qubesadmin.backup package¶
Submodules¶
qubesadmin.backup.core2 module¶
Parser for core2 qubes.xml
- class qubesadmin.backup.core2.Core2Qubes(store=None)[source]¶
Bases:
BackupApp
Parsed qubes.xml
- import_core2_vm(element)[source]¶
Parse a single VM from given XML node
This method load only VM properties not depending on other VMs (other than template). VM connections are set later. :param element: XML node
qubesadmin.backup.core3 module¶
Parser for core3 qubes.xml
- class qubesadmin.backup.core3.Core3Qubes(store=None)[source]¶
Bases:
BackupApp
Parsed qubes.xml
- static get_property(xml_obj, prop)[source]¶
Get property of given object (XML node)
Object can be any PropertyHolder serialized to XML - in practice
BaseVM
orQubes
.
- import_core3_vm(element)[source]¶
Parse a single VM from given XML node
This method load only VM properties not depending on other VMs (other than template). VM connections are set later. :param element: XML node
qubesadmin.backup.restore module¶
Backup restore module
- exception qubesadmin.backup.restore.BackupCanceledError(msg, tmpdir=None)[source]¶
Bases:
QubesException
Exception raised when backup/restore was cancelled
- class qubesadmin.backup.restore.BackupHeader(header_data=None, version=None, encrypted=None, compressed=None, compression_filter=None, hmac_algorithm=None, crypto_algorithm=None, backup_id=None)[source]¶
Bases:
object
Structure describing backup-header file included as the first file in backup archive
- class Header(field, t, validator)¶
Bases:
tuple
- field¶
Alias for field number 0
- t¶
Alias for field number 1
- validator¶
Alias for field number 2
- known_headers = {'backup-id': ('backup_id', <class 'str'>, <function BackupHeader.<lambda>>), 'compressed': ('compressed', <class 'bool'>, <function BackupHeader.<lambda>>), 'compression-filter': ('compression_filter', <class 'str'>, <function BackupHeader.<lambda>>), 'crypto-algorithm': ('crypto_algorithm', <class 'str'>, <function BackupHeader.<lambda>>), 'encrypted': ('encrypted', <class 'bool'>, <function BackupHeader.<lambda>>), 'hmac-algorithm': ('hmac_algorithm', <class 'str'>, <function BackupHeader.<lambda>>), 'version': ('version', <class 'int'>, <function BackupHeader.<lambda>>)}¶
- class qubesadmin.backup.restore.BackupRestore(app, backup_location, backup_vm, passphrase, location_is_service=False, force_compression_filter=None, tmpdir=None)[source]¶
Bases:
object
Usage:
>>> restore_op = BackupRestore(...) >>> # adjust restore_op.options here >>> restore_info = restore_op.get_restore_info() >>> # manipulate restore_info to select VMs to restore here >>> restore_op.restore_do(restore_info)
- class Dom0ToRestore(vm, subdir=None)[source]¶
Bases:
VMToRestore
Information about dom0 home to restore
- USERNAME_MISMATCH = <object object>¶
backup was performed on system with different dom0 username
- class VMToRestore(vm)[source]¶
Bases:
object
Information about a single VM to be restored
- ALREADY_EXISTS = <object object>¶
VM with such name already exists on the host
- EXCLUDED = <object object>¶
VM excluded from restore by user
- MISSING_KERNEL = <object object>¶
Kernel used by the VM does not exists on the host
- MISSING_NETVM = <object object>¶
NetVM used by the VM does not exists on the host
- MISSING_TEMPLATE = <object object>¶
TemplateVM used by the VM does not exists on the host
- property good_to_go¶
Is the VM ready for restore?
- app¶
qubes.Qubes instance
- backup_app¶
VMs included in the backup
- backup_vm¶
VM from which backup should be retrieved
- canceled¶
is the backup operation canceled
- check_disk_space()[source]¶
Check if there is enough disk space to restore the backup.
Currently it checks only for the space in temporary directory, not the target storage pools.
- Returns:
- force_compression_filter¶
force using specific application for (de)compression, instead of the one named in the backup header
- get_restore_info()[source]¶
Get restore info
Return information about what is included in the backup. That dictionary can be adjusted to select what VM should be restore.
- static get_restore_summary(restore_info)[source]¶
Return a ASCII formatted table with restore info summary
- header_data¶
basic information about the backup
- location_is_service¶
use alternative qrexec service to retrieve backup data, instead of
qubes.Restore
with backup_location given on stdin
- new_name_for_conflicting_vm(orig_name, restore_info)[source]¶
Generate new name for conflicting VM
Add a number suffix, until the name is unique. If no unique name can be found using this strategy, return
None
- options¶
options how the backup should be restored
- passphrase¶
passphrase protecting backup integrity and optionally decryption
- processes_to_kill_on_cancel¶
list of processes (Popen objects) to kill on cancel
- class qubesadmin.backup.restore.BackupRestoreOptions[source]¶
Bases:
object
Options for restore operation
- dom0_home¶
restore dom0 home
- exclude¶
list of VM names to exclude
- ignore_size_limit¶
ignore size limit calculated from backup metadata
- ignore_username_mismatch¶
restore dom0 home even if username is different
- override_pool¶
restore VMs into selected storage pool
- verify_only¶
do not restore data, only verify backup integrity
- class qubesadmin.backup.restore.ExtractWorker3(queue, base_dir, passphrase, encrypted, progress_callback, vmproc=None, compressed=False, crypto_algorithm='aes-256-cbc', compression_filter=None, verify_only=False, handlers=None)[source]¶
Bases:
Process
Process for handling inner tar layer of backup archive
- base_dir¶
paths on the queue are relative to this dir
- blocks_backedup¶
progress
- check_processes(processes)[source]¶
Check if any process failed.
And if so, wait for other relevant processes to cleanup.
- cleanup_tar2(wait=True, terminate=False)[source]¶
Cleanup running
tar2_process
- Parameters:
wait – wait for it termination, otherwise method exit early if process is still running
terminate – terminate the process if still running
- collect_tar_output()[source]¶
Retrieve tar stderr and handle it appropriately
Log errors, process file size if requested. This use
tar2_process
.
- compressed¶
is the backup compressed?
- crypto_algorithm¶
what crypto algorithm is used for encryption?
- decompressor_process¶
decompressor subprocess.Popen instance
- decryptor_process¶
decryptor subprocess.Popen instance
- encrypted¶
is the backup encrypted?
- feed_tar2(filename, input_pipe)[source]¶
Feed data from filename to input_pipe
Start a cat process to do that (do not block this process). Cat subprocess instance will be in
tar2_feeder
- handle_dir(dirname)[source]¶
Relocate files in given director when it’s already extracted
- Parameters:
dirname – directory path to handle (relative to backup root), without trailing slash
- import_process¶
data import multiprocessing.Process instance
- passphrase¶
passphrase to decrypt/authenticate data
- progress_callback¶
callback reporting progress to UI
- queue¶
queue with files to extract
- tar2_current_file¶
current inner tar archive name
- tar2_feeder¶
cat process feeding tar2_process
- tar2_process¶
inner tar layer extraction (subprocess.Popen instance)
- verify_only¶
only verify integrity, don’t extract anything
- qubesadmin.backup.restore.get_supported_crypto_algo(crypto_algorithm=None)[source]¶
Generate a list of supported hmac algorithms
- Parameters:
crypto_algorithm – default algorithm, if given, it is placed as a first element
- qubesadmin.backup.restore.get_supported_hmac_algo(hmac_algorithm=None)[source]¶
Generate a list of supported hmac algorithms
- Parameters:
hmac_algorithm – default algorithm, if given, it is placed as a first element
- qubesadmin.backup.restore.init_supported_hmac_and_crypto()[source]¶
Collect supported hmac and crypto algorithms.
This calls openssl to list actual supported algos.
- qubesadmin.backup.restore.launch_proc_with_pty(args, stdin=None, stdout=None, stderr=None, echo=True)[source]¶
Similar to pty.fork, but handle stdin/stdout according to parameters instead of connecting to the pty
:return tuple (subprocess.Popen, pty_master)
- qubesadmin.backup.restore.launch_scrypt(action, input_name, output_name, passphrase)[source]¶
Launch ‘scrypt’ process, pass passphrase to it and return subprocess.Popen object.
- Parameters:
action – ‘enc’ or ‘dec’
input_name – input path or ‘-’ for stdin
output_name – output path or ‘-’ for stdout
passphrase – passphrase
- Returns:
subprocess.Popen object
Module contents¶
Qubes backup
- class qubesadmin.backup.BackupVM[source]¶
Bases:
object
Interface for a single VM in the backup
- backup_path¶
VM path in the backup
- features¶
VM features (key/value), aka services in core2
- property included_in_backup¶
Report whether a VM is included in the backup
- klass¶
VM class
- label¶
VM label
- name¶
VM name
- properties¶
VM properties
- size¶
size of the VM
- tags¶
VM tags
- template¶
VM template