From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NBBHz-0003NS-5b for garchives@archives.gentoo.org; Thu, 19 Nov 2009 17:59:27 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 52636E09CE; Thu, 19 Nov 2009 17:58:22 +0000 (UTC) Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by pigeon.gentoo.org (Postfix) with ESMTP id 2750AE09CE for ; Thu, 19 Nov 2009 17:58:22 +0000 (UTC) Received: from compute1.internal (compute1.internal [10.202.2.41]) by gateway1.messagingengine.com (Postfix) with ESMTP id F26A8C0BBD for ; Thu, 19 Nov 2009 12:58:21 -0500 (EST) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute1.internal (MEProxy); Thu, 19 Nov 2009 12:58:21 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=messagingengine.com; h=subject:from:to:in-reply-to:references:content-type:date:message-id:mime-version:content-transfer-encoding; s=smtpout; bh=B9r78pJ37qVB5YbJVPI7Q6LQXAA=; b=a2s6c08hcgnbPnBHvJ+Zi4aMmvOSZY5G27O3HUH2gda8iJbq2NRg6GPpcxB5G8FR86D669wppHoafGH7x80ebhW8wHaWlU8RcGpqIJlNiuL3CgA+8+OBBE2IDpN/RiCPsPkBYXkBp/fyhiQwxzcCeLO6OQstnaZmluQ0pKIRZlQ= X-Sasl-enc: 97wF0PRD2JEtsmrPGBhrg2jnT3S4wYnkmjY5WSrjxIsd 1258653501 Received: from [192.168.31.12] (cpe-069-134-183-088.nc.res.rr.com [69.134.183.88]) by www.fastmail.fm (Postfix) with ESMTPSA id 9CC7D4B3C1A for ; Thu, 19 Nov 2009 12:58:21 -0500 (EST) Subject: Re: [gentoo-user] rsync backup system From: Albert Hopkins To: gentoo-user@lists.gentoo.org In-Reply-To: <49bf44f10911190844i5cb77185me60d5eb44ff2bfc7@mail.gmail.com> References: <49bf44f10911190844i5cb77185me60d5eb44ff2bfc7@mail.gmail.com> Content-Type: text/plain; charset="UTF-8" Date: Thu, 19 Nov 2009 12:58:20 -0500 Message-ID: <1258653500.169135.45.camel@centar> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.28.1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 57a879f2-f0c9-4547-8449-3e4964f054f1 X-Archives-Hash: 691d3c6d66197e607b658a0217ddc874 On Thu, 2009-11-19 at 08:44 -0800, Grant wrote: > I just finished an rsync backup system that works like this: > > Each of 4 Gentoo systems contains a folder called "backup" which > contains symlinks to local files and folders for backup. 2 of the > systems contain a folder called "sync" which contains the contents of > the "backup" folder for each of the 4 systems. 3 of the systems rsync > with one of the "sync" systems, and that system rsyncs with the other > "sync" system. > > I've got a few questions for you guys about this. > > 1. I back up the entire /etc folder of each system, and some files > have read-only permissions. This means I get "permission denied" when > I try to rsync them. How would you handle this? I've never had this problem. You should only need read permissions to copy a file: $ touch this $ chmod 0400 this $ rsync -a this that $ /bin/cp -f /etc/issue this $ chmod 0400 this $ rsync -a this that $ ls -l this that 4.0K -r-------- 1 percy users 3 Nov 19 12:38 that 4.0K -r-------- 1 percy users 3 Nov 19 12:38 this > 2. Some of the files I back up only allow root to read. I can run > rsync as root on each system, but I don't allow root logins. This > means in order to rsync the second "sync" system with the first "sync" > system, I must run the rsync command from the first "sync" system. > This means I have to run rsyncd on the second "sync" system in > addition to the first "sync" system. I'd rather only run one instance > of rsyncd. Can anyone think of another option? > Well if #1 was not run as root then this is where you have problems. And you will continue to have problems if you don't copy as root or some user who has at least read access to all the files on each source and can also preserve ownership/permissions on the target system. Like... root. ssh. Why are you using rsyncd anyway? AFAIK rsyncd is not encrypted. You can allow a non-root user to ssh in and run rsync as root via a proxy command. You can also configure sshd to only allow root to log in and execute a particular command (such as rsync). See PermitRootLogin and ForcedCommand under ssh_config(5) > 3. The rsync process always completes with "rsync error: some > files/attrs were not transferred". How can I get more information > about which files this pertains to? It should spit it out to stderr. If you using -v they probably scrolled by. Redirect stderr to a file. If you are running rsync as non-root then it can't preserve ownership and some perms. If you are using extended attributes/ACLs and did not tell rsync to use them (or comple support in) or if the target system does not support them then they will not be transferred. > > 4. Should I be comfortable running the entire sync operation every > night, or am I jeopardizing the longevity of my HDs? > This is a joke. > 5. If I end up with filesystem corruption on the SRC system, will that > corruption transfer over to the DST system during an rsync, or will > the transfer just fail? > If the filesystem returns an error to rsync then rsync will error out. Simple as that. If the file is currupt (not the filesystem) then, standard garbage-in/garbage-out rules apply. > 6. Can I run rsyncd on a system facing the internet without fear? No. Rsyncd is not encrypted (see above) also the authentication is weak (see the man page). Use ssh. It's more secure and had better lock-down mechanisms. Better yet, use a VPN and ssh through the VPN (double authentication (and encryption)).