mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-11 17:04:19 +01:00
401 lines
11 KiB
Groff
401 lines
11 KiB
Groff
.\" Copyright (c) 1980, 1991, 1993
|
|
.\" Regents of the University of California.
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgment:
|
|
.\" This product includes software developed by the University of
|
|
.\" California, Berkeley and its contributors.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" @(#)dump.8 8.3 (Berkeley) 5/1/95
|
|
.\" $FreeBSD$
|
|
.\"
|
|
.Dd May 1, 1995
|
|
.Dt DUMP 8
|
|
.Os BSD 4
|
|
.Sh NAME
|
|
.Nm dump
|
|
.Nd filesystem backup
|
|
.Sh SYNOPSIS
|
|
.Nm dump
|
|
.Op Fl 0123456789acknu
|
|
.Op Fl B Ar records
|
|
.Op Fl b Ar blocksize
|
|
.Op Fl d Ar density
|
|
.Op Fl f Ar file
|
|
.Op Fl h Ar level
|
|
.Op Fl s Ar feet
|
|
.Op Fl T Ar date
|
|
.Ar filesystem
|
|
.Nm dump
|
|
.Op Fl W Li \&| Fl w
|
|
.Pp
|
|
.in -\\n(iSu
|
|
(The
|
|
.Bx 4.3
|
|
option syntax is implemented for backward compatibility, but
|
|
is not documented here.)
|
|
.Sh DESCRIPTION
|
|
.Nm Dump
|
|
examines files
|
|
on a filesystem
|
|
and determines which files
|
|
need to be backed up. These files
|
|
are copied to the given disk, tape or other
|
|
storage medium for safe keeping (see the
|
|
.Fl f
|
|
option below for doing remote backups).
|
|
A dump that is larger than the output medium is broken into
|
|
multiple volumes.
|
|
On most media the size is determined by writing until an
|
|
end-of-media indication is returned. This can be enforced
|
|
by using the
|
|
.Fl a
|
|
option.
|
|
.Pp
|
|
On media that cannot reliably return an end-of-media indication
|
|
(such as some cartridge tape drives)
|
|
each volume is of a fixed size;
|
|
the actual size is determined by the tape size and density and/or
|
|
block count options below.
|
|
By default, the same output file name is used for each volume
|
|
after prompting the operator to change media.
|
|
.Pp
|
|
The following options are supported by
|
|
.Nm Ns :
|
|
.Bl -tag -width Ds
|
|
.It Fl 0\-9
|
|
Dump levels.
|
|
A level 0, full backup,
|
|
guarantees the entire file system is copied
|
|
(but see also the
|
|
.Fl h
|
|
option below).
|
|
A level number above 0,
|
|
incremental backup,
|
|
tells dump to
|
|
copy all files new or modified since the
|
|
last dump of any lower level.
|
|
The default level is 0.
|
|
.It Fl B Ar records
|
|
The number of 1 KB blocks per volume.
|
|
This option overrides the calculation of tape size
|
|
based on length and density.
|
|
.It Fl a
|
|
.Dq auto-size .
|
|
Bypass all tape length considerations, and enforce writing
|
|
until an end-of-media indication is returned. This fits best
|
|
for most modern tape drives. Use of this option is particularly
|
|
recommended when appending to an existing tape, or using a tape
|
|
drive with hardware compression (where you can never be sure about
|
|
the compression ratio).
|
|
.It Fl b Ar blocksize
|
|
The number of kilobytes per dump record.
|
|
.It Fl c
|
|
Change the defaults for use with a cartridge tape drive, with a density
|
|
of 8000 bpi, and a length of 1700 feet.
|
|
.It Fl h Ar level
|
|
Honor the user
|
|
.Dq nodump
|
|
flag
|
|
.Dp Dv UF_NODUMP
|
|
only for dumps at or above the given
|
|
.Ar level .
|
|
The default honor level is 1,
|
|
so that incremental backups omit such files
|
|
but full backups retain them.
|
|
.It Fl d Ar density
|
|
Set tape density to
|
|
.Ar density .
|
|
The default is 1600BPI.
|
|
.It Fl f Ar file
|
|
Write the backup to
|
|
.Ar file ;
|
|
.Ar file
|
|
may be a special device file
|
|
like
|
|
.Pa /dev/rsa0
|
|
(a tape drive),
|
|
.Pa /dev/rfd1
|
|
(a floppy disk drive),
|
|
an ordinary file,
|
|
or
|
|
.Ql Fl
|
|
(the standard output).
|
|
Multiple file names may be given as a single argument separated by commas.
|
|
Each file will be used for one dump volume in the order listed;
|
|
if the dump requires more volumes than the number of names given,
|
|
the last file name will used for all remaining volumes after prompting
|
|
for media changes.
|
|
If the name of the file is of the form
|
|
.Dq host:file ,
|
|
or
|
|
.Dq user@host:file ,
|
|
.Nm
|
|
writes to the named file on the remote host using
|
|
.Xr rmt 8 .
|
|
The default path name of the remote
|
|
.Xr rmt 8
|
|
program is
|
|
.\" rmt path, is the path on the remote host
|
|
.Pa /etc/rmt ;
|
|
this can be overridden by the environment variable
|
|
.Ev RMT .
|
|
.It Fl k
|
|
Use Kerberos authentication to talk to remote tape servers. (Only
|
|
available if this option was enabled when
|
|
.Nm
|
|
was compiled.)
|
|
.It Fl n
|
|
Whenever
|
|
.Nm
|
|
requires operator attention,
|
|
notify all operators in the group
|
|
.Dq operator
|
|
by means similar to a
|
|
.Xr wall 1 .
|
|
.It Fl s Ar feet
|
|
Attempt to calculate the amount of tape needed
|
|
at a particular density.
|
|
If this amount is exceeded,
|
|
.Nm
|
|
prompts for a new tape.
|
|
It is recommended to be a bit conservative on this option.
|
|
The default tape length is 2300 feet.
|
|
.ne 1i
|
|
.It Fl T Ar date
|
|
Use the specified date as the starting time for the dump
|
|
instead of the time determined from looking in
|
|
.Pa /etc/dumpdates .
|
|
The format of date is the same as that of
|
|
.Xr ctime 3 .
|
|
This option is useful for automated dump scripts that wish to
|
|
dump over a specific period of time.
|
|
The
|
|
.Fl T
|
|
option is mutually exclusive from the
|
|
.Fl u
|
|
option.
|
|
.It Fl u
|
|
Update the file
|
|
.Pa /etc/dumpdates
|
|
after a successful dump.
|
|
The format of
|
|
.Pa /etc/dumpdates
|
|
is readable by people, consisting of one
|
|
free format record per line:
|
|
filesystem name,
|
|
increment level
|
|
and
|
|
.Xr ctime 3
|
|
format dump date.
|
|
There may be only one entry per filesystem at each level.
|
|
The file
|
|
.Pa /etc/dumpdates
|
|
may be edited to change any of the fields,
|
|
if necessary.
|
|
.It Fl W
|
|
.Nm Dump
|
|
tells the operator what file systems need to be dumped.
|
|
This information is gleaned from the files
|
|
.Pa /etc/dumpdates
|
|
and
|
|
.Pa /etc/fstab .
|
|
The
|
|
.Fl W
|
|
option causes
|
|
.Nm
|
|
to print out, for each file system in
|
|
.Pa /etc/dumpdates
|
|
the most recent dump date and level,
|
|
and highlights those file systems that should be dumped.
|
|
If the
|
|
.Fl W
|
|
option is set, all other options are ignored, and
|
|
.Nm
|
|
exits immediately.
|
|
.It Fl w
|
|
Is like W, but prints only those filesystems which need to be dumped.
|
|
.El
|
|
.Pp
|
|
.Nm Dump
|
|
requires operator intervention on these conditions:
|
|
end of tape,
|
|
end of dump,
|
|
tape write error,
|
|
tape open error or
|
|
disk read error (if there are more than a threshold of 32).
|
|
In addition to alerting all operators implied by the
|
|
.Fl n
|
|
key,
|
|
.Nm
|
|
interacts with the operator on
|
|
.Em dump's
|
|
control terminal at times when
|
|
.Nm
|
|
can no longer proceed,
|
|
or if something is grossly wrong.
|
|
All questions
|
|
.Nm
|
|
poses
|
|
.Em must
|
|
be answered by typing
|
|
.Dq yes
|
|
or
|
|
.Dq no ,
|
|
appropriately.
|
|
.Pp
|
|
Since making a dump involves a lot of time and effort for full dumps,
|
|
.Nm
|
|
checkpoints itself at the start of each tape volume.
|
|
If writing that volume fails for some reason,
|
|
.Nm
|
|
will,
|
|
with operator permission,
|
|
restart itself from the checkpoint
|
|
after the old tape has been rewound and removed,
|
|
and a new tape has been mounted.
|
|
.Pp
|
|
.Nm Dump
|
|
tells the operator what is going on at periodic intervals,
|
|
including usually low estimates of the number of blocks to write,
|
|
the number of tapes it will take, the time to completion, and
|
|
the time to the tape change.
|
|
The output is verbose,
|
|
so that others know that the terminal
|
|
controlling
|
|
.Nm
|
|
is busy,
|
|
and will be for some time.
|
|
.Pp
|
|
In the event of a catastrophic disk event, the time required
|
|
to restore all the necessary backup tapes or files to disk
|
|
can be kept to a minimum by staggering the incremental dumps.
|
|
An efficient method of staggering incremental dumps
|
|
to minimize the number of tapes follows:
|
|
.Bl -bullet -offset indent
|
|
.It
|
|
Always start with a level 0 backup, for example:
|
|
.Bd -literal -offset indent
|
|
/sbin/dump -0u -f /dev/nrsa0 /usr/src
|
|
.Ed
|
|
.Pp
|
|
This should be done at set intervals, say once a month or once every two months,
|
|
and on a set of fresh tapes that is saved forever.
|
|
.It
|
|
After a level 0, dumps of active file
|
|
systems are taken on a daily basis,
|
|
using a modified Tower of Hanoi algorithm,
|
|
with this sequence of dump levels:
|
|
.Bd -literal -offset indent
|
|
3 2 5 4 7 6 9 8 9 9 ...
|
|
.Ed
|
|
.Pp
|
|
For the daily dumps, it should be possible to use a fixed number of tapes
|
|
for each day, used on a weekly basis.
|
|
Each week, a level 1 dump is taken, and
|
|
the daily Hanoi sequence repeats beginning with 3.
|
|
For weekly dumps, another fixed set of tapes per dumped file system is
|
|
used, also on a cyclical basis.
|
|
.El
|
|
.Pp
|
|
After several months or so, the daily and weekly tapes should get
|
|
rotated out of the dump cycle and fresh tapes brought in.
|
|
.Sh ENVIRONMENT
|
|
The environment variable
|
|
.Ev RMT
|
|
will be used to determine the pathname of the remote
|
|
.Xr rmt 8
|
|
program.
|
|
.Sh FILES
|
|
.Bl -tag -width /etc/dumpdates -compact
|
|
.It Pa /dev/rsa0
|
|
default tape unit to dump to
|
|
.It Pa /etc/dumpdates
|
|
dump date records
|
|
.It Pa /etc/fstab
|
|
dump table: file systems and frequency
|
|
.It Pa /etc/group
|
|
to find group
|
|
.Em operator
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr fstab 5 ,
|
|
.Xr ft 8 ,
|
|
.Xr restore 8 ,
|
|
.Xr rmt 8
|
|
.Sh DIAGNOSTICS
|
|
Many, and verbose.
|
|
.Pp
|
|
Dump exits with zero status on success.
|
|
Startup errors are indicated with an exit code of 1;
|
|
abnormal termination is indicated with an exit code of 3.
|
|
.Sh BUGS
|
|
Fewer than 32 read errors on the filesystem are ignored.
|
|
.Pp
|
|
Each reel requires a new process, so parent processes for
|
|
reels already written just hang around until the entire tape
|
|
is written.
|
|
.Pp
|
|
Currently,
|
|
.Xr physio 9
|
|
slices all requests into chunks of 64 KB. Therefore, it is
|
|
impossible to use a larger tape blocksize, so
|
|
.Nm
|
|
will prevent this from happening.
|
|
.Pp
|
|
.Nm Dump
|
|
with the
|
|
.Fl W
|
|
or
|
|
.Fl w
|
|
options does not report filesystems that have never been recorded
|
|
in
|
|
.Pa /etc/dumpdates ,
|
|
even if listed in
|
|
.Pa /etc/fstab .
|
|
.Pp
|
|
It would be nice if
|
|
.Nm
|
|
knew about the dump sequence,
|
|
kept track of the tapes scribbled on,
|
|
told the operator which tape to mount when,
|
|
and provided more assistance
|
|
for the operator running
|
|
.Xr restore .
|
|
.Pp
|
|
.Nm Dump
|
|
cannot do remote backups without being run as root, due to its
|
|
security history. This will be fixed in a later version of
|
|
.Bx Free .
|
|
Presently, it works if you set it setuid (like it used to be), but this
|
|
might constitute a security risk.
|
|
.Sh HISTORY
|
|
A
|
|
.Nm
|
|
command appeared in
|
|
.At v6 .
|