Installation and configuration of Rsync server under CentOS 6.3

Source: Internet
Author: User
Tags syslog

I. Introduction of RSYNC

rsync (remote synchronize) is a data synchronization tool that allows you to quickly sync files between multiple hosts via Lan/wan, or use rsync to synchronize different directories on your local hard drive.

Rsync is a tool for replacing RCP, which uses the so-called "rsync algorithm" to synchronize files between local and remote two hosts, which transmits only the different parts of two files, rather than the entire transfer every time, so it is quite fast. You can refer to how Rsync works A Practical Overview Learn more about the workings of rsync.

Rsync supports most Unix-like systems, which are well tested on Linux, Solaris, and BSD. In addition, it also has the corresponding version under the Windows platform, the more well-known have cwrsync and Sync2nas.

The initial author of Rsync is Andrew Tridgell and Paul Mackerras, which is currently maintained by Http://rsync.samba.org.

The basic features of rsync are as follows:

1. Can be mirrored to save the entire directory tree and file system;

2. It is easy to maintain the original file permissions, time, soft and hard links, etc.;

3. Can be installed without special permission;

4. Optimized process, high efficiency of file transfer;

5. You can use RCP, ssh and other means to transfer files, of course, you can also through a direct socket connection;

6. Anonymous transmission is supported to facilitate site mirroring.

There are two ways to use rsync for remote synchronization: remote Shell mode (SSH is recommended, user authentication is handled by SSH) and C/s (i.e. the client connects to a remote rsync server, and user authentication is the responsibility of the Rsync server).

Whether the data is synchronized locally or remotely, the first run will copy all the files once, and then the runtime will copy only the changed files (for new files) or changes to the file (for the original file).

Rsync does not have a speed advantage when it is first copied, and it is not as fast as tar, so when the amount of data is large you might consider first copying with tar before using rsync for data synchronization.

Second, the system environment

System Platform: CentOS Release 6.3 (Final)

rsync version:rsync-3.0.9-2.el6.rfx.x86_64.rpm

rsync Server:Ts-dev (172.16.1.135)

rsync Client: Ts-client (172.16.1.136)

Third, server-side installation rsync service

3.1. Check if rsync is installed

# Rpm-qa|grep Rsync

If it is already installed, uninstall it using the RPM-E command.

3.2. Download RPM Package

# wget http://pkgs.repoforge.org/rsync/rsync-3.0.9-2.el6.rfx.x86_64.rpm

3.3. Install rsync

# RPM-IVH rsync-3.0.9-2.el6.rfx.x86_64.rpm

Iv. Configuring Rsync Services

4.1. Steps to configure the Rsync server

    • First, select the server startup mode
      • Standalone operation should be used for heavily loaded rsync servers
      • For a lightly loaded rsync server, you can use the xinetd run mode
    • Creating a configuration file rsyncd.conf
    • For rsync servers that are not anonymous access also create authentication password files

4.2. Running the rsync service with XINETD

CentOS runs the Rsync service by default in xinetd mode. Rsync's xinetd configuration file
In/etc/xinetd.d/rsync. To configure the Rsync service to run with xinetd, you need to execute the following command:

# chkconfig rsync on# service xinetd restart

Administrators can modify the/etc/xinetd.d/rsync configuration file to suit your needs. For example, you can modify the configuration line

Server_args =--daemon

Add the service options for rsync later.

4.3. Running the rsync service independently

The simplest way to run the Rsync service independently is to execute the following command:

#/usr/bin/rsync--daemon

You can write the above command to the/etc/rc.local file to run the Rsync service each time you start the server. Of course, you can also write a script to start the RYSNC service automatically at boot time.

4.4. Configuration file rsyncd.conf

Both of the Rsync service runs require configuration of rsyncd.conf, which is formatted like the main profile of samba.
The configuration file rsyncd.conf is in the/etc directory by default. In order to place all the files related to the Rsync service in a separate directory, you can execute the following command:

# mkdir/etc/rsyncd# touch/etc/rsyncd/rsyncd.conf# ln-s/etc/rsyncd/rsyncd.conf/etc/rsyncd.conf

The configuration file rsyncd.conf consists of a global configuration and several module configurations. The syntax for the configuration file is:

    • Module starts with [module name]
    • The format of the parameter configuration line is name = value, where value can have two data types:
      • String (can be used without quotation-bound strings)
      • Boolean value (1/0 or yes/no or True/false)
    • to # or; Start behavior Comment
    • \ is a continuation character.

Global parameters

All configuration lines outside of [module] in the file are global parameters. You can also define a module parameter in the Global Parameters section, where the value of the parameter is the default value for all modules.

Parameters Description Default Value
Address The IP address that is used by the specified server to run when running independently. This parameter is ignored by the XINETD runtime and replaced with the –address option on the command line. All local IP
Port Specifies the port number that the Rsync daemon listens on. This parameter is ignored by the XINETD runtime and replaced with the –port option on the command line. 873
MOTD file Specifies a message file that displays the contents of the file to the customer when the client connects to the server. No
PID File The daemon of Rsync writes its PID to the specified file. No
Log file Specifies the log file for the rsync daemon, without sending the log to the syslog. No
Syslog facility Specifies the message level at which rsync sends log messages to the syslog. Daemon
Socket options Specifies the custom TCP option. No

Module parameters

Module parameters are primarily used to define which directories of the rsync server are to be synchronized. The format of the module declaration must be in [module] form, which is the name seen on the Rsync client, similar to the share name provided by the Samba server. The data that the server really synchronizes is specified through path. You can specify multiple modules according to your needs, and the following parameters can be defined in the module:

A. Basic module parameters

Parameters Description Default Value
Path Specifies the synchronization path for the current module on the rsync server, which must be specified. No
Comment Assign a description to the module, which, together with the module name, is displayed to the customer when the client connects to the module list. No

B. Module control parameters

Parameters Description Default Value
Use Chroot If true, rsync first chroot to the directory specified by the path parameter before transferring the file. The reason for this is to implement additional security, but the disadvantage is that root permissions are required, and you cannot back up the directory files that point to a symbolic connection that is external to the path. True
Uid Specifies that the module transmits files with the specified UID. Nobody
Gid Specifies that the module transmits files with the specified GID. Nobody
Max connections Specifies the maximum number of concurrent connections for the module to protect the server, and exceeding the limit of connection requests will be told to retry later. 0 (No Limit)
Lock file Specifies the lock file that supports the Max connections parameter. /var/run/rsyncd.lock
List Specifies whether the module should be listed when the customer requests a list of modules that can be used. If you set this option to False, you can create a hidden module. True
Read Only Specifies whether to allow customers to upload files. If true, the upload is not allowed, and if False and the server directory has read and write permissions, it is allowed to upload. True
Write only Specifies whether to allow customers to download files. If true, the download is not allowed, and if False and the server directory has Read permissions, it is allowed to download. False
Ignore errors Specifies whether I/O errors are ignored when you run a delete operation on the rsync server. In general, Rsync skips the –delete operation in the event of an I/O error to prevent serious problems due to temporary resource shortages or other I/O errors. True
Ignore nonreadable Specifies that the RYSNC server completely ignores files that the user does not have access to. This is useful for files that need to be backed up in a directory that should not have been backed up by a backup person. False
Timeout This option overrides the client-specified IP timeout period. This ensures that the rsync server does not wait forever for a crashed client. The ideal number for an anonymous rsync server is 600 (in seconds). 0 (not limited)
Dont compress Used to specify files that are not compressed before being transferred. This option defines a list of command options that are not allowed to be used by customers on the module. You must use the full name of the option, not the abbreviation. When an option is denied, the server reports an error message and exits. For example, to prevent the use of compression, it should be: "Dont compress = *". *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz

C. module file filter Parameters

parameters description default
exclude specify multiple files or directories separated by spaces (relative paths) and Add it to the exclude list. This is equivalent to using –exclude in the client command to specify the pattern. empty
exclude from Specify a A file name that contains the exclude rule definition from which the server reads the Exclude list definition. empty
include Specify multiple spaces separated by Multiple files or directories (relative paths) and add them to the include list. This is equivalent to using –include in the client command to specify the pattern. empty
include from Specify a A file name that contains the include rule definition from which the server reads the Include list definition. empty
    • A module can specify only one exclude parameter, one include parameter.
    • Complex exclude/include rules can be defined in conjunction with include and exclude.
    • These parameters are equivalent to the corresponding rsync client command options, and the only difference is that they work on the server side.
    • For information on how to write the rules file, refer to Http://www.howtocn.org/rsync:use_rsync.

D. module user authentication Parameters

Parameters Description Default Value
Auth Users Specifies a list of user names separated by spaces or commas, and only those users are allowed to connect to the module. There is no relationship between the user and the system user. The user name and password are stored in plaintext in the file specified by the secrets file parameter. (anonymous mode)
Secrets file Specify an rsync authentication password file. This file only works if Auth users is defined. Empty
Strict modes Specifies whether to monitor password file permissions. If true, the password file can only be accessed by a user running the rsync server, and no other user can access the file. True
    • The permissions for the rsync authentication password file must be 600, otherwise the client will not be able to connect to the server.
    • Each line in the Rsync authentication password file specifies a user name: the password pair, in the form:

username:passwd

    • In general, passwords are best not to exceed 8 characters. If you configure only the rsync server for anonymous access, you do not need to set the above parameters.

E. Module access control parameters

Parameters Description Default Value
Hosts allow Use a host list to specify which host customers are allowed to connect to the module. Hosts that do not match the list of hosts will be rejected. *
Hosts Deny Use a host list to specify which host customers are not allowed to connect to the module. Empty

The customer host list definition can be in the following form:

    • A single IP address. Example: 192.168.0.1
    • The entire network segment. Example: 192.168.0.0/24,192.168.0.0/255.255.255.0
    • A single host name that can be resolved. Example: centos,centos.bsmart.cn
    • All hosts within the domain. Example: *.bsmart.cn
    • "*" means all.
    • Multiple list items are separated by a space.

F. Module log Parameters

Parameters Description Default Value
Transfer logging Causes the rsync server to log the transfer operation to the transport log file. False
Log format Specifies the field for the transport log file. "%o%h [%a]%m (%u)%f%l"

When the "log file" parameter is set, "%t [%p]" is added at the beginning of each line of the log.

The log format definitions that you can use are as follows:
    • %a-Remote IP address
    • %H-Remote Host name
    • %l-Number of file length characters
    • %p-PID of the rsync session
    • %o-type of operation: "Send" or "recv"
    • %f-File name
    • %P-Module Path
    • %m-Module Name
    • %t-Current time
    • %u-authenticated user name (null when anonymous)
    • %b-Number of bytes actually transferred
    • %c-The checksum of the file is recorded when the file is sent

Five, rsync server application case

5.1. Configuring the Rsync service on the server-side Ts-dev

A. Editing a configuration file

# vi/etc/rsyncd/rsyncd.conf

# Minimal configuration file for rsync daemon# see rsync (1) and rsyncd.conf (5) Mans pages for help# this line is required B Y the/etc/init.d/rsyncd Script
# GLOBAL Optionsuid = root gid = root
Use chroot = no
Read Only = yes #limit access to private lanshosts allow=172.16.0.0/255.255.0.0 192.168.1.0/255.255.255.0 10.0.1.0/ 255.255.255.0hosts deny=*
Max connections = 5                      

PID file =/var/run/rsyncd.pid

Secrets file =/etc/rsyncd/rsyncd.secrets
#lock file =/var/run/rsync.lock           
MOTD file =/etc/rsyncd/rsyncd.motd #This would give you a separate log filelog file =/var/log/rsync.log #This wil L log every file transferred-up to 85,000+ per user, per synctransfer logging = yes log format =%t%a%m%f%bsyslo G Facility = Local3timeout = 300
# MODULE Options[davidhome] path =/home/david/ list=yes Ignore errors auth users = David comment = David home exclude = important/[Chinatmp]path =/tmp/china/list=noignore Errorsauth users = chinacomment = Tmp_china

B. Creating a/etc/rsyncd/rsyncd.secrets file

# vim/etc/rsyncd/rsyncd.secrets

DAVID:ASDF #格式 user name: password
CHINA:JK #该用户不要求是系统用户

C. For password security, we set the permission to 600

# chown Root:root/etc/rsyncd/rsyncd.secrets

# chmod 600/etc/rsyncd/rsyncd.secrets

D. Establish a welcome information file that is visible to clients connecting to the server/ETC/RSYNCD/RSYNCD.MOTD

# VIM/ETC/RSYNCD/RSYNCD.MOTD

+++++++++++++++++++++++++++
+ David Camp +
+++++++++++++++++++++++++++

E. Starting rsync

#/etc/init.d/xinetd Restart

F. See if Port 873 is up

# Netstat-an | grep 873

If rsync starts successfully, you can see that port 873 is already listening.

G. Server-side file details

5.2. Client Configuration

A. Client-installed rsync

# yum-y Install rsync

B. Synchronizing data via Rsync client

Scenario One:

# RSYNC-AVZP [email protected]::d Avidhome/tmp/david/

Password: Here to enter David's password, is provided by the server side, in the previous example, we use the ASDF, the password entered is not displayed;
Note: This command means that the Davidhome data is synced to the local directory/tmp/david/with the David user logging on to the server. Of course, the local directory can be defined by you, such as Dave is also possible, when you on the client, the current operation of the directory is not davidhome this directory, the system will automatically create for you, when there is davidhome this directory, you have to pay attention to its write permissions.

Description
-a parameter, equivalent to-rlptgod,-r is the recursive-L is a linked file, which means to copy the link file;-p to maintain the original file permissions;-T to keep the file original user group;-O Keep the original owner of the file;-D is equivalent to the block device file;
-Z compression during transmission;
-P transmission progress;
-V Transfer progress and other information, and-p a little relationship, try it yourself. can read the document;

Scenario Two:
# RSYNC-AVZP--delete [email protected]::d Avidhome/tmp/david/

This time we introduce a –delete option that indicates that the data on the client is exactly the same as the server side, and if the/tmp/david/directory has a file that does not exist on the server, it is deleted. The ultimate goal is to make the data on the/tmp/david/directory fully consistent with the server, so be careful when using it, it is best not to put the directory that already has important numbers as the local update directory, otherwise it will delete all your data;

Scenario Three:
# RSYNC-AVZP--delete--password-file=/tmp/rsync.password [email protected]::d Avidhome/tmp/david/

This time we added an option –password-file=rsync.password, when we were using the David user to log in to the Rsync server to synchronize the data, the password would read the/tmp/rsync.password file. The content of this file is only the password of the David user. We want to do the following;

# Touch/tmp/rsync.password
# chmod 600/tmp/rsync.password
# echo "ASDF" >/tmp/rsync.password
# RSYNC-AVZP--delete--password-file=/tmp/rsync.password [email protected]::d Avidhome/tmp/david/

Note: This does not require a password, in fact, this is more important, because the server through the Crond to plan the task is still necessary;

5.3. Rsync client automatically synchronizes data with the server

Edit Crontab
# CRONTAB-E
Add the following code:

0 * * * rsync-avzp  --delete  --password-file=/tmp/rsync.password  [email protected]::d avidhome/  tmp /david/

Represents a command that executes after 0:10 every day.

VI. Error Analysis

@ERROR: ChDir failed rsync error:error starting Client-server Protocol (code 5) at MAIN.C (1530) [receiver=3.0.6]

Rsync:opendir "." (in xxxxxxx) Failed:permission denied (13)

Workaround:

1, the SELinux restrictions on rsync all removed:
#/usr/sbin/setsebool-p Rsync_disable_trans 1
# Service XINETD Restart

2, ruthless, prohibit the entire selinux:
# Vim/etc/selinux/config
Modify one of the selinux=enforcing to selinux=disabled
After saving the exit, restart the machine.

At this point, the rsync server configuration is complete.

Vii. Reference

For the use of the rsync command, please refer to: Http://www.howtocn.org/rsync:use_rsync

For a detailed description of the Rsync service, please refer to: http://www.howtocn.org/rsync:use_rsync_server

Installation and configuration of Rsync server under CentOS 6.3

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.