Hi. On Thu, Nov 15, 2018 at 01:12:35PM +1300, Richard Hector wrote: > On 15/11/18 7:26 AM, Reco wrote: > >> but leaves you open to cryptolocker ransomware & various 'oh shit!' > >> moments when I do something stupid. Offline & offsite is worth a > >> certain amount of inconvenience to me. > > Nope. Because: > > > > a) You do not do backups as a regular user. > > b) You do not keep a single backup. > > How do you prevent access to the older backups? A cron job updating > /etc/exports on the server?
You meant "how do I prevent users' access to backups"? Filesystem permissions on NFS server solve it for me. Ordinary user has no business both reading or $DEITY forbid, writing to backups. Or you meant "how do I prevent a backup user from overwriting old backups"? An incron script that moves completed (as in "file closed") backup to a different directory. Reco
