Adam Goryachev via BackupPC-users wrote at about 11:03:20 +1100 on Saturday, November 5, 2022: > I just had to comment here.... > > I don't understand why you would NOT want backuppc to have at least read > access to ALL data, including data only accessible to root. I assume you > would not be suggesting that you run a separate backup system for each > user, so why would you want to either: > > 1) Not backup root data > 2) Run a separate backup solution just for root data > > I guess this will go back to how you setup your data security etc, but > regardless of what you do, I would strongly suggest you ensure ALL data > is backed up (because it is always the unimportant file that needs to be > restored most urgently and is critical). > > So, for my, I use SSH + rsync to backup ALL target systems, and do that > using the root user on the destination, and I simply use the same method > for localhost.
For some additional security and peace-of-mind, I create a new user on my remote machines that you could call say backuppc_client that I then access using sudo with very restricted sudoer privileges based on the specific rsync command used to backup. Now I know that this isn't perfect, but it feels safer than just ssh'ing as root... _______________________________________________ BackupPC-users mailing list [email protected] List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: https://github.com/backuppc/backuppc/wiki Project: https://backuppc.github.io/backuppc/
