MVP of any strategy of backup on TailsOS

[fititnt]

References:

• https://tails.boum.org/blueprint/backups/
• https://tails.boum.org/doc/first_steps/persistence/backup/index.en.html
• https://tails.boum.org/doc/first_steps/persistence/rescue/index.en.html
• MVP of gpg (creation, backup) on TailsOS MVP of gpg (creation, backup) on TailsOS #2

---

Document (or maybe do some shell scripting) of an minimum viable product (MVP) of backup on TailsOS.

Maybe this issue will end being just repeat the oficial documentation. Or cite how to do it using the grapical interface.

Note to self: I think I somewhat bricket the partition layout of one pen drive to a point of Disks utilities know there is an partition, but not aware that is LUKS or something. This is likely to not be related with Tails at all, since I guess I tried to open outside or I intentionally removed several times without waiting the OS close. I'm also using a pretty cheap 64gb USB stick

[fititnt]

These scripts may acidentaly destroy data.

I think we can do some extra checks (like require create some files that allow backup/restore, so if an user run by accident, it will need manual action).

Not sure about the better naming scheme, but we could somewhat think this as database replication naming. If I remember, MariaDB uses primary/replica and MySQL source/replica instead of master/slave.

[fititnt]

Without sudo, using the official documentation at https://tails.boum.org/doc/first_steps/persistence/backup/index.en.html, we have these errors:

rsync -PaSHAXv --del /live/persistence/TailsData_unlocked/ /media/amnesia/TailsData

amnesia@amnesia:~$ rsync -PaSHAXv --del /live/persistence/TailsData_unlocked/ /media/amnesia/TailsData
sending incremental file list
rsync: failed to set times on "/media/amnesia/TailsData/.": Operation not permitted (1)
rsync: recv_generator: mkdir "/media/amnesia/TailsData/Persistent" failed: Permission denied (13)
*** Skipping any contents from this failed directory ***
./
.rsync-filter
             47 100%    0.00kB/s    0:00:00 (xfr#1, ir-chk=1017/1019)
apt_sync_completed
              0 100%    0.00kB/s    0:00:00 (xfr#2, ir-chk=1016/1019)
apt_sync_started
              0 100%    0.00kB/s    0:00:00 (xfr#3, ir-chk=1015/1019)
live-additional-software.conf
             13 100%   12.70kB/s    0:00:00 (xfr#4, ir-chk=1014/1019)
rsync: send_files failed to open "/live/persistence/TailsData_unlocked/persistence.conf": Permission denied (13)
rsync: send_files failed to open "/live/persistence/TailsData_unlocked/persistence.conf.bak": Permission denied (13)
Persistent/
rsync: mkstemp "/media/amnesia/TailsData/.rsync-filter.3dkd2c" failed: Permission denied (13)
rsync: mkstemp "/media/amnesia/TailsData/.apt_sync_completed.p4dvF9" failed: Permission denied (13)
rsync: mkstemp "/media/amnesia/TailsData/.apt_sync_started.Vv8Ni6" failed: Permission denied (13)
rsync: mkstemp "/media/amnesia/TailsData/.live-additional-software.conf.nnZ7V2" failed: Permission denied (13)
rsync: opendir "/live/persistence/TailsData_unlocked/apt/cache/partial" failed: Permission denied (13)
rsync: opendir "/live/persistence/TailsData_unlocked/apt/lists/partial" failed: Permission denied (13)
rsync: opendir "/live/persistence/TailsData_unlocked/greeter-settings" failed: Permission denied (13)
rsync: opendir "/live/persistence/TailsData_unlocked/lost+found" failed: Permission denied (13)
rsync: failed to set times on "/media/amnesia/TailsData/apt": Operation not permitted (1)
rsync: failed to set times on "/media/amnesia/TailsData/apt/cache": Operation not permitted (1)
apt/
apt/cache/
apt/cache/git-gui_1%3a2.20.1-2+deb10u3_all.deb
      1,002,424 100%   17.07MB/s    0:00:00 (xfr#7, to-chk=83/2126)
rsync: failed to set times on "/media/amnesia/TailsData/apt/cache/partial": Operation not permitted (1)
rsync: opendir "/media/amnesia/TailsData/apt/cache/partial" failed: Permission denied (13)
rsync: failed to set times on "/media/amnesia/TailsData/apt/lists": Operation not permitted (1)


(...)

: Permission denied (13)
rsync: mkstemp "/media/amnesia/TailsData/apt/lists/.vwakviie2ienjx6t.onion_debian_dists_sid_main_i18n_Translation-en.diff_Index.yC4GK6" failed: Permission denied (13)

sent 236,411,823 bytes  received 11,341 bytes  157,615,442.67 bytes/sec
total size is 571,449,817  speedup is 2.42
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1207) [sender=3.1.3]

[fititnt]

Now with sudo.

sudo rsync -PaSHAXv --del /live/persistence/TailsData_unlocked/ /media/amnesia/TailsData

amnesia@amnesia:~$ sudo rsync -PaSHAXv --del /live/persistence/TailsData_unlocked/ /media/amnesia/TailsData

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for amnesia: 
sending incremental file list
./
.rsync-filter
             47 100%    0.00kB/s    0:00:00 (xfr#1, ir-chk=1017/1019)
apt_sync_completed
              0 100%    0.00kB/s    0:00:00 (xfr#2, ir-chk=1016/1019)
apt_sync_started
              0 100%    0.00kB/s    0:00:00 (xfr#3, ir-chk=1015/1019)
live-additional-software.conf
             13 100%   12.70kB/s    0:00:00 (xfr#4, ir-chk=1014/1019)
persistence.conf
            496 100%  484.38kB/s    0:00:00 (xfr#5, ir-chk=1013/1019)
persistence.conf.bak
            496 100%   21.06kB/s    0:00:00 (xfr#6, ir-chk=1012/1019)
Persistent/
Persistent/.tailsdata-is-source
              0 100%    0.00kB/s    0:00:00 (xfr#7, ir-chk=1005/1024)

(...)


nm-system-connections/
nm-system-connections/Rocha.nmconnection
            339 100%    0.52kB/s    0:00:00 (xfr#1488, to-chk=5/2133)
nm-system-connections/Wired connection
            188 100%    0.29kB/s    0:00:00 (xfr#1489, to-chk=4/2133)
openssh-client/
openssh-client/id_rsa -> /lib/live/mount/persistence/TailsData_unlocked/dotfiles/.ssh/id_rsa
openssh-client/id_rsa.pub -> /lib/live/mount/persistence/TailsData_unlocked/dotfiles/.ssh/id_rsa.pub
openssh-client/known_hosts
            442 100%    0.67kB/s    0:00:00 (xfr#1490, to-chk=1/2133)
pidgin/
pidgin/prefs.xml
         17,893 100%   27.05kB/s    0:00:00 (xfr#1491, to-chk=0/2133)
thunderbird/

sent 571,715,961 bytes  received 31,273 bytes  2,203,264.87 bytes/sec
total size is 571,450,406  speedup is 1.00

Running again. Note that sometimes it get stuck, and since we're running with sudo to watch via task mananger would need to open the task mananger with sudo sudo gnome-system-monitor

sudo rsync -PaSHAXv --del /live/persistence/TailsData_unlocked/ /media/amnesia/TailsData

amnesia@amnesia:~$ sudo rsync -PaSHAXv --del /live/persistence/TailsData_unlocked/ /media/amnesia/TailsData
[sudo] password for amnesia: 
sending incremental file list

sent 61,768 bytes  received 674 bytes  124,884.00 bytes/sec
total size is 571,450,406  speedup is 9,151.70

[fititnt]

From sudo rsync -PaSHAXv --del /live/persistence/TailsData_unlocked/ /media/amnesia/TailsData to

sudo rsync \
    --partial --progress \
    --archive \
    --sparse \
    --hard-links \
    --acls \
    --xattrs \
    --verbose \
    --delete-during \
    /live/persistence/TailsData_unlocked/ \
    /media/amnesia/TailsData

I know it's the same thing. But for scripts, I find it better to know what is every part is doing.

[fititnt]

Just used again the bin/backup-tailsdata-to-usb-stick.sh v1.0. The message "Writting data to Generic Flash Disk / Device should not be unplugged." persisted for around 1 minute after clicked to eject. (maybe there was around one extra minute before tryint go eject). So when writting a a good amount of data to USB flash drives (on my case its a very cheap one) is pertinent to warn the user,

[fititnt]

I think we could close this issue for now. But the #11, since I did not done a full test, will keep open for more time.