Using as Library

Navigation:  Backup Providers Integration >

Using as Library

Previous pageReturn to chapter overviewNext page

Restoring Infected Files

 

The main purpose of the library is to search for uninfected files and to restore them as a replacement for infected ones. The function responsible for that is located in a module restore_infected.restore:

 

restore_infected(backend, files, until=None, scan_func=scan)

 

Where:

 

backend is a backend plugin module;

files is a list of files to scan and restore;

until filters the backups before specified date;

scan_func is a function that scans files for malware. It takes a list of files and returns the list of infected ones, by default it uses the function scan from the same module.

 

For example restore_infected can be called like this:

 

from restore_infected import backup_backends

from restore_infected.restore import restore_infected

from restore_infected.helpers import DateTime

 

plesk = backup_backends.backend('plesk')

 

def my_scan(files):

  infected = []

  # scan files here

  return infected

 

restore_infected(

plesk,

"/var/www/vhosts/u1.pl7.cloudlinux.com/httpdocs/index.php",

until=DateTime("9 Aug 2017"),

scan_func=my_scan)

 

Operating With Backend

 

A backend plugin can be imported directly from restore_infected.backup_backends. Every plugin has a function called backups which returns the list of objects each of which is representing a backup, and might have optional functions init and/or cleanup which initialize and cleanup the plugin respectively.

 

In the following example let’s print out all backups. For plesk in the following example the init function is not needed so we can call backups right away:

 

from restore_infected import backup_backends

plesk = backup_backends.backend('plesk')

for backup in plesk.backups():

       print(backup)

 

This will give us the following list of backups:

 

/var/lib/psa/dumps/clients/u3/domains/u3.pl7.cloudlinux.com/backup_info_1708080701_1708090501.xml

/var/lib/psa/dumps/clients/u1/domains/u1.pl7.cloudlinux.com/backup_info_1708090500.xml

<...>

/var/lib/psa/dumps/clients/u1/domains/u1.pl7.cloudlinux.com/backup_info_1707070347_1707070353.xml

/var/lib/psa/dumps/clients/u1/domains/u1.pl7.cloudlinux.com/backup_info_1707070347.xml

 

backups has an optional parameter until of restore_infected.helpers.DateTime. To filter out backups from 9 Aug 2017 till now the code can be changed like this:

 

from restore_infected import backup_backends

plesk = backup_backends.backend('plesk')

from restore_infected.helpers import DateTime

for backup in plesk.backups(DateTime("9 Aug 2017")):

       print(backup)

 

 

Operating With Backup

 

In the previous step we printed out some backups. Every backup entry regardless of the plugin also has a field created which tells when the actual backup was created. It makes backups comparable.

 

Example:

 

backups = plesk.backups()

print(backups[4].created)

print(backups[5].created)

print(backups[4] > backups[5])

Which gives us:

2017-08-08 07:01:00

2017-08-08 07:00:00

True

 

Operating With File in Backup

 

A method file_data returns a representation of a file in this backup as an instance of a class (hereafter this class is referenced to FileData):

 

print(backup.file_data('/var/www/vhosts/u1.pl7.cloudlinux.com/httpdocs/index.php'))

 

Output:

 

<FileData(

fileobj=<ExFileObject name='/var/lib/psa/dumps/clients/u1/domains/u1.pl7.cloudlinux.com/backup_user-data_1708080700.tgz'>,

filename='/var/www/vhosts/u1.pl7.cloudlinux.com/httpdocs/index.php',

size=418,

mtime=datetime.datetime(2013, 9, 24, 20, 18, 11)

>

 

where mtime is the time of the last modification of a file.

 

Besides these fields, FileData also has a method restore. If destination is passed as a parameter then the file is restored and saved in specified folder saving the directory hierarchy. The default destination is ‘/’ which means that the file is restored to the place of its origin.

 

Example:

 

from restore_infected import backup_backends

plesk = backup_backends.backend('plesk')

backups = plesk.backups()

filedata = \

backups[5].file_data('/var/www/vhosts/u1.pl7.cloudlinux.com/httpdocs/index.php')

filedata.restore('/home/user/restored_files')

 

It gives no output if zero errors occurred and creates 'var/...' directories in '/home/user/restored_files' with a restored file.

 

From now on Acronis backend supports provision=True/False (by default False) and force=True/False (by default False) options for init action, to install Acronis backend agent. Use force to reinstall agent if it is already present.

 

As of version 1.2-1, Acronis init takes optional argument tmp_dir to specify temporal directory for installing Acronis backup client.

 

Example:

 

from restore_infected import backup_backends

acronis = backup_backends.backend('acronis')

acronis.init(name, password, provision=True, force=True, tmp_dir=None)

 

login_url action for return URL to log in to Acronis Web-interface.

 

 Example:

 

 from restore_infected import backup_backends

 acronis = backup_backends.backend('acronis')

 token = acronis.login_url()

 

login_url action for refreshing authentication token.

 

 Example:

 

 from restore_infected import backup_backends

 acronis = backup_backends.backend('acronis')

 acronis.refresh_token()

 

info action to return region, schedule and used storage space in JSON format.

 

 Example:

 

 from restore_infected import backup_backends

 acronis = backup_backends.backend('acronis')

 info = acronis.info()

 {'schedule': {...}, 'usage': 17890969600, 'region': 'eu2'}

 

make_initial_backup makes initial backup after Acronis backup client is installed. By default it does not wait for the backup completion. To wait for the backup to be completed use option trace=True. When such an option is on, current completion percentage is being outputted to log file (by default /var/restore_infected/acronis_backup.log. Returns True if backup is successful and False otherwise.

 

 Example:

 

 from restore_infected import backup_backends

 acronis = backup_backends.backend('acronis')

 acronis.make_initial_backup(trace=False)