Recipe 16.4. Building an rsync Backup Server

16.4.1 Problem

You want users to back up their own data. But you really don't want to give users shell accounts all over the place, just so that they can do backups. You'd also like to make it easier for them to share files, again without giving all your users shell accounts.

16.4.2 Solution

Use a dedicated PC for a central server, and run rsync in daemon mode. Users will not need login accounts on the server, and you can use rsync's own access controls and user authorization for security.

rsync must be installed on all machines.

First, on the rsync server, edit or create /etc/rsyncd.conf to create an rsync module defining the archive:

# global settings

log file = /var/log/rsyncd.log

# modules

[backup_dir1]

   path = /backups

   comment = server1 archive

   list = yes

   read only = no

Make sure that /backups exists. Next, start rsync on the server in daemon mode:

# rsync —daemon

Now you can copy files from a remote machine to the server. In this example, the remote PC is "workstation," and the rsync server is "server1." First, verify that the rsync server is accessible:

sue@workstation:~$ rsync server1::

backup_dir1      server1 archive

This command copies Sue's /spreadsheets directory to the module backup_dir1:

sue@workstation:~$ rsync -av  spreadsheets server1::backup_dir1

building file list.....done

spreadsheets/aug_03

spreadsheets/sept_03

spreadsheets/oct_03

wrote 126399 bytes  read 104 bytes  1522.0 bytes/sec

total size is 130228  speedup is 0.94

Now, view the nice, new uploaded files:

sue@workstation:~$ rsync server1::backup_dir1

drwx------      192  2003/02/12  spreadsheets

-rw-r--r--    21560  2003/09/17  aug_03

-rw-r--r--    21560  2003/10/14  sept_03

-rw-r--r--    21560  2003/11/10  oct_03

Sue can easily retrieve files from server1 to her workstation:

sue@workstation:~$ rsync -av  server1::backup_dir1/sept_03  ~/downloads

receiving file list...done

sept_03

wrote 21560 bytes read 126 bytes 1148.0 bytes/sec

total size is 22031  speedup is 0

16.4.3 Discussion

This particular setup is perfectly functional, but not very secure. backup_dir1 is wide open, so any rsync user can access it. Files are transmitted in the clear, so you shouldn't use this for sensitive files.

You can use rsync's built-in simple authentication and access controls to limit access, so it's possible to set up reasonably private archives. See Recipe 16.5 to learn how to add some security.

This is what the rsync command options mean:

rsync server1::: Double colons are used when connecting to an rsync server running in daemon mode. When you connect to an rsync server, you use the module names, rather than filepaths.
rsync -av: -a means archive mode. This tells rsync to copy directories recursively, preserve permissions, copy symlinks, preserve group, preserve owner, and preserve timestamps. -a is the same as -rlptgoD. -v is verbose.
—stats: This option prints a verbose set of statistics on the file transfer, for those who wish to calculate the efficiency of the rsync algorithm.

/etc/rsyncd.conf should be familiar to Samba users, as it uses the same style as smb.conf. Global settings go at the top. Then you can define as many modules as you need. A module defines a single directory, with its options and access permissions:

[backup_dir1]: The module name is enclosed in square brackets. Make this anything you like.
path = /backups: The directory for this module. Always use absolute paths.
comment = server1 archive: This is optional; say anything you want here.
list = yes: This allows the module to be listed when users query the server. The default is no, which will hide the module.
read only = no: The default is read-only. If you want to be able to upload files to this directory, turn off read-only.

16.4.4 See Also

rsync(1), rsyncd.conf(5)
The rsync home page (http://rsync.samba.org)

< Day Day Up >