Commit Graph

21 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
7d6cb655f8
backup/restore: add option for unattended restore and extracting log
Allow running unattended, with qvm-backup-restore --passphrase-file.
This require few modifications:
 - copy the passphrase file into the DisposableVM (that VM knows the
         passphrase anyway, so there is no extra data leak)
 - close the terminal when operation finishes

Closing the terminal would eliminate almost all the feedback (operation
log, errors, warnings etc), so write it into a file in DisposableVM and
later extract it and show on the stdout. Similar to qvm-run, color it
red as a content coming from a VM.

QubesOS/qubes-issues#5310
2020-08-05 04:37:44 +02:00
Marek Marczykowski-Górecki
cc71dd5876
Add "paranoid restore" mode
Having Admin API, it is possible to do this properly now:
 - create DisposableVM
 - assign it proper permissions to create VMs and control those created
   VMs
 - run restore process inside
 - cleanup DisposableVM afterwards

Since the RestoreInDisposableVM class contains de facto reverse parser
for qvm-backup-restore command line, add a test that will spot when it
gets out of sync.

This feature depends on modifications in various other components,
including:
 - linux-utils and core-agent-linux for update qfile-unpacker
 - core-admin for qrexec policy modification

QubesOS/qubes-issues#5310
2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
db1d4b5d48
backup/restore: option for alternative qrexec service
Allow setting alternative qrexec service to retrieve backup content. The
service API is slightly different than the default one: it will get only
list of files/directories to extract on its stdin, but not backup
location. The latter could be provided as a service argument, or using
other out-of-band mechanism.
This will be useful for paranoid backup restore mode, to take away
control over location/command from sandboxed qvm-backup-restore process.

QubesOS/qubes-issues#5310
2020-08-04 04:06:30 +02:00
Marek Marczykowski-Górecki
2d736f5aa8
Make pylint happy 2019-10-05 21:57:48 +02:00
Marek Marczykowski-Górecki
14f77860bf
backup/restore: add option to use uncommon compression filter anyway
Previous commit introduced protection against uncommon (potentially
malicious) compression filters. This breaks restoring backups made with
a custom compression filter. Add an option to override this check, by
naming compression filter to use explicitly.
2019-09-10 15:24:15 +02:00
Marek Marczykowski-Górecki
d7430d42ce
Make pylint happy
no-else-raise warning
2019-03-07 03:17:29 +01:00
Rusty Bird
cf063a9638
qvm-backup-restore: also handle absent --ignore-missing
This was forgotten in 2d8bade.
2018-02-26 04:10:05 +00:00
Rusty Bird
2d8bade8b2
qvm-backup-restore: really pass options 2018-02-23 02:09:04 +00:00
Rusty Bird
a0d6327532
qvm-backup-restore: remove orphaned --replace-template option 2018-02-23 02:09:03 +00:00
Christopher Laprise
30dd7acaa9
Fix dom0 restore 2018-02-01 22:21:24 -05:00
Christopher Laprise
c6bc4f05cb
Fix dom0-related issues 2017-12-11 10:16:53 -05:00
Christopher Laprise
f86c640d65
Fix verify-only 2017-12-06 21:31:30 -05:00
Marek Marczykowski-Górecki
336807e8da
tools: fix too long lines
QubesOS/qubes-issues#2983
2017-09-04 03:07:03 +02:00
blackpit
6534f8c191 Fixed https://github.com/QubesOS/qubes-issues/issues/2983
qvm-create -l yellow backuptest-1-vm
qvm-create -l yellow backuptest-2-vm
echo -n passphrase >test.passphrase

qvm-backup --passphrase-file test.passphrase --yes `pwd` backuptest-1-vm backuptest-2-vm

qvm-remove backuptest-1-vm1 || true
qvm-remove backuptest-2-vm1 || true
qvm-backup-restore --rename-conflicting --passphrase-file test.passphrase qubes-2017-08-09T165253 backuptest-1-vm

qvm-remove backuptest-1-vm1 || true
qvm-remove backuptest-2-vm1 || true
qvm-backup-restore --rename-conflicting --passphrase-file test.passphrase qubes-2017-08-09T165253 backuptest-2-vm
2017-08-09 19:43:53 +02:00
Marek Marczykowski-Górecki
9210048673
backup/restore: add option to ignore size limit
Allow to restore backup which have miscalculated VMs size, but otherwise
is good.
2017-07-29 05:13:46 +02:00
Marek Marczykowski-Górecki
d8af76ed60
backup: move BackupRestore class and helpers to 'restore' submodule
This breaks cyclic imports and also allow cleaner separation between
backup make and restore code.

No functional change.
2017-07-21 03:54:04 +02:00
Marek Marczykowski-Górecki
ea47701fe6
tools/qvm-backup-restore: fix restoring only specific VMs
Related to QubesOS/qubes-issues#2924
2017-07-21 03:54:04 +02:00
Marek Marczykowski-Górecki
c50fc21e44
tests: qvm-backup-restore tool tests
Very simple one, but also fix reporting errors detected by tests.
2017-07-21 03:54:04 +02:00
Marek Marczykowski-Górecki
c736395432
tools/qvm-backup-restore: fix default list of VMs to restore
By default restore all of them, not only the ones named "[" or "]"
(which are invalid name).

Fixes QubesOS/qubes-issues#2924
2017-07-19 23:52:11 +02:00
Marek Marczykowski-Górecki
e7ee06936a
tools/qvm-backup-restore: handle VMs selection, not only exclusion
QubesOS/qubes-issues#1214
2017-07-17 23:34:03 +02:00
Marek Marczykowski-Górecki
f0151d73b3
tools: add qvm-backup-restore
Frontend tool for backup restore code.

Fixes QubesOS/qubes-issues#1214
2017-07-17 20:28:22 +02:00