SYNOPSIS
duplicity [options] input_directory destination_url
duplicity [options] source_url target_directory
duplicity full [options] input_directory destination_url
duplicity incremental [options] input_directory destination_url
duplicity verify [options] source_url target_directory
duplicity collection-status [options] target_url
duplicity list-current-files [options] target_url
duplicity cleanup [options] target_url
duplicity remove-older-than time [options] target_url
duplicity remove-all-but-n-full count [options] target_url
DESCRIPTION
Duplicity incrementally backs up files and directory by encrypting tar-
format volumes with GnuPG and uploading them to a remote (or local)
file server. Currently local, ftp, ssh/scp, rsync, WebDAV, WebDAVs,
HSi and Amazon S3 backends are available. Because duplicity uses
librsync, the incremental archives are space efficient and only record
the parts of files that have changed since the last backup. Currently
duplicity supports deleted files, full unix permissions, directories,
symbolic links, fifos, etc., but not hard links.
Duplicity will read the PASSPHRASE environment variable to find the
passphrase to give to GnuPG. If this is not set, the user will be
prompted for the passphrase.
If you are backing up the root directory /, remember to --exclude
/proc, or else duplicity will probably crash on the weird stuff in
there.
EXAMPLES
Here is an example of a backup, using scp to back up /home/me to
some_dir on the other.host machine:
duplicity /home/me scp://uid@other.host/some_dir
If the above is run repeatedly, the first will be a full backup, and
subsequent ones will be incremental. To force a full backup, use the
full action:
duplicity full /home/me scp://uid@other.host/some_dir
changed since then:
duplicity verify scp://uid@other.host/some_dir /home/me
Finally, duplicity recognizes several include/exclude options. For
instance, the following will backup the root directory, but exclude
/mnt, /tmp, and /proc:
duplicity --exclude /mnt --exclude /tmp --exclude /proc /
file:///usr/local/backup
Note that in this case the destination is the local directory
/usr/local/backup. The following will backup only the /home and /etc
directories under root:
duplicity --include /home --include /etc --exclude '**' /
file:///usr/local/backup
Duplicity can also access a repository via ftp. If a user name is
given, the environment variable FTP_PASSWORD is read to determine the
password:
FTP_PASSWORD=mypassword; duplicity /local/dir
ftp://user@other.host/some_dir
ACTIONS
cleanup
Delete the extraneous duplicity files on the given backend.
Non-duplicity files, or files in complete data sets will not be
deleted. This should only be necessary after a duplicity ses-
sion fails or is aborted prematurely.
collection-status
Summarize the status of the backup repository by printing the
chains and sets found, and the number of volumes in each.
full Indicate full backup. If this is set, perform full backup even
if signatures are available.
incr If this is requested an incremental backup will be performed.
Duplicity will abort if old signatures cannot be found. The
default is to switch to full backup under these conditions.
list-current-files
Lists the files currently backed up in the archive. The infor-
mation will be extracted from the signature files, not the ar-
chive data itself. Thus the whole archive does not have to be
downloaded, but on the other hand if the archive has been
deleted or corrupted, this command may not detect it.
remove-older-than time
option is given, restrict verify to that file or directory.
duplicity will exit with a non-zero error level if any files are
different. On verbosity level 4 or higher, log a message for
each file that has changed.
OPTIONS
--allow-source-mismatch
Do not abort on attempts to use the same archive dir or remote
backend to back up different directories. duplicity will tell
you if you need this switch.
--archive-dir path
When backing up or restoring, specify the local archive direc-
tory. This option is not necessary, but if hash data is found
locally in path it will be used in preference to the remote hash
data. Use of this option does not imply that the archive data is
no longer stored in the backup destination, nor that the local
archive directory need be kept safe. The local archive directory
is a performance optimization only, and may safely be discarded
at any time.
--encrypt-key key
When backing up, encrypt to the given public key, instead of
using symmetric (traditional) encryption. Can be specified mul-
tiple times.
--exclude shell_pattern
Exclude the file or files matched by shell_pattern. If a direc-
tory is matched, then files under that directory will also be
matched. See the FILE SELECTION section for more information.
--exclude-device-files
Exclude all device files. This can be useful for security/per-
missions reasons or if rdiff-backup is not handling device files
correctly.
--exclude-filelist filename
Excludes the files listed in filename. See the FILE SELECTION
section for more information.
--exclude-filelist-stdin
Like --exclude-filelist, but the list of files will be read from
standard input. See the FILE SELECTION section for more infor-
mation.
--exclude-globbing-filelist filename
Like --exclude-filelist but each line of the filelist will be
interpreted according to the same rules as --include and
--exclude.
--exclude-other-filesystems
--full-if-older-than time
Perform a full backup if an incremental backup is requested, but
the latest full backup in the collection is older than the given
time. See the TIME FORMATS section for more information.
--force
Proceed even if data loss might result. Duplicity will let the
user know when this option is required.
--ftp-passive
Use passive (PASV) data connections. The default is to use pas-
sive, but to fallback to regular if the passive connection fails
or times out.
--ftp-regular
Use regular (PORT) data connections.
--gpg-options options
Allows you to pass options to gpg encryption. The options list
should be of the form "opt1=parm1 opt2=parm2" where the string
is quoted and the only spaces allowed are between options.
--include shell_pattern
Similar to --exclude but include matched files instead. Unlike
--exclude, this option will also match parent directories of
matched files (although not necessarily their contents). See
the FILE SELECTION section for more information.
--include-filelist filename
Like --exclude-filelist, but include the listed files instead.
See the FILE SELECTION section for more information.
--include-filelist-stdin
Like --include-filelist, but read the list of included files
from standard input.
--include-globbing-filelist filename
Like --include-filelist but each line of the filelist will be
interpreted according to the same rules as --include and
--exclude.
--include-regexp regexp
Include files matching the regular expression regexp. Only
files explicitly matched by regexp will be included by this
option. See the FILE SELECTION section for more information.
--no-encryption
Do not use GnuPG to encrypt files on remote system. Instead
just write gzipped volumes.
--no-print-statistics
--scp-command command
This option only matters when using the ssh/scp backend. The
command will be used instead of scp to send or receive files.
The default is "scp". To list and delete existing files, the
sftp command is used. See --ssh-options and --sftp-command.
--sftp-command command
This option only matters when using the ssh/scp backend. The
command will be used instead of sftp for listing and deleting
files. The default is "sftp". File transfers are done using the
scp command. See --ssh-options and --scp-command.
--sign-key key
This option can be used when backing up or restoring. When
backing up, all backup files will be signed with keyid key.
When restoring, duplicity will signal an error if any remote
file is not signed with the given keyid. key should be an 8
character hex string, like AA0E73D2.
--ssh-askpass
Tells the ssh/scp backend to use FTP_PASSWORD from the environ-
ment, or, if that is not present, to prompt the user for the
remote system password.
--ssh-options options
Allows you to pass options to the ssh/scp/sftp backend. The
options list should be of the form "opt1=parm1 opt2=parm2" where
the option string is quoted and the only spaces allowed are
between options. The option string will be passed verbatim to
both scp and sftp, whose command line syntax differs slightly:
options passed with --ssh-options should therefore be given in
the long option format described in ssh_config(5), like in this
example:
duplicity --ssh-options="-oProtocol=2 -oIdentity-
File=/my/backup/id" /home/me scp://uid@other.host/some_dir
--short-filenames
If this option is specified, the names of the files duplicity
writes will be shorter (about 30 chars) but less understandable.
This may be useful when backing up to MacOS or another OS or FS
that doesn't support long filenames.
-ttime, --restore-time time
When restoring, specify the time to restore to.
-v[0-9], --verbosity [0-9]
Specify verbosity level (0 is total silent, 3 is the default,
and 9 is noisiest).
Secondly, the -t, and --restore-time options take a time string, which
can be given in any of several formats:
1. the string "now" (refers to the current time)
2. a sequences of digits, like "123456890" (indicating the time in
seconds after the epoch)
3. A string like "2002-01-25T07:00:00+02:00" in datetime format
4. An interval, which is a number followed by one of the characters
s, m, h, D, W, M, or Y (indicating seconds, minutes, hours,
days, weeks, months, or years respectively), or a series of such
pairs. In this case the string refers to the time that preceded
the current time by the length of the interval. For instance,
"1h78m" indicates the time that was one hour and 78 minutes ago.
The calendar here is unsophisticated: a month is always 30 days,
a year is always 365 days, and a day is always 86400 seconds.
5. A date format of the form YYYY/MM/DD, YYYY-MM-DD, MM/DD/YYYY, or
MM-DD-YYYY, which indicates midnight on the day in question,
relative to the current timezone settings. For instance,
"2002/3/5", "03-05-2002", and "2002-3-05" all mean March 5th,
2002.
FILE SELECTION
duplicity accepts the same file selection options rdiff-backup does,
including --exclude, --exclude-filelist-stdin, etc.
When duplicity is run, it searches through the given source directory
and backs up all the files specified by the file selection system. The
file selection system comprises a number of file selection conditions,
which are set using one of the following command line options:
--exclude, --exclude-device-files, --exclude-filelist, --exclude-
filelist-stdin, --exclude-globbing-filelist, --exclude-regexp,
--include, --include-filelist, --include-filelist-stdin, --include-
globbing-filelist, and --include-regexp. Each file selection condition
either matches or doesn't match a given file. A given file is excluded
by the file selection system exactly when the first matching file
selection condition specifies that the file be excluded; otherwise the
file is included.
For instance,
duplicity --include /usr --exclude /usr /usr
scp://user@host/backup
is exactly the same as
duplicity /usr scp://user@host/backup
to a single character of those characters specified (ranges are accept-
able). The new special pattern, **, expands to any string of charac-
ters whether or not it contains "/". Furthermore, if the pattern
starts with "ignorecase:" (case insensitive), then this prefix will be
removed and any character in the string can be replaced with an upper-
or lowercase version of itself.
Remember that you may need to quote these characters when typing them
into a shell, so the shell does not interpret the globbing patterns
before duplicity sees them.
The --exclude pattern option matches a file iff:
1. pattern can be expanded into the file's filename, or
2. the file is inside a directory matched by the option.
Conversely, --include pattern matches a file iff:
1. pattern can be expanded into the file's filename,
2. the file is inside a directory matched by the option, or
3. the file is a directory which contains a file matched by the
option.
For example,
--exclude /usr/local
matches /usr/local, /usr/local/lib, and /usr/local/lib/netscape. It is
the same as --exclude /usr/local --exclude '/usr/local/**'.
--include /usr/local
specifies that /usr, /usr/local, /usr/local/lib, and
/usr/local/lib/netscape (but not /usr/doc) all be backed up. Thus you
don't have to worry about including parent directories to make sure
that included subdirectories have somewhere to go. Finally,
--include ignorecase:'/usr/[a-z0-9]foo/*/**.py'
would match a file like /usR/5fOO/hello/there/world.py. If it did
match anything, it would also match /usr. If there is no existing file
that the given pattern can be expanded into, the option will not match
/usr.
The --include-filelist, --exclude-filelist, --include-filelist-stdin,
and --exclude-filelist-stdin options also introduce file selection con-
ditions. They direct duplicity to read in a file, each line of which
is a file specification, and to include or exclude the matching files.
Lines are separated by newlines or nulls, depending on whether the
For example, if file "list.txt" contains the lines:
/usr/local
- /usr/local/doc
/usr/local/bin
+ /var
- /var
then "--include-filelist list.txt" would include /usr, /usr/local, and
/usr/local/bin. It would exclude /usr/local/doc,
/usr/local/doc/python, etc. It neither excludes nor includes
/usr/local/man, leaving the fate of this directory to the next specifi-
cation condition. Finally, it is undefined what happens with /var. A
single file list should not contain conflicting file specifications.
The --include-globbing-filelist and --exclude-globbing-filelist options
also specify filelists, but each line in the filelist will be inter-
preted as a globbing pattern the way --include and --exclude options
are interpreted (although "+ " and "- " prefixing is still allowed).
For instance, if the file "globbing-list.txt" contains the lines:
dir/foo
+ dir/bar
- **
Then "--include-globbing-filelist globbing-list.txt" would be exactly
the same as specifying "--include dir/foo --include dir/bar --exclude
**" on the command line.
Finally, the --include-regexp and --exclude-regexp allow files to be
included and excluded if their filenames match a python regular expres-
sion. Regular expression syntax is too complicated to explain here,
but is covered in Python's library reference. Unlike the --include and
--exclude options, the regular expression options don't match files
containing or contained in matched files. So for instance
--include '[0-9]{7}(?!foo)'
matches any files whose full pathnames contain 7 consecutive digits
which aren't followed by 'foo'. However, it wouldn't match /home even
if /home/ben/1234567 existed.
OPERATION AND DATA FORMATS
This section describes duplicity's basic operation and the format of
its data files. It should not necessary to read this section to use
duplicity.
The files used by duplicity to store backup data are tarfiles in GNU
tar format. They can be produced independently by rdiffdir(1). For
incremental backups, new files are saved normally in the tarfile. But
In order to determine which files have been deleted, and to calculate
diffs for changed files, duplicity needs to process information about
previous sessions. It stores this information in the form of tarfiles
where each entry's data contains the signature (as produced by rdiff)
of the file instead of the file's contents. These signature sets have
the extension sigtar.
Signature files are not required to restore a backup set, but without
an up-to-date signature, duplicity cannot append an incremental backup
to an existing archive.
To save bandwidth, duplicity generates full signature sets and incre-
mental signature sets. A full signature set is generated for each full
backup, and an incremental one for each incremental backup. These
start with duplicity-full-signatures and duplicity-new-signatures
respectively. If --archive-dir is used, these signatures will be
stored both locally and remotely. The remote signatures will be
encrypted if encryption is enabled. The local signatures will not be
encrypted
ENVIRONMENT VARIABLES
TMPDIR, TEMP, TMP
In decreasing order of importance, specifies the directory to
use for temporary files (inherited from Python's tempfile mod-
ule).
BUGS
Hard links currently unsupported (they will be treated as non-linked
regular files).
Bad signatures will be treated as empty instead of logging appropriate
error message.
AUTHOR
Original Author - Ben Escoto <bescoto@stanford.edu>
Current Maintainer - Kenneth Loafman <kenneth@loafman.com>
SEE ALSO
rdiffdir(1), python(1), rdiff(1), rdiff-backup(1).
Version 0.4.8 December 2007 RDIFFDIR(1)
Man(1) output converted with
man2html