[Samba] Sysvol Replication workaround seems not work

Thomas Kempf listen at hueper.de
Mon Aug 2 06:30:31 UTC 2021 

hi miguel,
thank you for this proposal.
Does this sync method have any advantages compared to standard rsync as 
described in the wiki ?

Am 30.07.2021 um 11:51 schrieb miguel medalha via samba:
> Automatic SysVol replication with the help of "watcher", a
> recursive incron.
> 
> https://github.com/splitbrain/Watcher
> 
> "Watcher is a daemon that watches specified files/folders for changes
> and fires commands in response to those changes. It is similar to
> incron, however, configuration uses a simpler to read ini file instead
> of a plain text file. Unlike incron it can also recursively monitor
> directories."
> 
> Watcher needs "python-inotify". Install it using your package manager.
> 
> 
> 
> Follow the general instructions for SysVol replication on the Samba WiKi:
> 
> https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround
> 
> Please note that the rsync command line will have to be sligthly
> modified. Since the SysVol events will be detected on the source DC,
> replication will be made in push mode, not in pull mode as per the Samba
> Wiki.
> 
> Test the rsync command line manually before automating it. Since we are
> using "--delete-after", a mistake can be catastrophic for your target
> system. Use --dry-run and -v (verbose) on the command line, like this:
> 
> /bin/rsync --dry-run -XAavuz --delete-after
> --password-file=/usr/local/samba/etc/rsync-sysvol.secret
> /usr/local/samba/var/sysvol/
> rsync://sysvol-replication@[IP_OR_NAME_OF_DESTINATION_DC]/SysVol/
> 
> Once you are happy with the results, you can remove "--dry-run" and -v
> (this can cause a very large watcher log file, but you can keep it if
> you like) from the rsync command line and use the form included in
> watcher.ini.
> 
> Put "watcher.py" and "watcher.ini" in a secure place, giving them
> appropriate permissions.
> 
> Edit "watcher.ini" according to your needs. I have the following:
> 
> 
> ; ----------------------
> ; General Settings
> ; ----------------------
> [DEFAULT]
> 
> ; where to store output
> logfile=/tmp/watcher.log
> 
> ; where to save the PID file
> pidfile=/tmp/watcher.pid
> 
> ; ----------------------
> ; Job Setups
> ; ----------------------
> 
> [SysVol_Replication]
> ; directory or file to watch.  Probably should be abs path.
> watch=/usr/local/samba/var/sysvol
> 
> ; list of events to watch for.
> ; supported events:
> ; 'access' - File was accessed (read) (*)
> ; 'attribute_change' - Metadata changed (permissions, timestamps,
> extended attributes, etc.) (*)
> ; 'write_close' - File opened for writing was closed (*)
> ; 'nowrite_close' - File not opened for writing was closed (*)
> ; 'create' - File/directory created in watched directory (*)
> ; 'delete' - File/directory deleted from watched directory (*)
> ; 'self_delete' - Watched file/directory was itself deleted
> ; 'modify' - File was modified (*)
> ; 'self_move' - Watched file/directory was itself moved
> ; 'move_from' - File moved out of watched directory (*)
> ; 'move_to' - File moved into watched directory (*)
> ; 'open' - File was opened (*)
> ; 'all' - Any of the above events are fired
> ; 'move' - A combination of 'move_from' and 'move_to'
> ; 'close' - A combination of 'write_close' and 'nowrite_close'
> ;
> ; When monitoring a directory, the events marked with an asterisk (*) above
> ; can occur for files in the directory, in which case the name field in the
> ; returned event data identifies the name of the file within the directory.
> events=attribute_change,create,delete,modify
> 
> ; Comma separated list of excluded dir. Absolute path needed.
> ; Leave blank if no excluded dir setted
> excluded=
> 
> ; if true, watcher will monitor directories recursively for changes
> recursive=true
> 
> ; if true, watcher will automatically watch new subdirectory
> autoadd=true
> 
> ; the command to run. Can be any command. It's run as whatever user
> started watcher.
> ; The following wildards may be used inside command specification:
> ; $$ dollar sign
> ; $watched watched filesystem path (see above)
> ; $filename event-related file name
> ; $tflags event flags (textually)
> ; $nflags event flags (numerically)
> ; $cookie event cookie (integer used for matching move_from and move_to
> events, otherwise 0)
> command=/bin/rsync -XAauz --delete-after
> --password-file=/usr/local/samba/etc/rsync-sysvol.secret
> /usr/local/samba/var/sysvol/
> rsync://sysvol-replication@[IP_OR_NAME_OF_DESTINATION_DC]/SysVol/
> 
> 
> 
> As you can see under the "events" section, we are monitoring creation,
> deletion, modification and attribute changes of files and directories
> inside sysvol.
> 
> Start the watcher.py daemon, giving as a parameter the location of
> "watcher.ini":
> 
> /somefolder/watcher.py -c /somefolder/watcher.ini start
> 
> You can now watch the results. Input the following at the source DC
> (attention, your paths may differ):
> 
> mkdir /usr/local/samba/var/sysvol/newdir
> touch /usr/local/samba/var/sysvol/newdir/newfile
> rm -f /usr/local/samba/var/sysvol/newdir/newfile
> rmdir /usr/local/samba/var/sysvol/newdir
> 
> Creation and deletion of files and folders will be immediately mirrored
> on the target DC. File and directory ACLs will be correctly
> replicated as well.
> 
> The same method can be used to sync idmap.ldb idmap.ldb
> from the DC with the PDC_Emulator FSMO role to the other DC's.
> 
> 
>

More information about the samba mailing list