[Dirvish] Permissions and access
dirvish at hunsperger.com
Thu Jun 9 11:45:01 PDT 2005
On Thu, Jun 09, 2005 at 12:25:28PM -0600, Ben Luey wrote:
> Correct me if I'm wrong, but my understanding of how Dirvish works is that
> the backup server logins into the server to be backed up as root and
> rsync's the data.
This is how I run it. You can also run an rsync daemon on your server
to be backed up, that exports all files you want to back up. If you go
this route, make sure you prevent other hosts from accessing that rsync
daemon, unless you want all your files exposed.
> I don't want to give my backup server root access to my
> main server. Is there a way to push the data from the main server instead
> of pulling it from the backup server? Eg: a daily cron job on the main
> server that sends the data to the backup server (and logins in to the
> backup server as a non-root user)?
On the backup server, Dirvish must run with root privs. This is the only
way to preserve file ownership, as Dirvish uses the file system directly,
rather than storing meta-data.
Dirvish does not support pushing out-of-the-box. If you really want to
push, you could rsync your main server to a special partition on your
backup server, then configure Dirvish to backup this special partition.
Even here, you would lose file ownership data unless the push was done
as a root user on the backup server. This is really hackish though.
In my setup, my backup server is much more secure than my backed-up
servers, so logging into the other servers as root isn't a problem.
However, if you are really concerned about this, you could set up an
account on your main server (with uid 0), but that has a restricted
shell. This would allow you to only allow the specific commands Dirvish
needs to run (rsync with options, and your post-client / pre-client
commands), and deny everything else. Note: I haven't done this, but it
should work (tm). I eventually want to go down this route myself, as it
is implicitly more secure.
More information about the Dirvish