diff options
| -rwxr-xr-x | README.md | 15 | ||||
| -rwxr-xr-x | byteback-backup | 2 | ||||
| -rwxr-xr-x | byteback-prune | 2 | ||||
| -rwxr-xr-x | byteback-receive | 2 | ||||
| -rwxr-xr-x | byteback-setup-client-receive | 9 | ||||
| -rw-r--r-- | debian/control | 2 | ||||
| -rw-r--r-- | debian/install | 1 | ||||
| -rwxr-xr-x | sudoers.d/byteback | 8 |
8 files changed, 11 insertions, 30 deletions
@@ -19,12 +19,14 @@ the server address should be enough. Setting up: server ------------------ Install the 'byteback' package on the server, along with its dependencies -(rsync, sudo). +(rsync and ruby-ffi). You then need to perform the following local setup on the server, which can securely handle backups for multiple clients. You need a dedicated user (which is usually called 'byteback') with a home directory on a btrfs -filesystem, and some privileges to run commands through sudo. +filesystem. You will need to mount the filesystem with the +'user_subvol_rm_allowed' flag to enable pruning to work (or run that part +as root). The following commands are appropriate for a Debian system, you might need to alter it for other Linux distributions, or if you are not using LVM @@ -35,15 +37,6 @@ for your discs: # adduser --system byteback --home /byteback --shell /bin/bash - # Allow the backup user to run the snapshot command - # - # echo <<SUDOERS >/etc/sudoers.d/byteback - byteback ALL = (root) NOPASSWD: /usr/local/bin/byteback-snapshot - byteback ALL = (root) NOPASSWD: /usr/bin/byteback-snapshot - byteback ALL = (root) NOPASSWD: /sbin/btrfs subvolume create - Defaults:byteback !requiretty - SUDOERS - # Create a dedicated btrfs filesystem for the user, and add that as its home # lvcreate my_volume_group --name byteback --size 1000GB diff --git a/byteback-backup b/byteback-backup index e7f69cf..c4c8310 100755 --- a/byteback-backup +++ b/byteback-backup @@ -252,6 +252,6 @@ info("Backup completed, requesting snapshot") # Mark the backup as done on the other end # fatal("Backup could not be marked complete") unless - ssh("sudo", "byteback-snapshot", "--snapshot", @verbose) == 0 + ssh("byteback-snapshot", "--snapshot", @verbose) == 0 info("Finished") diff --git a/byteback-prune b/byteback-prune index b3afe42..7d8d495 100755 --- a/byteback-prune +++ b/byteback-prune @@ -127,4 +127,4 @@ if snapshots.empty? end info("Deleting #{snapshots.last.path}") -log_system("sudo btrfs subvolume delete #{snapshots.last.path}") +log_system("btrfs subvolume delete #{snapshots.last.path}") diff --git a/byteback-receive b/byteback-receive index 62fdb4f..d412bea 100755 --- a/byteback-receive +++ b/byteback-receive @@ -29,7 +29,7 @@ fatal("#{byteback_root} does not exist") unless File.directory?(byteback_root) if ARGV[0] == 'rsync' ARGV[-1] = "#{byteback_root}/current" exec(*ARGV) -elsif ARGV[0] == 'byteback-snapshot' || (ARGV[0] == 'sudo' && ARGV[1] == 'byteback-snapshot') +elsif ARGV[0] == 'byteback-snapshot' ARGV.concat(["--root", "#{byteback_root}"]) exec(*ARGV) end diff --git a/byteback-setup-client-receive b/byteback-setup-client-receive index d98eab2..72e5471 100755 --- a/byteback-setup-client-receive +++ b/byteback-setup-client-receive @@ -27,13 +27,10 @@ error("You must call this from byteback-setup-client on remote host") unless Dir.chdir(ENV['HOME']) # don't know why we wouldn't be here -Dir.mkdir(@hostname) +FileUtils.mkdir_p(@hostname) -error("Couldn't create btrfs subvolume (needs sudo)") unless - system("sudo btrfs subvolume create #{@hostname}/current") - -error("Couldn't set ownership of new subvolume (need sudo)") unless - system("sudo chown byteback "+File.expand_path("#{@hostname}/current")) +error("Couldn't create btrfs subvolume") unless + system("btrfs subvolume create #{@hostname}/current") FileUtils.mkdir_p(".ssh") diff --git a/debian/control b/debian/control index 7a221b7..4956f74 100644 --- a/debian/control +++ b/debian/control @@ -10,7 +10,7 @@ Homepage: https://projects.bytemark.co.uk/projects/byteback Package: byteback Architecture: all -Depends: ${shlibs:Depends}, ${misc:Depends}, ruby | ruby-interpreter, rsync, openssh-client, sudo, ruby-ffi | libffi-ruby +Depends: ${shlibs:Depends}, ${misc:Depends}, ruby | ruby-interpreter, rsync, openssh-client, ruby-ffi | libffi-ruby Description: Maintenance-free client & server backup scripts for Linux byteback encapsulates Bytemark's "best practice" for maintenance-free backups with easy client and server setup. diff --git a/debian/install b/debian/install index 73ce9d1..9c9199f 100644 --- a/debian/install +++ b/debian/install @@ -5,4 +5,3 @@ byteback-setup-client-receive /usr/bin byteback-snapshot /usr/bin byteback-prune /usr/bin lib/* /usr/lib/byteback -sudoers.d/byteback /etc/sudoers.d/ diff --git a/sudoers.d/byteback b/sudoers.d/byteback deleted file mode 100755 index 121769c..0000000 --- a/sudoers.d/byteback +++ /dev/null @@ -1,8 +0,0 @@ -# sudoers file for byteback -# -byteback ALL = (root) NOPASSWD: /usr/bin/byteback-snapshot -byteback ALL = (root) NOPASSWD: /sbin/btrfs subvolume create /store/backups/*/current -byteback ALL = (root) NOPASSWD: /sbin/btrfs subvolume delete /store/backups/* -byteback ALL = (root) NOPASSWD: /bin/chown byteback /store/backups/*/current - -Defaults:byteback !requiretty |