View previous topic :: View next topic |
Author |
Message |
BakaO n00b
Joined: 27 Sep 2003 Posts: 74
|
Posted: Sun Mar 13, 2011 9:41 pm Post subject: Backup full system, no offline |
|
|
Hello,
I want to use security tool (nessus) on my production server.
As I don't want to break my server, I would like to test nessus in a fake server in a virtual machine.
So I would like to know how I can create this VM without putting offline my server.
Thanks for all. |
|
Back to top |
|
|
TJNII l33t
Joined: 09 Nov 2003 Posts: 637 Location: for(;;);
|
Posted: Sun Mar 13, 2011 11:42 pm Post subject: |
|
|
I frequently just tar up the filesystem while it is running. It is bad practice, but it often works.
I cloned my production box off to a second server just this week for very similar reasons. I just tarred up root, untarred it on the second box, populated /dev with critical nodes, tweaked the settings in /etc which need tweaking for a second box, installed the bootloader, and I was off.
I want to reiterate that this is bad practice, though. I'm sure I'm going to get jumped on for suggesting it, but it will probably work. It isn't any worse than a ungraceful shutdown. _________________ Maintaining documentation on upgrades is apparently not within the power of Gentoo
Beware when you emerge -u world! |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21635
|
Posted: Mon Mar 14, 2011 1:21 am Post subject: |
|
|
Since TJNII already disclaimed his method as bad practice, I will not jump on him for that. However, as a technical point, if you pursue this route, or any of its variations based on rsync, cp, etc., take care that you do not copy pseudo-filesystems like /dev, but do copy the mount points of those filesystems. Also, be careful to catch and send along any files which are normally shadowed by mounted filesystems. Some systems need a /dev on / that contains certain device nodes, and copying while live would normally miss those due to the udev-managed tmpfs shadowing them. |
|
Back to top |
|
|
cach0rr0 Bodhisattva
Joined: 13 Nov 2008 Posts: 4123 Location: Houston, Republic of Texas
|
Posted: Mon Mar 14, 2011 2:05 am Post subject: |
|
|
Hu wrote: | Since TJNII already disclaimed his method as bad practice, I will not jump on him for that. However, as a technical point, if you pursue this route, or any of its variations based on rsync, cp, etc., take care that you do not copy pseudo-filesystems like /dev, but do copy the mount points of those filesystems. Also, be careful to catch and send along any files which are normally shadowed by mounted filesystems. Some systems need a /dev on / that contains certain device nodes, and copying while live would normally miss those due to the udev-managed tmpfs shadowing them. |
thoughts on this method? http://en.gentoo-wiki.com/wiki/Custom_Stage4
I've used it, seems to work, haven't gone through it with a fine-toothed comb. See anything in there they're missing? _________________ Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21635
|
Posted: Tue Mar 15, 2011 2:46 am Post subject: |
|
|
It is a bit sloppy, but seems passable for most cases. As I hinted at above, I would use bind mounts so that the contents of directories that are shadowed during normal operation can still be included. If you need to split the archive, I would split it as it is generated, rather than writing a full tar file and then performing a separate split afterward. Excluding /usr/src will anger Portage when the files from sys-kernel/*-sources do not survive the transfer. I think FEATURES=splitdebug may also cause files to be written into /usr/src. The instructions assume use of an MBR style partition table, which may not be the case on modern drives. |
|
Back to top |
|
|
chiefbag Guru
Joined: 01 Oct 2010 Posts: 542 Location: The Kingdom
|
Posted: Tue Mar 15, 2011 11:06 am Post subject: |
|
|
I often use stage 4's to keep a snapshot of servers, Not sure if its 100% accurate as obviously its not going to be if services are running on the box.
However in most cases its fine unless your concerned with the accuracy of data some app/db that may be running |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|