[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rdiff-backup-users] permission denied error when making backups

From: weloki
Subject: Re: [rdiff-backup-users] permission denied error when making backups
Date: Wed, 20 Jun 2012 09:44:47 -0700 (PDT)

Hi Duk,
I set up a regular user's account for rdiff-backup on my backup server as
well as a directory where I save the backed up files to. That directory has
permissions for only rdiff-backup user and group (chmod -R
rdiff-backup:rdiff-backup /dirname). On the servers that I want to be backed
up I also created a user account for rdiff-backup, and in addition to the
entry in /etc/sudoers, in the file at
/rdiff-backup_home/.ssh/authorized_keys I put this on one line: 

command="sudo rdiff-backup --server --restrict-read-only
ssh-rsa AAAAB3NzaC1...long SSH public key here... ==

Hopefully this helps.

Duk wrote:
> Hi Weloki!
> I've the same setup as yours and having the same problem, did you finally
> found a solution?
> I'm only able to do a full backup logging as root, and I don't want to do
> that.... any help there?
> weloki wrote:
>> On my server that I want backed up, I do not want to SSH into it as root,
>> so I've set up a special user that has an entry in /etc/sudoers to run
>> *only* the rdiff-backup command on the host with superuser privileges:
>> Cmnd_Alias     RDIFFBACKUP = /usr/bin/rdiff-backup
>> rdiff-backup    ALL = NOPASSWD: RDIFFBACKUP
>> ...everything else about the user is normal. Now for any file that does
>> not have the chmod o+r (readable by "other") attribute I get this error
>> when trying to back it up:
>> ListError filename [Errno 13] Permission denied: '/path/to/filename'
>> The file permissions could look only like -------r-- and that would work,
>> in any other way, without the "r" for "other" I get the error. When I
>> perform backups logging in as root, backups are made fine. 

View this message in context: 
Sent from the rdiff-backup-users mailing list archive at Nabble.com.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]