Albretch Mueller writes:
On 1/30/20, Stephan Seitz <stse+deb...@fsing.rootsland.net> wrote: > On Do, Jan 30, 2020 at 12:14:19 +0100, Albretch Mueller wrote: >> Hmm! I thought and would expect for rsync to be installed by default! > > No, rsync is Priority: optional.The first line of the DESCRIPTION of the rsync package goes: "rsync is a fast and extraordinarily versatile file copying tool . . ." https://manpages.debian.org/stretch/rsync/rsync.1.en.html and here is a use case that (in my view, but I am sure "I am not the only one" as Lennon sang) would be enough to raise the priority of rsync. Way more often and "structured" than I could possibly attribute to normal, random issues (well, I have more than enough reasons to believe that it cannot possibly be "random" at all ;-)), I notice my computer being hacked. What I do is:
Please, if it happens so often, then either(a) I am totally ignorant about it, because I have never noticed such a thing or (b) you are doing something different. Would you mind on elaborating the setup that gets you "hacked" frequently? How do you detect being hacked? Have you thought about measures to prevent the hacking altogether rather than focusing on how to restore in a most streamlined fashion?
1) save all my data 2) reinstall the baseline 3) transfer all my data back to the new installation for §3 you would need rsync and, of course, you must do §1, §2 et §3 off line. Then, I:
I do not get it: Why do I need rsync if I want to copy my data back, exactly? Is good old `cp` insufficient for the task? Have you considered using `tar` instead of rsync. I would think that transferring my data (which is ~400k files, YMMV) is much faster if I copy it back from fewer files i.e. archives than via rsync? And tar can act as a cp-replacement if you do not like cp, the basic idea is this:
tar -C SRC -c . | tar -C DEST -x
Why do you need to be offline for the data copying?
Why is a netinstall followed by a simple `apt-get install rsync` not an option?
It might also be interesting to consider the “backup side” of things:
Independently of your backup solution (I have heard, borg does a good job
btw.), you might consider storing a copy of your backup program with your
data s.t. you can restore without installing anything from the Internet on
a freshly installed Debian? I even go as far as storing a bootable (at least
for legacy BIOS) live-system on my backup media s.t. I can restore the data
in the most OS-indepdentent manner imaginabile (works offline, if needed).
4) baseline all my data (getting a snapshot of all files metadata and signatures of their content) 5) connect to the Internet without javascript enabled from a (possibly random) public place 6) run a custom script to apt-get the rest 7) baseline all my data again
So you are saying that you are being hacked, then need to backup&restore the full system from a “(possibly random) public place”? It sounds like a horror- scenario to me... would it make more sense to avoid this scenario altogehter or at least make it the most rare of exceptions?
You could always install the deb via dpkg, but rsync has quite a few dependencies: https://packages.debian.org/stretch/rsync
Less questions here, possible some constructive commentary: * rsync is part of DVD 1 IIUC. Replace whatever you are using for installing with Debian DVD 1 and have `rsync` installable from DVD without worrying about network connectivity. * In case that does not work for you, I suggest investigating preparing a statically compiled binary for rsync. Of course, this also has some security implications (updates might be missing).
The thing is that once you connect your computer to the Internet you are effectively relinquishing all functional illusions about "privacy" and all those silly, ambiguous and antiquated French words.
I thought the point (at least: one of the points) of using a free distribution like Debian is that you can safely connect to the Internet without having to worry. Unless, of course, you are starting to “surf” non- free websites? But just connecting and using apt afterwards should be safe, shouldn't it?
In fact, it would be really nice to have as an added feature at the end of an Installation offline the option to transfer files from backpus once the installation is finished.
The problem with this is certainly: There are too many backup systems available. How would the choice about which restoration programs be included be made? The other thing is, that from my experience (having done maybe 20--30 Debian installations in the past years), the restoration of backups after installation is very rare (occurred only once, but planned in advance). The reason being: Most of my installs are to new (virtual) systems for which no data is to be restored. I would thus conclude that your use case is (unless there be more data) rather uncommon?
Just mentioning that one can go: "sudo apt" seems very easy but there is always more than meets "easiness"
For sure :)
It would be extra nice if wireshark included by default, too. Then "paranoid" people like me would feel a bit more releaved. I think it is important to own your base, or at least manage it the best you can.
You might be pleased to find Wireshark being part of DVD 1 as well :) Seems Debian has anticipated this need? [...]I am still genuinely curious about the answers to the questions above especially wrt. being hacked, the exact restoration conditions and the reason for being offline to restore data?
YMMV Linux-Fan
pgplfXq_CIhg2.pgp
Description: PGP signature
