zfs send/recv not working though ssh
Hello,
I've been trying to use the zfs send/recv using ssh. According to the Sun Documentation you can do this: Code:
host1# zfs send pool/mydata@111207 | ssh host2 zfs recv pool/bkup/mydatabkup Code:
host1# zfs send pool/mydata@111207 | ssh user1@host2 zfs recv pool/bkup/mydatabkup Code:
host1$ zfs send pool/mydata@111207 | ssh host2 zfs recv pool/bkup/mydatabkup -C NOTE: My boss won't allow me to open up ssh for root...in case some of you tell me to do that :) (I already thought of that) |
This isn't really a zfs issue, it's just you aren't allowed to remotely execute a command as root.
You can simply use a temporary file on either side. Of course, you'll need some free disk space for that. |
True, I am not allowed to execute the command on the other side (I already knew that) :)
But here is what Sun says (documentation); this is verbatim: Code:
The most common use of the zfs send command is to save a copy of a snapshot and receive the Am I missing something? -C |
Quote:
|
The sample commands clearly expect you to be able to ssh as root, which you can't by local policy.
|
Quote:
So if you can't ssh into a machine as root by default (becasue it's a security risk), why is it "clear" that that's the way they (Sun) want you to do it? I don't think it's as "clear" as you made it seem. Solaris has always been known for being stable and secure. Why would they change that for this particular command, and throw away ALL security (being drastic there...but you get my point :))? My command is faulty (I know that...why else would I post); But just because you don't think there's a way besides allowing root to ssh, doesn't mean that that's the only answer. With all due respect, -C |
Quote:
Code:
host1# zfs send pool/mydata@111207 | ssh user1@host2 su - root -c "zfs recv pool/bkup/mydatabkup" -C |
Quote:
|
Quote:
I'm writing the script right now...I'll see what happens...(how do I start?...hmmm...maybe #!/bin/ksh :)) With all due respect... :) -C |
Quote:
|
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
- Delegating ZFS administration rights for this particular filesystem to a non root user by using the zfs allow [mount/create/receive] subcommand, should you use a recent enough Solaris release (build 69 and newer). http://blogs.sun.com/marks/entry/zfs...administration - Giving the remote user "Primary Administrator" profile. - Giving the remote user "ZFS File System Management" profile. - Granting the remote user the minimum set of privileges required for the command to succeed. - Using "sudo" or similar command. - Using a suid wrapper |
Quote:
The zfs allow command is what I was looking...Here I what I got: Code:
global:/<29># zfs allow Code:
global:/<37># cat /etc/release Code:
global:/<38># man zfs | grep allow Code:
global:/<48># zfs set Too bad opensolaris isn't stable enough (at least for my taste) to put it into a production environment. Oh well...I guess the best thing I can do is use zfs send to a file; scp that file to host2, then zfs get from the file on host2. (I guess I can script that somehow...) Thanks all for your help -C |
SOLVED...well...sort of...
Hey all...
I've solved my send/recv woes using rsh. I know rsh isn't encrypted but my boss says it's ok (for whatever reason). Side note: ZFS send uses standard out so it can be redirected to almost anything.... :) HAPPY ZFSing! -C |
All times are GMT -5. The time now is 02:13 AM. |