rsync with permissions, but not as root

nifflerX · 07-06-2005, 11:55 AM

Hi,

I'm running linux redhat Enterprise WS v.4 and I'm trying to use rsync to backup some data. In the past I've been able to run a rsync command and using the built-in ssh feature move the data to another machine. Since I ran the rsync as root I was able to keep all the permissions, time stamps and other information about the files being backed up. However, now I'm trying to setup a more permanent system and I'm a little wary about running a process like this as root each night. So, I guess my question is two-fold. The first part is, is there a way to run a rsync backup, not as root, but still keep all the permissions, ownership, and time stamp information? The second part is, if it's not possible, is is pretty safe to run this operation as root? Thanks very much.

-NifflerX

Dark_Helmet · 07-07-2005, 09:13 PM

Short answers:
1) No, it's not possible. Only the superuser account can change file ownership and permissions for all files
2) You're worrying too much. Running rsync as root is perfectly fine. Consider this: your mail daemon is running as root all day, everyday.

Longer answer:
1) It could be possible to do the ownership and permissions business as a non-root user with the help of sudo, but it overly complicates matters (in my opinion). You create a special user to run the rsync process; the account is disabled from logging in at all (login shell of /bin/false for example). You run the rsync script as this user. Once the rsync completes, the rest of the script goes about changing file ownership and permissions using sudo. You configure sudo to allow the rsync user to run those commands as root and without a password since only root can change those attributes and no password because you don't want to enter that for every file you copied over. I don't know about anything to maintain timestamps...

There may be a much simpler way of accomplishing the above without running as root, but I think you're overly worried about it.

chakkerz · 07-08-2005, 03:04 AM

Dark Helmet is right

it only becomes an issue if there is an exploitable bug in rsync (and there always is), so when a bug is discovered it might be an idea to update rsync. But in the meantime, you're secure.

Besides you still have a firewall between the servers and the rest of the world.

nifflerX · 07-08-2005, 09:11 AM

Thanks so much for putting my mind at ease. I'll just make sure to keep rsync up to date. Thanks again.

-NifflerX

The Hound · 09-28-2011, 11:10 PM

I see this is a very old thread, and I'm pretty much a noob, but there are legitimate reasons for wanting to do this. My VPS was hacked and I had to disable root login. (It is exponentially harder to guess both a user name and a password than just to guess root's password.) Now I'm stuck as to how to backup my data. I'll try "hard way" as described above and pray for the best.

corp769 · 09-28-2011, 11:14 PM

Quote:

Originally Posted by The Hound

I see this is a very old thread, and I'm pretty much a noob, but there are legitimate reasons for wanting to do this. My VPS was hacked and I had to disable root login. (It is exponentially harder to guess both a user name and a password than just to guess root's password.) Now I'm stuck as to how to backup my data. I'll try "hard way" as described above and pray for the best.

Hello,

Please don't dig up old threads, especially thread-jacking someone elses thread. If you have a question, search the forums first for an answer, and if you have no luck, then by all means create a new thread.

Thanks,

Josh