Re: How to restore BIOS-based backup on a UEFI machine
On 2021-01-15 18:22, Linux-Fan wrote: I back up with cd / && find home -xdev -print0 | cpio -o0 -H crc | gzip | openssl enc -md sha256 -salt -pass file:passwordfile -aes-128-cbc >backup.cpio.gz.aes Thank you for the `openssl` commandline. However, since I upgraded to buster, that openssl command gives the warning: *** WARNING : deprecated key derivation used. Using -iter or -pbkdf2 would be better. I have not yet studied what that means in detail and precisely what other parameters are better to use. -- Jesper Dybdal https://www.dybdal.dk
Re: How to restore BIOS-based backup on a UEFI machine
Jesper Dybdal writes: On 2021-01-14 23:21, Linux-Fan wrote: Finally out of curiosity: You mention using CPIO archives. Do you have any input files above 8 GiB for your backup processes? I always thought that to be the limit of CPIO? My backups do not contain large files within the cpio archives, so I don't know whether that would be a problem. But some of the archives are much larger than 8 GiB. Thank you for confirming this. I've just realized that I may never actually have restored such large backups, but I have created contents listings for them, and if cpio can do that, surely it can also restore (but I'll try a real restore just to be sure). As long as the individual files are below 8 GiB (in your case: 4 GiB), it should be fine. See below. Since cpio as I use it works from and to standard input/output, I would not expect it to notice the archive size in any way. Yes, that is what I think too. The 8 GiB are only a restriction of the individual input files, not for the resulting archive files. Here is the except from GNU CPIOs manpage cpio(1): | -H, --format=FORMAT |Use given archive FORMAT. Valid formats are (the number in |parentheses gives maximum size for individual archive member): | |binThe obsolete binary format. (2147483647 bytes) | |odcThe old (POSIX.1) portable format. (8589934591 bytes) | |newc The new (SVR4) portable format, which supports file sys‐ | tems having more than 65536 i-nodes. (4294967295 bytes) | |crcThe new (SVR4) portable format with a checksum added. | |tarThe old tar format. (8589934591 bytes) | |ustar The POSIX.1 tar format. Also recognizes GNU tar ar‐ | chives, which are similar but not identical. (8589934591 | bytes) | |hpbin The obsolete binary format used by HPUX's cpio (which | stores device files differently). | |hpodc The portable format used by HPUX's cpio (which stores de‐ | vice files differently). I back up with cd / && find home -xdev -print0 | cpio -o0 -H crc | gzip | openssl enc -md sha256 -salt -pass file:passwordfile -aes-128-cbc >backup.cpio.gz.aes Hence in your case, the limit should be effectively max. 4 GiB per input file. As it is a streamed format, there is no practical limit on the resulting output archive file. Thank you for the `openssl` commandline. Linux-Fan öö pgpYMeW34kppj.pgp Description: PGP signature
Re: How to restore BIOS-based backup on a UEFI machine
On 2021-01-14 23:21, Linux-Fan wrote: Finally out of curiosity: You mention using CPIO archives. Do you have any input files above 8 GiB for your backup processes? I always thought that to be the limit of CPIO? My backups do not contain large files within the cpio archives, so I don't know whether that would be a problem. But some of the archives are much larger than 8 GiB. I've just realized that I may never actually have restored such large backups, but I have created contents listings for them, and if cpio can do that, surely it can also restore (but I'll try a real restore just to be sure). Since cpio as I use it works from and to standard input/output, I would not expect it to notice the archive size in any way. I back up with cd / && find home -xdev -print0 | cpio -o0 -H crc | gzip | openssl enc -md sha256 -salt -pass file:passwordfile -aes-128-cbc >backup.cpio.gz.aes Thanks to you and everybody else who answered my question. -- Jesper Dybdal https://www.dybdal.dk
Re: How to restore BIOS-based backup on a UEFI machine
On Thu, 2021-01-14 at 13:45 -0500, The Wanderer wrote: > On 2021-01-14 at 12:58, Tixy wrote: > > > On Thu, 2021-01-14 at 11:15 -0500, The Wanderer wrote: > > > > Newer-model Intel chipsets specifically prohibit booting to > > > internal hard drives in "legacy boot" mode. > > > > Surely it isn't the chipset which determines what disk format you can > > boot from, it's the firmware. > > I'd have thought so too, but the reading I did on this a while back > (after discovering that booting to MBR-based internal hard drives was > impossible on the newest computer models at my workplace) led me to > statements that firmware writers can't support this anymore, because > Intel's chipset implementation specifically does not let them do it. > > In practice, now that I research this again in depth, not only can I not > find those statements again, all the reports of this behavior in the > real world seem to be on Dell computers. I remember finding it stated > that Dell had no choice in this because of what Intel had done, but I'm > not finding those again now. > > I *do* find multiple statements that Intel is dropping all BIOS support > from its UEFI firmwares (including, presumably, those it creates with / > for its motherboard partners) by sometime in 2020, which has already > passed; it's possible that that might include this behavior, but I'm not > finding explicit statements of or reports about that just yet. That seems more likely, i.e. OEMs using Intel firmware for Intel chipsets and Intel dropping the Compatibility Support Module (CSM). And, reading some more, perhaps things are chipset related after all, if the CSM runs in old 16-bit mode and it can't access all the hardware it needs. I don't know enough about this, I would have thought that CSM support world somehow call out to UEFI to do the actual device work, but after having passing dealings many years ago with the open source EFI code (EDK2) it not something I would want to look into. (Me shudders at the thought :-) -- Tixy
Re: How to restore BIOS-based backup on a UEFI machine
On 2021-01-14 07:41, Jesper Dybdal wrote: I backup my Buster server simply as a (compressed, encrypted) cpio archive. Restoring it to a BIOS-based machine is simple: boot a rescue cd, partition the disk, restore all files, fix fstab if necessary, run update-grub and grub-install in a chroot environment. That works. But if the machine should some day die and I can only find/buy a UEFI-only machine to restore it to, how do I do that? And are there any precautions I should take in advance (on the BIOS system, before creating backups that may be needed on a future UEFI system) in order to make it easier to restore to a UEFI machine? (My knowledge of UEFI is almost non-existent, and my knowledge of grub is very limited.) I have a SOHO network with a few Debian workstations and a few FreeBSD servers, all still BIOS/MBR. Backup/ restore is one thing and migration is another. cpio(1) is a tool for the former. Changing hardware/ firmware from BIOS to UEFI and partitioning scheme from MBR to GPT involve the latter, and require different tools and techniques. Are you using a version control system (VCS) for system administration? If not, I recommend it. Version control is a huge improvement over ad-hoc methods and "sneaker net". For each host, I create a VCS project and check out a working directory under the root account on that host. The project includes a text file with my system administration notes, a text file with a list of all installed packages, and any configuration files that I have modified or created. I also include anything else that might be of use, such as the output of various diagnostic tools. To migrate, I do a fresh install of the chosen OS onto a blank disk in the new machine, install the VCS client, check out the old host project, create a new host project, and proceed to install packages, restore/ edit configuration files, connect data, etc.. Plan carefully, backup religiously, schedule an outage, and be prepared to back out/ restore if the migration fails. David
Re: How to restore BIOS-based backup on a UEFI machine
Alain D D Williams writes: On Thu, Jan 14, 2021 at 04:41:50PM +0100, Jesper Dybdal wrote: > I backup my Buster server simply as a (compressed, encrypted) cpio archive. > > Restoring it to a BIOS-based machine is simple: boot a rescue cd, partition > the disk, restore all files, fix fstab if necessary, run update-grub and > grub-install in a chroot environment. That works. > > But if the machine should some day die and I can only find/buy a UEFI-only > machine to restore it to, how do I do that? And are there any precautions > I should take in advance (on the BIOS system, before creating backups that > may be needed on a future UEFI system) in order to make it easier to restore to > a UEFI machine? Standard precaution: Make sure your rescue disk boots on UEFI systems. For enhanced certainity, it has to be a physical system. I recently tried to test an UEFI live system in a virtual machine and it worked perfectly well, but degraded on a physical system: The GRUB menu choices could be used inside the VM but the physical system always booted the first entry... [...] If/when your machine dies I would suggest that the simplest thing is for you to do a completely fresh Debian install (which will get EUFI, etc, right) and then import your data from backups. So what you need to do now is to ensure that your backups make it easy for you to do that: * most of non system data is prob in /home So make that a separate cpio file * ditto for other places where you have files that do not come from .deb * keep a copy of /etc where it is easy to get hold of (maybe /home/etc.tar.gz) * ensure that you know what has been installed: dpkg --list [...] I'd also recommend this approach. I prefer to track installed packages manually (in form of custom meta packages that is :) ), because this reduces them to a comprehensible set of actually interesting things -- I do not care if some previously unused library will not be installed on the new system. There are some pitfalls of storing copies of system data in home directories (it could bypass read-restrictions for files like /etc/shadow), but for many single-user-machines this is less relevant. I attempt to store only the files which I have modified. Mostly because the system's files are to some extent, hardware dependent (i.e. /etc/X11/xorg.conf if used is likely not to be portable across different GPU vendors etc.) Finally out of curiosity: You mention using CPIO archives. Do you have any input files above 8 GiB for your backup processes? I always thought that to be the limit of CPIO? I am asking because I am using CPIO for backups, too. But here, it is explicitly only used for the comparatively small amount of "actually important data" -- i.e. things like VMs, mirrors, program setup files etc. all excluded and (to some extent) backed up by different programs (rsync and borgbackup, but I am still looking for better alternatives). HTH Linux-Fan öö pgpL8PXJwPu3J.pgp Description: PGP signature
Re: How to restore BIOS-based backup on a UEFI machine
Jesper Dybdal wrote: ... > (My knowledge of UEFI is almost non-existent, and my knowledge of grub > is very limited.) if you are not mixing Debian with any other system and installing from scratch all you have to make sure of is that the system is detected as an UEFI system to begin with and then it should just work. however, since i've had grub updates screw up my preferences i've switched over to using refind as my boot loader and that works for me. i find it very easy as i've set the configuration to use the most recent kernel as the default and then have alternate selections available if i want to boot those instead. i haven't booted from grub in quite a long time now but i do still have it installed. songbird
Re: How to restore BIOS-based backup on a UEFI machine
On 2021-01-14 at 12:58, Tixy wrote: > On Thu, 2021-01-14 at 11:15 -0500, The Wanderer wrote: >> Newer-model Intel chipsets specifically prohibit booting to >> internal hard drives in "legacy boot" mode. > > Surely it isn't the chipset which determines what disk format you can > boot from, it's the firmware. I'd have thought so too, but the reading I did on this a while back (after discovering that booting to MBR-based internal hard drives was impossible on the newest computer models at my workplace) led me to statements that firmware writers can't support this anymore, because Intel's chipset implementation specifically does not let them do it. In practice, now that I research this again in depth, not only can I not find those statements again, all the reports of this behavior in the real world seem to be on Dell computers. I remember finding it stated that Dell had no choice in this because of what Intel had done, but I'm not finding those again now. I *do* find multiple statements that Intel is dropping all BIOS support from its UEFI firmwares (including, presumably, those it creates with / for its motherboard partners) by sometime in 2020, which has already passed; it's possible that that might include this behavior, but I'm not finding explicit statements of or reports about that just yet. https://arstechnica.com/gadgets/2017/11/intel-to-kill-off-the-last-vestiges-of-the-ancient-pc-bios-by-2020/ https://www.anandtech.com/show/12068/intel-to-remove-bios-support-from-uefi-by-2020 -- The Wanderer The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw signature.asc Description: OpenPGP digital signature
Re: How to restore BIOS-based backup on a UEFI machine
On Thu, 2021-01-14 at 11:15 -0500, The Wanderer wrote: [...] > Newer-model Intel chipsets specifically prohibit booting to internal > hard drives in "legacy boot" mode. Surely it isn't the chipset which determines what disk format you can boot from, it's the firmware. I know the BIOS on my new intel PC boots my new Bullseye install which I did with MBR boot partition and no ESP. (Not having setup EFI booting before I stuck with what I knew). The boot selection menu on my motherboard also lets me select between the MBR and EFI boot on my Debian installer USB stick, so seems happy to do both. I've read many places that this experience of legacy boot support isn't universal though, but I'm pretty sure it's a firmware not chipset issue. -- Tixy
Re: How to restore BIOS-based backup on a UEFI machine
On Thu, 14 Jan 2021 16:26:26 + Alain D D Williams wrote: > On Thu, Jan 14, 2021 at 04:41:50PM +0100, Jesper Dybdal wrote: > > I backup my Buster server simply as a (compressed, encrypted) cpio > > archive. > > > > Restoring it to a BIOS-based machine is simple: boot a rescue cd, > > partition the disk, restore all files, fix fstab if necessary, run > > update-grub and grub-install in a chroot environment. That works. > > > > But if the machine should some day die and I can only find/buy a > > UEFI-only machine to restore it to, how do I do that? And are > > there any precautions I should take in advance (on the BIOS system, > > before creating backups that may be needed on a future UEFI system) > > in order to make it easier to restore to a UEFI machine? > > > > (My knowledge of UEFI is almost non-existent, and my knowledge of > > grub is very limited.) > > If/when your machine dies I would suggest that the simplest thing is > for you to do a completely fresh Debian install (which will get EUFI, > etc, right) I wouldn't necessarily guarantee that, see my earlier post in the thread. Upgrading to buster killed booting to grub, and even a fresh installation didn't fix it. This has just given me an idea for when I have a couple of days spare: I could try a clean installation of stretch to my problem machine. If that fixes booting, I could leave /boot/efi untouched, and basically copy / and the rest of /boot from my problem buster installation, which I would previously have backed up. There are undoubtedly reasons why this might fail, but it's the first new idea I've had in months on this subject. -- Joe
Re: How to restore BIOS-based backup on a UEFI machine
On Thu, Jan 14, 2021 at 04:41:50PM +0100, Jesper Dybdal wrote: > I backup my Buster server simply as a (compressed, encrypted) cpio archive. > > Restoring it to a BIOS-based machine is simple: boot a rescue cd, partition > the disk, restore all files, fix fstab if necessary, run update-grub and > grub-install in a chroot environment. That works. > > But if the machine should some day die and I can only find/buy a UEFI-only > machine to restore it to, how do I do that? And are there any precautions I > should take in advance (on the BIOS system, before creating backups that may > be needed on a future UEFI system) in order to make it easier to restore to > a UEFI machine? > > (My knowledge of UEFI is almost non-existent, and my knowledge of grub is > very limited.) If/when your machine dies I would suggest that the simplest thing is for you to do a completely fresh Debian install (which will get EUFI, etc, right) and then import your data from backups. So what you need to do now is to ensure that your backups make it easy for you to do that: * most of non system data is prob in /home So make that a separate cpio file * ditto for other places where you have files that do not come from .deb * keep a copy of /etc where it is easy to get hold of (maybe /home/etc.tar.gz) * ensure that you know what has been installed: dpkg --list > -- > Jesper Dybdal > https://www.dybdal.dk > -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: How to restore BIOS-based backup on a UEFI machine
On 2021-01-14 17:05 +0100, Sven Joachim wrote: > I don't think so, the only important thing is that on the restore > machine you need to set up an EFI system partition[1] from which the > system boots. It has to be formatted as FAT32 and mounted under > /boot/efi when you install grub-efi-amd64. I forgot the include the link to [1]: https://en.wikipedia.org/wiki/EFI_system_partition Cheers, Sven
Re: How to restore BIOS-based backup on a UEFI machine
On 2021-01-14 at 10:41, Jesper Dybdal wrote: > I backup my Buster server simply as a (compressed, encrypted) cpio > archive. > > Restoring it to a BIOS-based machine is simple: boot a rescue cd, > partition the disk, restore all files, fix fstab if necessary, run > update-grub and grub-install in a chroot environment. That works. > > But if the machine should some day die and I can only find/buy a > UEFI-only machine to restore it to, how do I do that? And are there > any precautions I should take in advance (on the BIOS system, before > creating backups that may be needed on a future UEFI system) in order > to make it easier to restore to a UEFI machine? > > (My knowledge of UEFI is almost non-existent, and my knowledge of > grub is very limited.) If my understanding is correct, a lot will depend on whether the machine you're trying to restore it on is using a motherboard with a newer Intel chipset or something else (an older one or, at least as far as I've been able to determine to date, any AMD chipset). Newer-model Intel chipsets specifically prohibit booting to internal hard drives in "legacy boot" mode, i.e. (at least as far as I can determine) to drives whose boot information is specified in the MBR rather than with EFI partitions on GPT[1]. Older ones, and AMD chipsets as a whole as far as I can determine, don't. If you're trying to restore on a machine with that restriction attached, you're probably going to need to convert the install which is being restored from backup from MBR-style partitioning to GPT-style partitioning - which is likely to include making changes to the boot-configuration settings that are present in the backup (files under /boot, if nothing else). I don't have enough experience with that to give good guidance, unfortunately. If you're trying to restore on a machine without that restriction, then as long as you set the UEFI to boot the computer in "legacy" mode, I'd expect things should be as straightforward as always. [1] Yes, this is vague and probably not entirely accurate. My browser just crashed and will take a while to bring back up, so I don't care to do the research to resolve that fuzziness before sending this. -- The Wanderer The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw signature.asc Description: OpenPGP digital signature
Re: How to restore BIOS-based backup on a UEFI machine
On 2021-01-14 16:41 +0100, Jesper Dybdal wrote: > I backup my Buster server simply as a (compressed, encrypted) cpio archive. > > Restoring it to a BIOS-based machine is simple: boot a rescue cd, > partition the disk, restore all files, fix fstab if necessary, run > update-grub and grub-install in a chroot environment. That works. > > But if the machine should some day die and I can only find/buy a > UEFI-only machine to restore it to, how do I do that? Partitioning and restoring should work pretty much the same way, but in addition you have to replace the bootloader, i.e. install grub-efi-amd64 instead of grub-pc, before you can boot the restored system. > And are there > any precautions I should take in advance (on the BIOS system, before > creating backups that may be needed on a future UEFI system) in order > to make it easier to restore to a UEFI machine? I don't think so, the only important thing is that on the restore machine you need to set up an EFI system partition[1] from which the system boots. It has to be formatted as FAT32 and mounted under /boot/efi when you install grub-efi-amd64. Cheers, Sven
How to restore BIOS-based backup on a UEFI machine
I backup my Buster server simply as a (compressed, encrypted) cpio archive. Restoring it to a BIOS-based machine is simple: boot a rescue cd, partition the disk, restore all files, fix fstab if necessary, run update-grub and grub-install in a chroot environment. That works. But if the machine should some day die and I can only find/buy a UEFI-only machine to restore it to, how do I do that? And are there any precautions I should take in advance (on the BIOS system, before creating backups that may be needed on a future UEFI system) in order to make it easier to restore to a UEFI machine? (My knowledge of UEFI is almost non-existent, and my knowledge of grub is very limited.) -- Jesper Dybdal https://www.dybdal.dk