It finally dawned on me last night that the rsyncd daemon issue was that it
was running as the user "nobody"

Everything else was set correctly at the server so I changed the
rsyncd.conf file and set "uid = root".

One of the things I did was go through the rsync mailing list archives and
found someone else having a similar issue. Changing the uid setting was the
fix as long as the --perms position is double-checked at the server rsync
configuration to ensure that is also set.

The big issue, of course, is the permissions setup (drwx------) on the
clients for the /home directory but unfortunately that cannot be changed.

So, testing now and I see, tailing the log/messages file that my home
directory is now being backed up :)

I know this is technically a security issue but if someone cracks into the
server, that will be the least of my worries :)

I appreciate all the feedback, Les (and the rest). Half the problem is
having someone to talk the issue through with and you helped a lot in
forcing me to double-check *everything* to include (finally, last night)
what user the rsyncd daemon was running as. By default on RedHat, Fedora,
and probably others, it is running as the user "nobody" which did not work
in my case.

The next step is to be able to make sure a restore works within home
directories, but I think the setting of rsyncd to run as root has solved
the problem.

Simple, isn't it... arrgh

Thanks again for your remote eyeballs and reminders.

Best Regards,

John C.

On Tue, Apr 16, 2024 at 9:43 AM Les Mikesell <lesmikes...@gmail.com> wrote:

> On Tue, Apr 16, 2024 at 2:12 AM John Cusick <jcus...@gmail.com> wrote:
> >
> > I would have thought that the "sudo /usr/bin/rsync" would give the rsync
> executable root level access but I guess not. Something has appeared to
> have changed from 6 years ago and I'm not sure what it is.
> >
> > (again, the sudoers file reads: "backuppc ALL= NOPASSWD:/usr/bin/rsync" )
>
> When you are running rsync as a daemon, the permissions are entirely
> controlled by the startup options and config file and the authorized
> user setup has nothing to do with local users or sudoers.  The daemon
> needs to run as root to access most files and even then Selinux can
> prevent access.  Try disabling Selinux to see if that allows access.
>
> --
>   Les Mikesell
>     lesmikes...@gmail.com
>
>
> _______________________________________________
> BackupPC-users mailing list
> BackupPC-users@lists.sourceforge.net
> List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki:    https://github.com/backuppc/backuppc/wiki
> Project: https://backuppc.github.io/backuppc/
>
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    https://github.com/backuppc/backuppc/wiki
Project: https://backuppc.github.io/backuppc/

Reply via email to