Encrypted partition backups.
Bill Davidsen
davidsen at tmr.com
Wed Jan 14 23:47:30 UTC 2009
Robin Laing wrote:
> OK, now it is an option to create encrypted partitions with F10 during
> install. With this, the issue of backups gets changed and I wonder how
> people are dealing with it.
>
> I am about to install a system where each users home directory will be
> encrypted and mounted on login and unmounted on logout.
>
> Now the question comes to how to make automatic backups of these
> encrypted partitions when they are not mounted. This has to take into
> account that the backup needs to be as secure as the original users
> directories.
>
> Is there a tool that allows partition backups of only the changes as
> with incremental backups? Do we just have to clone the partition and
> make copies of that each time?
>
> It is a question that I have posed to our IT staff and they have not
> thought about it either.
>
What you want is a copy-on-write system to record the changes. Too bad you
didn't go the whole way on security and run each users in a virtual machine.
Then you could make a COW image of the partition, let the user run with that,
then back up only the changed pages. When the backup gets large, commit the
changes and take a "full" (whole partition) backup, and make a new working COW
image for the user to use.
I do similar with development VMs, make some changes, run with it a while to see
that they were *good* changes, then commit. Each day I back up only the
differences between the reference image and the working image.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the fedora-list
mailing list