rsync System user/Virtual user backup Web server data and no interactive scheduled push backup

First, the service environment

(1), WEBserver (192.168.10.130); Backserver (192.168.10.129)

(2), Backserver Server deployment, install required software, and start

(3), set up the system backup user backup (both Web server and backup server are established users)

[[email protected] ~]# useradd backup; Echo backup:123456 |chpasswd
[[email protected] ~]# ID backup
uid=1001 (Backup) gid=1001 (Backup) groups=1001 (Backup)

[[email protected] ~]# useradd backup; Echo backup:123456 |chpasswd
[[email protected] ~]# ID backup
uid=1001 (Backup) gid=1001 (Backup) groups=1001 (Backup)

(4) Open Web server backup directory permissions let the backup user operate:

[Email protected] ~]# setfacl-r-M default:backup:rwx/var/www/html/
[Email protected] ~]# setfacl-r-M user:backup:rwx/var/www/html/
[Email protected] ~]# getfacl/var/www/html/
Getfacl:removing leading '/' from absolute path names
# file:var/www/html/
# Owner:root
# Group:root
User::rwx
User:backup:rwx
Group::r-x

Mask::rwx

Other::r-x
Default:user::rwx
Default:user:backup:rwx
Default:group::r-x
Default:mask::rwx
Default:other::r-x

(5), set up storage service directory/web-back/, and open permissions for backup users

[Email protected] ~]# mkdir/web-back/
[Email protected] ~]# chown backup:backup/web-back/

(6) Copy all files under the Web server/boot/directory to the/var/www/html/directory for push testing

(7),rsync-avz--delete/var/www/html/[email protected]:/web-back/Command Push test

Second, establish a virtual user on the backup server, and establish a user and password file for scheduled push backup.

(1) Modify the /etc/rsyncd.conf configuration file and add the following at the end:

uid = root # the identity of the running process

GID = root #运行进程的组

Address =192.168.10.129 # listening IP (backup server)

Port =873 #监听端口

The hosts allow =192.168.10.0/24 #允许同步客户端的IP地址, which can be a network segment, or use * to represent all

Use chroot = yes # whether the prison, lock home directory, rsync is black, hackers can no longer rsync run outside the home directory to create files, option set to Yes

Max Connections =5 # Maximum number of connections

PID file =/var/run/rsyncd.pid #进程PID, automatically generated

Lock File =/var/run/rsyncd.lock # refers to the lock file of the max Connectios parameter

Log file =/var/log/rsyncd.log #日志文件位置

MOTD file =/ETC/RSYNCD.MOTD #客户端登陆之后弹出的消息

[Wwwroot] # shared module name

Path =/web-back/ #备份路径       

comment = used for web-data root # Description

Read Only = False #设置服务端文件读写权限

list = yes # whether to allow viewing of module information                            

Auth users = Rsyncuser #备份的用户, independent of system users, established virtual backup user

Secrets file =/etc/rsync.passwd # Store user's password file, format is user name: password

(2), create prompt file and user password

[[email protected] ~]# echo "Welcome to Backup Server" >/ETC/MOTD
[Email protected] ~]# vim/etc/rsync.passwd

Rsyncuser:password123

[Email protected] ~]# chmod 600/etc/rsync.passwd #密码文件权限必须是600或700

(3) Start-up service

[[email protected] ~]# systemctl start Xinetd.service
[[email protected] ~]# Systemctl Enable xinetd
[[email protected] ~]# rsync--daemon--config=/etc/rsyncd.conf        < strong>     #让rsync服务从配置文件启动
[[email protected] ~]# ps aux | grep rsync
Root 1926 0.0 0.0 114652 316? Ss 07:02 0:00 rsync--daemon
Root 2920 0.0 0.0 112660 972 pts/0 r+ 07:46 0:00 grep--color=auto Rsyn

[Email protected] ~]# kill-9 1926 #杀掉rsync服务进程
[[email protected] ~]# ps aux | grep rsync
Root 2922 0.0 0.0 112660 968 pts/0 r+ 07:48 0:00 grep--color=auto Rsyn
[Email protected] ~]# rsync--daemon--config=/etc/rsyncd.conf #重新从配置文件读取启动 　　　　　
[[email protected] ~]# ps aux | grep rsync #查看已启动的rsync进程
Root 2924 0.0 0.0 114652 504? Ss 07:48 0:00 rsync--daemon--config=/etc/rsyncd.conf
Root 2926 0.0 0.0 112660 968 pts/0 r+ 07:48 0:00 grep--color=auto Rsyn

(4) Create a backup user password file on the Web server so that the push backup does not need to enter a password to run

[Email protected] ~]# vim/etc/rsync.passwd
[Email protected] ~]# cat!$
cat/etc/rsync.passwd
Password123

[Email protected] ~]# chmod 600/etc/rsync.passwd #密码文件权限必须改为600或700不然无法读取

(5) Web server Run command:rsync-avz--delete/var/www/html [email protected]::wwwroot --password-file=/etc/ RSYNC.PASSWD for push backup testing

(6), the test is successful, the configuration is not a problem, the Write Timer task automatic execution

[Email protected] ~]# vim autobackup.sh
[Email protected] ~]# cat!$
Cat autobackup.sh
#!/bin/bash
Rsync-avz--delete/var/www/html [email protected]::wwwroot--password-file=/etc/rsync.passwd #--password-file must be Specifies the Web server password file absolute path, otherwise cannot read!!!!

echo "0 2 * * * sh/root/autoback.sh &" >>/var/spool/cron/root #制定定时任务, perform a push backup script on a timed basis　　　　　

rsync System user/Virtual user backup Web server data and no interactive scheduled push backup