S 6.146 Data backup and restoration of Mac OS X clients

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: User, Administrator

Under Mac OS X, data can be backed up using the Time Machine service program which is part of the system. The software is available by default in a standard installation of Mac OS X. Time Machine can be easily configured by the users and the program can be used to back up entire hard drives or individual directories.

In the first step, Time Machine generates a complete copy of the information to be backed up, after that only information which has been modified since the last data back up is backed up (incremental data backup).

When backing up information using Time Machine the following points need to be considered:

• the data on the backup media is not encrypted and must therefore be protected against unauthorised access when stored,
• the backed up information is not compressed and can use more than the originally allocated storage space,
• a complete recovery of the backed up data can be time consuming,
• the data backup is automatically generated every 30 minutes after start-up of the IT system, if the service program is enabled. However, users can manually initiate a backup at any time,
• during operation, only data which are not encrypted with FileVault are backed up. A data backup of the data encrypted with FileVault using Time Machine can only be performed after the user has logged out of the system,
• in case of backup via a data network without additional system interventions, only special Network Attached Storage systems (NAS) can be used, and
• when restoring the complete system the Mac OS X installation DVD must be available and the client under Mac OS X must be started from this DVD because the recovery programs are located on the DVD.

Due to these and other limiting factors the use of Time Machine is in principle only partly recommended and depends heavily on the local conditions. When selecting a data backup software in heterogeneous environments it is recommended to use a program for data backup which supports several platforms such as Mac OS X, Windows, and Linux.

With Time Machine data backups can be stored on external data media, other Mac OS X systems or on an internal data medium from which the system was not started. To enable the use of locally connected data media for data backup they must be formatted with the file system "Mac OS Extended (Journaled)". Alternatively, it is possible to store a data backup in a shared directory on a remote system in the network. In this case, the Apple filing protocol (AFP) must be used. The SMB/CIFS protocol can be enabled on the console by means of the following command:

defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1

The variable "TMShowUnsupportedNetworkVolumes" is an unofficial means of enabling additional network logs. However, this does not guarantee fault-free operation and Apple does not provide any support for this procedure.

Time Machine can be enabled in the system settings under "Time Machine". After that, a compatible drive to store the data backup must be selected. Time Machine generates a copy of all data present on the hard drive. If data is to be excluded from the data backup, exceptions can be specified under options. If there is not enough storage space available to perform a data back up, the user is notified that he either has to delete older data backups or that older backups will be automatically deleted by the program until enough storage space is available.

The following points must be taken into account when performing a data backup:

• Time Machine can back up all system files required for start-up of the local computer. A data backup should be automatically performed at regular intervals and manually after making major changes to the configuration.
• After completion of the data backup, the associated log file /var/log/system.log should be examined to check if any errors occurred during the backup. The log file can be read using the Mac OS service program "Console". The data backup is generated by the"backupd" process so that it is possible to search for all messages with this process name. As the /var/log/system.log log file, among other things, contains confidential information it can only be read by users with administrator privileges.
• If FileVault has been enabled, the user must log out of the system before a data backup using Time Machine can be performed. If the client is locked out under Mac OS X or if it is in sleep mode, data backup is not possible.

System recovery

To recover a complete system the client must be started from the Mac OS X installation DVD because the recovery programs are located on the DVD. To do this, the button "C" must be pressed and held during the start-up procedure. After selecting the menu language, the option to perform a data restoration can be found in the service programs. After that, the data medium which contains the data backup and the hard drive to be restored have to be selected.

With Time Machine it is also possible to restore only selected files. To do this, the objects must be selected in the required version in the different windows displayed consecutively, in chronological order and copied to the destination using the "Restore" button.

Requirements placed on backup software for Mac OS X clients

If additional software is used to perform data backups of extensive installations or in cases where the availability requirements are high, then it must be ensured when selecting the backup software that it fulfils as many of the following requirements as possible:

• The file systems HFS and HFS+ used in Mac OS X must be supported by the backup and restoration processes. Other supported file systems such as FAT and NTFS can be beneficial.
• It must be possible to perform the backups automatically at specified times or at regular (but adjustable) intervals without requiring intervention (other than providing backup data media when needed).
• The backup software must support protection of the backup medium against unauthorised access using a password or, even better, using encryption. Furthermore, it should be able to save the data backed up in compressed form.
• It is beneficial if one or more selected users can be automatically informed of the results of the backup and of any eventual error messages by email (or using a similar mechanism).
• It must be possible to generate Include and Exclude lists. It should be possible to specify exactly which data should be backed up and which data should be skipped by specifying suitable Include and Exclude lists when selecting the files and directories to be backed up. It should be possible to add these lists to backup profiles, save them, and then use them for later backup jobs.
• It should be possible to store the backup on different data media such as optical data media (DVDs, CDs, ...) and on hard drives, tape drives, USB drives and network drives.
• It should be possible to select the data to be backed up based on the date it was created or its time of last modification.
• The backup software should support the generation of full data backups as well of incremental backups (change-only backups).
• The backup software should be able to automatically compare the data backed up to the original data after the backup and to automatically compare the restored data to the data stored on the backup data medium after restoring the data.
• When restoring files, it should be possible to select if the files should be restored to their original location or to another location. Likewise, it should also be possible to control the response of the software when there is already a file of the same name stored at the destination specified. In this case, it must be possible to specify if a file is always overwritten, never overwritten, only overwritten when the existing file is older than the file to be restored, or only overwritten after providing confirmation in an explicit query to the user.

Review questions:

• Are there rules and regulations on how to backup and restore data under Mac OS X?
• Are Mac OS X data backups performed using the Time Machine service program protected against unauthorised access when stored?
• Is it possible for administrators to immediately detect any errors or malfunctions during backup, for example, by means of evaluation of the log file or an automatic e-mail message?