Slashdot Mirror

← Back to Stories (view on slashdot.org)

NetBSD - Live Network Backup

Posted by Zonk on from the de-backup-mouse dept.

dvl writes "It is possible but inconvenient to manually clone a hard disk drive remotely, using dd and netcat. der Mouse, a Montreal-based NetBSD developer, has developed tools that allow for automated, remote partition-level cloning to occur automatically on an opportunistic basis. A high-level description of the system has been posted at KernelTrap. This facility can be used to maintain complete duplicates of remote client laptop drives to a server system. This network mirroring facility will be presented at BSDCAN 2005 in Ottawa, ON on May 13-15."

156 comments

  1. Rsync by Anonymous Coward · · Score: 0

    Why not just use rsync and ssh ?

    1. Re:Rsync by Anonymous Coward · · Score: 0

      Why not just use rsync and ssh ?

      FTA: partition-level cloning

  2. Mac OS X by ytsejam-ppc · · Score: 1, Interesting

    I'm not up on my xBSD's, so can someone explain how hard this would be to port to the Mac? This would be perfect for cloning my son's Mac Mini.

    1. Re:Mac OS X by Anonymous Coward · · Score: 3, Informative

      If you want something for OSX
      I'd suggest either
      CCC (Carbon Copy Cloner)
      ASR (Apple System Restore)
      Rsync
      Radmind

      Have fun on version tracker....

    2. Re:Mac OS X by tyrotyro · · Score: 1

      You can also try SuperDuper from Shirt-Pocket - http://www.shirt-pocket.com/SuperDuper/SuperDuperD escription.html.
      The cloning part of the program is free.

      --
      Here's a guy who enjoys his job: The UPS Man
  3. use rsync by dtfinch · · Score: 1, Informative

    It's much less network and hardware intensitive and with the right parameters, will keep past revisions of every changed file. Your hard disks will live longer.

    1. Re:use rsync by FreeLinux · · Score: 4, Informative

      This is a block level operation, whereas rsync is file level. With this system you can restore the disk image including partitions. Restoring from rsync would require you to create the partition, format the partition and the restore the files. Also, if you need the MBR...

      As the article says, this is drive imaging whereas rsync is file copying.

    2. Re:use rsync by x8 · · Score: 2, Insightful

      What's the fastest way to get a server running again after a disk crash? With rsync, if I backup /home and /etc, I still have to install and configure the OS and other software. That could take a significant amount of time (possibly days). Not to mention the time spent answering the phone (is the server down? when will it be back up?)

      But if I have a drive image, I could just put it on a spare server and be back up and running almost immediately. That would require an identical spare server though.

      What do the big enterprises who can't afford downtime do to handle this?

    3. Re:use rsync by dtfinch · · Score: 2, Informative

      Just make sure the backup server is properly configured (or very nearly so) I guess.

      Our nightly rsync backups have saved us many times from user mistakes (oops, I deleted this 3 months ago and I need it now), but we haven't had a chance to test our backup server in the event of losing one of our main servers. We figure we could have it up and running in a couple hours or less, since it's configured very closely to our other servers, be we won't know until we need it.

    4. Re:use rsync by Skapare · · Score: 3, Insightful

      In most cases, file backups are better. Imaging a drive that is currently mounted writable and actively updated can produce a corrupt image on the backup. This is worse that what can happen when a machine is powered off and restarted. Because the sectors are read from the partition over a span of time, things can be extremely inconsistent. Drive imaging is safest only when the partition being copied is unmounted.

      The way I make backups is to run duplicate servers. Then I let rsync keep the data files in sync on the backups. If the primary machine has any problems, the secondary can take over. There are other things that need to be done for this, like separate IP addresses for administrative access, and the network services being provided (so that the service addresses can be moved between machines as needed while the administrator can still SSH in to each one individually).

      --
      now we need to go OSS in diesel cars
    5. Re:use rsync by dougmc · · Score: 1
      Restoring from rsync would require you to create the partition, format the partition and the restore the files.
      Sure, but that's not difficult. Systemimager for Linux keeps images of disks of remote systems via rsync, and has scripts that take care of partition tables and such.

      Yes, it's written for Linux, but it wouldn't be difficult to update it to work with NetBSD or any other OS. The reason it's Linux specific is that it makes some efforts to customize the image to match the destination machines.

      Also, if you need the MBR...
      It's not like you can't just handle the MBR seperately. It's not difficult.

      As the article says, this is drive imaging whereas rsync is file copying.
      Whatever you want to call it. In any event, file `copying' is more flexible than merely keeping dd'd images of disks -- you can update systems on the fly (without even rebooting), you can use normal *nix commands on the contents of the images themselves, you can do incremental backups on the images themselves (and only get the changes) and the list goes on.

      The big advantage to making images with dd or a similar tool and using that is that 1) it can deal with raw partition formats, where you can't just mount them -- I guess this would be useful for a Tivo, or maybe for an Oracle database (but in that case, you'd be better off using the Oracle backup utilities) or 2) If you had an application that required that files not move around on the disk (pretty much unheard of in *nix, but somewhat common as a copy protection on Windows) dd'ing images would be better.

      Overall, I'd think that rsync would be a lot better, and while Systemimager isn't perfect, it's architecture is pretty sound and I'd start there.

    6. Re:use rsync by spun · · Score: 2, Interesting

      From the article, it sounds like they are using a custom kernel module to intercept all output to the drive. This would keep things from getting corrupted, yes?

      --
      - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
    7. Re:use rsync by Anonymous Coward · · Score: 0

      Or dd and netcat.

    8. Re:use rsync by Anonymous Coward · · Score: 0

      Absolutely test it and find out.

      Trust me, the last opportunity you want to have to test it is when you need it work flawlessly.

      Untested backups are worse than no backups at all!

    9. Re:use rsync by rainman_bc · · Score: 1

      I recall the last place I was a developer at, we tested our IT department like that a few times haha.... We'd "simulate" a hardware failure. Usually by pulilng the power, but sometimes we'd get a little more scientific with it... Or we'd simulate a database crash and ask for a backup from our IT department.

      We were developers plagued with an IT department that wanted to take control of the application and add red tape to our deployment cycle. While we understood there was a place for it, we worked for a company bleeding red ink, and making it harder to adapt to site changes quickly added unnecessary costs to a cash-strapped org. We believed it to be a typical IT practice: bitch and moan to get control over the servers, and then bitch and moan when there's a lack of resources.

      FWIW, I now work in a company that has an IT department blocking developer access. We need it here and it makes sense, but the response time is way slower than if I could do things myself. But we are profitable and I don't care. Much different situation than my last employer.

      Anyway, we handed over control of the backups, and made four restore from backup requests to IT. Three were duds. So IT couldn't handle backing up a SQL server succesfully. A backup is useless if you cannot restore from it. IT should have done a restore from backup to validate them, and they failed to do so.

      Then, with our "simulated" hardware crashes, IT was unable to get the sites up and running without our help. We had to walk them through all the steps to restore it, even though it was documented. Their excuse? It was IIS instead of Apache, and IIS is a piece of shit, so no one wanted to bother learning it because it was a piece of shit.

      Validating a disaster recovery plan before you implement it is crucial. Sooner or later you'll have to do it...

      --
      09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
    10. Re:use rsync by Kent+Recal · · Score: 1

      It was IIS instead of Apache, and IIS is a piece of shit, so no one wanted to bother learning it because it was a piece of shit.

      Your IT dept. probably has more of a clue than you do.

    11. Re:use rsync by rainman_bc · · Score: 1

      I never made the choice for IIS, but I didn't use that as an excuse not to know how to administer it, and neither should they.

      Besides, there's many larger companies who use IIS than those guys...

      --
      09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
    12. Re:use rsync by killjoe · · Score: 1

      How is rsync on windows? Especially on giant files like 30 to 50 gigs.

      Anybody have any experience with that?

      --
      evil is as evil does
    13. Re:use rsync by drsmithy · · Score: 1
      What do the big enterprises who can't afford downtime do to handle this?

      They have hot standby servers and/or clusters (so that individual server downtime becomes irrelevant), automated installation procedures (so that reinstalling machines takes maybe a couple of hours at the most) and centralised configuration management tools (so that restoring the new machine to the same state as the old one is simply a matter kicking off the config management tool and letting it reconfigure the machine appropriately).

    14. Re:use rsync by Skapare · · Score: 1

      I think you're talking about distributing a built system to multiple machines in a file farm. At least that's what Brian built SystemImager for, originally, to mass install a system image to a server farm. As long as the source image is in a stable state, that's fine. But if you are making backups of machines, backing up their actively mounted and working partition by the disk image is the bad idea, regardless of the tool. I used to do that once after I built a system just so I have an image of the whole drive to get it back to a bootable state real fast. But in practice I found I never needed to do that because I could always get a system to boot, even if by a CD (I made my own custom rescue CDs), and then have net access to restore the individual files by rsync.

      --
      now we need to go OSS in diesel cars
  4. Pros and Cons by teiresias · · Score: 4, Insightful

    This would be an extremely sensitive server system. With everyones harddrive image just waiting to be blasted to a blank harddrive, the potential for misdeeds is staggering. Even in an offical capacity, I really feel uneasy if my boss was able to take a copy of my harddrive image and see what I've been working on. Admittely, yes it should all be work but here we are allowed a certain amount of freedom with our laptops and I wouldn't want to have that data at my bosses fingertips.

    On the flipside, this would be a boon to company network admins especially with employees at remote sites who have a hard crash.

    Another reason to build a high speed backbone. Getting my 80GB harddrive image from Seattle, while I'm in Norfolk would be a lot of downtime.

    --
    -Teiresias
    1. Re:Pros and Cons by Anonymous Coward · · Score: 0

      I really feel uneasy if my boss was able to take a copy of my harddrive image and see what I've been working on

      your fault for not encrypting.

      if you have the right tools it's easy to keep all your important things encrypted so when you get up that smartcard,USB dongle,iButton with the encryption keys goes with you, they can image it all they want. it's wirthless random letters and numbers until they get the keys from you.

      It's easy to do under windows and even easier under linux or bsd.

      The only thing holding you back is laziness.

    2. Re:Pros and Cons by pintpusher · · Score: 1

      The duplication is done right away the modification occured in the main disk.
      (from the comments below article)

      Another reason to build a high speed backbone. Getting my 80GB harddrive image from Seattle, while I'm in Norfolk would be a lot of downtime. (parent)

      Seems that this thing will sync up everytime you call home. So when you're on the road downloading that just updated massive PPT presentation for your conference.... you'll be downloading one copy from the server while the server is desperately trying update its image of your disk back the other way. Lets just arbitrarily double our bandwidth requirements!

      --
      man, I feel like mold.
    3. Re:Pros and Cons by xxavierg · · Score: 1

      Even in an offical capacity, I really feel uneasy if my boss was able to take a copy of my harddrive image and see what I've been working on.

      your boss has the right and the ability (at least at my company) to do that. plus, i leave my personal and secret stuff on my box at home, not at work, where it belongs. if i was a boss, i would want the ability to see what my employees are working on. that's why i pay them.

    4. Re:Pros and Cons by Anonymous Coward · · Score: 0

      that just means you are a typical PHB that is out of touch with reality.

    5. Re:Pros and Cons by nharmon · · Score: 1

      Off-topic. But do you pay your employees for thinking about work while not at work?

    6. Re:Pros and Cons by Matt+Clare · · Score: 1

      This isn't a magic wand your boss waves over your box. If s/he has access to your box s/he has access to your box - regardless of how perfect the copy of your stuff will be.

      --
      .\.\att Clare
    7. Re:Pros and Cons by Anonymous Coward · · Score: 0

      my point was i do not keep my personal budget and my emails to my wife on my computer at work because that is the property of my company, which is to be used for work purposes only. and anything on the computer is there property (e.g. code i am working on) sure, i surf the web and such, but if they tell me to stop or snoop on me, that is within there right.

    8. Re:Pros and Cons by Anonymous Coward · · Score: 0

      > Even in an offical capacity, I really feel uneasy > if my boss was able to take a copy of my harddrive
      > image and see what I've been working on.
      Where to begin...

      First, it's not YOUR harddrive image. It's the company's hardware to do with, as they please.

      Second, your boss has every right to understand what you're working on.

      Finally, if you really believe that they couldn't do that now, turn in your equipement and figure out how to run the fry machine.

    9. Re:Pros and Cons by CarpetShark · · Score: 1
      I really feel uneasy if my boss was able to take a copy of my harddrive image and see what I've been working on.
      I agree that such things are a valid concern, but this technology isn't meant to solve such problems. That's what block-level encryption is for. I presume you can do that on NetBSD, as well as encrypting your swap space to prevent any data on disk being unencrypted. Not that you'd want to backup your swap space, though ;)
    10. Re:Pros and Cons by Anonymous Coward · · Score: 0

      that is within there right

      "their".

    11. Re:Pros and Cons by Anonymous Coward · · Score: 0

      Rights are nebulous, at best. If my boss wanted to start snooping on my laptop, I'd let him (anything I have is encrypted) and then start looking for another job. Once I found one, I'd tell him why.

      I get paid to do a job. Am I doing that job? Yes? Then what the fuck does it matter what's on my laptop? If you're snooping on laptops, you're not doing your job as a manager.

  5. Perfect for those moments... by LegendOfLink · · Score: 3, Interesting

    ...when you get that idiot (and EVERY company has at least 1 of these guys) who calls you up asking if it's OK to defrag their hard-drive after downloading a virus or installing spyware. Then, when you tell them "NO", they just tell you that they did it anyways.

    Now we can just hit a button and restore everything, a few thousand miles away.

    The only thing left is to write code to block stupid people from reproducing.

    --
    IGB: More fun than eating oatmeal!
    1. Re:Perfect for those moments... by Andrewkov · · Score: 1

      Can defragging really cause the spread of a virus? I always assumed defraggers worked at the sector level.

    2. Re:Perfect for those moments... by LegendOfLink · · Score: 1

      The biggest problem usually is the virus and/or spyware will corrupt files. Inept Windows users for some reason think defragging a harddrive is the answer to every computer problem in the universe. They defrag, and next thing you know, you can't boot the machine up.

      Theoretically, a drive defrag should have no effect on how an operating system runs, only that it is re-sorting the physical drive to make file access faster. But for some reason, it messes things up.

      --
      IGB: More fun than eating oatmeal!
    3. Re:Perfect for those moments... by Anonymous Coward · · Score: 0

      I think the parents was saying this due to the fact that when you defrag a drive you can no longer recover lost data.

      Basically, the "sorting" that defragging does effectively destroys any data that is in the unused portions of a disk.

      So, when you defrag, anything the virus could have deleted, is gone forever.. not even the best recovery tools can get it.

    4. Re:Perfect for those moments... by SecurityGuy · · Score: 3, Funny
      The only thing left is to write code to block stupid people from reproducing.


      Unfortunately the user interface for the relevant hardware has a very intuitive point and shoot interface.

    5. Re:Perfect for those moments... by rob_squared · · Score: 0

      Just read bash. Give people crack, apparently it's an off button idiots.

      --
      I don't get it.
    6. Re:Perfect for those moments... by bcmm · · Score: 1
      not even the best recovery tools can get it
      There are forms of forensic data recovery which can sometimes work out the bit that was written before the current bit on a certain disk location. I've forgotten the details, but, it involves dismantling the drive and working on the platters with very expensive equipment.
      --
      # cat /dev/mem | strings | grep -i llama
      Damn, my RAM is full of llamas.
    7. Re:Perfect for those moments... by Anonymous Coward · · Score: 0

      that seems a little off-base to me, but I guess it's possible... I just have no clue how it would work.

      It would have to be VERY expensive equipment.

      If what you're saying is accurate, I'm impressed.

    8. Re:Perfect for those moments... by tacarat · · Score: 1

      Defragging won't spread a virus unless the virus attached itself to the defragger. I haven't heard of any viruses that do this. If the virus is the sort that will delete files, then defragging is the worst thing to do. After removing the virus, it's easiest to reclaim lost data with the correct tools when nothing new is written to disk. The files are still "there", but if the file is written over where it physically occupies drive space, then salvage becomes much harder, or even impossible, for most.

      --
      "Common sense will be the death of us all"
  6. DOS of the backup server by Anonymous Coward · · Score: 0

    ...512 byte blocks as a lowest common denominator unit of exchange between client and server. At each client to server connection, the application identifies and maps changes to disk block states. Changed blocks are then encrypted and sent to the server. This indicates that a user could open his or her laptop in an airport, establish a WiFi link to an open access point, and remotely update their laptop backup without effort, knowledge or even good intentions.

    What happens if you try to update while running heavy disk writes? Try to back up your swap?

    1. Re:DOS of the backup server by setagllib · · Score: 2, Insightful

      RTFA: It responds to heavy load by making a log (journal?) of the blocks that need backing up, and then does them when the load is lesser. If you do it on swap, then you're insane and deserve whatever you get :)

      This is a good idea, even if its niche is small, but I'm interested in how it handles the encryption. If it doesn't allow key re-generation on the fly, HMACs, certificates (or at least PSKs) and other things we expect from modern (SSH, IPSec/IKE, etc) systems then it's not going to be very useful. And unless I missed something it's going to be difficult to tunnel through a system that does do these things.

      Personally I use SSH to tunnel everything possible, especially from Windows where IPSec is a joke, and the thought of sending all of my disk writes over a security system that is any less secure is a worry. Just imagine the problems if a man in the middle (or just a sniffer) catches plaintext: they know what you're doing, they know the contents of what you're doing, and highly likely they know what to do to exploit what you're doing. It's a very good thing that system entropy under nix is stored in the kernel, not on disk :)

      --
      Sam ty sig.
  7. How long before this becomes a hack? by Bret+Tobey · · Score: 4, Insightful

    Assuming you can get around bandwidth monitoring, how long before this becomes incorporated into hacking tools. Add this to a little spyware and a zombie network and things get very interesting for poorly secured networks & computers.

    1. Re:How long before this becomes a hack? by Anonymous Coward · · Score: 0

      Because spyware and Zombies are such a problem with netBSD...

    2. Re:How long before this becomes a hack? by bedessen · · Score: 1

      This requires cooperation from the kernel. If you have enough privileges on the target machine to install a kernel module then the game is already over. Rootkits have been around for decades that do things just as invasive, such as monitor all network traffic passing through the box for passwords.

      If somebody has the ability to install this on a machine then the problem is not with this module, it's that the person somehow got root privileges. In that sense this is no more of a "hack" than ssh, rsync, netcat, ettercap, etc. since having root on a box makes it possible to do just about anything you want.

    3. Re:How long before this becomes a hack? by Bret+Tobey · · Score: 1

      You're right, root = compromised. Tools like this aren't good or bad by themselves, it's the user. I could see this tool being modified to scoop data on already compromised systems, kind of like a virtual "smash & grab." It will be interesting to see how this gets incorporated into other methods & kits, good or bad.

  8. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  9. Done this for years by OutOfMemory · · Score: 5, Funny

    I've been using der Mouse to copy files for years. First I user der Mouse to click on the file, then I use der Mouse to drag it to a new location!

    1. Re:Done this for years by mat+catastrophe · · Score: 1

      I've been using der Mouse to copy files for years. First I user der Mouse to click on the file, then I use der Mouse to drag it to a new location!

      Best. Comment. Ever. Wish I still had the mod points from yesterday.

      --
      sig not found
  10. Dump? by wirelessbuzzers · · Score: 1

    Doesn't NetBSD support dump -L the way FreeBSD does? This strikes me as a much more powerful and general solution than this custom tool...

    --
    I hereby place the above post in the public domain.
    1. Re:Dump? by Anonymous Coward · · Score: 0

      No it doesn't.

  11. Maybe setup is inconvenient. by hal2814 · · Score: 2, Informative

    Maybe setup is inconvenient. Remote backups using dd and ssh (our method) was a bit of a bear to initially setup, but thanks to shell scripting and cron and key agents, it hasn't given us any problems. I've seen a few guides with pretty straightforward and mostly universal instructions for this type of thing. That being said, I do hope this software will at least get people to start looking seriously at this type of backup since it lets you store a copy off-site.

  12. Synchronization and secure writes by Anonymous Coward · · Score: 0

    NFS will eventually bite you in the ass if successful writes are assumed by the client. Without digging through the code, can someone address WRT the article referenced 'stuff'.

  13. Re:Montreal? by Anonymous Coward · · Score: 0

    lived there?
    muahahahahahahahahahaha
    stop that's too much

  14. Re:Montreal? by Anonymous Coward · · Score: 0

    It's so cool, Rush is almost from there!

  15. How does this handle active filesystems? by G4from128k · · Score: 1

    If one tries to clone an FS that is active, can this cloning tool handle open/changin files (often the most important/recent-in-use files on the system)? I remember an odd bug in an Mac OS X cloning tool that would create massive/expanding copies of large files that were mid-download during a cloning.

    --
    Two wrongs don't make a right, but three lefts do.
  16. Automatic Backup for Paranoids? by Cinquero · · Score: 1

    Isn't there an automated network disk backup tool for paranoids like me?

    Well, I'm not really paranoid, but I had some cases where faulty file system drivers or bad RAM modules changed the content of some of my files and where I have then overwritten my backup with these bad files.

    Isn't there any automatic backup solution that avoids such a thing? What I have in mind: there should be several autonomous instances of backup servers (which may actually reside on desktop PCs linked via LAN) that control each other on a regular basis. They should also keep back old versions of files as far as disk space allows.

    Then, there should be a KDE tray applet showing me the state of the backup server network. It would indicate if servers haven't been cross-checked for some time or if CRC errors or general malfunction problems have occurred.

    Wouldn't that be nice? Never ever care again for your backups. It's all done in the background and in a total paranoid manner.

    1. Re:Automatic Backup for Paranoids? by Anonymous Coward · · Score: 0

      Of course there is, but only for MS Windows of course.

      You Linux guys can write your own - go and start a project.

    2. Re:Automatic Backup for Paranoids? by cloudmaster · · Score: 2, Interesting

      Use rsync and hardlinked snapshots. There are lots of examples out there. I rolled my own a while back, but if you want something relatively nicely polished and based on that idea, check out dirvish (I didn't find that until after I already had my system set up).

      I really like having several months worth of nightly snapshots, all conveniently accessible just like any other filesystem, and just taking up slightly more than the space of the changed files.

    3. Re:Automatic Backup for Paranoids? by Jonathan+C.+Patschke · · Score: 1

      Yes, there is, but it's expensive

      IBM Tivoli Storage Manager Just Works (after a rather complicated setup process), does its job in the background on whatever schedule you choose, does it without complaint, maintains excruciatingly detailed logs, maintains multiple back-revisions of files, works over a network, SAN, or shared-media, and talks to tape drives and optical drives and pools of cheap disk. If you want, backups can be mirrored across multiple TSM serves, and you can always fire up the (simple, ugly, but effective) GUI to check up on things, initiate immediate backups, or start restores.

      I don't think the "System Backup and Recovery" option is avaiable for PC Unix-alikes, but on AIX it lets you boot the system (across the network) to a known-good state and restore your backup deltas from there.

      It's difficult to impress me, and TSM impresses me. For most OSes, IBM even includes tape-device drivers that are specifically tuned to the tape device you're using (provided it's on the supported device list) and is much faster than the OS's built-in device driver (even on AIX) because it's optimized for the read/write/caching patterns that make sense for TSM.

      --
      Pining for the days when The Glorious MEEPT!!! graced SlapDash with his wisdom.
  17. Meh. You can use DRBD on Linux anyway. by Anonymous Coward · · Score: 1, Informative

    Wel, not a solution for BSD people (unless you're running a bsd under Xen and the toplevel linux kernel is doing the DRBD).

  18. What is the origin of "der" in "der Mouse" by benhocking · · Score: 2, Interesting

    I, too, immediately thought of German when I saw "der Mouse" (although in German it would be "die Maus", since Maus is feminine). Since they're located in Montreal, however, it seems unlikely that they'd be inclined to use German, and would be more likely to go for a French reference. So I ask, where does the "der" come from?

    --
    Ben Hocking
    Need a professional organizer?
    1. Re:What is the origin of "der" in "der Mouse" by Anonymovs+Coward · · Score: 1

      I don't know but I've always assumed it was a reference to "de Raadt".

    2. Re:What is the origin of "der" in "der Mouse" by Anonymous Coward · · Score: 0

      The Montreal Mirror (free weekly) had a write-up on der Mouse back in December 2004:
      http://www.montrealmirror.com/2004/121604/people.h tml

    3. Re:What is the origin of "der" in "der Mouse" by farrellj · · Score: 1

      Yes, I used to be in a Druid grove with de Mouse...Silver Fox Grove, ADF. He's a Cool Frood!

      ttyl
      Farrell

      --
      CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada h
  19. Right solution, wrong problem by RealProgrammer · · Score: 2, Interesting

    While this is cool, as I thought when I saw it on KernelTrap, disk mirroring is useful in situations where the hardware is less reliable than the transaction. If you have e.g., an application-level way to back out of a write (an "undo" feature), then disk mirroring is your huckleberry.

    Most (all) of my quick restore needs result from users deleting or overwriting files - the hardware is more reliable than the transaction. I do have on-disk backups of the most important stuff, but sometimes they surprise me.

    I'd like a system library that would modify the rename(2), truncate(2), unlink(2), and write(2) calls to move the deleted stuff to some private directory (/.Trash, /.Recycler, whatever). Obviously the underlying routine would have to do its own garhage collection, deleting trash files by some FIFO or largest-older-first algorithm.

    Just a thought.

    --
    sigs, as if you care.
    1. Re:Right solution, wrong problem by justins · · Score: 1
      disk mirroring is your huckleberry

      WTF?
      --
      Now before I get modded down, I be to remind whoever might read this that what I am saying is FACT. - bogaboga
    2. Re:Right solution, wrong problem by RealProgrammer · · Score: 1
      >>huckleberry
      >WTF?

      Right tool for the right job. See this.

      --
      sigs, as if you care.
    3. Re:Right solution, wrong problem by gordon_schumway · · Score: 5, Informative

      I'd like a system library that would modify the rename(2), truncate(2), unlink(2), and write(2) calls to move the deleted stuff to some private directory (/.Trash, /.Recycler, whatever). Obviously the underlying routine would have to do its own garhage collection, deleting trash files by some FIFO or largest-older-first algorithm.

      Done.

      --

      Ha! I kill me!

    4. Re:Right solution, wrong problem by quamaretto · · Score: 1
      I'd like a system library that would modify the rename(2), truncate(2), unlink(2), and write(2) calls to move the deleted stuff to some private directory (/.Trash, /.Recycler, whatever). Obviously the underlying routine would have to do its own garhage collection, deleting trash files by some FIFO or largest-older-first algorithm.

      Why modify the system calls? Keep the system calls simple and orthogonal, so the kernel codebase stays small(er). Write this functionality in userland, starting wherever you are most likely to use it; if that is in programming tasks, write wrappers to the C calls to do this. If it is at the prompt, write a shell script. (Or an alias...) If multiple places, write it in the way that keeps it the most centralized. IMHO, this should have been standard 30 years ago, but there's no reason not to do it now. :)

      As for the block-level mirroring matter, clearly if you need this sort of mirroring it should be done wherever block-level disk access is done. Still, I would object much less if the driver could live in userland. And I agree that my data-loss problems are minimally related to hard drive failure, and far less likely to fail than my home DSL connection.

      --
      *is run over by rotten tomatoes*
    5. Re:Right solution, wrong problem by JacobKreutzfeld · · Score: 1
      This seems very similar to Network Appliance's Filer "SnapMirror" product. It copies changed disk blocks across the net to another system, for disaster recover purposes mainly, but could also be used for read-only use (e.g., publishing). NetApp's license fees for this feature are huge, like $40K per side I think.

      I'd really like to use this for backup and disaster recovery. Couple it with FreeBSD's snapshot and you have a large part of the NetApp functionality.

    6. Re:Right solution, wrong problem by Wiwi+Jumbo · · Score: 1

      Thank you, I've never heard of that before...

      --
      Wiwi
      "I trust in my abilities,
      but I want more then they offer"
    7. Re:Right solution, wrong problem by walt-sjc · · Score: 1

      Why modify the system calls? ... Write this functionality in userland ... write wrappers to the C calls to do this (etc.)

      So, are you saying that the parent should modify every single binary on the system???? Including binaries that he may not have source to? Sounds pretty much unworkable. While I wouldn't propose that the parent poster actually implement such a system, the only reasonable place to do this IS at the system call level where it can be applied to everything.

      Personally, I think you are better off with a filesystem snapshot facility to handle the problem the parent is trying to solve.

    8. Re:Right solution, wrong problem by quamaretto · · Score: 1

      Here is the problem: Existing programs are written knowing that deleted programs dissappear immediately. Therefore, since programs may be writing temporary files to /tmp or elsewhere, or even have their own backup systems, a garbage system with limited space could end up playing housekeeper for thousands of unused or redundant files, and few of the legitimate ones.

      Yes, my solution only works for future use; but the system call solution breaks the expectancies of already written programs, and muddles the underlying straightforward filesystem and the expectations it creates.

      And I agree, either a file-system snapshot or a well-integrated SCCS would work better.

      --
      *is run over by rotten tomatoes*
  20. nothing new by Afroplex · · Score: 2, Interesting

    Novell Zenworks has had this capability for sometime in production environments. It also integrates with their management tools so it is easy to use on an entire network. To say this technology is newly discovered is a far cry from the truth. They also use Linux on the back end of the client to move the data to the server.

    It is nice though to have something like this in the open source world though. Competition is good.

    1. Re:nothing new by Anonymous Coward · · Score: 0

      You are right. Such products are available comerrically for a long time

      Another example is the Softek Replicator This too works at the block level and supports many Unix variants.

    2. Re:nothing new by Anonymous Coward · · Score: 0

      zenworks doesn't do this at all
      zfd has pretty good remote imaging from pxe/cd etc
      but that's from a dead machine, this is a live clone of a running system
      for fast, reliable multicasting of images to multiple machines
      nothing touches frisbee (emulab.net)

    3. Re:nothing new by Anonymous Coward · · Score: 0

      (xfsdump || xfsrestore) seems to work okay for me.
      When did NetBSD start supporting XFS? (Oops, me bad!)

  21. How Soon by defore · · Score: 1
    How soon do you think this will this be available in the Major Linux distros? I would love to have this for my debian machine. Perhaps I wouldn't have had to spend all last Saturday rebuilding my machine and restoring individual files.

    SIGS!!!We don't need no stinkin sigs

    1. Re:How Soon by Anonymous Coward · · Score: 0

      Depends on how long it takes for Debian GNU/BSD to do it ;).

  22. How long before rsync becomes a hack? by Anonymous Coward · · Score: 0

    Assuming you can get around bandwidth monitoring, how long before rsync becomes incorporated into hacking tools. Add it to a little spyware and a zombie network and things get very interesting for poorly secured networks & computers.

    1. Re:How long before rsync becomes a hack? by Bret+Tobey · · Score: 1

      RTFA..."The code is being released into the public domain free of license restrictions in any form. The initial proof of concept code has been written to NetBSD, but der Mouse expects the code to be easily portable to systems that allow hooks to be inserted into disk driver code. The code can be accessed via anonymous FTP at ftp.rodents.montreal.qc.ca:/mouse/livebackup/." So once again, how long before this becomes a hack, since it isn't a problem for netBSD but it will be for Windows.

  23. Wacky idea by JediTrainer · · Score: 2, Insightful

    Maybe I should patent this. Ah well, I figure if I mention it now it should prevent someone else from doing so...

    I was thinking - I know how Ghost supports multicasting and such. I was thinking about how to take that to the next level. Something like Ghost meets BitTorrent.

    Wouldn't it be great to be able to image a drive, use multicast to get the data to as many machines as possible, but then use BitTorrent to get pieces to any machines that weren't able to listen to the multicast (ie it's on another subnet or something) and to pick up any pieces that were missed in the broadcast, or get the rest of the disk image if that particular machine joined in the session a little late and missed the first part?

    I think that would really rock if someone wanted to image hundreds of machines quickly and reliably.

    I'm thinking it'd be pretty cool to have that server set up, and find a way to cram the client onto a floppy or some sort of custom Knoppix. Find server, choose image, and now you're part of both the multicast AND the torrent. That should take care of error checking too, I guess.

    Anybody care to take thus further and/or shoot down the idea? :)

    --

    You can accomplish anything you set your mind to. The impossible just takes a little longer.
    1. Re:Wacky idea by jmcneill · · Score: 1

      Wouldn't it be great to be able to image a drive, use multicast to get the data to as many machines as possible, but then use BitTorrent to get pieces to any machines that weren't able to listen to the multicast (ie it's on another subnet or something) and to pick up any pieces that were missed in the broadcast, or get the rest of the disk image if that particular machine joined in the session a little late and missed the first part?

      Multicast will work across subnets (you just need to set the TTL > 1). Typically what you would do is to enable multicast through your organization's network, and allow everybody to join this group. BitTorrent would not be required, as you probably don't want to be distributing your custom OS images to the outside world.

    2. Re:Wacky idea by Anonymous Coward · · Score: 1, Informative

      check frisbee (emulab.net) for fast reliable
      multi/unicasting system images

    3. Re:Wacky idea by squallbsr · · Score: 1
      BitTorrent would not be required, as you probably don't want to be distributing your custom OS images to the outside world.

      With BitTorrent you could set up your server as the tracker and multicaster for your images. BitTorrent doesn't HAVE to make it out onto the internet, you just keep the BT traffic inside your corporate network. The BT would be extremely helpful to distribute the load across multiple computers instead of just hitting one machine.

      Another thing, I was thinking (usually a bad thing), shouldn't one pick between BT or Multicasting? The multicast server is just spitting out the same bits to everybody on the network (every other machine has to be on the same page at the same time), this should cause the server to not be bottlenecked. However if one were to choose BT, the bottleneck would be the network (not the server) because the file download would be distributed, but not syncronized. It would be interesting to see how the network would respond running Multicasted BitTorrent.

      Don't mind me, just talking out my a$$. Its not like I'm a network guru or anything (even though my job title is Network Applications Developer, it just means that I write windoze software that people will use on their networked computer)

      --
      Sleep: A completely inadequate substitution for Caffeine.
    4. Re:Wacky idea by jmcneill · · Score: 1

      Multicasted BitTorrent is a complete waste. The idea with multicast is that there is no real "load" on the sender -- you can run an open-loop multicaster with your image, and people can join the group to download it. Alternately, you can use a protocol like MTFTP to make it a bit more "on-demand".

      Either way, bittorrent is completely useless in an environment where multicast is available.

    5. Re:Wacky idea by evilviper · · Score: 2, Insightful
      I must shoot down your idea. I have lots of experience with this sort of thing.

      then use BitTorrent to get pieces to any machines that weren't able to listen to the multicast (ie it's on another subnet or something) and to pick up any pieces that were missed in the broadcast, or get the rest of the disk image if that particular machine joined in the session a little late and missed the first part?

      Bittorrent poses NO advantage for this sort of thing. Why not just a regular network service, unicasting the extra data to hosts that require it? Bittorrent has lots of features that make it more useful for internet downloads, but NONE that would help on a LAN. If a node on a 100Mbps LAN is missing 1GB of an image, it can just request it from a single machine that already has it, and it will get it at 100Mbps. Requesting pieces from two or more different machines will not speed things up. Bittorrents anti-leech technology would be useless on a LAN, as would extra hashing, as would randomized chunks, as would everything else bittorrent does.

      The only place I think you have a real point is dealing with systems on other broadcast domains... I haven't yet seen any multicast systems that do what I needed in that case, to unicast the drive image to a machine on a different network, then have that machine multicast it to all the local machines on that network... Instead, you have to manually do that yourself, in a 2-step process, which makes the process take at least twice as long.
      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  24. How does this compare to md over a network block by Anonymous Coward · · Score: 1, Insightful

    I've used Linux for years to do this using md running RAID1 over a network block device. It works very well unless you have to do a resync. Is this better than that?

    I'm asking because I'm backing-up about a dozen servers in real-time using this method, and if this method is more efficient, then I might be able to drop my bandwidth usage and save money.

  25. dd over a LAN by ndverdo · · Score: 1

    I have done that 12 years ago on AIX with no problems as long as (a) the hd you dd it off from and to are sound and (b) there are no transmission failures beyond what rsh (at that time) would retry and mask.

  26. ghost 4 unix by che.kai-jei · · Score: 3, Interesting

    not the same?

    http://www.feyrer.de/g4u/

    1. Re:ghost 4 unix by hubertf · · Score: 1

      Not at all. :)

      - Hubert

    2. Re:ghost 4 unix by Anonymous Coward · · Score: 0

      thanks.
      i get it now. i will be putting your excellent g4u to use this summer as a test. expect a donation!

  27. This is great by raddan · · Score: 1
    I just took one of our mailservers offline a minute ago to do a block-level copy, so this would be fantastic. I develop images for our machines, e.g., mailserver, etc, and then dd them onto other drives. When I update one machine, I then go around and update the others with the new image. This saves me tons of time, and we do a similar thing with desktops and Norton Ghost (although, if I'm not mistaken, this actually a file level copy).

    And since we're running OpenBSD on those machines, porting this should be fairly straightforward... although now that I look at it, he adds some patches for sockets... eugh...

    1. Re:This is great by Anonymous Coward · · Score: 0

      Radmind is a better tool if you want to update just one server and then have that update applied to a number of other machines.

  28. Scalability Forking? by Doc+Ruby · · Score: 1

    How about disk cloning across servers, for on-demand scalability? As a single server reaches some operating limit, like monthly bandwidth quota, disk capacity, CPU load, etc, a watchdog process clones its disks to a fresh new server. The accumulating data partition may be omitted. A final script downs the old server's TCP/IP interface, and ups the new one with the old IP# (/etc/hostname has already been cloned over). It's like forking the whole server. A little more hacking could clone servers to handle load spikes (not just filling total capacity), running simultaneously under DNS load balancing scheme, like simple round-robin host/IP resolution. And cloning across a WAN could offer geographical distribution for disaster preemption. Is this stuff close to being a .deb package yet?

    --

    --
    make install -not war

  29. Re:lol...linux/bsd has such a long way to go by Anonymous Coward · · Score: 0
    Reading comprehension > You

    I'm sure you were referring to Ghost, which is great stuff, however, I would hardly consider that "Windows" technology, considering that you can clone Linux systems as well.

    You also fail to realise this can be done *live*, while the system still runs, where Ghost can not.

  30. See what I've been working on... by glrotate · · Score: 1

    Sorry. As an IT guy I routinely peruse people's harddrives looking for interesting material. I use Windows scripting host to search everyone's drives for mp3's wma'a avi's and mpg's.

    It isn't your laptop. You have noe freedom to do anything with it.

    1. Re:See what I've been working on... by Jellybob · · Score: 1

      It's that sort of attitude which makes people work against, rather than with, the IT department.

      So what if people have some MP3s on their hard disk - if listening to music is affecting their work then it's the responsibility of their supervisor to deal with that.

      I've worked support before, and as much as users can be a pain in the ass, the only reason you have a job is because of them - without users, there is no point in an IT department.

    2. Re:See what I've been working on... by drsmithy · · Score: 1

      I'm pretty sure this is just a troll, but since there are probably quite a few inexperienced people out there who really do think like this...

      Sorry. As an IT guy I routinely peruse people's harddrives looking for interesting material. I use Windows scripting host to search everyone's drives for mp3's wma'a avi's and mpg's.

      Idiots like you are why IT departments have to struggle to do their jobs properly.

      It isn't your laptop. You have noe freedom to do anything with it.

      It isn't *yours*, either, hotshot, so you've got neither right nor privilege to go snooping on machines without specific cause *and authorization from management*.

      If you worked for me and I caught you doing that you'd be immediately escorted from the premises, not only because of the legal liability you expose the company to, but also because your complete lack of ethics makes you unfit for any job that allows privileged access to data.

      I would also do my very best to ensure you were never hired into a job dealing with remotely sensitive data or privileged access levels again. Hell, you'd be lucky to get a job as anything higher up than a cable monkey if I had any input.

    3. Re:See what I've been working on... by Anonymous Coward · · Score: 0

      sensitive MP3s, AVIs, WMVs and MPGs, yup, lots o' those

    4. Re:See what I've been working on... by Anonymous Coward · · Score: 0

      You obviously missed the point, n00b.

  31. Itanium imaging by Anonymous Coward · · Score: 0

    Does anyone know if this, or any other product for that matter, can be used for making images on itanium machines?

  32. Should be obvious. by jcuervo · · Score: 1

    From der Swedish Chef.

    Bork, bork, bork.

    --
    Assume I was drunk when I posted this.
  33. WTF by multipartmixed · · Score: 4, Informative

    Why on earth are people always so insistent on doing raw-level dupes of disks?

    First of all, it means backing up a 40GB with 2 GB of data may actually take 40GB of bandwidth.

    Second of all, it means the disk geometries have to be compatible.

    Then, I have to wonder if there will be any wackiness with things like journals if you're only restoring a data drive and the kernel versions are different...

    I have been using ufsdump / ufsrestore on UNIX for ...decades!. It works great, and its trivial to pump over ssh:

    # ssh user@machine ufsdump 0f - /dev/rdsk/c0t0d0s0 | (cd /newdisk && ufsrestore f -)

    or


    # ufsdump 0f - /dev/rdsk/c0t0d0s0 | ssh user@machine 'cd /newdisk && ufsrestore 0f -' .. it even supports incremental dumps (see: "dump level"), which is the main reason to use it over tar (tar can to incremental with find . -newer X | tar -cf filename -T -, but it won't handle deletes).

    So -- WHY are you people so keen on bit-level dumps? Forensics? That doesn't seem to be what the folks above are commenting on.

    Is it just that open source UNIX derivative and clones don't have dump/restore utilities?

    --

    Do daemons dream of electric sleep()?
    1. Re:WTF by Devi0s · · Score: 1

      WHY are you people so keen on bit-level dumps? Forensics?

      Yes!

      EnCase Enterprise Edition costs $10,000 per license. This software basically mimmicks EnCase's functionality for free.

      If der Mouse were to port this to the Windoze world, and get CFTT (http://www.cftt.nist.gov/ to validate it's forensic soundness, he could make a fortune undercutting Guidance Software.

      --
      - Have you ever noticed that the more you learn about technology, the more stupid you sound trying to explain it?
    2. Re:WTF by Anonymous Coward · · Score: 0

      Linux has dump/restore utilities, that is if you're using SGI's XFS filesystem.

      Check out xfsdump/xfsrestore ahref=http://oss.sgi.com/projects/xfs/http://oss.s gi.com/projects/xfs/>

    3. Re:WTF by halber_mensch · · Score: 1

      There are situations when this is desirable - especially in testing environments.

      I used to QA a series of imaging tools on Windows boxes, which envolved performing a series of regression tests over the software install and operation. The software had to work on 98/2K/2000/XP, with or without any number of updates and service packs, and in concert with several versions of either IE or Netscape (4,6,and 7 series). Having a block level copy of the disk of a test machine in various system configuration states allowed us to quickly bump the machine to a known state in order to run another test. While this environment didn't involve BSD, it does illustrate a use for block-level backup.

      But in any case - (many) ways to do something is much better than (many-1) ways to do something.

      --
      perl -e "eval pack(q{H*},join q{},qw{70 72696e74207061636b28717b482a7d2c717b343 637323635363534323533343430617d293b})"
    4. Re:WTF by JonMartin · · Score: 2, Interesting

      I hear ya. We've been cloning our labs with dump/restore over the net for years. Works on everything: Solaris, *BSD, Linux. Wrapper scripts make it a one line command.

      I know some Linux distros don't come with dump/restore. Maybe that's why more people don't use it.

      --
      Serve Gonk.
    5. Re:WTF by Anonymous Coward · · Score: 0

      EnCase does way more then make and restore bit level images. If you think that a product does merely this could supplant EnCase I ask you why Guidence was ever able to sell EnCase with the free dd?

    6. Re:WTF by evilviper · · Score: 2, Interesting
      Why on earth are people always so insistent on doing raw-level dupes of disks?

      I can think of a few reasons. It makes time-consuming partioning/formatting unnecesary. It does not require as much work to restore the bootable partion (ie. no need to bootstrap to run "lilo", "installboot" or whatnot). But mainly, because there are just no good backup tools...

      I have been using ufsdump / ufsrestore on UNIX for ...decades!. It works great, and its trivial to pump over ssh:

      Full dumps work fine, despite the above limitations, and I've piped dumps over the network many times. However, I've had incrimentals fail to restore a few times, so I can't trust them to work, and full-dumps take much too long to do regularly. So ufsdump is a lowsy option, in my experience.

      First of all, it means backing up a 40GB with 2 GB of data may actually take 40GB of bandwidth.

      Actually, you can pretty easily solve this, though it takes quite a chunk of time.

      On any unix system, just do "dd if=/dev/zero of=zerofile". After it fills your 38GBs of unused disk space, delete the zerofile. Then, your 2GBs of data, and 38GBs of zeros will compress down to a little more than 2GBs. Writing the zerofile to disk takes forever though, but it's well worth it, especially if you will be sending the image back out to multiple machines.

      I used-to do this to clone Windows machines. I wrote a simple C program to do the zerofile thing, then I'd multicast the compressed drive image to about 100 similar machines simultaneously. It was incredibly fast, and made Ghost look like a joke...
      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
    7. Re:WTF by setagllib · · Score: 2, Interesting

      You missed the point. Here you only need to copy the image once and then all subsequent writes are done on both images at once (the on-disk and the network one). That means that everything after the initial copy (assuming you begin doing this on an existing fs) is as efficient and real-time as possible, requiring no polling for changes or any scheduling. It is essentially RAID1 over a network. Although it doesn't do much against system crashes (since neither side will have the final syncs and umount writes) it does work very well against hard disk crashes, and it is also good to know that the same data is on another machine - so you can just boot into that system and get your server up, without needing to migrate disks over or reconfigure some things. Well, I don't know how close usual RAID1 is to that.

      --
      Sam ty sig.
  34. [OT] Sig by Anonymous Coward · · Score: 0

    UUOC

  35. The Dark Side of Image Backups by RonBurk · · Score: 4, Informative
    Image backups have great attraction. Restoring is done in one big whack, without having to deal with individual applications. Absolutely everything is backed up, so no worries about missing an individual file. etc. So why haven't image backups replaced all other forms of backup? The reason is the long list of drawbacks.

    • All your eggs are in one basket. If a single bit of your backup is wrong, then the restore could be screwed -- perhaps in subtle ways that you won't notice until it's too late to undo the damage.
    • Absolutely everything is backed up. If you've been root kitted, then that's backed up too. If you just destroyed a crucial file prior to the image backup, then that will be missing in the restore.
    • You really need the partition to be "dead" (unmounted) while it's being backed up. Beware solutions that claim to do "hot" image backups! It is not possible, in the general case, for a backup utility to handle the problem of data consistency. E.g., your application stores some configuration information on disk that happens to require two disk writes. The "hot" image backup software happens to backup the state of the disk after the first write, but before the second. If you then do an install, the disk is corrupted as far as that application is concerned. How many of your applications are paranoid enough to survive arbitrary disk corruption gracefully?
    • Size versus speed. Look at the curve of how fast disks are getting bigger. Then look at the curve of how fast disk transfer speeds are getting faster. As Jim Gray says, disks are starting to behave more like serial devices. If you've got a 200GB disk to image and you want to keep your backup window down to an hour, you're out of luck.
    • Lack of versioning. Most disk image backups don't offer versioning, certainly not at the file level. Yet that is perhaps the most common need for a backup -- I just messed up this file and would like to get yesterday's version back, preferably in a few seconds by just pointing and clicking.
    • Decreased testing. If you're using a versioned form of file backup, you probably get to test it on a fairly regular basis, as people restore accidental file deletions and the like. How often will you get to test your image backup this month? Then how much confidence can you have that the restore process will work when you really need it?

    Image backups certainly have their place for people who can understand their limitations. However, a good, automatic, versioning file backup is almost certainly a higher priority for most computer users. And under some circumstances, they might also want to go with RAID for home computers.

    1. Re:The Dark Side of Image Backups by adolf · · Score: 2, Interesting

      Image backups certainly have their place for people who can understand their limitations. However, a good, automatic, versioning file backup is almost certainly a higher priority for most computer users.

      Great. Now, could you please enlighten us as to what a good, automatic, versioning file-based backup system might consist of?

      AFAICT, this doesn't seem to exist. It doesn't matter how much sense it makes, or how perfect the idea is. It is simply unavailable.

      In fact, the glaring lack of such a capable system almost seems to indicate that it is a victim of the "pick any two" rule.

      So where is it?

      (And, no. A few programs tied together with a ream of Perl or shell script that needs modified in order to function does not constitute a working system, and nor does a HOWTO with instructions on coding one.

      Non-programmers, believe it or not, often have important data to back up, too, and being able to code should not be a prerequisite for keeping important stuff backed up. That is, unless you programmers really do think that it'd be no big deal if your loan officer lost your mortgage just hours before closing, or when the accountant's machine trashes your financials.)

      --
      Kid-proof tablet..
    2. Re:The Dark Side of Image Backups by Kent+Recal · · Score: 2, Informative

      Ummm. Well, there's DAR and there's kdar. I think there's even a win32 version for the clueless.

      It doesn't get much easier than this. You can have a sane, incremental backup setup in a single line cronjob or even point and click one up.

      If that's not simple enough for you then you have no business of storing or working with sensible data.

    3. Re:The Dark Side of Image Backups by mrbooze · · Score: 2, Insightful

      It's not that complicated. Disk image backups and file-level backups are not intended to serve the same purpose.

      Disk image backups are pure disaster recovery or deployment. Something is down and needs to be back up ASAP, where even the few minutes of recreating partitions and MBRs is unwanted. Or it's about deploying dozens or hundreds of client systems as quickly as possible with as few staff as possible.

      File level backups are insurance for users. Someone deletes/edits/breaks something important and needs it back or an old version back, etc.

      Sometimes, separating those two business needs (DR from user restoration) is the most sensible thing to do.

  36. should be better by Anonymous Coward · · Score: 0

    This tool should be better in the case where you are more interested in backups. RAID1 also insures data integrety when doing reads.

  37. the shared secret by digitaldc · · Score: 1

    The facility today supports symmetric cryptography, based on a shared secret. The secret is established out-of-band of the network mirror facility today. User identification, authentication and session encryption are all based on leveraging the pre-established shared secret.
    ----------- Confucious say: "The shared secret is no longer a secret."

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  38. Requiem for the FUD by Anonymous Coward · · Score: 0
    // Please *don't* mod this up. It has already been done! Thx

    ... facts are facts. ;)

    FreeBSD:
    FreeBSD, Stealth-Growth Open Source Project (Jun 2004)
    "FreeBSD has dramatically increased its market penetration over the last year."
    Nearly 2.5 Million Active Sites running FreeBSD (Jun 2004)
    "[FreeBSD] has secured a strong foothold with the hosting community and continues to grow, gaining over a million hostnames and half a million active sites since July 2003."
    What's New in the FreeBSD Network Stack (Sep 2004)
    "FreeBSD can now route 1Mpps on a 2.8GHz Xeon whilst Linux can't do much more than 100kpps."

    NetBSD:
    NetBSD, for When Portability and Stability Matter (Oct 2004)
    NetBSD sets Internet2 Land Speed World Record (May 2004)
    NetBSD again sets Internet2 Land Speed World Record (Sep 2004)

    OpenBSD:
    OpenBSD Widens Its Scope (Nov 2004)
    Review: OpenBSD 3.6 shows steady improvement (Nov 2004)
    OpenSSH (OpenBSD subproject) has become a de facto Internet standard.

    *BSD in general:
    Deep study: The world's safest computing environment (Nov 2004)
    "The world's safest and most secure 24/7 online computing environment - operating system plus applications - is proving to be the Open Source platform of BSD (Berkeley Software Distribution) and the Mac OS X based on Darwin."
    BSD Success Stories (O'Reilly, 2004) (pdf) ~ from Onlamp BSD DevCenter
    "The BSDs - FreeBSD, OpenBSD, NetBSD, Darwin, and others - have earned a reputation for stability, security, performance, and ease of administration."
    ..and last but not least, we have the cutest mascot as well - undisputedly. ;)

    --
    Being able to read *other people's* source code is a nice thing, not a 'fundamental freedom'.

  39. Not scalable. by SanityInAnarchy · · Score: 2, Interesting

    rsync is not scalable to large numbers of files. We set up a backuppc machine awhile ago, tried to rsync the entire backup set over to another machine... It was a miserable failure. Even if we didn't check for hardlinks, (which we have to, backuppc uses tons of hardlinks,) the rsync process completely saturated a gig of RAM before it even started syncing.

    Now, rsync would have been fine if we'd unmounted the filesystem and done it on the raw partition. But there's a couple of problems with that:

    It's not live. Not a big deal for us, since it's a backup machine to begin with, but still...

    rsync doesn't do that. A couple of people have submitted patches to allow a flag for rsync to copy block devices as if they were files. They were tiny patches, but they were rejected out of a fear of users doing stupid things with them. I guess the usual Rsync Way is to duplicate the filesystem, so that devices are copied with mknod, not dd.

    --
    Don't thank God, thank a doctor!
    1. Re:Not scalable. by killjoe · · Score: 1

      I am surprised rsync hasn't been updated to handle large number of files very well. The only other alternative seems to be unison but It looks like it's not even bein developed anymore.

      --
      evil is as evil does
    2. Re:Not scalable. by Anonymous Coward · · Score: 0

      What about pax? (I'm asking because I don't know. I've used pax once, and I doubt I had enough files to stress a normal cp -R, much less some big program designed for copying filesystems.)

    3. Re:Not scalable. by Anonymous Coward · · Score: 0

      Sure hope you weren't trying it on linux.. I was killing our linux servers at work with it caching disk buffer space, until I told it to only use 10% of physical (8GB) memory, then it happilly started at least throwing away the disk cache that it wasn't using (ie, it would read a block *once*, and keep it for the next 25,000 days - or until a reboot). Mindless, even telling to only use 10% (abt. 800MB) didn't keep it below that, it would routinely go well over a gig, but it seemed to help it recover much quicker.

  40. No, it's not. by SanityInAnarchy · · Score: 1

    rsync doesn't scale to huge numbers of files. It also doesn't work so well when all of those are changing at once. Finally, the protocol and algorithms may work for imaging an entire disk as if it was a file, but the program doesn't -- it can ONLY copy device nodes as device nodes, and will NEVER read a block device as a normal file. There have been patches to fix this, which have been rejected.

    We use a scheme which actually seems better for systems which are always on: DRBD for Linux. Basically, every block written to a device on the master is automagically duplicated to all the slaves. If the master goes down, you promote one of the slaves to master, mount the partition, and start services. If you have the heartbeat package, this can be done automatically, complete with an ip takeover.

    We aren't using it for high availability, actually. We just use it to duplicate a BackupPC partition out to someone's house, over openvpn. It's much nicer than rsync -- rsync was filling up a couple of gigs of RAM before it sent a single file, and in every instance, it was still eating up more swap when we killed it out of frustration.

    The high availability design does help, though. If the entire office gets nuked, we can physically carry the backup box in, turn it on, make it master, and use BackupPC's native restore feature. Sometime soon we're going to make our PHB cream his jeans by demonstrating a full, bare-metal restore.

    --
    Don't thank God, thank a doctor!
    1. Re:No, it's not. by dtfinch · · Score: 1

      Our nightly rsync backups consist of roughly 400,000 files. There were hourly in the past, and it was so transparent that we never noticed any problems or performance degredation, but we switched to nightly after two hard disks in the backup server died the same week.

  41. How is this different... by Anonymous Coward · · Score: 0

    ...from something like:
    dd if=/dev/rdsk/rwd0 | gzip | ssh user@remotehost '/usr/local/bin/gunzip - | dd of=/dev/rdsk/wd1'

  42. Re:BSD is 10 years too old by bsd_usr · · Score: 1

    BSD is alot older than 10 years. It's probably 20+ years old.

  43. Have this been invented? by michelcultivo · · Score: 1

    And what about Ghost for You. this does netbackup with onlye one 1.44" disk.

    --
    http://www.michel.eti.br
  44. rsync does a fine job for backups. by tburt11 · · Score: 1
    I run rsync on a backup server, and save the files without compression on removeable disks.

    It makes it alot easier to find a file, cause it exists in the same location, uncompressed.

    The huge advantage though, is that rsync only transfers those files that have changed. Which means that backups are very quick.

    I also mount samba shares on the backup server, and do rsync backups of "My Documents" folders for the windows boxes. Works great there too!

    Even better, the My Documents folders are available as (read only) Samba shares on the backup box, and the users can find their own files in the backups.

    I have been doing this for years, and it works great!

  45. Not really. by Some+Random+Username · · Score: 1

    What would be more perfect is simply being a competant admin in the first place, and not letting your users have permissions to fuck everything up. Nevermind that this is for NetBSD, which doesn't have a whole lot of viruses, nor a defrag program.

  46. Way better. by Some+Random+Username · · Score: 1

    In fact, I can't think of any way that could possibly be worse than what you are doing now. Running a RAID1 over a network block device is horribly innefficient, and slow as all hell. This just backs things up when you want to, not all the time constantly with every trivial change like a network mirror does.

  47. der Mouse? by Some+Random+Username · · Score: 0, Troll

    Yeah, I am really inclined to trust software written by someone who's afraid to use his real name, and uses a psudenym based on his jealousy of another free software developer who actually does use his real name. Does NetBSD really allow anonymous developers like this?

    1. Re:der Mouse? by Nimrangul · · Score: 1
      Perhaps you could word that better?

      It does seem wrong to allow for an anonymous developer as NetBSD has, Mike Parker sounds much better than der Mouse.

      That they allow this is their choice however, that he is bitter about Theo de Raadt and his OpenBSD project does not warrent that kind of behaviour true, but it is up to NetBSD to choose what they view as proper behavoir within their developer circle.

      They made that choice with Theo years ago, maybe with time they will choose to reign Mike in. Mike doesn't seem to be counted amoung the core developers, so it's not exactly the same as the situation with Theo however.

      Perhaps this reflects poorly on the level of maturity of the developers on the project, but it is the choice of the developers.

      And you cannot base your feelings about someone's programming based on their behaviour, or everyone would hate OpenBSD for Theo being a dick.

      --
      I'm sick of following my dreams - I'm just going to ask them where they're going and hook up with them later.
    2. Re:der Mouse? by Some+Random+Username · · Score: 1

      No, there's nothing wrong with the way its worded. I don't have the time nor the skill to personally audit the source code of every piece of software I use. This means I have to trust people. Someone who uses their real name would be risking their reputation and possible legal consequences if they distributed malicious code. Someone hiding their identity is less trustworthy.

  48. Working for you by Anonymous Coward · · Score: 0

    given your ignorance of the topic, i question if you even have a job. employers have the responsibility of knowing what their employees are doing. they are liable by law for the conduct of their employees. if some dumbass is dl'ing shit they shouldn't, somebody needs to find out, that is part of my job.

  49. Re:BSD is 10 years too old by Anonymous Coward · · Score: 0

    Actually, the history section of GNU/Linux Application Programming says the first version of BSD came out in 1976. That makes 20+ quite accurate (or 30- even more so).

  50. Entropy on Disk by Anonymous Coward · · Score: 0

    Actually there is seed entropy stored on the disk. Check out the man page for random. It's used to seed the random number generator at boot time, as the usual system chaos generators are just getting going.

    Presumably this could cause a vulnerablity around boot time. Say the machine establishes a VPN at boot, and the backup of the seed had just been intercepted before the boot, you might be able to tap the VPN.

    1. Re:Entropy on Disk by setagllib · · Score: 1

      You're right, I can't believe I forgot about that. I keep assuming that the entropy is fed in and immediately treated with timings and IRQs and other hard-to-predict (especially over network) things.

      I hate that I only have one machine with a hardware random number generator under my administrative control, and it currently runs Windows, so I can't even import the entropy over to more important machines. But then there's always the "roll your own user-space entropy harvester" option.

      --
      Sam ty sig.
  51. Re:BSD is dying by Anonymous Coward · · Score: 0

    haha you wasted a mod point - and now - waste another one.