[vox-tech] Backup User Permissions

timriley at appahost.com timriley at appahost.com
Mon Jan 24 14:38:14 PST 2011


> -------- Original Message --------
> Subject: [vox-tech] Backup User Permissions
> From: Alex Mandel <tech_dev at wildintellect.com>
> Date: Mon, January 24, 2011 1:27 pm
> To: lugod's technical discussion forum <vox-tech at lists.lugod.org>
> 
> 
> So I'm trying to setup automated remote backup of some files from
> machine1 to machine2 using something simple like rsync. What I'm having
> trouble figuring out is what user to run it as and how to get that user
> the correct permissions.
> 
> In the example use case I want to copy my Apache logs over to a 2nd
> machine to run awstats on it without putting much of a load on the
> actual web server. I was thinking of creating a "backup" user,
> generating a passphraseless key and then rsync on a cron timer.
> Should this user be a system user (below 1000) or a regular user (above
> 1000), since it needs a key I would assume it needs to be a regular user
> with a home directory?

A regular user. (Actually, the user number doesn't matter.)
I recommend, also, to create a group with the same name.
Make sure the user id and group id are the same on
both machines.

> 
> Question 2 is how do I make sure it has permissions to read the logs?
> It appears that most of /var/log/apache2 files are root:adm but some are
> root:root. If they were all g+r for adm then just adding my backup user
> to the adm group should work?

It's best to set the log directory's group to apache's group and then
turn on the directory's write permissions for the group. Something like:

cd /var/log/apache2
sudo chmod g+rwxs .
sudo chmod o-rwx .
ls -lad .
drwxrws--- 2 root www-data 4096 2011-01-24 08:11

Finally, add your backup user to the www-data group in /etc/group.

> 
> Looks like I need to go figure out why some logs have a different group.

With the "chmod g+s ." command, you're telling the filesystem to assign
to all new files the group www-data, since www-data is the group of
the directory.


> 
> Thanks,
> Alex
> _______________________________________________
> vox-tech mailing list
> vox-tech at lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech



More information about the vox-tech mailing list