On 4/14/2011 2:26 PM, yilam wrote: > [...] > That looks like an invocation using rsyncd; which I would avoid. The time to > use rsyncd is when backing up Windows, because cygwin ssh+rsync is buggy and > doesn't work. > > Keep in mind that BackupPC has both: > $Conf{XferMethod} = 'rsyncd'; > $Conf{XferMethod} = 'rsync'; > > You should use 'rsync' for your XferMethod unless there's a really good > reason. > > > Thank you Carl, Bowie and Les for your answers. The main advantage I saw > using rsyncd, is in the fact that the command line can be much simplified and > the include and exclude options can reside in the rsyncd.conf file. But I > finally rallied Carls advice (see also > http://www.aboutdedupe.com/phpBB2/viewtopic.php?p=212471&sid=0612823bf08f34da225b41976ec74c1c) > and it works. > > > tom > > +---------------------------------------------------------------------- > |This was sent by sneak...@gmx.net via Backup Central. > |Forward SPAM to ab...@backupcentral.com. > +---------------------------------------------------------------------- > > > > ------------------------------------------------------------------------------ > Benefiting from Server Virtualization: Beyond Initial Workload > Consolidation -- Increasing the use of server virtualization is a top > priority.Virtualization can reduce costs, simplify management, and improve > application availability and disaster protection. Learn more about boosting > the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev > _______________________________________________ > BackupPC-users mailing list > BackupPC-users@lists.sourceforge.net > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: http://backuppc.wiki.sourceforge.net > Project: http://backuppc.sourceforge.net/
I agree that limiting the backuppc user on the [backuppc-client] machine to only running rsync with certain options is good practice. I run BackupPC per the instructions at http://backuppc.sourceforge.net/faq/ssh.html#how_can_client_access_as_root_be_avoided. Isn't it the case, however, that when you run rsync over ssh that the client machine logs into the [BackupPC-server] as root? My nightmare is that a public-facing box (i.e. web server) has root access compromised, or at the very least the the private key in [BackupPC-client]/home/backuppc-user/.ssh/id_rsa is exposed. Then the bad guy could run 'ssh -i /home/backuppc-user/.ssh/id_rsa backuppc-server.mydomain.com' and get ROOT access to the backup server. Am i missing something? -Chris ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/