Sunday, May 3, 2015

rsync backup remote server maintaining groups and owner




This might seem like a problem that should have been covered millions of times but I am running into issues that after days of scouring the net, I still can fix.



I have a remote server that I want to backup in its entirety. I am running rsync from a local machine with a user seb that has access to the server over ssh with a public rsa key. The remote has two users, seb and git each with its own folder. User seb is sudoer on the remote.



The command that I have been running from the localhost



sudo rsync -av --rsync-path="sudo /usr/bin/rsync" seb@remote:/ /path/to/backup/



This runs fine in terms of authentication and permissions. I have to run remotely as root with sudo, because otherwise I get a permission denied on stuff owned by root and git.



I run locally as root with sudo because rsync manual states that in order to preserve group and owner settings as is done with the -a flag, the receiving user should be root.



However after rsync is finished the group and owner for the git owned files are changed to rtkit and bluetooth respectively. Now I presume that it only fails for git user and not for root and seb since the latter two users exist on both machines.



Is there a way to keep the group and owner settings without creating the user git on the local machine?



p.s. for full disclosure, since I am not sure if it would matter, but I don't expect so, I am running rsync over a non standard port with -e "ssh -p PORT"


Answer




Most likely user 'git' and user 'rtkit' share the same UID(or GID) on both machines. So the files are being saved with the correct UID/GID but that maps to different user names on each machine. Check /etc/passwd and /etc/group on the 2 machines to see where the UID / name mappings overlap.



If this is just a backup, it really doesn't matter what the UID / GID mapping is, when you have to restore the backup to the original machine the mappings will be back to the names you use on machine 1.



To fix it, you would have to sync your users / groups between both machines. Or switch to using centralized logins with LDAP or NIS or SMB.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...