ServerA on to ServerB.ServerB using rsnapshot.backup account on ServerA and enabled paswordless sudo only for rsyncWhat I'm trying to accomplish:
authorized_keys file on ServerA, so only the rsync command can be used via ssh.
On ServerB - /etc/rsnapshot.conf is setup to run rsync with the following args:
rsync_long_args --rsync-path="sudo rsync" --delete --numeric-ids --relative --delete-excluded
I have tried the following on ServerA:
from="ServerB",command="sudo rsync *" ssh-ed25519 SSH-KEYBut rsnapshot keeps crashing and giving IO error codes for rsync.
What am I missing here?
!! Problem Solved !!
Found out about rrsync --- /usr/share/doc/rsync/scripts/rrsync, copy it to wherever.
ServerA:authorized_keys --- command="sudo /usr/local/bin/rrsync -ro /backup"Since I'm keeping a copy of the backups on ServerA, I might as well rsync from them instead of using rsnapshot on ServerB. (This was my initial idea, but it doesn't work since there are duplicate files because of links that rsnapshot creates, I ended up having rsnapshot running both on ServerA and ServerB, to save backups from ServerA to a localDir on ServerA and also make remote snapshots from ServerA to ServerB.)
ServerA:Defaults!/usr/local/bin/rrsync env_keep += "SSH_ORIGINAL_COMMAND"
backup ALL = (root) NOPASSWD: /usr/local/bin/rrsync
rsync -ax --delete --numeric-ids --relative ServerA:/ /ServerB-backup/Now works as expected.
Note that the path on ServerA in the command above is relative to the rule set in authorized_keys.