I've just started using BackupPC to backup my file server. It's a disk-based solution - so if you want to archive to removable media such as DVD-R or tape, you need a separate archive step.

The advantage of BackupPC is supposed to be that it can do remote backups of every machine on your network, without needing special software to be loaded on each client machine. That's true, but a little misleading. If you want to maintain security, then you need to do a little bit of setup on each client.

Configuration seemed unnecessarily awkward. Here's what I did.

I use Debian Sarge, so basic installation was a breeze. The default configuration only allows for backing up Windows machines through Samba. That's not a lot of use to me, so I needed to work out how to get it to backup localhost. There is a FAQ on the subject, but it wasn't quite enough.

1. Prepare the backup partition.

Do this before you install the software, so that your data partition gets properly initialised as part of the installation.

# mkfs.xfs /dev/hdb1
# mkdir -p /var/lib/backuppc
# echo '/dev/hdb1  /var/lib/backuppc  xfs  defaults  0  2' >> /etc/fstab
# mount /var/lib/backuppc

XFS is quicker and more robust than EXT3, so I thought it would be a good choice for the backup filesystem. Debian's version of BackupPC is hard coded to use /var/lib/backuppc as its data directory, so it makes sense to use that as the mount point.

2. Install the software

You will need backuppc and sudo.

# apt-get install backuppc sudo

If you want to backup remote machines as well as localhost, then it makes sense to install rsync too.

3. Create a tar-create script.

In order to back up the root partition, BackupPC needs to be able to read all files. To get that access, it needs root privilege. In order to prevent a compromise of the backup server leading to a compromise of the whole machine, we follow the FAQ's advice and use sudo to allow backuppc to run a small shell script.

I found a couple of problems with the script suggested by the BackupPC documentation. Firstly, it incorrectly transferred command-line options to tar (it used $* rather than "$@"). Secondly it was insecure - leaving the -f option to be set by the server allowed an attacker to write a tar file anywhere on the system - that could easily be used to get elevated privileged, by writing it to /root/.profile for example. Here's my version:


#!/bin/sh -f
exec /bin/tar -c -f - "$@"

Then, make this file executable by root, and use visudo to allow the backuppc user to execute it without needing a password:

backuppc ALL = NOPASSWD: /etc/backuppc/tar-create

4. Create a for localhost.

I had to re-read the documentation several times before I discovered where I was supposed to put per-host configuration options. It's in a file called /var/lib/backuppc/pc/HOSTNAME/ Here's my version for localhost:


# Local server backup of / as user backuppc
$Conf{XferMethod} = 'tar';
$Conf{TarShareName} = ['/'];
$Conf{TarClientCmd} = '/usr/bin/sudo /etc/backuppc/tar-create -v -C $shareName --totals';
$Conf{TarFullArgs} = '$fileList';
$Conf{TarIncrArgs} = '--newer=$incrDate $fileList';
$Conf{BackupFilesExclude} = ['/media', '/mnt', '/proc', '/var/lib/backuppc', '/sys'];

I tried adding the --one-file-system option to tar, and then listing the filesystems I wanted backing up. That didn't work, because it always executes a single tar command, not one for each entry in BackupFilesInclude. Dumb. However I managed to get it to do what I wanted with BackupFilesExclude, albeit less elegantly.

I also had trouble with incremental backups. The default value of TarIncrArgs uses the '+' form of $incrDate, which shell escapes it. This isn't necessary for sudo which isn't a shell. The --newer option was being ignored in incremental backups, which were consequently taking several hours. This was the tell-tale error log message...

Running: /usr/bin/sudo /etc/backuppc/tar-create -v -C / --totals --newer=2006-08-04\ 08:31:37 --exclude=./media (...)
Xfer PIDs are now 6857,6856
/bin/tar: Substituting 1901-12-13 20:45:52 for unknown date format `2006-08-04\\'
/bin/tar: 08\:31\:37: Cannot stat: No such file or directory

I redefined TarIncrArgs and TarFullArgs to eliminate the shell escapes, and all was well. Incremental backups now take minutes, rather than hours.