# Fun with Tar and Tape Drives [SOLVED]

## bobber205

We recently had a server crash. Fortunately we had a tape that was backed up with all of our files.

/etc /var /home /root e

and all the others were backed onto the drive

How do we get all this data into a folder called /tapedrive files?

```

# tar -xf /dev/st0

# tar -tf /dev/st0

# tar -cf /dev/st0 <files,directories>
```

That's what we ran but with no files or directories specified. All that was expanded was /etc (the first one)

What did we do wrong? Would a * expand everything into the directory?

----------

## Akkara

I'm not fully understanding your question.  Those three commands you give, is that what you tried, in sequence?  Or are they to illustrate in general how you were doing backups?

```
tar -xf /dev/st0
```

That should have extracted your backup, placing its contents in whatever directory you were sitting in when that command was typed.

```
tar -tf /dev/st0
```

That lists what's on the tape.  When you run it, do you see what you expect?

```
tar -cf /dev/st0 <files,directories>
```

If you used this one when intending to restore, you have overwritten your backup with a new backup of the listed files and directories.  I'm not sure how to recover from that.

(Aside: if I recall there's some other flags you need to use to be sure everything's preserved and restored with correct modes and such whcn backing up a system.  -p comes to mind, there may be others.)

----------

## bobber205

Thanks for the info. will try that today.

For some reason I don't think the contents of the tape were extracted. So the first one should do them all?

----------

## timeBandit

If each directory is in a separate tarball as a separate file on the tape, you need to use the non-rewinding tape device (/dev/nst0). Otherwise, each time the tape device is closed, it rewinds to BOT. Thus you keep extracting the first file over and over (/etc).

For example:

```
tar xpvf /dev/nst0

tar xpvf /dev/nst0

tar xpvf /dev/nst0

mt -f /dev/st0 rewind
```

would extract three successive archives from the tape, then rewind.

I almost hate to ask, but: By any chance, did you create your backups using commands similar to this?

```
tar cf /dev/st0 /root

tar cf /dev/st0 /home

tar cf /dev/st0 /var

tar cf /dev/st0 /etc
```

If you did ... you don't have backups of anything but /etc (or whichever was last).   :Sad: 

Further, if you truly ran a new tar cf command as the last step of the three shown in your original post, then you have effectively overwritten the entire tape. When closed, the rewinding device (st0) writes a new logical-EOT marker after the file, rendering the rest of the tape inaccessible.

----------

## bobber205

The command was

```

tar cf /dev/st0 /etc

tar cf /dev/st0 /root

tar cf /dev/st0 /boot

tar cf /dev/st0 /var/log

tar cf /dev/st0 /var/lib

tar cf /dev/st0 /home

```

It was then verified with tar tf.

We are using now a currently older copy to test our using of the tar command. Our "good new" one has not been touched thankfully. So what do we do?

----------

## timeBandit

 *bobber205 wrote:*   

> It was then verified with tar tf.

 

Verified how, exactly? Like this:

```
tar cf /dev/st0 /etc

tar tf /dev/st0

tar cf /dev/st0 /root

tar tf /dev/st0

tar cf /dev/st0 /boot

tar tf /dev/st0

... and so on ...
```

Or like this?

```
tar cf /dev/st0 /etc

tar cf /dev/st0 /root

... and so on ...

tar tf /dev/st0

tar tf /dev/st0

... and so on ...
```

You can see why the first sequence would give a false sense of security: each step would look successful but in fact each tarball would overwrite the previous one. As for the second sequence, I don't see how it could possibly appear successful--if that's what you did, we've overlooked something.

One thing that continues to puzzle me is how you recovered /etc if (1) it was the first directory you backed up and (2) you used the rewinding device for successive backups. If you've been overwriting the tape only the last thing you backed up should be on it.  :Confused: 

 *bobber205 wrote:*   

> We are using now a currently older copy to test our using of the tar command. Our "good new" one has not been touched thankfully. So what do we do?

 I would start by determining exactly what's on that tape. Run tar tf /dev/nst0 | head -n20 repeatedly, until you get an error. Do not interrupt tar, let it spin the tape to the end of the archive even though it only prints a few lines. Those few listings should be enough for you to recognize what's in each archive. (I am optimistically hoping you have more than one archive on the tape.) It will exit normally after each tape file, and give an immediate error when you run it after reaching end of the tape. At that point you can do mt -f /dev/st0 rewind and proceed to restore each archive.

----------

## dmpogo

 *timeBandit wrote:*   

> 
> 
> I would start by determining exactly what's on that tape. Run tar tf /dev/nst0 | head -n20 repeatedly, until you get an error. Do not interrupt tar, let it spin the tape to the end of the archive even though it only prints a few lines. Those few listings should be enough for you to recognize what's in each archive. (I am optimistically hoping you have more than one archive on the tape.) It will exit normally after each tape file, and give an immediate error when you run it after reaching end of the tape. At that point you can do mt -f /dev/st0 rewind and proceed to restore each archive.

 

You can also do a sequence of

$ file - < /dev/nst0

$ mt -f /dev/nst0 fsf 1

$ file - < /dev/nst0

$ mt -f /dev/nst0 fsf 1

.....

until an error.

The first command tells the type of the next file, the next - forwards the tape by one file.

----------

## timeBandit

 *dmpogo wrote:*   

> You can also do a sequence of
> 
> $ file - < /dev/nst0
> 
> $ mt -f /dev/nst0 fsf 1
> ...

 No, that skips every other file. Reading a file from the tape stops at an EOF file mark, leaving the tape positioned after the file mark (at the start of the next file). The mt fsf n command skips over n file marks, again leaving the tape positioned after the last file mark read. So the above will identify one file, then ignore one file, and so on.

Edit: Sometimes.  :Embarassed:  It depends on whether the command reads the whole tape file--if it doesn't, then the skips are needed. (file does.)

----------

## bobber205

We got our data back! whooo

```

tar xpvf /dev/nst0

```

That line saved our hides. Ran it once, got the first dir. Second time no output. Third time the next dir and so on and so on.

Thanks!

----------

