2013-01-20 21:44:13 +01:00
|
|
|
#!/usr/bin/python2
|
2010-06-26 15:00:19 +02:00
|
|
|
#
|
|
|
|
# The Qubes OS Project, http://www.qubes-os.org
|
|
|
|
#
|
|
|
|
# Copyright (C) 2010 Joanna Rutkowska <joanna@invisiblethingslab.com>
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
|
# modify it under the terms of the GNU General Public License
|
|
|
|
# as published by the Free Software Foundation; either version 2
|
|
|
|
# of the License, or (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program; if not, write to the Free Software
|
|
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
|
|
|
|
from qubes.qubes import QubesVmCollection
|
|
|
|
from qubes.qubes import QubesException
|
2013-11-25 05:41:13 +01:00
|
|
|
from qubes.backup import backup_prepare, backup_do
|
|
|
|
from qubes.qubesutils import size_to_human
|
2010-06-26 15:00:19 +02:00
|
|
|
from optparse import OptionParser
|
|
|
|
import os
|
|
|
|
import sys
|
2013-11-24 03:19:11 +01:00
|
|
|
import getpass
|
2010-06-26 15:00:19 +02:00
|
|
|
|
2012-02-07 16:09:35 +01:00
|
|
|
def print_progress(progress):
|
|
|
|
print >> sys.stderr, "\r-> Backing up files: {0}%...".format (progress),
|
2010-06-26 15:00:19 +02:00
|
|
|
|
|
|
|
def main():
|
2014-02-05 02:49:26 +01:00
|
|
|
usage = "usage: %prog [options] <backup-dir-path> [vms-to-be-included ...]"
|
2010-06-26 15:00:19 +02:00
|
|
|
parser = OptionParser (usage)
|
|
|
|
|
2014-01-15 05:51:18 +01:00
|
|
|
parser.add_option ("-x", "--exclude", action="append",
|
|
|
|
dest="exclude_list", default=[],
|
2014-01-23 04:50:14 +01:00
|
|
|
help="Exclude the specified VM from backup (may be "
|
|
|
|
"repeated)")
|
2012-07-11 23:53:23 +02:00
|
|
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
|
|
|
help="Force to run, even with root privileges")
|
2013-06-23 05:59:07 +02:00
|
|
|
parser.add_option ("-d", "--dest-vm", action="store", dest="appvm",
|
2014-01-15 05:01:02 +01:00
|
|
|
help="The AppVM to send backups to (implies -e)")
|
2013-06-23 06:27:58 +02:00
|
|
|
parser.add_option ("-e", "--encrypt", action="store_true", dest="encrypt", default=False,
|
|
|
|
help="Encrypts the backup")
|
2014-01-15 05:34:35 +01:00
|
|
|
parser.add_option ("-E", "--enc-algo", action="store",
|
|
|
|
dest="crypto_algorithm", default=None,
|
2014-01-15 05:51:52 +01:00
|
|
|
help="Specify non-default encryption algorithm. For "
|
|
|
|
"list of supported algos execute 'openssl "
|
|
|
|
"list-cipher-algorithms' (implies -e)")
|
2014-01-15 05:34:35 +01:00
|
|
|
parser.add_option ("-H", "--hmac-algo", action="store",
|
|
|
|
dest="hmac_algorithm", default=None,
|
|
|
|
help="Specify non-default hmac algorithm. For list of "
|
|
|
|
"supported algos execute 'openssl "
|
|
|
|
"list-message-digest-algorithms'")
|
2013-12-02 14:05:41 +01:00
|
|
|
parser.add_option ("-z", "--compress", action="store_true", dest="compress", default=False,
|
|
|
|
help="Compress the backup")
|
2010-11-28 16:30:26 +01:00
|
|
|
|
2010-06-26 15:00:19 +02:00
|
|
|
(options, args) = parser.parse_args ()
|
|
|
|
|
2013-10-01 03:18:44 +02:00
|
|
|
if (len (args) < 1):
|
2011-10-07 21:56:58 +02:00
|
|
|
print >> sys.stderr, "You must specify the target backup directory (e.g. /mnt/backup)"
|
|
|
|
print >> sys.stderr, "qvm-backup will create a subdirectory there for each individual backup."
|
2010-06-26 15:00:19 +02:00
|
|
|
exit (0)
|
|
|
|
|
|
|
|
base_backup_dir = args[0]
|
|
|
|
|
2012-07-11 23:53:23 +02:00
|
|
|
if os.geteuid() == 0:
|
|
|
|
if not options.force_root:
|
|
|
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
|
|
|
print >> sys.stderr, "Retry as unprivileged user."
|
|
|
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
|
|
|
exit(1)
|
|
|
|
|
2012-02-07 16:09:35 +01:00
|
|
|
# Only for locking
|
2010-06-26 15:00:19 +02:00
|
|
|
qvm_collection = QubesVmCollection()
|
|
|
|
qvm_collection.lock_db_for_reading()
|
|
|
|
qvm_collection.load()
|
|
|
|
|
2013-10-01 03:18:44 +02:00
|
|
|
vms = None
|
|
|
|
if (len (args) > 1):
|
|
|
|
vms = [qvm_collection.get_vm_by_name(vmname) for vmname in args[1:]]
|
|
|
|
|
2014-01-15 05:51:18 +01:00
|
|
|
if options.appvm:
|
|
|
|
print >>sys.stderr, ("WARNING: VM {} excluded because it's used to "
|
|
|
|
"store the backup.").format(options.appvm)
|
|
|
|
options.exclude_list.append(options.appvm)
|
|
|
|
|
2014-01-15 05:51:52 +01:00
|
|
|
if options.appvm or options.crypto_algorithm:
|
|
|
|
options.encrypt = True
|
2012-02-07 16:09:35 +01:00
|
|
|
files_to_backup = None
|
|
|
|
try:
|
2013-11-27 03:19:23 +01:00
|
|
|
files_to_backup = backup_prepare(
|
|
|
|
vms_list=vms,
|
|
|
|
exclude_list=options.exclude_list,
|
|
|
|
hide_vm_names=options.encrypt)
|
2012-02-07 16:09:35 +01:00
|
|
|
except QubesException as e:
|
|
|
|
print >>sys.stderr, "ERROR: %s" % str(e)
|
|
|
|
exit(1)
|
2010-06-26 15:00:19 +02:00
|
|
|
|
2013-11-24 03:15:44 +01:00
|
|
|
total_backup_sz = reduce(lambda size, file: size+file["size"],
|
|
|
|
files_to_backup, 0)
|
|
|
|
|
|
|
|
if not options.appvm:
|
2013-11-25 05:41:13 +01:00
|
|
|
appvm = None
|
|
|
|
|
2014-03-17 21:15:39 +01:00
|
|
|
if os.path.isdir(base_backup_dir):
|
|
|
|
stat = os.statvfs(base_backup_dir)
|
|
|
|
else:
|
|
|
|
stat = os.statvfs(os.path.dirname(base_backup_dir))
|
2013-11-24 03:15:44 +01:00
|
|
|
backup_fs_free_sz = stat.f_bsize * stat.f_bavail
|
|
|
|
print
|
|
|
|
if (total_backup_sz > backup_fs_free_sz):
|
|
|
|
print >>sys.stderr, "ERROR: Not enough space available on the backup filesystem!"
|
|
|
|
exit(1)
|
|
|
|
|
|
|
|
print "-> Available space: {0}".format(size_to_human(backup_fs_free_sz))
|
2013-11-25 05:41:13 +01:00
|
|
|
else:
|
|
|
|
appvm = qvm_collection.get_vm_by_name(options.appvm)
|
|
|
|
if appvm is None:
|
|
|
|
print >>sys.stderr, "ERROR: VM {0} does not exist".format(options.appvm)
|
|
|
|
exit(1)
|
2013-11-24 03:15:44 +01:00
|
|
|
|
2013-11-25 05:43:15 +01:00
|
|
|
stat = os.statvfs('/var/tmp')
|
|
|
|
backup_fs_free_sz = stat.f_bsize * stat.f_bavail
|
|
|
|
print
|
|
|
|
if (backup_fs_free_sz < 1000000000):
|
|
|
|
print >>sys.stderr, "ERROR: Not enough space available " \
|
|
|
|
"on the local filesystem (needs 1GB for temporary files)!"
|
|
|
|
exit(1)
|
|
|
|
|
2014-01-15 05:52:46 +01:00
|
|
|
if not appvm.is_running():
|
|
|
|
appvm.start(verbose=True)
|
|
|
|
|
2010-06-26 15:00:19 +02:00
|
|
|
prompt = raw_input ("Do you want to proceed? [y/N] ")
|
|
|
|
if not (prompt == "y" or prompt == "Y"):
|
|
|
|
exit (0)
|
|
|
|
|
2013-11-24 03:19:11 +01:00
|
|
|
passphrase = getpass.getpass("Please enter the pass phrase that will be used to encrypt/verify the backup: ")
|
2013-11-25 05:42:47 +01:00
|
|
|
passphrase2 = getpass.getpass("Enter again for verification: ")
|
|
|
|
if passphrase != passphrase2:
|
|
|
|
print >>sys.stderr, "ERROR: Password mismatch"
|
|
|
|
exit(1)
|
2013-09-28 12:24:33 +02:00
|
|
|
|
2014-02-05 06:53:07 +01:00
|
|
|
passphrase = passphrase.decode(sys.stdin.encoding)
|
|
|
|
|
2014-01-15 05:34:35 +01:00
|
|
|
kwargs = {}
|
|
|
|
if options.hmac_algorithm:
|
|
|
|
kwargs['hmac_algorithm'] = options.hmac_algorithm
|
|
|
|
if options.crypto_algorithm:
|
|
|
|
kwargs['crypto_algorithm'] = options.crypto_algorithm
|
|
|
|
|
2012-02-07 16:09:35 +01:00
|
|
|
try:
|
2013-11-25 05:41:13 +01:00
|
|
|
backup_do(base_backup_dir, files_to_backup, passphrase,
|
2013-11-24 03:45:40 +01:00
|
|
|
progress_callback=print_progress,
|
2014-01-15 03:45:12 +01:00
|
|
|
encrypted=options.encrypt,
|
|
|
|
compressed=options.compress,
|
2014-01-15 05:34:35 +01:00
|
|
|
appvm=appvm, **kwargs)
|
2012-02-07 16:09:35 +01:00
|
|
|
except QubesException as e:
|
|
|
|
print >>sys.stderr, "ERROR: %s" % str(e)
|
|
|
|
exit(1)
|
2010-06-26 15:00:19 +02:00
|
|
|
|
|
|
|
print
|
|
|
|
print "-> Backup completed."
|
|
|
|
|
|
|
|
qvm_collection.unlock_db()
|
|
|
|
main()
|