Read only access to ALL files? Or: how do I safely backup the
complete system to an offsite machine?
Ruben de Groot
mail25 at bzerk.org
Fri Oct 29 07:19:33 PDT 2004
On Fri, Oct 29, 2004 at 02:23:56PM +0200, Gabriel Ambuehl typed:
> Hi,
> I'm wondering if there is any way to have read only access to the whole
> system for an user on STABLE (I have some ideas how to achieve it on
> CURRENT but I don't consider that ready for production use just now)?
>
> Specifically, I want to be able to ssh in from the backup server and
> fetch all files with rsync without having to give the backup server
> full root access to all other machines (for obvious reasons).
>
> There's obviously a hack involving NFS and read only/maproot=root
> but seeing that the backup server is offsite, I have to use ssh for
> transport and would rather not resort to VPN hackery...
>
> Or maybe someone knows of a rsync version that is safe to be run a
> suid root as it won't ever change anything on the filesystem?
Users in the group "operators" have read-only access to the raw
disk-devices in /dev. These devices are used by dump(8).
All other backup strategies (tar, cpio, rsync, ..) work on the
filesystem itself rather than the underlying device and will need
root access.
Ruben
More information about the freebsd-questions
mailing list