Pull backups for paranoiacs

Why bother?

What motivated the writting of this article is this simple fact : when the aliens seize your server, they have root access to it. They can delete all your data if they want to. "No problem," will you say, "I've got my remote backup." Well, unless you desactivate your backup cronjob (on the remote box) soon enough, they can rm -rf your data, connect the box back to the net, and let your nice rsync cronjob do its job i.e.... delete your remote backups!

A solution

The solution I'm using is to have three remote backup servers :
  • server 1 : updated daily
  • server 2 : updated on thursdays
  • server 3 : updated on sundays

This way, if the aliens are faster than you and destroy server 1's backup and one of the two others, you still have 3 days to protect the last one before it pulls empty directories smile


  • rotation with at least 3 sets
  • backup the backups on some box rsync can not touch
  • rsync options --max-delete and/or --delete
  • rdiff-backup : it provides a delta backup, so you can recover older versions than the one you just had abducted by aliens

See also

-- IntRigeri - 20 Jan 2005 : first version

-- IntRigeri - 20 Jan 2005 : added various alternatives suggested by others on IRC or on imc-tech
Topic revision: r6 - 27 May 2005, IntRigeri
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback