I've got a backup script which runs every night from crontab. It copies a load of folders from various parts of a server (a Qnap TS-809, so not a full-fat distro of Linux) into a folder called BACKUP, compresses them, then rsync's these to a remote server. One of the first things it has to do is remove the previous night's folders from BACKUP, because I want to start fresh each night (ie not merge with anything that has since been deleted). So I have the dreaded command:
rm -r /share/Somefolder/BACKUP/share/
(/share is the root folder, and I'm copying folders into BACKUP with their --parents to preserve file paths and avoid collisions)
Obviously, this is a dicey way to do it, as (I'm guessing?) the script currently runs as root. I've created a special user for backups, and the ideal thing would be that it can only delete folders it created, so in the unlikely event that the script got altered to be, for example,
or something, only the folders that the backup user had created by copying them would be wiped.
(I'm kind of guessing my way here, so please correct me if I'm wrong on any of this!)
I can "su" to the backup user if I'm in a shell, but is there a way to execute the rm and copy commands as the backup user, so the folders are locked down a bit?
Thanks in advance!