Linux Permissions – Run Rsync Replication Script as Non-Root User

file-serverlinuxpermissionsrsync

How can I run an rsync backup/replication script in a user other than root while preserving permissions? This is a multi-user fileserver, where each user has a *nix account for permissions.

Running with the root user poses obvious security risk – especially when you are using passwordless ssh keys to do it automatically.

But running in a user other than root (like a backup user with full group permissions to the data directories), has problems setting permissions because only the owner or root can change permissions.

In a perfect world, the production server user would only have read-only access.

Thanks!

Best Answer

You can use fakeroot -s:

   -s save-file
          Save  the  fakeroot  environment to save-file on exit. This file
          can be used to restore the environment later using -i.  However,
          this  file will leak and fakeroot will behave in odd ways unless
          you leave the files touched inside the fakeroot alone when  out‐
          side the environment. Still, this can be useful. For example, it
          can be used with rsync(1) to back up and restore whole directory
          trees  complete  with user, group and device information without
          needing to be  root.  See  /usr/share/doc/fakeroot/README.saving
          for more details.

Related Solutions

Safe rsync with no passwords between two systems

You are right that passwordless root login on either your live machine(s) or your backup machine(s) is a bad idea - if someone gains access to one side they immediately have access to the other so can damage both your live data and online backups at the same time.

The fakeroot option should work fine if your to-be-backed-up servers are pushing updates to those storing the backups and you just need to add --fake-super to the rsync command line and make sure that the filesystem at the receiving end supports extended attributes.

Another option is to introduce an intermediate machine that both the live and backup servers have key-base root logins to. That was the live machines can push backups to the intermediate machine with rsync and afterwards the backup machines can pull them down, without either live or backup machines being able to login to each other at all, never mind as root. The intermediate machine doesn't need to be able to authenticate with either live or backup servers either. The intermediate server only needs enough space to hold the ltest versions of everything (i.e. the data stored on the backup servers including snapshots from different times could be several times larger than the intermediate server can store.

Of course it goes without saying that as well as disallowing key-based root login between servers you make sure that the root (and other) passwords all differ from machine to machine too.

Linux – How to use SetUID on a shell script to run as a non-root user

You can configure sudo to allow people to run a command as a specific no root user too e.g. in sudoers

user1   (ALL) = (appuser) /path/to/yourapp

would allow the user user1 to run your app as appuser with

sudo -u appuser /path/to/yourapp

Similarly

%somegroup    (ALL) = (appuser) /path/to/yourapp

in sudoers would allow the users in the group somegroup to run you app as appuser with

sudo -u appuser /path/to/yourapp

Best Answer

Related Solutions

Safe rsync with no passwords between two systems

Linux – How to use SetUID on a shell script to run as a non-root user

Related Topic