From owner-freebsd-questions@FreeBSD.ORG Mon Aug 24 16:23:40 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A19AC106564A for ; Mon, 24 Aug 2009 16:23:40 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from dd12710.kasserver.com (dd12710.kasserver.com [85.13.134.233]) by mx1.freebsd.org (Postfix) with ESMTP id 32A6B8FC12 for ; Mon, 24 Aug 2009 16:23:39 +0000 (UTC) Received: from current.Sisis.de (ppp-93-104-108-2.dynamic.mnet-online.de [93.104.108.2]) by dd12710.kasserver.com (Postfix) with ESMTP id 8D3B818027D9E; Mon, 24 Aug 2009 18:23:41 +0200 (CEST) Received: (from guru@localhost) by current.Sisis.de (8.14.3/8.14.3/Submit) id n7OGNb9d001998; Mon, 24 Aug 2009 18:23:37 +0200 (CEST) (envelope-from guru@unixarea.de) X-Authentication-Warning: current.Sisis.de: guru set sender to guru@unixarea.de using -f Date: Mon, 24 Aug 2009 18:23:37 +0200 From: Matthias Apitz To: Maxim Khitrov Message-ID: <20090824162337.GA1899@current.Sisis.de> References: <26ddd1750908240857gb2973b8h7bc06e0a92b82859@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <26ddd1750908240857gb2973b8h7bc06e0a92b82859@mail.gmail.com> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 8.0-CURRENT (i386) Cc: Free BSD Questions list Subject: Re: Continuous backup of critical system files X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Matthias Apitz List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Aug 2009 16:23:40 -0000 El día Monday, August 24, 2009 a las 11:57:25AM -0400, Maxim Khitrov escribió: > Hello all, > > I'm setting up a firewall using FreeBSD 7.2 and thought that it may > not be a bad idea to have a continuous backup for important files like > pf and dnsmasq configurations. By continuous I mean some script that > would be triggered every few minutes from cron to automatically create > a backup of any monitored file if it was modified. I also have a full > system backup in place that is executed daily (dump/restore to a > compact flash card), so the continuous backup would really be for > times when someone makes a mistake editing one of the config files and > needs to revert it to a previous state. > > My initial thought was to create a mercurial repository at the file > system root and exclude everything except for explicitly added files. > I'd then run something like "hg commit -m `date`" from cron every 10 > minutes to record the changes automatically. Can anyone think of a > better way to do this (existing port specifically for this purpose)? > Obviously, I need a way to track the history of a file and revert to a > previous state quickly. The storage of changes should be as > size-efficient as possible. Hello, We run in my company since many years a FreeBSD based firwall. All modified config files like, rc.conf, ipf.rules, ... have always been on some internal host in CVS, only modified there and SCP'ed to the firewall to make the change there active. After some hardware fault I was once able to do a bare metal restore of the firewall within an hour, just installed the base system and copied over the config from CVS. matthias -- Matthias Apitz t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e - w http://www.unixarea.de/ People who hate Microsoft Windows use Linux but people who love UNIX use FreeBSD.