Hi, I am currently setting up a backup script for the /home directory of a server. I send all the files on a remote machine through LAN connection using rsync to optimize bandwidth usage. The script is run as root on the server by a cron job but rsync connects to the remote machine as a normal user via an ssh key certificate. This leads to many "permission denied" errors, as the server side can read files (as root), but cannot create them on the receiving side. rsync -azSHe ssh --delete --numeric-ids /home backup@backup:/mnt/backup/ Is there an option to ignore only such errors? I have read the man page over and over but i could not find anything to suit my needs. thanks -- Sayan
Ron DuFresne
2003-Dec-23 07:26 UTC
getting rid of "permission denied" partial transfer errors
sure avoid all perm/user issues by making the whole server suid. seen kids do that when they tired of having to su - root on their linux systems. The alternative would be to enable ssh for root for those particular cron jobs <make sure the sshd_config is edited to disable this mischeif after the job has run> and send and recieve as root on both ends, and set the proper rsync switch to retain onwers/perms . Thanks, Ron DuFresne Sayan wrote:> Hi, > > I am currently setting up a backup script for the /home directory of a > server. I send all the files on a remote machine through LAN > connection using rsync to optimize bandwidth usage. > > The script is run as root on the server by a cron job but rsync > connects to the remote machine as a normal user via an ssh key > certificate. This leads to many "permission denied" errors, as the > server side can read files (as root), but cannot create them on the > receiving side. > > rsync -azSHe ssh --delete --numeric-ids /home backup@backup:/mnt/backup/ > > Is there an option to ignore only such errors? I have read the man > page over and over but i could not find anything to suit my needs. > > thanks >-- Ron DuFresne ITS Unix Group 919-871-6466 -- ITS policy requires the following notice: E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties by an authorized state official.
jw schultz
2003-Dec-23 07:29 UTC
getting rid of "permission denied" partial transfer errors
On Mon, Dec 22, 2003 at 09:11:26PM +0100, Sayan wrote:> Hi, > > I am currently setting up a backup script for the /home directory of a > server. I send all the files on a remote machine through LAN connection > using rsync to optimize bandwidth usage. > > The script is run as root on the server by a cron job but rsync connects > to the remote machine as a normal user via an ssh key certificate. This > leads to many "permission denied" errors, as the server side can read > files (as root), but cannot create them on the receiving side. > > rsync -azSHe ssh --delete --numeric-ids /home backup@backup:/mnt/backup/ > > Is there an option to ignore only such errors? I have read the man page > over and over but i could not find anything to suit my needs.Strange clustering: two people with the same problem. Why ignore the errors? They are meaningfull unless you don't really care about whether the backups are any good. If you insist on doing it this way go to the backup server and chown the relevant file set to the account used. Then review your rsync arguments and eliminate any that are in conflict with running was a normal user: -a, -o, --numeric-ids, and probably -g -- ________________________________________________________________ J.W. Schultz Pegasystems Technologies email address: jw@pegasys.ws Remember Cernan and Schmitt
Ron DuFresne wrote:> sure avoid all perm/user issues by making the whole server suid. seen > kids do that when they tired of having to su - root on their linux systems. >this command is only one line extracted from a script. Syncing of other files require root privileges one the server side, eg squid logs.> The alternative would be to enable ssh for root for those particular > cron jobs <make sure the sshd_config is edited to disable this mischeif > after the job has run> and send and recieve as root on both ends, and > set the proper rsync switch to retain onwers/perms . >i have tried to refrain from being root on both systems. ;-) The backup machine is quite paranoid, access is restricted by firewall filtering of the MAC/IP pairs. It would be quite disappointing to allow remote root access. I am having trouble with user/group matching, too, as a consequence. -- Sayan>> I am currently setting up a backup script for the /home directory of a >> server. I send all the files on a remote machine through LAN >> connection using rsync to optimize bandwidth usage. >> >> The script is run as root on the server by a cron job but rsync >> connects to the remote machine as a normal user via an ssh key >> certificate. This leads to many "permission denied" errors, as the >> server side can read files (as root), but cannot create them on the >> receiving side. >> >> rsync -azSHe ssh --delete --numeric-ids /home backup@backup:/mnt/backup/ >> >> Is there an option to ignore only such errors? I have read the man >> page over and over but i could not find anything to suit my needs. >>
jw schultz
2003-Dec-23 08:25 UTC
getting rid of "permission denied" partial transfer errors
On Mon, Dec 22, 2003 at 10:14:05PM +0100, Sayan wrote:> Ron DuFresne wrote: > >sure avoid all perm/user issues by making the whole server suid. seen > >kids do that when they tired of having to su - root on their linux systems. > > > this command is only one line extracted from a script. Syncing of other > files require root privileges one the server side, eg squid logs. > > >The alternative would be to enable ssh for root for those particular > >cron jobs <make sure the sshd_config is edited to disable this mischeif > >after the job has run> and send and recieve as root on both ends, and > >set the proper rsync switch to retain onwers/perms . > > > i have tried to refrain from being root on both systems. ;-) > The backup machine is quite paranoid, access is restricted by firewall > filtering of the MAC/IP pairs. It would be quite disappointing to allow > remote root access. > I am having trouble with user/group matching, too, as a consequence.It is good for a backup server to be paranoid. That is why dirvish pulls. It is much harder to be secure and push.> > -- > Sayan > > >>I am currently setting up a backup script for the /home directory of a > >>server. I send all the files on a remote machine through LAN > >>connection using rsync to optimize bandwidth usage. > >> > >>The script is run as root on the server by a cron job but rsync > >>connects to the remote machine as a normal user via an ssh key > >>certificate. This leads to many "permission denied" errors, as the > >>server side can read files (as root), but cannot create them on the > >>receiving side. > >> > >>rsync -azSHe ssh --delete --numeric-ids /home backup@backup:/mnt/backup/ > >> > >>Is there an option to ignore only such errors? I have read the man > >>page over and over but i could not find anything to suit my needs. > >> > -- > To unsubscribe or change options: > http://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html >-- ________________________________________________________________ J.W. Schultz Pegasystems Technologies email address: jw@pegasys.ws Remember Cernan and Schmitt