Re: [Server-devel] Backup of user home
On Tue, Sep 15, 2009 at 3:25 PM, Raul Gutierrez Segales wrote: > But how will a non-root user be able to read the backup files > at /library/users give the following permissions: Look at the acls for a hint. Apache can already read those files :-) But your post points out an important distinction - My reply was about avoiding running as root on the backup server itself -- usage of fakeroot helps *there*. - Your question is about root on the target XS. By using acls creatively (maybe set them on cronjob), Rodolfo can run his backups with the remote process logging in as a non-root user (a 'backup' user). So with these 2 tricks, the whole operation avoids root on both ends of the connection. cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Backup of user home
On Tue, 2009-09-15 at 11:45 +0200, Martin Langhoff wrote: > - Given that you are running your rsync from the backup server, it > will be easy to run it under fakeroot. Look at the fakeroot manpage, > you'll find that it can keep its metadata. With that, you'll preserve > metadata (owner/grp, acls, etc) without needing to be root. > But how will a non-root user be able to read the backup files at /library/users give the following permissions: drwxr-x---+ 28 SHC84900AAB SHC84900AAB 4096 2009-09-11 15:18 SHC84900AAB drwxr-x---+ 16 SHC84900AAE SHC84900AAE 4096 2009-08-31 16:19 SHC84900AAE Is there a way to tune the (Journal) backup scripts to create those files with friendlier permission mode? Raúl ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Backup of user home
Hello: > Interesting task. You aren't telling us much about your setup -- > specifically, how is the network conn between your XSs and your backup > server? > We're using the same ISP with public IPs on each schoolserver.. we rsync + ssh to a remote internet server so their not on the same network "per se" > Ok, so are you using dsd's script, or a modified version of it? If you > are using dsd's script unmodified, it sounds like your are getting 2 > copies of the 'users' dir. > Not really.. I based my script on the dsd script in the way that instead of zipping all of it y just put it in the same directory (not even .tar) so later this directory along with the /library/users/ directory can be rsync. We tryed not to use tar.gz beacuse the files would be to big, and we are more interested in doing incremental backup rather then full backup every time > - Make sure you are doign things in an rsync-smart way. For example: > don't rsync a tar.gz of the users' directory > yeap - Given that you are running your rsync from the backup server, it > will be easy to run it under fakeroot. Look at the fakeroot manpage, > you'll find that it can keep its metadata. With that, you'll preserve > metadata (owner/grp, acls, etc) without needing to be root. > I'll check this out and get back to you cheers.. -- Rodolfo ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Backup of user home
Hi Rodolfo, On Mon, Sep 14, 2009 at 9:26 PM, Rodolfo D. wrote: > I'm working on a backup and restore feature for our schoolservers, and I got > stuck on home directories of laptops Interesting task. You aren't telling us much about your setup -- specifically, how is the network conn between your XSs and your backup server? > The backup works like this.. based on the backup script provided by dsd, and > also based on our specific features.. I placed all important data in a > directory "/library/backup" (wich can later be tar, ziped, and in our case > rsync-ed), and its being done by a cron job Ok, so are you using dsd's script, or a modified version of it? If you are using dsd's script unmodified, it sounds like your are getting 2 copies of the 'users' dir. > On a centralized backup server.. we have a script that PULLS the > /library/backup of each server, so main configs are being saved without much > hassle.. But when it comes to user directories, it lack permissions, because > the /library/users/SN directory has no read permissions for others > > how would you recomend that we do this? Ok, so the backup server connects to each XS via ssh+rsync, right? My recommendations are as follows: - Make sure you are doign things in an rsync-smart way. For example: don't rsync a tar.gz of the users' directory - Given that you are running your rsync from the backup server, it will be easy to run it under fakeroot. Look at the fakeroot manpage, you'll find that it can keep its metadata. With that, you'll preserve metadata (owner/grp, acls, etc) without needing to be root. hth, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Backup of user home
On Sep 15, 2009, at 1:12 AM, Raul Gutierrez Segales wrote: > On Mon, 2009-09-14 at 19:43 -0400, John Watlington wrote: >> You are correct. Since your backup script by definition needs to >> read ALL data, >> regardless of ownership or permissions, you will have to run it with >> superuser >> priviledges. > > Unless, if this isn't a huge security hole, we can relax permissions > (i.e. chmod -R g+r /library/users and reconfigure whatever creates > users > backups with ownership SN:SN to use SN:wheel). So you go around modifying the group of all the user's files. That is assuming that nothing on the XO cares about group or group permission, isn't it ? >> Why don't you consider using the rsync server, instead of invoking it >> through a user ? >> > > What is the advantage of doing this instead of a pull using rsync > thourgh ssh as proposed by Rodolfo? That the rsync server would run as > root (hence we would have access to the whole filesystem)? Not at all. An rsync server can be configured to only expose parts of the filesystem, and can expose them read-only if desired. Enabling a pull using rsync through ssh allows a lot of other nastiness to be performed if cracked, not just reading the user's data. wad > > Raúl > > >> John >> >> >> On Sep 14, 2009, at 3:26 PM, Rodolfo D. wrote: >> >>> Hello: >>> >>> I'm working on a backup and restore feature for our schoolservers, >>> and I got stuck on home directories of laptops >>> >>> The backup works like this.. based on the backup script provided by >>> dsd, and also based on our specific features.. I placed all >>> important data in a directory "/library/backup" (wich can later be >>> tar, ziped, and in our case rsync-ed), and its being done by a cron >>> job >>> >>> On a centralized backup server.. we have a script that PULLS the / >>> library/backup of each server, so main configs are being saved >>> without much hassle.. But when it comes to user directories, it >>> lack permissions, because the /library/users/SN directory has no >>> read permissions for others >>> >>> how would you recomend that we do this? >>> >>> My first thought was to simply just add recursive read permissions >>> to the user folder.. but that doesn't take security in mind.. >>> perhaps there's another way >>> >>> for now our pull works like this: >>> >>> r...@backupserver ~ $ rsync u...@schoolserver:/library/backup/ / >>> backup/schoolserver/backup/ >>> r...@backupserver ~ $ rsync u...@schoolserver:/library/users/ / >>> backup/schoolserver/users/ >>> >>> r...@backupserver ~ $ rsync us...@schoolserver2:/library/backup/ / >>> backup/schoolserver/backup/ >>> r...@backupserver ~ $ rsync us...@schoolserver2:/library/users/ / >>> backup/schoolserver/users/ >>> >>> Doing a push as a cron job from the server was a second idea, but >>> the backup server does "other" things so security in the backup >>> server is very important >>> >>> Any ideas? >>> >>> cheers.. >>> >>> -- >>> Rodolfo >>> >>> ___ >>> Server-devel mailing list >>> Server-devel@lists.laptop.org >>> http://lists.laptop.org/listinfo/server-devel >> >> ___ >> Server-devel mailing list >> Server-devel@lists.laptop.org >> http://lists.laptop.org/listinfo/server-devel >> > ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Backup of user home
On Tue, Sep 15, 2009 at 01:12:24AM -0400, Raul Gutierrez Segales wrote: > On Mon, 2009-09-14 at 19:43 -0400, John Watlington wrote: > > > > Why don't you consider using the rsync server, instead of invoking it > > through a user ? > > > > What is the advantage of doing this instead of a pull using rsync > thourgh ssh as proposed by Rodolfo? That the rsync server would run as > root (hence we would have access to the whole filesystem)? Other advantages are performance ... rsync by itself on a network runs better than rsync over SSH, because of the eliminated cryptographic processing, the shorter initial startup, and the slightly smaller packets. Try each method and measure the result. rsync server can be set up to use the root UID in read-only mode, and include a password to prevent easy theft of content by hosts other than those authorised. But it is not as secure as SSH with pre-shared keys. -- James Cameron http://quozl.linux.org.au/ ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Backup of user home
On Mon, 2009-09-14 at 19:43 -0400, John Watlington wrote: > You are correct. Since your backup script by definition needs to > read ALL data, > regardless of ownership or permissions, you will have to run it with > superuser > priviledges. Unless, if this isn't a huge security hole, we can relax permissions (i.e. chmod -R g+r /library/users and reconfigure whatever creates users backups with ownership SN:SN to use SN:wheel). > > Why don't you consider using the rsync server, instead of invoking it > through a user ? > What is the advantage of doing this instead of a pull using rsync thourgh ssh as proposed by Rodolfo? That the rsync server would run as root (hence we would have access to the whole filesystem)? Raúl > John > > > On Sep 14, 2009, at 3:26 PM, Rodolfo D. wrote: > > > Hello: > > > > I'm working on a backup and restore feature for our schoolservers, > > and I got stuck on home directories of laptops > > > > The backup works like this.. based on the backup script provided by > > dsd, and also based on our specific features.. I placed all > > important data in a directory "/library/backup" (wich can later be > > tar, ziped, and in our case rsync-ed), and its being done by a cron > > job > > > > On a centralized backup server.. we have a script that PULLS the / > > library/backup of each server, so main configs are being saved > > without much hassle.. But when it comes to user directories, it > > lack permissions, because the /library/users/SN directory has no > > read permissions for others > > > > how would you recomend that we do this? > > > > My first thought was to simply just add recursive read permissions > > to the user folder.. but that doesn't take security in mind.. > > perhaps there's another way > > > > for now our pull works like this: > > > > r...@backupserver ~ $ rsync u...@schoolserver:/library/backup/ / > > backup/schoolserver/backup/ > > r...@backupserver ~ $ rsync u...@schoolserver:/library/users/ / > > backup/schoolserver/users/ > > > > r...@backupserver ~ $ rsync us...@schoolserver2:/library/backup/ / > > backup/schoolserver/backup/ > > r...@backupserver ~ $ rsync us...@schoolserver2:/library/users/ / > > backup/schoolserver/users/ > > > > Doing a push as a cron job from the server was a second idea, but > > the backup server does "other" things so security in the backup > > server is very important > > > > Any ideas? > > > > cheers.. > > > > -- > > Rodolfo > > > > ___ > > Server-devel mailing list > > Server-devel@lists.laptop.org > > http://lists.laptop.org/listinfo/server-devel > > ___ > Server-devel mailing list > Server-devel@lists.laptop.org > http://lists.laptop.org/listinfo/server-devel > ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Backup of user home
You are correct. Since your backup script by definition needs to read ALL data, regardless of ownership or permissions, you will have to run it with superuser priviledges. Why don't you consider using the rsync server, instead of invoking it through a user ? John On Sep 14, 2009, at 3:26 PM, Rodolfo D. wrote: > Hello: > > I'm working on a backup and restore feature for our schoolservers, > and I got stuck on home directories of laptops > > The backup works like this.. based on the backup script provided by > dsd, and also based on our specific features.. I placed all > important data in a directory "/library/backup" (wich can later be > tar, ziped, and in our case rsync-ed), and its being done by a cron > job > > On a centralized backup server.. we have a script that PULLS the / > library/backup of each server, so main configs are being saved > without much hassle.. But when it comes to user directories, it > lack permissions, because the /library/users/SN directory has no > read permissions for others > > how would you recomend that we do this? > > My first thought was to simply just add recursive read permissions > to the user folder.. but that doesn't take security in mind.. > perhaps there's another way > > for now our pull works like this: > > r...@backupserver ~ $ rsync u...@schoolserver:/library/backup/ / > backup/schoolserver/backup/ > r...@backupserver ~ $ rsync u...@schoolserver:/library/users/ / > backup/schoolserver/users/ > > r...@backupserver ~ $ rsync us...@schoolserver2:/library/backup/ / > backup/schoolserver/backup/ > r...@backupserver ~ $ rsync us...@schoolserver2:/library/users/ / > backup/schoolserver/users/ > > Doing a push as a cron job from the server was a second idea, but > the backup server does "other" things so security in the backup > server is very important > > Any ideas? > > cheers.. > > -- > Rodolfo > > ___ > Server-devel mailing list > Server-devel@lists.laptop.org > http://lists.laptop.org/listinfo/server-devel ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] Backup of user home
Hello: I'm working on a backup and restore feature for our schoolservers, and I got stuck on home directories of laptops The backup works like this.. based on the backup script provided by dsd, and also based on our specific features.. I placed all important data in a directory "/library/backup" (wich can later be tar, ziped, and in our case rsync-ed), and its being done by a cron job On a centralized backup server.. we have a script that PULLS the /library/backup of each server, so main configs are being saved without much hassle.. But when it comes to user directories, it lack permissions, because the /library/users/SN directory has no read permissions for others how would you recomend that we do this? My first thought was to simply just add recursive read permissions to the user folder.. but that doesn't take security in mind.. perhaps there's another way for now our pull works like this: r...@backupserver ~ $ rsync u...@schoolserver:/library/backup/ /backup/schoolserver/backup/ r...@backupserver ~ $ rsync u...@schoolserver:/library/users/ /backup/schoolserver/users/ r...@backupserver ~ $ rsync us...@schoolserver2:/library/backup/ /backup/schoolserver/backup/ r...@backupserver ~ $ rsync us...@schoolserver2:/library/users/ /backup/schoolserver/users/ Doing a push as a cron job from the server was a second idea, but the backup server does "other" things so security in the backup server is very important Any ideas? cheers.. -- Rodolfo ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel