第 10 章 数据管理

以下是 Debian 系统上可用的存档和压缩工具的预览。

以下是 Debian 系统上的可用的简单复制和备份工具的预览。

在复制文件的时候， rsync(8) 比其他工具提供了更多的特性。

	提示
	Execution of the bkup script mentioned in 第 10.2.3 节 “用于备份数据的复制脚本” with the "-gl" option under cron(8) should provide very similar functionality as Plan9's dumpfs for the static data archive.

	提示
	Version control system (VCS) tools in 表 10.11 “List of version control system tools” can function as the multi-way copy and synchronization tools.

以下是用不同的工具压缩和解压缩整个 "./source" 目录中的内容。

GNU tar(1):

$ tar -cvJf archive.tar.xz ./source
$ tar -xvJf archive.tar.xz

或者，如下所示。

$ find ./source -xdev -print0 | tar -cvJf archive.tar.xz --null -F -

cpio(1):

$ find ./source -xdev -print0 | cpio -ov --null > archive.cpio; xz archive.cpio
$ zcat archive.cpio.xz | cpio -i

如下是用不同的工具复制整个 "./source" 目录中的内容。

可移动存储设备可能是以下的任何一种。

	提示
	查看第 9.8.1 节 “Removable disk encryption with dm-crypt/LUKS”来获得关于使用设备级加密的跨平台的数据共享的信息。

FAT 文件系统被绝大多数的现代操作系统支持，它对于通过可移动硬盘进行的数据交换是非常有用的。

当格式化像装有 FAT 文件系统的跨平台数据共享的可移动设备时，以下应该是保险的选择。

当使用网络来分享数据的时候，你应该使用通用的服务。这里有一些提示。

尽管对于文件分享来说，通过网络挂载文件系统和传输文件是相当方便的，但这可能是不安全的。它们的网络连接必须通过如下所示的加强安全性。

以下是 Debian 系统上值得注意的实用备份程序套件的列表。

备份工具有各自的专用的用途。

对于运行 unstable 套件的个人 Debian 桌面系统来说，只需要保护个人数据和关键数据。我不管怎样每年都会重新安装一次系统。因此没理由去备份整个系统或者安装全功能的备份实用程序。

我使用简单的脚本来制作用于备份的压缩文件并用 GUI 界面把它烧写到 CD/DVD 里。以下是关于这个的脚本例子。

对于目录树下面的数据集，"cp -a" 命令可以实现常规备份。

For the set of large non-overwritten static data under a directory tree such as the one under the "/var/cache/apt/packages/" directory, hardlinks with "cp -al" provide an alternative to the normal backup with efficient use of the disk space.

以下是一个用于数据备份的名为 bkup 的复制脚本。它把当前目录下的所有 (non-VCS) 文件复制到父目录下的指定目录中或者远程主机上。

Here is the meaning of the trust code.

如下命令上传我的 "1DD8D791" 公钥到主流的公钥服务器 "hkp://keys.gnupg.net"。

$ gpg --keyserver hkp://keys.gnupg.net --send-keys 1DD8D791

默认良好的公钥服务器在 "~/.gnupg/gpg.conf" （旧的位置在 "~/.gnupg/options"）文件中设置，此文件包含了以下信息。

keyserver hkp://keys.gnupg.net

The following obtains unknown keys from the keyserver.

$ gpg --list-sigs --with-colons | grep '^sig.*\[User ID not found\]' |\
  cut -d ':' -f 5| sort | uniq | xargs gpg --recv-keys

Add the following to "~/.muttrc" to keep a slow GnuPG from automatically starting, while allowing it to be used by typing "S" at the index menu.

macro index S ":toggle pgp_verify_sig\n"
set pgp_verify_sig=no

The gnupg plugin let you run GnuPG transparently for files with extension ".gpg", ".asc", and ".ppg".

# aptitude install vim-scripts vim-addon-manager
$ vim-addons install gnupg

The following procedures extract differences between two source files and create unified diff files "file.patch0" or "file.patch1" depending on the file location.

$ diff -u file.old file.new > file.patch0
$ diff -u old/file new/file > file.patch1

The diff file (alternatively called patch file) is used to send a program update. The receiving party applies this update to another file by the following.

$ patch -p0 file < file.patch0
$ patch -p1 file < file.patch1

If you have three versions of a source code, you can perform 3-way-merge effectively using diff3(1) by the following.

$ diff3 -m file.mine file.old file.yours > file

Here is an oversimplified comparison of native VCS commands to provide the big picture. The typical command sequence may require options and arguments.

你可以在 "~/.gitconfig" 里面设置几个 Git 接下来需要使用的全局配置，比如说你的名字和电子邮件地址。

$ git config --global user.name "姓名"
$ git config --global user.email 电子邮件地址

如果你习惯使用 CVS 或 Subversion 命令，你也许希望设置如下几个命令别名。

$ git config --global alias.ci "commit -a"
$ git config --global alias.co checkout

你能够通过如下方式检查你的全局配置：

$ git config --global --list

参见下面内容。

即使你的上游使用不同的版本控制系统，使用 git(1) 作为本地活动的版本控制系统，仍然是一个好的主意，因为 git 可以让你在没有上游网络连接的情况下，管理你的本地源代码树拷贝。这里有一些 git(1) 使用的包和命令。

你可以把一个在 "svn+ssh://svn.example.org/project/module/trunk" 的 Subversion 仓库检出到一个本地的 Git 仓库，使用"./dest"目录，并把修改提交回 Subversion 仓库。例如：

$ git svn clone -s -rHEAD svn+ssh://svn.example.org/project dest
$ cd dest
... 进行修改
$ git commit -a
... 继续在本地用 git 工作
$ git svn dcommit

	提示
	使用 "-rHEAD" 能够避免克隆从 Subversion 仓库来的整个历史内容。

The following configuration allows commits to the CVS repository only by a member of the "src" group, and administration of CVS only by a member of the "staff" group, thus reducing the chance of shooting oneself.

# cd /var/lib; umask 002; mkdir cvs
# export CVSROOT=/srv/cvs/project
# cd $CVSROOT
# chown root:src .
# chmod 2775 .
# cvs -d $CVSROOT init
# cd CVSROOT
# chown -R root:staff .
# chmod 2775 .
# touch val-tags
# chmod 664 history val-tags
# chown root:src history val-tags

	提示
	You may restrict creation of new project by changing the owner of "$CVSROOT" directory to "root:staff" and its permission to "3775".

The default CVS repository is pointed by "$CVSROOT". The following sets up "$CVSROOT" for the local access.

$ export CVSROOT=/srv/cvs/project

Create a new local source tree location at "~/path/to/module1" by the following.

$ mkdir -p ~/path/to/module1; cd ~/path/to/module1

Populate a new local source tree under "~/path/to/module1" with files.

Import it to CVS with the following parameters.

$ cd ~/path/to/module1
$ cvs import -m "Start module1" module1 Main-branch Release-initial
$ rm -Rf . # optional

CVS does not overwrite the current repository file but replaces it with another one. Thus, write permission to the repository directory is critical. For every new module for "module1" in repository at "/srv/cvs/project", run the following to ensure this condition if needed.

# cd /srv/cvs/project
# chown -R root:src module1
# chmod -R ug+rwX   module1
# chmod    2775     module1

Here is an example of typical work flow using CVS.

Check all available modules from CVS project pointed by "$CVSROOT" by the following.

$ cvs rls
CVSROOT
module1
module2
...

Checkout "module1" to its default directory "./module1" by the following.

$ cd ~/path/to
$ cvs co module1
$ cd module1

按需修改里面的内容。

通过如下所示的命令来检查改变，其作用相当于使用 "diff -u [repository] [local]"。

$ cvs diff -u

你发现自己改坏了 "file_to_undo" 文件，而其他的文件都是好的。

Overwrite "file_to_undo" file with the clean copy from CVS by the following.

$ cvs up -C file_to_undo

Save the updated local source tree to CVS by the following.

$ cvs ci -m "Describe change"

Create and add "file_to_add" file to CVS by the following.

$ vi file_to_add
$ cvs add file_to_add
$ cvs ci -m "Added file_to_add"

Merge the latest version from CVS by the following.

$ cvs up -d

Watch out for lines starting with "C filename" which indicates conflicting changes.

Look for unmodified code in ".#filename.version".

Search for "<<<<<<<" and ">>>>>>>" in files for conflicting changes.

Edit files to fix conflicts as needed.

Add a release tag "Release-1" by the following.

$ cvs ci -m "last commit for Release-1"
$ cvs tag Release-1

Edit further.

Remove the release tag "Release-1" by the following.

$ cvs tag -d Release-1

Check in changes to CVS by the following.

$ cvs ci -m "real last commit for Release-1"

Re-add the release tag "Release-1" to updated CVS HEAD of main by the following.

$ cvs tag Release-1

Create a branch with a sticky branch tag "Release-initial-bugfixes" from the original version pointed by the tag "Release-initial" and check it out to "~/path/to/old" directory by the following.

$ cvs rtag -b -r Release-initial Release-initial-bugfixes module1
$ cd ~/path/to
$ cvs co -r Release-initial-bugfixes -d old module1
$ cd old

	提示
	Use "-D 2005-12-20" (ISO 8601 date format) instead of "-r Release-initial" to specify particular date as the branch point.

Work on this local source tree having the sticky tag "Release-initial-bugfixes" which is based on the original version.

Work on this branch by yourself … until someone else joins to this "Release-initial-bugfixes" branch.

Sync with files modified by others on this branch while creating new directories as needed by the following.

$ cvs up -d

Edit files to fix conflicts as needed.

Check in changes to CVS by the following.

$ cvs ci -m "checked into this branch"

Update the local tree by HEAD of main while removing sticky tag ("-A") and without keyword expansion ("-kk") by the following.

$ cvs up -d -kk -A

Update the local tree (content = HEAD of main) by merging from the "Release-initial-bugfixes" branch and without keyword expansion by the following.

$ cvs up -d -kk -j Release-initial-bugfixes

Fix conflicts with editor.

Check in changes to CVS by the following.

$ cvs ci -m "merged Release-initial-bugfixes"

Make archive by the following.

$ cd ..
$ mv old old-module1-bugfixes
$ tar -cvzf old-module1-bugfixes.tar.gz old-module1-bugfixes
$ rm -rf old-module1-bugfixes

	提示
	"cvs up" command can take "-d" option to create new directories and "-P" option to prune empty directories.

	提示
	You can checkout only a sub directory of "module1" by providing its name as "cvs co module1/subdir".

To get the latest files from CVS, use "tomorrow" by the following.

$ cvs ex -D tomorrow module_name

Add module alias "mx" to a CVS project (local server) by the following.

$ export CVSROOT=/srv/cvs/project
$ cvs co CVSROOT/modules
$ cd CVSROOT
$ echo "mx -a module1" >>modules
$ cvs ci -m "Now mx is an alias for module1"
$ cvs release -d .

Now, you can check out "module1" (alias: "mx") from CVS to "new" directory by the following.

$ cvs co -d new mx
$ cd new

	注意
	In order to perform above procedure, you should have appropriate file permissions.

When you checkout files from CVS, their execution permission bit is retained.

Whenever you see execution permission problems in a checked out file, e.g. "filename", change its permission in the corresponding CVS repository by the following to fix it.

# chmod ugo-x filename

subversion 软件包通常不会自动建立存储库，所以你必须手动搭建它。存储库可能的位置是在 "/srv/svn/project"。

按如下所示建立目录。

# mkdir -p        /srv/svn/project

按如下所示建立存储库数据库。

# svnadmin create /srv/svn/project

如果只是用 Apache2 服务器访问 Subversion 存储库，你只需按如下所示的使存储库只是对于 WWW 服务器是可写的。

# chown -R www-data:www-data /srv/svn/project

在 "/etc/apache2/mods-available/dav_svn.conf" 中添加 (或取消注释) 如下所示的来允许通过用户认证访问存储库。

<Location /project>
  DAV svn
  SVNPath /srv/svn/project
  AuthType Basic
  AuthName "Subversion repository"
  AuthUserFile /etc/subversion/passwd
<LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
</LimitExcept>
</Location>

用如下所示的命令创建用户认证文件。

# htpasswd2 -c /etc/subversion/passwd some-username

重启 Apache2。

通过 "http://localhost/project" 和 "http://example.com/project" URL 来访问 svn(1) 中的 Subversion 存储库(假设你的 web 服务器的 URL 为 "http://example.com/")。

The following sets up Subversion repository for the local access by a group, e.g. project.

# chmod  2775     /srv/svn/project
# chown -R root:src /srv/svn/project
# chmod -R ug+rwX   /srv/svn/project

Your new Subversion repository is group accessible at URL "file:///localhost/srv/svn/project" or "file:///srv/svn/project" from svn(1) for local users belonging to project group. You must run commands, such as svn, svnserve, svnlook, and svnadmin under "umask 002" to ensure group access.

A group accessible Subversion repository is at URL "example.com:/srv/svn/project" for SSH, you can access it from svn(1) at URL "svn+ssh://example.com:/srv/svn/project".

Many projects uses directory tree similar to the following for Subversion to compensate its lack of branches and tags.

  ----- module1
    |   |-- branches
    |   |-- tags
    |   |   |-- release-1.0
    |   |   `-- release-2.0
    |   |
    |   `-- trunk
    |       |-- file1
    |       |-- file2
    |       `-- file3
    |
    `-- module2

	提示
	You must use "svn copy …" command to mark branches and tags. This ensures Subversion to record modification history of files properly and saves storage spaces.

Create a new local source tree location at "~/path/to/module1" by the following.

$ mkdir -p ~/path/to/module1; cd ~/path/to/module1

Populate a new local source tree under "~/path/to/module1" with files.

把它导入到 Subversion 的时候带有以下的参数。

$ cd ~/path/to/module1
$ svn import file:///srv/svn/project/module1/trunk -m "Start module1"
$ svn cp file:///srv/svn/project/module1/trunk file:///srv/svn/project/module1/tags/Release-initial

或者，如下所示。

$ svn import ~/path/to/module1 file:///srv/svn/project/module1/trunk -m "Start module1"
$ svn cp file:///srv/svn/project/module1/trunk file:///srv/svn/project/module1/tags/Release-initial

	提示
	你能够用像 "http://…" 和 "svn+ssh://..." 这样格式的 URL 来替代 "file:///…" URL。

这里给出使用 Subversion 及其原生客户端的典型工作流示例。

	提示
	Client commands offered by the git-svn package may offer alternative work flow of Subversion using the git command. See 第 10.6.4 节 “用于 Subversion 仓库的 Git”.

查看如下所示的 URL "file:///srv/svn/project" 指向的 Subversion 项目上所有可用的模块。

$ svn list file:///srv/svn/project
module1
module2
...

按如下所示的签出 "module1/trunk" 到 "module1" 目录。

$ cd ~/path/to
$ svn co file:///srv/svn/project/module1/trunk module1
$ cd module1

按需修改里面的内容。

通过如下所示的命令来检查改变，其作用相当于使用 "diff -u [repository] [local]"。

$ svn diff

你发现自己改坏了 "file_to_undo" 文件，而其他的文件都是好的。

按如下所示的用 Subversion 中的干净副本来覆盖 "file_to_undo" 文件。

$ svn revert file_to_undo

按如下所示的把已经更新了的本地源目录树保存到 Subversion。

$ svn ci -m "Describe change"

按如下所示的创建 "file_to_add" 文件并把它添加到 Subversion。

$ vi file_to_add
$ svn add file_to_add
$ svn ci -m "Added file_to_add"

Merge the latest version from Subversion by the following.

$ svn up

Watch out for lines starting with "C filename" which indicates conflicting changes.

Look for unmodified code in, e.g., "filename.r6", "filename.r9", and "filename.mine".

Search for "<<<<<<<" and ">>>>>>>" in files for conflicting changes.

Edit files to fix conflicts as needed.

Add a release tag "Release-1" by the following.

$ svn ci -m "last commit for Release-1"
$ svn cp file:///srv/svn/project/module1/trunk file:///srv/svn/project/module1/tags/Release-1

Edit further.

Remove the release tag "Release-1" by the following.

$ svn rm file:///srv/svn/project/module1/tags/Release-1

Check in changes to Subversion by the following.

$ svn ci -m "real last commit for Release-1"

Re-add the release tag "Release-1" from updated Subversion HEAD of trunk by the following.

$ svn cp file:///srv/svn/project/module1/trunk file:///srv/svn/project/module1/tags/Release-1

Create a branch with a path "module1/branches/Release-initial-bugfixes" from the original version pointed by the path "module1/tags/Release-initial" and check it out to "~/path/to/old" directory by the following.

$ svn cp file:///srv/svn/project/module1/tags/Release-initial file:///srv/svn/project/module1/branches/Release-initial-bugfixes
$ cd ~/path/to
$ svn co file:///srv/svn/project/module1/branches/Release-initial-bugfixes old
$ cd old

	提示
	Use "module1/trunk@{2005-12-20}" (ISO 8601 date format) instead of "module1/tags/Release-initial" to specify particular date as the branch point.

Work on this local source tree pointing to branch "Release-initial-bugfixes" which is based on the original version.

Work on this branch by yourself … until someone else joins to this "Release-initial-bugfixes" branch.

Sync with files modified by others on this branch by the following.

$ svn up

Edit files to fix conflicts as needed.

Check in changes to Subversion by the following.

$ svn ci -m "checked into this branch"

Update the local tree with HEAD of trunk by the following.

$ svn switch file:///srv/svn/project/module1/trunk

Update the local tree (content = HEAD of trunk) by merging from the "Release-initial-bugfixes" branch by the following.

$ svn merge file:///srv/svn/project/module1/branches/Release-initial-bugfixes

Fix conflicts with editor.

Check in changes to Subversion by the following.

$ svn ci -m "merged Release-initial-bugfixes"

Make archive by the following.

$ cd ..
$ mv old old-module1-bugfixes
$ tar -cvzf old-module1-bugfixes.tar.gz old-module1-bugfixes
$ rm -rf old-module1-bugfixes

	提示
	你能够用像 "http://…" 和 "svn+ssh://..." 这样格式的 URL 来替代 "file:///…" URL。

	提示
	You can checkout only a sub directory of "module1" by providing its name as "svn co file:///srv/svn/project/module1/trunk/subdir module1/subdir", etc.