core-admin-client/doc/manpages/qvm-backup-restore.rst
Marek Marczykowski-Górecki 7d6cb655f8
backup/restore: add option for unattended restore and extracting log
Allow running unattended, with qvm-backup-restore --passphrase-file.
This require few modifications:
 - copy the passphrase file into the DisposableVM (that VM knows the
         passphrase anyway, so there is no extra data leak)
 - close the terminal when operation finishes

Closing the terminal would eliminate almost all the feedback (operation
log, errors, warnings etc), so write it into a file in DisposableVM and
later extract it and show on the stdout. Similar to qvm-run, color it
red as a content coming from a VM.

QubesOS/qubes-issues#5310
2020-08-05 04:37:44 +02:00

116 lines
3.2 KiB
ReStructuredText

.. program:: qvm-backup-restore
===============================================================
:program:`qvm-backup-restore` -- Restores Qubes VMs from backup
===============================================================
.. warning::
This page was autogenerated from command-line parser. It shouldn't be 1:1
conversion, because it would add little value. Please revise it and add
more descriptive help, which normally won't fit in standard ``--help``
option.
After rewrite, please remove this admonition.
Synopsis
========
:command:`qvm-backup-restore` [*options*] <*backup-dir*>
Options
=======
.. option:: --help, -h
Show this help message and exit
.. option:: --verbose, -v
Increase verbosity
.. option:: --quiet, -q
Decrease verbosity
.. option:: --verify-only
Do not restore the data, only verify backup integrity
.. option:: --skip-broken
Do not restore VMs that have missing templates or netvms
.. option:: --ignore-missing
Ignore missing templates or netvms, restore VMs anyway
.. option:: --skip-conflicting
Do not restore VMs that are already present on the host
.. option:: --rename-conflicting
Restore VMs that are already present on the host under different names
.. option:: --exclude=EXCLUDE, -x EXCLUDE
Skip restore of specified VM (might be repeated)
.. option:: --skip-dom0-home
Do not restore dom0 user home dir
.. option:: --ignore-username-mismatch
Ignore dom0 username mismatch while restoring homedir
.. option:: --ignore-size-limit
Backup metadata contains expected size of each VM. By default if backup
contains more data than expected, it is rejected. Use this option to ignore
this limit and restore such (broken, or potentially malicious) backup
anyway.
.. option:: --compression-filter, -Z
Force specific compression filter, instead of the one named in the backup
header. The compression filter is a command that accepts ``-d`` option to
decompress data on stdin and output it to stdout. This can be used to
override built-in protection against uncommon compression.
.. option:: --dest-vm=APPVM, -d APPVM
Restore from a backup located in a specific AppVM
.. option:: --passphrase-file, -p
Read passphrase from file, or use '-' to read from stdin
.. option:: --location-is-service
Provided backup location is a qrexec service name (optionally with an
argument, separated by ``+``), instead of file path or a command.
.. option:: --paranoid-mode, --plan-b
Isolate restore process in a DisposableVM, defend against potentially
compromised backup. In this mode some parts of the backup are skipped,
specifically:
- dom0 home directory (desktop environment settings)
- PCI devices assignments
.. option:: --auto-close
When running with --paranoid-mode (see above), automatically close restore
progress window after the restore process is finished and display restore log
on the standard output. The log will be colored red if the standard output is
a terminal.
Authors
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>