[Samba] Sysvol Replication workaround seems not work
Thomas Kempf
listen at hueper.de
Mon Aug 2 06:30:31 UTC 2021
hi miguel,
thank you for this proposal.
Does this sync method have any advantages compared to standard rsync as
described in the wiki ?
Am 30.07.2021 um 11:51 schrieb miguel medalha via samba:
> Automatic SysVol replication with the help of "watcher", a
> recursive incron.
>
> https://github.com/splitbrain/Watcher
>
> "Watcher is a daemon that watches specified files/folders for changes
> and fires commands in response to those changes. It is similar to
> incron, however, configuration uses a simpler to read ini file instead
> of a plain text file. Unlike incron it can also recursively monitor
> directories."
>
> Watcher needs "python-inotify". Install it using your package manager.
>
>
>
> Follow the general instructions for SysVol replication on the Samba WiKi:
>
> https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround
>
> Please note that the rsync command line will have to be sligthly
> modified. Since the SysVol events will be detected on the source DC,
> replication will be made in push mode, not in pull mode as per the Samba
> Wiki.
>
> Test the rsync command line manually before automating it. Since we are
> using "--delete-after", a mistake can be catastrophic for your target
> system. Use --dry-run and -v (verbose) on the command line, like this:
>
> /bin/rsync --dry-run -XAavuz --delete-after
> --password-file=/usr/local/samba/etc/rsync-sysvol.secret
> /usr/local/samba/var/sysvol/
> rsync://sysvol-replication@[IP_OR_NAME_OF_DESTINATION_DC]/SysVol/
>
> Once you are happy with the results, you can remove "--dry-run" and -v
> (this can cause a very large watcher log file, but you can keep it if
> you like) from the rsync command line and use the form included in
> watcher.ini.
>
> Put "watcher.py" and "watcher.ini" in a secure place, giving them
> appropriate permissions.
>
> Edit "watcher.ini" according to your needs. I have the following:
>
>
> ; ----------------------
> ; General Settings
> ; ----------------------
> [DEFAULT]
>
> ; where to store output
> logfile=/tmp/watcher.log
>
> ; where to save the PID file
> pidfile=/tmp/watcher.pid
>
> ; ----------------------
> ; Job Setups
> ; ----------------------
>
> [SysVol_Replication]
> ; directory or file to watch. Probably should be abs path.
> watch=/usr/local/samba/var/sysvol
>
> ; list of events to watch for.
> ; supported events:
> ; 'access' - File was accessed (read) (*)
> ; 'attribute_change' - Metadata changed (permissions, timestamps,
> extended attributes, etc.) (*)
> ; 'write_close' - File opened for writing was closed (*)
> ; 'nowrite_close' - File not opened for writing was closed (*)
> ; 'create' - File/directory created in watched directory (*)
> ; 'delete' - File/directory deleted from watched directory (*)
> ; 'self_delete' - Watched file/directory was itself deleted
> ; 'modify' - File was modified (*)
> ; 'self_move' - Watched file/directory was itself moved
> ; 'move_from' - File moved out of watched directory (*)
> ; 'move_to' - File moved into watched directory (*)
> ; 'open' - File was opened (*)
> ; 'all' - Any of the above events are fired
> ; 'move' - A combination of 'move_from' and 'move_to'
> ; 'close' - A combination of 'write_close' and 'nowrite_close'
> ;
> ; When monitoring a directory, the events marked with an asterisk (*) above
> ; can occur for files in the directory, in which case the name field in the
> ; returned event data identifies the name of the file within the directory.
> events=attribute_change,create,delete,modify
>
> ; Comma separated list of excluded dir. Absolute path needed.
> ; Leave blank if no excluded dir setted
> excluded=
>
> ; if true, watcher will monitor directories recursively for changes
> recursive=true
>
> ; if true, watcher will automatically watch new subdirectory
> autoadd=true
>
> ; the command to run. Can be any command. It's run as whatever user
> started watcher.
> ; The following wildards may be used inside command specification:
> ; $$ dollar sign
> ; $watched watched filesystem path (see above)
> ; $filename event-related file name
> ; $tflags event flags (textually)
> ; $nflags event flags (numerically)
> ; $cookie event cookie (integer used for matching move_from and move_to
> events, otherwise 0)
> command=/bin/rsync -XAauz --delete-after
> --password-file=/usr/local/samba/etc/rsync-sysvol.secret
> /usr/local/samba/var/sysvol/
> rsync://sysvol-replication@[IP_OR_NAME_OF_DESTINATION_DC]/SysVol/
>
>
>
> As you can see under the "events" section, we are monitoring creation,
> deletion, modification and attribute changes of files and directories
> inside sysvol.
>
> Start the watcher.py daemon, giving as a parameter the location of
> "watcher.ini":
>
> /somefolder/watcher.py -c /somefolder/watcher.ini start
>
> You can now watch the results. Input the following at the source DC
> (attention, your paths may differ):
>
> mkdir /usr/local/samba/var/sysvol/newdir
> touch /usr/local/samba/var/sysvol/newdir/newfile
> rm -f /usr/local/samba/var/sysvol/newdir/newfile
> rmdir /usr/local/samba/var/sysvol/newdir
>
> Creation and deletion of files and folders will be immediately mirrored
> on the target DC. File and directory ACLs will be correctly
> replicated as well.
>
> The same method can be used to sync idmap.ldb idmap.ldb
> from the DC with the PDC_Emulator FSMO role to the other DC's.
>
>
>
More information about the samba
mailing list