I ended up using the perl embedded code approach... it gave me more
flexibility.
I now have a robust routine that uses DumpPreUserCmd/DumpPostUserCmd
to automagically set up Window Shadow copies on remote Windows 7
machines (should presumably also work for Windows 8/10).
It basically uses your current $Conf{ClientShareName2Path} hash to
determine automatically what shadow copies to create. Then it:
- Creates the shadow copy
- Creates a junction for each shadow copy in a directory of your
choosing labeled by drive-letter and timestamp (so that you could
have multiple backups going at once on separate shadow copies)
- Modifies on the fly $Conf{ClientShareName2Path} to interpolate the
shadow copy junction location (without changing the share name)
Then it proceeds to back up the relevant shadow copy for each share.
Then after the backup is complete, everything is unwound by deleting
the junctions and removing the shadow copies.
It's quite a hack combining escaped perl code that runs on the server,
ssh, and bash code that runs on the client.
The beauty of this approach is that *no* local code or setup is
required on the Windows client beyond making sure you have a basic
install of ssh and cygwin.
All the bash code is included in the host.pl file so it's all compact
and easy to manage -- even if the code is hairy. Indeed I wrote it so
that multiple Windows hosts can all point to the same canonical
host.pl file...
IMO this is much superior to other approaches that require separate
scripts either on the server or client -- including my old
'shadowmountrsync' approach that used all types of hacks and ran on
the client.
When I get it tested and cleaned up, I will share with the group..
I also still want to add the option to run 'subinacl' and/or 'getfacl'
on the local machine and store the results (again using a combination
of perl/ssh/bash code) so that one can have as complete a copy of the
disk as possible. Note that rsync doesn't capture all the acl detail
that NTFS uses.
I also hope to test whether the above plus disk partition/signature is
enough to get essentially a bare-metal restore capability for Windows.
The only thing that might be missing would be rarely used NTFS
functionality like alternate filestreams and perhaps some challenges
with junctions, though I could add something to back up the junctions too...
Craig Barratt via BackupPC-users wrote at about 21:00:09 -0700 on Wednesday,
June 24, 2020:
> Jeff,
>
> The reason BackupPC avoids running shells for sub-commands is security, and
> the extra layer of argument escaping or quoting. It's easy to
> inadvertently have some security weakness from misconfiguration or misuse.
>
> Can you get what you need by starting the command with "/bin/bash -c"? You
> can alternatively set $Conf{DumpPreUserCmd} to a shell script with the
> arguments you need, and then you can do whatever you want in that script.
>
> Craig
>
> On Wed, Jun 24, 2020 at 10:20 AM <backu...@kosowsky.org> wrote:
>
> > I notice that in Lib.pm, the function 'cmdSystemOrEvalLong'
> > specifically uses the structure 'exec {$cmd->[0]} @$cmd;' so that no
> > shell is invoked.
> >
> > I know that technically it's a little faster to avoid calling the
> > shell, but in many cases it is very useful to have at least a
> > rudimentary shell available.
> >
> > For example, I may want to read in (rather than execute a script).
> >
> > Specifically say,
> > (1) $Conf{DumpPreUserCmd} = qq(\$sshPath -q -x -i $BackupPCsshID -l
> > $Conf{RsyncdUserName} \$hostIP bash -s <
> > /etc/backuppc/scripts/script-\$hostIP)
> > would allow me to run a hostIP specific script that I store in
> > /etc/backuppc/scripts.
> >
> > - This is neater and easier to maintain than having to store the script
> > on the remote machine.
> > - This also seems neater and nicer than having to use an executable
> > script that would itself need to run ssh -- plus importantly it
> > removes a layer of indirection and messing with extra quoting.
> >
> >
> > Similarly, it would be great to be able to support:
> > (2) $Conf{DumpPreUserCmd} = qq(\$sshPath -q -x -i $BackupPCsshID -l
> > $Conf{RsyncdUserName} \$hostIP bash -s <<EOF
> > <bash script here>
> > EOF)
> >
> > Or similarly:
> > (3) $Conf{DumpPreUserCmd} = qq(\$sshPath -q -x -i $BackupPCsshID -l
> > $Conf{RsyncdUserName} \$hostIP bash -s <<< $bashscript
> > where for example
> > my $bashscript = <<'EOF'
> > <bash script here>
> > EOF
> >
> > Though this latter form is a bash-ism and would not work in /bin/sh
> >
> > The advantage of the latter examples is that it would allow me to
> > store the bashscript in the actual host.pl config scripts rather than
> > having to have a separate set of scripts to load.
> >
> > Note that I am able to roughly replicate (3) using perl code, but it
> > requires extra layers of escaping of metacharacters making it hard to
> > write, read, and debug.
> >
> > For example something like:
> > my $bashscript = <<'EOF';
> > <bash script here>
> > EOF
> >
> > $bashscript =~ s/([][;&()<>{}|^\n\r\t *\$\\'"`?])/\\$1/g;
> > $Conf{DumpPreUserCmd} = qq(&{sub {
> > open(my \$out_fh, "|-", "\$sshPath -q -x -i $BackupPCsshID -l
> > $Conf{RsyncdUserName} \$hostIP bash -s")
> > or warn "Can't start ssh: \$!";
> > print \$out_fh qq($bashscript);
> > close \$out_fh or warn "Error flushing/closing pipe to ssh: \$!";
> > }})
> >
> > Though it doesn't quite work yet...
> >
> >
> >
> > _______________________________________________
> > BackupPC-users mailing list
> > BackupPC-users@lists.sourceforge.net
> > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
> > Wiki: http://backuppc.wiki.sourceforge.net
> > Project: http://backuppc.sourceforge.net/
> >
> _______________________________________________
> BackupPC-users mailing list
> BackupPC-users@lists.sourceforge.net
> List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki: http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
