Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] SELinux xattrs

2008-07-30 20:37:30
Subject: Re: [Bacula-users] SELinux xattrs
From: Frank Sweetser <fs AT WPI DOT EDU>
To: Chris Hoogendyk <hoogendyk AT bio.umass DOT edu>
Date: Wed, 30 Jul 2008 20:37:10 -0400 
Chris Hoogendyk wrote:

> I'm not sure why Amanda bashing periodically rears its head on this 
> list. It seems irrelevant to the purposes of the list.

I suspect that it comes up fairly frequently, not out of any particular hatred
of Amanda, but rather because a fair percentage of people who use Bacula found
it while explicitly searching around for alternatives after running into
limitations in Amanda.  This ends up with people showing up going "Amanda is
failing me because it can't do <foo>!  Can Bacula save me?"

In my case, for example, I went looking for something else when my largest
backup got too big to fit on a single tape.  (I see that Amanda now has some
support for splitting backups across tapes, though it looks a little clunky to
me.)

> If I were in a Solaris shop, and I were using Amanda, I would choose to 
> use ufsdump. I wouldn't particularly care that it was Solaris specific, 
> because that would be appropriate. Not only would I always have 
> something to recover to, but my choice for recovery would always be one 
> of my Solaris servers.
> 
> If I were in a mixed shop with no dominant platform, then (as Frank 
> suggested) I would choose to use GNU Tar. That would give the ability to 

When considered over a sufficient time frame, all shops are mixed.  Operating
systems and their binaries tend to come and go every few years, but data can
last for decades or longer.  Search around, and you'll find horror stories
from places like NASA where they had to scrounge around to find an ancient
machine, to run an ancient version of the OS, that has the last version of a
strangely broken tar that can read the 30 year old volumes.

> recover data to whichever server I wanted. OS and installed software 
> backups would still be platform specific, and there just isn't any way 
> around that -- you can't run a Solaris SPARC binary on a Linux AMD box. 
> Sometimes, (with a boot partition) even if you recover from one Solaris 
> SPARC box to a slightly different Solaris SPARC box, you have to go 
> through the contortions of rebuilding the device tree, etc.

I think it's worth stressing the difference here between backing up an entire
system, and selectively backing up important data only.

If you have your systems managed in such a way that you can re-create the OS
install and configuration, such as with puppet or bcfg2, then there's probably
no need to back up /usr or /bin, for example.  You can instead focus on
limiting yourself to important volatile data, like email and logfiles.  This
will drastically reduce the need to assume that a given restore will be going
to a more or less identical system than the one the backup was taken from.

> If a vendor for a particular OS or distribution implements access 
> controls or extended attributes that are different from other OS's or 
> distributions (say Redhat distributing SELinux, or the MacOSX additions 
> to BSD), then that has to be dealt with somehow. Since the vendor 
> includes tools like dump or gnutar in their distribution, they need to 
> modify or patch those to work with their extensions, if necessary, 
> otherwise their distribution is arguably broken. If the vendor does 
> their job, then Amanda just works. Whether the vendor does their job or 
> not, Bacula developers have to re-invent those code changes to capture 
> the access controls and extended attributes. That has in some instances 
> resulted in delays and periods of time when Bacuala does not back up 
> those features and people have to develop workarounds. This can be done, 
> and has been described on the list; but, nevertheless, it is extra work 
> and effort.

Yes, so the question becomes: is the additional work worth it?  In my opinion
(or at least in my situation), it absolutely is.  Bacula is sufficiently
advantageous over other solutions, most of which are tar/cpio wrappers like
Amanda, that I'm prepared to continue using it as is for now, and wait until
someone else adds extended attribute support.

If you're in a position where extended attributes are an absolute requirement,
then you have to decide for yourself whether you have the resources to add
support in Bacula, or whether something else will be good enough.

-- 
Frank Sweetser fs at wpi.edu  |  For every problem, there is a solution that
WPI Senior Network Engineer   |  is simple, elegant, and wrong. - HL Mencken
    GPG fingerprint = 6174 1257 129E 0D21 D8D4  E8A3 8E39 29E3 E2E8 8CEC

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Cannot find any appendable volumes..., Keith Sudbury
Next by Date:  Re: [Bacula-users] Cannot find any appendable volumes..., John Drescher
Previous by Thread:  Re: [Bacula-users] SELinux xattrs, Arno Lehmann
Next by Thread:  Re: [Bacula-users] SELinux xattrs, Tilman Schmidt
Indexes:  [Date] [Thread] [Top] [All Lists]