Re: backing up a complete Debian GNU/Linux system
Quoting Gary L. Hennigan (glhenni@cs.sandia.gov):
> George Bonser <grep@shorelink.com> writes:
> > On Tue, 3 Aug 1999, xxxxx xxxxx wrote:
> >
> > > Hi!
> > > Could anyone tell me what's a good hardware/software
> > > combination to use to make frequent FULL backups
> > > of a Debian system
> > > (operating system, "applications", and data).
> > > I asked recently at a fairly large Linux group meeting,
> > > and everyone seemed suprised by the question and there
> > > were no good answers, which completely floored me...
> > > how could anyone smart enough to use Linux not back
> > > up their entire system RELIGIOUSLY?
> >
> > You do not backup the application binaries because you already have a
> > backup ... either the CDROM you installed from OR the debian archive. I
> > would never trust a backup of my binaries ... what if one of them has been
> > replaced with a trojaned version?
>
> I guess I don't see the logic here. If one of the binaries on your
> backup has a Trojan that, presumably, means that before you did the
> backup you were running a system that had a Trojan. I would assume at
> that point the damage has already been done.
Logically, that doesn't follow. The trojan may not yet have been run.
> Besides, assuming someone
> slipped a Trojan onto your system in the first place, restoring all
> your config files as they existed prior to the backup would allow them
> to just log in and introduce it again.
Again, logically, that doesn't follow. The trojan may have been installed
before the config files were altered. For example, one might have decided
to tighten up security in the wake of a break-in (detected or undetected)
or simply changed the passwords.
> The only chance I see of defeating a Trojan is detecting it and
> defeating the method used to introduce it in the first place. Also,
> the fact that such Trojans are so rare on Unix and Unix-like systems
> would make it a minor concern for me.
>
> Anyway, it's standard practice in large installations to back up
> practically everything for a level 0 backup, excluding things like
> /tmp, /dev (sometimes) and /proc.
There may be a historical reason for this. A large unix installation
is likely to have gathered its software from all sorts of sources
on all sorts of disparate media, and have put a lot of administrative
sweat into compiling and installing it all. So it makes sense to
backup the *result* of all that work.
OTOH every file on this system I'm typing on is sitting on one jaz
drive. The binaries and kernel-images are all in their .deb files;
the rescue/drivers disks are as disk images together with base*.tgz;
then there are all the configured /etc and /var files in zipfiles
for possible restoration, and copies of /etc and /var plus a non-root
recursive snapshot of /proc/[a-z]* for perusal. /home is split by
user as there are so few.
The very idea of all one's system software in a set of homogeneous
.deb files is probably foreign to most unix administrators.
Cheers,
--
Email: d.wright@open.ac.uk Tel: +44 1908 653 739 Fax: +44 1908 655 151
Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA
Disclaimer: These addresses are only for reaching me, and do not signify
official stationery. Views expressed here are either my own or plagiarised.
Reply to: