• 0 Posts
  • 19 Comments
Joined 23 days ago
Cake day: September 14th, 2025
  • tal@olio.cafetoSelfhosted@lemmy.worldUsing rsync for backups, because it's not shiny and newEnglish
    1·
    3 days ago

    I don’t know if there’s a term for them, but Bacula (and I think AMANDA might fall into this camp, but I haven’t looked at it in ages) are oriented more towards…“institutional” backup. Like, there’s a dedicated backup server, maybe dedicated offline media like tapes, the backup server needs to drive the backup, etc).

    There are some things that rsnapshot, rdiff-backup, duplicity, and so forth won’t do.

    • At least some of them (rdiff-backup, for one) won’t dedup files with different names. If a file is unchanged, it won’t use extra storage, but it won’t identify different identical files at different locations. This usually isn’t all that important for a single host, other than maybe if you rename files, but if you’re backing up many different hosts, as in an institutional setting, they likely files in common. They aren’t intended to back up multiple hosts to a single, shared repository.

    • Pull-only. I think that it might be possible to run some of the above three in “pull” mode, where the backup server connects and gets the backup, but where they don’t have the ability to write to the backup server. This may be desirable if you’re concerned about a host being compromised, but not the backup server, since it means that an attacker can’t go dick with your backups. Think of those cybercriminals who encrypt data at a company and wipe other copies and then demand a ransom for an unlock key. But the “institutional” backup systems are going to be aimed at having the backup server drive all this, and have the backup server have access to log into the individual hosts and pull the backups over.

    • Dedup for non-identical files. Note that restic can do this. While files might not be identical, they might share some common elements, and one might want to try to take advantage of that in backup storage.

    • rdiff-backup and rsnapshot don’t do encryption (though duplicity does). If one intends to use storage not under one’s physical control (e.g. “cloud backup”), this might be a concern.

    • No “full” backups. Some backup programs follow a scheme where one periodically does a backup that stores a full copy of the data, and then stores “incremental” backups from the last full backup. All rsnapshot, rdiff-backup, and duplicity are always-incremental, and are aimed at storing their backups on a single destination filesystem. A split between “full” and “incremental” is probably something you want if you’re using, say, tape storage and having backups that span multiple tapes, since it controls how many pieces of media you have to dig up to perform a restore.

    • I don’t know how Bacula or AMANDA handle it, if at all, but if you have a DBMS like PostgreSQL or MySQL or the like, it may be constantly receiving writes. This means that you can’t get an atomic snapshot of the database, which is critical if you want to be reliably backing up the storage. I don’t know what the convention is here, but I’d guess either using filesystem-level atomic snapshot support (e.g. btrfs) or requiring the backup system to be aware of the DBMS and instructing it to suspend modification while it does the backup. rsnapshot, rdiff-backup, and duplicity aren’t going to do anything like that.

    I’d agree that using the more-heavyweight, “institutional” backup programs can make sense for some use cases, like if you’re backing up many workstations or something.

  • tal@olio.cafetoSelfhosted@lemmy.worldUsing rsync for backups, because it's not shiny and newEnglish
    3·
    3 days ago

    Because every “file” in the snapshot is either a file or a hard link to an identical version of that file in another snapshot.) So this can be a problem if you store many snapshots of many files.

    I think that you may be thinking of rsnapshot rather than rdiff-backup which has that behavior; both use rsync.

    But I’m not sure why you’d be concerned about this behavior.

    Are you worried about inode exhaustion on the destination filesystem?

  • tal@olio.cafetoSelfhosted@lemmy.worldUsing rsync for backups, because it's not shiny and newEnglish
    5·
    4 days ago

    slow

    rsync is pretty fast, frankly. Once it’s run once, if you have -a or -t passed, it’ll synchronize mtimes. If the modification time and filesize matches, by default, rsync won’t look at a file further, so subsequent runs will be pretty fast. You can’t really beat that for speed unless you have some sort of monitoring system in place (like, filesystem-level support for identifying modifications).

  • tal@olio.cafetoSelfhosted@lemmy.worldUsing rsync for backups, because it's not shiny and newEnglish
    2·
    4 days ago

    sed can do a bunch of things, but I overwhelmingly use it for a single operation in a pipeline: the s// operation. I think that that’s worth knowing.

    sed 's/foo/bar/'

    will replace all the first text in each line matching the regex “foo” with “bar”.

    That’ll already handle a lot of cases, but a few other helpful sub-uses:

    sed 's/foo/bar/g'

    will replace all text matching regex “foo” with “bar”, even if there are more than one per line

    sed 's/\([0-9a-f]*\)/0x\1/g

    will take the text inside the backslash-escaped parens and put that matched text back in the replacement text, where one has ‘\1’. In the above example, that’s finding all hexadecimal strings and prefixing them with ‘0x’

    If you want to match a literal “/”, the easiest way to do it is to just use a different separator; if you use something other than a “/” as separator after the “s”, sed will expect that later in the expression too, like this:

    sed 's%/%SLASH%g

    will replace all instances of a “/” in the text with “SLASH”.

  • tal@olio.cafetoSelfhosted@lemmy.worldUsing rsync for backups, because it's not shiny and newEnglish
    24·
    4 days ago

    I would generally argue that rsync is not a backup solution.

    Yeah, if you want to use rsync specifically for backups, you’re probably better-off using something like rdiff-backup, which makes use of rsync to generate backups and store them efficiently, and drive it from something like backupninja, which will run the task periodically and notify you if it fails.

    rsync: one-way synchronization

    unison: bidirectional synchronization

    git: synchronization of text files with good interactive merging.

    rdiff-backup: rsync-based backups. I used to use this and moved to restic, as the backupninja target for rdiff-backup has kind of fallen into disrepair.

    That doesn’t mean “don’t use rsync”. I mean, rsync’s a fine tool. It’s just…not really a backup program on its own.

  • tal@olio.cafetoSelfhosted@lemmy.worldhow do I find process that leads to oom?English
    191·
    5 days ago

    OOMs happen because your system is out of memory.

    You asked how to know which process is responsible. There is no correct answer to which process is “wrong” in using more memory — all one can say is that processes are in aggregate asking for too much memory. The kernel tries to “blame” a process and will kill it, as you’ve seen, to let your system continue to function, but ultimately, you may know better than it which is acting in a way you don’t want.

    It should log something to the kernel log when it OOM kills something.

    It may be that you simply don’t have enough memory to do what you want to do. You could take a glance in top (sort by memory usage with shift-M). You might be able to get by by adding more paging (swap) space. You can do this with a paging file if it’s problematic to create a paging partition.

    EDIT: I don’t know if there’s a way to get a dump of processes that are using memory at exactly the instant of the OOM, but if you want to get an idea of what memory usage looks at at that time, you can certainly do something like leave a top -o %MEM -b >log.txt process running to get a snapshot every two seconds of process memory use. top will print a timestamp at the top of each entry, and between the timestamped OOM entry in the kernel log and the timestamped dump, you should be able to look at what’s using memory.

    There are also various other packages for logging resource usage that provide less information, but also don’t use so much space, if you want to view historical resource usage. sysstat is what I usually use, with the sar command to view logged data, though that’s very elderly. Things like that won’t dump a list of all processes, but they will let you know if, over a given period of time, a server is running low on available memory.

  • tal@olio.cafetoProgramming@programming.devKroah-Hartman explains EU Cyber Resilience Act for open sourceEnglish
    3·
    6 days ago

    Hmm.

    So for some software, you can just increase the price.

    But…I wonder what that will do to the cost of video games. Typically, those are closer to one-off releases, not packages where new releases exist and are regularly purchased or subscriptions are in place.

    I’d expect this to increase the cost of maintenance, if there are legal obligations on publishers to monitor, notify, and deploy security fixes for their software and upstream. You’d think that it might encourage vendors to EOL software sooner; pull it off Steam or the like, mark as no longer supported.

    Maybe there are some exemptions somewhere that affect those.

  • tal@olio.cafetoSelfhosted@lemmy.worldHow do you secure your home lab? Like, physically? From thieves?English
    1·
    8 days ago

    Is your concern compromise of your data or loss of the server?

    My guess is that most burglaries don’t wind up with people trying to make use of the data on computers.

    As to loss, I mean, do an off-site backup of stuff that you can’t handle losing and in the unlikely case that it gets stolen, be prepared to replace hardware.

    If you just want to keep the hardware out of sight and create a minimal barrier, you can get locking, ventillated racks. I don’t know how cost-effective that is; I’d think that that might cost more than the expected value of the loss from theft. If a computer costs $1000 and you have a 1% chance of it being stolen, you should not spend more than $10 on prevention in terms of reducing cost of hardware loss, even if that method is 100% effective.

  • tal@olio.cafetoSelfhosted@lemmy.worldMy Proxmox had amnesia after a power loss..English
    8·
    17 days ago

    I’d also bet against the CMOS battery, if the pre-reboot logs were off by 10 days.

    The CMOS battery is used to maintain the clock when the PC is powered off. But he has a discrepancy between current time and pre-reboot logs. He shouldn’t see that if the clock only got messed up during the power loss.

    I’d think that the time was off by 10 days prior to power loss.

    I don’t know why it’d be off by 10 days. I don’t know uptime of the system, but that seems like an implausible amount of drift for a PC RTC, from what I see online as lilely RTC drift.

    It might be that somehow, the system was set up to use some other time source, and that was off.

    It looks like chrony is using the Debian NTP pool at boot, though, and I donpt know why it’d change.

    Can DHCP serve an NTP server, maybe?

    kagis

    This says that it can, and at least when the comment was written, 12 years ago, Linux used it.

    https://superuser.com/questions/656695/which-clients-accept-dhcp-option-42-to-configure-their-ntp-servers

    The ISC DHCP client (which is used in almost any Linux distribution) and its variants accept the NTP field. There isn’t another well known/universal client that accepts this value.

    If I have to guess about why OSX nor Windows supports this option, I would say is due the various flaws that the base DHCP protocol has, like no Authentification Method, since mal intentioned DHCP servers could change your systems clocks, etc. Also, there aren’t lots of DHCP clients out there (I only know Windows and ISC-based clients), so that leave little (or no) options where to pick.

    Maybe OS X allows you to install another DHCP client, Windows isn’t so easy, but you could be sure that Linux does.

    My Debian trixie system has the ISC DHCP client installed in 2025, so might still be a factor. Maybe a consumer broadband router on your network was configured to tell the Proxmox box to use it as a NTP server or something? I mean, bit of a long shot, but nothing else that would change the NTP time source immediately comes to mind, unless you changed NTP config and didn’t restart chrony, and the power loss did it.

  • tal@olio.cafetoSelfhosted@lemmy.worldHave you tried self-hosting your own email recently?English
    3·
    23 days ago

    I have not done so in the traditional sense in quite some years. My experience was that it was an increasing headache due to crashing into a wide variety of anti-spam efforts. Get email past one and crash into another.

    Depending upon your use case – using the “forward to a smarthost” feature in some mail server packages to forward to a mailserver run by a SMTP service provider with whom you have an account might work for you. Then it still looks to local software like you have a local mailserver.

    If I were going to do a conventional, no-smarthost mailserver today, I think that I would probably start out by setting up a bunch of spam-filtering stuff — SpamAssassin, I dunno what-all gets used these days on a “regular” account — and then emailing stuff from my server and seeing what throws up red flags. That’d let me actually see the scoring and stuff that’s killing email. Once I had it as clean as I could get it, I’d get a variety of people I know on different mail servers and ask them to respond back to a test email, and see what made it out.