Add option to check for bit rot during backup creation

[oysols]

There is currently no way of knowing if the original files deteriorate.

restic backup skips files based on mod time. Bit rot will not be detected at all, but the backup will contain the original file. If the owner modifies the file without discovering that the file is degraded, or restic backup --force is run, restic will happily backup the new file. At the time when the owner discovers that the file is degraded, it will be very hard to find and recover the correct bits. Worst case scenario, the file is lost due to backup pruning.

restic backup --force hashes all files, regardless of mod time. Bit rot will result in a new hash, and restic will interpret this as a normal modification and backup the file. The owner will be none the wiser, and will similarly have problems when the bit rot is detected.

I suggest implementing a third option, similar to restic backup --force that checks mod time to determine if the file has been changed intentionally. If the file is modified without a modified mod time it would log or err out.

(This could also be extended to verify other meta data, such as checking that the modified date is not earlier than the one recorded in the previous backup.)

This might be out of the scope of a backup program, but if we are already hashing the files, and recording the previous hashes, most of the work is already done.

[zcalusic]

You're completely right about that @oysols. And I don't think it is out of scope of restic, to check full integrity of the data it saved.

I only think this should be implemented via check command, check --full or similar. But, a good idea, definitely. 👍

[fd0]

Great idea, implementation will need to be discussed. Thanks for reporting this!

[applestump]

Great idea! +1

[ehzastrow]

+1

[bjoe2k4]

+1

[awehrfritz]

+1

[midnightmagic]

Intermediate functionality which would support this could be a dump of file hashes which users can just feed to sha256sum -c; or even just a textual retrieval of hash chunks so users like myself can write our own utilities to verify against the chunks. Use case is verifying file system files after a crash or a detected drive failure and data restoration on backups which are larger than half the size of the underlying storage and/or over a network where network hashing would be unnecessarily slow.

Really really love restic. With even just a pathway to a sum-based way to verify client drive contents it would essentially be feature-complete for someone like myself.

Much obliged for all the work you all have done. Wonderful software.

[midnightmagic]

There's a secondary utility of a more user-accessible interface to the hash tree structure on a file-and-directory basis: it might also be used for generating existence proofs for timestamping in something like OpenTimestamp. A restic backup having extra utility for proving the historical existence of the backed-up contents would be pretty spectacular. :-)

[scvnc]

Found this thread while searching for ideas on how to do bitrot detection without needing to be an enterprise sysadmin with an expensive NAS.

I concur, if hashing is already being done then most of the work is already done :)