NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: LTO support



Le Thu, Aug 12, 2021 at 08:58:11AM -0400, Greg Troxel a écrit :
>[...] 
> 
> > FWIW, Plan9 has/had a WORM filesystem: Write Once Read Many, where
> > storage was made with deduplication of blocks, meaning one could
> > have too history of files, only saving the differences. Furthermore,
> > in such a system, an attack from ransomware would be useless: data
> > is never changed once written, just a new version added; this
> > protects from blunder deletions or malignity. Unfortunately, this
> > part of Plan9 did not find its way in the Unix world the same as other
> > bits of it did...
> 
> To protect against ransomware there needs to NOT be an administrative
> interface to clean up old versions.  And for long-term usability you do
> need such an interface.
> 
> I don't really purge bup backups.  Instead I just get new, bigger disks
> every few years and start over and set the old ones aside.

Well, I have a basic scheme like the one you sketched: I have local
backups---to speed up recovery in case of limited problem---and remote
backups, but the backup are not directly accessible to users and need my
personal intervention to change something.

And furthermore---since the backups are automatic---the backup
directories are unmounted once a back-up is finished and I have put what
I call "sentries" in the directories backup'ed: before recopying new
state, software first verify that the sentries are untouched. If a
sentry has disappeared or has been changed (they are writable in
writable directories), there is no backup and a message is sent to the
admin (i.e.: me). Though the threat is remote (the clients are mostly
MS Windows, but the server is NetBSD), with users that seem to be
unable to live without their smartphone or whatever that they plug 
everywhere even if only to charge the battery, I prefer the option
belt and suspenders...

And I have put also a "journal", not backup'ed, i.e. a limited
amount of disk space, that recopy, everyday, with the timestamp as the
directory name, files modified so that if some problem arise, one
can go in this archive with approximately 6 months of history (the
window is "rolling": if there is not enough space for new files---with
an upper limit for the size of the new files--- oldest entries are
removed).

-- 
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
                       http://www.sbfa.fr/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C


Home | Main Index | Thread Index | Old Index