It's certainly possible -- you would want to use the
dd utility to back up the entire system:
Code:
log in as root
# init 1 (put the system into single user mode, no GUI running, most stuff shut down)
# dd if=/dev/sda of=/dev/sdb
where "if=/dev/sda" is your system disk and "of=/dev/sdb" is your external drive (whatever its name actually is, probably not
/dev/sdb though).
Note that this is going to be slow, real slow (and, no, there really isn't a go-fast switch).
Now, let's talk about this for a while.
What you're doing with
dd is, for all practical purposes, creating a mirror of your system. By putting the system into single-user mode (that's what
init 1 does), you're stopping almost all the daemons that are running, stopping your GUI (so you'll have a black screen with a log in prompt), stopping everything so nothing will interfere with the copy you're making. You would do this after you've installed and configure your distribution -- a clean, bright, shiny level 0 snapshot (as it were) of the system.
When you're done with this initial mirroring, you simply enter
to reboot.
From that "level 0," you would want to incrementally back up anything that has changed -- but not everything that has changed. You don't really care about the system logs, for example, but you do care (a great deal) about the
/etc directory (that's where configurations are recorded), the
/hom tree (that's all your user stuff), possibly the
/opt tree (that's where things like
OpenOffice.org or
LibreOffice.org go) and maybe a few others depending upon where applications have written configuration files and perhaps data files. You may also, as you indicated above, want to back up any changed system-level files (like when patches and upgrades are applied).
So, how do you do that?
The
find utility is probably your best bet. Here's an example of how you would use
find on multiple directories:
Code:
# find /etc /opt /home /usr/local (and some options)
OK, so how do you locate only those things that have changed since sometime or other?
Code:
# find dirname -type f -mtime -10
would find all files (
-type f that have been modified in the last 10 days.
Well, OK, what about files that have changed in the last six months, two years, whatever?
Let's say that you installed your distribution and got it all the way you wanted on, oh, 15 July 2010. If you create a time stamp file, you can use the
newer option in
find:
Code:
# touch -d "15 jul 2010 03:00:00" date_marker
# find dirname -newer date_marker
The
-d option is important -- it
parse STRING and use it instead of current time; i.e., it sets the file time stamps to the date you tell it to.
By doing this, you don't need to calculate the number of days since some date. Now we need to fiddle with this a little to get only files we do care about and not get files we don't care about
:
Code:
# touch -d "15 jul 2010 03:00:00" date_marker
# find /etc /opt /usr/local /home -type f -newer date_marker
Now, bear in mind that you want to change that
date_marker to the last date and time you did an incremental back up (otherwise it's going to get slower and slower as you go): you only want to back up files that have changed since some time. It's usually a good idea to use 03:00:00 on a Sunday as your back up time (and, why 03:00:00? so you miss daylight savings time switches).
Also, if you're doing this on a regular schedule, you don't need to create the time stamp file; you can simply use
-mtime -7 for the preceding week. Let's keep it as simple as possible (but the example below do use the
date_marker file, go figure).
Now, if you're going to use your external disk dive you don't need to use
dd to copy the changed files to it, you can simply use
cp in a pipe:
Code:
# touch -d "15 jul 2010 03:00:00" date_marker
# cp -pr `find /etc /opt /usr/local /home -type f -newer date_marker` /dev/sdb
again, where
/dev/sdb is the name or mount-point of your external drive.
You do want to pay attention to the list of directories -- those above may not meet your needs and you may want to add or delete to the list. Bear in mind that you don't need to copy the entire system every time you do this, only the changes (and you really don't care about copying the system logs and that kind of stuff or the
/tmp directory). If you don't really care about how long it takes just do something like this:
Code:
cp -pr `find / -type f -mtime -7` /dev/sdb
and get everything that's changed in the last 7 days.
By the way, the
-pr option to
cp instructs it to do a recursive copy of directories; so, if you find a file or group of files that are in a new directory the directory and all its content will get created for you.
Also give some though to using other media; e.g., CD-ROM or DVD, for your incremental back ups; you can plug in a CD-ROM or DVD and write to it then stick it in file (with a date indicated on the envelope!). This has a certain advantage in that you may want to recover back to a certain date which you will not be able to do if you continuously overwrite that disk drive with changed files. Doing so is a little more fooling around (you can't just write to a DVD with
cp) but it may be worth thinking about.
Hope this helps some.
