Hi, Simon Fishley wrote on 2009-03-30 12:42:36 +0200 [[BackupPC-users] BackupPC on OpenSolaris]: > I have been trying to get this added to the Wiki on SourceForge but it > refuses to save my changes. Here then is a guide to installing > BackupPC on OpenSolaris10. Please will someone try and get it onto > the wiki?
I have been trying to find the time to do so for a few days, but I haven't got around to it yet. Still, there is one thing I want to point out: > INSTALL BACKUPPC on SOLARIS (running onSunOS 5.10 Generic_138889-05 > i86pc i386 i86pc). **Credit for all this hard work goes to Garith > Dugmore - THE Solaris Man.** > [...] > * For the next step hit enter for the defaults except for: > > /opt/csw/bin/perl configure.pl > > 1. --> BackupPC should run as user [backuppc]? nobody I think it is a really bad idea to run BackupPC as user nobody. There seems to be no reason not to create a 'backuppc' user. As far as I understand it, the 'nobody' user is used for daemons that do not need to own any files or access any specially protected files. This is not the case for BackupPC. The whole pool (all your backup data) is owned by BackupPC. If someone manages to gain 'nobody' privileges (!) on your system, they can read and even write to all of your backup data. True, the same holds for 'backuppc' privileges if you use that user, but the 'nobody' user is used for other services as well, possibly including services that are not much trusted. After all, if your service cannot be attacked and abused, why not just run it as 'root'? You lower the privileges to what is needed as a safeguard, and 'nobody' is a sort of "least-privilege-pool" for services that are supposed to have no privileges at all (but suddenly they do: they can read the BackupPC pool). root NFS access gets mapped to 'nobody' by default (for whatever that is actually worth; actually it means any 'root' with NFS access to your server can probably create setuid 'nobody' programs). > [...] > * Configure BackupPC startup script > > cd /etc/init.d/ ; touch backuppc > Insert the following into the backuppc file you just created: That's kind of 'cat <<EOF > /etc/init.d/backuppc', isn't it? :) > [...] > start) > # > # You can set the SMB share password here is you wish. Otherwise > # you should put it in the config.pl script. > # If you put it here make sure this file has no read permissions > # for normal users! See the documentation for more information. > # > #BPC_SMB_PASSWD= > #export BPC_SMB_PASSWD > # > su nobody -c "/usr/local/BackupPC/bin/BackupPC -d" One 'nobody' also found here ... > [...] > restart) > /usr/bin/pkill -f "/usr/bin/perl /usr/local/BackupPC/bin/BackupPC -d" > su nobody -c "/usr/local/BackupPC/bin/BackupPC -d" ... and one here. > [...] > usermod -s /usr/bin/bash nobody Presuming that is Solaris' version of 'chsh': I'm not sure that is a good idea (or even necessary) for much the same reasons. What was it before? /bin/false? > [...] > * Setup up /opt/csw/etc/sudoers ; append: > > nobody ALL=NOPASSWD: /usr/sfw/bin//gtar > nobody ALL=NOPASSWD: /usr/bin/env That's a free root shell for 'nobody', isn't it? Why did you add that? > nobody ALL=NOPASSWD: /usr/bin/ssh > nobody ALL=NOPASSWD: /opt/csw/bin/rsync 'tar' and 'rsync' are free access to any file on the system, even those not in the backup (read: /etc/shadow). I'm not sure what you would put 'env' and 'ssh' in there for. > Configure Apache2 (you may need to install apache) Is Apache run as 'nobody'? Or is BackupPC_Admin setuid 'nobody'? ;-) Regards, Holger ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/