Privileges, fdisk and backing up windows xp

Over the holiday period I had some fun when the one Windows XP system in the house failed and would not boot. The reason was that the disk had a number of sectors that could not be read and had to be replaced. Anyway since all the user data is not present on the PC nothing was lost except a few hours of my time. That time did make me think that even the old Solaris installer was not that bad and that was before I had to reinstall every program, plus service pack two and the worlds supply of patches. So I have decided that I should back up the XP partition so that I don't have to go through that again.

To do this I I've installed Solaris as a dual boot and then use dd(1) to copy the XP partition onto the server. The only problem is that the cmdk(7D) driver does not seem to honour the end of partitions. So if I just dd the /dev/rdsk/c0d0p1 partition I don't just get the XP partition but also get the entire Solaris partition.

Hence I have a little script that used fdisk(1M) to get the disk geometry and then copy just the XP partition. Now the strange thing about fdisk is that it has to be run with “all” privileges. So the script is started with all and then drops any that it does not really need, ie nearly all of them. So exec_attr and prof_attr have to have the “XP Backup” profile added so that they look like this:

# egrep 'XP Backup' /etc/security/\*_attr            
/etc/security/exec_attr:XP Backup:solaris:cmd:::/usr/local/sbin/xp_backup:privs=all
/etc/security/prof_attr:XP Backup:::Back up Windows XP:help=XpBackup.html

Then just use 'usermod -P “XP Backup” cjg' so I can run this via ssh and then redirect the output into a file.

Anyway here is the script, I've tested that it works on the PC and on my work laptop which still has an XP partition:

# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or
# See the License for the specific language governing permissions
# and limitations under the License.
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
# copy the Windows partition to standard out.
# This needs to run with the "all" privilege so that fdisk can read the partion
# information. It has to read that as the disk driver does not enforce the end
# of the partitions.
# I added the XP Backup profile and then added this command to it with
# the additional priv. Here is teh entry from /etc/security/exec_attr:
# XP Backup:solaris:cmd:::/usr/local/sbin/xp_backup:privs=all
# (obviously not as a comment).
# Then there is a degree of paranoia in the script. It drops all the
# privileges that it does not need.

export PATH=/usr/bin:/usr/sbin


set - $(fdisk -W - ${device}p0 | ppriv -e -s A=basic nawk '$1 ~ "[0-9]" { x++ } $1 == 7 { print $7, $NF/$7, $NF%$7, x }')

ppriv -s L=file_dac_read,proc_exec -s EIP=proc_exec,file_dac_read $$

if (( $3 != 0 )) 
        print "Partition is not a whole number of tracks!" >&2
        exit 1


if (( bs == 0 || count == 0 ))
        print "Block size($bs) and block count($count) can be zero" >&2
        exit 1

exec ppriv -e -s EPL-file_dac_read -s I-file_dac_read dd bs=${bs}b count=$count < /dev/rdsk/${device}p${part}

Follow up: It turns out the comment obout cmdk letting you read off the end of the disk is wrong. Only when using the p0 partition can you read the whole drive (which was my mistake) if you choose the correct partition which in my case is the p1 partition it will only read to the end of the partition. However I still need to use fdisk to find the correct partition so the script remains the same.


Isn't the problem with dd(1M) backups that the partition/disk will have to be exactly the same?

What happens if the whole disk dies, and you have to get a new one, how will you perform the restore of the dd(1M) image?

Posted by UX-admin on January 09, 2008 at 02:16 AM GMT #

Yes the disk partition has to be the same size and therefore thanks to fdisk the geometry has to be identical or faked to appear identical. However I have a pile of old disks that are all identical so it is a simple case of putting the fdisk label on and then copying the image in.

I'm already feeling the urge to try this out just to be sure.

Posted by Chris Gerhard on January 09, 2008 at 02:21 AM GMT #

I had the exact same Problem with WinXP - this Sturday night the PC went belly up with a BSOD ... something i've never seen on this rock-stable 24/7 mashine. CHKDSK tried to fix something on C:, fixed the problem, rebooted -> BSOD -> repeat -> after 3 attempts i gave up on that, looks like some important file was lost ... so what now ?

Repair install. Throw in WinXP CD, select "install", now select "repair", files are copied over - reboot \*fingers crossed\* ... it boots ! XP works as if nothing happened, still 24/7 since that accident.

Posted by Arthur on January 09, 2008 at 02:58 AM GMT #

I have now successfully recovered onto one of the spare drives. Windows boots and appears to know nothing about the disk changing underneath it.

Now what would be cool would be to build an rsync protocol based backup so I only push the blocks that have changed over the wire and not everything.

Posted by Chris Gerhard on January 09, 2008 at 10:26 AM GMT #

Hopefully none of those spare disks have bad blocks, or the geometry might not match.

To do a diff or incremental backup, consider building Bacula Windows client. The server used to build nicely on Solaris, and uses mtx(1M) for Autochangers and tape libraries, which also builds nicely on Solaris.

To put icing on the cake, Bacula uses PostgreSQL as the back end, and since Solaris comes with PostgreSQL bundled, that's 50% of the work already done. Not to mention that Bacula is free/OSS software.

For the rest of us, there's always Legato NetWorker.

Posted by UX-admin on January 09, 2008 at 02:04 PM GMT #

Bad blocks won't make any difference to the geometry . Problems will only start happening when you run out of spare blocks to remap bad blocks to (obviously if you read from a bad block it will be bad but writing back to the block will cause it to auto relocate).

I really don't want to run the backup from windows as then I have to jump though the windows hoops to restore. Where as using solaris I just dd the disk image back and I can store a number of images as snapshots on ZFS.

Posted by Chris Gerhard on January 10, 2008 at 08:11 AM GMT #

Post a Comment:
Comments are closed for this entry.

This is the old blog of Chris Gerhard. It has mostly moved to


« April 2014