Re: [Hampshire] Re: Automating rsync to run as root

Russell Gadd wrote:
> Hi All,
>
> Thanks very much for your replies to my post. The obvious answer was to use
> sudo. Or su, but I think this may be not as secure? Anyway I have modified
> my script to use sudo rsync which now works fine. I was a bit nonplussed by
> having to use visudo but fortunately my copy of Debian popped up nano
> instead of vi - my nephew has some experience of Linux and had previously
> recommended learning a bit of vi but I'll leave that to another time. In
> sudoers I used an entry of
> russell ALL=(ALL) ALL
> I'll think about reducing this to only allow rsync to be run as root,
> something like ?
> russell ALL=(root) /usr/bin/rsync
> The advantage of the first one is that I can use sudo at other times without
> logging in to a terminal as root, but I think maybe this sudo power is more
> risky than just allowing my limited user account to only run rsync as root.

[snip the other bits...}
> Stuart, I could post my script but as it now works ok with sudo it seems
> unnecessary to burden you with it. I need to run rsync as root simply
> because otherwise it refuses to sync the vfat partitions. "You can mount a
> vfat filesystem with a specific UID" - this is some more stuff I need to
> look at - maybe my vfat setup is wrong. This would be the best solution if
> it turns out that I don't need to run rsync as root.

For the sake of completeness (and because I am sat around with little
else to do today) something like this:
mount -t vfat /dev/hda7 /mnt/backup -o uid=500 (and even gid=500)

although the -t vfat may not be necessary
this means that user 500 (or whatever you choose) owns all the files on
that filesystem - you no longer need root privs to write to it.

IMHO anything that does not explicitly need to run as root shouldn't. :)

Regards

ps despite the length, it would have been nice to see the script anyway.

Stuart
--
Stuart Sears RHCA RHCX
To err is human, to forgive is Not Company Policy.