Backing Up and Archiving

What Do You Need to Back Up?

This is a very hard question to answer and depends highly on your needs and requirements. On a typical Linux system, you will find the operating system, its configuration and log files, any special applications that you install, their licenses and configuration, and users personal data. Of course, this is a very simplistic view; you probably have a lot more information and data that is specific for your needs. But, based on this list and your specific requirements, you need to ask yourself just one question: What resources do I need to get the system up and running quickly in case of a disaster of some sort ?

Most likely, your answer may have included the operating system, configuration files, and all of the specially installed applications and their related resources. However, if you have not updated the original operating system with patches and other updates to core applications, you don t need to back it up; you can possibly install it from the original distribution and restore the system configuration from saved backups. On the other hand, if you have made a lot of changes to the original system, you will save a lot of time and unnecessary headache by simply backing up the entire operating system, including all of the configurations.

Your specially installed applications are a completely different matter, altogether. Because these applications and their related data are either critical for your business or your everyday needs, you definitely should back them up. Why go through the hassle of installing all of these applications and their patches from the original medium when you can simply restore them from backups quickly and easily?

In addition, you should also consider the speed with which you can recover these resources when needed. For example, if you have access to a high-speed network attached storage (NAS) server with an extremely large storage capacity, you might consider even backing up critical resources that you can install from their original distribution. This will allow you to restore everything in one fell swoop very quickly without the hassle of dealing with different media.

And, finally, other resources such as users personal data and server log files are important, but are not critical for the running of the system. Sure, it is very useful to know who accessed your Web server at what time ”which you can see from the Apache Web server log file ”but if you lose a few days worth of data, it will not significantly hurt you. Having said that, however, these resources should be archived on a periodic basis; see the next section on archiving for more information. Your users will not be too thrilled if they lose all of their files.

What Medium Should You Use for Storing Backup Files?

We have talked about what you need to back up, but what medium do you use to actually store these resources? Various types of media are available for backing up data, everything from floppy disks and magnetic tapes to CD-ROM, DVD, and hard disks, as well as network storage. The following table illustrates some of the advantages and disadvantages of each type of media.

You need to assess the cost and benefits of what medium to choose based on the answers to the following three questions:

• How long will you be storing the backups?

• How frequently do you envision accessing the backups and restoring data?

• What are you willing to pay for the medium and its associated writing device?

You should typically lean toward optical media, such as CD-ROM or DVD, if you are intent on storing backups for a long period of time. On the other hand, all magnetic media are sensitive to environmental factors, including heat and electromagnetic fields, and typically have a much shorter shelf life than optical media. Optical media also tend to be much less expensive than all other media, costing only pennies for nearly 700MB of storage capacity.

However, hard disks and dedicated network storage servers are ideal for recovering data quickly from saved backups. You should stay away from storing backups in an internal hard disk that is physically located in the same machine as the operating system, as you run the risk of the same problem wiping out the system and the backup. A better solution might include setting up a standalone disk array, formatted as VFAT or NTFS, that can be used by all Linux machines in your network to store backups using SAMBA (see Chapter 9 for more information). In addition, by formatting this disk array as VFAT or NTFS, you can access the same disk array with most versions of the Windows operating system, as well. Needless to say, while hard disks and network storage servers provide great performance, they are also much more expensive than all other media.

How Do You Create a Backup?

Now that you have an idea of what backups are, what types of resources you should back up, and where you should back them up to, it is time to look at some examples. In this section, you learn more about tar , especially how to create an archive and restore from an existing archive.

   # tar -cWPhf etc-200403101335.tar /etc   

   # cd /     # tar cvWhf etc-200403101339.tar /etc    tar: Removing leading `/' from member names  etc/ etc/sysconfig/ etc/sysconfig/network-scripts/ etc/sysconfig/network-scripts/ifup-aliases ... Verify etc/shadow Verify etc/gshadow Verify etc/lilo.conf.anaconda Verify etc/fstab.REVOKE 

   $ tar zvf etc-200403101339.tar   etc/ etc/sysconfig/ etc/sysconfig/network-scripts/ etc/sysconfig/network-scripts/ifup-aliases ... 

   $ tar -tvf etc-200403101339.tar   

   $ tar -f etc-200403101339.tar -vx etc/shadow   

   # cd /     # tar -f etc-200403101339.tar -vx etc/shadow   

   $ tar -f etc-200403101339.tar -vxk etc/shadow   

   # tar -cvPhzf mysystem-200403121800.tar.gz /etc /usr/local /home   

   $ tar -zxvf mysystem-200403121800.tar.gz   

Saving a Backup to CD-ROM

Over the last several years , there has been a great explosion in the number of CD writers installed in personal computers, as prices have been severely reduced across the board. This is terrific for us, as we can use a CD writer to back up our data and resources to a CD-ROM, providing us with an inexpensive and stable backup solution.

   # find /lib/modules/`uname r` -name 'ide-cd.ko' print   /lib/modules/2.6.1-1.65/kernel/drivers/ide/ide-cd.ko 

   # mkisofs o mysystem-200403121800.iso \     V MySystem-2004-03-10-1800 \     J R -v mysystem-200403121800.tar.gz   INFO:   UTF-8 character encoding detected by locale settings.         Assuming UTF-8 encoded filenames on source filesystem,         Use -input-charset to override.        mkisofs 2.01a27 (i686-pc-linux-gnu) Writing:   Initial Padbock                         Start Block 0 Done with: Initial Padbock                         Block(s)    16 ... Total translation table size: 0 Total rockridge attributes bytes: 269 Total directory bytes: 0 Path table size(bytes): 10 Done with: The File(s)                             Block(s)    11909 Writing:   Ending Padblock                         Start Block 11940 Done with: Ending Padblock                         Block(s)    28 Max brk space used 6024 11968 extents written (23 MB) 

   # rpm -hvi /mnt/cdrom/Fedora/RPMS/mkisofs-2.01-0.a27.3.i386.rpm     # rpm -hvi /mnt/cdrom/Fedora/RPMS/cdrecord-2.01-0.a27.3.i386.rpm   

   # mount -t iso9660 mysystem-200403121800.iso /mnt/cdrom -o loop     $ ls ls /mnt/cdrom   total 1245 1245 rw-r--r--    1 root     root      1274545 Mar 12 18:01 mysystem- 200403121800.tar.gz 

   # umount /mnt/cdrom   

   # cdrecord dev=ATAPI scanbus   Cdrecord-Clone 2.01a27-dvd (i686-pc-linux-gnu) Copyright (C) 1995-2004 Jrg Schilling Note: This version is an unofficial (modified) version with DVD support Note: and therefore may have bugs that are not present in the original. ... Using libscg version 'schily-0.8'. scsibus0:         0,0,0     0) 'LG      ' 'CD-RW CED-8080B ' '1.07' Removable CD-ROM         0,1,0     1) *         0,2,0     2) *         0,3,0     3) *         0,4,0     4) *         0,5,0     5) *         0,6,0     6) *         0,7,0     7) *   # cdrecord -v -eject -speed=8 dev=ATAPI:0,0,0 mysystem-200403121800.iso   

   # mount /dev/cdrom /mnt/cdrom     $ tar zxvf /mnt/cdrom/mysystem-200403121800.tar.gz   

   $ tar -zf /mnt/cdrom/mysystem-200403121800.tar.gz -vx /etc/shadow   

Frequency of Backups

Having considered how to archive, you now need to think about how often you need to perform backups. The frequency with which a certain resource should be backed up depends on several issues, namely the following:

• How often does the resource change making the old backup outdated ?

• How much data can you afford to lose?

For example, financial institutions cannot afford to lose any data, so transaction data must be backed up as the transactions occur, for replay later if necessary. Unfortunately, this can be expensive, and in many other situations, it is possible and optimal to back up daily or weekly. Fortunately, frequent backups don t necessarily have to consume a lot of space because most backup applications support incremental backups . An incremental backup is different than a full or complete backup, in that it archives only those files that have been added or changed since the last full backup.

Finally, how do you create incremental tar archives that contain files that have only been added or modified since a specific date? Luckily, the newer versions of tar have an -N switch, which allows you to do this:

   # tar -cvWPhf etc-200403121830.tar /etc -N 01/01/04   

This will archive files that have been added or modified after January 1, 2004. As you can see from all of these examples, tar is a very flexible and powerful archival tool, but one that is not designed to archive arbitrary files located in various directories throughout the system. For that purpose, you use the cpio application, which is briefly explained toward the end of this section.

But now, we will look at the process of archiving resources and information ”a process that has an entirely different purpose than backups.

What Sort of Things Do You Need to Archive?

1. We have briefly mentioned a list of possible resources that are prime candidates for archiving, namely old or outdated log files, configuration files, source code for special applications, and personal data. This list is just the tip of the iceberg; as you look around, you will find other files that can safely be archived as well.

How do you determine what to archive? Unfortunately, there is no single answer that will cover every possible scenario and environment. But, here are a few examples that illustrate some of the resources you should or should not archive. For example, corporate entities may be required by law to archive financial, legal, or medical records for a particular period of time; a copy of the corporate financial accounts can be archived at a particular date to read-only media. On the other hand, you may not want to archive source code to applications that you can easily download from online repositories, such as Perl or Python (see Chapter 12 for more information on managing your system with Perl).

However, a reasonably efficient overall technique is to use the find command to determine all files that have not been modified in more than six months and archive them, deleting them from the system in the process, if necessary. If you use this automated technique, along with a manual list of special files, you will be assured of archiving a broad range of data and resources.

What Medium Should You Use for Archiving?

Because backup and archival are similar and related processes, you can use much the same criteria used for assessing media for backups and apply them to archiving, as well; namely, the following:

• The length of time you need to store the archive

• The frequency with which you are likely to access the archive

• Whether to create a permanent archive or a temporary one

• The price you are willing to pay for the media

You should especially consider the first and last points in the preceding list. Because archives are typically stored for a longer period of time than up-to-date backups, you can have a number of archives on your hands at any given time. So cost is a very important factor. Optical media, such as CD-ROM and DVD, are ideal for the archiving process because they fit both of these criteria very well. However, you should feel free to look through the table of media in the backup section and decide for yourself what media best fits your needs and requirements.

How Do You Archive a Resource?

You can use tar in much the same manner as before; the main difference is that you will be using it to archive data as opposed to backing it up.

Here is a slightly more advanced example that uses the find command in conjunction with the xargs command to pass a list of files that have not been accessed in six months or more from the user s home directories to tar for archival:

   # find /home -atime +180 -print  \     xargs tar cvPhz f home-180-200403101335.tar.gz   

The find command finds all files in /home that have not been accessed in 180 days or more, using the “atime switch. Those filenames are then passed to the xargs command via a pipe; notice the vertical (bar) character. The xargs command d invokes tar , with our standard set of switches, passing these file names as arguments. See Chapter 13 for more examples that illustrate find and xargs in action.

It s worth taking a little time to learn to use the find command well. With mastery of the find command s options, you can develop a very powerful and effective backup and archival strategy; see the manual page for find for more information on the various options.

cpio

Early versions of tar had their share of limitations. For example:

• They could not create archives that spanned multiple (tape) volumes .

• They could not handle all types of files.

• They could not compress the archives on the fly.

• They could not handle bad areas on a tape.

Over time, tar has improved greatly, and these issues are no longer relevant. However, the limitations of early versions of tar were also the motivation behind the development of the cpio archiving tool. At this point in time, there are few differences in functionality between tar and cpio , except for the syntax, so you should use the one that you prefer.

   # find /etc -print  cpio -vo > etc-200403101335.cpio   cpio: /etc: truncating inode number /etc cpio: /etc/sysconfig: truncating inode number /etc/sysconfig cpio: /etc/sysconfig/network-scripts: truncating inode number /etc/sysconfig/network-scripts cpio: /etc/sysconfig/network-scripts/ifup-aliases: truncating inode number /etc/sysconfig/network-scripts/ifup-aliases ... 

   # find /home -name '*.p[lm]' -print  cpio -vo > perl-200403151335.cpio   cpio: /home/dwilliams/lib/CGI/Lite.pm: truncating inode number /home/dwilliams/lib/CGI/Lite.pm /home/gundavaram/bin/ckmail.pl cpio: /home/mellett/lib/Tie/Handle.pm: truncating inode number /home/mellett/lib/Tie/Handle.pm ... 

Restoring from a cpio Archive

You ve learned how to create cpio archives, but not yet how to restore them. In fact, it is a rather easy process. Here s an example that restores data from a cpio file:

   # cpio -vi < perl-200403151335.cpio   cpio: /home/dwilliams/lib/CGI/Lite.pm not created:  newer or same age version exists  cpio: /home/gundavaram/bin/ckmail.pl not created: newer or same age version exists cpio: /home/mellett/lib/Tie/Handle.pm not created: newer or same age version exists 11 blocks 

As you can see, by default cpio does not create the files if the destination file is newer than the archived file or has not been modified. If the existing file is older than the archived file, cpio overwrites that file with the archived version. You can change this behavior with the --unconditional switch:

   # cpio -vi --unconditional < perl-200403151335.cpio   

Or better yet, if you want to simply restore the archive to another location, use the following syntax:

   # cpio -vi -d --no-absolute-filenames --unconditional --force-local < perl-200403151335.cpio   

What if you don t want to extract all of the files, but only a single file? First, you can use the --list option to get a list of all the files in the archive:

   # cpio -vi --list < perl-200403151335.cpio   -rw-rw-r--   1 dwillia  eng     0 Mar 14 03:07 /home/dwilliams/lib/CGI/Lite.pm -rwx------   1 gundava  eng  5112 Mar 12 03:35 /home/gundavaram/bin/ckmail.pl -rw-rw-r--   1 mellett  eng     0 Mar 14 03:07 /home/mellett/lib/Tie/Handle.pm 11 blocks 

Then, use the -E switch to extract a specific file:

   # cpio -vi -E /home/gundavaram/bin/ckmail.pl < perl-200403151335.cpio   

We hope this brief introduction to cpio has provided you with a chance to learn more about this powerful archival solution. In summary, both tar and cpio have similar functionality, although the manner in which you specify the files to archive is different. The final backup application to be discussed in this chapter is dump , which is quite different than either tar or cpio .

Creating a dump Archive

Let s look at an example:

   # dump -0 /dev/hda2 -u -f /data/backup/hda2-200403101430-0.dmp   DUMP: Date of this level 0 dump: Wed Mar 10 14:30:00 2004 DUMP: Dumping /dev/hda2 (/home) to /data/backup/hda2-200403101430-0.dmp DUMP: Added inode 8 to exclude list (journal inode) DUMP: Added inode 7 to exclude list (resize inode) DUMP: Label: /home DUMP: mapping (Pass I) [regular files] DUMP: mapping (Pass II) [directories] DUMP: estimated 40720 tape blocks. DUMP: Volume 1 started with block 1 at: Wed Mar 10 14:30:03 2004 DUMP: dumping (Pass III) [directories] DUMP: dumping (Pass IV) [regular files] DUMP: Closing /data/backup/hda2-200403101430-0.dmp DUMP: Volume 1 completed at: Wed Mar 10 14:30:36 2004 DUMP: Volume 1 43190 tape blocks (42.18MB) DUMP: Volume 1 took 0:00:30 DUMP: Volume 1 transfer rate: 1439 kB/s DUMP: 43190 tape blocks (42.18MB) on 1 volume(s) DUMP: finished in 30 seconds, throughput 1439 kBytes/sec DUMP: Date of this level 0 dump: Wed Mar 10 14:30:00 2004 DUMP: Date this dump completed:  Wed Mar 10 14:30:36 2004 DUMP: Average transfer rate: 1439 kB/s DUMP: DUMP IS DONE 

This performs a level 0 backup of the /dev/hda2 partition to the specified file. The -u option is very important because it asks dump to update the /etc/dumpdates file. It s important to remember to label your backups properly, whether you are archiving your data onto hard disk or onto other media. This allows you to find your backups quickly if disaster ever strikes.

   # dump -0 /dev/hda2 -u -z9 -f /data/backup/hda2-200403111430-0.dmp   DUMP: Date of this level 0 dump: Thu Mar 11 14:30:00 2004 DUMP: Dumping /dev/hda2 (/home) to /data/backup/hda2-200403111430-0.dmp DUMP: Added inode 8 to exclude list (journal inode) DUMP: Added inode 7 to exclude list (resize inode) DUMP: Compressing output at compression level 9 (zlib) ... DUMP: Wrote 44940kB uncompressed, 29710kB compressed, 1.513:1 DUMP: DUMP IS DONE 

   # dump -9 /dev/hda2 -u -z9 -f /data/backup/hda2-200403121430-9.dmp   DUMP: Date of this level 9 dump: Fri Mar 12 14:30:00 2004 DUMP: Date of last level 0 dump: Thu Mar 11 14:30:00 2004 DUMP: Dumping /dev/hda2 (/home) to /data/backup/hda2-200403121430-9.dmp ... 

Restoring from a dump Archive

You can decide to do a partial restore, selecting a set of specific files, or a full restore. To do a full restore, however, you need to create and mount the target filesystem, like so:

   # mke2fs /dev/hda2     # mount /dev/hda2 /home     # cd /home# restore -rvf /data/backup/hda2-200403101430-0.dmp   Verify tape and initialize maps Input is from file/pipe Input block size is 32 Dump   date: Wed Mar 10 14:30:00 2004 Dumped from: the epoch Level 0 dump of /home on localhost.localdomain:/dev/hda2 Label: /home Begin level 0 restore Initialize symbol table. Extract directories from tape Calculate extraction list. Make node ./lost+found Make node ./dwilliams Make node ./dwilliams/.gnome2 Make node ./dwilliams/.gnome2/accels Make node ./dwilliams/.gnome2/share ... 

This restores the dumped archive. The -r asks restore to rebuild the filesystem, the -v switch turns on verbose messages, and the -f option specifies the dump file. In turn, you could restore the incremental backups in much the same manner. You need to make sure that you restore the dumps in the order they were created, starting with the lowest -level dump, typically level 0.