[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rdiff-backup-users] Running rdiff-backup restores as a different us
From: |
dean gaudet |
Subject: |
Re: [rdiff-backup-users] Running rdiff-backup restores as a different user (w/ shared group permissions on the repository) |
Date: |
Sun, 23 Jul 2006 14:08:40 -0700 (PDT) |
On Sun, 23 Jul 2006, Charles Duffy wrote:
> I'm running backups in such a way that "rdiff-backup --server" is being run
> with uid and gid backup. I want to be able to give users who are allowed to
> run restores membership in the backup group, and arrange permissions such that
> this is sufficient to permit operation.
>
> I've written a small patch to prevent rdiff-backup from resetting the umask;
> set said umask to allow group read and write; forcefully changed the file
> permissions in my backup directory (as a temporary measure -- to do it right
> I'm going to want to add a flag that tells rdiff-backup to pretend that the
> underlying filesystem used for storage doesn't support UNIX permissions) --
> but even so, users other than the owner of the files in question are unable to
> do restores because rdiff-backup is trying to chmod the files on the server
> side during the restore process!
yeah this is something i'd like to see fixed...
> Is what I'm doing a reasonable use case? Is there a better way around it? Is
> the easiest way to fix this what I think it is (forcing the system to believe
> the server side doesn't support UNIX permissions)? If so, what's the easiest
> way to implement this -- does the straightforward approach involve client-side
> changes or only serverside ones?
what you're trying to do is quite reasonable.
restores shouldn't write anywhere on the mirror *except* for applying
patches to generate the appropriate revision of the file... and this sort
of thing should be controlled by a --option or TMPDIR or something. (it
may even be possible to generate the revisions without writing them to
disk... but this is a librsync thing more than an rdiff-backup thing.)
i think you're going to have to change the server-side... unless you use
something crazy like a unionfs with a tmpfs on top... or fuse or
something.
i'd be happy to review/apply a patch for this... but i'm only working with
1.0.x at the moment and it's the sort of feature which would need to be
ported to 1.1.x as well.
-dean