Re: [Dar-support] Scripting DAR
For full, incremental, compressed and encrypted backups or archives
Brought to you by:
edrusb
From: Thomas J. <ja...@in...> - 2006-06-08 11:09:15
|
> From your main process, before calling dar you could generate a script=20 > to be passed to -E/-F options that upload the slice given in argument to=20 > the pre-defined ftp server. The login and password would be enclosed in=20 > the script which would only be readable by the appropriated user. I=20 > guess this solution should address more or less the security aspect as=20 > no password should be seen on command-line (by the way the ftp password=20 > is transmitted unencrypted over the network) nor readable by non=20 > authorized user. Yeah, that's about it. BTW, sure, the ftp-password is unencrypted, but I'm talking about a local network here, with local users without root/Admin privileges that could be on a server. So I was worried about command line parameters containing passwords, nothing more. If someone already compromised root, they can easily read the passwords from almost anywhere I could save them anyway ;) > The only point that you miss is to be able to suspend dar before=20 > proceeding to the next slice (the equivalent to -p option). And also being able to interrupt DAR cleanly whenever there are problems (maybe also problems with virtual memory, not wanting to crash the server in question), and being able to stop archiving if there are problems with ftp after a slice (or can that be achieved by -E script return codes). > Under the Cygwin "platform" there is no pseudo-terminal emulation (pty),=20 > it seems to be difficult to emulate this Unix feature over Windows ... :-= / Actually there is, although I don't know how complete that emulation is, but since I am not calling dar from cygwin but from Windows in general (which doesn't have something similiar), this is no good to me ;) (see for instance: http://www.cygwin.com/cygwin-ug-net/using-effectively.html, "Console Programms") [... lots of stuff on how to change dar to allow a "pipe"-mode ... ] Well, unless Wesley's libdar bindings can be easily ported to Windows, adding "pipe"-mode would still be the "cleanest" option. Thanks a lot for the reply & the development hints, Thomas |