Bot releases are hidden (Show)
The following sections list the changes in restic 0.17.1 relevant to restic users. The changes are ordered by importance.
backup
command on Windows--json
backup --stdin-from-command
from panickingrestore --verify
restore --json
Bugfix #2004: Correctly handle volume names in backup
command on Windows
On Windows, when the specified backup target only included the volume name without a trailing slash, for example, C:
, then restoring the resulting snapshot would result in an error. Note that using C:\
as backup target worked correctly.
Specifying volume names is now handled correctly. To restore snapshots created before this bugfix, use the : syntax. For example, to restore a snapshot with ID 12345678
that backed up C:
, use the following command:
restic restore 12345678:/C/C:./ --target output/folder
Bugfix #4945: Include missing backup error text with --json
Previously, when running a backup with the --json
option, restic failed to include the actual error message in the output, resulting in "error": {}
being displayed.
This has now been fixed, and restic now includes the error text in JSON output.
Bugfix #4953: Correctly handle long paths on older Windows versions
On older Windows versions, like Windows Server 2012, restic 0.17.0 failed to back up files with long paths. This problem has now been resolved.
Bugfix #4957: Fix delayed cancellation of certain commands
Since restic 0.17.0, some commands did not immediately respond to cancellation via Ctrl-C (SIGINT) and continued running for a short period. The most affected commands were diff
,find
, ls
, stats
and rewrite
. This is now resolved.
Bugfix #4958: Don't ignore metadata-setting errors during restore
Previously, restic used to ignore errors when setting timestamps, attributes, or file modes during a restore. It now reports those errors, except for permission related errors when running without root privileges.
Bugfix #4969: Correctly restore timestamp for files with resource forks on macOS
On macOS, timestamps were not restored for files with resource forks. This has now been fixed.
Bugfix #4975: Prevent backup --stdin-from-command
from panicking
Restic would previously crash if --stdin-from-command
was specified without providing a command. This issue has now been fixed.
Bugfix #4980: Skip extended attribute processing on unsupported Windows volumes
With restic 0.17.0, backups of certain Windows paths, such as network drives, failed due to errors while fetching extended attributes.
Restic now skips extended attribute processing for volumes where they are not supported.
Bugfix #5004: Fix spurious "A Required Privilege Is Not Held by the Client" error
On Windows, creating a backup could sometimes trigger the following error:
error: nodeFromFileInfo [...]: get named security info failed with: a required privilege is not held by the client.
This has now been fixed.
Bugfix #5005: Fix rare failures to retry locking a repository
Restic 0.17.0 could in rare cases fail to retry locking a repository if one of the lock files failed to load, resulting in the error:
unable to create lock in backend: circuit breaker open for file <lock/1234567890>
This issue has now been addressed. The error handling now properly retries the locking operation. In addition, restic waits a few seconds between locking retries to increase chances of successful locking.
Bugfix #5018: Improve HTTP/2 support for REST backend
If rest-server
tried to gracefully shut down an HTTP/2 connection still in use by the client, it could result in the following error:
http2: Transport: cannot retry err [http2: Transport received Server's graceful shutdown GOAWAY] after Request.Body was written; define Request.GetBody to avoid this error
This issue has now been resolved.
#5018 https://forum.restic.net/t/receiving-http2-goaway-messages-with-windows-restic-v0-17-0/8367
Change #4953: Also back up files with incomplete metadata
If restic failed to read extended metadata for a file or folder during a backup, then the file or folder was not included in the resulting snapshot. Instead, a warning message was printed along with returning exit code 3 once the backup was finished.
Now, restic also includes items for which the extended metadata could not be read in a snapshot. The warning message has been updated to:
incomplete metadata for /path/to/file: <details about error>
Enhancement #4795: Display progress bar for restore --verify
When the restore
command is run with --verify
, it now displays a progress bar while the verification step is running. The progress bar is not shown when the --json
flag is specified.
Enhancement #4934: Automatically clear removed snapshots from cache
Previously, restic only removed snapshots from the cache on the host where the forget
command was executed. On other hosts that use the same repository, the old snapshots remained in the cache.
Restic now automatically clears old snapshots from the local cache of the current host.
Enhancement #4944: Print JSON-formatted errors during restore --json
Restic used to print any restore
errors directly to the console as freeform text messages, even when using the --json
option.
Now, when --json
is specified, restic prints them as JSON formatted messages.
Enhancement #4959: Return exit code 12 for "bad password" errors
Restic now returns exit code 12 when it cannot open the repository due to an incorrect password.
Enhancement #4970: Make timeout for stuck requests customizable
Restic monitors connections to the backend to detect stuck requests. If a request does not return any data within five minutes, restic assumes the request is stuck and retries it. However, for large repositories this timeout might be insufficient to collect a list of all files, causing the following error:
List(data) returned error, retrying after 1s: [...]: request timeout
It is now possible to increase the timeout using the --stuck-request-timeout
option.
Published by fd0 3 months ago
The following sections list the changes in restic 0.17.0 relevant to restic users. The changes are ordered by importance.
backup
sourcestats
commandforget --keep-tags <invalid>
from deleting all snapshotsfind
not sometimes ignore directories--no-lock
handling of ls
and tag
commandskey
command correctlyrewrite
s3legacy
repository layoutkey list
snapshots
outputdiff
commandrepair packs
command--delete
option to restore
commanddump
performance for large filesprune
command resumablemount
on macOSprune
memory usagecheck
command create non-existent cache directory--json
option to version
command--ncdu
option to ls
commands3.storage-class
archive tiers for metadatamount
command's error detectionls
use message_type
field in JSON outputkey
command's actions separate sub-commands--target
option to the dump
command--host
via environment variablereason
field of forget
JSON outputrestore
options to read include/exclude patterns from filesrestore
customizablerestore
commandBugfix #3600: Handle unreadable xattrs in folders above backup
source
When backup sources are specified using absolute paths, backup
also includes information about the parent folders of the backup sources in the snapshot.
If the extended attributes for some of these folders could not be read due to missing permissions, this caused the backup to fail. This has now been fixed.
#3600 #4668 https://forum.restic.net/t/parent-directories-above-the-snapshot-source-path-fatal-error-permission-denied/7216
Bugfix #4209: Fix slow SFTP upload performance
Since restic 0.12.1, the upload speed of the sftp backend to a remote server has regressed significantly. This has now been fixed.
Bugfix #4503: Correct hardlink handling in stats
command
If files on different devices had the same inode ID, the stats
command did not correctly calculate the snapshot size. This has now been fixed.
#4503 #4006 https://forum.restic.net/t/possible-bug-in-stats/6461/8
Bugfix #4568: Prevent forget --keep-tags <invalid>
from deleting all snapshots
Running forget --keep-tags <invalid>
, where <invalid>
is a tag that does not exist in the repository, would remove all snapshots. This is especially problematic if the tag name contains a typo.
The forget
command now fails with an error if all snapshots in a snapshot group would be deleted. This prevents the above example from deleting all snapshots.
It is possible to temporarily disable the new check by setting the environment variable RESTIC_FEATURES=safe-forget-keep-tags=false
. Note that this feature flag will be removed in the next minor restic version.
Bugfix #4615: Make find
not sometimes ignore directories
In some cases, the find
command ignored empty or moved directories. This has now been fixed.
Bugfix #4656: Properly report ID of newly added keys
restic key add
now reports the ID of the newly added key. This simplifies selecting a specific key using the --key-hint key
option.
Bugfix #4703: Shutdown cleanly when receiving SIGTERM
Previously, when restic received the SIGTERM signal it would terminate immediately, skipping cleanup and potentially causing issues like stale locks being left behind. This primarily effected containerized restic invocations that use SIGTERM, but could also be triggered via a simple killall restic
.
This has now been fixed, such that restic shuts down cleanly when receiving the SIGTERM signal.
Bugfix #4709: Correct --no-lock
handling of ls
and tag
commands
The ls
command never locked the repository. This has now been fixed, with the old behavior still being supported using ls --no-lock
. The latter invocation also works with older restic versions.
The tag
command erroneously accepted the --no-lock
command. This command now always requires an exclusive lock.
Bugfix #4760: Fix possible error on concurrent cache cleanup
If multiple restic processes concurrently cleaned up no longer existing files from the cache, this could cause some of the processes to fail with an no such file or directory
error. This has now been fixed.
Bugfix #4850: Handle UTF-16 password files in key
command correctly
Previously, key add
and key passwd
did not properly decode UTF-16 encoded passwords read from a password file. This has now been fixed to correctly match the encoding when opening a repository.
Bugfix #4902: Update snapshot summary on rewrite
Restic previously did not recalculate the total number of files and bytes processed when files were excluded from a snapshot by the rewrite
command. This has now been fixed.
Change #956: Return exit code 10 and 11 for non-existing and locked repository
If a repository does not exist or cannot be locked, restic previously always returned exit code 1. This made it difficult to distinguish these cases from other errors.
Restic now returns exit code 10 if the repository does not exist, and exit code 11 if the repository could be not locked due to a conflicting lock.
Change #4540: Require at least ARMv6 for ARM binaries
The official release binaries of restic now require at least ARMv6 support for ARM platforms.
Change #4602: Deprecate legacy index format and s3legacy
repository layout
Support for the legacy index format used by restic before version 0.2.0 has been deprecated and will be removed in the next minor restic version. You can use restic repair index
to update the index to the current format.
It is possible to temporarily reenable support for the legacy index format by setting the environment variable RESTIC_FEATURES=deprecate-legacy-index=false
. Note that this feature flag will be removed in the next minor restic version.
Support for the s3legacy
repository layout used for the S3 backend before restic 0.7.0 has been deprecated and will be removed in the next minor restic version. You can migrate your S3 repository to the current layout using RESTIC_FEATURES=deprecate-s3-legacy-layout=false restic migrate s3_layout
.
It is possible to temporarily reenable support for the s3legacy
layout by setting the environment variable RESTIC_FEATURES=deprecate-s3-legacy-layout=false
. Note that this feature flag will be removed in the next minor restic version.
Change #4627: Redesign backend error handling to improve reliability
Restic now downloads pack files in large chunks instead of using a streaming download. This prevents failures due to interrupted streams. The restore
command now also retries downloading individual blobs that could not be retrieved.
HTTP requests that are stuck for more than two minutes while uploading or downloading are now forcibly interrupted. This ensures that stuck requests are retried after a short timeout.
Attempts to access a missing or truncated file will no longer be retried. This avoids unnecessary retries in those cases. All other backend requests are retried for up to 15 minutes. This ensures that temporarily interrupted network connections can be tolerated.
If a download yields a corrupt file or blob, then the download will be retried once.
Most parts of the new backend error handling can temporarily be disabled by setting the environment variable RESTIC_FEATURES=backend-error-redesign=false
. Note that this feature flag will be removed in the next minor restic version.
Change #4707: Disable S3 anonymous authentication by default
When using the S3 backend with anonymous authentication, it continuously tried to retrieve new authentication credentials, causing bad performance.
Now, to use anonymous authentication, it is necessary to pass the extended option -o s3.unsafe-anonymous-auth=true
to restic.
It is possible to temporarily revert to the old behavior by setting the environment variable RESTIC_FEATURES=explicit-s3-anonymous-auth=false
. Note that this feature flag will be removed in the next minor restic version.
Change #4744: Include full key ID in JSON output of key list
The JSON output of the key list
command has changed to include the full key ID instead of just a shortened version of the ID, as the latter can be ambiguous in some rare cases. To derive the short ID, please truncate the full ID down to eight characters.
Enhancement #662: Optionally skip snapshot creation if nothing changed
The backup
command always created a snapshot even if nothing in the backup set changed compared to the parent snapshot.
Restic now supports the --skip-if-unchanged
option for the backup
command, which omits creating a snapshot if the new snapshot's content would be identical to that of the parent snapshot.
Enhancement #693: Include snapshot size in snapshots
output
The snapshots
command now prints the size for snapshots created using this or a future restic version. To achieve this, the backup
command now stores the backup summary statistics in the snapshot.
The text output of the snapshots
command only shows the snapshot size. The other statistics are only included in the JSON output. To inspect these statistics use restic snapshots --json
or restic cat snapshot <snapshotID>
.
Enhancement #805: Add bitrot detection to diff
command
The output of the diff
command now includes the modifier ?
for files to indicate bitrot in backed up files. The ?
will appear whenever there is a difference in content while the metadata is exactly the same.
Since files with unchanged metadata are normally not read again when creating a backup, the detection is only effective when the right-hand side of the diff has been created with backup --force
.
Enhancement #828: Improve features of the repair packs
command
The repair packs
command has been improved to also be able to process truncated pack files. The check
and check --read-data
command will provide instructions on using the command if necessary to repair a repository. See the guide at https://restic.readthedocs.io/en/stable/077_troubleshooting.html for further instructions.
Enhancement #1786: Support repositories with empty password
Restic previously required a password to create or operate on repositories. Using the new option --insecure-no-password
it is now possible to disable this requirement. Restic will not prompt for a password when using this option.
For security reasons, the option must always be specified when operating on repositories with an empty password, and specifying --insecure-no-password
while also passing a password to restic via a CLI option or environment variable results in an error.
The init
and copy
commands add the related --from-insecure-no-password
option, which applies to the source repository. The key add
and key passwd
commands add the --new-insecure-no-password
option to add or set an empty password.
Enhancement #2348: Add --delete
option to restore
command
The restore
command now supports a --delete
option that allows removing files and directories from the target directory that do not exist in the snapshot. This option also allows files in the snapshot to replace non-empty directories having the same name.
To check that only expected files are deleted, add the --dry-run --verbose=2
options.
Enhancement #3067: Add extended options to configure Windows Shadow Copy Service
Previous, restic always used a 120 seconds timeout and unconditionally created VSS snapshots for all volume mount points on disk. This behavior can now be fine-tuned by the following new extended options (available only on Windows):
-o vss.timeout
: Time that VSS can spend creating snapshot before timing out (default: 120s)-o vss.exclude-all-mount-points
: Exclude mountpoints from snapshotting on all volumes (default: false)-o vss.exclude-volumes
: Semicolon separated list of volumes to exclude from snapshotting-o vss.provider
: VSS provider identifier which will be used for snapshottingFor example, change VSS timeout to five minutes and disable snapshotting of mount points on all volumes:
Restic backup --use-fs-snapshot -o vss.timeout=5m -o vss.exclude-all-mount-points=true
Exclude drive d:
, mount point c:\mnt
and a specific volume from snapshotting:
Restic backup --use-fs-snapshot -o vss.exclude-volumes="d:;c:\mnt;\?\Volume{e2e0315d-9066-4f97-8343-eb5659b35762}"
Uses 'Microsoft Software Shadow Copy provider 1.0' instead of the default provider:
Restic backup --use-fs-snapshot -o vss.provider={b5946137-7b9f-4925-af80-51abd60b20d5}
Enhancement #3406: Improve dump
performance for large files
The dump
command now retrieves the data chunks for a file in parallel. This improves the download performance by up to as many times as the configured number of parallel backend connections.
Enhancement #3806: Optimize and make prune
command resumable
Previously, if the prune
command was interrupted, a later prune
run would start repacking pack files from the start, as prune
did not update the index while repacking.
The prune
command now supports resuming interrupted prune runs. The update of the repository index has also been optimized to use less memory and only rewrite parts of the index that have changed.
Enhancement #4006: (alpha) Store deviceID only for hardlinks
Set RESTIC_FEATURES=device-id-for-hardlinks
to enable this alpha feature. The feature flag will be removed after repository format version 3 becomes available or be replaced with a different solution.
When creating backups from a filesystem snapshot, for example created using BTRFS subvolumes, the deviceID of the filesystem changes compared to previous snapshots. This prevented restic from deduplicating the directory metadata of a snapshot.
When this alpha feature is enabled, the deviceID is only stored for hardlinks, which significantly reduces the metadata duplication for most backups.
Enhancement #4048: Add support for FUSE-T with mount
on macOS
The restic mount
command now supports creating FUSE mounts using FUSE-T on macOS.
Enhancement #4251: Support reading backup from a command's standard output
The backup
command now supports the --stdin-from-command
option. When using this option, the arguments to backup
are interpreted as a command instead of paths to back up. backup
then executes the given command and stores the standard output from it in the backup, similar to the what the --stdin
option does. This also enables restic to verify that the command completes with exit code zero. A non-zero exit code causes the backup to fail.
Note that the --stdin
option does not have to be specified at the same time, and that the --stdin-filename
option also applies to --stdin-from-command
.
Example: restic backup --stdin-from-command --stdin-filename dump.sql mysqldump [...]
Enhancement #4287: Support connection to rest-server using unix socket
Restic now supports using a unix socket to connect to a rest-server version 0.13.0 or later. This allows running restic as follows:
rest-server --listen unix:/tmp/rest.socket --data /path/to/data &
restic -r rest:http+unix:///tmp/rest.socket:/my_backup_repo/ [...]
Enhancement #4354: Significantly reduce prune
memory usage
The prune
command has been optimized to use up to 60% less memory. The memory usage should now be roughly similar to creating a backup.
Enhancement #4437: Make check
command create non-existent cache directory
Previously, if a custom cache directory was specified for the check
command, but the directory did not exist, check
continued with the cache disabled.
The check
command now attempts to create the cache directory before initializing the cache.
Enhancement #4472: Support AWS Assume Role for S3 backend
Previously only credentials discovered via the Minio discovery methods were used to authenticate.
However, there are many circumstances where the discovered credentials have lower permissions and need to assume a specific role. This is now possible using the following new environment variables:
RESTIC_AWS_ASSUME_ROLE_ARN
RESTIC_AWS_ASSUME_ROLE_SESSION_NAME
RESTIC_AWS_ASSUME_ROLE_EXTERNAL_ID
RESTIC_AWS_ASSUME_ROLE_REGION
(defaults to us-east-1
)RESTIC_AWS_ASSUME_ROLE_POLICY
RESTIC_AWS_ASSUME_ROLE_STS_ENDPOINT
Enhancement #4547: Add --json
option to version
command
Restic now supports outputting restic version along with the Go version, OS and architecture used to build restic in JSON format using version --json
.
Enhancement #4549: Add --ncdu
option to ls
command
NCDU (NCurses Disk Usage) is a tool to analyse disk usage of directories. It has an option to save a directory tree and analyse it later.
The ls
command now supports outputting snapshot information in the NCDU format using the --ncdu
option. Example usage: restic ls latest --ncdu | ncdu -f -
Enhancement #4573: Support rewriting host and time metadata in snapshots
The rewrite
command now supports rewriting the host and/or time metadata of a snapshot using the new --new-host
and --new-time
options.
Enhancement #4583: Ignore s3.storage-class
archive tiers for metadata
Restic used to store all files on S3 using the specified s3.storage-class
.
Now, restic will only use non-archive storage tiers for metadata, to avoid problems when accessing a repository. To restore any data, it is still necessary to manually warm up the required data beforehand.
NOTE: There is no official cold storage support in restic, use this option at your own risk.
Enhancement #4590: Speed up mount
command's error detection
The mount
command now checks for the existence of the mountpoint before opening the repository, leading to quicker error detection.
Enhancement #4601: Add support for feature flags
Restic now supports feature flags that can be used to enable and disable experimental features. The flags can be set using the environment variable RESTIC_FEATURES
. To get a list of currently supported feature flags, use the features
command.
Enhancement #4611: Back up more file metadata on Windows
Previously, restic did not back up all common Windows-specific metadata.
Restic now stores file creation time and file attributes like the hidden, read-only and encrypted flags when backing up files and folders on Windows.
Enhancement #4664: Make ls
use message_type
field in JSON output
The ls
command was the only restic command that used the struct_type
field in its JSON output format to specify the message type.
The JSON output of the ls
command now also includes the message_type
field, which is consistent with other commands. The struct_type
field is still included, but now deprecated.
Enhancement #4676: Make key
command's actions separate sub-commands
Each of the add
, list
, remove
and passwd
actions provided by the key
command is now a separate sub-command and have its own documentation which can be invoked using restic key <add|list|remove|passwd> --help
.
Enhancement #4678: Add --target
option to the dump
command
Restic dump
always printed to the standard output. It now supports specifying a --target
file to write its output to.
Enhancement #4708: Back up and restore SecurityDescriptors on Windows
Restic now backs up and restores SecurityDescriptors for files and folders on Windows which includes owner, group, discretionary access control list (DACL) and system access control list (SACL).
This requires the user to be a member of backup operators or the application must be run as admin. If that is not the case, only the current user's owner, group and DACL will be backed up, and during restore only the DACL of the backed up file will be restored, with the current user's owner and group being set on the restored file.
Enhancement #4733: Allow specifying --host
via environment variable
Restic commands that operate on snapshots, such as restic backup
and restic snapshots
, support the --host
option to specify the hostname for grouping snapshots.
Such commands now also support specifying the hostname via the environment variable RESTIC_HOST
. Note that --host
still takes precedence over the environment variable.
Enhancement #4737: Include snapshot ID in reason
field of forget
JSON output
The JSON output of the forget
command now includes id
and short_id
of snapshots in the reason
field.
Enhancement #4764: Support forgetting all snapshots
The forget
command now supports the --unsafe-allow-remove-all
option, which removes all snapshots in the repository.
This option must always be combined with a snapshot filter (by host, path or tag). For example, the command forget --tag example --unsafe-allow-remove-all
removes all snapshots with the tag "example".
Enhancement #4768: Allow specifying custom User-Agent for outgoing requests
Restic now supports setting a custom User-Agent
for outgoing HTTP requests using the global option --http-user-agent
or the RESTIC_HTTP_USER_AGENT
environment variable.
Enhancement #4781: Add restore
options to read include/exclude patterns from files
Restic now supports reading include and exclude patterns from files using the --include-file
, --exclude-file
, --iinclude-file
and --iexclude-file
options of the restore
command.
Enhancement #4807: Support Extended Attributes on Windows NTFS
Restic now backs up and restores Extended Attributes for files and folders on Windows NTFS.
Enhancement #4817: Make overwrite behavior of restore
customizable
The restore
command now supports an --overwrite
option to configure whether already existing files are overwritten. The overwrite behavior can be configured using the following option values:
--overwrite always
(default): Always overwrites already existing files. The restore
command will verify the existing file content and only restore mismatching parts to minimize downloads. Updates the metadata of all files.--overwrite if-changed
: Like always
, but speeds up the file content check by assuming that files with matching size and modification time (mtime) are already up to date. In case of a mismatch, the full file content is verified like with always
. Updates the metadata of all files.--overwrite if-newer
: Like always
, but only overwrites existing files when the file in the snapshot has a newer modification time (mtime) than the existing file.--overwrite never
: Never overwrites existing files.Enhancement #4839: Add dry-run support to restore
command
The restore
command now supports the --dry-run
option to perform a dry run. Pass the --verbose=2
option to see which files would remain unchanged, and which would be updated or freshly restored.
Published by fd0 4 months ago
The following sections list the changes in restic 0.16.5 relevant to restic users. The changes are ordered by importance.
Enhancement #4799: Add option to force use of Azure CLI credential
A new environment variable AZURE_FORCE_CLI_CREDENTIAL=true
allows forcing the use of Azure CLI credential, ignoring other credentials like managed identity.
Enhancement #4873: Update dependencies
A few potentially vulnerable dependencies were updated.
Published by fd0 9 months ago
This release works around and improves detection of a bug in the compression library used by restic. The resulting issue only happens when using restic 0.16.3 and the max
compression level (the default auto
and off
compression levels are not affected), and when the source files being backed up have specific data in them to trigger the bug. If you use max
compression, you can use restic check --read-data
to make sure you're not affected.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.16.4 relevant to restic users. The changes are ordered by importance.
Bugfix #4677: Downgrade zstd library to fix rare data corruption at max. compression
In restic 0.16.3, backups where the compression level was set to max
(using --compression max
) could in rare and very specific circumstances result in data corruption due to a bug in the library used for compressing data. Restic 0.16.1 and 0.16.2 were not affected.
Restic now uses the previous version of the library used to compress data, the same version used by restic 0.16.2. Please note that the auto
compression level (which restic uses by default) was never affected, and even if you used max
compression, chances of being affected by this issue are small.
To check a repository for any corruption, run restic check --read-data
. This will download and verify the whole repository and can be used at any time to completely verify the integrity of a repository. If the check
command detects anomalies, follow the suggested steps.
Enhancement #4529: Add extra verification of data integrity before upload
Hardware issues, or a bug in restic or its dependencies, could previously cause corruption in the files restic created and stored in the repository. Detecting such corruption previously required explicitly running the check --read-data
or check --read-data-subset
commands.
To further ensure data integrity, even in the case of hardware issues or software bugs, restic now performs additional verification of the files about to be uploaded to the repository.
These extra checks will increase CPU usage during backups. They can therefore, if absolutely necessary, be disabled using the --no-extra-verify
global option. Please note that this should be combined with more active checking using the previously mentioned check commands.
Published by fd0 9 months ago
This release fixes a couple of bugs on Windows and in the restore
command. It also works around an unlikely yet possible situation with rclone
which could potentially result in data loss.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.16.3 relevant to restic users. The changes are ordered by importance.
rclone
backendrestore
progress information if an error occursBugfix #4560: Improve errors for irregular files on Windows
Since Go 1.21, most filesystem reparse points on Windows are considered to be irregular files. This caused restic to show an error: invalid node type ""
error message for those files.
This error message has now been improved and includes the relevant file path: error: nodeFromFileInfo path/to/file: unsupported file type "irregular"
. As irregular files are not required to behave like regular files, it is not possible to provide a generic way to back up those files.
#4560 #4620 https://forum.restic.net/t/windows-backup-error-invalid-node-type/6875
Bugfix #4574: Support backup of deduplicated files on Windows again
With the official release builds of restic 0.16.1 and 0.16.2, it was not possible to back up files that were deduplicated by the corresponding Windows Server feature. This also applied to restic versions built using Go 1.21.0-1.21.4.
The Go version used to build restic has now been updated to fix this.
Bugfix #4612: Improve error handling for rclone
backend
Since restic 0.16.0, if rclone encountered an error while listing files, this could in rare circumstances cause restic to assume that there are no files. Although unlikely, this situation could result in data loss if it were to happen right when the prune
command is listing existing snapshots.
Error handling has now been improved to detect and work around this case.
Bugfix #4624: Correct restore
progress information if an error occurs
If an error occurred while restoring a snapshot, this could cause the restore
progress bar to show incorrect information. In addition, if a data file could not be loaded completely, then errors would also be reported for some already restored files.
Error reporting of the restore
command has now been made more accurate.
#4624 https://forum.restic.net/t/errors-restoring-with-restic-on-windows-server-s3/6943
Bugfix #4626: Improve reliability of restoring large files
In some cases restic failed to restore large files that frequently contain the same file chunk. In combination with certain backends, this could result in network connection timeouts that caused incomplete restores.
Restic now includes special handling for such file chunks to ensure reliable restores.
#4626 https://forum.restic.net/t/errors-restoring-with-restic-on-windows-server-s3/6943
Published by fd0 12 months ago
restic 0.16.2 contains a few minor bug fixes, mostly restoring ARMv5 support and fix the online docs.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.16.2 relevant to restic users. The changes are ordered by importance.
Bugfix #4540: Restore ARMv5 support for ARM binaries
The official release binaries for restic 0.16.1 were accidentally built to require ARMv7. The build process is now updated to restore support for ARMv5.
Please note that restic 0.17.0 will drop support for ARMv5 and require at least ARMv6.
Bugfix #4545: Repair documentation build on Read the Docs
For restic 0.16.1, no documentation was available at https://restic.readthedocs.io/ .
The documentation build process is now updated to work again.
Published by fd0 12 months ago
restic 0.16.1 has been released! It contains an important bug fix which prevents data corruption when compression is set to max.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.16.1 relevant to restic users. The changes are ordered by importance.
key list
command honor --no-lock
GOMAXPROCS
in resource-constrained containersfind
and ls
commandsBugfix #4513: Make key list
command honor --no-lock
The key list
command now supports the --no-lock
options. This allows determining which keys a repo can be accessed by without the need for having write access (e.g., read-only sftp access, filesystem snapshot).
Bugfix #4516: Do not try to load password on command line autocomplete
The command line autocompletion previously tried to load the repository password. This could cause the autocompletion not to work. Now, this step gets skipped.
Bugfix #4523: Update zstd library to fix possible data corruption at max. compression
In restic 0.16.0, backups where the compression level was set to max
(using --compression max
) could in rare and very specific circumstances result in data corruption due to a bug in the library used for compressing data.
Restic now uses the latest version of the library used to compress data, which includes a fix for this issue. Please note that the auto
compression level (which restic uses by default) was never affected, and even if you used max
compression, chances of being affected by this issue were very small.
To check a repository for any corruption, run restic check --read-data
. This will download and verify the whole repository and can be used at any time to completely verify the integrity of a repository. If the check
command detects anomalies, follow the suggested steps.
To simplify any needed repository repair and minimize data loss, there is also a new and experimental repair packs
command that salvages all valid data from the affected pack files (see restic help repair packs
for more information).
Change #4532: Update dependencies and require Go 1.19 or newer
We have updated all dependencies. Since some libraries require newer Go standard library features, support for Go 1.18 has been dropped, which means that restic now requires at least Go 1.19 to build.
Enhancement #229: Show progress bar while loading the index
Restic did not provide any feedback while loading index files. Now, there is a progress bar that shows the index loading progress.
Enhancement #4128: Automatically set GOMAXPROCS
in resource-constrained containers
When running restic in a Linux container with CPU-usage limits, restic now automatically adjusts GOMAXPROCS
. This helps to reduce the memory consumption on hosts with many CPU cores.
Enhancement #4480: Allow setting REST password and username via environment variables
Previously, it was only possible to specify the REST-server username and password in the repository URL, or by using the --repository-file
option. This meant it was not possible to use authentication in contexts where the repository URL is stored in publicly accessible way.
Restic now allows setting the username and password using the RESTIC_REST_USERNAME
and RESTIC_REST_PASSWORD
variables.
Enhancement #4511: Include inode numbers in JSON output for find
and ls
commands
Restic used to omit the inode numbers in the JSON messages emitted for nodes by the ls
command as well as for matches by the find
command. It now includes those values whenever they are available.
Enhancement #4519: Add config option to set SFTP command arguments
When using the sftp
backend, scenarios where a custom identity file was needed for the SSH connection, required the full command to be specified: -o sftp.command='ssh user@host:port -i /ssh/my_private_key -s sftp'
Now, the -o sftp.args=...
option can be passed to restic to specify custom arguments for the SSH command executed by the SFTP backend. This simplifies the above example to -o sftp.args='-i /ssh/my_private_key'
.
Published by fd0 about 1 year ago
restic 0.16.0 has been released!
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.16.0 relevant to restic users. The changes are ordered by importance.
forget --keep-*
optionsbackup
commandgenerate
and init
no longer silently ignore unexpected argumentsrest
backendscan_finished
for the backup
command--retry-lock
optionrestic find
repair index
and repair snapshots
commandsazure
backend<snapshot>:<subfolder>
syntax to select subfolders--group-by
for backup parent selection--human-readable
option to ls
and find
commandsjq
binary to Docker imagegs
backendBugfix #2565: Support "unlimited" in forget --keep-*
options
Restic would previously forget snapshots that should have been kept when a negative value was passed to the --keep-*
options. Negative values are now forbidden. To keep all snapshots, the special value unlimited
is now supported. For example, --keep-monthly unlimited
will keep all monthly snapshots.
Bugfix #3311: Support non-UTF8 paths as symlink target
Earlier restic versions did not correctly backup
and restore
symlinks that contain a non-UTF8 target. Note that this only affected systems that still use a non-Unicode encoding for filesystem paths.
The repository format is now extended to add support for such symlinks. Please note that snapshots must have been created with at least restic version 0.16.0 for restore
to correctly handle non-UTF8 symlink targets when restoring them.
Bugfix #4199: Avoid lock refresh issues on slow network connections
On network connections with a low upload speed, backups and other operations could fail with the error message Fatal: failed to refresh lock in time
.
This has now been fixed by reworking the lock refresh handling.
Bugfix #4274: Improve lock refresh handling after standby
If the restic process was stopped or the host running restic entered standby during a long running operation such as a backup, this previously resulted in the operation failing with Fatal: failed to refresh lock in time
.
This has now been fixed such that restic first checks whether it is safe to continue the current operation and only throws an error if not.
Bugfix #4319: Correctly clean up status bar output of the backup
command
Due to a regression in restic 0.15.2, the status bar of the backup
command could leave some output behind. This happened if filenames were printed that are wider than the current terminal width. This has now been fixed.
Bugfix #4333: generate
and init
no longer silently ignore unexpected arguments
Bugfix #4400: Ignore missing folders in rest
backend
If a repository accessed via the REST backend was missing folders, then restic would fail with an error while trying to list the data in the repository. This has been now fixed.
Change #4176: Fix JSON message type of scan_finished
for the backup
command
Restic incorrectly set the message_type
of the scan_finished
message to status
instead of verbose_status
. This has now been corrected so that the messages report the correct type.
Change #4201: Require Go 1.20 for Solaris builds
Building restic on Solaris now requires Go 1.20, as the library used to access Azure uses the mmap syscall, which is only available on Solaris starting from Go 1.20. All other platforms however continue to build with Go 1.18.
Enhancement #426: Show progress bar during restore
The restore
command now shows a progress report while restoring files.
Example: [0:42] 5.76% 23 files 12.98 MiB, total 3456 files 23.54 GiB
JSON output is now also supported.
#426 #3413 #3627 #3991 #4314 https://forum.restic.net/t/progress-bar-for-restore/5210
Enhancement #719: Add --retry-lock
option
This option allows specifying a duration for which restic will wait if the repository is already locked.
Enhancement #1495: Sort snapshots by timestamp in restic find
The find
command used to print snapshots in an arbitrary order. Restic now prints snapshots sorted by timestamp.
Enhancement #1759: Add repair index
and repair snapshots
commands
The rebuild-index
command has been renamed to repair index
. The old name will still work, but is deprecated.
When a snapshot was damaged, the only option up to now was to completely forget the snapshot, even if only some unimportant files in it were damaged and other files were still fine.
Restic now has a repair snapshots
command, which can salvage any non-damaged files and parts of files in the snapshots by removing damaged directories and missing file contents. Please note that the damaged data may still be lost and see the "Troubleshooting" section in the documentation for more details.
#1759 #1714 #1798 #2334 #2876 https://forum.restic.net/t/corrupted-repo-how-to-repair/799https://forum.restic.net/t/recovery-options-for-damaged-repositories/1571
Enhancement #1926: Allow certificate paths to be passed through environment variables
Restic will now read paths to certificates from the environment variables RESTIC_CACERT
or RESTIC_TLS_CLIENT_CERT
if --cacert
or --tls-client-cert
are not specified.
Enhancement #2359: Provide multi-platform Docker images
The official Docker images are now built for the architectures linux/386, linux/amd64, linux/arm and linux/arm64.
As an alternative to the Docker Hub, the Docker images are also available on ghcr.io, the GitHub Container Registry.
Enhancement #2468: Add support for non-global Azure clouds
The azure
backend previously only supported storages using the global domain core.windows.net
. This meant that backups to other domains such as Azure China (core.chinacloudapi.cn
) or Azure Germany (core.cloudapi.de
) were not supported. Restic now allows overriding the global domain using the environment variable AZURE_ENDPOINT_SUFFIX
.
Enhancement #2679: Reduce file fragmentation for local backend
Before this change, local backend files could become fragmented. Now restic will try to preallocate space for pack files to avoid their fragmentation.
Enhancement #3328: Reduce memory usage by up to 25%
The in-memory index has been optimized to be more garbage collection friendly. Restic now defaults to GOGC=50
to run the Go garbage collector more frequently.
Enhancement #3397: Improve accuracy of ETA displayed during backup
Restic's backup
command displayed an ETA that did not adapt when the rate of progress made during the backup changed during the course of the backup.
Restic now uses recent progress when computing the ETA. It is important to realize that the estimate may still be wrong, because restic cannot predict the future, but the hope is that the ETA will be more accurate in most cases.
Enhancement #3624: Keep oldest snapshot when there are not enough snapshots
The forget
command now additionally preserves the oldest snapshot if fewer snapshots than allowed by the --keep-*
parameters would otherwise be kept. This maximizes the amount of history kept within the specified limits.
#3624 #4366 https://forum.restic.net/t/keeping-yearly-snapshots-policy-when-backup-began-during-the-year/4670/2
Enhancement #3698: Add support for Managed / Workload Identity to azure
backend
Restic now additionally supports authenticating to Azure using Workload Identity or Managed Identity credentials, which are automatically injected in several environments such as a managed Kubernetes cluster.
Enhancement #3871: Support <snapshot>:<subfolder>
syntax to select subfolders
Commands like diff
or restore
always worked with the full snapshot. This did not allow comparing only a specific subfolder or only restoring that folder (restore --include subfolder
filters the restored files, but still creates the directories included in subfolder
).
The commands diff
, dump
, ls
and restore
now support the <snapshot>:<subfolder>
syntax, where snapshot
is the ID of a snapshot (or the string latest
) and subfolder
is a path within the snapshot. The commands will then only work with the specified path of the snapshot. The subfolder
must be a path to a folder as returned by ls
. Two examples:
restic restore -t target latest:/some/path
restic diff 12345678:/some/path 90abcef:/some/path
For debugging purposes, the cat
command now supports cat tree <snapshot>:<subfolder>
to return the directory metadata for the given subfolder.
Enhancement #3941: Support --group-by
for backup parent selection
Previously, the backup
command by default selected the parent snapshot based on the hostname and the backup targets. When the backup path list changed, the backup
command was unable to determine a suitable parent snapshot and had to read all files again.
The new --group-by
option for the backup
command allows filtering snapshots for the parent selection by host
, paths
and tags
. It defaults to host,paths
which selects the latest snapshot with hostname and paths matching those of the backup run. This matches the behavior of prior restic versions.
The new --group-by
option should be set to the same value as passed to forget --group-by
.
Enhancement #4130: Cancel current command if cache becomes unusable
If the cache directory was removed or ran out of space while restic was running, this would previously cause further caching attempts to fail and thereby drastically slow down the command execution. Now, the currently running command is instead canceled.
Enhancement #4159: Add --human-readable
option to ls
and find
commands
Previously, when using the -l
option with the ls
and find
commands, the displayed size was always in bytes, without an option for a more human readable format such as MiB or GiB.
The new --human-readable
option will convert longer size values into more human friendly values with an appropriate suffix depending on the output size. For example, a size of 14680064
will be shown as 14.000 MiB
.
Enhancement #4188: Include restic version in snapshot metadata
The restic version used to backup a snapshot is now included in its metadata and shown when inspecting a snapshot using restic cat snapshot <snapshotID>
or restic snapshots --json
.
Enhancement #4220: Add jq
binary to Docker image
The Docker image now contains jq
, which can be useful to process JSON data output by restic.
Enhancement #4226: Allow specifying region of new buckets in the gs
backend
Previously, buckets used by the Google Cloud Storage backend would always get created in the "us" region. It is now possible to specify the region where a bucket should be created by using the -o gs.region=us
option.
Enhancement #4375: Add support for extended attributes on symlinks
Restic now supports extended attributes on symlinks when backing up, restoring, or FUSE-mounting snapshots. This includes, for example, the security.selinux
xattr on Linux distributions that use SELinux.
Published by fd0 over 1 year ago
We're very pleased to present you restic 0.15.2! This is just (another) small bugfix release.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.15.2 relevant to restic users. The changes are ordered by importance.
backup
during processingdump
interpret --host
and --path
correctlymount
Security #4275: Update golang.org/x/net to address CVE-2022-41723
Bugfix #2260: Sanitize filenames printed by backup
during processing
The backup
command would previously not sanitize the filenames it printed during processing, potentially causing newlines or terminal control characters to mangle the status output or even change the state of a terminal.
Filenames are now checked and quoted if they contain non-printable or non-Unicode characters.
Bugfix #4211: Make dump
interpret --host
and --path
correctly
A regression in restic 0.15.0 caused dump
to confuse its --host=<host>
and --path=<path>
options: it looked for snapshots with paths called <host>
from hosts called <path>
. It now treats the options as intended.
Bugfix #4239: Correct number of blocks reported in mount point
Restic mount points reported an incorrect number of 512-byte (POSIX standard) blocks for files and links due to a rounding bug. In particular, empty files were reported as taking one block instead of zero.
The rounding is now fixed: the number of blocks reported is the file size (or link target size) divided by 512 and rounded up to a whole number.
Bugfix #4253: Minimize risk of spurious filesystem loops with mount
When a backup contains a directory that has the same name as its parent, say a/b/b
, and the GNU find
command was run on this backup in a restic mount, find
would refuse to traverse the lowest b
directory, instead printing File system loop detected
. This was due to the way the restic mount command generates inode numbers for directories in the mount point.
The rule for generating these inode numbers was changed in 0.15.0. It has now been changed again to avoid this issue. A perfect rule does not exist, but the probability of this behavior occurring is now extremely small.
When it does occur, the mount point is not broken, and scripts that traverse the mount point should work as long as they don't rely on inode numbers for detecting filesystem loops.
Enhancement #4180: Add release binaries for riscv64 architecture on Linux
Builds for the riscv64
architecture on Linux are now included in the release binaries.
Enhancement #4219: Upgrade Minio to version 7.0.49
The upgraded version now allows use of the ap-southeast-4
region (Melbourne).
Published by fd0 over 1 year ago
We're very pleased to present you restic 0.15.1! This is just a small bugfix release, fixing some issues that arose after 0.15.0 was published.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.15.1 relevant to restic users. The changes are ordered by importance.
b2_download_file_by_name: 404
warning from B2 backendprune --quiet
not print progress barself-update --output
work with new filename on Windowsbackup
progress barBugfix #3750: Remove b2_download_file_by_name: 404
warning from B2 backend
In some cases the B2 backend could print b2_download_file_by_name: 404: : b2.b2err
warnings. These are only debug messages and can be safely ignored.
Restic now uses an updated library for accessing B2, which removes the warning.
Bugfix #4147: Make prune --quiet
not print progress bar
A regression in restic 0.15.0 caused prune --quiet
to show a progress bar while deciding how to process each pack files. This has now been fixed.
Bugfix #4163: Make self-update --output
work with new filename on Windows
Since restic 0.14.0 the self-update
command did not work when a custom output filename was specified via the --output
option. This has now been fixed.
As a workaround, either use an older restic version to run the self-update or create an empty file with the output filename before updating e.g. using CMD:
type nul > new-file.exe
restic self-update --output new-file.exe
#4163 https://forum.restic.net/t/self-update-windows-started-failing-after-release-of-0-15/5836
Bugfix #4167: Add missing ETA in backup
progress bar
A regression in restic 0.15.0 caused the ETA to be missing from the progress bar displayed by the backup
command. This has now been fixed.
Enhancement #4143: Ignore empty lock files
With restic 0.15.0 the checks for stale locks became much stricter than before. In particular, empty or unreadable locks were no longer silently ignored. This made restic to complain with Load(<lock/1234567812>, 0, 0) returned error, retrying after 552.330144ms: load(<lock/1234567812>): invalid data returned
and fail in the end.
The error message is now clarified and the implementation changed to ignore empty lock files which are sometimes created as the result of a failed uploads on some backends.
Please note that unreadable lock files still have to cleaned up manually. To do so, you can run restic unlock --remove-all
which removes all existing lock files. But first make sure that no other restic process is currently using the repository.
Published by fd0 almost 2 years ago
We're very pleased to present you restic 0.15.0!
In this version a new rewrite
command has been implemented. This allows for removing unwanted data from existing snapshots, for example if one discovers that some files were unintentionally backed up, such as files with sensitive content or files that take up a lot of space and don't need to be backed up. Please see the corresponding documentation for more information and usage examples.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.15.0 relevant to restic users. The changes are ordered by importance.
mount
return exit code 0 after receiving Ctrl-C / SIGINTrestore
replace existing symlinksbackup --stdin
mount
commandcopy
command when -o <backend>.connections=1
ls
return exit code 1 if snapshot cannot be loadedbackup
no longer hang on Solaris when seeing a FIFO fileinit
ignore "Access Denied" errors when creating S3 bucketsself-update
enabled by default only in release buildsdump
backup
unlock
display message only when locks were actually removedcopy
commandrewrite
commandinit
open only one connection for the SFTP backendcredential_process
to S3 backendmount
command support macOS using macFUSE 4.xinit
commandbackup
commandstats
commandbackup
file tree scanner to be disabledbackup
performance for small filesBugfix #2015: Make mount
return exit code 0 after receiving Ctrl-C / SIGINT
To stop the mount
command, a user has to press Ctrl-C or send a SIGINT signal to restic. This used to cause restic to exit with a non-zero exit code.
The exit code has now been changed to zero as the above is the expected way to stop the mount
command and should therefore be considered successful.
Bugfix #2578: Make restore
replace existing symlinks
When restoring a symlink, restic used to report an error if the target path already existed. This has now been fixed such that the potentially existing target path is first removed before the symlink is restored.
Bugfix #2591: Don't read password from stdin for backup --stdin
The backup
command when used with --stdin
previously tried to read first the password, then the data to be backed up from standard input. This meant it would often confuse part of the data for the password.
From now on, it will instead exit with the message Fatal: cannot read both password and data from stdin
unless the password is passed in some other way (such as --restic-password-file
, RESTIC_PASSWORD
, etc).
To enter the password interactively a password command has to be used. For example on Linux, mysqldump somedatabase | restic backup --stdin --password-command='sh -c "systemd-ask-password < /dev/tty"'
securely reads the password from the terminal.
Bugfix #3161: Delete files on Backblaze B2 more reliably
Restic used to only delete the latest version of files stored in B2. In most cases this worked well as there was only a single version of the file. However, due to retries while uploading it is possible for multiple file versions to be stored at B2. This could lead to various problems for files that should have been deleted but still existed.
The implementation has now been changed to delete all versions of files, which doubles the amount of Class B transactions necessary to delete files, but assures that no file versions are left behind.
Bugfix #3336: Make SFTP backend report no space left on device
Backing up to an SFTP backend would spew repeated SSH_FX_FAILURE messages when the remote disk was full. Restic now reports "sftp: no space left on device" and exits immediately when it detects this condition.
A fix for this issue was implemented in restic 0.12.1, but unfortunately the fix itself contained a bug that prevented it from taking effect.
Bugfix #3567: Improve handling of interrupted syscalls in mount
command
Accessing restic's FUSE mount could result in "input/output" errors when using programs in which syscalls can be interrupted. This is for example the case for Go programs. This has now been fixed by improved error handling of interrupted syscalls.
Bugfix #3897: Fix stuck copy
command when -o <backend>.connections=1
When running the copy
command with -o <backend>.connections=1
the command would be infinitely stuck. This has now been fixed.
Bugfix #3918: Correct prune statistics for partially compressed repositories
In a partially compressed repository, one data blob can exist both in an uncompressed and a compressed version. This caused the prune
statistics to become inaccurate and e.g. report a too high value for the unused size, such as "unused size after prune: 16777215.991 TiB". This has now been fixed.
Bugfix #3951: Make ls
return exit code 1 if snapshot cannot be loaded
The ls
command used to show a warning and return exit code 0 when failing to load a snapshot. This has now been fixed such that it instead returns exit code 1 (still showing a warning).
Bugfix #4003: Make backup
no longer hang on Solaris when seeing a FIFO file
The backup
command used to hang on Solaris whenever it encountered a FIFO file (named pipe), due to a bug in the handling of extended attributes. This bug has now been fixed.
Bugfix #4016: Support ExFAT-formatted local backends on macOS Ventura
ExFAT-formatted disks could not be used as local backends starting from macOS Ventura. Restic commands would fail with an "inappropriate ioctl for device" error. This has now been fixed.
Bugfix #4085: Make init
ignore "Access Denied" errors when creating S3 buckets
In restic 0.9.0 through 0.13.0, the init
command ignored some permission errors from S3 backends when trying to check for bucket existence, so that manually created buckets with custom permissions could be used for backups.
This feature became broken in 0.14.0, but has now been restored again.
Bugfix #4100: Make self-update
enabled by default only in release builds
The self-update
command was previously included by default in all builds of restic as opposed to only in official release builds, even if the selfupdate
tag was not explicitly enabled when building.
This has now been corrected, and the self-update
command is only available if restic was built with -tags selfupdate
(as done for official release builds by build.go
).
Bugfix #4103: Don't generate negative UIDs and GIDs in tar files from dump
When using a 32-bit build of restic, the dump
command could in some cases create tar files containing negative UIDs and GIDs, which cannot be read by GNU tar. This corner case especially applies to backups from stdin on Windows.
This is now fixed such that dump
creates valid tar files in these cases too.
Change #2724: Include full snapshot ID in JSON output of backup
We have changed the JSON output of the backup command to include the full snapshot ID instead of just a shortened version, as the latter can be ambiguous in some rare cases. To derive the short ID, please truncate the full ID down to eight characters.
Change #3929: Make unlock
display message only when locks were actually removed
The unlock
command used to print the "successfully removed locks" message whenever it was run, regardless of lock files having being removed or not.
This has now been changed such that it only prints the message if any lock files were actually removed. In addition, it also reports the number of removed lock files.
Change #4033: Don't print skipped snapshots by default in copy
command
The copy
command used to print each snapshot that was skipped because it already existed in the target repository. The amount of this output could practically bury the list of snapshots that were actually copied.
From now on, the skipped snapshots are by default not printed at all, but this can be re-enabled by increasing the verbosity level of the command.
Change #4041: Update dependencies and require Go 1.18 or newer
Most dependencies have been updated. Since some libraries require newer language features, support for Go 1.15-1.17 has been dropped, which means that restic now requires at least Go 1.18 to build.
Enhancement #14: Implement rewrite
command
Restic now has a rewrite
command which allows to rewrite existing snapshots to remove unwanted files.
Enhancement #79: Restore files with long runs of zeros as sparse files
When using restore --sparse
, the restorer may now write files containing long runs of zeros as sparse files (also called files with holes), where the zeros are not actually written to disk.
How much space is saved by writing sparse files depends on the operating system, file system and the distribution of zeros in the file.
During backup restic still reads the whole file including sparse regions, but with optimized processing speed of sparse regions.
#79 #3903 #2601 #3854 https://forum.restic.net/t/sparse-file-support/1264
Enhancement #1078: Support restoring symbolic links on Windows
The restore
command now supports restoring symbolic links on Windows. Because of Windows specific restrictions this is only possible when running restic with the SeCreateSymbolicLinkPrivilege
privilege or as an administrator.
Enhancement #1734: Inform about successful retries after errors
When a recoverable error is encountered, restic shows a warning message saying that it's retrying, e.g.:
Save(<data/956b9ced99>) returned error, retrying after 357.131936ms: ...
This message can be confusing in that it never clearly states whether the retry is successful or not. This has now been fixed such that restic follows up with a message confirming a successful retry, e.g.:
Save(<data/956b9ced99>) operation successful after 1 retries
Enhancement #1866: Improve handling of directories with duplicate entries
If for some reason a directory contains a duplicate entry, the backup
command would previously fail with a node "path/to/file" already present
or nodes are not ordered got "path/to/file", last "path/to/file"
error.
The error handling has been improved to only report a warning in this case. Make sure to check that the filesystem in question is not damaged if you see this!
Enhancement #2134: Support B2 API keys restricted to hiding but not deleting files
When the B2 backend does not have the necessary permissions to permanently delete files, it now automatically falls back to hiding files. This allows using restic with an application key which is not allowed to delete files. This can prevent an attacker from deleting backups with such an API key.
To use this feature create an application key without the deleteFiles
capability. It is recommended to restrict the key to just one bucket. For example using the b2
command line tool:
b2 create-key --bucket <bucketName> <keyName> listBuckets,readFiles,writeFiles,listFiles
Alternatively, you can use the S3 backend to access B2, as described in the documentation. In this mode, files are also only hidden instead of being deleted permanently.
Enhancement #2152: Make init
open only one connection for the SFTP backend
The init
command using the SFTP backend used to connect twice to the repository. This could be inconvenient if the user must enter a password, or cause init
to fail if the server does not correctly close the first SFTP connection.
This has now been fixed by reusing the first/initial SFTP connection opened.
Enhancement #2533: Handle cache corruption on disk and in downloads
In rare situations, like for example after a system crash, the data stored in the cache might be corrupted. This could cause restic to fail and required manually deleting the cache.
Restic now automatically removes broken data from the cache, allowing it to recover from such a situation without user intervention. In addition, restic retries downloads which return corrupt data in order to also handle temporary download problems.
Enhancement #2715: Stricter repository lock handling
Previously, restic commands kept running even if they failed to refresh their locks in time. This could be a problem e.g. in case the client system running a backup entered the standby power mode while the backup was still in progress (which would prevent the client from refreshing its lock), and after a short delay another host successfully runs unlock
and prune
on the repository, which would remove all data added by the in-progress backup. If the backup client later continues its backup, even though its lock had expired in the meantime, this would lead to an incomplete snapshot.
To address this, lock handling is now much stricter. Commands requiring a lock are canceled if the lock is not refreshed successfully in time. In addition, if a lock file is not readable restic will not allow starting a command. It may be necessary to remove invalid lock files manually or use unlock --remove-all
. Please make sure that no other restic processes are running concurrently before doing this, however.
Enhancement #2750: Make backup file read concurrency configurable
The backup
command now supports a --read-concurrency
option which allows tuning restic for very fast storage like NVMe disks by controlling the number of concurrent file reads during the backup process.
Enhancement #3029: Add support for credential_process
to S3 backend
Restic now uses a newer library for the S3 backend, which adds support for the credential_process
option in the AWS credential configuration.
Enhancement #3096: Make mount
command support macOS using macFUSE 4.x
Restic now uses a different FUSE library for mounting snapshots and making them available as a FUSE filesystem using the mount
command. This adds support for macFUSE 4.x which can be used to make this work on recent macOS versions.
Enhancement #3124: Support JSON output for the init
command
The init
command used to ignore the --json
option, but now outputs a JSON message if the repository was created successfully.
Enhancement #3899: Optimize prune memory usage
The prune
command needs large amounts of memory in order to determine what to keep and what to remove. This is now optimized to use up to 30% less memory.
Enhancement #3905: Improve speed of parent snapshot detection in backup
command
Backing up a large number of files using --files-from-verbatim
or --files-from-raw
options could require a long time to find the parent snapshot. This has been improved.
Enhancement #3915: Add compression statistics to the stats
command
When executed with --mode raw-data
on a repository that supports compression, the stats
command now calculates and displays, for the selected repository or snapshots: the uncompressed size of the data; the compression progress (percentage of data that has been compressed); the compression ratio of the compressed data; the total space saving.
It also takes into account both the compressed and uncompressed data if the repository is only partially compressed.
Enhancement #3925: Provide command completion for PowerShell
Restic already provided generation of completion files for bash, fish and zsh. Now powershell is supported, too.
Enhancement #3931: Allow backup
file tree scanner to be disabled
The backup
command walks the file tree in a separate scanner process to find the total size and file/directory count, and uses this to provide an ETA. This can slow down backups, especially of network filesystems.
The command now has a new option --no-scan
which can be used to disable this scanning in order to speed up backups when needed.
Enhancement #3932: Improve handling of ErrDot errors in rclone and sftp backends
Since Go 1.19, restic can no longer implicitly run relative executables which are found in the current directory (e.g. rclone
if found in .
). This is a security feature of Go to prevent against running unintended and possibly harmful executables.
The error message for this was just "cannot run executable found relative to current directory". This has now been improved to yield a more specific error message, informing the user how to explicitly allow running the executable using the -o rclone.program
and -o sftp.command
extended options with ./
.
#3932 https://pkg.go.dev/os/exec#hdr-Executables_in_the_current_directoryhttps://go.dev/blog/path-security
Enhancement #3943: Ignore additional/unknown files in repository
If a restic repository had additional files in it (not created by restic), commands like find
and restore
could become confused and fail with an multiple IDs with prefix "12345678" found
error. These commands now ignore such additional files.
#3943 https://forum.restic.net/t/which-protocol-should-i-choose-for-remote-linux-backups/5446/17
Enhancement #3955: Improve backup
performance for small files
When backing up small files restic was slower than it could be. In particular this affected backups using maximum compression.
This has been fixed by reworking the internal parallelism of the backup command, making it back up small files around two times faster.
Published by fd0 about 2 years ago
We're very pleased to present you restic 0.14.0! This is a great release which introduces a new repository version that adds the most requested feature: compression!
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.14.0 relevant to restic users. The changes are ordered by importance.
self-update
on Windowscopy
commanddiff
command incorrectly listed some files as addedstats
command miscalculated restore size for multiple snapshotsforget
check --check-unused
and add further checks--repo2
option used by init
/copy
with --from-repo
mount
command customizableprune
check
and prune
commandscopy
commandcheck
warningsBugfix #2248: Support self-update
on Windows
Restic self-update
would fail in situations where the operating system locks running binaries, including Windows. The new behavior works around this by renaming the running file and swapping the updated file in place.
Bugfix #3428: List snapshots in backend at most once to resolve snapshot IDs
Many commands support specifying a list of snapshot IDs which are then used to determine the snapshots to be processed by the command. To resolve snapshot IDs or latest
, and check that these exist, restic previously listed all snapshots stored in the repository. Depending on the backend this could be a slow and/or expensive operation.
Restic now lists the snapshots only once and remembers the result in order to resolve all further snapshot IDs swiftly.
Bugfix #3432: Fix rare 'not found in repository' error for copy
command
In rare cases copy
(and other commands) would report that LoadTree(...)
returned an id [...] not found in repository
error. This could be caused by a backup or copy command running concurrently. The error was only temporary; running the failed restic command a second time as a workaround did resolve the error.
This issue has now been fixed by correcting the order in which restic reads data from the repository. It is now guaranteed that restic only loads snapshots for which all necessary data is already available.
Bugfix #3685: The diff
command incorrectly listed some files as added
There was a bug in the diff
command, causing it to always show files in a removed directory as added. This has now been fixed.
Bugfix #3681: Fix rclone (shimmed by Scoop) and sftp not working on Windows
In #3602 a fix was introduced to address the problem of rclone
prematurely exiting when Ctrl+C is pressed on Windows. The solution was to create the subprocess with its console detached from the restic console.
However, this solution failed when using rclone
installed by Scoop or using sftp
with a passphrase-protected private key. We've now fixed this by using a different approach to prevent Ctrl-C from passing down too early.
Bugfix #3720: Directory sync errors for repositories accessed via SMB
On Linux and macOS, accessing a repository via a SMB/CIFS mount resulted in restic failing to save the lock file, yielding the following errors:
Save(<lock/071fe833f0>) returned error, retrying after 552.330144ms: sync /repo/locks: no such file or directory Save(<lock/bf789d7343>) returned error, retrying after 552.330144ms: sync /repo/locks: invalid argument
This has now been fixed by ignoring the relevant error codes.
Bugfix #3736: The stats
command miscalculated restore size for multiple snapshots
Since restic 0.10.0 the restore size calculated by the stats
command for multiple snapshots was too low. The hardlink detection was accidentally applied across multiple snapshots and thus ignored many files. This has now been fixed.
Bugfix #3861: Yield error on invalid policy to forget
The forget
command previously silently ignored invalid/unsupported units in the duration options, such as e.g. --keep-within-daily 2w
.
Specifying an invalid/unsupported duration unit now results in an error.
Bugfix #3716: Print "wrong password" to stderr instead of stdout
If an invalid password was entered, the error message was printed on stdout and not on stderr as intended. This has now been fixed.
Bugfix #3772: Correctly rebuild index for legacy repositories
After running rebuild-index
on a legacy repository containing mixed pack files (that is, pack files which store both metadata and file data), check
printed warnings like pack 12345678 contained in several indexes: ...
. This warning was not critical, but has now nonetheless been fixed by properly handling mixed pack files while rebuilding the index.
Running prune
for such legacy repositories will also fix the warning by reorganizing the pack files which caused it.
Bugfix #3776: Limit number of key files tested while opening a repository
Previously, restic tested the password against every key in the repository when opening a repository. The more keys there were in the repository, the slower this operation became.
Restic now tests the password against up to 20 key files in the repository. Alternatively, you can use the --key-hint=<key ID>
option to specify a specific key file to use instead.
Change #1842: Support debug log creation in release builds
Creating a debug log was only possible in debug builds which required users to manually build restic. We changed the release builds to allow creating debug logs by simply setting the environment variable DEBUG_LOG=logname.log
.
Change #3295: Deprecate check --check-unused
and add further checks
Since restic 0.12.0, it is expected to still have unused blobs after running prune
. This made the --check-unused
option of the check
command rather useless and tended to confuse users. This option has been deprecated and is now ignored.
The check
command now also warns if a repository is using either the legacy S3 layout or mixed pack files with both tree and data blobs. The latter is known to cause performance problems.
Change #3680: Update dependencies and require Go 1.15 or newer
We've updated most dependencies. Since some libraries require newer language features we're dropping support for Go 1.14, which means that restic now requires at least Go 1.15 to build.
Change #3742: Replace --repo2
option used by init
/copy
with --from-repo
The init
and copy
commands can read data from another repository. However, confusingly --repo2
referred to the repository from which the init
command copies parameters, but for the copy
command --repo2
referred to the copy destination.
We've introduced a new option, --from-repo
, which always refers to the source repository for both commands. The old parameter names have been deprecated but still work. To create a new repository and copy all snapshots to it, the commands are now as follows:
restic -r /srv/restic-repo-copy init --from-repo /srv/restic-repo --copy-chunker-params restic -r /srv/restic-repo-copy copy --from-repo /srv/restic-repo
Enhancement #1153: Support pruning even when the disk is full
When running out of disk space it was no longer possible to add or remove data from a repository. To help with recovering from such a deadlock, the prune command now supports an --unsafe-recover-no-free-space
option to recover from these situations. Make sure to read the documentation first!
Enhancement #21: Add compression support
We've added compression support to the restic repository format. To create a repository using the new format run init --repository-version 2
. Please note that the repository cannot be read by restic versions prior to 0.14.0.
You can configure whether data is compressed with the option --compression
. It can be set to auto
(the default, which will compress very fast), max
(which will trade backup speed and CPU usage for better compression), or off
(which disables compression). Each setting is only applied for the current run of restic and does not apply to future runs. The option can also be set via the environment variable RESTIC_COMPRESSION
.
To upgrade in place run migrate upgrade_repo_v2
followed by prune
. See the documentation for more details. The migration checks the repository integrity and upgrades the repository format, but will not change any data. Afterwards, prune will rewrite the metadata to make use of compression.
As an alternative you can use the copy
command to migrate snapshots; First create a new repository using init --repository-version 2 --copy-chunker-params --repo2 path/to/old/repo
, and then use the copy
command to copy all snapshots to the new repository.
Enhancement #2162: Adaptive IO concurrency based on backend connections
Many commands used hard-coded limits for the number of concurrent operations. This prevented speed improvements by increasing the number of connections used by a backend.
These limits have now been replaced by using the configured number of backend connections instead, which can be controlled using the -o <backend-name>.connections=5
option. Commands will then automatically scale their parallelism accordingly.
To limit the number of CPU cores used by restic, you can set the environment variable GOMAXPROCS
accordingly. For example to use a single CPU core, use GOMAXPROCS=1
.
Enhancement #2291: Allow pack size customization
Restic now uses a target pack size of 16 MiB by default. This can be customized using the --pack-size size
option. Supported pack sizes range between 4 and 128 MiB.
It is possible to migrate an existing repository to larger pack files using prune --repack-small
. This will rewrite every pack file which is significantly smaller than the target size.
Enhancement #2295: Allow use of SAS token to authenticate to Azure
Previously restic only supported AccountKeys to authenticate to Azure storage accounts, which necessitates giving a significant amount of access.
We added support for Azure SAS tokens which are a more fine-grained and time-limited manner of granting access. Set the AZURE_ACCOUNT_NAME
and AZURE_ACCOUNT_SAS
environment variables to use a SAS token for authentication. Note that if AZURE_ACCOUNT_KEY
is set, it will take precedence.
Enhancement #2696: Improve backup speed with many small files
We have restructured the backup pipeline to continue reading files while all upload connections are busy. This allows the backup to already prepare the next data file such that the upload can continue as soon as a connection becomes available. This can especially improve the backup performance for high latency backends.
The upload concurrency is now controlled using the -o <backend-name>.connections=5
option.
Enhancement #2907: Make snapshot directory structure of mount
command customizable
We've added the possibility to customize the snapshot directory structure of the mount
command using templates passed to the --snapshot-template
option. The formatting of snapshots' timestamps is now controlled using --time-template
and supports subdirectories to for example group snapshots by year. Please see restic help mount
for further details.
Characters in tag names which are not allowed in a filename are replaced by underscores _
. For example a tag foo/bar
will result in a directory name of foo_bar
.
Enhancement #3114: Optimize handling of duplicate blobs in prune
Restic prune
always used to repack all data files containing duplicate blobs. This effectively removed all duplicates during prune. However, as a consequence all these data files were repacked even if the unused repository space threshold could be reached with less work.
This is now changed and prune
works nice and fast even when there are lots of duplicate blobs.
Enhancement #3465: Improve handling of temporary files on Windows
In some cases restic failed to delete temporary files, causing the current command to fail. This has now been fixed by ensuring that Windows automatically deletes the file. In addition, temporary files are only written to disk when necessary, reducing disk writes.
Enhancement #3709: Validate exclude patterns before backing up
Exclude patterns provided via --exclude
, --iexclude
, --exclude-file
or --iexclude-file
previously weren't validated. As a consequence, invalid patterns resulted in files that were meant to be excluded being backed up.
Restic now validates all patterns before running the backup and aborts with a fatal error if an invalid pattern is detected.
Enhancement #3837: Improve SFTP repository initialization over slow links
The init
command, when used on an SFTP backend, now sends multiple mkdir
commands to the backend concurrently. This reduces the waiting times when creating a repository over a very slow connection.
Enhancement #2351: Use config file permissions to control file group access
Previously files in a local/SFTP repository would always end up with very restrictive access permissions, allowing access only to the owner. This prevented a number of valid use-cases involving groups and ACLs.
We now use the permissions of the config file in the repository to decide whether group access should be given to newly created repository files or not. We arrange for repository files to be created group readable exactly when the repository config file is group readable.
To opt-in to group readable repositories, a simple chmod -R g+r
or equivalent on the config file can be used. For repositories that should be writable by group members a tad more setup is required, see the docs.
Posix ACLs can also be used now that the group permissions being forced to zero no longer masks the effect of ACL entries.
Enhancement #3475: Allow limiting IO concurrency for local and SFTP backend
Restic did not support limiting the IO concurrency / number of connections for accessing repositories stored using the local or SFTP backends. The number of connections is now limited as for other backends, and can be configured via the the -o local.connections=2
and -o sftp.connections=5
options. This ensures that restic does not overwhelm the backend with concurrent IO operations.
Enhancement #3484: Stream data in check
and prune
commands
The commands check --read-data
and prune
previously downloaded data files into temporary files which could end up being written to disk. This could cause a large amount of data being written to disk.
The pack files are now instead streamed, which removes the need for temporary files. Please note that uploads during backup
and prune
still require temporary files.
Enhancement #2923: Improve speed of copy
command
The copy
command could require a long time to copy snapshots for non-local backends. This has been improved to provide a throughput comparable to the restore
command.
Additionally, copy
now displays a progress bar.
Enhancement #3729: Display full IDs in check
warnings
When running commands to inspect or repair a damaged repository, it is often necessary to supply the full IDs of objects stored in the repository.
The output of check
now includes full IDs instead of their shortened variant.
Enhancement #3773: Optimize memory usage for directories with many files
Backing up a directory with hundreds of thousands or more files caused restic to require large amounts of memory. We've now optimized the backup
command such that it requires up to 30% less memory.
Enhancement #3819: Validate include/exclude patterns before restoring
Patterns provided to restore
via --exclude
, --iexclude
, --include
and --iinclude
weren't validated before running the restore. Invalid patterns would result in error messages being printed repeatedly, and possibly unwanted files being restored.
Restic now validates all patterns before running the restore, and aborts with a fatal error if an invalid pattern is detected.
Published by fd0 over 2 years ago
We're very pleased to present you restic 0.13.1! This is a small bugfix release which fixes two issues that were discovered right after 0.13.0.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.13.1 relevant to restic users. The changes are ordered by importance.
Bugfix #3685: Fix the diff command
There was a bug in the diff
command, it would always show files in a removed directory as added. We've fixed that.
Bugfix #3681: Fix rclone (shimmed by Scoop) and sftp stopped working on Windows
In #3602 a fix was introduced to fix the problem that rclone prematurely exits when Ctrl+C is pressed on Windows. The solution was to create the subprocess with its console detached from the restic console. However, such solution fails when using rclone install by scoop or using sftp with a passphrase- protected private key. We've fixed that by using a different approach to prevent Ctrl-C from passing down too early.
Published by fd0 over 2 years ago
We're very pleased to present you restic 0.13.0! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.13.0 relevant to restic users. The changes are ordered by importance.
list locks
backup --json --quiet
check
command honor RESTIC_CACHE_DIR
environment variablecopy
command honor --no-lock
for source repositorymount
command now reports symlinks sizesrebuild-index
failed if an index file was damagedprune --max-repack-size=0
backup --stdin
--dry-run
/-n
option to backup
commanddiff
commandforget
if --no-lock
and --dry-run
check --read-data-subset
ls --json
restore --verify
commandbackup
command no longer updates file access times on Linuxrecover
collect only unreferenced treesdump
commandcopy
performance by parallelizing IOBugfix #1106: Never lock repository for list locks
The list locks
command previously locked to the repository by default. This had the problem that it wouldn't work for an exclusively locked repository and that the command would also display its own lock file which can be confusing.
Now, the list locks
command never locks the repository.
Bugfix #2345: Make cache crash-resistant and usable by multiple concurrent processes
The restic cache directory (RESTIC_CACHE_DIR
) could end up in a broken state in the event of restic (or the OS) crashing. This is now less likely to occur as files are downloaded to a temporary location before being moved to their proper location.
This also allows multiple concurrent restic processes to operate on a single repository without conflicts. Previously, concurrent operations could cause segfaults because the processes saw each other's partially downloaded files.
Bugfix #2452: Improve error handling of repository locking
Previously, when the lock refresh failed to delete the old lock file, it forgot about the newly created one. Instead it continued trying to delete the old (usually no longer existing) lock file and thus over time lots of lock files accumulated. This has now been fixed.
Bugfix #2738: Don't print progress for backup --json --quiet
Unlike the text output, the --json
output format still printed progress information even in --quiet
mode. This has now been fixed by always disabling the progress output in quiet mode.
Bugfix #3382: Make check
command honor RESTIC_CACHE_DIR
environment variable
Previously, the check
command didn't honor the RESTIC_CACHE_DIR
environment variable, which caused problems in certain system/usage configurations. This has now been fixed.
Bugfix #3518: Make copy
command honor --no-lock
for source repository
The copy
command previously did not respect the --no-lock
option for the source repository, causing failures with read-only storage backends. This has now been fixed such that the option is now respected.
Bugfix #3556: Fix hang with Backblaze B2 on SSL certificate authority error
Previously, if a request failed with an SSL unknown certificate authority error, the B2 backend retried indefinitely and restic would appear to hang.
This has now been fixed and restic instead fails with an error message.
Bugfix #3601: Fix rclone backend prematurely exiting when receiving SIGINT on Windows
Previously, pressing Ctrl+C in a Windows console where restic was running with rclone as the backend would cause rclone to exit prematurely due to getting a SIGINT
signal at the same time as restic. Restic would then wait for a long time for time with "unexpected EOF" and "rclone stdio connection already closed" errors.
This has now been fixed by restic starting the rclone process detached from the console restic runs in (similar to starting processes in a new process group on Linux), which enables restic to gracefully clean up rclone (which now never gets the SIGINT
).
Bugfix #3667: The mount
command now reports symlinks sizes
Symlinks used to have size zero in restic mountpoints, confusing some third-party tools. They now have a size equal to the byte length of their target path, as required by POSIX.
Bugfix #3488: rebuild-index
failed if an index file was damaged
Previously, the rebuild-index
command would fail with an error if an index file was damaged or truncated. This has now been fixed.
On older restic versions, a (slow) workaround is to use rebuild-index --read-all-packs
or to manually delete the damaged index.
Bugfix #3591: Fix handling of prune --max-repack-size=0
Restic ignored the --max-repack-size
option when passing a value of 0. This has now been fixed.
As a workaround, --max-repack-size=1
can be used with older versions of restic.
Bugfix #3619: Avoid choosing parent snapshots newer than time of new snapshot
The backup
command, when a --parent
was not provided, previously chose the most recent matching snapshot as the parent snapshot. However, this didn't make sense when the user passed --time
to create a new snapshot older than the most recent snapshot.
Instead, backup
now chooses the most recent snapshot which is not newer than the snapshot-being-created's timestamp, to avoid any time travel.
Change #3641: Ignore parent snapshot for backup --stdin
Restic uses a parent snapshot to speed up directory scanning when performing backups, but this only wasted time and memory when the backup source is stdin (using the --stdin
option of the backup
command), since no directory scanning is performed in this case.
Snapshots made with backup --stdin
no longer have a parent snapshot, which allows restic to skip some startup operations and saves a bit of resources.
The --parent
option is still available for backup --stdin
, but is now ignored.
Change #3519: Require Go 1.14 or newer
Restic now requires Go 1.14 to build. This allows it to use new standard library features instead of an external dependency.
Enhancement #1542: Add --dry-run
/-n
option to backup
command
Testing exclude filters and other configuration options was error prone as wrong filters could cause files to be uploaded unintentionally. It was also not possible to estimate beforehand how much data would be uploaded.
The backup
command now has a --dry-run
/-n
option, which performs all the normal steps of a backup without actually writing anything to the repository.
Passing -vv will log information about files that would be added, allowing for verification of source and exclusion options before running the real backup.
Enhancement #2202: Add upload checksum for Azure, GS, S3 and Swift backends
Previously only the B2 and partially the Swift backends verified the integrity of uploaded (encrypted) files. The verification works by informing the backend about the expected hash of the uploaded file. The backend then verifies the upload and thereby rules out any data corruption during upload.
We have now added upload checksums for the Azure, GS, S3 and Swift backends, which besides integrity checking for uploads also means that restic can now be used to store backups in S3 buckets which have Object Lock enabled.
Enhancement #233: Support negative include/exclude patterns
If a pattern starts with an exclamation mark and it matches a file that was previously matched by a regular pattern, the match is cancelled. Notably, this can be used with --exclude-file
to cancel the exclusion of some files.
It works similarly to .gitignore
, with the same limitation; Once a directory is excluded, it is not possible to include files inside the directory.
Example of use as an exclude pattern for the backup
command:
$HOME/**/* !$HOME/Documents !$HOME/code !$HOME/.emacs.d !$HOME/games # [...] node_modules *~ *.o *.lo .pyc # [...] $HOME/code/linux/ !$HOME/code/linux/.git # [...]
Enhancement #2388: Add warning for S3 if partial credentials are provided
Previously restic did not notify about incomplete credentials when using the S3 backend, instead just reporting access denied.
Restic now checks that both the AWS key ID and secret environment variables are set before connecting to the remote server, and reports an error if not.
Enhancement #2508: Support JSON output and quiet mode for the diff
command
The diff
command now supports outputting machine-readable output in JSON format. To enable this, pass the --json
option to the command. To only print the summary and suppress detailed output, pass the --quiet
option.
Enhancement #2656: Add flag to disable TLS verification for self-signed certificates
There is now an --insecure-tls
global option in restic, which disables TLS verification for self-signed certificates in order to support some development workflows.
Enhancement #3003: Atomic uploads for the SFTP backend
The SFTP backend did not upload files atomically. An interrupted upload could leave an incomplete file behind which could prevent restic from accessing the repository. This has now been fixed and uploads in the SFTP backend are done atomically.
Enhancement #3127: Add xattr (extended attributes) support for Solaris
Restic now supports xattr for the Solaris operating system.
Enhancement #3464: Skip lock creation on forget
if --no-lock
and --dry-run
Restic used to silently ignore the --no-lock
option of the forget
command.
It now skips creation of lock file in case both --dry-run
and --no-lock
are specified. If --no-lock
option is specified without --dry-run
, restic prints a warning message to stderr.
Enhancement #3490: Support random subset by size in check --read-data-subset
The --read-data-subset
option of the check
command now supports a third way of specifying the subset to check, namely nS
where n
is a size in bytes with suffix S
as k/K, m/M, g/G or t/T.
Enhancement #3541: Improve handling of temporary B2 delete errors
Deleting files on B2 could sometimes fail temporarily, which required restic to retry the delete operation. In some cases the file was deleted nevertheless, causing the retries and ultimately the restic command to fail. This has now been fixed.
Enhancement #3542: Add file mode in symbolic notation to ls --json
The ls --json
command now provides the file mode in symbolic notation (using the permissions
key), aligned with find --json
.
#3542 #3573 https://forum.restic.net/t/restic-ls-understanding-file-mode-with-json/4371
Enhancement #2594: Speed up the restore --verify
command
The --verify
option lets the restore
command verify the file content after it has restored a snapshot. The performance of this operation has now been improved by up to a factor of two.
Enhancement #2816: The backup
command no longer updates file access times on Linux
When reading files during backup, restic used to cause the operating system to update the files' access times. Note that this did not apply to filesystems with disabled file access times.
Restic now instructs the operating system not to update the file access time, if the user running restic is the file owner or has root permissions.
Enhancement #2880: Make recover
collect only unreferenced trees
Previously, the recover
command used to generate a snapshot containing all root trees, even those which were already referenced by a snapshot.
This has been improved such that it now only processes trees not already referenced by any snapshot.
Enhancement #3429: Verify that new or modified keys are stored correctly
When adding a new key or changing the password of a key, restic used to just create the new key (and remove the old one, when changing the password). There was no verification that the new key was stored correctly and works properly. As the repository cannot be decrypted without a valid key file, this could in rare cases cause the repository to become inaccessible.
Restic now checks that new key files actually work before continuing. This can protect against some (rare) cases of hardware or storage problems.
Enhancement #3436: Improve local backend's resilience to (system) crashes
Restic now ensures that files stored using the local
backend are created atomically (that is, files are either stored completely or not at all). This ensures that no incomplete files are left behind even if restic is terminated while writing a file.
In addition, restic now tries to ensure that the directory in the repository which contains a newly uploaded file is also written to disk. This can prevent missing files if the system crashes or the disk is not properly unmounted.
Enhancement #3508: Cache blobs read by the dump
command
When dumping a file using the dump
command, restic did not cache blobs in any way, so even consecutive runs of the same blob were loaded from the repository again and again, slowing down the dump.
Now, the caching mechanism already used by the fuse
command is also used by the dump
command. This makes dumping much faster, especially for sparse files.
Enhancement #3511: Support configurable timeout for the rclone backend
A slow rclone backend could cause restic to time out while waiting for the repository to open. Restic now offers an -o rclone.timeout
option to make this timeout configurable.
Enhancement #3593: Improve copy
performance by parallelizing IO
Restic copy previously only used a single thread for copying blobs between repositories, which resulted in limited performance when copying small blobs to/from a high latency backend (i.e. any remote backend, especially b2).
Copying will now use 8 parallel threads to increase the throughput of the copy operation.
Published by fd0 about 3 years ago
We're very pleased to present you restic 0.12.1! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.12.1 relevant to restic users. The changes are ordered by importance.
copy
failed to copy snapshots in rare casesbackup --quiet
no longer prints status informationcheck --read-data-subset=x%
run for an empty repositoryfdopendir: not a directory
error for local backendcreated new cache
message only on a terminalbackup --exclude='**'
restore
ls --json
output--repository-file2
option to init
and copy
command--keep-within-hourly
option to restic forgetsnapshots
listfind --pack
fallback to index if data file is missingBugfix #2742: Improve error handling for rclone and REST backend over HTTP2
When retrieving data from the rclone / REST backend while also using HTTP2 restic did not detect when no data was returned at all. This could cause for example the check
command to report the following error:
Pack ID does not match, want [...], got e3b0c442
This has been fixed by correctly detecting and retrying the incomplete download.
#2742 #3453 https://forum.restic.net/t/http2-stream-closed-connection-reset-context-canceled/3743/10
Bugfix #3111: Fix terminal output redirection for PowerShell
When redirecting the output of restic using PowerShell on Windows, the output contained terminal escape characters. This has been fixed by properly detecting the terminal type.
In addition, the mintty terminal now shows progress output for the backup command.
Bugfix #3214: Treat an empty password as a fatal error for repository init
When attempting to initialize a new repository, if an empty password was supplied, the repository would be created but the init command would return an error with a stack trace. Now, if an empty password is provided, it is treated as a fatal error, and no repository is created.
Bugfix #3267: copy
failed to copy snapshots in rare cases
The copy
command could in rare cases fail with the error message SaveTree(...) returned unexpected id ...
. This has been fixed.
On Linux/BSDs, the error could be caused by backing up symlinks with non-UTF-8 target paths. Note that, due to limitations in the repository format, these are not stored properly and should be avoided if possible.
Bugfix #3184: backup --quiet
no longer prints status information
A regression in the latest restic version caused the output of backup --quiet
to contain large amounts of backup progress information when run using an interactive terminal. This is fixed now.
A workaround for this bug is to run restic as follows: restic backup --quiet [..] | cat -
.
Bugfix #3296: Fix crash of check --read-data-subset=x%
run for an empty repository
The command restic check --read-data-subset=x%
crashed when run for an empty repository. This has been fixed.
Bugfix #3302: Fix fdopendir: not a directory
error for local backend
The check
, list packs
, prune
and rebuild-index
commands failed for the local backend when the data
folder in the repository contained files. This has been fixed.
Bugfix #3334: Print created new cache
message only on a terminal
The message created new cache
was printed even when the output wasn't a terminal. That broke piping restic dump
output to tar or zip if cache directory didn't exist. The message is now only printed on a terminal.
Bugfix #3380: Fix crash of backup --exclude='**'
The exclude filter **
, which excludes all files, caused restic to crash. This has been corrected.
Bugfix #3305: Fix possibly missing backup summary of JSON output in case of error
When using --json
output it happened from time to time that the summary output was missing in case an error occurred. This has been fixed.
Bugfix #3439: Correctly handle download errors during restore
Due to a regression in restic 0.12.0, the restore
command in some cases did not retry download errors and only printed a warning. This has been fixed by retrying incomplete data downloads.
Change #3247: Empty files now have size of 0 in ls --json
output
The ls --json
command used to omit the sizes of empty files in its output. It now reports a size of zero explicitly for regular files, while omitting the size field for all other types.
Enhancement #2780: Add release binaries for s390x architecture on Linux
We've added release binaries for Linux using the s390x architecture.
Enhancement #3293: Add --repository-file2
option to init
and copy
command
The init
and copy
command can now be used with the --repository-file2
option or the $RESTIC_REPOSITORY_FILE2
environment variable. These to options are in addition to the --repo2
flag and allow you to read the destination repository from a file.
Using both --repository-file
and --repo2
options resulted in an error for the copy
or init
command. The handling of this combination of options has been fixed. A workaround for this issue is to only use --repo
or -r
and --repo2
for init
or copy
.
Enhancement #3312: Add auto-completion support for fish
The generate
command now supports fish auto completion.
Enhancement #3336: SFTP backend now checks for disk space
Backing up over SFTP previously spewed multiple generic "failure" messages when the remote disk was full. It now checks for disk space before writing a file and fails immediately with a "no space left on device" message.
Enhancement #3377: Add release binaries for Apple Silicon
We've added release binaries for macOS on Apple Silicon (M1).
Enhancement #3414: Add --keep-within-hourly
option to restic forget
The forget
command allowed keeping a given number of hourly backups or to keep all backups within a given interval, but it was not possible to specify keeping hourly backups within a given interval.
The new --keep-within-hourly
option now offers this functionality. Similar options for daily/weekly/monthly/yearly are also implemented, the new options are:
--keep-within-hourly <1y2m3d4h> --keep-within-daily <1y2m3d4h> --keep-within-weekly <1y2m3d4h> --keep-within-monthly <1y2m3d4h> --keep-within-yearly <1y2m3d4h>
#3414 #3416 https://forum.restic.net/t/forget-policy/4014/11
Enhancement #3456: Support filtering and specifying untagged snapshots
It was previously not possible to specify an empty tag with the --tag
and --keep-tag
options. This has now been fixed, such that --tag ''
and --keep-tag ''
now matches snapshots without tags. This allows e.g. the snapshots
and forget
commands to only operate on untagged snapshots.
Enhancement #3167: Allow specifying limit of snapshots
list
The --last
option allowed limiting the output of the snapshots
command to the latest snapshot for each host. The new --latest n
option allows limiting the output to the latest n
snapshots.
This change deprecates the option --last
in favour of --latest 1
.
Enhancement #3426: Optimize read performance of mount command
Reading large files in a mounted repository may be up to five times faster. This improvement primarily applies to repositories stored at a backend that can be accessed with low latency, like e.g. the local backend.
Enhancement #3427: find --pack
fallback to index if data file is missing
When investigating a repository with missing data files, it might be useful to determine affected snapshots before running rebuild-index
. Previously, find --pack pack-id
returned no data as it required accessing the data file. Now, if the necessary data is still available in the repository index, it gets retrieved from there.
The command now also supports looking up multiple pack files in a single find
run.
#3427 https://forum.restic.net/t/missing-packs-not-found/2600
Published by fd0 over 3 years ago
We're very pleased to present you restic 0.12.0! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.12.0 relevant to restic users. The changes are ordered by importance.
mount
not create missing mount point directoryno data available
filesystem error during backupbackup
and tag
commands separate tags by commacat
command respect the --no-lock
option--use-fs-snapshot
option now works on windows/386init
backup
command on Windowsbackup
is interruptedrestore
commandgs
backendcheck --read-data-subset
s3
backendbackup
options --files-from-{verbatim,raw}
ListObjects
APIprune
performance and make it more customizablebackup
trust mtime without checking ctimeprune
commandrebuild-index
commandcheck
commanddump
command support zip
formatcheck
commandcopy
and prune
Bugfix #1681: Make mount
not create missing mount point directory
When specifying a non-existent directory as mount point for the mount
command, restic used to create the specified directory automatically.
This has now changed such that restic instead gives an error when the specified directory for the mount point does not exist.
Bugfix #1800: Ignore no data available
filesystem error during backup
Restic was unable to backup files on some filesystems, for example certain configurations of CIFS on Linux which return a no data available
error when reading extended attributes. These errors are now ignored.
Bugfix #2563: Report the correct owner of directories in FUSE mounts
Restic 0.10.0 changed the FUSE mount to always report the current user as the owner of directories within the FUSE mount, which is incorrect.
This is now changed back to reporting the correct owner of a directory.
Bugfix #2688: Make backup
and tag
commands separate tags by comma
Running restic backup --tag foo,bar
previously created snapshots with one single tag containing a comma (foo,bar
) instead of two tags (foo
, bar
).
Similarly, the tag
command's --set
, --add
and --remove
options would treat foo,bar
as one tag instead of two tags. This was inconsistent with other commands and often unexpected when one intended foo,bar
to mean two tags.
To be consistent in all commands, restic now interprets foo,bar
to mean two separate tags (foo
and bar
) instead of one tag (foo,bar
) everywhere, including in the backup
and tag
commands.
NOTE: This change might result in unexpected behavior in cases where you use the forget
command and filter on tags like foo,bar
. Snapshots previously backed up with --tag foo,bar
will still not match that filter, but snapshots saved from now on will match that filter.
To replace foo,bar
tags with foo
and bar
tags in old snapshots, you can first generate a list of the relevant snapshots using a command like:
Restic snapshots --json --quiet | jq '.[] | select(contains({tags: ["foo,bar"]})) | .id'
And then use restic tag --set foo --set bar snapshotID [...]
to set the new tags. Please adjust the commands to include real tag names and any additional tags, as well as the list of snapshots to process.
Bugfix #2739: Make the cat
command respect the --no-lock
option
The cat
command would not respect the --no-lock
flag. This is now fixed.
Bugfix #3087: The --use-fs-snapshot
option now works on windows/386
Restic failed to create VSS snapshots on windows/386 with the following error:
GetSnapshotProperties() failed: E_INVALIDARG (0x80070057)
This is now fixed.
Bugfix #3100: Do not require gs bucket permissions when running init
Restic used to require bucket level permissions for the gs
backend in order to initialize a restic repository.
It now allows a gs
service account to initialize a repository if the bucket does exist and the service account has permissions to write/read to that bucket.
Bugfix #3111: Correctly detect output redirection for backup
command on Windows
On Windows, since restic 0.10.0 the backup
command did not properly detect when the output was redirected to a file. This caused restic to output terminal control characters. This has been fixed by correcting the terminal detection.
Bugfix #3151: Don't create invalid snapshots when backup
is interrupted
When canceling a backup run at a certain moment it was possible that restic created a snapshot with an invalid "null" tree. This caused check
and other operations to fail. The backup
command now properly handles interruptions and never saves a snapshot when interrupted.
Bugfix #3166: Improve error handling in the restore
command
The restore
command used to not print errors while downloading file contents from the repository. It also incorrectly exited with a zero error code even when there were errors during the restore process. This has all been fixed and restore
now returns with a non-zero exit code when there's an error.
Bugfix #3232: Correct statistics for overlapping targets
A user reported that restic's statistics and progress information during backup was not correctly calculated when the backup targets (files/dirs to save) overlap. For example, consider a directory foo
which contains (among others) a file foo/bar
. When restic backup foo foo/bar
was run, restic counted the size of the file foo/bar
twice, so the completeness percentage as well as the number of files was wrong. This is now corrected.
Bugfix #3014: Fix sporadic stream reset between rclone and restic
Sometimes when using restic with the rclone
backend, an error message similar to the following would be printed:
Didn't finish writing GET request (wrote 0/xxx): http2: stream closed
It was found that this was caused by restic closing the connection to rclone to soon when downloading data. A workaround has been added which waits for the end of the download before closing the connection.
Bugfix #3152: Do not hang until foregrounded when completed in background
On Linux, when running in the background restic failed to stop the terminal output of the backup
command after it had completed. This caused restic to hang until moved to the foreground. This has now been fixed.
#3152 https://forum.restic.net/t/restic-alpine-container-cron-hangs-epoll-pwait/3334
Bugfix #3249: Improve error handling in gs
backend
The gs
backend did not notice when the last step of completing a file upload failed. Under rare circumstances, this could cause missing files in the backup repository. This has now been fixed.
Change #3095: Deleting files on Google Drive now moves them to the trash
When deleting files on Google Drive via the rclone
backend, restic used to bypass the trash folder required that one used the -o rclone.args
option to enable usage of the trash folder. This ensured that deleted files in Google Drive were not kept indefinitely in the trash folder. However, since Google Drive's trash retention policy changed to deleting trashed files after 30 days, this is no longer needed.
Restic now leaves it up to rclone and its configuration to use or not use the trash folder when deleting files. The default is to use the trash folder, as of rclone 1.53.2. To re-enable the restic 0.11 behavior, set the RCLONE_DRIVE_USE_TRASH
environment variable or change the rclone configuration. See the rclone documentation for more details.
Enhancement #2186: Allow specifying percentage in check --read-data-subset
We've enhanced the check
command's --read-data-subset
option to also accept a percentage (e.g. 2.5%
or 10%
). This will check the given percentage of pack files (which are randomly selected on each run).
Enhancement #2453: Report permanent/fatal backend errors earlier
When encountering errors in reading from or writing to storage backends, restic retries the failing operation up to nine times (for a total of ten attempts). It used to retry all backend operations, but now detects some permanent error conditions so that it can report fatal errors earlier.
Permanent failures include local disks being full, SSH connections dropping and permission errors.
Enhancement #2528: Add Alibaba/Aliyun OSS support in the s3
backend
A new extended option s3.bucket-lookup
has been added to support Alibaba/Aliyun OSS in the s3
backend. The option can be set to one of the following values:
auto
- Existing behaviour - dns
- Use DNS style bucket access - path
- Use path style bucket accessTo make the s3
backend work with Alibaba/Aliyun OSS you must set s3.bucket-lookup
to dns
and set the s3.region
parameter. For example:
Restic -o s3.bucket-lookup=dns -o s3.region=oss-eu-west-1 -r s3:https://oss-eu-west-1.aliyuncs.com/bucketname init
Note that s3.region
must be set, otherwise the MinIO SDK tries to look it up and it seems that Alibaba doesn't support that properly.
Enhancement #2706: Configurable progress reports for non-interactive terminals
The backup
, check
and prune
commands never printed any progress reports on non-interactive terminals. This behavior is now configurable using the RESTIC_PROGRESS_FPS
environment variable. Use for example a value of 1
for an update every second, or 0.01666
for an update every minute.
The backup
command now also prints the current progress when restic receives a SIGUSR1
signal.
Setting the RESTIC_PROGRESS_FPS
environment variable or sending a SIGUSR1
signal prints a status report even when --quiet
was specified.
Enhancement #2944: Add backup
options --files-from-{verbatim,raw}
The new backup
options --files-from-verbatim
and --files-from-raw
read a list of files to back up from a file. Unlike the existing --files-from
option, these options do not interpret the listed filenames as glob patterns; instead, whitespace in filenames is preserved as-is and no pattern expansion is done. Please see the documentation for specifics.
These new options are highly recommended over --files-from
, when using a script to generate the list of files to back up.
Enhancement #3083: Allow usage of deprecated S3 ListObjects
API
Some S3 API implementations, e.g. Ceph before version 14.2.5, have a broken ListObjectsV2
implementation which causes problems for restic when using their API endpoints. When a broken server implementation is used, restic prints errors similar to the following:
List() returned error: Truncated response should have continuation token set
As a temporary workaround, restic now allows using the older ListObjects
endpoint by setting the s3.list-objects-v1
extended option, for instance:
Restic -o s3.list-objects-v1=true snapshots
Please note that this option may be removed in future versions of restic.
Enhancement #3147: Support additional environment variables for Swift authentication
The swift
backend now supports the following additional environment variables for passing authentication details to restic: OS_USER_ID
, OS_USER_DOMAIN_ID
, OS_PROJECT_DOMAIN_ID
and OS_TRUST_ID
Depending on the openrc
configuration file these might be required when the user and project domains differ from one another.
Enhancement #3191: Add release binaries for MIPS architectures
We've added a few new architectures for Linux to the release binaries: mips
, mipsle
, mips64
, and mip64le
. MIPS is mostly used for low-end embedded systems.
Enhancement #909: Back up mountpoints as empty directories
When the --one-file-system
option is specified to restic backup
, it ignores all file systems mounted below one of the target directories. This means that when a snapshot is restored, users needed to manually recreate the mountpoint directories.
Restic now backs up mountpoints as empty directories and therefore implements the same approach as tar
.
Enhancement #3250: Add several more error checks
We've added a lot more error checks in places where errors were previously ignored (as hinted by the static analysis program errcheck
via golangci-lint
).
Enhancement #2718: Improve prune
performance and make it more customizable
The prune
command is now much faster. This is especially the case for remote repositories or repositories with not much data to remove. Also the memory usage of the prune
command is now reduced.
Restic used to rebuild the index from scratch after pruning. This could lead to missing packs in the index in some cases for eventually consistent backends such as e.g. AWS S3. This behavior is now changed and the index rebuilding uses the information already known by prune
.
By default, the prune
command no longer removes all unused data. This behavior can be fine-tuned by new options, like the acceptable amount of unused space or the maximum size of data to reorganize. For more details, please see https://restic.readthedocs.io/en/stable/060_forget.html .
Moreover, prune
now accepts the --dry-run
option and also running forget --dry-run --prune
will show what prune
would do.
This enhancement also fixes several open issues, e.g.: - https://github.com/restic/restic/issues/1140 - https://github.com/restic/restic/issues/1599 - https://github.com/restic/restic/issues/1985 - https://github.com/restic/restic/issues/2112 - https://github.com/restic/restic/issues/2227 - https://github.com/restic/restic/issues/2305
Enhancement #2495: Add option to let backup
trust mtime without checking ctime
The backup
command used to require that both ctime
and mtime
of a file matched with a previously backed up version to determine that the file was unchanged. In other words, if either ctime
or mtime
of the file had changed, it would be considered changed and restic would read the file's content again to back up the relevant (changed) parts of it.
The new option --ignore-ctime
makes restic look at mtime
only, such that ctime
changes for a file does not cause restic to read the file's contents again.
The check for both ctime
and mtime
was introduced in restic 0.9.6 to make backups more reliable in the face of programs that reset mtime
(some Unix archivers do that), but it turned out to often be expensive because it made restic read file contents even if only the metadata (owner, permissions) of a file had changed. The new --ignore-ctime
option lets the user restore the 0.9.5 behavior when needed. The existing --ignore-inode
option already turned off this behavior, but also removed a different check.
Please note that changes in files' metadata are still recorded, regardless of the command line options provided to the backup command.
Enhancement #2941: Speed up the repacking step of the prune
command
The repack step of the prune
command, which moves still used file parts into new pack files such that the old ones can be garbage collected later on, now processes multiple pack files in parallel. This is especially beneficial for high latency backends or when using a fast network connection.
Enhancement #3006: Speed up the rebuild-index
command
We've optimized the rebuild-index
command. Now, existing index entries are used to minimize the number of pack files that must be read. This speeds up the index rebuild a lot.
Additionally, the option --read-all-packs
has been added, implementing the previous behavior.
Enhancement #3048: Add more checks for index and pack files in the check
command
The check
command run with the --read-data
or --read-data-subset
options used to only verify only the pack file content - it did not check if the blobs within the pack are correctly contained in the index.
A check for the latter is now in place, which can print the following error:
Blob ID is not contained in index or position is incorrect
Another test is also added, which compares pack file sizes computed from the index and the pack header with the actual file size. This test is able to detect truncated pack files.
If the index is not correct, it can be rebuilt by using the rebuild-index
command.
Having added these tests, restic check
is now able to detect non-existing blobs which are wrongly referenced in the index. This situation could have lead to missing data.
Enhancement #2433: Make the dump
command support zip
format
Previously, restic could dump the contents of a whole folder structure only in the tar
format. The dump
command now has a new flag to change output format to zip
. Just pass --archive zip
as an option to restic dump
.
Enhancement #3099: Reduce memory usage of check
command
The check
command now requires less memory if it is run without the --check-unused
option.
Enhancement #3106: Parallelize scan of snapshot content in copy
and prune
The copy
and prune
commands used to traverse the directories of snapshots one by one to find used data. This snapshot traversal is now parallized which can speed up this step several times.
In addition the check
command now reports how many snapshots have already been processed.
Enhancement #3130: Parallelize reading of locks and snapshots
Restic used to read snapshots sequentially. For repositories containing many snapshots this slowed down commands which have to read all snapshots.
Now the reading of snapshots is parallelized. This speeds up for example prune
, backup
and other commands that search for snapshots with certain properties or which have to find the latest
snapshot.
The speed up also applies to locks stored in the backup repository.
Enhancement #3254: Enable HTTP/2 for backend connections
Go's HTTP library usually automatically chooses between HTTP/1.x and HTTP/2 depending on what the server supports. But for compatibility this mechanism is disabled if DialContext is used (which is the case for restic). This change allows restic's HTTP client to negotiate HTTP/2 if supported by the server.
Published by fd0 almost 4 years ago
We're very pleased to present you restic 0.11.0! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.11.0 relevant to restic users. The changes are ordered by importance.
self-update --output
placeholder fileBugfix #1212: Restore timestamps and permissions on intermediate directories
When using the --include
option of the restore command, restic restored timestamps and permissions only on directories selected by the include pattern. Intermediate directories, which are necessary to restore files located in sub- directories, were created with default permissions. We've fixed the restore command to restore timestamps and permissions for these directories as well.
Bugfix #1756: Mark repository files as read-only when using the local backend
Files stored in a local repository were marked as writeable on the filesystem for non-Windows systems, which did not prevent accidental file modifications outside of restic. In addition, the local backend did not work with certain filesystems and network mounts which do not permit modifications of file permissions.
Restic now marks files stored in a local repository as read-only on the filesystem on non-Windows systems. The error handling is improved to support more filesystems.
Bugfix #2241: Hide password in REST backend repository URLs
When using a password in the REST backend repository URL, the password could in some cases be included in the output from restic, e.g. when initializing a repo or during an error.
The password is now replaced with "***" where applicable.
Bugfix #2319: Correctly dump directories into tar files
The dump command previously wrote directories in a tar file in a way which can cause compatibility problems. This caused, for example, 7zip on Windows to not open tar files containing directories. In addition it was not possible to dump directories with extended attributes. These compatibility problems are now corrected.
In addition, a tar file now includes the name of the owner and group of a file.
Bugfix #2491: Don't require self-update --output
placeholder file
restic self-update --output /path/to/new-restic
used to require that new-restic was an existing file, to be overwritten. Now it's possible to download an updated restic binary to a new path, without first having to create a placeholder file.
Bugfix #2834: Fix rare cases of backup command hanging forever
We've fixed an issue with the backup progress reporting which could cause restic to hang forever right before finishing a backup.
Bugfix #2938: Fix manpage formatting
The manpage formatting in restic v0.10.0 was garbled, which is fixed now.
Bugfix #2942: Make --exclude-larger-than handle disappearing files
There was a small bug in the backup command's --exclude-larger-than option where files that disappeared between scanning and actually backing them up to the repository caused a panic. This is now fixed.
Bugfix #2951: Restic generate, help and self-update no longer check passwords
The commands restic cache
, generate
, help
and self-update
don't need passwords, but they previously did run the RESTIC_PASSWORD_COMMAND (if set in the environment), prompting users to authenticate for no reason. They now skip running the password command.
Bugfix #2979: Make snapshots --json output [] instead of null when no snapshots
Restic previously output null
instead of []
for the --json snapshots
command, when there were no snapshots in the repository. This caused some minor problems when parsing the output, but is now fixed such that []
is output when the list of snapshots is empty.
Enhancement #2969: Optimize check for unchanged files during backup
During a backup restic skips processing files which have not changed since the last backup run. Previously this required opening each file once which can be slow on network filesystems. The backup command now checks for file changes before opening a file. This considerably reduces the time to create a backup on network filesystems.
Enhancement #340: Add support for Volume Shadow Copy Service (VSS) on Windows
Volume Shadow Copy Service allows read access to files that are locked by another process using an exclusive lock through a filesystem snapshot. Restic was unable to backup those files before. This update enables backing up these files.
This needs to be enabled explicitely using the --use-fs-snapshot option of the backup command.
Enhancement #2849: Authenticate to Google Cloud Storage with access token
When using the GCS backend, it is now possible to authenticate with OAuth2 access tokens instead of a credentials file by setting the GOOGLE_ACCESS_TOKEN environment variable.
Enhancement #1458: New option --repository-file
We've added a new command-line option --repository-file as an alternative to -r. This allows to read the repository URL from a file in order to prevent certain types of information leaks, especially for URLs containing credentials.
Enhancement #2978: Warn if parent snapshot cannot be loaded during backup
During a backup restic uses the parent snapshot to check whether a file was changed and has to be backed up again. For this check the backup has to read the directories contained in the old snapshot. If a tree blob cannot be loaded, restic now warns about this problem with the backup repository.
Published by fd0 about 4 years ago
We're very pleased to present you restic 0.10.0! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.10.0 relevant to restic users. The changes are ordered by importance.
/
find
outputdiff
commandstats --mode restore-size
stats --mode restore-size
restic mount
restic find
--iexclude-file
to backup commandlist blobs
commandBugfix #1863: Report correct number of directories processed by backup
The directory statistics calculation was fixed to report the actual number of processed directories instead of always zero.
Bugfix #2254: Fix tar issues when dumping /
We've fixed an issue with dumping either /
or files on the first sublevel e.g. /foo
to tar. This also fixes tar dumping issues on Windows where this issue could also happen.
Bugfix #2281: Handle format verbs like '%' properly in find
output
The JSON or "normal" output of the find
command can now deal with file names that contain substrings which the Golang fmt
package considers "format verbs" like %s
.
Bugfix #2298: Do not hang when run as a background job
Restic did hang on exit while restoring the terminal configuration when it was started as a background job, for example using restic ... &
. This has been fixed by only restoring the terminal configuration when restic is interrupted while reading a password from the terminal.
Bugfix #2389: Fix mangled json output of backup command
We've fixed a race condition in the json output of the backup command that could cause multiple lines to get mixed up. We've also ensured that the backup summary is printed last.
Bugfix #2390: Refresh lock timestamp
Long-running operations did not refresh lock timestamp, resulting in locks becoming stale. This is now fixed.
Bugfix #2429: Backup --json reports total_bytes_processed as 0
We've fixed the json output of total_bytes_processed. The non-json output was already fixed with pull request #2138 but left the json output untouched.
Bugfix #2469: Fix incorrect bytes stats in diff
command
In some cases, the wrong number of bytes (e.g. 16777215.998 TiB) were reported by the diff
command. This is now fixed.
Bugfix #2518: Do not crash with Synology NAS sftp server
It was found that when restic is used to store data on an sftp server on a Synology NAS with a relative path (one which does not start with a slash), it may go into an endless loop trying to create directories on the server. We've fixed this bug by using a function in the sftp library instead of our own implementation.
The bug was discovered because the Synology sftp server behaves erratic with non-absolute path (e.g. home/restic-repo
). This can be resolved by just using an absolute path instead (/home/restic-repo
). We've also added a paragraph in the FAQ.
Bugfix #2531: Fix incorrect size calculation in stats --mode restore-size
The restore-size mode of stats was counting hard-linked files as if they were independent.
Bugfix #2537: Fix incorrect file counts in stats --mode restore-size
The restore-size mode of stats was failing to count empty directories and some files with hard links.
Bugfix #2592: SFTP backend supports IPv6 addresses
The SFTP backend now supports IPv6 addresses natively, without relying on aliases in the external SSH configuration.
Bugfix #2607: Honor RESTIC_CACHE_DIR environment variable on Mac and Windows
On Mac and Windows, the RESTIC_CACHE_DIR environment variable was ignored. This variable can now be used on all platforms to set the directory where restic stores caches.
Bugfix #2668: Don't abort the stats command when data blobs are missing
Runing the stats command in the blobs-per-file mode on a repository with missing data blobs previously resulted in a crash.
Bugfix #2674: Add stricter prune error checks
Additional checks were added to the prune command in order to improve resiliency to backend, hardware and/or networking issues. The checks now detect a few more cases where such outside factors could potentially cause data loss.
Bugfix #2899: Fix possible crash in the progress bar of check --read-data
We've fixed a possible crash while displaying the progress bar for the check --read-data command. The crash occurred when the length of the progress bar status exceeded the terminal width, which only happened for very narrow terminal windows.
#2899 https://forum.restic.net/t/restic-rclone-pcloud-connection-issues/2963/15
Change #2482: Remove vendored dependencies
We've removed the vendored dependencies (in the subdir vendor/
). When building restic, the Go compiler automatically fetches the dependencies. It will also cryptographically verify that the correct code has been fetched by using the hashes in go.sum
(see the link to the documentation below).
#2482 https://golang.org/cmd/go/#hdr-Module_downloading_and_verification
Change #2546: Return exit code 3 when failing to backup all source data
The backup command used to return a zero exit code as long as a snapshot could be created successfully, even if some of the source files could not be read (in which case the snapshot would contain the rest of the files).
This made it hard for automation/scripts to detect failures/incomplete backups by looking at the exit code. Restic now returns the following exit codes for the backup command:
Change #2600: Update dependencies, require Go >= 1.13
Restic now requires Go to be at least 1.13. This allows simplifications in the build process and removing workarounds.
This is also probably the last version of restic still supporting mounting repositories via fuse on macOS. The library we're using for fuse does not support macOS any more and osxfuse is not open source any more.
Change #1597: Honor the --no-lock flag in the mount command
The mount command now does not lock the repository if given the --no-lock flag. This allows to mount repositories which are archived on a read only backend/filesystem.
Enhancement #1570: Support specifying multiple host flags for various commands
Previously commands didn't take more than one --host
or -H
argument into account, which could be limiting with e.g. the forget
command.
The dump
, find
, forget
, ls
, mount
, restore
, snapshots
, stats
and tag
commands will now take into account multiple --host
and -H
flags.
Enhancement #1680: Optimize restic mount
We've optimized the FUSE implementation used within restic. restic mount
is now more responsive and uses less memory.
Enhancement #2072: Display snapshot date when using restic find
Added the respective snapshot date to the output of restic find
.
Enhancement #2175: Allow specifying user and host when creating keys
When adding a new key to the repository, the username and hostname for the new key can be specified on the command line. This allows overriding the defaults, for example if you would prefer to use the FQDN to identify the host or if you want to add keys for several different hosts without having to run the key add command on those hosts.
Enhancement #2277: Add support for ppc64le
Adds support for ppc64le, the processor architecture from IBM.
Enhancement #2395: Ignore sync errors when operation not supported by local filesystem
The local backend has been modified to work with filesystems which doesn't support the sync
operation. This operation is normally used by restic to ensure that data files are fully written to disk before continuing.
For these limited filesystems, saving a file in the backend would previously fail with an "operation not supported" error. This error is now ignored, which means that e.g. an SMB mount on macOS can now be used as storage location for a repository.
#2395 https://forum.restic.net/t/sync-errors-on-mac-over-smb/1859
Enhancement #2427: Add flag --iexclude-file
to backup command
The backup command now supports the flag --iexclude-file
which is a case-insensitive version of --exclude-file
.
Enhancement #2569: Support excluding files by their size
The backup
command now supports the --exclude-larger-than
option to exclude files which are larger than the specified maximum size. This can for example be useful to exclude unimportant files with a large file size.
Enhancement #2571: Self-heal missing file parts during backup of unchanged files
We've improved the resilience of restic to certain types of repository corruption.
For files that are unchanged since the parent snapshot, the backup command now verifies that all parts of the files still exist in the repository. Parts that are missing, e.g. from a damaged repository, are backed up again. This verification was already run for files that were modified since the parent snapshot, but is now also done for unchanged files.
Note that restic will not backup file parts that are referenced in the index but where the actual data is not present on disk, as this situation can only be detected by restic check. Please ensure that you run restic check
regularly.
Enhancement #2858: Support filtering snapshots by tag and path in the stats command
We've added filtering snapshots by --tag tagList
and by --path path
to the stats
command. This includes filtering of only 'latest' snapshots or all snapshots in a repository.
#2858 #2859 https://forum.restic.net/t/stats-for-a-host-and-filtered-snapshots/3020
Enhancement #323: Add command for copying snapshots between repositories
We've added a copy command, allowing you to copy snapshots from one repository to another.
Note that this process will have to read (download) and write (upload) the entire snapshot(s) due to the different encryption keys used on the source and destination repository. Also, the transferred files are not re-chunked, which may break deduplication between files already stored in the destination repo and files copied there using this command.
To fully support deduplication between repositories when the copy command is used, the init command now supports the --copy-chunker-params
option, which initializes the new repository with identical parameters for splitting files into chunks as an already existing repository. This allows copied snapshots to be equally deduplicated in both repositories.
Enhancement #551: Use optimized library for hash calculation of file chunks
We've switched the library used to calculate the hashes of file chunks, which are used for deduplication, to the optimized Minio SHA-256 implementation.
Depending on the CPU it improves the hashing throughput by 10-30%. Modern x86 CPUs with the SHA Extension should be about two to three times faster.
Enhancement #2195: Simplify and improve restore performance
Significantly improves restore performance of large files (i.e. 50M+): https://github.com/restic/restic/issues/2074 https://forum.restic.net/t/restore-using-rclone-gdrive-backend-is-slow/1112/8 https://forum.restic.net/t/degraded-restore-performance-s3-backend/1400
Fixes "not enough cache capacity" error during restore: https://github.com/restic/restic/issues/2244
NOTE: This new implementation does not guarantee order in which blobs are written to the target files and, for example, the last blob of a file can be written to the file before any of the preceeding file blobs. It is therefore possible to have gaps in the data written to the target files if restore fails or interrupted by the user.
The implementation will try to preallocate space for the restored files on the filesystem to prevent file fragmentation. This ensures good read performance for large files, like for example VM images. If preallocating space is not supported by the filesystem, then this step is silently skipped.
Enhancement #2328: Improve speed of check command
We've improved the check command to traverse trees only once independent of whether they are contained in multiple snapshots. The check command is now much faster for repositories with a large number of snapshots.
Enhancement #2423: Support user@domain parsing as user
Added the ability for user@domain-like users to be authenticated over SFTP servers.
Enhancement #2576: Improve the chunking algorithm
We've updated the chunker library responsible for splitting files into smaller blocks. It should improve the chunking throughput by 5-15% depending on the CPU.
Enhancement #2598: Improve speed of diff command
We've improved the performance of the diff command when comparing snapshots with similar content. It should run up to twice as fast as before.
Enhancement #2599: Slightly reduce memory usage of prune and stats commands
The prune and the stats command kept directory identifiers in memory twice while searching for used blobs.
Enhancement #2733: S3 backend: Add support for WebIdentityTokenFile
We've added support for EKS IAM roles for service accounts feature to the S3 backend.
Enhancement #2773: Optimize handling of new index entries
Restic now uses less memory for backups which add a lot of data, e.g. large initial backups. In addition, we've improved the stability in some edge cases.
Enhancement #2781: Reduce memory consumption of in-memory index
We've improved how the index is stored in memory. This change can reduce memory usage for large repositories by up to 50% (depending on the operation).
Enhancement #2786: Optimize list blobs
command
We've changed the implementation of list blobs
which should be now a bit faster and consume almost no memory even for large repositories.
Enhancement #2790: Optimized file access in restic mount
Reading large (> 100GiB) files from restic mountpoints is now faster, and the speedup is greater for larger files.
Enhancement #2840: Speed-up file deletion in forget, prune and rebuild-index
We've sped up the file deletion for the commands forget, prune and rebuild-index, especially for remote repositories. Deletion was sequential before and is now run in parallel.
Published by fd0 almost 5 years ago
We're very pleased to present you restic 0.9.6! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.3, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can easily reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.9.6 relevant to restic users. The changes are ordered by importance.
--group-by
accept both singular and pluralBugfix #2063: Allow absolute path for filename when backing up from stdin
When backing up from stdin, handle directory path for --stdin-filename
. This can be used to specify the full path for the backed-up file.
Bugfix #2174: Save files with invalid timestamps
When restic reads invalid timestamps (year is before 0000 or after 9999) it refused to read and archive the file. We've changed the behavior and will now save modified timestamps with the year set to either 0000 or 9999, the rest of the timestamp stays the same, so the file will be saved (albeit with a bogus timestamp).
Bugfix #2249: Read fresh metadata for unmodified files
Restic took all metadata for files which were detected as unmodified, not taking into account changed metadata (ownership, mode). This is now corrected.
Bugfix #2301: Add upper bound for t in --read-data-subset=n/t
256 is the effective maximum for t, but restic would allow larger values, leading to strange behavior.
Bugfix #2321: Check errors when loading index files
Restic now checks and handles errors which occur when loading index files, the missing check leads to odd errors (and a stack trace printed to users) later. This was reported in the forum.
#2321 https://forum.restic.net/t/check-rebuild-index-prune/1848/13
Enhancement #2179: Use ctime when checking for file changes
Previously, restic only checked a file's mtime (along with other non-timestamp metadata) to decide if a file has changed. This could cause restic to not notice that a file has changed (and therefore continue to store the old version, as opposed to the modified version) if something edits the file and then resets the timestamp. Restic now also checks the ctime of files, so any modifications to a file should be noticed, and the modified file will be backed up. The ctime check will be disabled if the --ignore-inode flag was given.
If this change causes problems for you, please open an issue, and we can look in to adding a seperate flag to disable just the ctime check.
Enhancement #2306: Allow multiple retries for interactive password input
Restic used to quit if the repository password was typed incorrectly once. Restic will now ask the user again for the repository password if typed incorrectly. The user will now get three tries to input the correct password before restic quits.
Enhancement #2330: Make --group-by
accept both singular and plural
One can now use the values host
/hosts
, path
/paths
and tag
/ tags
interchangeably in the --group-by
argument.
Enhancement #2350: Add option to configure S3 region
We've added a new option for setting the region when accessing an S3-compatible service. For some providers, it is required to set this to a valid value. You can do that either by setting the environment variable AWS_DEFAULT_REGION
or using the option s3.region
, e.g. like this: -o s3.region="us-east-1"
.
Published by fd0 over 5 years ago
We're very pleased to present you restic 0.9.5! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.3, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can easily reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
The following sections list the changes in restic 0.9.5 relevant to restic users. The changes are ordered by importance.
backup --stdin
Bugfix #2135: Return error when no bytes could be read from stdin
We assume that users reading backup data from stdin want to know when no data could be read, so now restic returns an error when backup --stdin
is called but no bytes could be read. Usually, this means that an earlier command in a pipe has failed. The documentation was amended and now recommends setting the pipefail
option (set -o pipefail
).
Bugfix #2181: Don't cancel timeout after 30 seconds for self-update
Bugfix #2203: Fix reading passwords from stdin
Passwords for the init
, key add
, and key passwd
commands can now be read from non-terminal stdin.
Bugfix #2224: Don't abort the find command when a tree can't be loaded
Change the find command so that missing trees don't result in a crash. Instead, the error is logged to the debug log, and the tree ID is displayed along with the snapshot it belongs to. This makes it possible to recover repositories that are missing trees by forgetting the snapshots they are used in.
Enhancement #1895: Add case insensitive include & exclude options
The backup and restore commands now have --iexclude and --iinclude flags as case insensitive variants of --exclude and --include.
Enhancement #1937: Support streaming JSON output for backup
We've added support for getting machine-readable status output during backup, just pass the flag --json
for restic backup
and restic will output a stream of JSON objects which contain the current progress.
Enhancement #2155: Add Openstack application credential auth for Swift
Since Openstack Queens Identity (auth V3) service supports an application credential auth method. It allows to create a technical account with the limited roles. This commit adds an application credential authentication method for the Swift backend.
Enhancement #2184: Add --json support to forget command
The forget command now supports the --json argument, outputting the information about what is (or would-be) kept and removed from the repository.
Enhancement #2037: Add group-by option to snapshots command
We have added an option to group the output of the snapshots command, similar to the output of the forget command. The option has been called "--group-by" and accepts any combination of the values "host", "paths" and "tags", separated by commas. Default behavior (not specifying --group-by) has not been changed. We have added support of the grouping to the JSON output.
Enhancement #2124: Ability to dump folders to tar via stdout
We've added the ability to dump whole folders to stdout via the dump
command. Restic now requires at least Go 1.10 due to a limitation of the standard library for Go <= 1.9.
Enhancement #2139: Return error if no bytes could be read for backup --stdin
When restic is used to backup the output of a program, like mysqldump | restic backup --stdin
, it now returns an error if no bytes could be read at all. This catches the failure case when mysqldump
failed for some reason and did not output any data to stdout.
Enhancement #2205: Add --ignore-inode option to backup cmd
This option handles backup of virtual filesystems that do not keep fixed inodes for files, like Fuse-based, pCloud, etc. Ignoring inode changes allows to consider the file as unchanged if last modification date and size are unchanged.
Enhancement #2220: Add config option to set S3 storage class
The s3.storage-class
option can be passed to restic (using -o
) to specify the storage class to be used for S3 objects created by restic.
The storage class is passed as-is to S3, so it needs to be understood by the API. On AWS, it can be one of STANDARD
, STANDARD_IA
, ONEZONE_IA
, INTELLIGENT_TIERING
and REDUCED_REDUNDANCY
. If unspecified, the default storage class is used (STANDARD
on AWS).
You can mix storage classes in the same bucket, and the setting isn't stored in the restic repository, so be sure to specify it with each command that writes to S3.