I want to try Btrfs. I've already found that you can make a snapshot of a live system but there are a few thing I haven't found answers for. Well, as I understand a snapshot basically a full copy in archive form of some sort. So can I make a snapshot of my live btrfs system and place that snapshot on my non btrfs hard drive (ext4, for example)?
Also, I'm running full disk encryption (luks). Are snapshots going to be encrypted if I transfer them somewhere? Do snapshots copy actual data from the partition itself (in that case it's going to be encrypted obviously) or it works differently?
Also, how are btrfs snapshots protected from read acess? Can other users read snapshots? Or only root? Is it managable?
Best Answer
A snapshot (in this sense) is a part of the filesystem. In btrfs terminology, it's a subvolume — it's one of the directory trees on the volume. It isn't in “archive form”. Making a snapshot of a subvolume creates a new subvolume which contains the data of the original volume at the date the snapshot was made. Subsequent writes to the original subvolume don't affect the snapshot and vice versa. All subvolumes are part of the same volume — they designate subsets (potentially overlapping) of the data in the volume.
The parts of the snapshot that haven't been modified in either subvolume share their storage. Creating a snapshot initially requires no storage except for the snapshot control data; the amount of storage increases over time as the content of the subvolumes diverge.
The most important property of snapshot creation is that it's atomic: it takes a picture of the data at a point in time. This is useful to make backups: if the backup program copies files from the live system, it might interact poorly with modifications to the files. For example, if a file is moved from directory A to directory B, but the backup program traversed B before the move and A after the move, the file wouldn't be included in the backup. Snapshots solve this problem: the file will be in A if the snapshot is made before the move and in B if it's made after, but either way it will be there. Then the backup program can copy from the snapshot to the external media.
Since the snapshot is on the same volume as the original, it's stored in the same way, e.g. it's encrypted if the volume is encrypted.
A snapshot reproduces the original directory tree, including permissions and all other metadata. So the permissions are the same as the original. In addition, users must be able to access the snapshot directory itself. If you don't want users to be able to access a snapshot at all, create it under a directory that they can't access (you can place the snapshot anywhere you want).
If you want to make a copy of the snapshot outside the filesystem, access or mount the snapshot then make a copy with your favorite program (
cp,rsync, etc.). You can find sample commands in the btrfs wiki; see the manual page for a full reference.