[HowTo] make a crash-proof backup for Manjaro

Difficulty: ★★★☆☆

A few things you need to know about backups:

  • One copy does not constitute a good backup!
  • The most important to a good backup solution is an easy and fast restore!
  • Backup files should be stored on an external disk that gets connected to the system only during a backup or restore cycle so that RansomWare cannot encrypt your backup when it stumbles into your system through wine ¹
  • Alternatively, you can use a NAS directory that is protected by a password and that gets only mounted during a backup!
  • A Cold System Backup can also protect your dual/triple boot system (backing up all OSes including other Linux systems and Windows)!
  • If you encrypt your backup in the backup program itself, use an algorithmic password depending on date or just don’t forget the password!
Make a Cold System Backup
  1. Download CloneZilla live

  2. Save the ISO in /opt/

  3. Edit the /etc/grub.d/40_custom file and add at the end:

    menuentry "CloneZilla ISO" {
      # The string between " and " below is the actual name of the ISO file you just downloaded
      # and copied to the /opt directory (where optional software resides) and is the current 
      # version as of the last edit to this [HowTo].
      set ISOFile="/opt/clonezilla-live-2.7.0-10-amd64.iso"
      loopback loop ($root)$ISOFile
      linux (loop)/live/vmlinuz boot=live components config findiso=$ISOFile ip=frommedia toram=filesystem.squashfs union=overlay
      initrd (loop)/live/initrd.img
    }
    
  4. Where clonezilla-live-2.7.0-10-amd64.iso is the version you downloaded. (E.G. If you downloaded clonezilla-live-20201102-groovy-amd64.iso, use that instead! :wink:

  5. Execute update-grub .

  6. Reboot and choose CloneZilla ISO from the grub menu

  7. Follow the CloneZilla Disk to image instructions

This way:

  • You have CloneZilla installed in a fully bootable read-only environment on your local disk so you don’t have to go hunt around for your CloneZilla USB stick to boot from. :innocent:
  • The CloneZilla live environment gets loaded into RAM and the backup solution doesn’t interfere with your existing Manjaro system
  • If you ever need to do a Cold System Restore, it will be of a non-running system exactly as it was at the time of backup!
    (Remember: A backup system is all about the restore, not about the backup!) :wink:
  • You should mount an external drive (or NAS mountpoint) during the backup / restore process but have it disconnected at any other time so even if anyone would ever design a RansomWare attack for Manjaro, the disk would not be there during the attack so your backup will not be impacted.
  • Ensure big unimportant files:
    • are symlinked to a drive/partition that does not part of the Cold System Backup so that you still back up your /home 's important configuration files and data files using CloneZilla.
    • Exclude unimportant files from your data backup too (See next section).
  • Using this system you can even back up your dual/triple boot environment together with your Manjaro environment if you want to! (Yeah, that includes Windows!)
Make a data backup

On top of the Cold System Backup above you should still take a data backup every day / every couple of days because:

  • A Cold System Backup is only needed in case of your system breaking and is a one-stop shop: everything gets restored and you cannot restore individual files!

  • A Data backup can be made to only back up modified files, so is blindingly fast compared to a Cold System Backup that backs up everything all of the time whether it’s changed or not!

  • There are a lot of backup programs out there:

    Borg Backup Installation instructions

    You need to have the AUR activated in pamac

    • Install Borg:

      pamac install borg
      
    • Create your first backup:

      • If you do not want encryption, change the --encryption=repokey below to --encryption=none (where repokey is the password to your Borg repository)

      • In the below example we’ll back up to /media/backup.

      • If you want another mount point, just change that to whatever you like, just ensure it exists before you init your backup! :stuck_out_tongue_winking_eye:

      • Ensure that this mount point does not automount! (We do not want RansomWare to be able to encrypt our backups!)

      • You can change the local repository to a remote server accessible by ssh by just replacing /media/backup with user@hostname:backup

      • --stats is optional as it just creates a statistics page so if you don’t like stats for everything, you can drop that.

        # Initialise repository
        borg init --encryption=repokey /media/backup/
        # Change to home directory so we can use relative paths
        cd
        # create backup
        borg create --stats --progress --compression lzma,9 \
                    --exclude ".cache/" \
                    --exclude ".local/share/" \
                    --exclude ".config/borg/" \
                    --exclude "snap" \
                    --exclude "jimbo" \
                    --exclude "Examples" \
                    --exclude "Downloads" \
                    --exclude "Videos/*.avi" \
                    --exclude "Videos/*.mp4" \
                    --exclude "Videos/*.mkv" \
             /media/backup/{user}::{now:%Y-%m-%d} . 2>> /temp/"$USER"-bck.log
        
      • The above will create a backup of all the important files in your home directory, store them under your user name in the repository with today’s date.

      • As it uses today’s date as the unique backup identifier, the maximum amount of backups you can take is one per day!

      • If you want to go up to the nanosecond :wink: change this: {now:%Y-%m-%d} to that: {now:%Y-%m-%dT%H:%M:%S.%f}
        See the section “Full backup” below on why we exclude directories instead of including them.

  • If you want to do an efficient data backup and you’re not using Borg Backup you need to know about:

Full Backup

The very first time you take a backup, you’ll have to take a backup of all your files (for a reasonable definition of all :innocent: ) and you do that by taking your entire home directory, excluding the directories that are not critical to you!
Why use excludes instead of includes?
Well, you can easily:

  • Re-install snaps
  • Re-download anything in Downloads
  • Can always reconvert your DVD collection of Star Trek, Star Gate and Babylon 5 :wink: :grin: and even your CD collection again! (no data loss as you still have the DVDs/CD you legally bought anyway.)
  • but it would be much more work to get your subtitles back that have been painstakingly edited after being OCRed and impossible to get your Documents / Pictures / … back.

so that’s why in the Borg example above we excluded snap , Downloads , Videos/*.mkv .
and if you would now create an additional directory like “Public” in your home directory that you publish using your personal samba share, it will be automatically included in your backup without having to do anything unless you also manually exclude it!

Incremental Backup

In the case of Borg, an incremental backup does not exist, as any backup (except your very first one) is always differential, but I’ve added it here for completeness for other backup programs.
An incremental backup only backs up the files that changed since the last backup so that’s blindingly fast (for most people, yes I know about DBs) so this is what most people do:

  • First Full backup
  • keep on making incremental backups

until the day arrives they need to do a restore and then they find out they need to restore all of their backups !!!

So if your backup program only allows Full and Incremental, dump it and take another backup program because it’s all about the restore!

Differential Backup

This is the default in Borg because it’s a de-duplicating backup system and the crucial difference between an incremental and differential backup is that a differential backup backs up all files since the last full backup .
So you only have to worry about the space or time your differential backup is taking: if it starts taking up too much space or taking too much time, just make another full backup and restart the differentials.

Backup schedules

The most important question you have to ask yourself is:
How much data can I afford to lose???
A day? A week?? A month???
Well that is your x : backup every x !!!

With other backup programs, a daily differential and a weekly full backup (or a weekly differential and a monthly full, again depending on your personal x ) will be fine.
Whenever you need to restore, just restore your last full backup and then restore your last differential.

With Borg this matters less: just backup every x days and just keep an eye on the total space it takes and do a:

borg prune --stats --keep-last 10 /media/backup/

every couple of months to keep the last 10 backups and a restore will still be a one-step process. You’ll see with Borg that the difference between keeping the last 10 and 20 is not that big, so I generally keep the last 30 backups (and I back up every couple of days or after I’ve made important changes or before I leave on travel! )

How to do a restore?

Remember to test your restore before you actually need it! This forum is full of people that did take backups but could never do a restore because they encrypted the backup and forgot their password, excluded the wrong directories, did not include their ~/.config , …

So if you do something:

  • stupid , like deleting a file and deleting it from the Wastebin : just restore that file from your data backup:
# Restores entire archive and list files while processing
$ borg extract --stats --list /media/Backup/{user}::{now:%Y-%m-%d}
  • really stupid , like breaking Manjaro: Just reboot, choose CloneZilla Live in your grub environment, restore the entire system from your last Cold System Backup (and restore the latest data backup if needed).
  • extraordinarily stupid , like screw up grub itself:
    • If you used the CloneZilla Tutorial instead of this one, you can skip this step:
      • Go to another machine and download CloneZilla live from there, burn it to a USB stick,
    • Go back to your sick computer, boot from the USB stick made above, and restore the entire system from there (and restore the latest data backup if needed)
If you are using wine,

make sure you setup a separate user account with minimal privileges and use this user just for running your wine applications. That way any Windows ransomware or other malicious software can only access the contents of that user’s home directory, and not of your main user.

Never run wine as your main user (or, heaven forbid, root).

Note 1: Original link not available any more. In a nutshell: if you install wine, you’re opening up your system to Windows malware that uses the Windows API only…

39 Likes
Proper Backup Strategy
Disable Intel and only use nVidia
Backup issues KDE plasma
Does it seem safe to remove all of the following orphans?
Extra screen setup (nvidia / intel)
Change the grub and boot directory to a different device
Burning the latest ISO image to DVD doesn´t work
After the new update kde is sending anything I click to trash
After the new update kde is sending anything I click to trash
How to continue resizing partition after unexpected shut down
Disappearing Desktop, pane and other randomness
Issues with appearance--maybe gtk or qt issue
How to recover a file
Issues with appearance--maybe gtk or qt issue
Removed desktop icons return after restart
Dolphin Can't Open OpenOffice Files
How to restore a broken luks-encypted home partition after a failed partition change?
Accidently deleted everything in the /usr/share/icons directory
Filesystem for reliability (HDD)
No sound over hdmi after last update
Black screen except for mouse?
Followup: HDMI to any monitor/TV shows a blank screen, but is detected
Followup: HDMI to any monitor/TV shows a blank screen, but is detected
Sleep and hibernate not working in HP pavilion dv6
Only dummy sound after hard reset
How to migrate to an SSD without losing dual boot?
[Stable Update] 2020-11-04 - Kernels, Nvidia 455.38, LibreOffice, Plasma5, Frameworks, Apps, Gnome 3.38, Deepin
This Live System image failed to boot
How do you backup on Linux Manjaro?
[Stable-Staging-Update] 2021-01-02 - Deepin, Haskell, Kernels, Xfce 4.16, Mesa, Themes
Tutorial Content Creation Guide
[Stable Update] 2020-12-30 - Kernels, KDE, Cinnamon, LibreOffice, Python 3.9, Mesa 20.3.1
Проблемы с boot меню grub и несовместимости с grub-customizer
[Testing Update] 2021-01-02 - Linux 5.10, Themes, Deepin, Haskell, Python
[HowTo] become a Manjaro power user when you're a wizard at Windows but a N00b at Manjaro
[Testing Update] 2021-01-08 - Kernels, Plasma 5.20.5, KDE Apps 20.12.1, Nvidia 460, AMDVLK, Firefox, Pamac
[Testing Update] 2021-01-14 - Kernels, KDE Frameworks 5.78, Cinnamon, Pulseaudio, Thunderbird, Haskell
[Testing Update] 2020-01-16 - Mesa, Gnome, KODI-Addons, Gstreamer, KDE-dev
[Stable-Staging Update] 2021-01-17 - Kernels, XFCE, Plasma, PulseAudio, Pipewire, Mesa, Firefox, Thunderbird, KDE Apps
[Stable Update] 2021-01-19 - Kernels, XFCE, Plasma, PulseAudio, Pipewire, Mesa, Firefox, Thunderbird, KDE Apps
System image backup
Backup programm und hdd format
Full Disk Encryption via Timeshift
Compositor crash
All display managers fail to load and X can't start a server
[Stable Update] 2020-08-28 - Kernels, Systemd, PAM, PAMBASE, KDE-git, Deepin, Pamac, Nvidia 450.66, LibreOffice 7.0
[HowTo] bulletproof your personal effects (save your stuff!)
How can I safely restore a Borg backup to a new ssd?
[SOLVED] Clonezilla being greedy?
Making Disk Image Backups
Installed 450 nvidia driver and it’s broken
Would you recommend the *latest* KDE Plasma 20 to a new Manjaro user?
CAN'T UPDATE: Conflict between nvidia-450xx-utils and nvidia-440xx-utils
[Stable Update] 2020-09-11 - Kernels, Gnome 3.36.6, MHWD, Pamac, VirtualBox
Anyone have crashes with too many tabs open?
How to restore deleted ext4 partition (not formatted)?
[Stable Update] 2020-09-11 - Kernels, Gnome 3.36.6, MHWD, Pamac, VirtualBox
Cp and mount killed XFCE
Window-Icons don't have the same size
[Stable Update] 2020-10-01 - Kernels, Mesa, KDE-Framework, Deepin, Systemd, Pamac, Xorg-Server, Qt

Didn’t work, I got this error:

error: file `/opt/clonezilla-live-201907070-disco-amd64-iso' not found.
error: no server is specified
error: you need to load the kernel first.

Rookie error, the file I downloaded is clonezilla-live-2.6.7-28-amd64.iso, and I didn’t edit the script.

1 Like

It’s how our tutorials get better, so thank you for mentioning this.

Tutorial updated!

:innocent:

2 Likes

I got this Error
foo is not available for the ‘x86_64’ architecture.

Please open a new topic for this and describe in more detail exactly what you were doing and why.

:+1:

1 Like

@Fabby If I use

 borg init --stats --encryption=none /path/to/repo 

I get

borg: error: unrecognized arguments: --stats

BUT

 borg init --encryption=none /path/to/repo

Works fine.
Might be a typo?
:slight_smile:

1 Like

:man_facepalming:

Copy-paste error! Updating! Updated! Thank you!

:+1:

For
Make a Cold System Backup
3. Edit etc/grub.d/40_custom file and add at the end:

I needed to add a “/” before etc so that

sudo nano /etc/grub.d/40_custom

would show the contents of 40_custom.

1 Like

Great tutorial, thansk @Fabby!
:point_up_2:

Only a question:

I use the /home partition only to serve the System, and I “symlink-ed” my Documents, Videos, Pictures… folders to my ‘data’ partition.

My idea is to use Clonezilla (for example, before an update) to save only /root and /home partitions.
The ‘data’ partition will be backup with Timeshift.
In case of system disaster, I’d restore the two system partitions.

Is that possible with Clonezilla? Save an image of two partitions? Or should I make two sets of backup for the two single partitions?

— EDIT:
I answer that for myself: yes, it is possibile. :relaxed:
I found a good tutorial. I think it is not useless to link it here.
The new and definite CloneZilla tutorial

@Fabby, you should adjust the line:

to

Without extension, I got “kernel not found” error.

1 Like

I always used clonezilla to make backups of Ubuntu partitions (especially I used it to temporarily install another version and if it didn’t work I restored it with clonezilla, it also saved me from more of a headache), but when I wanted to implement it in manjaro, It really did not work as expected, although in theory the copies it makes do not present any structural problem, the conflict occurs with GRUB causing it not to start manjaro because the grub is damaged (sometimes, this can be fixed with the option of "Autoinstall GRUB "of clonezilla in expert mode generating an older version grub, but functional, but lately this option does not work for me, forcing me to install manjaro from scratch).
So for now I’m testing timeshift, the only negative is that to do the backup you need to have an ext4 partition.

@mangiarolinux Thank you for the feedback: /etc/grub.d/40_custom is now incorporated into the tutorial. :+1:

@gan Thanks for the feedback! Copy-paste error! .iso added! (again: was lost during last update)

@GEC anjaro has a customised version of grub so if you follow the tutorial, that should take care of your issue (I.E. use disk-to image and clone the empty space between MBR/GPT as well)

6 posts were split to a new topic: This Live System image failed to boot

How to clone empty space between MBR/GPT?

This is the :gem: that allows you to do this:

More specifically, take the Expert Options, and use the -j2 parameter as in below screenshot:

:+1:

I don’t appear to have that file or directory.

I’m on i3.

I do have the folllowing though, which do I need to edit ?

/boot/grub/grub.cfg
/boot/grub/grubenv
/boot/grub/x86_64-efi/grub.efi
/boot/efi/EFI/Manjaro/grubx64.efi

/etc/default/grub
/etc/default/grub.pacnew
/etc/grub.d

/usr/lib/grub
/usr/lib/linux-boot-probes/mounted/40grub
/usr/lib/linux-boot-probes/mounted/40grub2
/usr/lib/linux-boot-probes/mounted/40grub2.orig
/usr/share/bash-completion/completions/grub
/usr/share/grub
/usr/share/grub/grub-mkconfig_lib

I’m guessing it’s /etc/default/grub but would like to be sure.

Thanks. :slightly_smiling_face:

Can you provide the contents of that directory?
(Maybe your grub install is broken or too old)

Here’s the directory. Now that I’m looking at it, it must be the 40_custom file.

 _rwxr-xr-x 1 root root  8871 Nov 12 21:06 00_header
 _rwxr-xr-x 1 root root 12648 Nov 12 21:06 10_linux
 _rwxr-xr-x 1 root root 13327 Nov 12 21:06 20_linux_xen
 _rwxr-xr-x 1 root root 12118 Nov 12 21:06 30_os-prober
 _rwxr-xr-x 1 root root  1372 Nov 12 21:06 30_uefi-firmware
 _rwxr-xr-x 1 root root   214 Nov 12 21:06 40_custom
 _rwxr-xr-x 1 root root   215 Nov 12 21:06 41_custom
 _rwxr-xr-x 1 root root  1219 May 16  2020 60_memtest86+
 _rw-r--r-- 1 root root   483 Nov 12 21:06 README

The contents of 40-custom are:

#!/bin/sh
exec tail -n +3 $0
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.

I take it that 40_custom is the correct one.

I should have looked a bit further, it was late, sorry for the trouble.

Thanks. :slightly_smiling_face:

1 Like

/etc/grub.d should be a directory and not a file.
Are you sure it is a file in your case?

Edit : you found it already I see

@SLaItEr
Yes. It is a directory. It was late, I was not paying attention. Sorry.
Thanks for your reply anyway. :slightly_smiling_face::+1: