On Wed, 02 Aug 2006 10:44:18 -0400
Rob Morin <[EMAIL PROTECTED]> wrote:
Well I'm quite new in linux and maybe others users will tell you you
shouldn't give www-data a sudo permission. Anyway, If you wan't
backuppc to backup your localhost, the user how runs backuppc needs root
permissions to reach some system files.
I don't think adding these lines to sudoers introduce many security
risk because you give root permission only for the /bin/tar program (or
the /bin/rsync).
Of course it would be better to run backuppc as a special user. If you
have problem using sperl, I saw on that you can run a special instance
of apache under another user, specially for backuppc. Maybe that would
be more secure.
> I had to use the user www-data as the backup user , because there is
> a problem for me to use sperl on all my debian systems for some
> reason.... Now if i add www-data to sudoers( which my apache runs as)
> does this introduce a security issue?
>
> Thanks...
>
> Rob Morin
> Dido InterNet Inc.
> Montreal, Canada
> Http://www.dido.ca
> 514-990-4444
>
>
>
> daniel berteaud wrote:
> > Hello, I worked on the integration of backuppc to SME server
> > distribution. I use it to save several host including the localhost.
> > For the localhost, I use this per pc config:
> >
> > ##### start of the per pc config #####
> >
> > $Conf{TarShareName} = ['/'];
> >
> > $Conf{BackupFilesExclude}=['/proc','/sys','/dev','/tmp','/home/e-smith/files/ibays/backup'];
> >
> > $Conf{XferMethod} = 'tar';
> >
> > $Conf{TarClientCmd} = '/usr/bin/sudo'
> > . ' $tarPath -c -v -f - -C $shareName'
> > . ' --totals';
> >
> > $Conf{TarFullArgs} = '$fileList';
> >
> > $Conf{CompressLevel} = 3;
> >
> > $Conf{TarIncrArgs} = '--newer=$incrDate $fileList';
> >
> > $Conf{TarClientRestoreCmd} = '/usr/bin/sudo'
> > . ' $tarPath -x -p --numeric-owner --same-owner'
> > . ' -v -f - -C $shareName+';
> >
> > ##### end of the per pc config #####
> >
> > For this to work, you need to allow the backuppc user to run tar
> > with sudo. I use this line in /etc/sudoers:
> >
> > backuppc ALL=(root) NOPASSWD:/bin/tar
> >
> > I hope this can help.
> >
> >
> > On Tue, 01 Aug 2006 08:33:19 -0400
> > Rob Morin <[EMAIL PROTECTED]> wrote:
> >
> >
> >> Hello all , i am new to this list....
> >>
> >> I was looking around the archives for a method of backing up the
> >> localhost. I could not find anything for a newbie.... i did come
> >> across a small email about using a conf file named localhost.pl
> >> that was suppose to be in the package, however i did not see it in
> >> my tarball...
> >>
> >> Can some one suggest hat i should do or point me to some docs...
> >>
> >> Thanks
> >>
> >> Have a great day!
> >>
> >> Rob Morin
> >> Dido InterNet Inc.
> >> Montreal, Canada
> >> Http://www.dido.ca
> >> 514-990-4444
> >>
--
Daniel Berteaud
FIREWALL-SERVICES SARL.
Société de Services en Logiciels Libres
Technopôle Montesquieu
33650 MARTILLAC
Tel : 05 56 64 15 32
Fax : 05 56 64 82 05
Mail: [EMAIL PROTECTED]
Web : http://www.firewall-services.com
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
BackupPC-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/
