Ignore package: how to do it (see also, `man pacman`).
Truly no offense intended - but there simply is no way to sugar coat this: you said you were working toward an OSCP certification? Do you think that's realistic if you need to be directed to the wiki and man page for these sorts of questions?
im sorry if you're angry at me
I'm not. Have you seen my post history, I'm not known for subtlty. If there was any anger I'd either completely ignore you assuming you weren't worth the time in responding to (if I was calm and rational) or I'd be cussing you out and calling you horrible names (if less calm). Here I am attempting to just highlight points of how you can improve your odds of getting support in a tech forum, or now improving your odds of earning an IT certification.
]]>EDIT: the above was cross posted with your last post. If you have a problem with an update of pipewire, and can't troubleshoot it, restoring a backup of your full system would be ridiculous, regardless of whether the backup was from 1 month ago or 1 hour ago. Downgrade pipewire and it's associated packages. This will also help you narrow down exactly which package and which version resulted in your problem (and this information will lead to others providing better help to actually solve the underlying problem). This, in fact, should be part of your diagnostics / testing prior to even posting a thread. If something goes wrong after an upgrade, it's reasonable to suspect the upgrade as a cause, but suspecting and concluding are two very different things: test the hypothesis by downgrading to confirm the problem goes away, and then upgrading again to confirm it comes back (it's not a bad idea to repeat this more than once to minimize the chance of any other coincidence). This should be a given, especially for someone working toward a certification in any IT field.
im sorry if you're angry at me
]]>for the rollback, yes i already read this... https://wiki.archlinux.org/title/downgrading_packages
still have no clue how to rollback and ignore a package update...
]]>But to answer the direct question, that command to restore the backup should work, though you can drop the "excludes" as it is irrelevant (those directories don't exist in your backup). More relevant though is that this would rollback everything under your home directory too. If an update breaks something, you probably don't want to roll back your personal files / documents / etc, just the system files, so you'd likely want to exclude /home from such an restore operation.
However, the above point comes full circle to Slithery's question: how has an update really totally broken your system resulting in it being completely unusable and beyond repair? Perhaps some software is problematic after an update, but your priorities in this situation should be A) troubleshoot and fix the new version, B) rollback just that package if possible using your package cache, or if not in your cache, then from the cache in your backup drive, or from the archlinux archive if needed, C) rollback all packages, as in 'B' to avoid a partial downgrade for if the problematic package is impractical to downgrade on its own (similarly using the above listed cache sources), D) rollback your root filesystem to your backup, E) rollback your entire drive to your backup.
So you are asking about doing option 'E'. Exluding /home from the backup would be D which is itself alread a nuclear option (so what is E... Death-Star option?) How / why would A-C be insuffient?
EDIT: the above was cross posted with your last post. If you have a problem with an update of pipewire, and can't troubleshoot it, restoring a backup of your full system would be ridiculous, regardless of whether the backup was from 1 month ago or 1 hour ago. Downgrade pipewire and it's associated packages. This will also help you narrow down exactly which package and which version resulted in your problem (and this information will lead to others providing better help to actually solve the underlying problem). This, in fact, should be part of your diagnostics / testing prior to even posting a thread. If something goes wrong after an upgrade, it's reasonable to suspect the upgrade as a cause, but suspecting and concluding are two very different things: test the hypothesis by downgrading to confirm the problem goes away, and then upgrading again to confirm it comes back (it's not a bad idea to repeat this more than once to minimize the chance of any other coincidence). This should be a given, especially for someone working toward a certification in any IT field.
]]>also virtualbox break up often sometimes a kernel upgrade.
]]>I've been using this same Arch install for 15 years now and I've never had an update that has required me to roll-back my entire system to get back to a usable state.
]]>I've got one major confusion about the wiki's rsync entry.
https://wiki.archlinux.org/title/Rsync# … tem_backup
For a full system backup, I use the following command:
sudo rsync -aAXH --delete --info=progress2 --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found","/swapfile"} / /path/to/backup
but.. the confusion is where the wiki says:
https://wiki.archlinux.org/title/Rsync#Restore_a_backup
"If you wish to restore a backup, use the same rsync command that was executed but with the source and destination reversed. "
so if i have something broken because of an update, does this mean i can just open a terminal and execute this command to restore my backup?
sudo rsync -aAXH --delete --info=progress2 --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found","/swapfile"} /path/to/backup /
i know the backup works on a live system, but what about restoration on a live system?
]]>edit: if you can use rsync as an incremental full system backup, but encrypted, i'd like to hear how... Should be very interesting!
You may want to read into https://wiki.archlinux.org/title/Dm-crypt (in this particular case, https://wiki.archlinux.org/title/Dm-cry … ile_system).
Encrypt your block device, set up maybe a partition inside, and then create a filesystem.
For the regular backup, mount that filesystem somewhere and use rsync as usual.
This is what I do for my backups, and it allows me to keep around 2 or 3 external disks that I place in some remote locations, as off-site backups.
]]>XxTriviumxX wrote:I'm simply asking if a hacker could, let's say, hack my system more easily just because i have my backups... is that setup adding a new attack vector?
No, definitely not.
If such an attacker gets access to your machine, they'll also have access to your backups. So they could trash your backups just as readily as they could trash your main drive. But this in no way makes it easier for an attacker to get access in the first place.
there ya go! thanks!
edit: what about privilege escalating issues? are there any risks because i rsync in an internal drive? any security risks because i clonezilla my drive in an internal drive? as i said, what is very valuable to me is outsourced and very secure.
edit2: it feels like im repeating myself but, im on my way to obtain the OSCP cert and did 2 boxes that leveraged rsync. didnt found a clonezilla related box yet.
]]>I'm simply asking if a hacker could, let's say, hack my system more easily just because i have my backups... is that setup adding a new attack vector?
No, definitely not.
If such an attacker gets access to your machine, they'll also have access to your backups. So they could trash your backups just as readily as they could trash your main drive. But this in no way makes it easier for an attacker to get access in the first place.
]]>edit: if you can use rsync as an incremental full system backup, but encrypted, i'd like to hear how... Should be very interesting!
edit2: i use rsync to quickly backup before a risky update (kernel, sometimes pipewire updates creates issues, virtualbox, etc.) and use it to quickly restore my backup. Every backup is at the same directory since its faster than making a new backup from scratch
]]>