R3 Restore

50 views
Skip to first unread message

Jason M

unread,
Apr 20, 2015, 8:56:29 AM4/20/15
to qubes...@googlegroups.com
Seems like I am unable to restore dom0 backup in R3; have not tried the appvm's yet.

I typically create 4 backup sets; dom0 only, backupvm only, appvms, and templates.

I have over a half dozen backups of dom0 and they all have same issue.  I copied the backup file directly to dom0 so it can be used with the command line utility.

qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18
qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18 dom0
qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18 dom0-home

I just get messages of 'Ignoring VM not selected for restore'

So then I tried to manually extract the files and got stuck at the point where I was receiving a bad magic number

tar -i -xvf backup-2015-04-18
cd dom0-home

openssl dgst -sha512 -hmac "your_passphrase" user.000
cat user.000.hmac

Both signatures match.


Then created the following script:

#!/bin/bash
for f in user.???; do
    echo $f
    ls -l $f
    openssl enc -d -pass file:/.snapshots/passwd -aes-256-cbc -in $f -out ${f}.dec
done



And I get bad magic number when running that.

Any suggestions to allow me to restore would be appreciated :)


Marek Marczykowski-Górecki

unread,
Apr 20, 2015, 9:33:15 AM4/20/15
to Jason M, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Apr 20, 2015 at 05:56:29AM -0700, Jason M wrote:
> Seems like I am unable to restore *dom0 backup* in R3; have not tried the
> appvm's yet.
>
> I typically create 4 backup sets; dom0 only, backupvm only, appvms, and
> templates.
>
> I have over a half dozen backups of dom0 and they all have same issue. I
> copied the backup file directly to dom0 so it can be used with the command
> line utility.
>
> qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18
> qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18 dom0
> qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18 dom0-home
>
> I just get messages of 'Ignoring VM not selected for restore'

Looks like you've found a bug in qvm-backup... dom0 is not included in
qubes.xml stored in the backup, which is used to list what is there.

> So then I tried to manually extract the files and got stuck at the point
> where I was receiving a bad magic number
>
> tar -i -xvf backup-2015-04-18
> cd dom0-home
>
> openssl dgst -sha512 -hmac "your_passphrase" user.000
> cat user.000.hmac
>
> Both signatures match.
>
>
> Then created the following script:
>
> #!/bin/bash
> for f in user.???; do
> echo $f
> ls -l $f
> openssl enc -d -pass file:/.snapshots/passwd -aes-256-cbc -in $f -out ${
> f}.dec
> done

I've just tried exactly the same and it worked... Does it happen on
every file, or just one of them? Maybe your backup is not encrypted?

Check backup-header - perhaps you've used different encryption
algorithm or sth like this.

> And I get bad magic number when running that.
>
> Any suggestions to allow me to restore would be appreciated :)
>
>


- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVNQARAAoJENuP0xzK19csH04H/0mXA/ZphamWm2dA51szrbZ0
ClN2JMCMDFje13KhO0qUpkMEipYB3n8UIhybXpFS67UC2SkFJr/gcBdoq6Gpd40p
6rHkupwzSd/pRLHDlevy0bobBUWFrJK085WOW5PFngG7NQwBXQ2O8qgoDtilLsDq
SzoiaSTYhE3gRF0jQSIW6X6HOEwQDOUBPxPujuMftBjb9UH/vB9xmgBBv6dWBsjI
QnANSTJSOxXXa4ADZqZAKgPh3iL9Oo8OiZPNicqUcaqq8DwXjxg/1hDRgGuucoHO
z9JlvlsqtLtt7wluBQw0ZfnIeCIewiYQRxPtCO45iHptyq/ec1iNPXOtfzXUFCU=
=2p/W
-----END PGP SIGNATURE-----

nrgaway

unread,
Apr 20, 2015, 9:43:09 AM4/20/15
to Marek Marczykowski-Górecki, qubes...@googlegroups.com


On Apr 20, 2015 9:33 AM, "Marek Marczykowski-Górecki" <marm...@invisiblethingslab.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon, Apr 20, 2015 at 05:56:29AM -0700, Jason M wrote:
> > Seems like I am unable to restore *dom0 backup* in R3; have not tried the
> > appvm's yet.
> >
> > I typically create 4 backup sets; dom0 only, backupvm only, appvms, and
> > templates.
> >
> > I have over a half dozen backups of dom0 and they all have same issue.  I
> > copied the backup file directly to dom0 so it can be used with the command
> > line utility.
> >
> > qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18
> > qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18 dom0
> > qvm-backup-restore -e --debug /.snapshots/backup-2015-04-18 dom0-home
> >
> > I just get messages of 'Ignoring VM not selected for restore'
>
> Looks like you've found a bug in qvm-backup... dom0 is not included in
> qubes.xml stored in the backup, which is used to list what is there.

:)

>
> > So then I tried to manually extract the files and got stuck at the point
> > where I was receiving a bad magic number
> >
> > tar -i -xvf backup-2015-04-18
> > cd dom0-home
> >
> > openssl dgst -sha512 -hmac "your_passphrase" user.000
> > cat user.000.hmac
> >
> > Both signatures match.
> >
> >
> > Then created the following script:
> >
> > #!/bin/bash
> > for f in user.???; do
> >     echo $f
> >     ls -l $f
> >     openssl enc -d -pass file:/.snapshots/passwd -aes-256-cbc -in $f -out ${
> > f}.dec
> > done
>
> I've just tried exactly the same and it worked... Does it happen on
> every file, or just one of them? Maybe your backup is not encrypted?
>
> Check backup-header - perhaps you've used different encryption
> algorithm or sth like this.

Strange. Yes it happens to all files and I actually copied and pasted the algorithm from the header file. I will try again once the rest of my backups are completed downloading to qubes. Maybe my password too long or weird lol

Jason M

unread,
Apr 21, 2015, 3:02:59 AM4/21/15
to qubes...@googlegroups.com, nrg...@gmail.com

I bet you only had one user.xxx file; I had 300+ of them :)

So after I verified each file I moved all of the .hmac files out of the way and then:
cat * > user.all
openssl enc -d -pass file:/.snapshots/passwd -aes-256-cbc -in user.all -out user.tar
tar -xvf user.tar

And then moved that extracted directory place to /home.  So relieved now.
 

Marek Marczykowski-Górecki

unread,
Apr 21, 2015, 5:43:24 PM4/21/15
to Jason M, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, that was a test system...

> So after I verified each file I moved all of the .hmac files out of the way
> and then:
> cat * > user.all
> openssl enc -d -pass file:/.snapshots/passwd -aes-256-cbc -in user.all -out
> user.tar
> tar -xvf user.tar
>
> And then moved that extracted directory place to /home. So relieved now.

Restore instruction updated. Also the original bug fixed. Both things
still only on my machine, will push them shortly.

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVNsRyAAoJENuP0xzK19csirQH/jCPsZFUySlbfWGHS3Q0jXzk
c6nP0tVVbxXfu1/DoZtJz0RRqZXNyRxYJpKl4k8qWyFJxV2t+rMMEtK1aqGB7K9O
PdVDv3EUh3fq+9abwhKcDbmxu3pIYV20DzKbnbxHmymVmTLa2mA+KmcoIgtVjZgN
E/9sLlcFLm2z6n7cSlKUhHebfkjzwfY2g09V6mhTBNcNNKF++fX1grdruAkVpXyp
dxb+s+3ex555E3nhqIEO+6iLC7wDN8wPjI4DaHd1K7yKeieeEte3EcQGkTuCwcgU
rBkxDQod4mskaO++FMqoeOAbrKolLyuNnvmgEYS5rdfbZ9C6v5m9viiu9Do1mys=
=LP4z
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages