Red Mop wrote: > The idea here is that I don't want to leave all of my computers on all the > time. So when they boot up, or if they happen to be on, once per day, it > creates a file on the server via ssh. The server, having detected this file > via inotify, then immediately proceeds to backup the server. This cuts down > on the error messages cron sends me, and also allows for simultaneous > backups.
Now I get you, cool. But IMO, you kinda do that bass-ackwards. Why not just do the following: (1) [on the server] just make the user that triggers the backup via file diddling a NOPASSWD sudoer for the exact command lines for all the vaults (somebody else already posted how to do single vaults). DON'T just make the whole dirvish commands sudoable without specifying each of the parameter sets because then any parameter may be used for sudo, and future bugs may make you vulnerable to malicious command lines from local logins as that user. --- (2) [on the server] write a script that takes no parameters and does both tasks for that vault, with the sudo commands you configured. You don't need parameters because you can read the hostname (which defines the vault(s) to run from the SSH_CLIENT variable. Now enforce running that script, and that script only, in the key that allows the user to login to the server in the first place. While you're at it, disallow forwarding, X...maybe inhibit vt allocation. The necessary docs for authorized_keys is in the manpage of sshd. This way you're secure but still only need to manage one key in that place. For distributing a new private key in case a client gets subverted, see capistrano or cfengine. --- (3) [on the clients] call that script via ssh at boot right after starting sshd instead of just creating a file on the server. The backup runs right then and you need neither polling nor inotify magic, which makes it more portable; with the measures above, it should also be at least as secure. --- Also, please get your posting in order. Your top-posting was annoying and you changed that; thanks. But now I see newlines between all the lines in your posts, and I see your bottom-posts in a different font than all the others - have you turned on HTML by mistake? If you did it intentionally, it was still a mistake, if you catch my drift. Finally, you should limit the key that allows the server to log back into the client for backups to the exact rsync commandline that's run on that specific machine (see the sshd logs), in the same way as you limited the key to notify to start the backup. Yours, Bernd _______________________________________________ Dirvish mailing list [email protected] http://www.dirvish.org/mailman/listinfo/dirvish
