I'm setting up a server to do remote backups through SSH (pull). How can I copy the /root directory without logging in as root user?
Asked
Active
Viewed 179 times
0
Markus Hedlund
- 1,127
- 2
- 19
- 33
2 Answers
2
Add your backup user to a completely new group created for this purpose, and make that group the group-owner of everything under /root
chgrp -R newgroup /root
or make a small script that tars up /root to STDOUT (say, /usr/local/bin/tar-up-root) and configure your sudoers to allow your backup user to run the script passwordless:
backupuser ALL=(root) NOPASSWD: /usr/local/bin/tar-up-root
and then
ssh backupuser@host-to-backup "/usr/local/bin/tar-up-root" > /var/tmp/remote-root-backup.tar
or run a script from cron, as root, on the host to be backed up, which tars up root to a file owned by the backup user and mode 600 (you don't want anyone else to be able to read this tarfile, or you've weakened security on /root), then have backupuser just scp this file off the host to be backed up.
Any of those any good?
MadHatter
- 79,770
- 20
- 184
- 232
-
Thanks for the advices, will probably use all of them for different problems :) – Markus Hedlund Feb 01 '11 at 15:31
0
Add your backup user to the wheel group, and it will have root privileges. Or add it to a less privileged group and give that group read access to the /root directory and all the files in it.
Mike Scott
- 7,993
- 31
- 26
-
Not to raise a stink, but what makes you think that wheel group membership automatically grants such powers? – MadHatter Feb 01 '11 at 12:19
-