How to perform system backup with backup-manager on Linux

One thing that we all may have had the chance to learn in either easy or hard ways is that the importance of backups can never be underestimated. Considering that there are as many backup methods as the number of fish in the sea, you may wonder how you can effectively choose the right tool and strategy for your system.

In this article I will introduce you to backup-manager, a simple yet handy command-line backup tool which is available in the standard repositories of most Linux distributions.

What makes backup-manager stand out among other backup tools or strategies? Let me mention just a few of its distinguishing features:

  • Simple design and management: configuration file is easy to read and edit, even for beginners.
  • Set and forget: can be scheduled to run through cron on a periodic basis.
  • Multi-protocol support for remote backup: integrates seamlessly with various transfer protocols, applications and cloud backend (e.g., FTP, SCP, SSH-GPG, rsync, AWS S3) to transfer generated archives to a list of remote hosts.
  • Database backup support: includes out-of-the-box support for backing up MySQL/MariaDB and PostgreSQL databases.
  • Encryption support: supports GPG-based file encryption during backup.

Installing Backup-Manager on Linux

Installation of backup-manager is quick and effortless since it is included in the base repositories of most Linux distributions.

Debian, Ubuntu and their derivatives

# aptitude install backup-manager

During the installation process on Debian-based systems, you will be prompted to enter the directory where you want to store generated backup archives. If the chosen directory does not exist, it will be created automatically when you run backup-manager for the first time.

Select OK and press ENTER.

In the next step, you will be asked to enter all the directories (separated by space) that you want to be backed up. It is advised, though not strictly required, to list several sub-directories of the same parent directory instead of entering only the parent directory.

You can skip this step and configure the list of directories later using the variable BM_TARBALL_DIRECTORIES in the configuration file. Otherwise, feel free to add as many directories as you wish, and then choose OK:

Fedora or CentOS/RHEL

# yum install backup-manager

On CentOS/RHEL, you will need to enable EPEL repository first before running the yum command.

On Red Hat based systems, by default, backup-manager does not back up any directories. If you want to enable backup, open /etc/backup-manager.conf with a text editor, and define the following variables.

# where to store generated backup archives
export BM_REPOSITORY_ROOT="/var/backup-manager"

# a comma-separated list of directories to back up
export BM_TARBALL_DIRECTORIES="/etc /home /var/log"

For more details on other backup related settings, refer to the next section.

Configuring Backup-Manager

The main configuration file for backup-manager is /etc/backup-manager.conf. This file is divided into sections where the backup methods and their associated variables (or "keys") are defined, making backup-manager a versatile tool that can be used in a wide variety of cases.

For demonstration purposes, we will consider the following scenario:

  • Perform a full system backup of the /etc, /home, and /var/log directories on a weekly basis (we will set up the frequency later through cron).
  • Transfer generated .tar.gz backup archives to a specific target directory in two different hosts, dev1 and dev3, over SSH.
  • Back up a local MySQL database to the same destination hosts over SSH.

Open /etc/backup-manager.conf with your favorite text editor and edit the following variables. Feel free to disregard the lines beginning with # if you want. They are provided only as explanatory comments in this article:

# Specify the backup method(s) that will be used.
# tarball: takes a list of directories and builds the corresponding tarballs.
# mysql: archives MySQL databases using mysqldump. To restore the database, you # need to use the same tool manually.
export BM_ARCHIVE_METHOD="tarball mysql"

# Where to store the backups.
export BM_REPOSITORY_ROOT="/var/archives"

# The following directive indicates backup-manager to name 
# the generated files after the directory that was backed up.
export BM_TARBALL_NAMEFORMAT="long"

# Define the compression type for the generated files.
export BM_TARBALL_FILETYPE="tar.gz"

# List the directories that you want to backup.
export BM_TARBALL_DIRECTORIES="/etc /home /var/log"

# Exclude some subdirectories or file extensions.
export BM_TARBALL_BLACKLIST="/var/log/myotherapp.log *.mp3 *.mp4"

# List the database(s) that you want to backup, separated by spaces.
export BM_MYSQL_DATABASES="mysql mybase wordpress dotclear phpbb2"

# MySQL username.
export BM_MYSQL_ADMINLOGIN="root"

# MySQL password for username.
export BM_MYSQL_ADMINPASS="mypassword"

# Add support for DROP statements (optional).
export BM_MYSQL_SAFEDUMPS="true"

# The hostname or IP address where the database(s) reside.
export BM_MYSQL_HOST="localhost"

# Port where MySQL server is listening.
export BM_MYSQL_PORT="3306"

# Compression type (optional).
export BM_MYSQL_FILETYPE="gzip"

# Do not archive remote hosts, but only localhost.
BM_TARBALL_OVER_SSH="false"

# User account for SSH upload.
export BM_UPLOAD_SSH_USER="root"

# Absolute path of the user's private key for passwordless SSH login.
export BM_UPLOAD_SSH_KEY="/root/.ssh/id_rsa"

# Remote hosts (make sure you have exported your public key to them):
export BM_UPLOAD_SSH_HOSTS="dev1 dev3"

# Remote destination for uploading backups. If it doesn't exist, 
# this directory will be created automatically the first time
# backup-manager runs.
export BM_UPLOAD_SSH_DESTINATION="/var/archives/backups/$HOSTNAME"

If you want to back up directories whose name contain a space, comment out BM_TARBALL_DIRECTORIES variable definition, and use the following format instead.

declare -a BM_TARBALL_TARGETS
BM_TARBALL_TARGETS[0]="/etc/Backup Files"
BM_TARBALL_TARGETS[1]="/home/xmodulo/My Documents"
BM_TARBALL_TARGETS[2]="/var/log"
export BM_TARBALL_TARGETS

Running Backup-Manager

To run backup-manager manually, type the following command. Optionally, you can add the '-v' flag in order to examine the process step by step, in a verbose way.

# backup-manager

The directories listed in BM_TARBALL_DIRECTORIES will be backed up in BM_REPOSITORY_ROOT as tarballs, and then transferred over SSH to hosts dev1 and dev3 specified in BM_UPLOAD_SSH_DESTINATION.

As can be seen in the above image, backup-manager during runtime creates a file named /root/.backup-manager_my.cnf with the MySQL password provided in BM_MYSQL_ ADMINPASS. That way, mysqldump can authenticate to a MySQL server without having to accept login password through the command line in plain-text format, which poses a security risk.

Running Backup-Manager through Cron

Once you have decided what is the best day of the week (and the best time) to perform your weekly backup, you can have cron run backup-manager for you.

Open root's crontab file (note that you must be logged on as root):

# crontab -e

Assuming that you want to run backup-manager on Sunday at 5:15 am, add the following line.

15 05 * * 0 /usr/sbin/backup-manager > /dev/null 2>&1

Summary

In this article we have shown how backup-manager is a simple, yet powerful and easy-to-use backup tool. There are several other options that you may want to consider in your backup strategy, so feel free to refer to the man page or to the user guide, which also contains several implementation examples and advice.

Hope it helps. Feel free to leave your questions and comments below.

Subscribe to Xmodulo

Do you want to receive Linux FAQs, detailed tutorials and tips published at Xmodulo? Enter your email address below, and we will deliver our Linux posts straight to your email box, for free. Delivery powered by Google Feedburner.


Support Xmodulo

Did you find this tutorial helpful? Then please be generous and support Xmodulo!

The following two tabs change content below.
Gabriel Cánepa is a GNU/Linux sysadmin and web developer from Villa Mercedes, San Luis, Argentina. He works for a worldwide leading consumer product company and takes great pleasure in using FOSS tools to increase productivity in all areas of his daily work. When he's not typing commands or writing code or articles, he enjoys telling bedtime stories with his wife to his two little daughters and playing with them, the great pleasure of his life.

10 thoughts on “How to perform system backup with backup-manager on Linux

  1. Hello again ;)

    This time I can make some observation about backup (only for remote backup part) from a point of view of SECURITY:

    It is not very wise to make any backup on a host and to upload these backup files on a REMOTE host via ssh (ssh key auth) - this is PUSH BACKUP. If the host is hacked, you will have many big problems:
    - you backup tools could be also "modified" and at the remote destination you can have some garbage backups, or even he can delete ANY backups files stored on the remote host;
    - even more, the attackers who already "manage" your host, can try to attack the remote hosts (with ssh keys);

    Because of this considerations, a good remote backup strategy is something like this:
    - name the host which I need to make backups of like "host Source", and where we want to store remote backups from "host Source" ... like "host Destination"
    - I think that backup is more secure to not use any ssh (ssh is for admin tasks, not for backup tasks). if you need a secure channel for backup transfer use for example openvpn
    - the most important thing is that the "host Destination" MUST initiate the backup to the "host Source" (so if the "host Source" is hack, I will be sure that old and current backups are OK, because the "host Source" can not modify/delete anything on the "host Destination") - PULL BACKUP
    - with iptables (on the host Destination) I deny any new connection to be initiated form "host Source" to the "host Destination", only from host Destination -> host Source is OK
    - a good variant is to set-up a rsync daemon on "host Source", and on the "host Destination" to use any kind of tool who can use rsync (rsnapshot is one of the many other option - so you will have any retention of the old backups and at the same time it use some kind of deduplication, via hard-links)

    Have a nice day with secure backups ;)

    • @Iulian,
      As always, you made some great points, and thanks for sharing them!
      However, I would like to clarify that I believe backup security is worth a post of its own, and will seriously consider covering it in the near future. In addition, I'll be writing another post on another backup tool here soon, and will also take into consideration your outstanding comments.

  2. Enjoyed the article. Thank you.

    Installed on CentOS 6.6. Would have appreciated a bit more detail when using yum to install. Had to manually change the config file to add directories to be backed up.

    Keep up the good writing.

Leave a comment

Your email address will not be published. Required fields are marked *