Some help with sudo on remote side of rsync
Carney Mimms
Carney.Mimms at nourison.com
Wed Jan 28 20:51:22 GMT 2009
I have an rsync script that has worked well for me for quite a while now
rsyncing RAID volumes attached to two servers, one on our LAN and one at
our colocation facility. I have been struggling for months, however, to get
the script to run without password prompts so I can run it on cron. The
rsync script is running on the system at the colo and ³pulling² files from
the LAN system (admin at 192.168.100.47) back to it.
I am now able to ssh from remote to local and local to remote without
passwords using RSA keys, but if I run the script without sudo, i.e. Sudo
/usr/local/bin/rsync ... It can¹t copy files that need root permissions. If
I leave out the sudo and run the script after becoming root (sudo su), I get
prompted for a password again.
My research suggests that using --rsync path=²sudo rsync² may get the
remote side to run as root and to find the needed keys, but I can¹t figure
out how to invoke it properly or make it work. So right now I¹m chasing my
tail. I either wind up with a password prompt, probably because of an
authorized keys problem related to sudo, or I¹m not running as root and
can¹t copy the needed files. The user running the rsync script is set to
³NOPASSWD² in /etc/sudoers and so is the remote user (admin at 192.168.100.47),
so that can¹t be where the password prompts are coming from.
Can anybody help point me in the right direction?
Here is the script, followed by its initial STOUT:
-------------------
#!/bin/bash
# Space-separated list of directories to back up; edit as needed; SOURCE
#DIRS variable now uses arrays instead of escaping spaces
DIRS=("admin at 192.168.100.47:/Volumes/Christine/testsource/")
# Options to pass to rsync; edit as needed
# "--update" = update only (don't overwrite newer versions of files)
# "--delete"= delete files that exist on DESTINATION BUT NOT SOURCE"
# "--protect-args"= don't parse all spaces as separators
# "--dry-run"= run script without actually performing file operations-test
# "--progress"=show file copying progress--distracting
# "--archive"=archive mode, you want recursion and everything
# "--stats"=shows statistics at end of sync
OPTS=(-aAX --delete --archive --rsync-path=/usr/local/bin/rsync
--protect-args
--fileflags --force-change --stats)
# Backup destination. In this case, it is another hard disk on the same
machine.
# If you wish to back up to a server via ssh, change the line to something
like
#
BACKUPDIR="remoteusername at someserver.something:/path/to/backup/destination"
# BACKUPDIR in this script is on local machine, and is DESTINATION
# ignore Mac droppings
EXCLUDES=(--exclude .DS_Store --exclude .Trash --exclude Cache --exclude
Caches
--exclude .TemporaryItems)
# Build the actual command
# NOTE the specific path to the "special" version of rsync
# uses arrays instead of escaping spaces
COMMAND=(/usr/local/bin/rsync "${OPTS[@]}" "${EXCLUDES[@]}" "${DIRS[@]}"
"$BACK
UPDIR")
# Informative output
echo About to run:
echo "${COMMAND[*]}"
echo Please do not close this window until it is finished.
# DO IT!
"${COMMAND[@]}"
echo Done.
# the end.
---------------
About to run:
/usr/local/bin/rsync -aAX --delete --archive
--rsync-path=/usr/local/bin/rsync --protect-args --fileflags --force-change
--stats --exclude .DS_Store --exclude .Trash --exclude Cache --exclude
Caches --exclude .TemporaryItems
admin at 192.168.100.47:/Volumes/Christine/testsource/ /Volumes/Paris/testdest/
Please do not close this window until it is finished.
-------------------
--Carney W. Mimms
--Macintosh System Administrator
--Nourison USA
--5 Sampson Street
--Saddle Brook, NJ 07663
--201 450-0161
----------------------------------------------------------------------------
---------------
We all live every day in virtual environments, defined by our ideas.
--Michael Crichton
----------------------------------------------------------------------------
---------------
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the rsync
mailing list