Application of Backup Recovery Technology in Linux

Article Title: Application of Backup Recovery Technology in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
This article describes how to use backup scripts, commands, and commercial software in Linux to reasonably and efficiently protect disk data security.
　　
The backup and recovery system is responsible for backup and recovery beforehand. In the current rapidly developing network environment, no information system on any network can guarantee absolute security. As long as there is a network, There will be various threats from the network. In order to defend against network attacks and intrusions, although we have introduced increasingly sophisticated intrusion detection systems and firewall systems, hacker intrusion methods have become increasingly sophisticated, they can always find the security vulnerabilities and deficiencies of these systems for intrusion, so the security events caused by network intrusion are increasing year by year.
　　
In this case, it is difficult for us to ensure the absolute security of key systems in the network, so we need to adopt backup and recovery technologies. Backup and recovery technologies use storage media and certain policies to regularly back up system business data to ensure that data can be recovered as soon as possible during accidental data loss and minimize user losses. It is a very important core technology in the information security discipline.
　　
　　 Backup Technology in Linux
　　
For backup and recovery, Linux provides tools such as tar, cpio, and dump. In this way, you can use the corresponding backup and recovery tools to implement the basic functions of backup and recovery based on the actual situation of the system without spending money to purchase.
　　
　　 Tar tool Introduction
　　
Tar is a classic Unix Command that has been transplanted to Linux. Tar is the abbreviation of tape archive. It was originally designed to package files on tape. Now we mostly use it to back up a partition or some important file directories. We can use tar to package the entire directory tree, which makes it especially suitable for backup. You can restore all the archive files or expand separate files and directories from them. Backups can be saved to file-based devices or tape devices. Files can be redirected during restoration to put them in a directory (or system) different from the directory (or system) where they were originally saved ). Tar is not related to the file system, so it is applicable to a wide range, it can be used in ext2, ext3, jfs, Reiser and other file systems.
　　
Using tar is very similar to using file utilities such as Winzip and WinRAR in Windows. You only need to point it to a single object (which can be a file or device), and then specify the file to be packaged, You can dynamically compress the archive file through the standard compression type, or specify an external compression program of your choice. To use bzip2 to compress or decompress a file, run the tar-z command.
　　
The following is a simple example of using this tool for data backup:
　　
Tar czvf-/root/code>/tmp/code_bak.tgz (package and back up all program files in the/root/code directory to/tmp/code_bak.tgz)
　　
Tar xzvf/tmp/code_bak.tgz/root/code (restore the backup directory file to the specified directory)
　　
　　 Cpio tool Introduction
　　
Cpio commands can import or copy files from tar or cpio files. Cpio commands are compatible with tar commands, but these commands do not have the following functions:
　　
● Supports cpio and tar file formats;
　　
● Supports many old-fashioned tape data formats;
　　
● The file name can be read through a pipe (pipe-line.
　　
Currently, only a few Linux software packages are released in cpio format. If you are interested in the details of the cpio command, you can use the "man cpio" command to read its user manual.
　　
　　 Dump and restore Introduction
　　
Dump can execute functions similar to tar. However, dump tends to consider file systems rather than individual files. Dump checks the files on the ext2 file system and determines which files need to be backed up. These files will be copied to a given disk, tape, or other storage media for security protection. In most media, the capacity is determined by writing until an end-of-media mark is returned.
　　
The program that works with dump is restore, which is used to restore files from the dump image. The restore command executes the reverse function of the dump. You can restore the full backup of the file system first, and the subsequent Incremental Backup can overwrite the restored full backup. Individual files or directory trees can be restored from full or partial backups.
　　
Both dump and restore can run on the network. Therefore, you can back up or restore data from a remote device. Dump and restore use tape drives and file devices that provide a wide range of options. However, both are only applicable to ext2 and ext3 file systems. If JFS, Reiser, or other file systems are used, other utilities, such as tar, are required. For example:
　　
Dump 0f/dev/nst0/(back up the ext2 File System to the first SCSI device)
　　
Restore-xf/dev/nst0/home/code (restore all data in the/home/code directory of the SCSI device to the disk)
　　
In addition, commercial Storage backup tools such as Tivoli Storage Manager are available on the market. These tools are visualized tools that allow you to conveniently back up and restore data through the user interface. It is worth noting that this is a commercial software, so it is not free. For many users, its functions are similar to the backup and recovery tools provided by Linux, but they are more user-friendly and friendly, allowing users to get rid of the boring command line methods, this makes it easy for you to use.
　　
　　 Backup policy in Linux
　　
Backup requires a certain amount of material and financial resources. How to balance the benefits of backup with the resources consumed by backup is a major concern for network security workers, because spending is higher than output, it means inefficiency or even failure. Therefore, to back up data in a Linux environment, you need to treat it differently based on the actual situation to achieve better results. In particular, key directories need to be differentiated to achieve targeted backup and reduce unnecessary waste.
　　
Under normal circumstances, the directories listed below need to be backed up, and they play an important role in the system:/etc contains all core configuration files, this includes the password file, network configuration file, system name, firewall rules, NFS file system configuration file, and other global system items./var includes the system daemon (service) the information used, including DNS configuration, DHCP lease period, Email Buffer file, and HTTP Server File./home contains the default home directory of all users, this includes their personal settings, downloaded files, and important information stored by users in the system;/root is the root user's home directory; /bin is an important place to store commands such as ls and ps commonly used in many systems. These commands have an impact on the disk and are vulnerable to hacker damage.
　　
On the contrary, in Linux, the following directories should not be backed up:/proc never needs to be backed up. It is not a real file system, but a virtualization view that runs the kernel and environment, it includes files such as/proc/cpuinfo and/proc/meminfo. This file is a virtual view of the entire running memory. Once the system is shut down or restarted, the information in this directory no longer exists;/dev contains the file representation of the hardware device. If you plan to restore it to a blank system, you can back up/dev, if you plan to restore to an installed Linux system, backup/dev is unnecessary. In addition, some soft links (that is, files pointing to other disk files) you do not need to back up the files because all these files are stored is the address of the file to which they are directed. You can use the "ls-l" command to determine these soft-link files, as shown below, the linux-2.4 is a soft link file that points to the linux-2.4.7-10 directory.
　　
Lrwxrwxrwx 1 root 14 June 19 2004 linux-2.4-> linux-2.4.7-10
　　
　　 Link
　　
　　 Backup technology and basic classification
　　
Generally, a complete network data backup system must meet the following requirements:
　　
● The data backup capacity is relatively large, so data backup for key business systems needs to be automated to reduce the workload of system administrators;
　　
● A backup center is built on a backup server to centrally back up application systems and other information data on various platforms. The system administrator can manage, monitor, and configure the backup system on any workstation, features of distributed processing and centralized management;
　　
● Users can easily and quickly recover damaged entire file system and various types of data;
　　
● The backup system should also consider factors such as the impact of network bandwidth on backup performance, backup server platform selection and security, moderate redundancy of backup system capacity, and good scalability of the backup system.
　　
To back up data, you must determine the data backup policy. A backup policy is used to determine the content, time, and method of backup. You need to develop different backup policies based on your actual situation. Currently, the most widely used backup policies are as follows:
　　
1. Full backup
　　
That is, the system is completely backed up every day. The advantage of this backup policy is that data loss can be restored in the event of a disaster. However, it also has shortcomings. First, the entire system is completely backed up every day, resulting in a large amount of duplication of backup data. This duplicate data occupies a large amount of space, which means increasing costs for users. Second, because the amount of data to be backed up is large, the backup takes a long time. It is unwise for users and organizations that are busy and have limited backup time to choose this backup policy. In addition, because the backup interval is too small, the number of full backups is too large, resulting in a large waste of hardware resources, which is also unnecessary.
　　
2. Incremental Backup
　　
That is, only the new or modified data of the current day is backed up every day. This backup policy saves storage media space and shortens the backup time. However, its disadvantage is that data recovery is troublesome when a disaster occurs. In addition, the reliability of such backups is also poor. Data in the backup interval cannot be recovered. Therefore, you must make appropriate trade-offs at the specified backup interval to achieve better results.
　　
3. Differential backup
　　
The Administrator first performs a full system backup at the beginning (such as Sunday), and then in the next few days, the Administrator will re-upload all the data (new or modified) of the day from Sunday) back up data to the magnetic media. Differential backup policies have all their advantages while avoiding the defects of the above two policies. First, it does not need to perform full backup on the system every day, so the backup takes a short time and saves space. Second, its disaster recovery is also very convenient.