[ale] [ot] Xmpp, ejabberd question

Jim Kinney jim.kinney at gmail.com
Fri Jan 13 11:56:14 EST 2012


Note: wilma admin has access to /home/* so root user must be trusted. If
not trusted, then must use encryption on wilma for storage.

On Fri, Jan 13, 2012 at 11:51 AM, Jim Kinney <jim.kinney at gmail.com> wrote:

>
>
> On Fri, Jan 13, 2012 at 9:36 AM, Tim Watts <tim at cliftonfarm.org> wrote:
>
>> Slick.  but then how would you backup stuff that has narrow access
>> like /etc/ssl/private for example ?
>>
>
> Easy. The system being backed up has root access. The receiver machine
> provides storage, not root access. so root on fred goes to fredbak on wilma
> (the backup machine). wilma has /home/fredbak/<fred root tree as needed>
>
>>
>>
>> On Thu, 2012-01-12 at 23:13 -0500, Jim Kinney wrote:
>> > Create a backup user called <machine>bak for each machine and again on
>> > the backup machine so it has individual bak accounts. Use ssh keys and
>> > have each machine rsync to their own directory space. No more admin
>> > peeking on backups.
>> >
>> > On Jan 12, 2012 11:08 PM, "Wolf Halton" <wolf.halton at gmail.com> wrote:
>> >
>> >
>> >         On Tue, Dec 27, 2011 at 4:27 PM, Jim Kinney
>> >         <jim.kinney at gmail.com> wrote:
>> >                 I stand happily  corrected!
>> >
>> >                 old habits die hard. My first foray into rsync
>> >                 required -e ssh and I guess I just glossed over
>> >                 reading that it now the default. I've never used it on
>> >                 a network where ssh was NOT in use :-)
>> >
>> >
>> >                 On Tue, Dec 27, 2011 at 10:42 AM, Brian Mathis
>> >                 <brian.mathis+ale at betteradmin.com> wrote:
>> >                         As of rsync 2.6 (1 Jan 2004)
>> >
>> >
>> http://rsync.samba.org/ftp/rsync/src/rsync-2.6.0-NEWS
>> >
>> >                         The man page since then has said (under
>> >                         SETUP):
>> >                            For remote transfers, a modern rsync uses
>> >                         ssh for its communications [1]
>> >                         and the -e section says:
>> >                            Typically, rsync is configured to use ssh
>> >                         by default
>> >
>> >                         -e can come in handy if you want to pass other
>> >                         options to ssh, such as
>> >                         changing the port or encryption cipher.
>> >
>> >
>> >                         [1]
>> >
>> http://sunsite.ualberta.ca/Documentation/Misc/rsync-2.6.6/rsync.1.html#lbAF
>> >
>> >                         ❧ Brian Mathis
>> >
>> >
>> >                         On Tue, Dec 27, 2011 at 10:15 AM, Jim Kinney
>> >                         <jim.kinney at gmail.com> wrote:
>> >                         > Hmm. Someone needs to update the rsync man
>> >                         pages to reflect -e default is
>> >                         > ssh
>> >                         >
>> >                         > On Dec 27, 2011 10:12 AM, "Brian Mathis"
>> >                         <brian.mathis+ale at betteradmin.com>
>> >                         > wrote:
>> >                         >> There's no need for the -e stuff for a long
>> >                         time now.  Rsync uses ssh
>> >                         >> by default on all modern versions.  You get
>> >                         the same effect using the
>> >                         >> simpler form of:
>> >                         >>
>> >                         >>    rsync -P file.to.transfer
>> >                         username at remote.host:/path/store/file/
>> >                         >>
>> >                         >> ❧ Brian Mathis
>> >                         >>
>> >                         >> On Mon, Dec 26, 2011 at 11:44 PM, James
>> >                         Sumners <james.sumners at gmail.com>
>> >                         >> wrote:
>> >                         >> > XMPP is really not the right tool for
>> >                         this. Rsync is what you want:
>> >                         >> >
>> >                         >> > $ rsync -P -e "ssh -l username"
>> >                         file.to.transfer
>> >                         >> > remote.host:/path/store/file/
>> >                         >> >
>> >                         >> > Where "username" is the SSH user you will
>> >                         be using to transfer the file.
>> >                         >> >
>> >                         >> > On Monday, December 26, 2011, Wolf Halton
>> >                         <wolf.halton at gmail.com> wrote:
>> >                         >> >> What would be wrong with using xmpp as a
>> >                         transfer protocol for moving
>> >                         >> >> backups of tarred files? I have used scp
>> >                         for this purpose, but if the
>> >                         >> >> tunnel
>> >                         >> >> is broken, the file is corrupted. From
>> >                         what I have been reading, if a
>> >                         >> >> session drops in xmpp, it picks up where
>> >                         it was dropped and continues.
>> >                         >> >> I am
>> >                         >> >> working inside a c-class private subnet.
>> >                         >> >>
>> >                         >> >> http://sourcefreedom.com
>> >
>> >                         _______________________________________________
>> >                         Ale mailing list
>> >                         Ale at ale.org
>> >                         http://mail.ale.org/mailman/listinfo/ale
>> >                         See JOBS, ANNOUNCE and SCHOOLS lists at
>> >                         http://mail.ale.org/mailman/listinfo
>> >
>> >
>> >
>> >
>> >
>> >                 --
>> >                 --
>> >                 James P. Kinney III
>> >
>> >                 As long as the general population is passive,
>> >                 apathetic, diverted to consumerism or hatred of the
>> >                 vulnerable, then the powerful can do as they please,
>> >                 and those who survive will be left to contemplate the
>> >                 outcome.
>> >                 - 2011 Noam Chomsky
>> >
>> >                 http://heretothereideas.blogspot.com/
>> >
>> >         Thanks for this string.  It has helped me speed up my custom
>> >         back-up thing.  I am using "rsync -av here there" and it is
>> >         doing great.  I am using moosefs to mount storage on each
>> >         client and rsyncing from my collection point to the remote
>> >         server storage.  This is far easier to sort out though it is
>> >         somewhat insecure, since each root user from each of the
>> >         machines can look at all of the tar-kives.
>> >
>> >         Wolf
>> >
>> >         --
>> >         This Apt Has Super Cow Powers - http://sourcefreedom.com
>> >         Advancing Libraries Together - http://LYRASIS.org
>> >
>> >
>> >         _______________________________________________
>> >         Ale mailing list
>> >         Ale at ale.org
>> >         http://mail.ale.org/mailman/listinfo/ale
>> >         See JOBS, ANNOUNCE and SCHOOLS lists at
>> >         http://mail.ale.org/mailman/listinfo
>> >
>> > _______________________________________________
>> > Ale mailing list
>> > Ale at ale.org
>> > http://mail.ale.org/mailman/listinfo/ale
>> > See JOBS, ANNOUNCE and SCHOOLS lists at
>> > http://mail.ale.org/mailman/listinfo
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
>
>
> --
> --
> James P. Kinney III
>
> As long as the general population is passive, apathetic, diverted to
> consumerism or hatred of the vulnerable, then the powerful can do as they
> please, and those who survive will be left to contemplate the outcome.
> - *2011 Noam Chomsky
>
> http://heretothereideas.blogspot.com/
> *
>



-- 
-- 
James P. Kinney III

As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as they
please, and those who survive will be left to contemplate the outcome.
- *2011 Noam Chomsky

http://heretothereideas.blogspot.com/
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20120113/bac1b476/attachment.html 


More information about the Ale mailing list