG="-9 --stdout"
 90 | COMPRESS_EXT="gz"
 91 | ```
 92 | By default, when enabling compression `gzip` is already pre-configured, you can however also change it to one of the above algorithms by uncommenting a different block (and also commenting the gzip block). The other blocks are also pre-configured and look like this:
 93 | ```shell
 94 | # Bzip2
 95 | #COMPRESS_BIN="bzip2"
 96 | #COMPRESS_ARG="-9 --stdout"
 97 | #COMPRESS_EXT="bz2"
 98 | 
 99 | # PBzip2
100 | # (multithreaded bzip2 version)
101 | #COMPRESS_BIN="pbzip2"
102 | #COMPRESS_ARG="-9 --stdout"
103 | #COMPRESS_EXT="bz2"
104 | 
105 | # xz
106 | # (algo: lzma2)
107 | #COMPRESS_BIN="xz"
108 | #COMPRESS_ARG="-9 --stdout"
109 | #COMPRESS_EXT="xz"
110 | 
111 | # LZMA
112 | # (On modern systems it is usually an alias to 'xz --format=lzma')
113 | #COMPRESS_BIN="lzma"
114 | #COMPRESS_ARG="-9 --stdout"
115 | #COMPRESS_EXT="lzma"
116 | 
117 | # LZOP
118 | #COMPRESS_BIN="lzop"
119 | #COMPRESS_ARG="-9 --stdout"
120 | #COMPRESS_EXT="lzo"
121 | ```
122 | 
123 | If you use a compression algorithm that differs from the above pre-configured ones, simply add it to the config file and use yours. It would also be nice of you to then drop me a pull request with all other algorithms you add, so we can have it pre-configured in the git repository.
124 | 
125 | See [doc/Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) for performance and other info.
126 | 
127 | 
128 | ### 1.2.3 Blacklisting
129 | Mysqldump-secure uses opt-out instead of opt-in and will by default dump every readable database to disk. If you however want to manually ignore certain databases, such as `information_schema` or `performance_schema` you can specify them in a ignore list.
130 | 
131 | **Opt-out vs Opt-in**
132 | The disadvantage of opt-out is that you might backup a database that is not needed. On the other hand if you use opt-in you could forget a database that was actually needed to be backed up.
133 | 
134 | Open [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf) and set the following variables
135 | ```shell
136 | IGNORE="information_schema performance_schema"
137 | ```
138 | 
139 | You can also use the wildcard character `*` to ignore patterns:
140 | ```shell
141 | IGNORE="*_schema db*"
142 | ```
143 | 
144 | With patterns you can even ignore all databases (at first)
145 | ```shell
146 | IGNORE="*"
147 | ```
148 | 
149 | and then selectively add them via `REQUIRE` (see below).
150 | 
151 | ### 1.2.4 Whitelisting (Requiring)
152 | If you need to make sure that a specific (or many specific) database(s) must be dumped regardless, add it space-separated to this variable. If the specified databases cannot be dumped (no access rights, missing, whatever reason), the dump script will throw an error which is catchable by cron as well as by the included nagios script.
153 | 
154 | This option is here to make sure you will be informed, that your desired database was not dumped.
155 | ```shell
156 | REQUIRED="mysql databaseX databaseY"
157 | #REQUIRED=""
158 | ```
159 | 
160 | **Note**: All databases that have been ignored by `IGNORE` and are specified in `REQUIRE` will be dumped explicitly.
161 | This has the advantage that you can also tell *mysqldump-secure* to dump nothing by default and only choose which database to backup.
162 | 
163 | 
164 | 
165 | ### 1.2.5 Tmpwatch/Tmpreaper integration
166 | If you have [tmpwatch](http://linux.die.net/man/8/tmpwatch) or [tmpreaper](http://manpages.ubuntu.com/manpages/hardy/man8/tmpreaper.8.html) installed you can specify to automatically delete backups older than X hours.
167 | 
168 | Open [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf) and set the following variables:
169 | Enable `1` or disable `1` automatic deletion
170 | ```shell
171 | DELETE=1
172 | #DELETE=0
173 | ```
174 | 
175 | Choose the binary to use `tmpwatch` or `tmpreaper`
176 | ```shell
177 | DELETE_METHOD="tmpwatch"	# Use this for redhat/centos/fedora
178 | #DELETE_METHOD="tmpreaper"	# Use this for debian/ubuntu
179 | ```
180 | 
181 | If your database backups are stored readonly (e.g. chmod 400), tmpwatch/tmpreaper will fail to delete them. In order to overcome this, the `-f` (`--force`) flag must be parsed along.
182 | 
183 | > Remove files even if EUID doesn’t have write access (akin to  rm -f). Normally,  files owned by the current EUID, with no write  bit set are not removed.
184 | 
185 | ```shell
186 | DELETE_FORCE=1				# Remove files even if EUID doesn’t have write access
187 | #DELETE_FORCE=0				# Do not delete read-only files
188 | ```
189 | 
190 | Delete files older than X hours
191 | 
192 | ```shell
193 | DELETE=720 # 720 hours
194 | ```
195 | 
196 | All valid *tmpwatch*/*tmpreaper* unit values can be used (and are validated). You could also write the following to delete everything older than 30 days:
197 | ```shell
198 | DELETE=30d
199 | ```
200 | 
201 | 
202 | 
203 | ### 1.2.6 File logging
204 | Mysqldump-secure includes a mechanism to log every action (debug, info, warn and error) to file. The script also follows the practise of sending proper exit codes (0 for everything went fine and >0 for I had some errors).
205 | 
206 | Open [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf) and set the following variables
207 | ```shell
208 | LOG=1
209 | LOGFILE="/var/log/mysqldump-secure.log"
210 | ```
211 | 
212 | ### 1.2.7 Mysqldump options
213 | You can specify custom mysqldump parameters in the configuration file. The default configuration dumps databases including events, triggers and routines. The dump is done via `--single-transaction` to also take transactional tables into account. All those parameters are customizable so alter them as desired.
214 | 
215 | Open [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf) and set the following variables
216 | ```shell
217 | MYSQL_OPTS='--events --triggers --routines --single-transaction --opt'
218 | ```
219 | See [mysqldump](https://dev.mysql.com/doc/refman/5.0/en/mysqldump.html) for all possible parameters.
220 | 
221 | ### 1.2.8 Conditional mysqldump options
222 | 
223 | You can conditionally decide when to apply mysqldump `--quick` option depending on the database size. The default is to only apply `--quick` to databases equal to or greater than 200 MB. (Note: the value is specified in MegaBytes):
224 | ```shell
225 | MYSQL_OPTS_QUICK_MIN_SIZE=200
226 | ```
227 | 
228 | Also all consistency/transactional arguments are specified per case.
229 | 
230 | **Case 1: DB contains only InnoDB tables engines**
231 | 
232 | 1. use `--single-transaction`
233 | 2. use nothing
234 | 
235 | **Case 2: DB contains InnoDB and other table-engines**
236 | 
237 | 1. use `--single-transaction`
238 | 2. use `--lock-tables`
239 | 3. use nothing
240 | 
241 | **Case 3: DB contains no InnoDB table-engines at all**
242 | 
243 | 1. use `--lock-tables`
244 | 2. use nothing
245 | 
246 | 
247 | 
248 | ### 1.2.9 Nagios output log
249 | It is possible to fully integrate the backup procedure into a nagios/icinga environment. For that to use you will need to enable Nagios Logging, which will then create a special logfile that is overwritten every time the dump is triggered.
250 | The Nagios Log file can be used by [check_mysqldump-secure](https://github.com/cytopia/check_mysqldump-secure) to integrate the current state into nagios.
251 | 
252 | Open [/etc/mysqldump-secure.conf](https://github.com/cytopia/mysqldump-secure/blob/master/etc/mysqldump-secure.conf) and set the following variables
253 | ```shell
254 | NAGIOS_LOG=1
255 | NAGIOS_LOGFILE="/var/log/mysqldump-secure.nagios.log"
256 | ```
257 | See [Plugin Readme](https://github.com/cytopia/check_mysqldump-secure) for further instructions and a variety of screenshots.
258 | 
259 | ### 1.2.10 Info file per database
260 | You can enable/disable (enabled by default) the creation of info files. They are stored in the same location as the dumps with the same filename suffixed with `.info`. Those files contain the following information:
261 | ```shell
262 | ; mysqldump-secure backup record
263 | ; Do not alter this file!
264 | ; Creation of this file can be turned off via config file.
265 | 
266 | ; Information about the info file
267 | [info]
268 | unix = 1457917635
269 | tz   = CET (+0100)
270 | date = 2016-03-14
271 | time = 02:07:15
272 | host = macbook.local
273 | user = root
274 | 
275 | [file]
276 | file_path  = /var/mysqldump-secure
277 | file_name  = 2016-03-14_02-07__mysql.sql
278 | file_size  = 482878 Bytes (0.46 MB)
279 | file_mtime = 1457917635 (2016-03-14 02:07:15 CET [+0100])
280 | file_ctime = 1457917635 (2016-03-14 02:07:15 CET [+0100])
281 | file_md5   = f28959ab9488ae1f9e9a06b25c4b0b27
282 | file_sha   = 7ed5e78127686479f3ee6f65d3993634a93221d6497f9694b9d82b65edcdded6
283 | 
284 | [settings]
285 | encrypted  = 0
286 | compressed = 0
287 | mysqldump  = --opt --default-character-set=utf8 --events --triggers --routines --hex-blob --complete-insert --extended-insert --compress --lock-tables  --skip-quick
288 | 
289 | [compression]
290 | bin =
291 | arg =
292 | 
293 | [encryption]
294 | aes_arg =
295 | rsa_pem =
296 | 
297 | [connection]
298 | protocol  = 127.0.0.1 via TCP/IP
299 | secured   = SSL: Cipher in use is DHE-RSA-AES256-GCM-SHA384
300 | arguments = --defaults-file=/etc/mysqldump-secure.cnf --ssl-ca=/etc/mysql.ca.pem
301 | 
302 | [server]
303 | host    = macbook.local
304 | port    = 13306
305 | type    = master
306 | version = MariaDB 10.1.11-MariaDB-log Homebrew
307 | 
308 | [database]
309 | db_name = mysql
310 | db_size = 685890 Bytes (0.65 MB)
311 | tbl_cnt = 30
312 | 
313 | [tables]
314 | column_stats = MyISAM
315 | columns_priv = MyISAM
316 | # ...
317 | # all tables with their corresponding engine
318 | # output cutted to safe space
319 | ```
320 | 
321 | 
322 | ## 1.3 Setup Cronjob
323 | The script is intended to be run automatically via cron. If you set it up this way, I highly recommend to turn on logging in order to see any warnings or errors that might have occured. Once logging is enabled, the logfile is always protected by file permissions so no other user can see what you are backing up.
324 | 
325 | *Note for cronjobs*:
326 | 
327 | Redirect `stdout` to `/dev/null`, otherwise cron will generate an email if a program produces output stdout or stderr.
328 | All errors and warnings will be redirected to `stderr` automatically by the script, when running in cron mode (`--cron`) so you will receive an email only in case something goes wrong.
329 | ```script
330 | # .---------------- minute (0 - 59)
331 | # |  .------------- hour (0 - 23)
332 | # |  |  .---------- day of month (1 - 31)
333 | # |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
334 | # |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
335 | # |  |  |  |  |
336 | # *  *  *  *  * user-name  command to be executed
337 | 
338 | # Dump MySQL Databases at 03:15 every day
339 |   15 3  *  *  * /bin/sh /usr/local/sbin/mysqldump-secure --cron
340 | ```
341 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # [![MySQLDumpSecure](https://raw.githubusercontent.com/cytopia/icons/master/64x64/mds.png)](http://mysqldump-secure.org) mysqldump-secure
  2 | 
  3 | ----
  4 | **ATTENTION**
  5 | 
  6 | Please upgrade to the latest version in order to be notified about the [OpenSSL SMIME Bug](https://github.com/cytopia/mysqldump-secure/issues/21) in case you are affected.
  7 | 
  8 | 
  9 | ----
 10 | **GIT NOTE:**
 11 | 
 12 | WHEN CLONING VIA GIT, MAKE SURE TO ALWAYS CHECK OUT THE LATEST TAG.
 13 | THE `MASTER` BRANCH IS ALWAYS UNDER DEVELOPMENT AND THEREFORE UNSTABLE.
 14 | 
 15 | ----
 16 | 
 17 | [Features](https://github.com/cytopia/mysqldump-secure#1-features) |
 18 | [Installation](https://github.com/cytopia/mysqldump-secure#2-installation) |
 19 | [Configuration](https://github.com/cytopia/mysqldump-secure#3-configuration) |
 20 | [Usage](https://github.com/cytopia/mysqldump-secure#4-usage) |
 21 | [Documentation](https://github.com/cytopia/mysqldump-secure#5-documentation) |
 22 | [Contribution](https://github.com/cytopia/mysqldump-secure#6-contribution) |
 23 | [License](https://github.com/cytopia/mysqldump-secure#7-license) |
 24 | [Version](https://github.com/cytopia/mysqldump-secure#8-version)
 25 | 
 26 | [![Build Status](https://travis-ci.org/cytopia/mysqldump-secure.svg?branch=master)](https://travis-ci.org/cytopia/mysqldump-secure)
 27 | [![Latest Stable Version](https://poser.pugx.org/cytopia/mysqldump-secure/v/stable)](https://packagist.org/packages/cytopia/mysqldump-secure) [![Total Downloads](https://poser.pugx.org/cytopia/mysqldump-secure/downloads)](https://packagist.org/packages/cytopia/mysqldump-secure) [![Latest Unstable Version](https://poser.pugx.org/cytopia/mysqldump-secure/v/unstable)](https://packagist.org/packages/cytopia/mysqldump-secure) [![License](https://poser.pugx.org/cytopia/mysqldump-secure/license)](http://opensource.org/licenses/MIT)
 28 | [![POSIX](https://img.shields.io/badge/posix-100%25-brightgreen.svg)](https://en.wikipedia.org/?title=POSIX)
 29 | [![Type](https://img.shields.io/badge/type-%2Fbin%2Fsh-red.svg)](https://en.wikipedia.org/?title=Bourne_shell)
 30 | 
 31 | **[Mysqldump-secure](http://mysqldump-secure.org)** is a POSIX compliant wrapper script for `mysqldump` with many features and very strong security in mind.
 32 | It will backup every available database (which is readable by the specified user) as a separate file with the possibility to opt out via blacklisting. Dumped databases can optionally be piped directly to gzip or openssl in order to compress and/or encrypt the backup. Encryption is done before the file is written to disk to avoid possible race conditions (See documentation for more info about security measurements).
 33 | 
 34 | 
 35 | Find the project website at [https://mysqldump-secure.org](https://mysqldump-secure.org)
 36 | Find the whole post at [https://www.everythingcli.org](https://www.everythingcli.org/index.php/2015/06/13/secure-mysqldump-script-with-encryption-and-compression/)
 37 | 
 38 | ##### Runs on
 39 | [![FreeBSD](https://raw.githubusercontent.com/cytopia/icons/master/64x64/freebsd.png)](https://www.freebsd.org)
 40 | [![RedHat](https://raw.githubusercontent.com/cytopia/icons/master/64x64/redhat.png)](https://www.redhat.com)
 41 | [![CentOS](https://raw.githubusercontent.com/cytopia/icons/master/64x64/centos.png)](https://www.centos.org)
 42 | [![Debian](https://raw.githubusercontent.com/cytopia/icons/master/64x64/debian.png)](https://www.debian.org)
 43 | [![ArchLinux](https://raw.githubusercontent.com/cytopia/icons/master/64x64/archlinux.png)](https://www.archlinux.org)
 44 | [![Ubuntu](https://raw.githubusercontent.com/cytopia/icons/master/64x64/ubuntu.png)](https://www.ubuntu.com)
 45 | [![OSX](https://raw.githubusercontent.com/cytopia/icons/master/64x64/osx.png)](https://www.apple.com/osx)
 46 | 
 47 | <sub>(If the script runs on any other system not mentioned here, please drop me a note.)</sub>
 48 | 
 49 | ##### Rock-stable and well tested
 50 | 
 51 | Every push to `mysqldump-secure` triggers `travis-ci` which will run hundreds of all kinds of tests against the new code and stress the tool in every possible way with every possible config.
 52 | 
 53 | You can find the tests within the [test](test) folder including an automated setup to get a master-slave server with SSL encryption setup. Thoses tests can also be run locally.
 54 | 
 55 | See [https://travis-ci.org/cytopia/mysqldump-secure](https://travis-ci.org/cytopia/mysqldump-secure) for checks in action and [test](test) for a description about the tests.
 56 | 
 57 | 
 58 | ## 1. Features
 59 | 
 60 | ### Primary Features
 61 | 
 62 | * **Encryption** (hybrid encryption: `RSA` and `AES` via `openssl smime` - no password needed)
 63 | * **Compression** (`gzip`, `pigz`, `bzip2`, `pbzip2`, `lzop`, `lzma`, `xz`)
 64 | * **Tmpwatch** integration (`tmpwatch` or `tmpreaper`)
 65 | * **Transaction-safe** / **Consistent** backups across tables (for DBs with: `InnoDB only`-, `mixed`- and `non-InnoDB`- tables)
 66 | * **Conditional mysqldump options** (e.g.: apply `--quick` only on DBs > 200MB)
 67 | * **Security** (various built-in checks and precautions)
 68 | * **SSL Remote Backups**
 69 | * **Nagios** / **Icinga** monitoring integration (via [check_mysqldump-secure](https://github.com/cytopia/check_mysqldump-secure))
 70 | 
 71 | ### Secondary Features
 72 | 
 73 | * Custom mysqldump options
 74 | * Master/Slave recognition
 75 | * Blacklisting
 76 | * Whitelisting
 77 | * File logging
 78 | * Self validation
 79 | * Rock stable (see travis for hundreds of checks)
 80 | * 100% POSIX compliant
 81 | 
 82 | ## 2. Installation
 83 | 
 84 | ### 2.1 Linux, BSD and OSX
 85 | 
 86 | ```shell
 87 | wget https://github.com/cytopia/mysqldump-secure/archive/0.16.5.tar.gz -O - | tar -xz
 88 | cd mysqldump-secure
 89 | ./configure
 90 | make
 91 | sudo make install
 92 | ```
 93 | 
 94 | ### 2.2 OSX
 95 | ```shell
 96 | brew tap cytopia/tap
 97 | brew install mysqldump-secure
 98 | ```
 99 | 
100 | 
101 | For more detailed instructions go to the **[Install guidelines](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md)**
102 | 
103 | 
104 | ## 3. Configuration
105 | 
106 | There are two separate configuration files:
107 | 
108 | * [/etc/mysqldump-secure.cnf](etc/mysqldump-secure.cnf)
109 | * [/etc/mysqldump-secure.conf](etc/mysqldump-secure.conf)
110 | 
111 | The first one is to setup the MySQL credentials and the second one configures the behavior of how to backup the databases.
112 | 
113 | You do not need to worry about file permissions or directories. The script will auto-check the following options and adjust them as required:
114 | 
115 | * Logfile exists
116 | * Logfile is writeable
117 | * Auto creation of logfile
118 | * Logging turned off automatically
119 | * Destination dir exists
120 | * Destination dir is writeable
121 | * Auto creation of destination dir
122 | * Required system binaries exist
123 | * MySQL credentials are valid
124 | 
125 | 
126 | For more detailed instructions go to the [Setup guidelines](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md)
127 | 
128 | ## 4. Usage
129 | 
130 | ### 4.1 Usage
131 | ```shell
132 | Usage: mysqldump-secure [--conf] [--cron] [--test] [-v[v]]
133 |        mysqldump-secure --help
134 |        mysqldump-secure --version
135 | 
136 | When invoked without any arguments, it will start dumping databases as
137 | defined in mysqldump-secure.conf.
138 | 
139 |   --conf          Pass a different configuration file than the default one.
140 |                   E.g.: --conf=/etc/mysqldump-secure-alt.conf
141 | 
142 |   --cron          Use for cron run. It will only output errors and warnings
143 |                   and will silence all info, debug and trace output.
144 | 
145 |   --test          Test requirements and exit.
146 |                   Combine with -v or -vv for more verbose output.
147 | 
148 |   -v              Show debug output.
149 |                   Specify twice (-vv) to also show trace output.
150 |                   Can be combined with --conf  and --test
151 | 
152 |   -vv             Show debug and trace output.
153 |                   Can be combined with --conf  and --test
154 | 
155 |   --help          Show this help screen.
156 | 
157 |   --version       Show version information.
158 | 
159 | 
160 | Exit codes
161 | 
162 |   0               All fine, no fatals, no errors and no warnings occured.
163 |   1               Warnings occured, but all dumps were successfull.
164 |   2               Errors occured, but all dumps were successfull.
165 |   3               Failed. Mysqldump encountered errors.
166 |   4               Abort. The program aborted, due to missing requirements,
167 |                   wrong arguments or a misconfiguration.
168 | 
169 | Further reading
170 | 
171 | See 'man mysqldump-secure' for more help.
172 | Visist http://mysqldump-secure.org and browse documentation.
173 | ```
174 | 
175 | ### 4.2 Default
176 | 
177 | Test if everything is configured correctly:
178 | ```shell
179 | mysqldump-secure --test -vv
180 | ```
181 | 
182 | Manual run from commmand line:
183 | ```shell
184 | mysqldump-secure -v
185 | ```
186 | 
187 | Run from within cron
188 | ```shell
189 | mysqldump-secure --cron
190 | ```
191 | 
192 | ### 4.3 Custom config
193 | 
194 | It is possible to have multiple instances of `mysqldump-secure` on your machine via different config files. Imagine the case you want to have some sensitive dumps encrypted and others should be dumped in plain. You can achieve this by using two configuration files and the `IGNORE` blocks of each respective config to exclude the other ones.
195 | 
196 | 
197 | Test if everything is configured correctly in the specified config:
198 | ```shell
199 | mysqldump-secure --test --config=/etc/mysqldump-secure.encrypted.conf
200 | ```
201 | 
202 | Manual run from commmand line:
203 | ```shell
204 | mysqldump-secure --config=/etc/mysqldump-secure.encrypted.conf
205 | ```
206 | 
207 | Run from within cron
208 | ```shell
209 | mysqldump-secure --cron --config=/etc/mysqldump-secure.encrypted.conf
210 | ```
211 | 
212 | ### 4.4 Test run
213 | ```shell
214 | $ mysqldump-secure --test -v
215 | [INFO]  (OPT): Logging enabled
216 | [DEBUG] (OPT): Log level: 3
217 | [DEBUG] (OPT): Logfile: /var/log/mysqldump-secure.log
218 | [DEBUG] (CFG): Destination dir: /var/mysqldump-secure
219 | [DEBUG] (CFG): Using file Prefix: 2016-03-09_10-07__
220 | [INFO]  (OPT): MySQL SSL connection enabled
221 | [DEBUG] (OPT): MySQL SSL arguments: --ssl-ca=/etc/mysql.ca.pem.
222 | [INFO]  (OPT): Compression enabled
223 | [DEBUG] (OPT): Compression arguments: gzip -9 --stdout
224 | [INFO]  (OPT): Encryption enabled
225 | [DEBUG] (OPT): Encryption algorithm: -aes256
226 | [INFO]  (OPT): Deletion enabled
227 | [DEBUG] (OPT): Deleting files older than 2 days. Using: tmpwatch
228 | [INFO]  (OPT): Nagios log enabled
229 | [DEBUG] (OPT): Nagios logfile: /var/log/mysqldump-secure.nagios.log
230 | [DEBUG] (SRV): MySQL server connection: 127.0.0.1 via TCP/IP
231 | [DEBUG] (SRV): MySQL server connection: Using SSL (Cipher in use is DHE-RSA-AES256-GCM-SHA384)
232 | [DEBUG] (SRV): MySQL server version:    MariaDB 10.1.11-MariaDB-log Homebrew
233 | [DEBUG] (SRV): MySQL server hostname:   notebook.home.lan:3306
234 | [DEBUG] (SRV): MySQL server rep type:   master
235 | ```
236 | 
237 | ### 4.5 Example run
238 | ```shell
239 | $ mysqldump-secure -v
240 | [INFO]  (OPT): Logging enabled
241 | [DEBUG] (OPT): Log level: 3
242 | [DEBUG] (OPT): Logfile: /var/log/mysqldump-secure.log
243 | [DEBUG] (CFG): Destination dir: /var/mysqldump-secure
244 | [DEBUG] (CFG): Using file Prefix: 2016-03-09_10-13__
245 | [INFO]  (OPT): MySQL SSL connection enabled
246 | [DEBUG] (OPT): MySQL SSL arguments: --ssl-ca=/etc/mysql.ca.pem.
247 | [INFO]  (OPT): Compression enabled
248 | [DEBUG] (OPT): Compression arguments: gzip -9 --stdout
249 | [INFO]  (OPT): Encryption enabled
250 | [DEBUG] (OPT): Encryption algorithm: -aes256
251 | [INFO]  (OPT): Deletion enabled
252 | [DEBUG] (OPT): Deleting files older than 2 days. Using: tmpwatch
253 | [INFO]  (OPT): Nagios log enabled
254 | [DEBUG] (OPT): Nagios logfile: /var/log/mysqldump-secure.nagios.log
255 | [DEBUG] (SRV): MySQL server connection: 127.0.0.1 via TCP/IP
256 | [DEBUG] (SRV): MySQL server connection: Using SSL (Cipher in use is DHE-RSA-AES256-GCM-SHA384)
257 | [DEBUG] (SRV): MySQL server version:    MariaDB 10.1.11-MariaDB-log Homebrew
258 | [DEBUG] (SRV): MySQL server hostname:   notebook.home.lan:3306
259 | [DEBUG] (SRV): MySQL server rep type:   master
260 | [DEBUG] (SQL): Retrieving list of databases... 9
261 | [INFO]  (SQL): 1/9 Dumping:  db_InnoDB_and_MyISAM (19.90 MB) (compressed) (encrypted) (--lock-tables) (--skip-quick) 0 sec
262 | [INFO]  (SQL): 2/9 Dumping:  db_InnoDB_only (10.52 MB) (compressed) (encrypted) (--single-transaction) (--skip-quick) 1 sec
263 | [INFO]  (SQL): 3/9 Dumping:  db_MyISAM_only (9.38 MB) (compressed) (encrypted) (--lock-tables) (--skip-quick) 0 sec
264 | [INFO]  (SQL): 4/9 Skipping: information_schema (ignored)
265 | [INFO]  (SQL): 5/9 Skipping: my_empty_db1 (DB is empty)
266 | [INFO]  (SQL): 6/9 Skipping: my_empty_db2 (DB is empty)
267 | [INFO]  (SQL): 7/9 Dumping:  mysql (0.62 MB) (compressed) (encrypted) (--lock-tables) (--skip-quick) 0 sec
268 | [INFO]  (SQL): 8/9 Skipping: performance_schema (ignored)
269 | [INFO]  (SQL): 9/9 Skipping: test (DB is empty)
270 | [DEBUG] (RUN): Dumping finished (OK: 4 dbs, IGN: 5 dbs, ERR: 0, TOTAL: 9)
271 | [DEBUG] (RUN): Took 2 seconds
272 | [DEBUG] (RUN): Total size dumped: 40.42 MB
273 | [INFO]  (RUN): Deleting files older than 2 days ... 4
274 | [INFO]  removing file /var/mysqldump-secure/2016-03-07_01-52__db_InnoDB_and_MyISAM.sql.gz.enc
275 | [INFO]  removing file /var/mysqldump-secure/2016-03-07_01-52__db_InnoDB_only.sql.gz.enc
276 | [INFO]  removing file /var/mysqldump-secure/2016-03-07_01-52__db_MyISAM_only.sql.gz.enc
277 | [INFO]  removing file /var/mysqldump-secure/2016-03-07_01-52__mysql.sql.gz.enc
278 | [DEBUG] (RUN): Writing nagios logfile
279 | [OK]    Finished successfully
280 | ```
281 | 
282 | 
283 | ## 5. Documentation
284 | 
285 | | File | Description |
286 | |------|-------------|
287 | | [https://mysqldump-secure.org](https://mysqldump-secure.org) | Project homepage |
288 | | [https://www.everythingcli.org](https://www.everythingcli.org/secure-mysqldump-script-with-encryption-and-compression/) | Blog post: General thoughts and initial idea for this project. |
289 | | [Installation](https://github.com/cytopia/mysqldump-secure/blob/master/doc/INSTALL.md) | Different ways to install mysqldump-secure |
290 | | [Requirements](https://github.com/cytopia/mysqldump-secure/blob/master/doc/REQUIREMENTS.md) | What tools are required to run mysqldump-secure |
291 | | [Configuration](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SETUP.md) | How to configure mysqldump-secure |
292 | | [Security](https://github.com/cytopia/mysqldump-secure/blob/master/doc/SECURITY.md) | Information and usage about security measurements |
293 | | [Compression](https://github.com/cytopia/mysqldump-secure/blob/master/doc/COMPRESSION.md) | Information and usage about compression |
294 | | [Encryption](https://github.com/cytopia/mysqldump-secure/blob/master/doc/ENCRYPTION.md) | Information and usage about the used encryption |
295 | | [Examples](https://github.com/cytopia/mysqldump-secure/blob/master/doc/EXAMPLES.md) | Some command line examples such as mass importing databases back into the server |
296 | 
297 | 
298 | ## 6. Contribution
299 | Contributors are welcome.
300 | 
301 | If the script runs on an operating system productively, which is currently not yet included at the top of this document, please let me know, so I can add it for reference.
302 | 
303 | If you use the script, star it or let me know somehow.
304 | 
305 | If you like have a look at the [Contributing Guidelines](CONTRIBUTING.md) and see if there is anything you would like to take care of.
306 | 
307 | 
308 | ## 7. License
309 | [![license](https://poser.pugx.org/cytopia/mysqldump-secure/license)](http://opensource.org/licenses/mit)
310 | 
311 | ## 8. Version
312 | For a complete list of verion see [CHANGELOG](CHANGELOG.md)
313 | 


--------------------------------------------------------------------------------