| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218 |
- #!/usr/bin/python2
- # -*- encoding: utf8 -*-
- #
- # The Qubes OS Project, http://www.qubes-os.org
- #
- # Copyright (C) 2010 Joanna Rutkowska <joanna@invisiblethingslab.com>
- #
- # This program is free software; you can redistribute it and/or
- # modify it under the terms of the GNU General Public License
- # as published by the Free Software Foundation; either version 2
- # of the License, or (at your option) any later version.
- #
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with this program; if not, write to the Free Software
- # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- #
- #
- from qubes.qubes import QubesVmCollection
- from qubes.qubes import QubesException
- from qubes.backup import backup_prepare, backup_do
- from qubes.qubesutils import size_to_human
- from optparse import OptionParser
- import qubes.backup
- import os
- import sys
- import getpass
- from locale import getpreferredencoding
- def print_progress(progress):
- print >> sys.stderr, "\r-> Backing up files: {0}%...".format (progress),
- def main():
- usage = "usage: %prog [options] <backup-dir-path> [vms-to-be-included ...]"
- parser = OptionParser (usage)
- parser.add_option ("-x", "--exclude", action="append",
- dest="exclude_list", default=[],
- help="Exclude the specified VM from the backup (may be "
- "repeated)")
- parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
- help="Force to run with root privileges")
- parser.add_option ("-d", "--dest-vm", action="store", dest="appvm",
- help="Specify the destination VM to which the backup "
- "will be sent (implies -e)")
- parser.add_option ("-e", "--encrypt", action="store_true", dest="encrypt", default=False,
- help="Encrypt the backup")
- parser.add_option ("--no-encrypt", action="store_true",
- dest="no_encrypt", default=False,
- help="Skip encryption even if sending the backup to a "
- "VM")
- parser.add_option ("-p", "--passphrase-file", action="store",
- dest="pass_file", default=None,
- help="Read passphrase from a file, or use '-' to read "
- "from stdin")
- parser.add_option ("-E", "--enc-algo", action="store",
- dest="crypto_algorithm", default=None,
- help="Specify a non-default encryption algorithm. For a "
- "list of supported algorithms, execute 'openssl "
- "list-cipher-algorithms' (implies -e)")
- parser.add_option ("-H", "--hmac-algo", action="store",
- dest="hmac_algorithm", default=None,
- help="Specify a non-default HMAC algorithm. For a list "
- "of supported algorithms, execute 'openssl "
- "list-message-digest-algorithms'")
- parser.add_option ("-z", "--compress", action="store_true", dest="compress", default=False,
- help="Compress the backup")
- parser.add_option ("-Z", "--compress-filter", action="store",
- dest="compress_filter", default=False,
- help="Specify a non-default compression filter program "
- "(default: gzip)")
- parser.add_option("--tmpdir", action="store", dest="tmpdir", default=None,
- help="Specify a temporary directory (if you have at least "
- "1GB free RAM in dom0, use of /tmp is advised) ("
- "default: /var/tmp)")
- parser.add_option ("--debug", action="store_true", dest="debug",
- default=False, help="Enable (a lot of) debug output")
- (options, args) = parser.parse_args ()
- if (len (args) < 1):
- print >> sys.stderr, "You must specify the target backup directory "\
- " (e.g. /mnt/backup)."
- print >> sys.stderr, "qvm-backup will create a subdirectory there for "\
- " each individual backup."
- exit (0)
- base_backup_dir = args[0]
- if hasattr(os, "geteuid") and os.geteuid() == 0:
- if not options.force_root:
- print >> sys.stderr, "*** Running this tool as root is strongly "\
- "discouraged. This will lead to permissions "\
- "problems."
- print >> sys.stderr, "Retry as an unprivileged user, or use "\
- "--force-root to continue anyway."
- exit(1)
- # Only for locking
- qvm_collection = QubesVmCollection()
- qvm_collection.lock_db_for_reading()
- qvm_collection.load()
- vms = None
- if (len (args) > 1):
- vms = [qvm_collection.get_vm_by_name(vmname) for vmname in args[1:]]
- if options.appvm:
- options.exclude_list.append(options.appvm)
- if options.appvm or options.crypto_algorithm:
- options.encrypt = True
- if options.no_encrypt:
- options.encrypt = False
- if options.debug:
- qubes.backup.BACKUP_DEBUG = True
- files_to_backup = None
- try:
- files_to_backup = backup_prepare(
- vms_list=vms,
- exclude_list=options.exclude_list,
- hide_vm_names=options.encrypt)
- except QubesException as e:
- print >>sys.stderr, "ERROR: %s" % str(e)
- exit(1)
- total_backup_sz = reduce(lambda size, file: size+file["size"],
- files_to_backup, 0)
- if not options.appvm:
- appvm = None
- if os.path.isdir(base_backup_dir):
- stat = os.statvfs(base_backup_dir)
- else:
- stat = os.statvfs(os.path.dirname(base_backup_dir))
- backup_fs_free_sz = stat.f_bsize * stat.f_bavail
- print
- if (total_backup_sz > backup_fs_free_sz):
- print >>sys.stderr, "ERROR: Not enough space available on the "\
- "backup filesystem!"
- exit(1)
- print "-> Available space: {0}".format(size_to_human(backup_fs_free_sz))
- else:
- appvm = qvm_collection.get_vm_by_name(options.appvm)
- if appvm is None:
- print >>sys.stderr, "ERROR: VM {0} does not exist!".format(options.appvm)
- exit(1)
- stat = os.statvfs('/var/tmp')
- backup_fs_free_sz = stat.f_bsize * stat.f_bavail
- print
- if (backup_fs_free_sz < 1000000000):
- print >>sys.stderr, "ERROR: Not enough space available " \
- "on the local filesystem (1GB required for temporary files)!"
- exit(1)
- if not appvm.is_running():
- appvm.start(verbose=True)
- if options.appvm:
- print >>sys.stderr, ("NOTE: VM {} will be excluded because it is "
- "the backup destination.").format(options.appvm)
- options.exclude_list.append(options.appvm)
- if not options.encrypt:
- print >>sys.stderr, "WARNING: The backup will NOT be encrypted!"
- if options.pass_file is not None:
- f = open(options.pass_file) if options.pass_file != "-" else sys.stdin
- passphrase = f.readline().rstrip()
- if f is not sys.stdin:
- f.close()
- else:
- if raw_input("Do you want to proceed? [y/N] ").upper() != "Y":
- exit(0)
- s = ("Please enter the passphrase that will be used to {}verify "
- "the backup: ").format('encrypt and ' if options.encrypt else '')
- passphrase = getpass.getpass(s)
- if getpass.getpass("Enter again for verification: ") != passphrase:
- print >>sys.stderr, "ERROR: Passphrase mismatch!"
- exit(1)
- encoding = sys.stdin.encoding or getpreferredencoding()
- passphrase = passphrase.decode(encoding)
- kwargs = {}
- if options.hmac_algorithm:
- kwargs['hmac_algorithm'] = options.hmac_algorithm
- if options.crypto_algorithm:
- kwargs['crypto_algorithm'] = options.crypto_algorithm
- if options.tmpdir:
- kwargs['tmpdir'] = options.tmpdir
- try:
- backup_do(base_backup_dir, files_to_backup, passphrase,
- progress_callback=print_progress,
- encrypted=options.encrypt,
- compressed=options.compress_filter or options.compress,
- appvm=appvm, **kwargs)
- except QubesException as e:
- print >>sys.stderr, "ERROR: %s" % str(e)
- exit(1)
- print
- print "-> Backup completed."
- qvm_collection.unlock_db()
- main()
|
