|
@@ -135,8 +135,6 @@ while true ; do
|
|
|
esac
|
|
esac
|
|
|
done
|
|
done
|
|
|
|
|
|
|
|
-ESCAPED_COMPRESSION_SUFFIX="\$COMPRESSION_SUFFIX"
|
|
|
|
|
-
|
|
|
|
|
create_exclude_string(){
|
|
create_exclude_string(){
|
|
|
EXCLUDE_OPTION="--exclude=."
|
|
EXCLUDE_OPTION="--exclude=."
|
|
|
EXCLUDE_STRING=""
|
|
EXCLUDE_STRING=""
|
|
@@ -145,6 +143,89 @@ create_exclude_string(){
|
|
|
done
|
|
done
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+log_debug(){
|
|
|
|
|
+ if [[ "$DEBUG" = "1" ]] ; then
|
|
|
|
|
+ echo $*
|
|
|
|
|
+ fi
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+format_partition(){
|
|
|
|
|
+ local partition_type="$1"
|
|
|
|
|
+ local target_device="$2"
|
|
|
|
|
+ echo "Formating $target_device with type $partition_type"
|
|
|
|
|
+ if [[ "1" != "$DEBUG" ]] ; then
|
|
|
|
|
+ mkfs -t $partition_type $target_device
|
|
|
|
|
+ test "$?" == 0 || exit $?
|
|
|
|
|
+ fi
|
|
|
|
|
+ _REAL_TARGET_DEVICE=$target_device
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+create_luks_container(){
|
|
|
|
|
+ local target_device="$1"
|
|
|
|
|
+
|
|
|
|
|
+ echo "Creating a new LUKS container"
|
|
|
|
|
+ if [ "$DEBUG" != "1" ] && [ "$FAKE_DEVICE" != "1" ] ; then
|
|
|
|
|
+ cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha512 $target_device <<EOF
|
|
|
|
|
+YES
|
|
|
|
|
+MOT_DE_PASSE
|
|
|
|
|
+EOF
|
|
|
|
|
+ fi
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+prepare_partition(){
|
|
|
|
|
+ local partition_type="$1"
|
|
|
|
|
+ local target_device="$2"
|
|
|
|
|
+ local backup_basename=$3
|
|
|
|
|
+ for part_type in $(echo $partition_type) ; do
|
|
|
|
|
+ case $part_type in
|
|
|
|
|
+ crypto_LUKS)
|
|
|
|
|
+ ask_password $target_device
|
|
|
|
|
+ create_luks_container $target_device
|
|
|
|
|
+ open_luks_container $target_device $backup_basename
|
|
|
|
|
+ #Now that the partition is opened, we will format it at next loop:
|
|
|
|
|
+ target_device=$_UNCRYPTED_DEVICE
|
|
|
|
|
+ ;;
|
|
|
|
|
+ *)
|
|
|
|
|
+ format_partition $part_type $target_device
|
|
|
|
|
+ ;;
|
|
|
|
|
+ esac
|
|
|
|
|
+ done
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+restore_partition(){
|
|
|
|
|
+ local partition_file=$1
|
|
|
|
|
+ local partition_dev=$2
|
|
|
|
|
+ local backup_basename=$3
|
|
|
|
|
+
|
|
|
|
|
+ mount_dir_name="diskimg-$backup_basename"
|
|
|
|
|
+ mountpoint_dir="/mnt/$mount_dir_name"
|
|
|
|
|
+ test "1" = "$VERBOSE" && echo "Mounting $partition_dev to $mountpoint_dir"
|
|
|
|
|
+ if [[ "$FAKE_DEVICE" != "1" ]] ; then
|
|
|
|
|
+ mkdir -p $mountpoint_dir
|
|
|
|
|
+ test "$?" == 0 || exit $?
|
|
|
|
|
+ mount $partition_dev $mountpoint_dir
|
|
|
|
|
+ test "$?" == 0 || exit $?
|
|
|
|
|
+ fi
|
|
|
|
|
+ test "1" = "$VERBOSE" && echo "Restoring from $partition_file to $mountpoint_dir"
|
|
|
|
|
+
|
|
|
|
|
+ if [[ "$SKIP_TAR" != 1 ]] ; then
|
|
|
|
|
+ if [[ "1" = "$DEBUG" ]] ; then
|
|
|
|
|
+ echo tar --numeric-owner $COMPRESSION_ALGORITHM $VERBOSE_OPTION -pxf $partition_file -C $mountpoint_dir
|
|
|
|
|
+ if [[ "$FAKE_DEVICE" != "1" ]] ; then
|
|
|
|
|
+ tar --numeric-owner $COMPRESSION_ALGORITHM $VERBOSE_OPTION -pxf $partition_file -C $mountpoint_dir
|
|
|
|
|
+ test "$?" == 0 || exit $?
|
|
|
|
|
+ fi
|
|
|
|
|
+ fi
|
|
|
|
|
+ fi
|
|
|
|
|
+
|
|
|
|
|
+ test "1" = "$VERBOSE" && echo "Un-mounting $partition_dev"
|
|
|
|
|
+ if [[ "$FAKE_DEVICE" != "1" ]] ; then
|
|
|
|
|
+ umount $partition_dev
|
|
|
|
|
+ test "$?" == 0 || exit $?
|
|
|
|
|
+ rmdir $mountpoint_dir
|
|
|
|
|
+ test "$?" == 0 || exit $?
|
|
|
|
|
+ fi
|
|
|
|
|
+}
|
|
|
|
|
|
|
|
do_restore_disk(){
|
|
do_restore_disk(){
|
|
|
echo "Restoring disk image from $SOURCE_DIR to $DISK_DEVICE"
|
|
echo "Restoring disk image from $SOURCE_DIR to $DISK_DEVICE"
|
|
@@ -175,46 +256,26 @@ do_restore_disk(){
|
|
|
|
|
|
|
|
#For each partition, we restore the backup
|
|
#For each partition, we restore the backup
|
|
|
for partition_file in $(ls $SOURCE_DIR/partition*.tar$COMPRESSION_SUFFIX) ; do
|
|
for partition_file in $(ls $SOURCE_DIR/partition*.tar$COMPRESSION_SUFFIX) ; do
|
|
|
- partition_dev=$(basename $partition_file | sed "s+partition-+$DISK_DEVICE+" |sed "s/\.tar$ESCAPED_COMPRESSION_SUFFIX//")
|
|
|
|
|
- backup_basename=$(basename $partition_file)
|
|
|
|
|
|
|
+ partition_dev=$(basename $partition_file | sed "s+partition-+$DISK_DEVICE+" |sed "s/\.tar$COMPRESSION_SUFFIX//")
|
|
|
|
|
+ backup_basename=$(basename $partition_file | sed "s/\.tar$COMPRESSION_SUFFIX//")
|
|
|
backup_filename="$backup_basename.tar$COMPRESSION_SUFFIX "
|
|
backup_filename="$backup_basename.tar$COMPRESSION_SUFFIX "
|
|
|
- partition_type_file=$SOURCE_DIR/$(echo $backup_basename | sed "s+\.tar$ESCAPED_COMPRESSION_SUFFIX+.type+")
|
|
|
|
|
|
|
+ partition_type_file=$SOURCE_DIR/$backup_basename.type
|
|
|
|
|
|
|
|
- echo ""
|
|
|
|
|
- echo "--> Restoring backup $partition_file into $partition_dev"
|
|
|
|
|
|
|
+ log_debug "+++ partition_dev =$partition_dev"
|
|
|
|
|
+ log_debug "+++ backup_basename =$backup_basename"
|
|
|
|
|
+ log_debug "+++ backup_filename =$backup_filename"
|
|
|
|
|
+ log_debug "+++ partition_type_file=$partition_type_file"
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
+ echo "--- Preparing backup restoration of $partition_file into $partition_dev ---"
|
|
|
|
|
|
|
|
if [[ "$KEEP_PARTITIONS" != "1" ]] ; then
|
|
if [[ "$KEEP_PARTITIONS" != "1" ]] ; then
|
|
|
#First get the partition type
|
|
#First get the partition type
|
|
|
partition_type=$(cat $partition_type_file)
|
|
partition_type=$(cat $partition_type_file)
|
|
|
- echo "Formating $partition_dev with type $partition_type"
|
|
|
|
|
- if [[ "1" != "$DEBUG" ]] ; then
|
|
|
|
|
- mkfs -t $partition_type $partition_dev
|
|
|
|
|
- test "$?" == 0 || exit $?
|
|
|
|
|
- fi
|
|
|
|
|
|
|
+ prepare_partition "$partition_type" $partition_dev $backup_basename
|
|
|
fi
|
|
fi
|
|
|
|
|
|
|
|
- mount_dir_name="diskimg-$backup_basename"
|
|
|
|
|
- mountpoint_dir="/mnt/$mount_dir_name"
|
|
|
|
|
- test "1" = "$VERBOSE" && echo "Mounting $partition_dev to $mountpoint_dir"
|
|
|
|
|
- [[ "$FAKE_DEVICE" != "1" ]] && mkdir -p $mountpoint_dir
|
|
|
|
|
- test "$?" == 0 || exit $?
|
|
|
|
|
- mount $partition_dev $mountpoint_dir
|
|
|
|
|
- test "$?" == 0 || exit $?
|
|
|
|
|
- test "1" = "$VERBOSE" && echo "Restoring from $partition_file to $mountpoint_dir"
|
|
|
|
|
-
|
|
|
|
|
- if [[ "$SKIP_TAR" != 1 ]] ; then
|
|
|
|
|
- test "1" = "$DEBUG" && echo tar --numeric-owner $COMPRESSION_ALGORITHM $VERBOSE_OPTION -pxf $partition_file -C $mountpoint_dir
|
|
|
|
|
- test "1" != "$DEBUG" && tar --numeric-owner $COMPRESSION_ALGORITHM $VERBOSE_OPTION -pxf $partition_file -C $mountpoint_dir
|
|
|
|
|
- fi
|
|
|
|
|
-
|
|
|
|
|
- test "$?" == 0 || exit $?
|
|
|
|
|
- test "1" = "$VERBOSE" && echo "Un-mounting $partition_dev"
|
|
|
|
|
- if [[ "$FAKE_DEVICE" != "1" ]] ; then
|
|
|
|
|
- umount $partition_dev
|
|
|
|
|
- test "$?" == 0 || exit $?
|
|
|
|
|
- rmdir $mountpoint_dir
|
|
|
|
|
- test "$?" == 0 || exit $?
|
|
|
|
|
- fi
|
|
|
|
|
|
|
+ restore_partition $partition_file $_REAL_TARGET_DEVICE $backup_basename
|
|
|
done
|
|
done
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -244,10 +305,7 @@ restore_disk(){
|
|
|
backup_mounted_volume(){
|
|
backup_mounted_volume(){
|
|
|
backup_basename=$1
|
|
backup_basename=$1
|
|
|
partition_dev=$2
|
|
partition_dev=$2
|
|
|
- part_type=$3
|
|
|
|
|
-
|
|
|
|
|
- part_type_filename="$backup_basename.type"
|
|
|
|
|
- echo $part_type > $TARGET_DIR/$part_type_filename
|
|
|
|
|
|
|
+ my_part_type=$3
|
|
|
|
|
|
|
|
backup_filename="$backup_basename.tar$COMPRESSION_SUFFIX "
|
|
backup_filename="$backup_basename.tar$COMPRESSION_SUFFIX "
|
|
|
echo "--- Creating backup for $partition_dev into $backup_filename ---"
|
|
echo "--- Creating backup for $partition_dev into $backup_filename ---"
|
|
@@ -267,24 +325,47 @@ backup_mounted_volume(){
|
|
|
rmdir $mountpoint_dir
|
|
rmdir $mountpoint_dir
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
-ensure_crypt_part_is_opened(){
|
|
|
|
|
- partition_dev=$1
|
|
|
|
|
- backup_basename=$2
|
|
|
|
|
|
|
+ask_password(){
|
|
|
|
|
+ local partition_dev=$1
|
|
|
|
|
+ echo "Enter encrypted partition passphrase for $partition_dev:"
|
|
|
|
|
+ read -s _luks_password
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+open_luks_container(){
|
|
|
|
|
+ local target_device=$1
|
|
|
|
|
+ local backup_basename=$2
|
|
|
|
|
+ if [ "$DEBUG" != "1" ] && [ "$FAKE_DEVICE" != "1" ] ; then
|
|
|
|
|
+ cryptsetup luksOpen $target_device $backup_basename<<EOF
|
|
|
|
|
+$_luks_password
|
|
|
|
|
+EOF
|
|
|
|
|
+ fi
|
|
|
|
|
+ _UNCRYPTED_DEVICE=/dev/mapper/$backup_basename
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+ask_and_open_encrypted_part(){
|
|
|
|
|
+ local partition_dev=$1
|
|
|
|
|
+ local backup_basename=$2
|
|
|
#Are we already opened ? in this case,
|
|
#Are we already opened ? in this case,
|
|
|
#we should see "crypt" string in the output of lsblk -l -n $partition_dev
|
|
#we should see "crypt" string in the output of lsblk -l -n $partition_dev
|
|
|
lsblk -l -n $partition_dev | grep crypt > /dev/null 2>&1
|
|
lsblk -l -n $partition_dev | grep crypt > /dev/null 2>&1
|
|
|
rv=$?
|
|
rv=$?
|
|
|
if [ "$rv" != "0" ] ; then
|
|
if [ "$rv" != "0" ] ; then
|
|
|
- echo '### Please open the crypted volume by providing a passphrase to unlock it ###'
|
|
|
|
|
- cryptsetup luksOpen $partition_dev $backup_basename
|
|
|
|
|
|
|
+ ask_password $partition_dev
|
|
|
|
|
+ open_luks_container $partition_dev $backup_basename
|
|
|
fi
|
|
fi
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+ensure_crypt_part_is_opened(){
|
|
|
|
|
+ partition_dev=$1
|
|
|
|
|
+ backup_basename=$2
|
|
|
|
|
+ ask_and_open_encrypted_part $partition_dev $backup_basename
|
|
|
#Now we should get the uncrypted volume name (which is not necessarily the
|
|
#Now we should get the uncrypted volume name (which is not necessarily the
|
|
|
#same as $backup_basename)
|
|
#same as $backup_basename)
|
|
|
current_vol_name=$(lsblk -l -n $partition_dev |grep crypt | awk '{print $1}')
|
|
current_vol_name=$(lsblk -l -n $partition_dev |grep crypt | awk '{print $1}')
|
|
|
|
|
|
|
|
#Now get the partition type and returns it
|
|
#Now get the partition type and returns it
|
|
|
- part_type=`lsblk -l -n -o NAME,FSTYPE $partition_dev | grep $backup_basename | awk '{print $2}'`
|
|
|
|
|
- _UNCRYPTED_TYPE=${part_type}
|
|
|
|
|
|
|
+ my_part_type=`lsblk -l -n -o NAME,FSTYPE $partition_dev | grep $backup_basename | awk '{print $2}'`
|
|
|
|
|
+ _UNCRYPTED_TYPE=${my_part_type}
|
|
|
_UNCRYPTED_VOL=/dev/mapper/$current_vol_name
|
|
_UNCRYPTED_VOL=/dev/mapper/$current_vol_name
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -321,7 +402,7 @@ backup_disk(){
|
|
|
#Device to mount will be empty unless necessary (ie: if a crypt volume is to be backup-ed)
|
|
#Device to mount will be empty unless necessary (ie: if a crypt volume is to be backup-ed)
|
|
|
device_to_mount=""
|
|
device_to_mount=""
|
|
|
#Partition type
|
|
#Partition type
|
|
|
- echo "Saving partition type"
|
|
|
|
|
|
|
+ echo "Managing partition type"
|
|
|
part_type=`lsblk -lno NAME,FSTYPE $partition_dev | grep $(basename $partition_dev) | awk '{print $2}'`
|
|
part_type=`lsblk -lno NAME,FSTYPE $partition_dev | grep $(basename $partition_dev) | awk '{print $2}'`
|
|
|
case $part_type in
|
|
case $part_type in
|
|
|
crypto_LUKS)
|
|
crypto_LUKS)
|
|
@@ -329,14 +410,17 @@ backup_disk(){
|
|
|
#First decipher the luks partition:
|
|
#First decipher the luks partition:
|
|
|
ensure_crypt_part_is_opened $partition_dev $backup_basename
|
|
ensure_crypt_part_is_opened $partition_dev $backup_basename
|
|
|
#The inner partition and device may have changed
|
|
#The inner partition and device may have changed
|
|
|
- part_type=${_UNCRYPTED_TYPE}
|
|
|
|
|
device_to_mount=${_UNCRYPTED_VOL}
|
|
device_to_mount=${_UNCRYPTED_VOL}
|
|
|
- backup_mounted_volume $backup_basename $device_to_mount $part_type
|
|
|
|
|
|
|
+ backup_mounted_volume $backup_basename $device_to_mount ${_UNCRYPTED_TYPE}
|
|
|
|
|
+ #Concatenates the part types
|
|
|
|
|
+ part_type="$part_type ${_UNCRYPTED_TYPE}"
|
|
|
;;
|
|
;;
|
|
|
*)
|
|
*)
|
|
|
backup_mounted_volume $backup_basename $partition_dev $part_type
|
|
backup_mounted_volume $backup_basename $partition_dev $part_type
|
|
|
;;
|
|
;;
|
|
|
esac
|
|
esac
|
|
|
|
|
+ part_type_filename="$backup_basename.type"
|
|
|
|
|
+ echo $part_type > $TARGET_DIR/$part_type_filename
|
|
|
done
|
|
done
|
|
|
fi
|
|
fi
|
|
|
}
|
|
}
|
Laurent HUBERT