Skip

Backing up an open disk image?
December 24, 2013 5:26 AM   Subscribe

Based on your answers to my prior question, I keep sensitive files on my Mac in an encrypted disk image. I back up my Mac to Time Machine, plus a local external Superduper! clone, and to Crashplan. How do I ensure those backups accurately record the disk image--do I have to eject the disk image or will the backups copy the open (mounted) disk?

It's no problem to close out the open files on the disk image and then eject--but I'd like to know whether that's something I need to do so it can be part of my routine. I.e., I leave the machine running overnight to backup to Crashplan, and I don't always unmount the disk image when I do that.
posted by Admiral Haddock to Computers & Internet (4 answers total) 7 users marked this as a favorite
 
While a disk image is mounted, a copy (or backup) of it will be in a slightly inconsistent state. It's a journaled filesystem, so the backup won't be completely broken. When you try to mount the backed up disk image, it will automatically do a minor kind of repair called a "journal replay", and then it should mount just fine. But you may not see changes made very recently, say the last few seconds to couple minutes.

If you want, you can run the 'sync' command at the command-line before a backup occurs, and that will force all pending changes to be written to disk. You'll still have a slightly inconsistent disk image, but it will include all changes before the sync.
posted by vasi at 6:53 AM on December 24, 2013


You'll still have a slightly inconsistent disk image, but it will include all changes before the sync.

I don't believe that's true. Right after the sync the disk image file will indeed have all in-flight data written to it, but anything written to it between the time it starts getting copied out to the backup drive(s) and the time that operation finishes can cause internal inconsistencies in the backed-up copy.

When I'm backing up virtual-machine disk images on the school Linux server, I always stop all the VMs to make sure all the files inside each disk image are closed and synced, then take an LVM snapshot of the host volumes where the disk images reside, then start up all the VMs again, then back up from the LVM snapshot.

Turning off the virtual machines in my scenario is logically equivalent to ejecting the encrypted image in yours. I'm not sure whether OS X has any facility comparable to LVM snapshots. If it doesn't, you'd need to leave the encrypted image unmounted for the duration of any backup run to ensure the backup copy is internally consistent.
posted by flabdablet at 10:34 AM on December 24, 2013 [1 favorite]


flabdablet: "I don't believe that's true. Right after the sync the disk image file will indeed have all in-flight data written to it, but anything written to it between the time it starts getting copied out to the backup drive(s) and the time that operation finishes can cause internal inconsistencies in the backed-up copy.

Oops, that's correct. Unfortunately, OS X doesn't have volume snapshots—and even if it did, disk images are more like loop-mounted files than like LVM partitions.

It's still not very likely to cause serious corruption, especially if backups happen at a time that you're not currently modifying files on your mounted disk image. But I'd be a bit more cautious, and eject before backups.

Anyhow, it doesn't make a lot of sense to leave an encrypted disk image mounted all the time. That leaves the decrypted data in plain sight for anyone who gains access to your computer. You should probably unmount your disk image as soon as you're done with it.
posted by vasi at 11:42 AM on December 24, 2013


disk images are more like loop-mounted files than like LVM partitions

In the school server scenario I'm talking about, the disk devices for all the virtual machines are actually .qcow2 image files; the virtual machines don't themselves use LVM. That means there's a good functional parallel between the way I'm using my .qcow2 files and the way the OP is using his encrypted .dmg.

The only reason I've set up the host machine with LVM is so that I can snapshot all its filesystems before backing it up, which I do mainly so that I only have to take the VMs down for long enough to create the snapshots (seconds) instead of long enough to complete a backup pass (hours).

Anyhow, it doesn't make a lot of sense to leave an encrypted disk image mounted all the time. That leaves the decrypted data in plain sight for anyone who gains access to your computer. You should probably unmount your disk image as soon as you're done with it.

Agree completely.
posted by flabdablet at 11:11 PM on December 24, 2013


« Older Despite no one wanting to go t...   |  There are plenty for pet hair.... Newer »

You are not logged in, either login or create an account to post comments



Post