#706 Issue closed: Copy "rear recover" log file and related data into recovered system¶

Labels: enhancement, fixed / solved / done

jsmeix opened issue at 2015-11-20 10:10:¶

At the end of "rear recover"
the log file /var/log/rear/
and other recovery related data
like /var/lib/rear/layout/disklayout.conf
and its matching /var/lib/rear/layout/diskrestore.sh
exist only in the rear recovery system.

When the rear recovery system is shut down
the "rear recover" related data is lost.

I like to implement that "rear recover" by default copies
the recovery related log and data into the recovered system
so that this data is later available for example for a detailled
analsysis of the recovery.

To keep the recovery related log and data strictly separated from
the other rear logs and data I like to use a separated directory
var/log/rear/recover for this.

In short:
I like to implemet that at the end of "rear recover"
basically the following is done:

mkdir -p /mnt/local/var/log/rear/recover
cp -p /var/log/rear/rear*.log /mnt/local/var/log/rear/recover
mkdir /mnt/local/var/log/rear/recover/layout
cp -pr /var/lib/rear/layout/*  /mnt/local/var/log/rear/recover/layout

I did a "rear --debugscripts xv recover" and the above
commands manually and /mnt/local/var/log/rear/recover
needs 1.1 MB disk space and with plain "rear recover"
/mnt/local/var/log/rear/recover needs needs 80 kB for me.

I do not think this "wastes disk space" and therefore
I think it can (and should) be done by default.

If there is so little free disk space that about 2 MB
for 'rear recover' with 'set -xv' and about 100 kB
for plain 'rear recover' makes a noticeable difference,
then that only points out the real problem
("too little free disk space").

gdha commented at 2015-11-20 10:20:¶

@jsmeix I have no objection against it.
Perhaps we could in the meantime also tackle issue #21 ?

jsmeix commented at 2015-11-20 10:34:¶

I will implement this one together with https://github.com/rear/rear/issues/21

schlomo commented at 2015-11-21 17:01:¶

Why not copy it to /root in the recovered system - similar to how Red Hat's Kickstart leaves there the kickstart file and log?

schlomo commented at 2015-11-21 17:02:¶

In any case, I would make sure that only root can read those files.

jsmeix commented at 2015-11-23 10:04:¶

I already implemented that only root can access files
in /var/log/rear/recover

But I wonder why everybody can read the other files
in /var/log/rear and /var/lib/rear ?

In other words:
I wonder why it seems what "rear mkbackup" results is o.k. to be read by any user while what "rear recover" results is not?

gdha commented at 2015-11-23 10:50:¶

@jsmeix @schlomo Personally, I don't think a log file is a security threat if it is readable. We only have to make sure there are no passwords or any other sensitive data visible. And, I believe we already have done that in the past (#560)

jsmeix commented at 2015-11-23 11:01:¶

I implemented this particular issue with https://github.com/rear/rear/pull/709 but this does not yet implement https://github.com/rear/rear/issues/21

jsmeix commented at 2015-11-25 12:39:¶

This particular issue is fixed with https://github.com/rear/rear/pull/709

---

[Export of Github issue for rear/rear.]