How to retrieve last backup file name with qvm-backup-restore --verify-only?

varkya · July 16, 2021, 10:35am

I’ll have an automatic backup script, that verifies every backup directly afterwards:

qvm-backup-restore --verify-only "$BACKUP_LOCATION/qubes-backup-xxx"

The issue is finding out the date of the recent file name qubes-backup-<date> . Currently I do this:

qvm-run --pass-io $DEST_VM "ls -1t "$BACKUP_LOCATION/" | head -1"

According to the docs, --pass-io is unsafe, as copying something to dom0.

A different attempt has been to parse standard out. qvm-backup -v outputs a timestamp in -v/verbose mode that looks like:

<date time> [MainProcess selector_events.__init__:65] ..."

, which I hoped to be the source for the qubes-backup-xxx file name. Unfortunately, the two are different in 1-2 seconds from time to time.

So how might I i retrieve the last qubes backup file name in dom0 safely?

adw · July 16, 2021, 9:06pm

I recommend approaching it from the opposite direction:

Create backup.
Rename backup.
Verify backup.

Now it’s trivial to specify the filename of the backup in step 3, because you chose the filename in step 2.

As for how to rename it reliably in step 2, one simple way is to make sure $BACKUP_LOCATION doesn’t have any other Qubes backups in it (could be a new temp dir), then simply do:

mv $BACKUP_LOCATION/qubes-backup-* $BACKUP_LOCATION/$YOUR_NAME

unman · July 17, 2021, 9:36am

That isn’t what it says.
It says that using --pass-io to copy files to dom0 is unsafe. (Even
there, I think the warning goes too far, but it’s of long standing.)
Your technique is fine (provided you always verify before starting the
next backup, and this is enforced in some way.)

varkya · July 17, 2021, 11:56am

@adw thank you, this seems to be a good alternative.

@unman Interesting. Just out of curiosity: Wouldn’t this allow an exploit in dom0 terminal, which parses output from potential malicious remote ls command or filesystem names? Or is it rather a hypothetical concern?

For anyone interested: Here is a sample for @adw 's idea:

tmpDir="$BACKUP_LOCATION/$(date +%s%N)"
qvm-run $DEST_VM "mkdir -p "$tmpDir""
qvm-backup --dest-vm $DEST_VM "$tmpDir" $VMS
CUR_BACKUP_NAME=qubes-$(date +%FT%T)
qvm-run $DEST_VM "mv "$tmpDir/qubes-backup-"* "$BACKUP_LOCATION/$CUR_BACKUP_NAME"; rmdir "$tmpDir""

adw · July 19, 2021, 12:57am

You might need to alternate double and single quotation marks to get this to work as intended.

varkya · July 19, 2021, 11:23am

Yes, I also thought the inner doubles quotes would need an escape \".

But this surprisingly works as is.
tenor

unman · July 19, 2021, 2:02pm

@adw thank you, this seems to be a good alternative.

Yes, it could (e.g) flood the terminal with garbage.
Whether it could be exploitable in dom0 beyond that? You would be
looking for an execution bug in whatever terminal you use, simply from
displaying the output.