Release Notes for Relax-and-Recover version 2.7 This document contains the release notes for the open source project Relax-and-Recover. Relax-and-Recover website: http://relax-and-recover.org/ GitHub project: https://github.com/rear/ This document is distributed with the following license: "Creative Commons Attribution-NoDerivs 3.0 Unported (CC BY-ND 3.0)". To read the license deed, go to http://creativecommons.org/licenses/by-nd/3.0/ Overview Relax-and-Recover (abbreviated ReaR) is a GNU/Linux system administrator tool and framework used to create bootable disaster recovery images which makes bare metal disaster recovery (including backup restore) easier. System administrators use the Relax-and-Recover framework to set up a disaster recovery procedure as part of their disaster recovery policy (which complements their existing backup policy). Relax-and-Recover does not implement backup but complements it because backup (and restore) happens via external backup software that is only called by Relax-and-Recover. Product Features The following features are supported by the most recent releases of Relax-and-Recover. Anything labeled as (New) was added as the most recent release. New functionality for previous releases can be seen in the next chapter that details each release. The most recent release of Relax-and-Recover is supported on most GNU/Linux based systems with kernel 2.6 or higher. It provides the following functionality: - Hot maintenance capability. A recovery/rescue image can be made online while the system is running - Command line interface. Relax-and-Recover does not require a graphical interface to run, neither in creation mode, nor in recovery mode (console is enough) - Support included for most common file systems, such as ext2, ext3, and ext4. Other filesystems like reiserfs, jfs, xfs, and btrfs are also implemented, but are less tested. (Feedback is appreciated) - Selected Hardware RAID and (eg. HP SmartArray) and mirroring solutions (eg. DRBD) are supported - NVME and mmcblk disks are supported - LVM root volumes are supported - Multipath support for SAN storage - UEFI support (including UEFI USB booting) - Integrates with internal backup programs such as: - GNU tar (BACKUP=NETFS, BACKUP_PROG=tar) - GNU tar (BACKUP=NETFS, BACKUP_PROG=tar, BACKUP_TYPE=incremental, FULLBACKUPDAY="Mon") for using incremental backups with a weekly full backup (old tar archives will not be removed automatically) - GNU tar (BACKUP=NETFS, BACKUP_PROG=tar, BACKUP_TYPE=differential, FULLBACKUPDAY="Mon") for using differential backups with a weekly full backup (old tar archives will not be removed automatically) - GNU tar with openssl encryption (BACKUP=NETFS, BACKUP_PROG=tar, BACKUP_PROG_CRYPT_ENABLED=1) - rsync on local devices (BACKUP=NETFS, BACKUP_PROG=rsync), such USB and local disks - rsync over the network (BACKUP=RSYNC, BACKUP_PROG=rsync) - Multiple backup methods. See the documentation about Using Multiple Backups for Relax-and-Recover https://github.com/rear/rear/blob/master/doc/user-guide/11-multiple-backups.adoc - Any partition (e.g. a Windows partition) via BACKUP=BLOCKCLONE. See the documention about BLOCKCLONE https://github.com/rear/rear/blob/master/doc/user-guide/12-BLOCKCLONE.adoc - BACKUP=ZYPPER is for SUSE systems only (Experimental) - BACKUP=YUM is for RedHat architectures ony (Experimental) - Integrates with external backup solutions such as: - Tivoli Storage Manager (BACKUP=TSM) - Data Protector (BACKUP=DP) - Symantec NetBackup (BACKUP=NBU) - Galaxy 5, 6, and 7 (BACKUP=GALAXY) - Galaxy 10 [Commvault Simpana] (BACKUP=GALAXY10) - Bacula (BACKUP=BACULA) - Bareos (BACKUP=BAREOS) (A fork of Bacula) - Rsync Backup Made Easy (BACKUP=RBME) - Duplicity/Duply (BACKUP=DUPLICITY) - EMC Networker, also known as Legato (BACKUP=NSR) - EMC Avamar (BACKUP=AVA) - SEP Sesam (BACKUP=SESAM) - FDR/Upstream (BACKUP=FDRUPSTREAM) - Novastor NovaBACKUP DC (BACKUP=NBKDC) - Borg Backup (BACKUP=BORG) - Rubrik Cloud Data Management (BACKUP=CDM) - Integrates with Disaster Recovery Linux Manager (DRLM) http://drlm.org - Udev support (except for some really ancient udev versions) which is the base for many important features: - kernel drivers for network cards and storage adapters are loaded via udev - deal with network persistent names in udev rules - firmware loading - persistent storage device names (though Relax-and-Recover does nothing with this) - Systemd support for the more recent Linux distributions - System migration and reconfiguration ('MIGRATION_MODE') - facilitate recovery on hardware, that is not the same as the original system - network and storage drivers are adjusted - map hard disks if they do not match (e.g. sda -> sdb) - remap network MAC addresses - use another IP address, or using dhcp via templates or from kernel command line - rebuild the initial ramdisk if needed (for new storage drivers) - migration to SAN storage - Support backup software: Bacula, both locally attached tapes (with bextract) and network-based backups. Also, in combination with OBDR tapes. - Create OBDR tapes with method mkbackup and put the backup onto the tape to have a single-tape bootable recovery solution (label the OBDR tape with the method format to avoid accidental overwrites with OBDR) - Create bootable disk (eSATA, USB ...) medium with the backup included: BACKUP_URL=usb:///dev/device Together with OUTPUT=USB we have a complete solution on hard disks (booting of it and restoring data). - DHCP client support (IPv4 and IPv6). Dhcp client activation can be forced via the variable USE_DHCLIENT=yes (define in /etc/rear/local.conf). It is also possible to force DHCP at boot time with kernel option dhcp - USE_STATIC_NETWORKING=y, will cause statically configured network settings to be applied even when USE_DHCLIENT is in effect - Save layout and compare layouts for automation of making Relax-and-Recover snapshots (checklayout option) - External USB booting uses extlinux (instead of syslinux), and therefore, the USB disk must first be formatted with an ext2, ext3, ext4 or btrfs based file system - VLAN tagging, teaming and bridge support - Add timestamp of ReaR run with rc code to the syslog or messages file; sending mail report is also possible - The possibility to backup any partition (in particular a Windows partition) via the BACKUP type BLOCKCLONE - Unattended ReaR recovery has been improved - Improved security model related to SSH keys - SSH_FILES='avoid_sensitive_files' (see details in /usr/share/rear/conf/default.conf) - SSH_UNPROTECTED_PRIVATE_KEYS='no' (see details in /usr/share/rear/conf/default.conf) NOTE: Features marked Experimental are prone to change with future releases. Relax-and-Recover Releases The first release of Relax-and-Recover, version 1.0, was posted to the web in July 2006. For each release, this chapter lists the new features and defect fixes. All releases are cumulative. Unless otherwise noted all releases of Relax-and-Recover are intended to work backward compatible with previous versions. In addition to the GPL disclaimer of warranty and liability there is no guarantee that things work backward compatible. In general the older the system is the less likely it is that a newer Relax-and-Recover version works. For each Relax-and-Recover version upgrade and for each change of a software that is used by Relax-and-Recover and for each change of your basic system you must re-validate that your disaster recovery procedure still works for you. The references pointing to fix #nr or issue #nr refer to our GitHub issues tracker https://github.com/rear/rear/issues Version 2.7 (July 2022) Abstract New features, bigger enhancements, and possibly backward incompatible changes: - ReaR's default TMPDIR is now /var/tmp (it was /tmp before) i.e. ReaR's default working area is now /var/tmp/rear.XXXXX because ReaR needs lots of space (from 300MB up to more than 1GB) to build the ReaR rescue/recovery system e.g. as ISO image and even much more space to also store the backup archive e.g. when the backup should be included in the ISO image. The system's default temporary directory /tmp is no longer suited as default temporary directory for ReaR because nowadays /tmp is often a "tmpfs" that is in RAM so /tmp has RAM/swap limitations and file-hierarchy(7) recommends to use /var/tmp for cases as ReaR. If the user sets TMPDIR explicitly, it still takes precedence. - Stop ReaR from possibly overwriting its own disk and backup drives for OUTPUT=USB and OUTPUT=RAWDISK via new WRITE_PROTECTED_... config variables (see /usr/share/rear/conf/default.conf) where UUIDs or filesystem labels can be specified so that disks that contain such UUIDs or filesystem labels will be 'write protected' during "rear recover". - Added initial LUKS2 support. - Overhauled RAID code with changed RAID related entries in /var/lib/rear/layout/disklayout.conf so users who use RAID and a selfmade /etc/rear/disklayout.conf must adapt their RAID related entries - Initial preliminary basic support to automatically resize an active last partition on RAID0 and RAID1 disks to be able to automatically resize RAID0 and RAID1 arrays - Automatically shrink LVs if needed during "rear recover". This enables to run "rear recover" with automated LVM LVs shrinking as needed on a bit smaller replacement disk (e.g. when a nominally same sized replacement disk is actually a bit smaller than the original disk). This automated LVs shrinking is not intended when disk(s) are substantially smaller. To migrate onto a substantially smaller replacement disk the user must in advance manually adapt his disklayout.conf file before he runs "rear recover". - Support to wipe disks before recreating partitions/volumes/filesystems/... (see the new DISKS_TO_BE_WIPED in /usr/share/rear/conf/default.conf). This is currently new and experimental functionality so that currently by default via DISKS_TO_BE_WIPED='false' no disk is wiped to avoid possible regressions until this new feature was more tested by interested users via an explicit DISKS_TO_BE_WIPED setting. - Error out when files greater or equal ISO_FILE_SIZE_LIMIT should be included in the ISO: See the reasoning in /usr/share/rear/conf/default.conf why the default ISO_FILE_SIZE_LIMIT is 2GiB and why we error out when files >= ISO_FILE_SIZE_LIMIT should be included in the ISO. - Rsync OUTPUT_URLs are now properly supported with BACKUP=RSYNC. Previously the output went to the location specified by BACKUP_URL and OUTPUT_URL was ignored. One exception was OUTPUT=PXE, where the output was uploaded to OUTPUT_URL in addition to BACKUP_URL, but RSYNC_PREFIX was not respected and the interpretation of the URL was different: A URL of the form rsync://[USER@]HOST[:PORT]/PATH was interpreted as using the rsync protocol, while in all other cases such URL would be interpreted as using rsync over ssh. This special handling is now removed: An rsync OUTPUT_URL with OUTPUT=PXE now creates the RSYNC_PREFIX directory at the destination and the URL is interpreted as in all other cases. - RAWDISK: Add local rescue partition installation capability: Introduce a configuration variable 'RAWDISK_INSTALL_GPT_PARTITION_NAME', which is unset by default. When set, the rescue system will be installed to local disk partitions having the corresponding name. - Allow setting a PBA-specific firmware configuration via the new OPAL_PBA_FIRMWARE_FILES configuration variable. - Support OPAL 2 self-encrypting NVMe disk drives. - OPALPBA: Provide a permanent unlocking mode as a workaround when the firmware did not initialize properly during a 'simple' reboot so the only reliable way to boot was a power cycle after Opal disks were unlocked. To reboot with unlocked disks there is now a new unlocking mode "permanent" via OPAL_PBA_UNLOCK_MODE (see default.conf). Reactivating locking is then the responsibility of the user. Additionally enhanced security by disabling shell access via keyboard interrupt and switching to a password hash for OPAL_PBA_DEBUG_PASSWORD. - POWER architecture (ppc64) support for BACKUP=DP: Other platforms supporting the Data Protector Disk Agent, but not the Cell Console (GUI) that is only available on i386, x86_64 and ia64 are now supported with ReaR. This includes in particular ppc64. Checks unavailable on clients without the Data Protector Cell Console (GUI) are skipped. In such cases backup restore can be done using Data Protector GUI only. - NSR enhancement for point-in-time recovery with EMC Networker client: A new variable NSR_CLIENT_REQUESTRESTORE for the BACKUP=NSR workflow has been introduced to deal with situations in which the NSR client is allowed/granted to perform its recovery action "on its own" but does not have full control of the EMC networker service/environment, for details see its default.conf section. - BACKUP=NBKDC: Enhanced ReaR backup and restore to also work with NovaStor DataCenter 8.0 and higher plus fixed wording "NovaBACKUP DC" -> "NovaStor DC" - Support for systemd and parallel restore with Data Protector BACKUP=DP: Support starting Data Protector daemon 'omni.socket' via systemd in the recovery system. Restore performance has been increased by doing parallel restores now. - Now "rear format" has in addition to the '-efi' switch a '-bios' switch. If none is given (i.e. by default) it will now do hybrid formatting with a BIOS boot partition (on GPT) and an EFI system partition. Accordingly the USB_DEVICE_PARTED_LABEL default is no longer "msdos" (see the updated description in /usr/share/rear/conf/default.conf). This is a starting point for implementing OUTPUT=USB support for UEFI and BIOS dual boot from the same medium. See https://github.com/rear/rear/issues/2698 and https://github.com/rear/rear/issues/2818 and https://github.com/rear/rear/pull/2829 - Overhauled serial console support code. A serial console of the ReaR recovery system can now be specified separately for the kernel and the recovery system bootloader via the generic config variables USE_SERIAL_CONSOLE and SERIAL_CONSOLE_DEVICES and specific config variables SERIAL_CONSOLE_DEVICES_KERNEL SERIAL_CONSOLE_DEVICE_SYSLINUX SERIAL_CONSOLE_DEVICE_GRUB (see /usr/share/rear/conf/default.conf for details) - Support for HTTP sources when using PXE: There is a new config variable PXE_HTTP_URL to specify a HTTP download source for PXE. See the PXE_HTTP_URL description in /usr/share/rear/conf/default.conf - In /usr/share/rear/conf/default.conf changed ISO_VOLID from "RELAXRECOVER" to "REAR-ISO" so the first ISO has the label "REAR-ISO" (8 characters) and subsequent ISOs get the labels "REAR-ISO_01" "REAR-ISO_02" ... respectively that have 11 characters (the maximum length for FAT volume names) so things work now by default when the ISO image is used to (manually) create a FAT bootable USB stick Accordingly 'RELAXRECOVER' in variable names was replaced. In particular the user config variable for automated input USER_INPUT_RELAXRECOVER_SYMLINK_TARGET was renamed as USER_INPUT_ISO_SYMLINK_TARGET so only that new name will work. Details (mostly in chronological order - newest topmost): - Refactor rsync URL support, fixes rsync OUTPUT_URL: The code to parse rsync:// URLs was BACKUP_URL specific. If one specified BACKUP=RSYNC and an OUTPUT_URL different from BACKUP_URL, the OUTPUT_URL was ignored and the output files went to BACKUP_URL. Fix by introducing generic functions for rsync URL parsing and use them for both BACKUP_URL and OUTPUT_URL, as appropriate. Replace all uses of global RSYNC_* variables derived from BACKUP_URL by those functions. There also was inconsistent special handling for OUTPUT=PXE which is now removed: An rsync OUTPUT_URL with OUTPUT=PXE now creates the RSYNC_PREFIX directory at the destination and the URL is interpreted as in all other cases. See https://github.com/rear/rear/pull/2831 and https://github.com/rear/rear/issues/2781 - Support creation of EFI system partition on systems with older 'parted' that do not support the 'esp' keyword: In format/USB/default/300_format_usb_disk.sh try 'sgdisk ... --typecode="partition_number:EF00"' as fallback when 'parted ... set partition_number esp on' failed see https://github.com/rear/rear/pull/2830 - Set USB_DEVICE_PARTED_LABEL to match format-workflow.sh: In format/USB/default/300_format_usb_disk.sh it is set depending on the format workflow option -b/--bios or -e/--efi and in in prep/USB/Linux-i386/340_find_mbr_bin.sh try to autodetect what the USB disk partition type is and use a specified USB_DEVICE_PARTED_LABEL if autodetection fails see https://github.com/rear/rear/pull/2829 - In usr/sbin/rear enhanced the check for other simultaneously running 'rear' to let it find running 'rear' instances independent of how it was called by the user in particular also when 'rear' is run from a GitHub checkout/clone cf. https://github.com/rear/rear/issues/2826 - In usr/share/rear/lib/format-workflow.sh do actually recognise -b/--bios options, see https://github.com/rear/rear/pull/2828 - In layout/prepare/GNU/Linux/110_include_lvm_code.sh use a fail-safe 'yes' pipe for "lvm lvcreate" to pipe as many 'y' as asked for into "lvm lvcreate" see https://github.com/rear/rear/issues/513 and https://github.com/rear/rear/issues/2820 - Avoid creating a /bin/vim symlink to vi: The symlink is more confusing than helpful: If one has both vi and vim, and they are different (vi usually has less features), one expects to get the more featureful version by executing "vim", but one gets "vi". More importantly, in recent Fedora and RHEL, "vi" is a shell script that executes "vim" if found, so linking "vim" to "vi" leads to an infinite loop. See https://github.com/rear/rear/pull/2822 - RPM spec: update build requirement for Fedora to unblock Packit build and run make validate after build, see https://github.com/rear/rear/pull/2816 - In finalize/Linux-i386/660_install_grub2.sh explain that it is also used as fallback to install the nowadays most often used bootloader GRUB2 unless the BOOTLOADER variable tells to install another bootloader (other bootloader install scripts check the BOOTLOADER variable), cf. https://github.com/rear/rear/issues/2817#issuecomment-1148488339 - Replace 'RELAXRECOVER' in variable names: In lib/global-functions.sh in the function mount_url() renamed the user config variable for automated input USER_INPUT_RELAXRECOVER_SYMLINK_TARGET as USER_INPUT_ISO_SYMLINK_TARGET because the old name contained a user config value: "RELAXRECOVER" was an old default value of ISO_VOLID, see https://github.com/rear/rear/pull/2457 and https://github.com/rear/rear/pull/2813#discussion_r885576867 - In default.conf properly describe PRE_BACKUP_SCRIPT and POST_BACKUP_SCRIPT to match what the implementation does, see https://github.com/rear/rear/pull/2735#issuecomment-1145006984 and for special cases see https://github.com/rear/rear/pull/2735#issuecomment-1148620157 - Add PRE_RECOVERY_COMMANDS and POST_RECOVERY_COMMANDS as alternative to PRE_RECOVERY_SCRIPT and POST_RECOVERY_SCRIPT see the description in default.conf how to use them and how they work. See https://github.com/rear/rear/pull/2811 and see also https://github.com/rear/rear/pull/2735 therein in particular https://github.com/rear/rear/pull/2735#issuecomment-1134686196 Additionally use LogPrint to show the user the executed commands, see https://github.com/rear/rear/pull/2789 - In default.conf describe the new user config variables USB_BOOT_PART_SIZE and USB_DEVICE_BOOT_LABEL see https://github.com/rear/rear/pull/2660 - Exclude dev/watchdog* from the ReaR recovery system: In default.conf add dev/watchdog* to COPY_AS_IS_EXCLUDE because watchdog functionality is not wanted in the recovery system because we do not want any automated reboot functionality while disaster recovery happens via "rear recover", see https://github.com/rear/rear/pull/2808 Furthermore having a copy of dev/watchdog* during "rear mkrescue" in ReaR's build area may even trigger a system crash that is caused by a buggy TrendMicro ds_am module touching dev/watchdog in ReaR's build area (/var/tmp/rear.XXX/rootfs), see https://github.com/rear/rear/issues/2798 - In output/default/940_grub2_rescue.sh for GRUB_RESCUE set 'root=/dev/ram0 vga=normal rw' (the same is already done for other boot media) to avoid a "Kernel panic ... Unable to mount root fs on unknown-block(0,0)" that could otherwise happen in certain cases, see https://github.com/rear/rear/pull/2791 - In build/GNU/Linux/400_copy_modules.sh always include loaded kernel modules i.e. also for MODULES=() or MODULES=( 'moduleX' 'moduleY' ) include the currently loaded kernel modules, cf. https://github.com/rear/rear/issues/2727#issuecomment-994731345 - In layout/save/GNU/Linux/200_partition_layout.sh ensure $disk_label is one of the supported partition tables (i.e. one of 'msdos' 'gpt' 'gpt_sync_mbr' 'dasd') and ensure syntactically correct 'disk' and 'part' entries in disklayout.conf (each value must exist and each value must be a single non-blank word), see the last part about "error out directly ... when things failed" in https://github.com/rear/rear/issues/2801#issuecomment-1122015129 But do not error out when there is no partition label type value for a 'disk' entry in disklayout.conf because "rear recover" works in a special case without partition label type value when there is only a 'disk' entry but nothing else for this disk exists in disklayout.conf which can happen when /dev/sdX is an empty SD card slot without medium, see https://github.com/rear/rear/issues/2810 - In default.conf explain how to use LIBS properly, see https://github.com/rear/rear/issues/2743 - In the function find_syslinux_modules_dir in lib/bootloader-functions.sh the fallback 'find /usr' to find the SYSLINUX modules directory may take a very long time on some systems (up to several hours) so tell the user in debug mode what is going on, see https://github.com/rear/rear/issues/2792 and https://github.com/rear/rear/issues/624 - In default.conf tell that MODULES=( 'loaded_modules' 'additional_module' ) is not supported (the generic COPY_AS_IS method can be used to include additional modules) cf. https://github.com/rear/rear/issues/2727 - Use disklayout.conf keyword 'raidarray' instead of 'raid' because we have a new 'raiddisk' keyword and a keyword must not be a leading substring of another keyword so we have now 'raidarray' and 'raiddisk', see https://github.com/rear/rear/issues/2759 and https://github.com/rear/rear/commit/53757eab1447c712fb7c8e44be9c8b3b3ffd9faa - In layout/save/default/450_check_bootloader_files.sh use /[e]tc/grub.cfg and /[b]oot/.../grub.cfg with '*' globbing patterns (as in the EFI|GRUB2-EFI case) to find any of grub.cgf or grub2.cfg in /etc/ or in /boot/ (e.g. in openSUSE Leap 15.3 there is /boot/grub2/grub.cfg), cf. https://github.com/rear/rear/pull/2796#issuecomment-1118387393 - In default.conf added '[e]tc/crypttab' to FILES_TO_PATCH_PATTERNS, cf. https://github.com/rear/rear/pull/2795#discussion_r859670066 - New FILES_TO_PATCH_PATTERNS in default.conf to verify file hashes at the end of recover after file restore from backup and show an error when config files were restored from an outdated backup so the restored files do not match the recreated system, see https://github.com/rear/rear/pull/2795 and https://github.com/rear/rear/issues/2785 and https://github.com/rear/rear/issues/2787 - In backup/RSYNC/default/450_calculate_req_space.sh comment out remote space check with rsync see https://github.com/rear/rear/issues/2760 - In layout/save/default/450_check_bootloader_files.sh and layout/save/default/450_check_network_files.sh added bash globbing characters [] around the first letter to ensure that with 'shopt -s nullglob' files that do not exist will not appear so nonexistent files are not appended to CHECK_CONFIG_FILES cf. https://github.com/rear/rear/pull/2796#issuecomment-1117171070 - In backup/DUPLICITY/default/500_make_duplicity_backup.sh disable SC2068 cf. https://github.com/rear/rear/issues/1040 - In backup/YUM/default/500_make_backup.sh and backup/NETFS/default/500_make_backup.sh and prep/NETFS/default/070_set_backup_archive.sh fixed SC2068 cf. https://github.com/rear/rear/issues/1040 - In rescue/default/850_save_sysfs_uefi_vars.sh disable SC2045 cf. https://github.com/rear/rear/issues/1040 - In layout/save/GNU/Linux/240_swaps_layout.sh and lib/output-functions.sh fixed SC2045 cf. https://github.com/rear/rear/issues/1040 - In lib/_input-output-functions.sh disable SC2218 cf. https://github.com/rear/rear/issues/1040 - In layout/save/GNU/Linux/230_filesystem_layout.sh aviod SC1087 cf. https://github.com/rear/rear/issues/1040 - In default.conf tell that USB_RETAIN_BACKUP_NR is only supported when EXTLINUX is used as bootloader for USB and in output/USB/Linux-i386/300_create_extlinux.sh add an explanatory comment how that code works, cf. https://github.com/rear/rear/pull/2794#issuecomment-1106286485 - In layout/save/GNU/Linux/210_raid_layout.sh fixed and overhauled the RAID10 'layout' support code (i.e. what belongs to the mdadm -layout option). This was triggered by ShellCheck SC2034 and SC2066 for the old code, see https://github.com/rear/rear/pull/2768 - In finalize/Fedora/i386/550_rebuild_initramfs.sh fixed SC2068 and SC2145 via some generic code cleanup cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 and see https://github.com/rear/rear/pull/2771 - In rescue/GNU/Linux/310_network_devices.sh fix SC2091 see https://github.com/rear/rear/pull/2776 - In default.conf increase USB_UEFI_PART_SIZE to 1024 MiB, cf. https://github.com/rear/rear/pull/1205 in particular to also make things work by default when additional third-party kernel modules and firmware (e.g. from Nvidia) are used, cf. https://github.com/rear/rear/issues/2770#issuecomment-1068935688 - In doc/rear.8 and doc/rear.8.adoc fixed typo '/dev/disk/by-path/REAR-000' -> '/dev/disk/by-label/REAR-000' - In default.conf better describe USB_DEVICE cf. https://github.com/rear/rear/issues/2770#issuecomment-1068831482 - In output/default/940_grub_rescue.sh removed a misleading comment that shows a wrong get_version function call and in output/USB/Linux-i386/850_make_USB_bootable.sh fixed a wrong get_version function call that is needed since the ShellCheck SC2068 fixed get_version function in lib/layout-functions.sh - In layout/recreate/default/120_confirm_wipedisk_disks.sh and layout/prepare/Linux-s390/205_s390_enable_disk.sh and rescue/GNU/Linux/310_network_devices.sh and rescue/GNU/Linux/230_storage_and_network_modules.sh and restore/default/990_move_away_restored_files.sh and restore/NBU/default/300_create_nbu_restore_fs_list.sh and skel/default/etc/scripts/system-setup.d/00-functions.sh and skel/default/etc/scripts/dhcp-setup-functions.sh and wrapup/default/990_copy_logfile.sh and usr/share/rear/lib/output-functions.sh and lib/layout-functions.sh and lib/filesystems-functions.sh and lib/linux-functions.sh avoid ShellCheck SC2068 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 - In output/ISO/Linux-i386/800_create_isofs.sh avoid ShellCheck SC2068 and SC2145 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 - In output/TSM/default/960_dsmc_verify_isofile.sh avoid ShellCheck SC2068 and SC2145 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 plus better error checking and messaging and other code cleanup - In output/default/940_grub2_rescue.sh and output/default/940_grub_rescue.sh avoid ShellCheck SC2068 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 - In output/default/950_email_result_files.sh avoid ShellCheck SC2068 and SC2145 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 and replaced ...IfError function calls by calling Error - In restore/FDRUPSTREAM/default/260_copy_log_and_report.sh fixed ShellCheck reported error SC2199 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 and fixed possible "bash: conditional binary operator expected" error - In output/USB/Linux-i386/300_create_extlinux.sh and rescue/GNU/Linux/310_network_devices.sh avoid ShellCheck reported error SC2199 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 - In prep/NBKDC/default/400_prep_nbkdc.s and lib/sesam-functions.sh avoid ShellCheck false error indication SC1097 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 - In lib/_input-output-functions.sh fixed ShellCheck reported errors SC2145 and SC2068 and avoided ShellCheck false error indication SC1087 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062945160 - In usr/sbin/rear avoid ShellCheck SC1075 and fixed ShellCheck SC2145 cf. https://github.com/rear/rear/issues/1040 - In output/RAWDISK/Linux-i386/260_create_syslinux_efi_bootloader.sh fixed ShellCheck SC2235 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In rear/lib/sesam-functions.sh fixed ShellCheck SC2221 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In lib/filesystems-functions.sh in function xfs_parse fixed ShellCheck SC2179 and SC2128 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 furthermore 'xfs_opts' is local in both functions xfs_parse and create_fs in layout/prepare/GNU/Linux/131_include_filesystem_code.sh - In lib/layout-functions.sh fixed ShellCheck SC2178 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In skel/default/etc/scripts/system-setup.d/00-functions.sh ignore ShellCheck SC2119 and SC2120 cf. https://github.com/rear/rear/issues/1040#issuecomment-1062703092 - In restore/DUPLICITY/default/150_restore_duply.sh avoid ShellCheck SC2103 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In layout/prepare/GNU/Linux/100_include_partition_code.sh fixed ShellCheck SC2199 and SC2076 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In output/ISO/Linux-ia64/400_create_local_efi_dir.sh fixed ShellCheck SC2050 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In layout/save/GNU/Linux/230_filesystem_layout.sh fixed ShellCheck SC2030 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In verify/NBU/default/380_request_client_destination.sh fixed ShellCheck SC2018 and SC2019 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - In backup/YUM/default/500_make_backup.sh fixed ShellCheck SC2000 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034870262 - Simpler code in prep/Linux-s390/305_include_s390_tools.sh to set a fixed bootdir="/boot" that also fixes ShellCheck SC1066 cf. https://github.com/rear/rear/issues/1040#issuecomment-1034890880 - New GRUB2_SEARCH_ROOT_COMMAND in default.conf to overrule the setting in output/USB/Linux-i386/100_create_efiboot.sh see https://github.com/rear/rear/pull/2763 and https://github.com/rear/rear/issues/2500 - New EXCLUDE_IP_ADDRESSES and EXCLUDE_NETWORK_INTERFACES directives: These new array variables enable to exclude specific IP addresses or network interfaces when building the network configuration used in the rescue environment. This is typically useful when floating IP addresses are used. Not excluding these may lead to outage if the floating IP address is used by another system at time the system is getting recovered, see https://github.com/rear/rear/pull/2736 - multipath: fix exclusion of still wanted devices: The current code excluding multipath devices is broken when a device being excluded matches other devices. This leads to excluding wanted devices. This happens when having custom alias for multipath devices or there are more than 26 multipath devices and 'mpatha' is getting excluded, which leads to excluding all 'mpathaX' devices are well, see https://github.com/rear/rear/pull/2750 - Update 06-layout-configuration.adoc: Enhance the "disk layout file syntax" description: Describe that one cannot rely on backward compatibility. Describe positional parameters vs. option=value parameters. - Update default.conf: In default.conf describe that when OUTPUT_URL is set OUTPUT_OPTIONS does not inherit the BACKUP_OPTIONS value cf. https://github.com/rear/rear/issues/2753 - Include dmsetup and dmeventd as PROGS in conf/GNU/Linux.conf because older releases of os-prober (1.74 and below) use dmsetup as a fallback solution for mounting when grub-mount is missing but without dmsetup and dmeventd also in the recovery system that would block indefinitely at "Installing GRUB2 boot loader...", for details see https://github.com/rear/rear/pull/2748 - In the function cmdline_add_console in lib/serial-functions.sh add 'console=tty0' as fallback to cmdline only if no real serial device was found otherwise on a machine with e.g. ttyS0 and ttyS1 where only ttyS0 is real only kernel messages (but nothing else) would appear on ttyS0, see https://github.com/rear/rear/pull/2749 - Skip unneeded /usr/lib/syslog-ng/loggen/ from recovery system: In conf/GNU/Linux.conf do no longer copy all in /usr/lib/syslog-ng/ but only copy .so files in /usr/lib/syslog-ng/ (same as for rsyslog). This skips in particular /usr/lib*/syslog-ng/loggen/ because 'loggen' is not included in the recovery system ('loggen' does not appear in any ReaR code). See https://github.com/rear/rear/issues/2743 - For BACKUP=CDM removed need for the whole /usr/lib64 in the recovery system. See https://github.com/rear/rear/pull/2747 and the related issues https://github.com/rear/rear/issues/2266 https://github.com/rear/rear/issues/2314 https://github.com/rear/rear/issues/2685 https://github.com/rear/rear/issues/2700 - Update 400_copy_modules.sh: Do no longer error out if 'cp -a -L' failed to to copy all contents of /lib/modules/... but only tell the user about the issue so he could inspect his system and decide, see https://github.com/rear/rear/issues/2739#issuecomment-1014304127 - Support for HTTP sources when using PXE: There is a new config variable PXE_HTTP_URL to specify the HTTP download source for PXE. If the variable is set the PXE config file will generate an additional 3rd boot option (besides the unchanged standard options "rear" via TFTP and "local") namely "rear-http" which includes the HTTP URL information to download the kernel and initrd data. See https://github.com/rear/rear/pull/2738 - Also add ssh-add prog when ssh-agent is added. Since ssh-agent gets added it makes sense to add ssh-add as well. See https://github.com/rear/rear/pull/2729 - In layout/prepare/default/420_autoresize_last_partitions.sh automatically resize active last partitions on RAID0 disks, see https://github.com/rear/rear/issues/2696 Therefore in layout/save/GNU/Linux/210_raid_layout.sh a new 'raiddisk' entry that has same syntax as a 'disk' entry is written to disklayout.conf to have size (and partition label) of a RAID device like "raiddisk /dev/md127 23599054848 gpt" because knowing the RAID device size is a precondition to be able to automatically resize a RAID0 array. See https://github.com/rear/rear/pull/2730 - In layout/prepare/default/420_autoresize_last_partitions.sh automatically resize active last partitions on RAID1 disks and fixed fallback setting so that now the user can specify AUTORESIZE_EXCLUDE_PARTITIONS=() in his local.conf. Additionally in layout/prepare/default/250_compare_disks.sh show info about old disk and sizes and new disks and sizes in case of MIGRATION_MODE to make it easier to answer the questions to which new disks old disk should be mapped. See https://github.com/rear/rear/pull/2726 - Fix modinfo_filename() in build/GNU/Linux/400_copy_modules.sh Output the original $module_filename also when it is a symlink because in the code below 'cp -L' copies the symlink taget content as a new regular file with file name as the name of the symlink so the copied content can be still found under its original name, cf. https://github.com/rear/rear/issues/2677#issuecomment-997859219 Additionally in case of MODULES=( 'all_modules' ) also use 'cp -L' to copy the actual content to avoid dangling symlinks in the recovery system. See https://github.com/rear/rear/pull/2731 - In usr/share/rear/output/PXE/default/800_copy_to_tftp.sh fixed pxe file cp and permissions for sshfs target to prevent cp error "failed to preserve ownership" for sshfs and to prevent issue with write permissions trying to override image on later runs. See https://github.com/rear/rear/pull/2723 - Improved wiping disks (see https://github.com/rear/rear/pull/2721): In layout/recreate/default/120_confirm_wipedisk_disks.sh skip disks that do not exist on the bare hardware in the recovery system cf. https://github.com/rear/rear/issues/2715 and exclude disks that are write-protected cf. https://github.com/rear/rear/pull/2703#issuecomment-979928423 and show in any case a user confirmation dialog for the disks that will be wiped. In layout/recreate/default/150_wipe_disks.sh do no longer open (and close) LUKS volumes because encrypted volumes contain meaningless data unless opened and unencrypted so there is no need to wipe anything inside an encrypted LUKS container, cf. "Regarding LUKS" in https://github.com/rear/rear/pull/2514#issuecomment-743483945 - Overhauled RAID code (see https://github.com/rear/rear/pull/2714) based on https://github.com/rear/rear/pull/2702 that is about initial software RAID IMSM support i.e. with the changes in that pull request: Completely overhauled layout/save/GNU/Linux/210_raid_layout.sh: No longer a subshell that appends all stdout to disklayout.conf but explicit append to disklayout.conf where needed to be safe against accidental things written to disklayout.conf. Handle each mdadm option in one place i.e. parse and prepare output. Handle options ordered by importance, mandatory first, then optional ones. Basic tests that mandatory options are syntactically valid plus Error if not. Overhauled layout/prepare/GNU/Linux/120_include_raid_code.sh: The FEATURE_MDADM_UUID code is meanwhile obsolete because all mdadm versions in supported ReaR Linux distributions support '-uuid'. New layout/recreate/default/220_verify_layout.sh to verify if RAID devices are recreated with the UUIDs in disklayout.conf because mdadm silently ignores this option when creating IMSM arrays (both containers and the volumes inside them) and picks a random UUID cf. https://github.com/rear/rear/pull/2702#issuecomment-970395567 Support user specified DISKS_TO_BE_WIPED to mitigate https://github.com/rear/rear/issues/2715 see the DISKS_TO_BE_WIPED description in default.conf - Update 100_create_layout_file.sh: Additionally show the filesystem LABEL in the 'lsblk' output of the original system as comment in disklayout.conf to make it easier to understand subsequent data in particular for RAID where the array name is shown as LABEL in 'lsblk' for example like "/dev/sda ... linux_raid_member any:raid1sdab" - see also "one cannot see ... /dev/md/ symlinks as NAME ... /dev/md/raid1sdab -> ../md127" in https://github.com/rear/rear/pull/2702#issuecomment-951769031 and see also https://github.com/rear/rear/commit/1a8a88c20d01f01fac65e296e9481ab9172c3ac7 - Update 100_create_layout_file.sh: Additionally show UUID in 'lsblk' output of the original system as comment in disklayout.conf to make it easier to compare UUIDs of the original system with what was recreated, cf. "... shouldn't it [ReaR] restore the [RAID] arrays with the same UUIDs ...?" in https://github.com/rear/rear/pull/2702#issuecomment-968904230 and https://github.com/rear/rear/pull/2714#issuecomment-970279152 - Update 050_start_required_nfs_daemons.sh: Start rpcbind with the -s option to avoid that in some cases rpcbind is not started / not available in the recovery system cf. https://github.com/rear/rear/issues/2672 - New function is_multipath_used in layout-functions.sh (see https://github.com/rear/rear/pull/2708) to get 'multipath -l' out of the function is_multipath_path by adding a separated function is_multipath_used that runs 'multipath -l' (which is expensive because it scans all devices) to check if multipath is used and remembers the result in MULTIPATH_IS_USED that is used in subsequent calls of is_multipath_used (without calling 'multipath -l') so we can call is_multipath_used many times via is_multipath_path which is called in layout/save/GNU/Linux/200_partition_layout.sh for each disk device. This should avoid long computing time when there are very may disk devices, cf. https://github.com/rear/rear/pull/2597#issuecomment-814950019 - Now "rear format" has in addition to the -efi switch a -bios switch. If none is given (i.e. by default) it will now do hybrid formatting with a BIOS boot partition (on GPT) and an EFI system partition. This is a starting point for implementing OUTPUT=USB support for UEFI and BIOS dual boot from the same medium see https://github.com/rear/rear/issues/2698 and https://github.com/rear/rear/pull/2705 - Update write-protect-functions.sh: In the function is_write_protected_by_id() assume a disk without any of UUID PTUUID PARTUUID WWN is empty and meant to be used to recreate the system so it should not be write-protected cf. https://github.com/rear/rear/pull/2703#discussion_r757393547 - Enhanced disk write-protection, see https://github.com/rear/rear/pull/2703 and https://github.com/rear/rear/pull/2626 by WRITE_PROTECTED_IDS with generic functionality, cf. https://github.com/rear/rear/pull/2626#issuecomment-950953826 together with the new WRITE_PROTECTED_ID_TYPES which defaults to UUID PTUUID PARTUUID WWN so that the user can specify different lsblk columns as needed in his particular environment cf. https://github.com/rear/rear/pull/2703#issuecomment-962418441 - Stop ReaR from overwriting its own disk and backup drives for OUTPUT=USB and OUTPUT=RAWDISK via new WRITE_PROTECTED_... config variables (see default.conf) where UUIDs or filesystem labels can be specified so that disks that contain such UUIDs or filesystem labels will be 'write protected' during "rear recover", see https://github.com/rear/rear/issues/1271 and https://github.com/rear/rear/pull/2626 - Overhauled serial console support code. See https://github.com/rear/rear/pull/2699 A serial console of the ReaR recovery system can now be specified separately for the kernel and the recovery system bootloader via the generic config variables USE_SERIAL_CONSOLE and SERIAL_CONSOLE_DEVICES and specific config variables SERIAL_CONSOLE_DEVICES_KERNEL SERIAL_CONSOLE_DEVICE_SYSLINUX SERIAL_CONSOLE_DEVICE_GRUB see usr/share/rear/conf/default.conf for details cf. https://github.com/rear/rear/issues/2663 and https://github.com/rear/rear/pull/2697 - More control over serial devices used for console. See https://github.com/rear/rear/pull/2697 - In layout/prepare/default/300_map_disks.sh overhauled the automapping of original 'disk' devices and 'multipath' devices to current block devices in the currently running recovery system so that now it automatically finds an existing unique disk size mapping also when there is a unique mapping between more than two disks, see https://github.com/rear/rear/issues/2690 - Fix multiple VG recreation, see https://github.com/rear/rear/pull/2691 Do not use global variables in diskrestore.sh: Fix a problem introduced in commits b184194f37dd22a7e55655ff388579297239e73c and 311bfb3da1d5e47a2ff144123a2457e634f67893 (PR #1806) that shows up when there are multiple VGs to restore. Using variables create_thin_volumes_only and create_logical_volumes to propagate information from VG creation to LV creation does not work well in the case of multiple VGs, because the variables are global and if there are multiple VGs, their values will leak from one VG to another. The generated diskrestore.sh script does not guarantee that the LVs of a given VG are created immediately after their VG and before creating another VG. Currently, the script first creates all VGs and then all LVs, so all the LVs in all VGs will see the value of create_logical_volumes and create_thin_volumes_only from the last VG, not from their own. This matters when different VGs behave differently (typically if one has a thin pool and the other does not). Fix by replacing the scalar values by arrays of VG names. If a given VG is in the array, it is the equivalent of the former scalar value being 1 for the given VG, if it is not in the array, it is an equivalent of a former value of 0. For the create_volume_group variable the change is not needed, but do it nevertheless for symmetry with other variables. - Error out in sbin/rear when it failed to source or Source() mandatory files to make it obvious when there are syntax errors in user config files and/or when there are syntax errors in our lib/*-functions.sh code, see https://github.com/rear/rear/issues/2686 - Overhauled output/USB/Linux-i386/100_create_efiboot.sh In particular no longer use "cp -p" because '-p' may fail because it copies to a VFAT filesystem on the EFI partition see https://github.com/rear/rear/issues/2683 and now always use "cp -L" to ensure the real content gets copied. See https://github.com/rear/rear/pull/2684 - Overhauled the description in user-guide/05-integration.adoc what "rear savelayout" and "rear checklayout" are menat to do, cf. https://github.com/rear/rear/commit/7a3884bed1fb6cb61654c4e266ba4c35094bd9f4#r56879062 - Fixed https://github.com/rear/rear/issues/2667 "rear does not entirely remove build area any more" by using double quotes for remove_temporary_mountpoint "$BUILD_DIR/..." and fixed https://github.com/rear/rear/issues/2676 "False ERROR '.../outputfs not empty, cannot remove' when OUTPUT_URL is unset" by making scheme_supports_filesystem() fail-safe if $1 is empty or blank and also making scheme_accepts_files() fail-safe in the same way, see https://github.com/rear/rear/pull/2675 - On POWER require bootlist & ofpathname if needed: The ofpathname binary is called by grub2-install. Therefore, it is required in the rescue system in order to make the recovered system bootable, except for the PowerNV (Not Virtualized - bare metal) case. Under PowerVM, we also need the bootlist executable to make the system bootable. See https://github.com/rear/rear/pull/2665 - ReaR's default TMPDIR is now /var/tmp (it was /tmp before) i.e. ReaR's default working area is now /var/tmp/rear.XXXXX ReaR needs lots of space (from 300MB up to more than 1GB) to build the ReaR rescue/recovery system e.g. as ISO image and even much more space to also store the backup archive e.g. when the backup should be included in the ISO image. The system's default temporary directory /tmp is no longer suited as default temporary directory for ReaR because nowadays /tmp is often a "tmpfs" that is in RAM so /tmp has RAM/swap limitations. file-hierarchy(7) recommends to use /var/tmp for such cases. If the user sets TMPDIR explicitly, it still takes precedence. See https://github.com/rear/rear/pull/2664 - Cleanup of GRUB2 config code in particular for OUTPUT=USB: Cleanup of the create_grub2_cfg function: Describe its usage in a comment. Have its helper functions inside create_grub2_cfg to make them not globally accessible. Initial steps to clean up how the GRUB root device is set via one single method. DebugPrint output how GRUB2 is configured to help the user to find errors or bugs. Better GRUB2 menue entry names. Consistent calling of the create_grub2_cfg function always as create_grub2_cfg "/path/to/kernel" "/path/to/initrd" >/path/to/grub.cfg also in output/ISO/Linux-i386/250_populate_efibootimg.sh. Set GRUB2 timeout to new config variable GRUB2_TIMEOUT that is by default 300 seconds. Set GRUB2 default boot menu entry to GRUB2_DEFAULT_BOOT that is by default 'chainloader' which should usually boot the original system and reference GRUB2 boot menu entries by 'menuentry ... -id=...' to have meaningful names instead of meaningless numbers. Sleep 3 seconds exactly before GRUB2 shows its menu (it replaces what there is on the screen) so that the user could see possible GRUB2 (error) messages on the screen. Additionally cleanup of the get_root_disk_UUID function. See https://github.com/rear/rear/pull/2662 - Fixed serial console for syslinux: It writes only one serial line matching the configured device (when found) to the config. It also writes it for the syslinux config in case it is used without extlinux. See https://github.com/rear/rear/pull/2650 - Fix function create_grub2_cfg() for the none EFI cases and adds serial console configuration to the GRUB2 config. See https://github.com/rear/rear/pull/2661 - Simplifications for USB_BOOTLOADER="grub" and choose the right GRUB2 config /boot/grub/grub.cfg or /boot/grub2/grub.cfg see https://github.com/rear/rear/pull/2659 - Cleanup USB format scripts and related code: Now OUTPUT=USB should behave sufficiently OK on BIOS systems with syslinux/extlinux as bootloader with a separated boot partition and without it (still the default). To use OUTPUT=USB on BIOS with syslinux/extlinux with a separated boot partition size of e.g. 1024 MiB specify in etc/rear/local.conf something like OUTPUT=USB USB_BOOT_PART_SIZE=1024 OUTPUT_URL=usb:///dev/disk/by-label/REARBOOT BACKUP=NETFS BACKUP_URL=usb:///dev/disk/by-label/REAR-000 See https://github.com/rear/rear/pull/2660 - Fixed format/USB/default/300_format_usb_disk.sh for none EFI cases by adding a BIOS boot partition and setting the 'legacy_boot' flag in case of GPT partitioning. See https://github.com/rear/rear/pull/2656 - Added support for GRUB2 as bootloader for OUTPUT=USB via new config variable USB_BOOTLOADER=grub see https://github.com/rear/rear/pull/2655 - With the new default USER_INPUT_MAX_CHARS=0 input is not truncated and it also makes correcting the input possible (before [Enter] is pressed) see https://github.com/rear/rear/issues/2622 - Update default.conf: Since https://github.com/rear/rear/pull/2633 export TMPDIR="..." in ReaR config files like etc/rear/local.conf does no longer work so now export TMPDIR="..." must be called before calling 'rear' cf. https://github.com/rear/rear/issues/2654 - Treat RAID layout value '-unknown-' same as an empty value: In layout/save/GNU/Linux/210_raid_layout.sh treat the RAID layout value '-unknown-' same as an empty value to avoid that layout/prepare/GNU/Linux/120_include_raid_code.sh will create a 'mdadm' command in diskrestore.sh like "mdadm ... -layout=-unknown- ..." which would fail during "rear recover" with something like "mdadm: layout -unknown- not understood for raid0", see https://github.com/rear/rear/issues/2616 - Avoid false Error() exit in copy_binaries() in build/GNU/Linux/390_copy_binaries_libraries.sh by skipping 'cp' errors in copy_binaries() (regardless what the reason was why 'cp' failed) but then add the affected binary to REQUIRED_PROGS to verify later that the binary actually exists in the recovery system which should be still sufficient to let ReaR error out if something actually went wrong with needed binaries. See https://github.com/rear/rear/pull/2643 - NSR enhancement for point-in-time recovery with EMC Networker client: A new variable NSR_CLIENT_REQUESTRESTORE for the BACKUP=NSR workflow has been introduced to deal with situations in which the NSR client is allowed/granted to perform its recovery action "on its own" but does not have full control of the EMC networker service/environment, for details see its default.conf section. See https://github.com/rear/rear/pull/2641 - Workaround against DRBD9 restore error "refusing to be primary while peer is not outdated" see https://github.com/rear/rear/issues/2634 - Cleanup rsync and fix error reporting: See https://github.com/rear/rear/pull/2632 Cleanups of rsync code to use better variable names and local variables, stop using StopIfError, use better redirections etc. Fixed a problem with rsync error detection that caused rsync errors during backup restore to be ignored, see https://github.com/rear/rear/issues/2612 Now a warning is displayed and if BACKUP_INTEGRITY_CHECK is true, it is elevated to an error and ReaR aborts. Furthermore check fake super support only when RSYNC_PROTO=ssh and removed a broken test for -fake-super arg to rsync, cf. https://github.com/rear/rear/pull/2577 - Show some stdout and stderr messages also in non-debug modes: In non-debug modes (in particular also in verbose mode) stdout and stderr are redirected to a temporary file STDOUT_STDERR_FILE=TMP_DIR/rear.WORKFLOW.stdout_stderr so in non-debug modes stdout and stderr of all programs is still available for the Error() function to extract some latest messages that get shown on the usrer's terminal and those extracted lines are also copied into the log cf. https://github.com/rear/rear/issues/2623 and https://github.com/rear/rear/issues/2416 and https://github.com/rear/rear/pull/2498 Furthermore the log files and the stdout/stderr file can now only be read by root. Additionally when there is something still mounted within the build area when rear finishes, the user is informed what is mounted and that he must manually umount it before he can (also manually) remove the build area. Finally the Error() and cleanup_build_area_and_end_program() functions are made fail-safe against not yet existing log files and not yet sourced other functions in case of early Error() exits in usr/sbin/rear see https://github.com/rear/rear/pull/2633 - Fixed accidental destructive backup removal in exit task and cleanup handling of URL mountpoints: See https://github.com/rear/rear/pull/2625 Cleanup of temporary mount point handling, particularly for output. Unification of mount point umount and cleanup move to the mount_url() and umount_url() functions. Replaced the various "rm -rf" of the mountpoint by "rmdir" which fixes https://github.com/rear/rear/issues/2611 Added lazy umount in case normal umount does not succeed. If build dir is kept (cf. KEEP_BUILD_DIR), propose a safe way to remove it to the user via "rm -Rf -one-file-system" instead of just "rm -Rf" where the user risks to remove everything below that mountpoint if still mounted. Fixes also some other bugs noted in the process: Filesystem-specific umount command not called https://github.com/rear/rear/commit/20359a987662cc0c3fcfa52d62d1feac7cd55850#r51319634 Unknown schemes considered invalid, see the discussion under https://github.com/rear/rear/pull/932 Identical scripts under DUPLICITY and YUM replaced by symlinks. Reverted https://github.com/rear/rear/pull/782 that had reintroduced https://github.com/rear/rear/issues/465 which got re-reported as https://github.com/rear/rear/issues/2611 Reverted https://github.com/rear/rear/pull/578 because it is not clear how .lockfile can exist in the unmounted filesystem, and if it does, it is a bug. Reverted https://github.com/rear/rear/commit/d850c4094238a03c9b926b88d7e1582ecd28af52 because it became meanwhile obsoleted by https://github.com/rear/rear/commit/a8fdc445d0d6f7f9184dc6633817928f96aae9bc - Add BACKUP_DUPLICITY_OPTIONS to restore/DUPLICITY/default/400_restore_duplicity.sh Additionnal BACKUP_DUPLICITY_OPTIONS options were missing which can cause the recover to fail (options may contain endpoint information for example), see https://github.com/rear/rear/issues/2619 - In prep/default/400_save_directories.sh also exclude mountpoints that are below mountpoints of "type autofs": Those are below an ancestor mountpoint that is owned/created by the automounter. It is possible to create a sub-mountpoint below an automounted mountpoint but the fact that the sub-mountpoint is not local means it should be excluded (i.e. there is no need to recreate the non-local sub-mountpoint directory), see https://github.com/rear/rear/issues/2610 - Better description and error checking for GRUB_RESCUE with UEFI plus some alignment with the create_grub2_cfg function, cf. https://github.com/rear/rear/issues/2545 Better describe GRUB_RESCUE with UEFI in default.conf and in output/default/940_grub2_rescue.sh better error checking plus some alignment with how create_grub2_cfg() creates a GRUB2 config file i.e. no longer "insmod" the GRUB2 modules efi_gop efi_uga video_bochs video_cirrus cf. https://github.com/rear/rear/pull/2609#issuecomment-831883795 and the discussion in https://github.com/rear/rear/issues/2388 see https://github.com/rear/rear/pull/2609 - Fix setting boot path in case of UEFI partition (ESP) on MD RAID: The code finalize/Linux-i386/670_run_efibootmgr.sh did not support Software RAID. It has to execute the efibootmgr command on the members of the Software RAID, see https://github.com/rear/rear/issues/2595 The ESP may be located on a RAID device. In this case, we need to determine the physical RAID components and call efibootmgr on them. In addition, clean up finalize/Linux-i386/670_run_efibootmgr.sh and add more logging to ease analysis when something goes wrong, see https://github.com/rear/rear/pull/2608 - In prep/RSYNC/default/050_prep_rsync.sh adding sleep period to give rsync daemon time to wake up, see https://github.com/rear/rear/pull/2599 - Have unused LVM PV devices only as comment in disklayout.conf: PVs that are not part of a VG are documented as comment in disklayout.conf but they are not recreated because they were not used on the original system so there is no need to recreate them by "rear recover" see https://github.com/rear/rear/issues/2596 and https://github.com/rear/rear/pull/2603 - Automatically shrink LVs if needed during "rear recover". This enables to run "rear recover" with automated LVM LVs shrinking as needed on a bit smaller replacement disk (e.g. when a nominally same sized replacement disk is actually a bit smaller than the original disk). This automated LVs shrinking is not intended when disk(s) are substantially smaller. To migrate onto a substantially smaller replacement disk the user must in advance manually adapt his disklayout.conf file before he runs "rear recover". In layout/prepare/GNU/Linux/110_include_lvm_code.sh assume the command "lvcreate -L 123456b -n LV VG" had failed because of "Volume group ... has insufficient free space" and then try as fallback attempt using all remaining free space in the VG via "lvcreate -l 100%FREE -n LV VG". In layout/save/GNU/Linux/220_lvm_layout.sh sort the 'lvs' output lines by size of the LVs so only some biggest LVs may get automatically shrinked (if needed) because we assume that the data of the backup can still be restored into a big LV after it was shrinked a bit. See https://github.com/rear/rear/pull/2591 - Replaced possibly misleading "USB device" by generic "USB or disk device" wording in user messages (e.g. when a built-in disk /dev/sdc is used that is no USB device). The word "USB" indicates that those messages belong to the OUTPUT=USB method, cf. https://github.com/rear/rear/pull/2589#issuecomment-805649510 and https://github.com/rear/rear/issues/2588 and https://github.com/rear/rear/pull/2589 - Wipe disks before recreating partitions/volumes/filesystems/... see https://github.com/rear/rear/issues/799 See the new DISKS_TO_BE_WIPED in default.conf and for details see usr/share/rear/layout/recreate/default/README.wipe_disks This is currently new and experimental functionality so that currently by default via DISKS_TO_BE_WIPED='false' no disk is wiped to avoid possible regressions until this new feature was more tested by interested users via an explicit DISKS_TO_BE_WIPED setting in local.conf see https://github.com/rear/rear/pull/2514 - In etc/scripts/system-setup.d/41-load-special-modules.sh load the nvram kernel module if possible to make /dev/nvram appear because /dev/nvram should be there when installing GRUB, see https://github.com/rear/rear/issues/2554 and include the nvram kernel module in the recovery system because nvram could be a module in particular on POWER architecture see https://github.com/rear/rear/issues/2554#issuecomment-764720180 and https://github.com/rear/rear/pull/2580 - Make 400_copy_modules.sh fail-safe for newer modinfo output (in particular modinfo in kmod-27 since SLES15-SP3) because otherwise copying builtin kernel "modules" would let "rear mkrescue" error out with e.g. "ERROR: unix exists but no module file?". Furthermore ensure that kernel modules that should be loaded during recovery system startup (i.e. those in MODULES_LOAD) get always copied into the recovery system. See https://github.com/rear/rear/pull/2579 - In 300_format_usb_disk.sh adapt USB_UEFI_PART_SIZE fallback value to 512 to be in compliance with the new default.conf setting of 512 MiB since https://github.com/rear/rear/commit/9a6b9a109aa77afc6c96cf05bbd7988cf0310d61 that was done in relation to https://github.com/rear/rear/pull/2576 see also https://github.com/rear/rear/issues/2602 - Do not specify '-F 16' for mkfs.vfat and also no '-o fat=16' when mounting it but rely on the mkfs.vfat automatic FAT type selection (which is FAT16 up to 511 MiB and FAT32 starting at 512 MiB at least on openSUSE Leap 15.2 with mkfs.vfat from dosfstools-4.1) and rely on the automatic FAT type detection when mounting, cf. https://github.com/rear/rear/issues/2575 and increase the default ESP size to USB_UEFI_PART_SIZE="512" to get by default (via mkfs.vfat) a FAT32 ESP to be in compliance that "the ESP should officially use a FAT32 filesystem" to avoid possible FAT16 ESP issues with certain UEFI firmware. See https://github.com/rear/rear/pull/2576 - Update 230_filesystem_layout.sh: Increase the 'docker info' timeout value from 5 seconds to 10 seconds because sometimes 'docker info' needs more than 5 seconds to finish, cf. https://github.com/rear/rear/pull/2572#issuecomment-784110872 - Support loop devices in format_usb_disk see https://github.com/rear/rear/pull/2555 - Update 110_include_lvm_code.sh: Make sure we delete the volume group before re-creating it. The issue happens in Migration mode when ReaR is not trying to use vgcfgrestore. See https://github.com/rear/rear/pull/2564 - In usr/share/rear/output/ISO/Linux-i386/700_create_efibootimg.sh add 2 more 32MiB blocks to be on the safe side against inexplicable failures like "cp: error writing '/tmp/rear.XXX/tmp/efi_virt/./EFI/BOOT/elilo.conf': No space left on device" where the above calculated $efi_img_sz is a bit too small in practice, see https://github.com/rear/rear/issues/2552 - Add terminal password check via 'TTY_ROOT_PASSWORD' and describe it in default.conf, see https://github.com/rear/rear/pull/2539 - Changes for NetBackup (NBU) support: Copy NetBackup PBX related files to the rescue system and start vxpbx_exchanged on boot. Add /usr/openv/tmp directory to the NBU skeleton. See https://github.com/rear/rear/pull/2544 - RAWDISK: Add local rescue partition installation capability: Introduce a configuration variable 'RAWDISK_INSTALL_GPT_PARTITION_NAME', which is unset by default. When set, the rescue system will be installed to local disk partitions having the corresponding name. RAWDISK: fix local rescue partition installs (unmount before copying): While the recently created EFI boot partition is still mounted, its file system might not be fully synced. Unmounting ensures that the underlying loop block device is up to date before possibly being copied to local disk partitions. See https://github.com/rear/rear/pull/2538 - BACKUP=BACULA: Make bacula aware of different location of config files see https://github.com/rear/rear/pull/2535 - In layout/prepare/GNU/Linux/131_include_filesystem_code.sh fixed vfat mkfs using uuid from layout if possible see https://github.com/rear/rear/pull/2546 - Completely overhauled USB filesystem kernel module handling: In prep/USB/default/380_copy_usb_fs_module.sh do no longer unconditionally add the USB filesystem to the MODULES and MODULES_LOAD arrays because there are systems where the USB filesystem (e.g. 'ext3') is no kernel module and then (via MODULES_LOAD and /etc/modules) "modprobe ext3" would fail in 40-start-udev-or-load-modules.sh with a false alarm "modprobe: FATAL: ... ext3 not found ..." message that would appear on the user's terminal during recovery system startup. See https://github.com/rear/rear/pull/2537 - Add DP_LD_LIBRARY_PATH to include shared libraries used by BACKUP=DP see https://github.com/rear/rear/pull/2549 - POWER architecture (ppc64) support for BACKUP=DP: Other platforms supporting the Data Protector Disk Agent, but not the Cell Console (GUI) that is only available on i386, x86_64 and ia64 are now supported with ReaR. This includes in particular ppc64. Checks unavailable on clients without the Data Protector Cell Console (GUI) are skipped. In such cases backup restore can be done using Data Protector GUI only. - BACKUP=NBKDC: Enhanced ReaR backup and restore to also work with NovaStor DataCenter 8.0 and higher plus fixed wording "NovaBACKUP DC" -> "NovaStor DC", see https://github.com/rear/rear/issues/2518 - Provide final power to the user to skip the ISO_FILE_SIZE_LIMIT test: Skip the assert_ISO_FILE_SIZE_LIMIT function when there is no usable ISO_FILE_SIZE_LIMIT set so the user could specify ISO_FILE_SIZE_LIMIT=0 in his etc/rear/local.conf if he wants to skip the ISO_FILE_SIZE_LIMIT test. Aditionally enforce maximum 2GiB ISO_FILE_SIZE_LIMIT when the MODULES array contains 'loaded_modules' because MODULES+=( udf ) has no effect in this case unless it is loaded (which normally isn't). - Error out when files greater or equal ISO_FILE_SIZE_LIMIT should be included in the ISO: See the reasoning in default.conf why the default ISO_FILE_SIZE_LIMIT is 2GiB and why we error out when files >= ISO_FILE_SIZE_LIMIT should be included in the ISO. It is needed to aviod possibly disastrous failures later during "rear recover" that users who exceed that limit in exceptional cases get a hard (error) info to thoroughly test and verify whether or not things actually work for them. See https://github.com/rear/rear/pull/2525 - Completely overhauled ldd test in 990_verify_rootfs.sh: Now if needed a special LD_LIBRARY_PATH is set only in the bash that runs ldd and that bash exits after ldd finished so the special LD_LIBRARY_PATH setting is gone with it. So there is no need to remember and restore some previously set LD_LIBRARY_PATH because nothing was changed in the bash that runs rear. Furthermore reporting when a binary requires additional libraries happens now in the same 'for' loop after the ldd test was run which further simplifies the code. See https://github.com/rear/rear/pull/2523 - Skip the ldd test for ReaR files: In build/default/990_verify_rootfs.sh skip the ldd test for ReaR files (mainly bash scripts) where it does not make sense, cf. https://github.com/rear/rear/issues/2519#issuecomment-731196820 - In 500_clone_keyboard_mappings.sh have more neutral wording in messages about possible keyboard issues and don't be needlessly verbose: It seems newer Debian-based systems (including Ubuntu) no longer contain any keymaps directory as part of the base system by default so including multi-keyboard support into the recovery system is impossible there. If the distro provides console-multi-keyboard support, ReaR includes it (without being verbose). If the distro has decided that this is not necessary, ReaR aligns with it (without being verbose). If the user has installed multi-keyboard support, ReaR aligns with it (without being verbose). Only when including the current keyboard mapping failed (i.e. when 'dumpkeys' failed) it shows subsequent messages on the user's terminal in any case. See https://github.com/rear/rear/issues/2519 and https://github.com/rear/rear/pull/2520 - Restore LD_LIBRARY_PATH after reporting binaries with 'not found' libraries: In build/default/990_verify_rootfs.sh restore the LD_LIBRARY_PATH after reporting binaries with 'not found' shared object dependencies so that results are the same for the first 'ldd' run that finds binaries with 'not found' shared objects dependencies and the second 'ldd' run that reports those 'not found' shared objects dependencies, see https://github.com/rear/rear/issues/2508#issuecomment-725914211 - Improved TCG Opal 2 documentation doc/user-guide/13-tcg-opal-support.adoc cf. https://github.com/rear/rear/issues/2511 Better explained OS installation according to the suggestion in https://github.com/Drive-Trust-Alliance/sedutil/issues/301#issuecomment-723010843 Additionally some information from an article on Ask Ubuntu are included https://askubuntu.com/a/1271171/1120528 - Make recreating LUKS volumes work with optional cryptsetup options: The "cryptseup luksFormat" command does not require any of the type, cipher, key-size, hash, uuid option values because if omitted a cryptseup default value is used, cf. https://github.com/rear/rear/pull/2504#issuecomment-720341023 The right UUID values are mandatory for LUKS volumes that will be mounted during startup of the recreated system. But this does not mean ReaR should error out when there is no cryptsetup uuid value because it is possible to run "rear recover" with enforced MIGRATION_MODE and manually correct the restored /mnt/local/etc/crypttab file to use the new UUIDs before the initrd is recreated and the bootloader is (re)-installed cf. https://github.com/rear/rear/issues/2509 - Allow setting a PBA-specific firmware configuration via the new OPAL_PBA_FIRMWARE_FILES configuration variable. Add '.../amdgpu/*' firmware files for AMD graphics hardware (if present) on TCG Opal pre-boot authentication (PBA) images, cf. https://github.com/rear/rear/issues/2474 - Support OPAL 2 self-encrypting NVMe disk drives: Normally the OPAL device itself is used directly but NVMe devices have one or more namespaces per primary device and these namespaces act as disks, cf. https://github.com/rear/rear/issues/2475 - Added initial LUKS2 support, see https://github.com/rear/rear/issues/2204 Added new parameter 'type' to 'crypt' keyword used in disklayout.conf. Using this parameter allows to recreate the same version of LUKS as on the original system. Added LUKS version detection, parsing depending on version and usage of 'type' parameter. - New 036_valid_output_methods.sh to error out for unsupported OUTPUT methods: For "rear mkbackup/mkrescue/mkbackuponly/mkopalpba" (i.e. for all workflows that run the 'prep' stage) check that the OUTPUT method is actually implemented i.e. check that a usr/share/rear/output/$OUTPUT directory exists and error out when an OUTPUT method seems to be not supported to ensure that the user cannot specify a non-working OUTPUT in etc/rear/local.conf (cf. usr/share/rear/prep/default/035_valid_backup_methods.sh) see https://github.com/rear/rear/issues/2501 - Redirect stdout and stderr to the log only in debug modes. In normal modes stdout and stderr are discarded (go now to /dev/null). The reason is to get rid of messages from command stdout and stderr that don't make sense for the user on their own unless there is more information in the log that provides context about the called command (e.g. what exact command was called in debugscript mode) see https://github.com/rear/rear/issues/2416 and https://github.com/rear/rear/pull/2498 - More verbose messages when components are excluded so that is is easier for the user to see directly on his terminal what the actual results are when he specified to exclude components in his etc/rear/local.conf and what components are automatically excluded by ReaR. The verbosity depends on if ReaR is run in verbose '-v' mode or even in debug '-d' or '-D' mode. - Inform the user about unsupported LUKS2 volumes but do not error out see https://github.com/rear/rear/issues/2491 plus some general code cleanup and improvements in layout/save/GNU/Linux/260_crypt_layout.sh - Update 05-integration.adoc: Explain that error messages in ReaR's log may not come from ReaR itself but from programs that are called by ReaR because stdout and stderr are redirected into ReaR's log file, cf. https://github.com/rear/rear/issues/2479 - Have 'cd WORKING_DIR' in Source() function: Ensure that after each sourced file we are back in ReaR's usual working directory which is the current working directory when usr/sbin/rear is launched that is also the working directory of all the other scripts and config files that get sourced via the Source() function in lib/framework-functions.sh see https://github.com/rear/rear/issues/2461 - In 400_copy_modules.sh skip copying kernel modules that are builtin modules. The new behaviour is that when modules are listed in modules.builtin and are also shown by modinfo then those modules are now skipped. Before for such modules the modules file(s) would have been included in the recovery system. See https://github.com/rear/rear/issues/2414 - In backup/NETFS/default/500_make_backup.sh filter purely informational tar messages from output: Suppress purely informational tar messages from output like "tar: Removing leading / from member names" or "tar: Removing leading / from hard link targets" or "tar: /path/to/socket: socket ignored" but keep actual tar error or warning messages like "tar: /path/to/file: file changed as we read it" and show only messages that are prefixed with the name of the failed program (like 'tar:' or 'dd:') which works when tar or dd fail but falsely suppresses messages from openssl which needs to be fixed later, cf. https://github.com/rear/rear/pull/2466#discussion_r466347471 - Fixed exit code logic in backup/NETFS/default/500_make_backup.sh: Commit https://github.com/rear/rear/commit/2674807f6ad48da80b193ae977d345ad2ef5fdd1 removed the BACKUP_PROG_CRYPT_OPTIONS="cat" dummy code which broke the exit code logic because pipes_rc and backup_prog_shortnames did no longer match. Additionally ensure that the number of elements in both arrays are always the same. - Use ReaR specific TMP_DIR (not TMPDIR or hardcoded /tmp) plus some general cleanup work as noticed "by the way" in scripts, see https://github.com/rear/rear/issues/2460 and https://github.com/rear/rear/pull/2462 - Adaptions and enhancements for BACKUP=CDM because the RBS agent file name changed in Rubrik CDM v5.1 from rubrik-agent-sunos5.10.sparc.tar.gz to rubrik-agent-solaris.sparc.tar.gz see https://github.com/rear/rear/issues/2441 - Let 'dd' read and write up to 1M=1024*1024 bytes at a time to speed up things cf. https://github.com/rear/rear/issues/2369 and https://github.com/rear/rear/issues/2458 - In default.conf change ISO_VOLID from "RELAXRECOVER" to "REAR-ISO" so the first ISO has the label "REAR-ISO" (8 characters) and subsequent ISOs get the labels "REAR-ISO_01" "REAR-ISO_02" ... respectively that have 11 characters (the maximum length for FAT volume names) so things work now by default when the ISO image is used to (manually) create a FAT bootable USB stick, cf. https://github.com/rear/rear/issues/1565 and https://github.com/rear/rear/issues/2456 - OPALPBA: Provide a permanent unlocking mode as a workaround because https://github.com/rear/rear/pull/2426 did not resolve the issue https://github.com/rear/rear/issues/2425 where for an HPE ML10Gen9 server it seems the firmware did not initialize properly during a 'simple' reboot so the only reliable way to boot was a power cycle after Opal disks were unlocked. To reboot with unlocked disks there is now a new unlocking mode "permanent" via OPAL_PBA_UNLOCK_MODE (see default.conf). Reactivating locking is then the responsibility of the user. Additionally enhanced security by disabling shell access via keyboard interrupt and switching to a password hash for OPAL_PBA_DEBUG_PASSWORD. - Use single quotes in the password settings examples because single quotes avoid issues with the special bash characters like $ in the password, cf. https://github.com/rear/rear/pull/2178 - Update format-workflow.sh: For "rear format" show "Use 'rear format - -help' for more information" also when a "rear format" argument is not accepted to help the user what the right syntax is (e.g. "rear format help" and "rear format - help" do not work, only "rear format - -help" works) and provide a more helpful example "rear -v format - -efi /dev/sdX" that is actually neded for UEFI. - Support for systemd and parallel restore with Data Protector BACKUP=DP: Support starting Data Protector daemon 'omni.socket' via systemd in the recovery system. Restore performance has been increased by doing parallel restores now. Additional new script usr/share/rear/finalize/DP/default/500_restore_ssc.sh to restore the client certificate when Data Protector Secure Communication is used. Plus several general script cleanup things. See https://github.com/rear/rear/pull/2443 - Supply default value for root in grub in UEFI ISO: Sometimes the search command in GRUB2 used in UEFI ISO does not find the root device. This was seen at least in Debian Buster running in Qemu (VirtualBox works fine, RHEL/CentOS in Qemu works fine as well). To make ReaR work in this case, set $root to a sensible value before trying search. The GRUB2 image created by grub-mkstandalone has $root set to memdisk, which can't work. This essentially matches how it used to work before https://github.com/rear/rear/pull/2293 and fixes https://github.com/rear/rear/issues/2434 - Update 300_format_usb_disk.sh: In format/USB/default/300_format_usb_disk.sh when prompting user for size of EFI system partition on USB disk if no valid value is specified also use 400 MiB as default (same as the default value in default.conf) cf. https://github.com/rear/rear/pull/1205#issuecomment-433336977 and https://github.com/rear/rear/commit/89e6a47c82fbfe8d059a4647755f94750fe28acc - Replaced $DATE usage with consistent variables START_SECONDS START_DATE_TIME_NUMBER and START_DATE_TIME_STRING see https://github.com/rear/rear/pull/2452 - Various TCG Opal Improvements: OPALPBA, Ubuntu: Fix incomplete file exclusions: Fixes omissions reported in https://github.com/rear/rear/issues/2436 Uses COPY_AS_IS_EXCLUDE where possible. Removes files from the PBA system's staging directory where not copying could not be configured. OPALPBA: Improve boot splash on Ubuntu 20.04: Takes into account a change from VT1 to VT7 to hide log messages during the boot process. Improves Plymouth boot splash usage to hide log messages during the reboot after unlocking disks. opaladmin: Add sub-commands 'deactivate', 'reactivate': Makes turning on and off hardware encryption easier on provisioned drives. TCG Opal-2: simplify quoting in messages and replace 'StopIfError' use cf. https://github.com/rear/rear/commit/daf35e235d0770c663ff8dba866dddec76586a27 Explicitly issuing an unlock command before reactivating locking ensures that the device remains in an unlocked state when locking is reactivated. - Add an explanatory comment in lib/_input-output-functions.sh that using the ...IfError functions can result unexpected behaviour in certain cases cf. https://github.com/rear/rear/pull/2443#pullrequestreview-440609407 and https://github.com/rear/rear/issues/534 and https://github.com/rear/rear/issues/1415#issuecomment-315692391 - Migrate XFS configuration files. When in MIGRATION_MODE, migrate/rename XFS configuration files so they follow disk mapping set by user. See https://github.com/rear/rear/issues/2333 Version 2.6 (June 2020) Abstract New features, bigger enhancements, and possibly backward incompatible changes: - Initial preliminary first basic support for IBM Z architecture "s390x" (a.k.a. "z Systems", formerly "System/390", simply called "s390"): Currently primarily for Red Hat and SUSE enterprise systems so that interested users can try out early how far things work in their particular IBM Z environments and provide feedback preferably plus needed fixes, adaptions, and enhancements to ReaR upstream at https://github.com/rear/rear (issues #2137 #2142). - New BACKUP=CDM method to support Rubrik Cloud Data Management (CDM): The Rubrik CDM backup and restore method for ReaR allows Rubrik CDM to perform bare metal recovery of Linux systems. It does this by including the Rubrik CDM RBS agent files in the ReaR recovery system so that during rear recover the Rubrik CDM RBS agent can be used to restore from Rubrik CDM (issue #2248). - New use-case for BLOCKCLONE backup method with the "multiple backups" approach for a more complex LUKS setup with different passphrases or keys: The usual support for LUKS-encrypted filesystems means that during reare recover a new encrypted filesystem will be created with new encryption keys. To recover the exact LUKS setup including its keys from the original system it is now possible to use the "multiple backups" approach by first ignoring the encrypted filesystem during the "base system" phase, and then using a second BLOCKCLONE phase with a dd image that contains the encrypted filesystem. The new config variable BLOCKCLONE_TRY_UNMOUNT is needed here: It will try to unmount the encrypted filesystem before creating its image and before restoring it (issue #2200). - Initial draft implementation of the new 'mountonly' workflow to use ReaR as rescue system, therein mount the filesystems of the target system so that one can manually repair it. This is described in doc/user-guide/04-scenarios.adoc (issue #2247). - Enable creation of non consecutive partitions. parted is not capable of creating non-consecutive partitions. To still be able to do so, the trick consists in creating dummy partitions to fill the gaps between partition numbers. Allocation of these dummy partitions is done from the end of the target partition, because parted is not capable of resizing a partition from the beginning (issues #2081 #1793 #1771 #1681). - Improved handling of partition label type for multipath disks plus including of multipath disks in backup (unless AUTOEXCLUDE_MULTIPATH is true). Now the partition label type for multipath devices (same as is already done for normal disks) is stored in 'multipath' entries in disklayout.conf so that the syntax of those entries changed and that new syntax is now documented in doc/user-guide/06-layout-configuration.adoc (issues #2234 #2236). - The config variable WAIT_SECS default value was aligned with the USER_INPUT_TIMEOUT default value so that now the default timeout for user input is always 300 seconds. The former WAIT_SECS default value of 30 seconds was too short because the 'read -t' timeout interrupts ongoing user input. The timeout must be sufficiently long for the user to read and understand the possibly unexpected user input request message and then some more time to make a decision what to enter and finally even more time to enter the right value (issue #2257). - Enhanced default AUTOEXCLUDE_PATH=( /media /run /mnt /tmp ) to automatically exclude temporarily mounted things (e.g. USB devices) because mountpoints for temporarily mounted things are usually sub-directories below /media /run (like /run/media) /mnt and /tmp (issue #2239). - Now we have CLONE_ALL_USERS_GROUPS="true" by default. See the explanation in default.conf what that means. (issue #2345) - Replaced grub-mkimage with more sophisticated grub-mkstandalone when building GRUB2 image for using GRUB2 as recovery system UEFI bootloader (issue #2293). Details (mostly in chronological order - newest topmost): - Added DHCP auto-configuration for Network Manager (Ubuntu 20.04 Desktop): While ReaR supports DHCP auto-detection during 'rear mkrescue' of some DHCP setups, the Network Manager flavor on Ubuntu 20.04 Desktop was not supported so DHCP for the recovery system was not auto-enabled there (issue #2427). - OPALPBA (OUTPUT=RAWDISK): Workaround for EFI firmware glitch which prevents booting the real OS after unlocking SEDs. Symptom: Boot hangs when Grub hands over control to the Linux kernel. Seen on an HPE ML10Gen9 server. The workaround is to add and remove a UEFI 'next boot' entry (essentially a no-op) which should convince the EFI firmware to use the boot order to determine the effective boot entry for the next boot (issue #2425). - Update default.conf: Describe LUKS_CRYPTSETUP_OPTIONS usage with some examples (issue #2389). - Overhauled how SSH config files are parsed for 'IdentityFile' values to find (and remove) unprotected SSH keys in the recovery system. Now "find ./etc/ssh" ensures that SSH 'Include' config files e.g. in /etc/ssh/ssh_config.d/ are also parsed (issue #2421). - Update default.conf: Describe usage of non-quoted globbing patterns like VAR+=( /directory/* ) versus quoted globbing patterns like VAR+=( '/directory/*' ) and also describe how to prepend to an array in contrast to append to it (issue #2417). - When creating md5sums of the files in the recovery system be safe against blanks or special characters in file names by using appropriate options for all commands in the pipe (issues #2407 #1372). - Evaluate OUTPUT_LFTP_OPTIONS at the beginning of lftp operations. Before OUTPUT_LFTP_OPTIONS had been evaluated after connection to destination host was established which prohibited using OUTPUT_LFTP_OPTIONS also for connection specific settings. Now OUTPUT_LFTP_OPTIONS is moved to the beginning of lftp command before any other lftp command is executed (issue #2410). - For BACKUP=BORG implemented pagination when selecting the Borg archive to restore from: During "rear recover" all Borg archives are shown. In case of a long list only the last items had been visble to the user. Now pagination happens with a configurable number of Borg archives, see BORGBACKUP_RESTORE_ARCHIVES_SHOW_MAX in default.conf (issue #2408). - For BACKUP=BORG updated generated locale filename from "rear.UTF-8" to "en_US.UTF-8" (issue #2402). - Use plain ${COPY_AS_IS[*]} instead of quoted "${COPY_AS_IS[@]}" in the tar command call that copies things into the recovery system to ensure "things work as usually expected" for any methods that are used to add elements to the COPY_AS_IS array and better explain in default.conf how COPY_AS_IS works, in particular that symlinks cannot be followed and that files or directories that contain blanks or other $IFS characters cannot be specified (issue #2405). - For RAWDISK output add distribution-specific GRUB2 module 'linuxefi.mod' otherwise GRUB2 could not boot a UEFI rescue medium on Ubuntu 18.04 or 20.04 (issue #2419). - ReaR was using hard-coded set of Grub2 modules for UEFI boot-loader. New GRUB2_MODULES_UEFI and GRUB2_MODULES_UEFI_LOAD config variables for installing GRUB2 as recovery system UEFI bootloader so that user can add or remove GRUB2 modules as needed (issues #2283 #2293 #2392). - No longer load GRUB2 modules efi_gop and efi_uga in function create_grub2_cfg: In the create_grub2_cfg function in lib/bootloader-functions.sh do no longer enfore loading the GRUB2 modules efi_gop and efi_uga because loading only the module all_video is sufficient and fail-safe because moddep.lst contains "all_video: efi_gop efi_uga" (issue #2388). - No longer load video_bochs and video_cirrus by the create_grub2_cfg function. In the create_grub2_cfg function in usr/share/rear/lib/bootloader-functions.sh that is used in case of UEFI to set up GRUB2 as bootloader for the recovery system do no longer let GRUB2 load the modules video_bochs and video_cirrus because those are not available as GRUB2 modules in case of UEFI (x86_64-efi) and the generic "insmod all_video" that is still there should be sufficient for GRUB2 (issue #2388). - Allow to boot original system from Grub menu (UEFI): This change adds following: Possibility to boot original system for UEFI boot with OUTPUT=NETFS and OUTPUT=USB (similarly to non UEFI ReaR rescue system). Replaces grub-mkimage for building of Grub2 boot image for OUTPUT=USB with build_bootx86_efi() (grub-mkstandalone). Replaces separate Grub configuration for OUTPUT=USB with create_grub2_cfg(). Using build_bootx86_efi() and create_grub2_cfg() in OUTPUT=USB will unify process of Grub boot image creation with OUTPUT=NETFS. (issue #2326) - Replace grub-mkimage with more sophisticated grub-mkstandalone when building GRUB2 image for using GRUB2 as recovery system UEFI bootloader (issue #2293). - When transferring ReaR recovery system ISO, create also destination directory structure (including parents). This is useful because when destination directory structure does not exist (or is incomplete), Lftp puts files into first available directory in OUTPUT_URL scheme (issue #2401). - Have CLONE_ALL_USERS_GROUPS="true" by default and explain it in default.conf (issue #2345). - New OUTPUT_LFTP_OPTIONS config variable for lftp custom parameters (issue #2384). - Update 950_check_missing_programs.sh: When checking for required programs also test for "basename program" because when required programs are specified with absolute path those programs appears in the ReaR recovery system in /bin/ so testing their original path would falsely fail during "rear recover" (issue #2206). - New prep/USB//350_safeguard_error_out.sh safeguard scripts to let "rear mkrescue/mkbackup" error out in case of false usage of OUTPUT=USB on non PC-compatible (non-i386/x86/x86_64) architectures because with OUTPUT=USB on those architectures the USB medium cannot be booted (for those architectures there are no scripts that install a bootloader) and documented that in the OUTPUT=USB section in default.conf (issues #2348 #2396). - Error out for unsupported workflows in any case: Before init/default/050_check_rear_recover_mode.sh did only error out when in the recovery system an unsupported workflow should be run. Now it also errors out when on the normal/original system an unsupported workflow that is likely destructive (in particular recover layoutonly restoreonly finalizeonly and mountonly) should be run (issues #2387 #2395). - Improve BorgBackup (short: Borg) integration into ReaR: Several improvements e.g. error handling, output to logfile etc. (issue #2382). - In backup/NETFS/default/500_make_backup.sh add "bs=1M" to SPLIT_COMMAND="dd of=$backuparchive bs=1M" to let 'dd' read and write up to 1MiB at a time to speed up things for example from only 500KiB/s (with the 'dd' default of 512 bytes) via a 100MBit network connection to about its full capacity (issue #2369). - Error out during "rear mkrescue/mkbackup" when LUKS version 2 is used because LUKS version 2 is not suppported. When LUKS version 2 is used it fails at least to determine the hash value so we use an empty hash value as a simple test if gathering crypt information was successful and error out if not. (issues #2204 #2381) - Auto-detect DHCP client with systemd-networkd plus completely overhauled and simplified code in prep/GNU/Linux/210_include_dhclient.sh with resulting simplification of skel/default/etc/scripts/system-setup.d/58-start-dhclient.sh (issue #2375). - Filter out duplicate entries in COPY_AS_IS but keep the ordering of the elements i.e. only the first occurrence of an element is kept. Also remove duplicates in the copy_as_is_filelist_file with 'sort -u' because here the ordering does not matter. (issue #2377) - Update 250_find_all_libs.sh: Removed unreliably working code that intends to filter out duplicates in the LIBS and COPS_AS_IS arrays via echo "${ARRAY[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' ' that fails when array elements contain spaces so better code should be used e.g. like printf '%s\n' "${ARRAY[@]}" | awk '!seen[$0]++' but filtering out duplicates is not needed and by the way cleaned up the whole script a bit. (issue #2377) - Skip Longhorn Engine replica devices (issue #2373). - Update 400_prep_yum.sh: For BACKUP=YUM error out if BACKUP_PROG_CRYPT_ENABLED is set because BACKUP=YUM does not support backup encryption (issue #2374). - Fail-safe patching of etc/ssh/sshd_config in the recovery system to ensure the needed ReaR settings/overrides actually apply. For example if etc/ssh/sshd_config contains a Match section at the end of the file e.g. appending "PermitRootLogin yes" will not be effective as a global setting but only in the Match section. Therefore now the needed ReaR settings are inserted at the beginning and all subsequent entries of that kind are disabled (commented out) to ensure that the ReaR global setting is the only one that is effective. (issue #2362) - Run what was build/default/985_fix_broken_links.sh now earlier as build/default/490_fix_broken_links.sh before files get modified in recovery system because otherwise e.g. if etc/ssh/sshd_config is a symbolic link build/default/500_ssh_setup.sh will fail to apply patches (issue #2360). - Use simpler and more fail-safe syntax ARRAY+=( additional elements ) everywhere (issue #2364). - Update 58-start-dhclient.sh: Fixed issue #2354. - Added usr/share/rear/restore/OPALPBA/ directory to pass the test for SHARE_(D)IR/restore/BACKUP in prep/default/035_valid_backup_methods.sh because the mkopalpba workflow uses the nonexistent BACKUP method OPALPBA to create a PBA image (issue #2351). - Fix OPALPBA: Could not change password on multiple SEDs at once. "rear opaladmin changePW" (when used without any extra argument or with multiple arguments) is meant to change the disk password on multiple self-encrypting drives in a single invocation. However, it stopped after successfully changing the password on the first drive and the password of subsequent drives had not been changed. (issue #2349) - Update 035_valid_backup_methods.sh: Simplified prep/default/035_valid_backup_methods.sh to make it work more predictable and fail-safe (issue #2353). - Have a hardcoded '-iso-level 3' option in output/ISO/Linux-ppc64le/820_create_iso_image.sh because it is also hardcoded in output/ISO/Linux-i386/820_create_iso_image.sh and it seems to also work in general on PPC64LE architecture (issue #2344). - Update default.conf: Adapt the explanation in default.conf how ISO_MAX_SIZE works (issue #2347). - Cleaned up and enhanced the ISO_MAX_SIZE implementation in backup/NETFS/default/500_make_backup.sh to make it in particular more safe against erroneous settings of the ISO_MAX_SIZE variable (issue #2344). - Added required NFS users for proper rpcbind startup: Usually 'rpcuser' is used but 'rpc' is used in RHEL7.x and '_rpc' is used in Debian 10 (issues #2341 #2342 #2250) - Cleaned up and enhanced 320_migrate_network_configuration_files.sh plus some bugfixes where the old code presumably did not work. (issues #2310 #2313 #2312) - Update 890_finish_checks.sh: In the WARNING message at the end of "rear recover" when no bootloader could be installed also mention usr/share/rear/finalize/Linux-ppc64le/660_install_grub2.sh as an example script how one could install a bootloader on POWER architecture. Furthermore since finalize/default/110_bind_mount_proc_sys_dev_run.sh it is no longer needed to manually mount /proc. (issues #2339 #2045) - Update 095_exclude_non_essential_files.sh: Added also /usr/lib/grub2 and /usr/share/grub2 to COPY_AS_IS_EXCLUDE because since openSUSE Leap 15.1 things were moved from /usr/lib/grub2/ to /usr/share/grub2/ (issue #2338). - Update 270_create_grub2_efi_bootloader.sh: Test for Grub 2 EFI components directories /usr/lib/grub/x86_64-efi and now also for /usr/lib/grub2/x86_64-efi or /usr/share/grub2/x86_64-efi because since openSUSE Leap 15.1 things were moved from /usr/lib/grub2/ to /usr/share/grub2/ (issue #2338). - Update uefi-functions.sh: Use /usr//grub/x86_64-efi/partmap.lst instead of /usr/lib/grub*/x86_64-efi/partmap.lst because since openSUSE Leap 15.1 things were moved from /usr/lib/grub2/ to /usr/share/grub2/ (issue #2338). - Update 630_install_grub.sh and 650_install_elilo.sh: Show the actual missing directory in the Error message (issue #2337). - Moved backup/default/005_valid_backup_methods.sh to prep/default/035_valid_backup_methods.sh to also check for valid backup methods during "rear mkrescue" because for most external backup methods only "rear mkrescue" is used, cf. the section "BACKUP SOFTWARE INTEGRATION" in 'man rear' (issue #2337). - Changes to Data Protector branding, adjustment required to support the new Data Protector 10.x agent with Secure Socket Communication. Fixed some problems related to SessionID format and problems with object names like host type vs. file system backup (issue #2335). - Hard-coded root home directory string ("/root") was replaced with $ROOT_HOME_DIR that is the eeal home directory of root user (issue #2334). - Make USE_DHCLIENT and USE_STATIC_NETWORKING more fail-safe in ReaR recovery system (issue #2325). - For FDR backups, if the path for $FDRUPSTREAM_DATA_PATH does not exist, then create it. This change is FDR specific for s390 and is only in effect if ZVM_NAMING is "Y" (issue #2320). - Overhauled rescue/default/010_merge_skeletons.sh: Made 010_merge_skeletons.sh behave more reliably. Now it errors out when things really went wrong. Now is is also supported that both a $skel_dir directory (e.g. usr/share/rear/skel/default/) plus a $skel_dir.tar.gz (e.g. usr/share/rear/skel/default.tar.gz) exist and then both get copied into the recovery system, first the directory and then the tar.gz so that via the tar.gz files from the $skel_dir directory could be overwritten if needed. (issues #2307 #2317) - Added $FDRUPSTREAM_DATA_PATH/rear to $COPY_AS_IS_EXCLUDE_FDRUPSTREAM (issue #2318). - Added documentation about possible (dirty) workarounds for needed bind9-export libraries for CentOS 7.7 and 8.0 which is somewhat related to Rubrik-CDM (issues #2266 #2284). - Enhanced recovery system BIOS boot default settings for USB and ISO: For OUTPUT=ISO the user can now explicitly specify what to boot by default when booting the ISO on BIOS systems via ISO_DEFAULT="boothd0" to boot from the first disk and ISO_DEFAULT="boothd1" to boot from the second disk. For OUTPUT=USB the user can now explicitly specify what to boot by default when booting the disk on BIOS systems via USB_BIOS_BOOT_DEFAULT="boothd0" to boot from the first disk. The default USB_BIOS_BOOT_DEFAULT="" boots the second disk. (issues #2276 #2303) - Remove outdated /root/rear-DATE-TIMESTAMP.log symlinks. Before creating the current symlink to the current log file test all files that match the file name pattern of such symlinks and remove those already existing (old) symlinks where its now outdated symlink target is the current log file (issue #2301). - Initial preliminary first basic support for IBM Z architecture "s390x" (a.k.a. "z Systems", formerly "System/390", simply called "s390"): Currently primarily for Red Hat and SUSE enterprise systems so that interested users can try out early how far things work in their particular IBM Z environments and provide feedback preferably plus needed fixes, adaptions, and enhancements to ReaR upstream at https://github.com/rear/rear (issues #2137 #2142). - Improved 'is_multipath_path' function to be more fail safe that now tests (via "multipath -l" output) if multipath is used. Additionally have 'lsblk' output as disklayout.conf header comments to make it easier to understand the values in the subsequent entries. Furthermore added 'xdd' to the PROGS array because sometimes a tool to display binary files is required in the recovery system. (issue #2298). - Error out during "rear mkrescue" in case of insufficient LVM tools: Overhauled layout/save/GNU/Linux/220_lvm_layout.sh where now the exit code of the "lvm ..." calls are checked and it errors out if one fails in particular to avoid that entries in disklayout.conf are missing or broken when too old LVM tools are used that do not support the needed options of those "lvm ..." calls. Also in layout/save/default/950_verify_disklayout_file.sh a simple test was added to verify that the 'lvm...' entries in disklayout.conf look syntactically correct. Furthermore in 06-layout-configuration.adoc in the "Disk layout file syntax" section the exact same syntax for the "lvm..." entries is now listed as the headers of the "lvm..." entries in disklayout.conf are. (issues #2259 #2291) - Fixed missing delete_dummy_partitions_and_resize_real_ones calls: Use same code as for disks for multipath devices (these are just regular disks), including MBR erasing and partition creation and cleanup: create_multipath() cannot call create_disk() because create_disk() verifies that the device is a block device, which it isn't with multipath because it's a symlink to a device mapper instead. Make sure new code handling re-creation of partitions and cleanup is used because Software Raid can have partitions since these are virtual disks. (issue #2281) - Moved 'route' back from REQUIRED_PROGS to PROGS. ReaR uses 'ip route' everywhere so 'route' is not actually required. As 'route' is no longer always installed nowadays, having it in REQUIRED_PROGS lets ReaR falsely error out on such systems (issues #1961 #1652). - Update 990_verify_rootfs.sh: Use a FDRUPSTREAM-specific LD_LIBRARY_PATH to find FDR libraries (issue #2296). - Do not run 'ldd' on untrusted files to mitigate possible ldd security issues because some versions of ldd may directly execute the file (see "man ldd") which happens as user 'root' during "rear mkrescue". The new TRUSTED_FILE_OWNERS user config array contains user names that are trusted owners of files where RequiredSharedObjects calls ldd (cf. COPY_AS_IS) and where a ldd test is run inside the recovery system that tests all binaries for 'not found' libraries. Furthermore use '2>>/dev/$DISPENSABLE_OUTPUT_DEV' at more places to avoid that the "rear -D mkrescue" log file size would grow from about 5 MiB to about 17 MiB so that now that log file size even shrinked to about 2 MiB. (issue #2279) - Initial draft implementation of the new 'mountonly' workflow to use ReaR as rescue system, therein mount the filesystems of the target system so that one can manually repair it. This is described in doc/user-guide/04-scenarios.adoc (issue #2247). - Feature RAWDISK and OPALPBA improvements: RAWDISK: include additional Grub modules from /boot/grub (and /boot/grub2) which had formerly been missing. OPALPBA: improve Plymouth boot animation on Ubuntu, provide integration capabilities for other distros. RAWDISK: add support for distros which use 'grub2' naming. (issue #2275) - Improved check for missing libraries in 990_verify_rootfs.sh so that now also libraries are checked that are no executables plus skipped the ldd test for firmware files (issue #2279). - Update default.conf: More explanatory comment in default.conf how COPY_AS_IS versus LIBS, PROGS, and REQUIRED_PROGS are meant to be used (issue #2278). - Accommodate logs from multiple FDR/Upstream services. Users may run multiple FDR/Upstream services on a single machine. This code change allows ReaR to copy FDR/Upstream logs from the recovery environment to the restored system for all running services. Previously the code was expecting to find only one set of logs and reports in the FDR/Upstream installation directory. For several years now, logs and reports have been stored in a new location ($FDRUPSTREAM_DATA_PATH), so we check here instead (issue #2251). - Update format-workflow.sh: Set EXIT_FAIL_MESSAGE=0 before exiting in "rear format - -help" to avoid the "rear format failed, check ...rear...log for details" message that is pointless in this case. - Added alternative for 'poweroff.com' that is 'poweroff.c32' on RHEL8 (issue #2238). - Removed unnecessary line that sets NSRSERVER in layout/save/NSR/default/650_check_iso_recoverable.sh which prevented setting NSRSERVER in local.conf (issue #2162). - Enhanced default AUTOEXCLUDE_PATH=( /media /run /mnt /tmp ) plus explanatory comment in default.conf how AUTOEXCLUDE_PATH works (issues #2239 #2261). - Use is_true() for AUTOEXCLUDE_MULTIPATH and cleanup of the get_partition_number function that now errors out with BugError in cases that are likely a bug in ReaR (issues #2245 #2260). - Do not abort in case of invalid user input but retry if possible. When input values can be (syntactically) validated there is now a retry loop until the user provided valid input (or intentionally aborts) except those cases where it was not possible to implement validation when it is unknown what is valid for third-party tools (issue #2253). - Removed '2>/dev/null' redirection where possible: Some general cleanup for ReaR 2.6 in all scripts by removing '2>/dev/null' where it makes sense and replacing '&>/dev/null' by '1>/dev/null' where it makes sense or also removing '&>/dev/null' where that seems to be better (issue #1395). By the way verify/TSM/default/390_request_point_in_time_restore_parameters.sh and verify/NBU/default/390_request_point_in_time_restore_parameters.sh have been somewhat overhauled but both scripts still abort 'rear recover' when the user did an invalid date or time input (issue #2253). - Fix including of multipath disks in backup: The AUTOEXCLUDE_DISKS logic traverses filesystems and tries to determine the associated underlying disks that should be kept. When having a filesystem fs:/A that is present on a multipath device MP and the root filesystem fs:/ that is present on a normal disk D, the code first established that fs:/A depends on fs:/ resulting in marking D as used and then short-circuited processing of multipath devices. This resulted in MP not being considered as a used device and removed from the backup. The problem is fxed by removing the short-circuit logic in find_disk_and_multipath() so multipath devices get processed too unless AUTOEXCLUDE_MULTIPATH is true (issue #2236). - Improve handling of partition label type for multipath disks: When recording information about a multipath disk, ReaR did not store information about its partition label type in the 'multipath' entry in disklayout.conf. The recovery code tried to automatically detect the label type using a heuristic that depends on GPT partition names. The logic would incorrectly detect the device as having the MBR label type instead of GPT if one of the partition names was exactly "primary", "extended" or "logical". The problem is solved by explicitly storing the partition label type for multipath devices (same as is already done for normal disks) so that the syntax of the 'multipath' entries in disklayout.conf is changed and that new syntax is now documented in doc/user-guide/06-layout-configuration.adoc The recovery code is accordingly updated to utilize this information (issue #2234). - In doc/user-guide/16-Rubrik-CDM.adoc updated links to SUSE documentation: Replaced the outdated link https://www.suse.com/documentation/sle-ha-12/book_sleha/data/cha_ha_rear.html that gets redirected to a not really helpful standard fallback page by the currently valid URL for the most recent SLE-HA-15-SP1 https://documentation.suse.com/sle-ha/15-SP1/html/SLE-HA-all/cha-ha-rear.html because meanwhile the SUSE documentation was moved to its own server. The more general and more comprehensive documentation URL https://en.opensuse.org/SDB:Disaster_Recovery is kept and listed topmost (issue #2255). - Added explanatory comments to default.conf about backup restore that may fail for things like BACKUP_PROG_COMPRESS_OPTIONS=("-zstd") due to missing zstd binaries in the ReaR recovery system probably also for -lzip -lzma -lzop (issue #2241). - New BACKUP=CDM method for Rubrik Cloud Data Management (CDM) see doc/user-guide/16-Rubrik-CDM.adoc (issues #2248 #2249). - In verify/NETFS/default/050_start_required_nfs_daemons.sh all kind of '2>/dev/null' (i.e. also '&>/dev/null') are removed (so that '&>/dev/null' is replaced by '1>/dev/null') because in general '2>/dev/null' is unhelpful because it needlessly suppresses error messages in the log that would be helpful to see when something fails (issues #2250 #1395). - Update 06-layout-configuration.adoc: Changed section title from "Including/Excluding components" to only "Excluding components". The latter avoids possible misunderstanding that there would be a config variable to explicitly include something but "including" here describes only to disable autoecludes (issue #2229). - Update default.conf: At AUTOEXCLUDE_DISKS removed the comment Explicitly excluding/including devices is generally a safer option because it is not acually helpful and even misleading because there is currently no config variable to explicitly include devices (issue #2229). - Do not keep the build dir when ReaR is run noninteractively by additional special values for the KEEP_BUILD_DIR config variable, see its desctiption in default.conf (issue #2218). - Fix LVM2 thin pool recreation logic / use of vgcfgrestore is broken: Removing forcibly (with '-force' passed twice) seems to work for now. But our use of vgcfgrestore is probably not appropriate at all. It works by chance. Typically, it works only for Linear volumes, and won't probably for Caches and Raid hierarchies or when there are existing Snapshots on the system. The only proper solution is perhaps stop relying on vgcfgrestore at all, but then we are not capable of restoring volume groups and logical volumes with all properties from original system (issue #2222). - Use mountpoint instead of mount | grep (issue #2225). - Updated default.conf: Replaced ARRAY=( "${ARRAY[@]}" additional elements ) with simpler and more fail safe ARRAY+=( additional elements ) (related to issues #2223 #2220). - Append to the CLONE_USERS and CLONE_GROUPS arrays by using += instead of expanding the previous value to an empty element which then causes problems later (issues #2223 #699). - Update 900_clone_users_and_groups.sh: Skip empty user and group values (issue #2220). - New use-case for BLOCKCLONE backup method for complex LUKS-encrypted filesystems by usinng the "multiple backups" approach with a second BLOCKCLONE phase with a dd image that contains the encrypted filesystem where unmounting the encrypted filesystem before creating its image and before restoring it has to be done via the new config variable BLOCKCLONE_TRY_UNMOUNT (issue #2200). - Fixed when ReaR does not detect an uncompressed kernel that is named 'vmlinux' (instead of 'vmlinuz'). - Added $BACKUP_OPTIONS to the line with mount_url in 800_copy_to_tftp.sh and 810_create_pxelinux_cfg.sh otherwise in case of OUTPUT=PXE mounting the NFS will fail. - UEFI: Search for Grub2 modules in /usr/lib/grub/x86_64-efi and not in /boot. On Fedora and RHEL systems, Grub2 UEFI modules live in /usr/lib/grub/x86_64-efi, not /boot, unless grub2-install is executed, but executing this tool is not needed with UEFI. On SUSE systems, Grub2 UEFI modules also live in /usr/lib/grub/x86_64-efi but there is also a copy in /boot, so it's not needed searching in /boot at all. Additionally, only UEFI modules should be looked for, so /boot cannot be searched but only /boot/grub2/x86_64-efi (similarly /usr/lib/grub/x86_64-efi, not just /usr/lib/grub*), otherwise we could get some false positives on dual boot systems (UEFI + Legacy), since modules for Legacy will also match, which is wrong (issues #2199 #2001). - RAWDISK and TCG Opal 2 Self-Encrypting Disks: Add Secure Boot support (issue #2166). - Avoid that disklayout.conf contains duplicate 'lvmvol' lines: Create the 'lvmvol' lines commented out when multiple segments exist for a given LV. This is not an issue unless Migration Mode is used. In such case, using 'lvcreate' commands already does best effort and loses LV information (issues #2194 #2187). Additionally do not overload the kval variable (that is intended for passing options to lvcreate) by adding extra keys to it, which are not supported by lvcreate. Introduce another variable infokval for this purpose and print those unsupported and purely informational keys only in comments (issue #2196). - Apply layout mappings also to other relevant files via layout/prepare/default/320_apply_mappings.sh In migration mode apply the disk layout mappings not only to disklayout.conf but also to other files that are also used to migrate the disk layout, namely VAR_DIR/layout/config/df.txt and /etc/rear/rescue.conf Additionally re-read the BTRFS_SUBVOLUME_SLES_SETUP variable from /etc/rear/rescue.conf because its value could have been migrated to a new value (issue #2181). - In the function apply_layout_mappings (therein in its "step 3") treat leftover temporary replacement words (like _REAR1_) as an error only if they are in a non-comment line (issue #2183). - When 420_autoresize_last_partitions.sh resizes the last partition on a GPT disk it leaves 33 LBA blocks at the end of the disk so that 420_autoresize_last_partitions.sh produces a fully correct disklayout.conf file where no further automated adjustments by a subsequent script like 100_include_partition_code.sh are done (issue #2182). - Error out when DHCLIENT_BIN and DHCLIENT6_BIN are empty and USE_DHCLIENT is set (issue #2184). - In build/default/990_verify_rootfs.sh skip the ldd test for kernel modules because in general running ldd on kernel modules does not make sense and sometimes running ldd on kernel modules causes needless errors because sometimes that segfaults (issue #2177). - Bacula: Fixed 'bconsole' prompt not displaying at all when doing a recover (issue #2173). - Fixed that the EFI Boot Manager cannot be installed when the system has a NVMe SSD, because the device name is resolved as /dev/nvme0n1p rather than /dev/nvme0n1 so for NVMe devices the trailing 'p' in the Disk value as in /dev/nvme0n1p that is derived from /dev/nvme0n1p1 needs to be stripped to get /dev/nvme0n1 (issues #2160 #1564). - Changed double quotes (") to single quotes(') in documentation related to BORG_PASSPHRASE variable. Double quotes will not avoid expanding of variable when'$' sign is used inside pass phrase string, which can lead to unsuccessful opening of Borg archive (issue #2205). - More fail safe BACKUP_PROG_CRYPT_KEY handling: Use double quotes "$BACKUP_PROG_CRYPT_KEY" so that the BACKUP_PROG_CRYPT_KEY value can contain spaces. Escape special regexp characters in the BACKUP_PROG_CRYPT_KEY value when it is used as a regexp in grep or sed. Use single quotes BACKUP_PROG_CRYPT_KEY='my_passphrase' in the documentation examples so that the BACKUP_PROG_CRYPT_KEY value can contain special characters (except single quote). Recommend in default.conf to not use special characters in the BACKUP_PROG_CRYPT_KEY value to be to be on the safe side against things breaking in unexpected weird ways when certain code in ReaR is not yet safe against arbitrary special characters in values (issues #2157 #1372). - Avoid that the BACKUP_PROG_CRYPT_KEY value appears in a log file in particular when 'rear' is run in debugscript mode where 'set -x' is set by redirecting STDERR to /dev/null for those confidential commands that use the BACKUP_PROG_CRYPT_KEY value, cf. the comment of the UserInput function how to keep things confidential when 'rear' is run in debugscript mode (issues #2155 #2156). - Fix when recovery fails on LUKS-encrypted filesystem using simple password because only the first 2 parameters in /etc/crypttab are mandatory (issue #2151). - Generic enhancements for IBM Z (s390) to support 'dasd' disks and SUSE specific enhancements to install during "rear recover" the special GRUB2 plus ZIPL bootloader on SLES12 and later via the new finalize/SUSE_LINUX/s390/660_install_grub2_and_zipl.sh script (issues #2137 #2150). - Cleanup of the OUTPUT=RAMDISK code. Overhauled 900_copy_ramdisk.sh as architecture independent new script output/RAMDISK/default/900_copy_ramdisk.sh that replaces output/RAMDISK/Linux-i386/900_copy_ramdisk.sh and overhauled conf/templates/RESULT_usage_RAMDISK.txt plus better description of OUTPUT=RAMDISK and RESULT_FILES in default.conf (issue #2148). - Enable creation of non consecutive partitions (issues #2081 #1793 #1771 #1681). - The new SUSE-specific script finalize/SUSE_LINUX/i386/675_install_shim.sh calls 'shim-install' inside chroot on the recreated target system and uses boot/grub2/grub.cfg as input to recreate two needed (identical) EFI files /boot/grub2/x86_64-efi/core.efi and /boot/efi/EFI/opensuse/grubx64.efi (issue #2116). - Fixed that output/default/950_copy_result_files.sh falsely errors out when an output method OUTPUT=FOO is used where there is no matching usr/share/rear/conf/templates/RESULT_usage_FOO.txt because when it is missing it is no sufficient reason to error out. Furthermore now 950_copy_result_files.sh is skipped when RESULT_FILES is empty because that means there is no actual output and then it is not needed to only copy VERSION README and LOGFILE to the output location (issue #2147). Version 2.5 (May 2019) Abstract New features, bigger enhancements, and possibly backward incompatible changes: - Enhancements to better support mmcblk/eMMC disks: An "eMMC" device could be not only one single disk but actually consist of several 'disk' type block devices for example the actually usable disk /dev/mmcblk0 (with its partitions like /dev/mmcblk0p1 and /dev/mmcblk0p2) plus special additional disks on the same eMMC device like /dev/mmcblk0boot0 and /dev/mmcblk0boot1 and /dev/mmcblk0rpmb (issue #2087). - Now there is in default.conf MODULES=( 'all_modules' ) which means that now by default all kernel modules get included in the recovery system (issue #2041). Usually this is required when migrating to different hardware. Additionaly it makes the recovery system better prepared when this or that additional kernel module is needed, e.g. to ensure a USB keyboard is usable in the recovery system (issue #1870) or to ensure data on external medium (e.g. iso9660) can be read (issue #1202). Furthermore this is helpful to be on the safe side against possibly missing dependant kernel modules that are not automatically found (issue #1355). The drawback of MODULES=( 'all_modules' ) is that it makes the recovery system (and its ISO image) somewhat bigger (see issue #2041 for some numbers). With MODULES=() the old behaviour can be still specified. There is a minor backward incompatible change: Before the user had to specify in etc/rear/local.conf MODULES=( "${MODULES[@]}" 'moduleX' 'moduleY' ) to get some specific modules included in addition to the ones via an empty MODULES=() but now the user must specify MODULES=( 'moduleX' 'moduleY' ) for that because with "${MODULES[@]}" the new default value 'all_modules' would be kept which would trigger that all modules get included so that now `MODULES=( "${MODULES[@]}" 'moduleX' 'moduleY' )` includes all kernel modules in the recovery system which includes in particular 'moduleX' and 'moduleY' so that things still work but with a bigger recovery system. For details see the MODULES description in default.conf. - The new verify script layout/save/default/950_verify_disklayout_file.sh verifies the disklayout.conf file that is created by "rear mkrescue/mkbackup". Currently only some very basic verification is implemented: It verifies that the 'disk' entries look syntactically correct (only basic value type testing), the 'part' entries look syntactically correct (only basic value type testing), the 'part' entries specify consecutive partitions. The latter is needed to make ReaR more fail-safe in case of sparse partition schemes (i.e. when there are non-consecutive partitions) because currently "rear recover" fails when there are non-consecutive partitions (issue #1681). In general verification of the created disklayout.conf should help to avoid failures when it is too late (i.e. when "rear recover" fails). It is better to error out early during "rear mkrescue/mkbackup". It may happen that layout/save/default/950_verify_disklayout_file.sh falsely lets "rear mkrescue/mkbackup" error out because of false alarm. The immediate workaround for the user in such cases is to remove that script or skip what it does by adding a 'return 0' command at its very beginning. - Basic support for EFISTUB booting: Via the new config variable EFI_STUB (see default.conf) the user can (and if needed must) specify that the recreated system should boot via EFISTUB. If EFI_STUB is specified but some boot loader like GRUB2 or ELILO is used on the original system, the recreated system gets migrated to boot (only) via EFISTUB. - The whole 'rear dump' output format need to be changed to improve it to clearly distinguish array elements. - Now during "rear mkrescue/mkbackup" md5sums are created for all regular files in in the recovery system and stored as /md5sums.txt in the recovery system. During recovery system startup it verifies those md5sums. Via the new config variable EXCLUDE_MD5SUM_VERIFICATION (see default.conf) the user can specify what files should be excluded from being verified to avoid errors on "false positives". - GRUB2 installation on x86 and ppc64le architecture was completely rewritten and enhanced by the new config variable GRUB2_INSTALL_DEVICES (see default.conf) so that now the user can specify what he wants if needed and in MIGRATION_MODE disk mappings are applied when devices in GRUB2_INSTALL_DEVICES match. Details (mostly in chronological order - newest topmost): - In packaging/rpm/rear.spec reactivated 'BuildRoot' and 'defattr' because both are required for building 'rear' RPM packages on SLES 11 and RHEL 5 / CentOS 5 via the openSUSE Build Service and removed /etc/cron.d/rear and related things (issues #2135 #1855 #1856 #1908 #1892) - In layout/prepare/default/420_autoresize_last_partitions.sh continue with the next disk if the current one has no partitions otherwise the "Find the last partition for the current disk" code fails (issue #2134) - Improved handling of broken symlinks inside the recovery system: Relative symbolic links are now properly handled. Directories, which are link targets, are not copied into the recovery system but a meaningful hint is printed that COPY_AS_IS can be used for that (issues #2129 #2130 #2131) - In layout/prepare/GNU/Linux/135_include_btrfs_subvolumes_generic_code.sh fixed 'btrfs subvolume set-default' command for older versions of 'btrfsprogs' where that command requires both arguments 'subvolid' and 'path' (issue #2119) - For backup NBU: Exclude the whole '/usr/openv/netbackup/logs' directory instead of only the files in that directory (issue #2132) - Fixed layout mapping error when TCG Opal 2 self-encrypting disks were present but had to be excluded due to a non-existent disk during recovery. This exclusion was not handled properly (issue #2126) - In build/default/995_md5sums_rootfs.sh also exclude all files with a trailing '~' in their name because those are also excluded when the recovery system initrd is made by pack/GNU/Linux/900_create_initramfs.sh (issue #2127) - Suppressed unwanted "Welcome to Relax-and-Recover ..." etc/motd messages from 'chroot $ROOTFS_DIR /bin/bash -login ...' calls that appear in the log file or in the stdout of the chroot call when the output is further processes by 'grep' by redirecting stdin of the chroot call to /dev/null because no input is needed (issues #2120 #2125) - Replace RULE_FILES with a global UDEV_NET_MAC_RULE_FILES in default.conf (issues #2074 #2123) - Added comment to default.conf that tells when KEEP_BUILD_DIR is automatically set to true (issue #2121) - Added /usr/openv/netbackup/sec/at/lib/ to NBU_LD_LIBRARY_PATH in default.conf (issues #2105 #2122) - Simplified awk constructs in 320_include_uefi_env.sh into using plain grep and a bash array to avoid inexplicable wrong behaviour in some cases that is somehow related to the nullglob bash option together with different kind of awk (issues #2095 #2115) - For older systems (e.g. like SLES11) where /dev is no mountpoint in the recovery system we first mount TARGET_FS_ROOT/dev as 'tmpfs' and then we copy all /dev contents from the recovery system into TARGET_FS_ROOT/dev to make all recovery system /dev contents available at TARGET_FS_ROOT/dev (which are needed therein for things like "chroot TARGET_FS_ROOT mkinitrd") but only as long as the recovery system runs. On the rebooted target system its pristine /dev will be there. This is basically what finalize/default/100_populate_dev.sh had done but now without dirty remainders on the user's target system disk (issue #2113). - Do not copy symlink targets in /proc/ /sys/ /dev/ or /run/ into the ReaR recovery system. For example on SLES11 /lib/udev/devices/core is a symlink to /proc/kcore so that "rear mkrescue" basically hangs up while copying /proc/kcore because it is huge (issue #2112) - Avoid needless things when there is more than one disk: Avoid tot go into MIGRATION_MODE in any case when there is more than one disk. Avoid that GRUB2 gets needlessly installed two times on the same device (issue #2108) - Fixed disk device name in efibootmgr call for eMMC devices: For eMMC devices the trailing 'p' in the disk device name (as in /dev/mmcblk0p that is derived from /dev/mmcblk0p1) needs to be stripped (to get /dev/mmcblk0), otherwise the efibootmgr call fails because of a wrong disk device name (issue #2103) - For Ubuntu 18.x use /run/systemd/resolve/resolv.conf as /etc/resolv.conf in the recovery system: Basically the /etc/resolv.conf symlink target and /lib/systemd/resolv.conf contain only the systemd-resolved stub resolver "nameserver 127.0.0.53" and only /run/systemd/resolve/resolv.conf contains a real nameserver (issues #2018 #2101) - When mktemp needs to be called with a TEMPLATE call it with sufficent XXXXXXXXXX in the TEMPLATE, otherwise use the mktemp default (issue #2092) - LPAR/PPC64 bootlist was incorrectly set when having multiple 'prep' partitions: Use the specific right syntax for array expansion of the boot_list array (issues #2096 #2097 #2098 #1068) - Ensure that the Error function results a direct and complete exit of the whole running 'rear' program even if the Error function was called from a (possibly nested) subshell in a sourced script: Now the Error function terminates all descendant processes of MASTER_PID except MASTER_PID and the current (subshell) process that runs the Error function and when Error was called from a subshell it finally exits its own subshell so that when the Error function finished only MASTER_PID is still running and finally MASTER_PID exits as usual via the DoExitTasks function (issues #2088 #2089 #2099) - Ignore special additional disks on eMMC devices named "rpmb" and "boot": Now the extract_partitions() function skips device nodes on eMMC devices like /dev/mmcblk0rpmb or /dev/mmcblk0boot0 and /dev/mmcblk0boot1 because ReaR wrongly recognized those 'disk' type block devices as if they were 'part' type block devices, i.e. those are no partitions, but special additional disks on the eMMC device (issue #2087) - Updated the OPALPBA workflow: Set USE_RESOLV_CONF='no' as networking is not required/available in the PBA. Avoid copying in the entire /etc/alternatives directory as its links could pull in lots of unwanted stuff, which is not required in rescue systems. Clean up plymouth/unlock service startup (issue #2083) - Network: Record permanent mac address when device is enslaved in a Team, or else /etc/mac-addresses will record broken information. Use "ethtool -P" as the preferred method to retrieve the MAC address. Otherwise fall back to other methods, which may lead to some invalid MAC address when using Teams (issues #1954 #2065) - Added 'net-tools' to Debian dependencies as required for 'route' command which belongs to the REQUIRED_PROGS (issue #2082) - Added an additional separated new btrfs_subvolumes_setup_generic() function to recreate all mounted Btrfs subvolumes in a more generic way. The old btrfs_subvolumes_setup function was renamed into btrfs_subvolumes_setup_SLES and this one is called as fallback to be backward compatible. For both btrfs_subvolumes_setup implementations it is individually configurable which one is used for which btrfs device via the new config variables BTRFS_SUBVOLUME_SLES_SETUP and BTRFS_SUBVOLUME_GENERIC_SETUP. Currently it is not documented because it is work in progress where arbitrary further changes will happen (e.g. the current btrfs_subvolumes_setup_generic function makes diskrestore.sh fail on older systems where 'btrfs subvolume set-default' needs two arguments) so one has to inspect the current code and comments in the layout/prepare/GNU/Linux/13X_include_... scripts to see how things currently work (issues #2067 #2079 #2080 #2084 #2085) - Fixed SSH root login on the recovery system with some configurations: On Ubuntu 18.04 with OpenSSH 7.6, /etc/ssh/sshd_config contains commented-out lines for 'PermitRootLogin' and other options. This fix makes sure that settings changed for sshd in the ReaR recovery system will be real, not comments (issue #2070) - RAWDISK output: Improved device partition detection (e.g. Ubuntu 18.04). On Ubuntu 18.04, it has been observed that after creating a loop device and creating a properly sized VFAT file system >250 MB on it, after mounting the file system size was actually just 30 MB. Reason: The partition detection did not pick up the correct partition sizes of the associated image file. This change uses losetup's -partscan option (supported by util-linux v2.21 and above) to offer one additional opportunity to detect partitions. If the option is not available, a traditional losetup call will be used as a fallback (issue #2071) - OPALPBA output fix: Do not include any PBA into another PBA. A TCG Opal pre-boot authentication (PBA) system is a minimal operating system constructed by ReaR to unlock self-encrpyting disks before the regular OS takes over. Before this PR, it could happen that a previously created PBA was included in a subsequently created PBA, causing it to be unnecessarily large (issue ##2072) - Now there is in default.conf MODULES=( 'all_modules' ) which means that now by default all kernel modules get included in the recovery system (issues #2041 #1870 #1202 #1355) - New verify script layout/save/default/950_verify_disklayout_file.sh to verify disklayout.conf that was created by "rear mkrescue/mkbackup" (issues #2060 #1681) - Refresh udev with trigger before activating multipath (issue #2064): Ensure that all information from multipath devices is updated by udev into /sys before activating multipath. This helps to mitigate certain kind of issues when something wrong in the SAN zoning configuration (issues #2002 #2016 #2019) - For backup NSR: It is of additional use to not skip the retrieval of the filesystems even in NSR_CLIENT_MODE so that this is now also done in NSR_CLIENT_MODE: Due to saving the save sets filesystem information in $VAR_DIR/recovery/nsr_paths within the recovery image one is able to retrieve/read this information during a recovery process i.e. for advising the EMC networker server team to recover the appropriate filesystem(-structure) from the backups beeing made (issue #2058) - Skip patching absolute symlinks during finalize stage (issue #2055). That does not actually fix issue #1338 but for now it should at least avoid patching wrong files. Furthermore do no longer create udev rules in the recreated system that have not been there. This way one can avoid that ReaR creates udev rules that are created and maintained by systemd/udev like /etc/udev/rules.d/70-persistent-net.rules when one excludes such udev rules from being restored from the backup or by moving them away via BACKUP_RESTORE_MOVE_AWAY_FILES (issue #770) - Now /proc /sys /dev and /run are bind-mounted into TARGET_FS_ROOT at the beginning of the finalize stage via the new 110_bind_mount_proc_sys_dev_run.sh script and existing code in various finalize scripts for mounting /proc /sys /dev and things like that was removed and the finalize scripts were adapted and renumbered as needed (issues #2045 #2035) - Added eno-fix.rules to RULE_FILES for LAN interface MAC address changes to the ens-style LAN interface names instead of the older eno-type LAN names and aligned RULE_FILES content in the involved scripts (issue #2046) - Fixed 58-start-dhclient.sh script to make it work reliably with multiple network interfaces (issue #2038) - Borg backup restore enhancements and fixes: Added checks whether we can read Borg archive, user can enable progress display via BORGBACKUP_SHOW_PROGRESS="yes", corrected mounting of USB device when using Borg (issues #2029 #2037) - Fix for GRUB2 EFI modules search directory location: Instead of looking for GRUB2 modules only in /boot also find them in /usr/lib/grub*, where GRUB2 modules are normally installed by default (issue #2039) - Basic support for EFISTUB booting plus documentation (issues #1942 #2030) - Multipath optimizations: Optimized get_device_name() by calling "dmsetup info" only once, and for "dm" devices only. Removed collecting output of /sys/class/fc_transport since it can be very slow and is not used (issues #2020 #2034) - Suppress dispensable 'set -x' debug output unless called with '-debugscripts x': A noticeable part (25% and more) of the 'set -x' debugscripts output is usually of no interest and therefore such output is suppressed by default (e.g. when rear is called with '-D') unless rear is called with '-debugscripts x' where the full debugscripts output is still there as it was before (issue #2024) - Cleaned up the Docker specific exclude part in 230_filesystem_layout.sh: Determine docker_root_dir only once and try to be safer against possibly crippled Docker installations (e.g. timeout 'docker info') and be safe against empty docker_root_dir (otherwise all mountpoints would match the empty string and we would would skip all mountpoints) and show possible errors to the user in any case (issues #1989 #2021) - Improved setup of /etc/resolv.conf in the recovery system: In case of static networking setup in the recovery system a plain traditional /etc/resolv.conf file with an entry of a remote 'nameserver DNS.server.IP.address' is needed. It cannot work when /etc/resolv.conf contains only loopback IP addresses (which happens when the stub resolver systemd-resolved is used) or when there is no nameserver entry so that "rear mkrescue/mkbackup" errors out in this case. In contrast when USE_DHCLIENT is ture (e.g. when DHCP is used on the original system) then during recovery system startup /etc/resolv.conf will be generated by /bin/dhclient-script so that it does not matter what its content was before. For special cases the user can specify what he wants via the new USE_RESOLV_CONF variable (issues #2015 #2018 #2076) - Improved 'rear dump' output to clearly distinguish array elements. The whole 'rear dump' output format was changed. Now it shows normal string variables as STRING="string of words" and arrays as a beautified/simplified 'declare -p' output as ARRAY=("first element" "second element" ... ) unless in debug mode where the plain 'declare -p' output is shown like declare -- STRING="string of words" and declare -a ARRAY=([0]="first element" [1]="second element" ... ) that is needed for complicated array elements that contain brackets. Furthermore now the 'rear dump' output can be directly sourced (issue #2014) - Error out when we cannot make a bootable EFI image of GRUB2 which is required when UEFI is used (issue 2013) - Allow non-interactive authentication with rsync by using BACKUP_RSYNC_OPTIONS to specify the "-password-file=/full/path/to/file" rsync option (issue #2011) - Add possibility for user to specify whether or not show Borg stats at the end of backup session (issue #2008) - Adaption for Fedora 29: grub2-efi-x64-modules does not contain linuxefi module (issue #2001) - Let the user optionally specify mkfs.xfs options if needed to recreate XFS filesystems with different options than before (e.g. in MIGRATION_MODE because of different replacement hardware) via the new MKFS_XFS_OPTIONS config variable (issue #2005) - Network interface renaming: Automatically map device to its new name when device is found on the system with same MAC address but different name (issue #2004) - It is no BugError when neither getty nor agetty are avaiable. Such a case it is an Error because the user must have the programs in REQUIRED_PROGS installed on his system - Fix for 'error:unrecognized number' when booting ISO on PPC: Issue is caused by incorrect, according to PAPR specification, bootinfo entity parsing code in GRUB2 (issue #1978) - Fixed that in recovery system DHCP client did not iterate through all network interfaces. It incorrectly took only the first one. If the interface that is intended for recovery was not the first one, it had failed (issue #1986) - Automatically exclude BUILD_DIR from the backup. When TMPDIR was specified to something not in /tmp, BUILD_DIR was not automatically excluded from the backup (issue #1993) - Support ISOs bigger than 4GiB with OUTPUT=ISO by including the udf kernel module into the recovery system when mkisofs or genisoimage is used (not needed for xorrisoifs) and enable creating an hybrid iso9660/udf DVD (issue #1836) - Cleaned up how KERNEL_FILE is set: Now the KERNEL_FILE variable is set in the 'prep' stage only by the new prep/GNU/Linux/400_guess_kernel.sh that replaces the old pack/GNU/Linux/400_guess_kernel.sh and all the various different 300_copy_kernel.sh scripts (except output/USB/Linux-i386/830_copy_kernel_initrd.sh) are removed because the 300_copy_kernel.sh scripts had also only set the KERNEL_FILE variable in various ways. Additionally it errors out in various output stage scripts when kernel or initrd are missing and it shows aligned error messages in those cases to the user. Finally it errors out when the file does not exist or is a broken symlink. (issues #1851 #1983 #1985) - Enhanced and more robust exclude of vfat filesystem (ESP) from SELinux relabeling during recover process (issue #1977) - Fixed NBU (NetBackup) not working since ReaR 2.4: With NetBackup, too many binaries were included, causing the recovery system verification to fail or print error messages. A new NBU_LD_LIBRARY_PATH variable is used during verification. The RequiredSharedOjects() function was fixed to not list the left part of the ldd mapping when there is a right part: Some NetBackup libraries have a mapping such as "/lib/ld64.so => /lib64/ld-linux-x86-64.so.2", causing the RequiredSharedOjects() function to print "/lib/ld64.so" which does not resolve (issue #1974) - Add /etc/ca-certificates directory to recovery system (issue #1971) - Skip 630_run_efibootmgr.sh when UEFI_BOOTLOADER is empty or not a regular file and determine the ESP mountpoint from UEFI_BOOTLOADER and use $TARGET_FS_ROOT/boot/efi as fallback plus corrected logic whether or not NOBOOTLOADER is set empty (issues #1942 #1945) - Missing libraries in recovery system caused executables to fail because libraries were skipped from copying when their library path was a substring of another already copied library, for example /path/to/lib was skipped when /other/path/to/lib was already copied (issue #1975) - Check for carriage return in local/site/rescue.conf files (issue #1965) - Specific required programs are added to REQUIRED_PROGS depending on what component keywords are used in disklayout.conf (issue #1963) - Cleanup and enhancement of REQUIRED_PROGS and PROGS checks (issue #1962) - Moved PROGS from GNU/Linux.conf to default.conf REQUIRED_PROGS (issue #892) - Record permanent mac address when device is enslaved in a bond, or else /etc/mac-addresses will record broken information (issue #1954) - For Slackware Linux: Added automatic OS vendor and version detection. Added logic to search for kernel files when the standard ELILO kernel install paths come up empty. Added legacy LILO bootloader support. - Enhanced and cleaned up 985_fix_broken_links.sh to find symlinks in the recovery system where the link target is outside of the recovery system and in such cases the missing link target gets copied into the recovery system plus more verbose error reporting to the user (issue #1638) - Fixed that the FindStorageDrivers function failed on kernels with no modules. When MODULES=( 'no_modules' ) is set FindStorageDrivers() is now skipped (issue #1941) - Increased the default USB_UEFI_PART_SIZE from 200 to 400 MiB (issue #1205) - Enhanced rescue/GNU/Linux/310_network_devices.sh for Bonding and Teaming when it is configured with LACP. Bonding should not be simplified in this case plus added code for non-simplified Teaming (issue #1926). Furthermore simplified/hardened the tests/setup1 and tests/setup2 testbeds. - In 500_clone_keyboard_mappings.sh avoid running find in the whole tree of filesystems which takes ages (issue #1906) - Let 100_include_partition_code.sh error out when the parted command is not there (issue #1933) - Suppress bash stderr messages like 'unary operator expected' or 'integer expression expected' where a particular 'test' intentionally also fails this way (issue #1931) - Show errors to the user via LogPrintError instead of only LogPrint because LogPrint outputs only in case of verbose mode (issue #1914) - Avoid dangling symlinks when copying ReaR config files into the ReaR recovery system by copying the content of the symlink target via 'cp -L' (issue #1923) - Avoid 'nullglob' pitfalls in 250_populate_efibootimg.sh and generally overhalued that script (issue #1921) - Check that CONFIG_DIR is a directory (issue #1815) - Avoid bash error messages like: "eq: unary operator expected" when using older versions of xfsprogs (issue #1915) - Added exclusion of zram devices from device mapping in default.conf. By default zram devices are not to be mapped, exactly as it is done for ramdisk and loop devices (issue #1916) - Fixed a non-working awk command in the generate_layout_dependencies() function that falsely also matched commented '#btrfsmountedsubvol' entries in disklayout.conf with an egrep command that is more in line with how it had worked before (issue #1497) - Fixed and enhanced NETFS+tar backup pipe exit code handling (issue #1913) - Moved the functionality of the recovery system setup script 67-check-by-label-cdrom.sh into the mount_url function 'iso' case plus additional enhancements there with a user dialog if things are not o.k. and removed the no longer needed 67-check-by-label-cdrom.sh (issues #1893 #1891 #326) - Fixed that on LPAR/PPC64 PowerVM the boot devices order list was incorrectly set (via 'bootlist') when having multiple 'prep' partitions. Now handling of multiple 'prep' partitions was added plus enhanced handling of multiple prep partitions and multipath (issue #1886) - Fixed and enhanced the get_disk_size and get_block_size functions so that now by default blockdev is used (if exists) to retrieve the size of the disk and its block size and compute partition start using 512 bytes blocks (this is hardcoded in the Linux kernel) to fix wrong partition information when a disk has 4K block size (issue #1884) - Print multipath device name during "rear recover" when "firendly_name" option is off (issue #1889) - Now the Error function shows some last messages of the last sourced script to the user (issues #1877 #1875) - Duplicity: Misc improvements (issues #1876 #1879 #1882) - Added code to recognize persistent LAN interface and manipulate KERNEL_CMDLINE (issue #1874) - Initial tentative support for OBDR on ppc64le (issue #1868) - Wait for systemd-udevd to avoid broken pipe error in 40-start-udev-or-load-modules.sh (issue #1832) - Aviod duplicate UUID in boot menuentry when snapper is used (issue #1871) - Added choice to confirm identical layout mapping only once plus disabling MIGRATION_MODE (issue #1857) - Verify md5sums of files in recovery system (issues #1859 #1895) - Fedora28: syslinux needs libcom32.c32 to boot from HD and missing ldlinux.c32 and libutil.c32 prevents PXE booting (issues #1861, #1866) - Add support for Slackware UEFI/USB (issues #1853, #1863) - RAWDISK output portability improvements (issue #1846) - Fixed, simplified, and enhanced GRUB2 installation on x86 and ppc64le architecture (issues #1828, #1845, #1847, #1437) Version 2.4 (June 2018) Abstract New features, bigger enhancements, and possibly backward incompatible changes: - Major rework and changed default behaviour how ReaR behaves in migration mode when partitions can or must be resized to fit on replacement disks with different size. The new default behaviour is that only the partition end value of the last partition on a disk (and therefore its partition size) may get changed if really needed but no partition start value gets changed to avoid changes of the partition alignment. The new 420_autoresize_last_partitions script implements the new behaviour and the old 400_autoresize_disks was renamed into 430_autoresize_all_partitions to still provide the old behaviour if that is explicitly requested by the user but the old behaviour may result unexpected changes of arbitrary partitions on a disk. The new config variables AUTORESIZE_PARTITIONS AUTORESIZE_EXCLUDE_PARTITIONS AUTOSHRINK_DISK_SIZE_LIMIT_PERCENTAGE AUTOINCREASE_DISK_SIZE_THRESHOLD_PERCENTAGE determine how ReaR behaves in migration mode when partitions can or must be resized. With AUTORESIZE_PARTITIONS='yes' the old behaviour is done. With AUTORESIZE_PARTITIONS='no' no partition is resized by ReaR. With the default AUTORESIZE_PARTITIONS='' at most the last active partition on each active disk gets resized but only if really needed which also depends on the settings of the other config variables above. For details see default.conf and the two 'autoresize' scripts. For some examples see https://github.com/rear/rear/pull/1733 - Network setup was completely reworked to support bonding, bridges, vlans and teaming. There is a full rewrite of the 310_network_devices.sh script generating network interfaces for use during ReaR rescue/recovery system networking setup via the 60-network-devices.sh script. It also handles corner cases/odd setups that can be found from time to time, typically when the administrator uses bonding plus bridges plus vlans as well as teaming. - Initial (limited) support for certain ARM based hardware. It should work with Raspberry Pis, most TI and Allwinner devices. There are two ARM specific BOOTLOADER variable values where 'ARM-ALLWINNER' is for Allwinner devices that will backup and restore the 2nd stage bootloader versus plain 'ARM' which is a dummy that does nothing so that on Raspberry Pi and most TI devices you need to include the first FAT partition (with the MLO or bootcode.bin) in your backup. - Simplified and enhanced TSM restore plus first draft of TSM backup. - EMC Avamar support has been added. - Duplicity backup has been seriously enhanced. - Support for TCG Opal 2-compliant self-encrypting disks and RAWDISK output. - YUM+backup adds the ability to backup and restore files to the YUM method. Details (mostly in chronological order): - Copy backup restore log into recreated system (issue #1803) - Sesam integration: add sesam bin directory to LD_LIBRARY_PATH (issue #1817) - ReaR recovery fails when the OS contains a Thin Pool/Volume (issues #1380, #1806) - Make SLES12-GA/SP0 btrfs recovery work again (issues #1796, #1813) - Verify if dm-X is a partition before adding to sysfs_paths (issue #1805) - Do not start multipathd when not needed (issue #1804) - Better way to get multiapth partion name (issue #1802) - Exclude multipath device that does not have mounted fs (issue #1801) - Do not print each files restores by TSM in main output (issue #1797) - man page BACKUP SOFTWARE INTEGRATION update (issues #1788, #1791) - In the DRLM specific function drlm_import_runtime_config() solve problem with some variables loading config from DRLM (issue #1794) - Better describe NON_FATAL_BINARIES_WITH_MISSING_LIBRARY in default.conf (issues #1792, #1693) - Introduced KEYMAPS_DEFAULT_DIRECTORY and KEYMAP variables, see the default.conf file (issues #1781, #1787) - Fix multipath partition replacement and multipath partition naming (issue #1765) - Skip LUKS encrypted disks when guessing bootloader (issue #1779) - First draft of TSM backup (issue #1348) - HP RAID code was updated as the new executable is now called as "ssacli" (issue #1760) - Exclude docker file systems from layout (issue #1749) - Added migation mode confirmation at beginning of finalize stage (issue #1758) - Show descendant processes PIDs with their commands in the log via pstree or ps as fallback (issues #1755, #1756) - Check for 'Hah!IdontNeedEFI' GUID number for a GPT BIOS boot partition (issues #1752, #1754, #1780) - Fixed invalid reported return code (always 0) upon NBU restoration failure (issue #1751) - Run exit tasks code with default bash flags and options (issues #700, #1747, #1748) - Major rework and changed default behaviour regarding AUTORESIZE_PARTITIONS (issues #102, #1731, #1733, #1746) - YUM+backup adds the ability to backup and restore files to the YUM method (issues #1464, #1740) - Add dbus user and group by default (issues #1710, #1743) - Add gsk libs to TSM_LD_LIBRARY_PATH (issue #1744) - Use 'grub2-install -no-nvram' on PowerNV system (issue #1742) - We can use chronyd as time syncing mechanism now as well (issue #1739) - Trace and fix broken symbolic links in rootfs (issues #1638, #1734) - Borg Backup can now use USB disk as well as backup storage area (issue #1730) - Initial support for ARM (issue #1662) - Improve the network parameters on the Linux Kernel command line (issue #1725) - Clean termination of descendant processes (issues #1712, #1720) - Simpler and more fail-safe SLE btrfs-example.conf files (issues #1714, #1716) - Use a fallback to get interface state using the 'carrier' status (issues #1701, #1719) - Fix duplicity backup (issue #1695) - Include Bareos plugin directory to make bareos-fd start reliably (issues #1692, #1708) - Again support GPT partition names with blanks (issues #212, #1563, #1706) - Improvements around Borg Backup (issues #1698, #1700) - Automatically add 'missing' devices to MD arrays with not enough physical devices upon restore (issue #1697) - Network setup was completely reworked to support bonding, bridges, vlans and teaming (issue #1574) - Fixed restore backup when BACKUP_INTEGRITY_CHECK=1 (issue #1685) - Support TCG Opal 2-compliant self-encrypting disks and RAWDISK output (issue #1659) - Add EMC Avamar backup (issues #1621, #1677, #1687) - Avoid falsely detected changed layout for 'rear checklayout' (issues #1657, #1658, #1673) - Simplified TSM dsmc restore and improved TSM connection test (issues #1534, #1643, #1645) - Duplicity with duply waits forever (issues #1664, #1672) - Duplicity: Add Support for NETFS URLs (issues #1554, #1665, #1668, #1669) Many minor fixes (too many to list them all - use 'git log' to view them). A big thank you to all contributors as without you it would be impossible to keep up with the development in the Linux area. We love you all... :-) Version 2.3 (December 2017) Abstract New features and bigger enhancements: - First steps towards running Relax-and-Recover unattended in general. Several user dialogs that had been implemented in ReaR via the bash builtin 'read' or the bash 'select' keyword are now implemented via the new UserInput function. The UserInput function proceeds with a default input value after a timeout so that it is now possible to let ReaR run unattended with its default behaviour. Additionally one can predefine an automated input value for each particular UserInput function call so that it is now also possible for the user to predefine what ReaR should do when running unattended. For details see the USER_INPUT_... config variables in default.conf. Currently not all user dialogs use the UserInput function so that this or that user dialog needs to be adapted when it is reported to us via our issue tracker https://github.com/rear/rear/issues In contrast when programs that are called by ReaR work interactively (e.g. third-party backup tools that show user dialogs or password prompts) the program call itself must be adapted to run unattended (if possible), see the section 'It should be possible to run ReaR unattended' in our https://github.com/rear/rear/wiki/Coding-Style Wiki article. - SSH support in the ReaR rescue/recovery system was overhauled. By default it is now secure which means the recovery system is free of SSH secrets. Individual settings can be specified via the SSH_FILES, SSH_UNPROTECTED_PRIVATE_KEYS, and SSH_ROOT_PASSWORD config variables (for details see default.conf). - Improved verification of the ReaR rescue/recovery system contents. Now during 'rear mkrescue/mkbackup' there is a verification step where 'ldd' tests for each program/binary and library in the recovery system whether or not its required binaries/libraries can be found in the recovery system. - Improved autodetection during 'rear recover' when disks on the replacement hardware seem to not match compared to what there was on the original system so that ReaR is now more fail-safe against recreating on a possibly wrong disk. Possibly backward incompatible changes: - In addition to STDERR now also STDOUT is redirected into the ReaR log file. Accordingly all output of programs that are called by ReaR is now in the log file so that the log file content is more complete and there is no longer unintended verbose information from programs on the terminal where ReaR was lauched. On the other hand this means when programs prompt via STDOUT to get some user input (e.g. a program prompts for a user confirmation under this or that circumstances) the program's STDOUT prompt is no longer visible to the user when the program was not called properly in the particular ReaR script as described in the section 'What to do with stdin, stdout, and stderr' in our https://github.com/rear/rear/wiki/Coding-Style Wiki article. We tried to fix as many program calls as possible but it is impossible (with reasonable effort / with a reasonable amount of time) to check all program calls in all ReaR scripts so that this or that unnoticed program call will need to be fixed when it is reported to us via our issue tracker https://github.com/rear/rear/issues - SSH support in the ReaR rescue/recovery system is now secure by default. There are no longer private SSH keys in the recovery system by default and a RSA key is generated from scratch when starting sshd during recovery system startup. Accordingly it does no longer work by default to use SSH in the recovery system via the SSH keys that exist on the original system. To get SSH keys included in the recovery system use the SSH_FILES and SSH_UNPROTECTED_PRIVATE_KEYS config variables (for details see default.conf). - Verification of required binaries/libraries in the ReaR rescue/recovery system. By default it is now fatal when 'ldd' reports a 'not found' library for any file in a /bin/ or /sbin/ directory in the recovery system so that now 'rear mkrescue/mkbackup' may fail where it had (blindly) worked before. In particular third-party backup tools sometimes use their libraries via unexpected ways which can cause 'false alarm' by the 'ldd' test. With the new config variable NON_FATAL_BINARIES_WITH_MISSING_LIBRARY one can specify for which files a 'not found' library should be considered as 'false alarm' (for details see default.conf). - Improved MIGRATION_MODE autodetection when the disk layout looks ambiguous. Now 'rear recover' switches by default more often into MIGRATION_MODE where manual disk layout configuration happens via several user dialogs so that by default 'rear recover' shows more often user dialogs compared to before but the intended behaviour can be enforced via the MIGRATION_MODE config variable (for details see default.conf). Details (mostly in chronological order): - Use /etc/os-release and /etc/system-release before falling back to lsb_release check in function SetOSVendorAndVersion (issues #1611, #731) - Make BACKUP_URL=iso for mkrescue and mkbackuponly no longer fatal (issue #1613) - Add ntpdate support (issue #1608) - Fix for XFS file system recreation code. In xfsprogs >= 4.7 log section sunit=0 is considered invalid (issue #1603) - Changed the macro fedora_release into fedora in the rear.spec file (issue #1192 and bz1419512) - Borg backup as back end now displays progress, when ReaR is launched in verbose mode (issue #1594) - Better MIGRATION_MODE autodetection (pull request #1593 related to issue #1271) - With the new config variable NON_FATAL_BINARIES_WITH_MISSING_LIBRARY the user can specify what programs where the 'ldd' test reports 'not found' libraries are non-fatal so that those programs in the recovery system do not lead to an Error abort of "rear mkrescue/mkbackup". This is a generic method so that the user can avoid issues in particular with third-party backup tools that soemtimes have unexpected ways to use their specific libraries like https://github.com/rear/rear/issues/1533 (for TSM) and https://github.com/rear/rear/pull/1560 (for FDR/Upstream). - Add a NSR_CLIENT_MODE to the backup method NSR (issue #1584) - Let /bin/ldd detect *.so with relative paths (issue #1560) - Add support for Bridge Interfaces(issue #1570). Usually, virtual interfaces are skipped, but for Bridges to work, we consider Bridges as physical interfaces, because the Bridge interface holds the IP address, not the physical interface attached to the Bridge. This patch enables those configurations: - Bridge over simple Ethernet - Bridge over Bond - Bridge over Vlan interface - Use UserInput in some more usual places to improve that 'rear recover' can run unattended in migration mode (issues #1573, #1399) - Error out for OUTPUT_URL=null together with OUTPUT=USB (issue #1571) - Added/updated paths for FDR/Upstream 4.0 because FDR/Upstream 4.0 includes changes to some file paths (issue #1559) - Fix copying kernel modules when module aliases are present (issue #1567) - Netbackup agents not automatically started on RHEL 7 (issue #1523) - Forbid mkrescue and mkbackuponly for iso backup scheme (issues #1547, #1548) - Only support OpenSSH 3.1 and later for SSH setup (issue #1530) - Implemented USB_DEVICE_FILESYSTEM_LABEL (issue #1535) - Split network-functions.sh into DHCP setup and general ReaR functions (issue #1517) - Avoid leaking unprotected SSH private key files onto rescue medium (issues #1512, #1513) - Improve cryptographic security and user-friendliness for LUKS volumes (issue #1493) - Improve ReaR network migration (issues #1605, #1510, #1399) - Improved encrypted password detection in 500_ssh.sh (issue #1503) - Several code improvements in the way libraries are detected and copied (issues #1521, #1502, #1494) - Allow btrfsmountedsubvol to be excluded via EXCLUDE_RECREATE (issue #1497) - Avoid recreation of non-existing btrfs subvolumes (issue #1496) - Add automatically some important kernel parameters to KERNEL_CMDLINE (issue #1495) - Cleanup and simplified default input for the UserInput function (issue #1498) - Avoid systemd log messages about multiple disk partitions with identical name that happened because ReaR used a static 'rear-noname' for originally unnamed partitions. Original gpt disk partitions may be unnamed but parted requires a name for each gpt partition. Now ReaR uses the basename of the partition device path (e.g. sda1, sda2) for originally unnamed partitions (issue #1483) - Enhanced how the ssh user is copied into the recovery system and improved detection of the ssh user (issue #1489) - Use meaningful variable for automated UserInput. Enforce calling UserInput with a UserInput ID so that automated UserInput is always possible for the user. Use and enforce uppercase letters in UserInput IDs because the resulting variable names are meant as user config variables (issue #1473) - Fix UEFI tools integration (issues #1477, #1478) - Added a new YUM backup method which will recreate the system by installing it from scratch via installing RPM packages. The YUM backup method uses the yum package manager in the same manner as the ZYPPER backup method (issue #1464) - BACKUP_PROG_OPTIONS used to be a string variable, turn it into an array (issue #1475) - Now CLONE_ALL_USERS_GROUPS always extends the CLONE_USERS and CLONE_GROUPS arrays (issues #1471, #1464) - PXE code improvements (issue #1466) - Several improvements in the multipath code to allow full migration (issues #1449, #1450) - Several improvements on the TSM code (issues #1539, #1461, #1452) - Activate btrfs filesystem creation with uuid. Recent btrfs version finally added this option (issue #1463) - By default a directories_permissions_owner_group file is created that saves permissions, owner, and group of basic directories plus symbolic link names and link targets of basic directories. Those basic directories are the currently used mountpoints (except some unwanted "noise" from all what there is mounted) plus the directories of the Filesystem Hierarchy Standard (FHS) that actually exist on the system. Additionally with the new DIRECTORIES_TO_CREATE array the user can now explicitly specify directories and symlinks that are still missing in his particular environment (issue #1459) - Fix for cryptsetup hang on cryptsetup luksOpen ... when dmsetup is not present in recovery system (issue #1458) - Enhance MOUNTPOINTS_TO_RESTORE into DIRECTORIES_TO_CREATE (issue #1455) - Several improvements for ppc64le/ppc64 arch. Systemd automatic serial console detection, lilo and yaboot improvements (issue #1446, #1442) - Introduction of UserInput in 300_map_disks.sh (issues 1399 and 1431) - Adapt /etc/motd when 'rear recover' is running to avoid the additional 'Run rear recover to restore your system' message that only makes sense as long as 'rear recover' was not ever started (issue 1433) - SLES12 with btrfs but without snapshots failed to recreate/mount btrfs FS/subvolumes during recovery (issue #1036) - Adapt chrp-boot option when xorrisofs is used. Xorrisofs use -chrp-boot-part option to generate PPC boot while mkisofs use -chrp (issue #1430) Version 2.2 (July 2017) - Let the get_disk_size() function retry several times to be more fail-safe when udev needs some time until device files appear. This introduces the new generic helper function retry_command() plus the new config variables REAR_SLEEP_DELAY and REAR_MAX_RETRIES. For details see default.conf and lib/layout-functions.sh (issue #1370) - ReaR failed to continue due incorrect check of presence of USB device (REAR-000) in /proc/mounts, despite foregoing script (060_mount_NETFS_path.sh) did mounting of this device (issue #1415) - Add missing privilege separation dir to start sshd on Debian 9 (issue #1381) - Redirect rsync verbose output to backup log (issue #1387) - Load storage controllers in rescue system in same order as on host system (issue #1384): - Copy over modules from initrd on SUSE LINUX - Prevent sorting of MODULES_LOAD array to keep the order intended - Add /yaboot to ISO_FILE when running SUSE ppc64 (issue #1414) - Add SSL cert directories so we can interact with Google Cloud Storage (issue #1402) - Modified the "unattended" into "automatic" with ISO_DEFAULT required for automated recovery tests (issue #1397) - Use the original fds when ReaR was launched (which are now saved as fd6, fd7, and fd8 for stdin, stdout, and stderr respectively) for actually intended user input and user output. To keep backward compatible behaviour all old deprecated usage of '>&8' is converted into '>/dev/null' but /dev/null usage in general should be cleaned up later (issues #887, #1395) - Added new generic UserInput and UserOutput plus LogUserOutput functions that are intended to replace current user input functionality that calls select or read directly. For the next ReaR version 2.3 it is planned to also redirect stdout into the log file in addition to stderr (issues #885, #1366, #1398, #1399) - The 'make rpm' now relies on 'make srpm' which creates the src.rpm package first. This src.rpm package can then be easily copied to another computer to rebuild a rpm package from it without needed the sources itself (or git checkout) (issue #1389) - Replaced some perl regexp with grep native extended regexp (issue #1376) - Introducing SECURE_BOOT_BOOTLOADER variable in default.conf. This variable should enable users booting with Secure Boot, to use whatever custom signed boot loader they like, and removes hard coded entry 'shim.efi' from the ReaR code (issue #1374) - Enhanced and cleaned up making ISO on POWER (ppc64/ppc64le). Now the backup can be stored in the ISO (via BACKUP_URL=iso...) and even multiple ISOs work on POWER now (issues #697, #1383) - Create multipath.conf only during migration (from non-multipath to multipath), and always copy /etc/multipath/bindings to the TARGET_FS_ROOT (issues #1382, #1393) Version 2.1 (June 2017) - Support for Grub2 installation with software RAID1 on Linux on POWER (ppc64/ppc64le) (issue #1369) - REBUILD_INITRAMFS variable was introduced. The new default.conf setting REBUILD_INITRAMFS="yes" rebuilds the initramfs/initrd during "rear recover" to be more on the safe side. With REBUILD_INITRAMFS="" the old behaviour can still be specified (issue #1321) - ISO_RECOVER_MODE=unattended mode (issue #1351) - required for automated ReaR testing with OUTPUT=ISO - MODULES variable supports now special values like 'all_modules', 'loaded_modules', 'no_modules' (issues #1202, #1355) - Include systemd/network to preserve "Predictable Network Interface Names" (issue #1349) - Various improvements regarding multipath (issues #1190, #1309, #1310, #1311, #1314, #1315, #1324, #1325, #1328, #1329, #1344, #1346) - Show OUTPUT variables in rear dump (issue #1337) - Added support for "grub PXE style" via PXE_CONFIG_GRUB_STYLE and PXE_TFTP_IP on non x86 platform (issue #1339) - Try 'wipefs -force' and use 'dd' as fallback to better clean up disk partitions (issue #1327) - Reorganized "finalize" scripts ordering and cleanup of the PPC bootloader installation (issue #1323) - Avoid long default wait in 'dig' when DNS servers are not set (issue #1319) - Fail-safe calculations in partitioning code (issues #1269, #1307) - Improved support on ppc/ppc64/ppc64le architectures (issues #1178, #1311, #1313, #1322) - Define hostname in both /etc/HOSTNAME and /etc/hostname in rescue image (for Arch) (issue #1316) - Rename network interface when MAC not present in udev (issue #1312) - Added support for 'nano' editor (in addition to 'vi') (issues #1298, #1306) - mmcblk disk types are now supported (issues #1301, #1302) - NETFS_RESTORE_CAPABILITIES variable was introduced to restore file capabilities in a proper way (issue #1283) - Added required libs and files for 'curl' with HTTPs by default (issues #1267, #1279) - More precise XFS file system creation during rear recover (issues #1208, #1213, #1276) - DRLM management and security improvements (issue #1252) - Improved BOOTLOADER support (issue #1242) - DRLM support for multiple backups via multiple config files (issue #1229) - FIRMWARE_FILES support to exclude firmware files in rescue image to reduce the size of image (issue #1216) - Enable SELinux in the rescue image for tar internal backup method if BACKUP_SELINUX_DISABLE=0 (issue #1215) - BOOT_OVER_SAN is now fully supported (issues #1190, #1309, #1314, #1315, #1325, #1329, #1344) - NVME disks are now fully supported (issue #1191) - Some initial basic support for new backup type ZYPPER was added (issues #1085, #1209) - Finding UEFI boot loaders on non standard places (issues #1204, #1225, #1293) - The USB UEFI partition size USB_UEFI_PART_SIZE for kernel image has been increased from 100 to 200 MB (issue #1205) - REAR_INITRD_COMPRESSION variable was introduced to specify initrd compression (e.g. 'lzma' for PPC64) (issues #1142, #1218, #1290) - New backup type BLOCKCLONE was added to backup non-Linux partitions (e.g. Windows NTFS partitions) (issues #1078, #1162, #1172, #1180) - Bareos 16.2 is now supported (issue #1169) - New USB_PARTITION_ALIGN_BLOCK_SIZE and USB_DEVICE_FILESYSTEM_PARAMS variables were added (issue #1217) - Improved the USB backup selection menu during the recovery via USB (issue #1166) - USB_SUFFIX variable was introduced to align backup on USB with backup on NFS (issues #1164, #1160, #1145) - Forbid incremental backup to work on BACKUP_URL=usb:// (issue #1146) - The USB_DEVICE_PARTED_LABEL=gpt setting is now honered while formatting the USB disk (issue #1153) Version 2.00 (January 2017) (Important Note) ReaR 2.00 introduced the 3-digits scripts instead of the 2-digits script. This means all scripts must begin with 3 digits, e.g. 010-my-script.sh instead of 10-my-script. Therefore, if you wrote your own scripts make sure to renumber these. You could also use the make validate to check this. - Bareos support: add missing directory /var/run/bareos in recovery system (issue #1148) - Forbid BACKUP_URL=usb for BACKUP_TYPE=incremental/differential (issues #1141 and #1145) - Improved and added new example configurations (issue #1068, #1058) - Modified/Improved the exit code messages of ReaR (issues #1089, #1133) - Fix documentation regarding OUTPUT_URL=null (issues #734, #1130) - Better and fail safe progress messages while tar backup restore (issue #1116) - Implement simulation mode with simulation with the workflows validate and shell (issue #1098) - Update 11-multiple-backups.adoc: Multiple backups are in general not supported for BACKUP_TYPE=incremental or BACKUP_TYPE=differential (issues #1074 and #1123) - Using RUNTIME_LOGFILE in all scripts as needed (issue #1119) - New Backup method was added - BORG (issues #1030, #1037, #1046, #1048, #1118) - Multiple backups are now possible (issues #1088, #1102, #1096) - see the documentation page https://github.com/rear/rear/blob/master/doc/user-guide/11-multiple-backups.adoc (New) - Support partitioning and formatting huge USB devices (issue #1105) - Skip remount async when systemd is used (issue #1097) - Fixed and enhanced code for multiple ISOs (issue #1081) - BACKUP_TYPE=incremental and BACKUP_TYPE=differential were updated (issues #974, #1069) - Added support for setting a UUID on XFS with enabled CRC (RHEL 7) (issue #1065) - Fix for ISO not bootable for SLES11 ppc64 with root LVM (issue #1061) - PXE booting enhancement with new style of uploading the boot files (issue #193) - Renumbering the ReaR scripts from 2-digits to 3-digits (issue #1051) - Improved boot loader detection (issue #1038) Version 1.19.0 (October 2016) - Save bootloader info from POWER architecture and rebuild initrd after migration (issues #1029, #1031) - Improved documentation and man page in general (issues #918, #930, #1004, #1007, #1008) - New SLE12-SP2-btrfs-example.conf file because since SLES12-SP2 btrfs quota setup for snapper via "snapper setup-quota" is needed (issue #999) - Simplified reboot halt poweroff and shutdown in the rescue/recovery system in case of systemd (issue #953) - If TSM parameters contain a dot, the dot is replaced by an underscore in the TSM_SYS variable names (issues #985 and #986) - Check if /dev/disk/by-label/RELAXRECOVER exist (issues #979 and #326) - Added PRE_BACKUP_SCRIPT and POST_BACKUP_SCRIPT to be able to do custom tasks in the mkbackup/mkbackuponly workflows (issue #977) - Make TMPDIR work in compliance with Unix standards (issue #969) - USE_STATIC_NETWORKING now really overrides USE_DHCLIENT (issue #964) - Make it safe against wrong btrfs subvolumes on SLES12 (issues #963, #966) - Encrypted incremental backup cannot read the tar label (issue #952) - Introduction of the NETWORKING_PREPARATION_COMMANDS variable to prepare network setup in the rescue/recovery system (issue #960) - After migration fs_uuid for root partition was not changed in ELILO config file /etc/elilo.conf (issue #956) - Clarified rear man page and default.conf file around BACKUP_URL=rsync: (issues #930 and #918) - Make "rear recover" work with default btrfs on SLES12-SP2 (issue #944) - Dropped GRUB_SUPERUSER and GRUB_RESCUE_PASSWORD to avoid that GRUB_RESCUE could change the behaviour of the GRUB2 bootloader in the currently running system in unexpected ways. With the new optional GRUB_RESCUE_USER setting GRUB_RESCUE works in compliance with the existing GRUB2 configuration (issues #938, #942) - Bail out if not enough disk space for GRUB and GRUB2 rescue image (issue #913) - Use BACKUP_PROG_COMPRESS_OPTIONS as an array so that one can use it to provide more complex values (issue #904) - Add /usr/lib/syslinux/bios to the search path for mbr.bin (issue #908) - Always load modules in /etc/modules (issue #905) - Ask user for EFI partition size on USB disk (issue #849) - Insure /etc/rear/mappings directory exists before doing a recovery (issue #861) - First steps for rescue/recovery system update support via RECOVERY_UPDATE_URL (issue #841) - NFS mount points are not recreated after a recover (issue #818) - Correcting ReaR return code handling in auto recover mode (issue #893) - Added NFSv4 support for security 'sys' only so far (issue #754) - Changed the usage of 'rpcinfo -p' a bit to have the same outcome of different Linux flavours (issue #889) - RSYNC: /boot/efi needs -relative rsync option (issue #871) - New variables added for Bareos: BAREOS_RESTORE_JOB and BAREOS_FILESET - Multipath partition not found in rhel7.2 (issue #875) - Adding support for ppc64le PowerNV (non-virtualized aka Bare-Metal) (issue #863) - First steps to support new ftpfs BACKUP_URL scheme (issue #845) - Clean up 'url_host()' (issue #856) - Fix that libaio (needed for multipath) could be missing in rescue/recovery system because libaio can be located in different directories (issue #852) - Improved the Relax-and-Recover menu for GRUB2 (issues #844, #849, #850) - Check for valid BACKUP_URL schemes (issue #842) - USB UEFI boot support (issue #831) - Mitigate the problem that btrfs subvolums are not restored by default via TSM (issue #833) - Determine EFI virtual disk size automatically (issue #816) - ebiso image size is too small if BACKUP=TSM (issue #811) - Improving the logics around ebiso usage in UEFI mode (issue #801) - Fix for wrong UUID in initrd for bootfs (issues #649 and #851) Version 1.18.0 (March 2016) - Support was added for NVME SSD type of disk devices (issue #787) - For LUKS added the password libraries (issue #679) - Script 99_sysreqs.sh was added to save the minimal system requirements necessary for cloning a system in a remote DRP data center (issue #798) - New 99_move_away_restored_files.sh to remove restored files after recover (issue #799) New array was introduced to make this - BACKUP_RESTORE_MOVE_AWAY_FILES=() - Improved 40-start-udev-or-load-modules.sh script for better udevd handling (issue #766) - Run ldconfig -X before dhclient gets started at boot time (issue #772) - Remove the "-c3" option fron rsyslogd start-up (issue #773) - Add example configuration for NetBackup Master/Media server - Added backup capabilities; getcap and setcap are used to backup and restore (issue #771) - Correct bash syntax so ReaR is compatible with bash v3 and v4 (issue #765, #767) - Added support for new backup method Novastor NovaBACKUP DC (BACKUP=NBKDC) (issue #669) - Code was improved to have network teaming support (issue #655) - Example configuration to put backup and rescue image on same ISO image, eg. DVD (issue #430) - Improved the ReaR documentation - remove the noatime mount option for cifs mount (issue #752) - Replace option 'grep -P' to 'grep -E' due to SELinux errors (issues #565, #737) - Hidding the encryption key while doing the restore in the rear.log (issue #749) - is_true function was to uniform the different ways of enable/disble variable settings (issue #625) - Added and use sysctl.conf; rescue mode should honor these settings (issue #748) - The BACKUP_PROG_COMPRESS variable was not used during incremental backup (issue #743) - prevent any other workflow in ReaR rescue mode then recover (issue #719) - Exclude Oracle ASM device directory from Rescue System (issue #721) - SaveBashFlagsAndOptions and RestoreBashFlagsAndOptions in usr/share/rear/lib/framework-functions.sh were added (issue #700) - /mnt/local became a global variable TARGET_FS_ROOT (issue #708) - Copy rear.log from recovery into /var/log/rear/recovery/ directory after a 'rear recover' (issue #706) - wipefs will be used when available (issue #649) - SAN related improvements with btrfs (issue #695) - Support for shim.efi (UEFI booting) added (issue #702) - Added support for elilo (used by SLES 11/12) (issue #583, #691, #692, #693) - Added the -debugscripts command line option (help-workflow) (issue #688) - Removed dosfslabel as required program for vfat UEFI boot partition (issue #694) - Bareos team added BAREOS_FILESET and ISO_DEFAULT to default.conf (for automated DR tests executed by Bareos team; issues #686, #719) - Fix getty/agetty with upstart (issue #685) - New SLE11-SLE12-SAP-HANA-UEFI-example.conf (issue #683) - usr/share/rear/conf/examples/SLE12-SP1-btrfs-example.conf added as an example configuration file - Added support for the SUSE specific gpt_sync_mbr partitioning scheme (issue #544) - Improved btrfs snapshot support with SLES 12 (issue #556) - Unload scsi_debug driver in recovery mode for RHEL 7.1 (issue #626) - Saved the current mount points and permissions; in order to improve and avoid missing mount points after recovery (issue #619) - NSR servername not defined causing ReaR to hang (issue #637) - Removed mingetty as a required package (issue #661) - Adding -scrollprompt=no to dsmc query in script verify/TSM/default/40_verify_tsm.sh (issue #667) - Fixed a bug around USB_DEVICE and OUTPUT_URL mis-match (issue #579) - grub support for ppc64 (issue #673) - grub2 supported was added for ppc64 (issue #672) - ppc64le support was added into the rear.spec (issue #665) - Network code partially rewritten to improve teaming (issue #662) - Changed default value of USE_CFG2HTML from 1 to empty (means do not run cfg2html by default) (issue #643) - Move the 50_selinux_autorelabel.sh script to the default location so it gets picked up by all backup methods. This was required for RHEL 7 (issue #650) - Check via NSR if the ISO image is not obsolete (issue #653) - Added ebiso support within ReaR (required for UEFI booting with SLES 11 & 12 (issue #657) - FDR/Upstream (BACKUP=FDRUPSTREAM) (New) (issue #659) Version 1.17.2 (August 2015) - Several fixed required to the Debian packaging rules needed so it builds correctly on OBS - Fixed the NTP startup script (issue #641) - Fixed the vfat label issue (issue #647) - Improved the DUPLICITY method with finding all required libraries and python scripts - Added the /run directory to the list of recreating missing directories (issue #619) - Fix issue with USB disk and rsync as internal backup program (issue #645) - Fix rsync restore: -anchored invalid rsync option (issue #642) - A new variable was introduced NSR_POOLNAME (issue #640) - Replaced almost all temporary files from /tmp/ to $TMP_DIR/ (issue #607) Related to security recommendations for Fedora and RHEL: - https://bugzilla.redhat.com/show_bug.cgi?id=1239009 (f22) - https://bugzilla.redhat.com/show_bug.cgi?id=1238843 (rhel 7.2) - Move nfs-client from depends to recommends in Debian control file (issue #633) - In packaging/rpm/rear.spec replaced "BuildArch: noarch" with "ExclusiveArch: %ix86 x86_64 ppc ppc64" that should tell the user that ReaR is known to work only on %ix86 x86_64 ppc ppc64 and removed "Requires: yaboot" for ppc ppc64 because that is the default installed bootloader on ppc ppc64 (issues #629 and #631) - Support the Oracle Linux 6 ksplice module (issue #605) - In script 27_hpraid_layout.sh added the missing HPSSACLI_BIN_INSTALLATION_DIR variable to the COPY_AS_IS array (issue #630) - Modified the packaging Makefile and rules for debian to fix the failing OBS Debian builds (issue #604) - Syslinux version > 5.00 is now supported (ISO and USB output) - works on Debian 8, Ubuntu 15.04 (issue #624) - Bail out when syslinux/modules are not found in lib/bootloader-functions.sh (issues #467 and #596) You could also define a variable SYSLINUX_MODULES_DIR if ReaR cannot find it automatically (should not be necessary) - Support was added for SLES11 on PPC64 hardware (issues #616 and #628) - Support was added for new hardware - PPC64LE - RHEL and Ubuntu (issue #627) - FIX the hashed password (SSH_ROOT_PASSWORD variable) and added a missing library libfreeblpriv3 (issue #560) - Insert a 3 seconds sleep after a volume group restauration to give udevd or systemd-udevd time to create needed devices (issue #608 and #617) - Variable MANUAL_INCLUDE=YES has been introduced to work with array BACKUP_PROG_INCLUDE (issue #597) - Add new variable NSR_DEFAULT_POOL_NAME (defaulting to Default) to use a different default pool name. Renamed the RETENTION_TIME variable to NSR_RETENTION_TIME (issue #640) - ReaR website shows the user guide which is part of the ReaR software (linked to GitHub) - new document 10-integrating-external-backup.adoc which explains the steps to take for a new backup integration into ReaR - All AsciiDoc documentation changed extention from .txt to .adoc Version 1.17.1 (June 2015) - Removed the plain password in the logs (and output) coming from BACKUP_PROG_CRYPT_KEY to avoid crib (issue #568) - Mount vfat file system without special mount options seems to work much better then with these options in recovery mode, therefore, we do not use these anymore (especially for /boot/efi) (issue #576) - Elilo support has been added for SLES (not fully tested yet) - issue #583 - Grub2 rescue menu has been added (enable this feature with GRUB_RESCUE=y) - issue #589 - splitted script 31_include_uefi_tools.sh in two pieces: 31_include_uefi_tools.sh: to grab the UEFI tools (as long as /boot/efi is mounted), and 32_include_uefi_env.sh: to dig deeper into the configuration when UEFI is active (related to issue #214) This is necessary to have to UEFI tools on SLES 11/12 where we cannot create an UEFI bootable ISO image. We must boot in BIOS mode, and need the UEFI tools to make the system bootable over UEFI. - It is now possible to format an USB disk with a vfat and ext3 partition (for UEFI booting) - issue #593 rear -v format -- --efi /dev/ - Simplified the code for ext* fs and added StopIfError calls to prevent divide by zero during recovery (issue #598) - Syslinux version >6 requires some special handling due to splitting up the package (Ubuntu 15.04) (issue #584) - Debian 8 support added with ISO booting with latest syslinux release as well (issues #596, #599 and #600) - Changed the behavior of SSH_ROOT_PASSWORD - now saved as MD5 hash password, but backwards compatibility is still respected (issue #560) - For EMC NetWorker server/client we added some exclude items to COPY_AS_IS_EXCLUDE_NSR (issue #571) - Removed the Warning message from main usr/sbin/rear script as it was misleading (issues #563 and #564) - output/ISO/Linux-i386/80_create_isofs.sh: make sure ISO_FILES[@] are copied to isofs directory (issue #569) System and Software Requirements Relax-and-Recover works on GNU/Linux kernel with version 2.6 and higher. For lower kernel versions Relax-and-Recover cannot be used, and for these systems, mkcdrec http://mkcdrec.sourceforge.net/ is still a good alternative. As Relax-and-Recover has been solely written in the bash language we need the bash shell which is standard available on all GNU/Linux based systems. The default backup program Relax-and-Recover uses is GNU/tar which is also standard available. Relax-and-Recover is known to work well on x86, x86_64 and ppc64(le) based architectures. Relax-and-Recover has also been ported to ia64 and arm architectures, but these are less tested. Use the 'rear validate' command after every successful DR test please and mail us the results. Choosing the best compression algorithm The default backup program with Relax-and-Recover is (BACKUP_PROG=tar) GNU tar and the default compression used with tar is gzip. However, is using gzip the best choice? We have done some tests and published the results. See Relax-and-Recover compression tests http://www.it3.be/2013/09/16/NETFS-compression-tests/ Support Relax-and-Recover (ReaR) is an Open Source project under GPL v3 license which means it is free to use and modify. However, the creators of ReaR have spend many, many hours in development and support. We will only give free of charge support in our free time (and when work/home balance allows it). That does not mean we let our user basis in the cold as we do deliver support as a service (not free of charge). Supported and Unsupported Operating Systems We try to keep our wiki page Test Matrix ReaR 2.7 https://github.com/rear/rear/wiki/Test-Matrix-ReaR-2.7 up-to-date with feedback we receive from the community. ReaR 2.7 is supported on the following Linux based operating systems: - Fedora 29, 30, 31, 32, 33, and 34 - RHEL 6, 7, 8, and 9 - CentOS 6, 7, and 8 - Scientific Linux 6 and 7 - SLES 12 and 15 - openSUSE Leap 15.x - Debian 8, and 9 - Ubuntu 16, 17, and 18 ReaR 2.7 dropped official support for the following Linux based operating systems: - Fedora < 29 - RHEL < 6 - CentOS < 6 - Scientific Linux < 6 - SLES < 12 - openSUSE Leap 42.x and before (i.e. openSUSE <= 13) - openSUSE Tumbleweed - Debian < 8 - Ubuntu < 16 Usually ReaR 2.7 should also work on newer versions of the above listed supported Linux based operating systems but sometimes arbitrary failures can happen when software that is used by ReaR (like partitioning tools, filesystem tools, bootloader tools, ISO image creating tools, networking tools, and so on) changes in not fully backward compatible ways or when there are innovations of the basic system (like kernel, storage, bootloader, init, networking, and so on) that are not yet supported by ReaR. In theory ReaR 2.7 should work on openSUSE Tumbleweed but in practice arbitrary failures could happen at any time because the Tumbleweed distribution is a pure rolling release version of openSUSE containing the latest stable versions of all software (cf. https://en.opensuse.org/Portal:Tumbleweed) so arbitrary changes of any software are possible at any time that could arbitrarily break how ReaR works. ReaR 2.7 may still work for SLES 11 and openSUSE Leap 42.x or even earlier openSUSE versions but it is no longer sufficiently well tested there so arbitrary regressions could appear. For example recreating LUKS encrypted volumes does no longer work with SLES11 SP4 because cryptsetup 1.1.3 in SLES11 SP4 does not support UUID and some other cryptsetup options that are used by default in ReaR 2.7. ReaR 2.7 and earlier versions are known to no longer work reasonably well for the following Linux based operating systems: - RHEL 5 (and probably also CentOS 5): See issue #1766 - SLES 9 and 10: See issue #1842 If you require support for unsupported Linux operating systems you must acquire a ReaR support contract. Requests to port ReaR to another operating system (not Linux) can only be achieved with serious sponsoring. Supported and Unsupported Architectures ReaR 2.7 is supported on: - Intel x86 type of processors - AMD x86 type of processors - PPC64 processors - PPC64LE processors ReaR 2.7 may or may not work on: - Intel Itanium processors - ARM type of processors - IBM Z "s390x" type of processors ReaR 2.7 does not support: - old PPC (32bit) processors If you feel the need to get a fully functional ReaR working on one of the above mentioned types of processors please buy consultancy from one of our official developers. Supported ReaR versions ReaR has a long history (since 2006) and we cannot support all released versions. If you have a problem we urge you to install the latest stable ReaR version or the development version (available on GitHub) before submitting an issue. We understand that it is not always possible to install on hundreds of systems the latest version so we are willing to support previous versions of ReaR when you buy a support contract. We cannot handle the big amount of support requests anymore on a voluntary base and we must give paid projects priority, therefore, we urge our customers to buy a support contract for one or more systems. You buy time with our core developers. Known Problems and Workarounds Issue Description: 'rear' package on Ubuntu 14.04 depends on isolinux package (which does not exist) - Workaround: Read the comments in https://github.com/rear/rear/issues/1403 Issue Description: tar -test-label is not supported on Centos 5 who have tar version 1.15 - Workaround: Read the comments in https://github.com/rear/rear/issues/1014 Issue Description: BACKUP=NSR on RHEL 6 could break yum https://github.com/rear/rear/issues/387 describes a problem seen on RHEL 6 where when rear uses NSR and afterwards the link /lib64/libexpat.so.1 has been changed. - Workaround: So far there is no workaround for this issue. Issue Description: usage of an alternative configuration directory is different in mkbackup or recover mode Using rear -v -c /etc/rear/mydir mkbackup works fine in production, but when you try (once booted from rescue image) rear -v -c /etc/rear/mydir recover it will fail. - Workaround: The configuration files are copied to /etc/rear/ into the rescue image, so you need to type: rear -v recover See issue #512 Issue Description: Is there a possibility to add btrfs subvolume to a rsync backup - Workaround: At present (release 1.18) there is no workaround in place. If you happen to know how this could be fixed then add your ideas to https://github.com/rear/rear/issues/417 Issue Description: UEFI ISO booting does not work on openSUSE 12.x, or SLES 11/12 - Workaround: At present (release 1.18.x and higher) genisoimage cannot produce ISO images that can boot via UEFI on an openSUSE distribution (and also SLES). However, use the ebiso package http://download.opensuse.org/repositories/Archiving:/Backup:/Rear/SLE_11_SP3/x86_64/ebiso-0.2.3-1.x86_64.rpm instead to create UEFI ISO images on SLES. Issue Description: System reconfiguration still has some weaknesses. - this has to be tested before relying on it, there are too many unknowns involved so that we cannot guarantee anything in this area. It has been developed mostly as a P2V tool to migrate HP servers to VMware Vms - hard disks need to be at least of the same size and amount as in the original system, ATM this is a simple 1:1 mapping of old to new disks, there is no removal of RAID groups or merging of smaller disks onto a bigger one or making stuff smaller. - any use of /dev/disk/by-path or /dev/disk/by-id is untested and will most likely not work. In some cases Relax-and-Recover will print a warning, but we are not able to detect all cases. Typically this leads to unbootable systems or bad /etc/fstab files Issue Description: If SELinux is not disabled during backup (variable BACKUP_SELINUX_DISABLE= in /etc/rear/local.conf) then we might see errors in the rear-$(hostname).log file such as: tar: var/cache/yum/i386/15/updates/packages: Cannot setfilecon: No such file or directory - Workaround: Make sure the BACKUP_URL destination understands extended attributes (CIFS is out of the question and NFS is problematic). When using local disks (or external USB devices) make sure the proper mount options are given in the BACKUP_OPTIONS variable, e.g.: BACKUP_OPTIONS="rw,relatime,seclabel,user_xattr,acl,barrier=1,data=ordered" (TIP) BACKUP_SELINUX_DISABLE=1 variable has been introduced in the /usr/share/rear/conf/default.conf file to disable SELinux while the backup is running (default setting). Issue Description: ERROR: FindStorageDrivers called but STORAGE_DRIVERS is empty Above error message might be seen after a fresh installation of the GNU/Linux kernel. ReaR got confused between the running kernel version number and the actual fresh kernel available. - Workaround: Reboot your server before using ReaR again, which is a good practice anyway after upgrading the GNU/Linux kernel.