From owner-freebsd-questions@FreeBSD.ORG Mon Aug 24 16:24:53 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5EEB61065694 for ; Mon, 24 Aug 2009 16:24:53 +0000 (UTC) (envelope-from kraduk@googlemail.com) Received: from mail-fx0-f210.google.com (mail-fx0-f210.google.com [209.85.220.210]) by mx1.freebsd.org (Postfix) with ESMTP id D4B0E8FC13 for ; Mon, 24 Aug 2009 16:24:52 +0000 (UTC) Received: by fxm6 with SMTP id 6so1451850fxm.43 for ; Mon, 24 Aug 2009 09:24:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=73aUDXkwoD9xMUMuYk/LHkZaRNyl5khf95yTj0PROBs=; b=oBme5v2ehWTRxk9Ovocp1+WuMdGZZ61Y4d7JvvW0+RpxakWCOlLg2gdA56UwM/E3NJ pf95rQxPkUX4m9KIHbmsvpzE0zh7AivBzJxkCV31JSFGRl0/HM8BMDO1btJVVYQYDM0p eYRwqqYgDzgLI79DQiI5Z+AiaevJrvpUr0QOQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=kWzr6p1pxdpNsPXk+winOqkC3GmVIAc3PaCVAMyn31bosPd3YsBaDrDnSt6QjbBXeJ qiUvB3y8xNqBewaYZJk0KuIQHA5NZOr26SSh2N5qutCGP3FsJ5HMBlrsxmLHD19rlR3A Se3CyeS11sDi7CQoArbmRTL4atQQQrLcKKRXw= MIME-Version: 1.0 Received: by 10.103.67.31 with SMTP id u31mr1423379muk.93.1251131091644; Mon, 24 Aug 2009 09:24:51 -0700 (PDT) In-Reply-To: <26ddd1750908240857gb2973b8h7bc06e0a92b82859@mail.gmail.com> References: <26ddd1750908240857gb2973b8h7bc06e0a92b82859@mail.gmail.com> Date: Mon, 24 Aug 2009 17:24:51 +0100 Message-ID: From: chris scott To: Maxim Khitrov Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Free BSD Questions list Subject: Re: Continuous backup of critical system files X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Aug 2009 16:24:53 -0000 2009/8/24 Maxim Khitrov > Hello all, > > I'm setting up a firewall using FreeBSD 7.2 and thought that it may > not be a bad idea to have a continuous backup for important files like > pf and dnsmasq configurations. By continuous I mean some script that > would be triggered every few minutes from cron to automatically create > a backup of any monitored file if it was modified. I also have a full > system backup in place that is executed daily (dump/restore to a > compact flash card), so the continuous backup would really be for > times when someone makes a mistake editing one of the config files and > needs to revert it to a previous state. > > My initial thought was to create a mercurial repository at the file > system root and exclude everything except for explicitly added files. > I'd then run something like "hg commit -m `date`" from cron every 10 > minutes to record the changes automatically. Can anyone think of a > better way to do this (existing port specifically for this purpose)? > Obviously, I need a way to track the history of a file and revert to a > previous state quickly. The storage of changes should be as > size-efficient as possible. > > - Max > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > I rsync all my system files to a filer running zfs. I have a separate zfs fs for every host and then I snapshot the fs after the rsync. We then keep 35 snapshots for retention as we do daily rsyncs. You might want more of a rolling snapshot policy. Keep on for every 10 mins of the last hour, then drop it to hourly for the next 6 hours, then daily, then weekly etc Works quite well. We have also found it handy for forensics as well, when we have had a fault