Encrypted partition backups.

Bill Davidsen davidsen at tmr.com
Wed Jan 14 23:47:30 UTC 2009


Robin Laing wrote:
> OK, now it is an option to create encrypted partitions with F10 during 
> install.  With this, the issue of backups gets changed and I wonder how 
> people are dealing with it.
> 
> I am about to install a system where each users home directory will be 
> encrypted and mounted on login and unmounted on logout.
> 
> Now the question comes to how to make automatic backups of these 
> encrypted partitions when they are not mounted.  This has to take into 
> account that the backup needs to be as secure as the original users 
> directories.
> 
> Is there a tool that allows partition backups of only the changes as 
> with incremental backups?  Do we just have to clone the partition and 
> make copies of that each time?
> 
> It is a question that I have posed to our IT staff and they have not 
> thought about it either.
> 
What you want is a copy-on-write system to record the changes. Too bad you 
didn't go the whole way on security and run each users in a virtual machine. 
Then you could make a COW image of the partition, let the user run with that, 
then back up only the changed pages. When the backup gets large, commit the 
changes and take a "full" (whole partition) backup, and make a new working COW 
image for the user to use.

I do similar with development VMs, make some changes, run with it a while to see 
that they were *good* changes, then commit. Each day I back up only the 
differences between the reference image and the working image.

-- 
Bill Davidsen <davidsen at tmr.com>
   "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot




More information about the fedora-list mailing list