DG

Backup Script - Backing up my machine

Close Up of a USB Hard DriveClose Up of a USB Hard Drive Photo from Pexels

I keep a backup somewhat regularly and especially when I want to wipe and reinstall my OS once in a while (although it's very rare, and mostly I stick to Ubuntu distributions).

One issue that I have when I backup, is that the file permissions, get lost when I copy them to my 1TB Seagate HDD which is formatted with ExFAT as I want it to show up on both Windows and Linux and all others alike.

Recently I came across, a backup script on Ellie's wiki which is using tar to make tar.gz archives along with flags to permissions and ignore a bunch of local directories to skip while archiving.

Let's try this.

Supposing my test folder is ~/code/tmp which is where I keep a lot of well.. tmp things, I planned to archive this with some changed permissions such as a directory with no executable access, making it not possible to cd into, an executable shell script etc.

$ ls -la

total 10560
drwxrwxr-x  6 dg dg     4096 Jan 18 23:54 .
drwxr-xr-x 35 dg dg     4096 Jan 18 13:43 ..
drwxrwxr-x  2 dg dg     4096 Jan 11 20:33 beamer-latex
drwxr-xr-x  4 dg dg     4096 Jan 11 17:33 Eisvogel-3.0.0
-rw-r--r--  1 dg dg 10783082 Jan 11 20:35 Eisvogel-3.0.0.tar.gz
-r-xr-xr-x  1 dg dg       31 Jan 18 23:54 ex.sh
drw-rw-r--  2 dg dg     4096 Jan  1 22:41 testpaper
drwxrwxr-x  3 dg dg     4096 Jan 11 00:58 updog2

Here is the original script, which is MacOS specific, so on Linux some other exclusions might be useful.

BACKUP=backup-macbook-$(date +%FT%H:%M:%S).tar.gz

tar -cvpzf $BACKUP \
    --exclude=$BACKUP \
    --exclude=.cache \
    --exclude=.debug \
    --exclude=.local/lib \
    --exclude=.local/share/virtualenvs \
    --exclude=.recently-used \
    --exclude=.thumbnails \
    --exclude=.pyenv \
    --exclude=.Trash \
    --exclude=.npm \
    --exclude=.poetry \
    --exclude=.kube \
    --exclude=.fastlane \
    --exclude=.mix \
    --exclude=.pyenv \
    --exclude=.gem \
    --exclude=.vscode \
    --exclude=.cocoapods \
    --exclude=Downloads \
    --exclude=Library \
    --exclude=Movies \
    --exclude=Music \
    --exclude=nltk_data \
    --exclude=Pictures \
    --exclude=pkg \
    --exclude=Applications \
    .

Let's try this out.

Here I ignore updog2, which is my local installation of a more maintained version of updog which I sometimes use to host my local computer and access on my phone or other local devices.

A simple search on PyPI also showed updog3, i might look that up later.

BACKUP=backup-test-$(date +%FT%H:%M:%S).tar.gz
tar -cvpzf $BACKUP \
    --exclude=$BACKUP \
    --exclude=updog2 \
    .

It failed on a non writable directory with my user. I think I should actually have access to the directory if its owned by me, so the new permissions of that directory is as follows. The owner has all permissions to read, write and execute into directories.

total 28
drwxrwxr-x  6 dg dg 4096 Jan 19 00:19 .
drwxr-xr-x 35 dg dg 4096 Jan 18 13:43 ..
drwxrwxr-x  2 dg dg 4096 Jan 11 20:33 beamer-latex
drwxr--r--  4 dg dg 4096 Jan 11 17:33 Eisvogel-3.0.0
-r-xr-xr-x  1 dg dg   31 Jan 18 23:54 ex.sh
drwxr--r--  2 dg dg 4096 Jan  1 22:41 testpaper
drwxrwxr-x  3 dg dg 4096 Jan 11 00:58 updog2

Okay it completed to give this:

-rw-rw-r-- 1 dg dg 11327475 Jan 19 00:22 backup-test-2025-01-19T00-22-59.tar.gz

Okay copying it to my HDD and back again clearly messed up my permissions (notice all the executable bits and stuff)

.rwxr-xr-x   11M dg   19 Jan 00:22  backup-test-2025-01-19T00-22-59.tar.gz

Doing a tar xzvf <file>.tar.gz seemed to go on normally as expected and preserved permissions, so I am back with original file permissions. The directory still does not have group and world write perms and my script is not writable.

total 11088

drwxrwxr-x  5 dg dg     4096 Jan 19 00:19 .
drwxr-xr-x 35 dg dg     4096 Jan 19 00:24 ..
-rwxr-xr-x  1 dg dg 11327475 Jan 19 00:22 backup-test-2025-01-19T00-22-59.tar.gz
drwxrwxr-x  2 dg dg     4096 Jan 11 20:33 beamer-latex
drwxr--r--  4 dg dg     4096 Jan 11 17:33 Eisvogel-3.0.0
-r-xr-xr-x  1 dg dg       31 Jan 18 23:54 ex.sh
drwxr--r--  2 dg dg     4096 Jan  1 22:41 testpaper

To further encrypt stuff which is possibly wanted, we can use GPG as a handy tool for encryption:

gpg --symmetric --cipher-algo AES256 $BACKUP

It will ask for a passphrase twice and then spit out a .gpg file.

.rw-rw-r-- 11M dg 19 Jan 00:35 backup-test-2025-01-19T00-34-31.tar.gz.gpg

Decrypting the encrypted archive with gpg:

Syntax from Superuser

gpg --output destination --decrypt sourcefile.gpg

So for example on my archive

$ EXTRACTED=backup-test-2025-01-19T00-34-31.tar.gz
$ gpg --output $EXTRACTED --decrypt $EXTRACTED.gpg
gpg: AES256.CFB encrypted data
gpg: encrypted with 1 passphrase

Then extract the `tar.gz` file normally,

tar xvf $EXTRACTED