rsync server set up methods

1 What is rsync;


rsync is a file transfer program for Unix systems. rsync uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files are present at one of the ends of the link beforehand.

rsync is a Unix system and transfer the file synchronization tool. rsync is the "rsync algorithm" provides a client and a remote file server file synchronization of the rapid method.

Some features of rsync include
rsync include the following characteristics:
* Can update whole directory trees and filesystems
Can update whole directory trees and files and systems;
* Optionally preserves symbolic links, hard links, file ownership, permissions, devices and times
To maintain selective Chain symbols, hard links, documents belonging to, powers, equipment and time;
* Requires no special privileges to install
For installation without any special authority requirements;
* Internal pipelining reduces latency for multiple files
For multiple files, the internal pipeline to reduce the paper wait for the delay;
* Can use rsh, ssh or direct sockets as the transport
Use rsh, ssh or direct port as input port Chuan;
* Supports anonymous rsync which is ideal for mirroring
Support for anonymous rsync file synchronization, mirroring is the ideal tool;


2 rsync server grounds;


relatively simple to set up rsync server, rsync may be installed after we did not find configuration file, as well as the rsync server startup process, because each manager is not likely to use the same rsync, so the general release of the software is installed on done, and allows administrators to use and in accordance with the direction of their own to set up their own rsync server; rsync application because the relatively wide range of hosts in the same work back up, but also between the different work the host. Between different host for backup, it is necessary to set up the rsync server.

In my point of view, if carried out on the same host Backup files with a copy tools like cp. Rsync so no need to use relatively sophisticated tools, cp also easy-to-use, of course, this is just a personal point of view;

For heavy-weight servers, the network should have a backup server, only the local backup is not enough, it is best to back up the host or network, it can only be guaranteed the security of data. After all, data on local servers or less secure, such as a broken disk, the hacker deleted data into the server. In fact, the value of the server itself is not large, it is important that the value of data.

In addition to a large number of files from one server to another server, rsync is not an instrument transmission. Companies have a file server, configuration is CPU Intel Celeon 333Mhz, RAM 128M, Hard Drive IDE 80Gx3 = 240G, there is only a 12G hard drive partition to install the system, with a 256M partition as the exchange, other space I have the data used by LVM volumes to manage disk space, I am a 180G of space for data storage, then data storage capacity has reached more than 160 G. At that time, server space is limited, not so local backup. Is impossible to add the hard disk up, because the machine did not do RAID, a broken hard drive, data will be wholly destroyed, without any security protection. In this case, in order to ensure data security, I was forced to do so with a file server support Raid5. In the choice of how to complete transmission of data files to a new server, I think a lot of tools, and finally thought of rsync. I spent 10 minutes to set up and debug the rsync, and then start the file transfer, because the files on a file server too much, the old file server to configure a low, it took about 23 days before it can be completed for all file transfers.


3 to set up rsync server process;


Relatively simple to set up rsync server, write a configuration file rsyncd.conf. Documents are also the rules of writing, we can refer to the document do rsync.samba.org; of course, we must first install the software do a good rsync;

3.1 rsync installation;


Software installation is too simple, the major Linux distributions now offer this package, of course, you could compile your own installation, in the present circumstances, I do not need for too much;


[root @ linuxsir: beinan] $ sudo apt-get install rsync Note: debian, ubuntu-line installation method, etc.;
[root @ linuxsir: beinan] # slackpkg install rsync Note: Slackware packages installed online;
[root @ linuxsir: beinan] # yum install rsync Note: Fedora, Redhat, such as system installation methods;

Other Linux distributions, please use the appropriate package management to install; If it is a source package, that is, use the following approach;


[root @ linuxsir: / home / beinan] # tar xvf sync-xxxx.tar.gz or sync-xxx.tar.bz2
[root @ linuxsir: / home / beinan] # cd sync-xxx
[root @ linuxsir: / home / beinan / sync-xxx] #. / configure - prefix = / usr; make; make install Note: the installation used to compile source packages, you have to install the gcc compiler, etc. issued by us in;

3.2 rsync server configuration file rsyncd.conf;


We can look at rsyncd.conf.html. Concrete steps are as follows;


[root @ linuxsir: ~] # mkdir / etc / rsyncd Note: In the / etc directory create a directory rsyncd, we rsyncd.conf and rsyncd.secrets used to store documents;
[root @ linuxsir: ~] # touch / etc / rsyncd / rsyncd.conf Note: the creation of rsyncd.conf, this is the rsync server's configuration file;
[root @ linuxsir: ~] # touch / etc / rsyncd / rsyncd.secrets Note: the creation of rsyncd.secrets, this is the user's password file;
[root @ linuxsir: ~] # chmod 600 / etc / rsyncd / rsyncd.secrets Note: In order to password security, we set the permissions 600;
[root @ linuxsir: ~] # ls-lh / etc / rsyncd / rsyncd.secrets
-rw ------- 1 root root 14 2007-07-15 10:21 / etc / rsyncd / rsyncd.secrets
[root @ linuxsir: ~] # touch / etc / rsyncd / rsyncd.motd

The next is that we modify and rsyncd.conf and rsyncd.motd document rsyncd.secrets time;

rsync server rsyncd.conf is the main configuration file, we come to a simple example; instance, we want to back up the server / home and / opt, in the / home, I wanted to samba directory beinan and excluded;

# Distributed under the terms of the GNU General Public License v2


# Minimal configuration file for rsync daemon
# See rsync (1) and rsyncd.conf (5) man pages for help

# This line is required by the / etc / init.d / rsyncd script
pid file = / var / run / rsyncd.pid
port = 873
address = 192.168.1.171
# uid = nobody
# gid = nobody
uid = root
gid = root

use chroot = yes
read only = yes


# limit access to private LANs
hosts allow = 192.168.1.0/255.255.255.0 10.0.1.0/255.255.255.0
hosts deny =*

max connections = 5
motd file = / etc / rsyncd / rsyncd.motd

# This will give you a separate log file
# log file = / var / log / rsync.log

# This will log every file transferred - up to 85,000 + per user, per sync
# transfer logging = yes

log format =% t% a% m% f% b
syslog facility = local3
timeout = 300

[linuxsirhome]
path = / home
list = yes
ignore errors
auth users = linuxsir
secrets file = / etc / rsyncd / rsyncd.secrets
comment = linuxsir home
exclude = beinan / samba /

[beinan]
path = / opt
list = no
ignore errors
comment = optdir
auth users = beinan
secrets file = / etc / rsyncd / rsyncd.secrets

Note: The auth users on the server must exist in the real system users, if you want to use multiple users, it is to, No. separated; such as auth users = beinan, linuxsir

Password file: / etc / rsyncd / rsyncd.secrets content format;


Username: Password

And we have the example reads as follows rsyncd.secrets similar; in the document that some systems do not support long password, try to set up their own you. In addition rsyncd.secrets file permissions to other user groups is unreadable. If you set wrong, rsync may not work.


linuxsir: 222222
beinan: 333333

Note: It is worth noting here the password, for security, you can not write system user's password here. For example, users of the system linuxsir your password is abcdefg, for safety, you can rsync to linuxsir of 222,222. This is the samba password for user authentication is more or less the same principle;

rsyncd.motd documents;

It is the definition of information rysnc server, that is, user login information. For example, allow users to know who the server is provided, etc.; similar ftp server log, we have seen linuxsir.org ftp ... .... Of course, this definition of variables in the overall situation is not necessary, you can note the # out, or deleted; I would like to write the contents of a rsyncd.motd as follows:


+++++++++++++++++++++++++++
+ Linuxsir.org rsync 2002-2007 +
+++++++++++++++++++++++++++


4 to set up an example of the rsync server;



The definition of 4.1 overall;


Rsync server in the overall definition of a few of the key comparison, according to our previous configuration files given rsyncd.conf documents;


pid file = / var / run / rsyncd.pid Note: wrote to tell the process of / var / run / rsyncd.pid document;
port = 873 Note: The specified port is running, the default is 873, you can specify their own;
address = 192.168.1.171 Note: The specified server IP address;
uid = nobody
gid = nobdoy

Note: The server-side transfer document, which should be made of users and user groups to implement, the default is nobody. If the nobody user and user group permissions that may be encountered, some files from the server pull-down. So I will be lazy, in order to facilitate use of the root. However, you can sync to in the definition of the module directory specified in the definition of the user to resolve the issue of competence.


use chroot = yes

Note: use chroot, in the transmission file, the server daemon will chroot to the file in the directory system, the benefits of doing so is possible loopholes in the protection system was installed on the possibility of invasion. The disadvantage is the need for super-user privileges. In addition to the symbolic link file will be excluded. In other words, your rsync server, if there is a symbolic link, you run the backup server data synchronization client, the only sign of synchronous down link will not synchronize the contents of symbolic links; the need to try their own ;


read only = yes

Note: read only read-only option, that is, upload files from client to server. There is also a write only option is to try to do what you used;


# limit access to private LANs
hosts allow = 192.168.1.0/255.255.255.0 10.0.1.0/255.255.255.0

Note: You can specify a single IP, can also specify the entire network segment, to increase security. Ip and ip format between, ip network segment and between the network and use a space between the segment and separated;


max connections = 5

Note: The maximum number of connections the client;


motd file = / etc / rsyncd / rsyncd.motd

Note: motd file is the definition of the server information, rsyncd.motd to write the contents of the documents themselves. When the user logged on will see this message. For example, I wrote that:


+++++++++++++++++++++++++++
+ Linuxsir.org rsync 2002-2007 +
+++++++++++++++++++++++++++


log file = / var / log / rsync.log

Note: rsync server log;


transfer logging = yes

Note: This is the transmission of the log file;


log format =% t% a% m% f% b
syslog facility = local3
timeout = 300


4.2 Module definition;


What does module definition? Which is mainly the definition of directory servers to be synchronized. Each module must be [name] format. Rsync is the name to see the name of the client, in fact, somewhat like the Samba server to provide a shared name. The real server data synchronization through the path to the specified. We can according to their own needs, to specify the number of modules. Each module to specify user authentication, password files, but is not necessary to exclude;

The following configuration file in front of the example module:


[linuxsirhome]
Note: The module, which provides us with the name of a link, where it links in this module, the link to the / home directory; use [name] format;
path = / home Note: specify the file directory location, which must be specified;
auth users = linuxsir Note: The user authentication is linuxsir, must exist on the server users;
list = yes Note: list means that the rsync server to provide synchronous data directory on the server whether to display a list of modules. The default is yes. If you do not want to list on no; If no is relatively safe, at least people do not know your server, which provides a directory. You know on the list;
ignore errors Note: ignore IO errors, please check the document in detail;
secrets file = / etc / rsyncd / rsyncd.secrets Note: the password which the existence of documents;
comment = linuxsir home data Note: the definition of the Notes can write anything, write the contents of the relevant points on the line;
exclude = beinan / samba /

Note: exclude is excluded from the meaning, that is, to / home directory samba excluded beinan and; beinan / and samba / directory separate spaces between;


[beinan]
path = / opt Note: specify the file directory location;
list = no
comment = optdir
auth users = beinan Note: The above is certainly there on the server of the user;
secrets file = / etc / rsyncd / rsyncd.secrets
ignore errors

5 to start the rsync server and firewall settings;



5.1 Start rsync server;


Start rsync server is quite simple, - daemon is running rsync in server mode;


[root @ linuxsir :~]#/ usr / bin / rsync - daemon - config = / etc / rsyncd / rsyncd.conf

Note: If you can not find rsync command, you should know what rsync is installed on the. For example, the possible installation of rsync command executable in / usr / local / bin directory; the order is as follows;


[root @ linuxsir :~]#/ usr / local / bin / rsync - daemon - config = / etc / rsyncd / rsyncd.conf

Of course you can also write a script to automatically start the boot rysnc server, check your own documents to try, this simple. Slackware because I also have a similar script. I feel not as good as the direct manual operation, or to write this command in the rc.local file, so that can automatically run the same;


5.2 rsync server and firewall;


Linux firewall with iptables, so we let the server-side, at least in the definition of your rsync server port through the client also should be allowed through.


[root @ linuxsir: ~] # iptables-A INPUT-p tcp-m state - state NEW-m tcp - dport 873-j ACCEPT
[root @ linuxsir: ~] # iptables-L look at the firewall is not opened the 873 port;


6 through rsync to synchronize client data;



6.1 are listed on the rsync server sync content provided;



First of all: We take a look at the rsync server, which can be used to provide the data source;



[beinan @ beinnaIBM: ~] $ rsync - list-only linuxsir@linuxsir.org::

+++++++++++++++++++++++++++++++++
+ + + Linuxsir.org rsync server + +
+++++++++++++++++++++++++++++++++


linuxsirhome linuxsir home data

Note: rsync front is provided by data source, that is, we rsyncd.conf written in [linuxsirhome] module. And "linuxsir home data" by [linuxsirhome] module comment = linuxsir home data provided; Why is there no data sources are listed in the beinan come from? Because we [beinan] has been to the list = no.


[beinan @ beinnaIBM: ~] $ rsync - list-only linuxsir@linuxsir.org:: linuxsirhome

Try this?


6.2 rsync client synchronization data;


[beinan @ beinnaIBM: ~] $ rsync-avzP linuxsir@linuxsir.org:: linuxsirhome linuxsirhome
Password: here To enter the password linuxsir is provided by server-side, in front of the case, we used 222,222, enter the password is not displayed; lose after a good return;

Note: the meaning of this command that is to say, with linuxsir users log on to the server, the linuxsirhome data, synchronized to a local directory on linuxsirhome. Of course, the local directory is the definition of your own, such as it is the linuxsir; when you the client, the current operation of the directory does not linuxsirhome this directory, the system will automatically create one for you; when there linuxsirhome this directory you should pay attention to its written permission.

Description:

-a parameter, which is equivalent to-rlptgoD,-r is recursive-l is a link to a document, copy the link means that document;-p permissions to maintain the original document;-t time to maintain the original document;-g users to maintain the original document Group;-o to maintain the original document is a master;-D block device equivalent documents;

-z compression transmission;
-P transfer progress;
-v at the time of the progress of transmission of information, and-P is somewhat related, his own try. Documents can be seen;


[beinan @ beinnaIBM: ~] $ rsync-avzP - delete linuxsir@linuxsir.org:: linuxsirhome linuxsirhome

This time we introduce a - delete option, and that the client's data is fully consistent with the server-side, if there linuxsirhome directory server, the document does not exist, then delete. Linuxsirhome ultimate goal is to catalog the data completely consistent with the server; to be careful when using point, it is best not to have been important as far as the number of the directory, as a local update directory, otherwise your data will be deleted in its entirety;


[beinan @ beinnaIBM: ~] $ rsync-avzP - delete - password-file = rsync.password linuxsir@linuxsir.org:: linuxsirhome linuxsirhome

This time, we added an option - password-file = rsync.password, this is when we linuxsir User Login rsync server data synchronization, password rsync.password will read the document. Linuxsir the content of this document is the user's password. We have to do is as follows;


[beinan @ beinnaIBM: ~] $ touch rsync.password
[beinan @ beinnaIBM: ~] $ chmod 600 rsync.passwod
[beinan @ beinnaIBM: ~] $ echo "222222"> rsync.password

[beinan @ beinnaIBM: ~] $ rsync-avzP - delete - password-file = rsync.password linuxsir@linuxsir.org:: linuxsirhome linuxsirhome

Note: This does not require a password; In fact, this is more important, because the server program through the task crond or necessary;


6.3 Let rsync client automatically synchronize data with the server;


Application servers are heavy-weight, so the network data is extremely important to back up. We can type in the production server, rsync server configured. We can rysnc machine equipped with a backup server as is. So that this backup server, 4 o'clock in the morning every day to start the data synchronization server; and each backup is a complete backup. Sometimes a broken hard drive, or server data is deleted, a full backup or very important. This is equivalent to a daily backup of the data server as a mirror, when the production server the event of an accident, we can easily recover data, can minimize data loss; is really going on? ?

The first step: Create file synchronization and password script



[beinan @ beinnaIBM: ~] mkdir / etc / cron.daily.rsync
[beinan @ beinnaIBM: ~] cd / etc / cron.daily.rsync
[beinan @ beinnaIBM: ~] touch linuxsir.sh beinan.sh
[beinan @ beinnaIBM: ~] chmod 755 / etc / cron.daily.rsync / *. sh
[beinan @ beinnaIBM: ~] mkdir / etc / rsyncd /
[beinan @ beinnaIBM: ~] touch / etc / rsyncd / rsynclinuxsir.password
[beinan @ beinnaIBM: ~] touch / etc / rsyncd / rsyncbeinan.password
[beinan @ beinnaIBM: ~] chmod 600 / etc / rsyncd / rsyncbeinan .*

Note: We are in / etc / cron.daily / create the two documents beinan.sh and linuxsir.sh, and authority is the 755. Password file to create two, linuxsir users is rsynclinuxsir.password, which is beinan users rsyncbeinan.password, permissions 600;

We edit linuxsir.sh, is as follows:


#! / bin / sh
# linuxsir.org home backup
/ usr / bin / rsync-avzP - password-file = / etc / rsyncd / rsynclinuxsir.password linuxsir@192.168.1.171:: linuxsirhome / home / linuxsirhome / $ (date + '% m-% d-% y')

We edit beinan.sh, are:


#! / bin / sh
# linuxsir.org beinan home backup
/ usr / bin / rsync-avzP - password-file = / etc / rsyncd / rsyncbeinan.password linuxsir@192.168.1.171:: beinan / home / beinanhome / $ (date + '% m-% d-% y')

Note: You can put the contents of linuxsir.sh and beinan.sh into one document, for example, all wrote in linuxsir.sh;

Then we modified / etc / rsyncd / rsynclinuxsir.password and rsyncbeinan.password content;


[beinan @ beinnaIBM: ~] echo "222222"> / etc / rsyncd / rsynclinuxsir.password
[beinan @ beinnaIBM: ~] echo "333333"> / etc / rsyncd / rsyncbeinan.password

Then we will have / home directory create a directory linuxsirhome and two beinanhome, meaning linuxsirhome server-side data synchronization to the backup server / home / linuxsirhome under, beinan data synchronization to / home / beinanhome / directory. Filing date and create a directory; daily backup are archived;


[beinan @ beinnaIBM: ~] mkdir / home / linuxsirhome
[beinan @ beinnaIBM: ~] mkdir / home / beinanhome

Step two: modify the configuration file server crond


[beinan @ beinnaIBM: ~] crontab-e

By adding the following:


# Run daily cron jobs at 4:10 every day backup linuxsir data:
10 4 * * * / usr / bin / run-parts / etc / cron.daily.rsync 1> / dev / null

Note:
Note the first line is, is that the content, so remember to own.
The second line, said every morning in the 4:10 time, run / etc / cron.daily.rsync script executable under the mandate;

The third step: crond restart the server;

After configuration, it is necessary to restart the server crond;


[beinan @ beinnaIBM: ~] # killall crond Note: killing process crond server;
[beinan @ beinnaIBM: ~] # ps aux | grep crond Note: check whether they were killed;
[beinan @ beinnaIBM: ~] # / usr / sbin / crond Note: crond restart the server;
[beinan @ beinnaIBM: ~] # ps aux | grep crond Note: check whether or not to start it?
root 3815 0.0 0.0 1860 664? S 14:44 0:00 / usr / sbin / crond
root 3819 0.0 0.0 2188 808 pts / 1 S + 14:45 0:00 grep crond


rsync is a file transfer program for Unix systems. rsync uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files are present at one of the ends of the link beforehand.

rsync is a Unix system and transfer the file synchronization tool. rsync is the "rsync algorithm" provides a client and a remote file server file synchronization of the rapid method.

Some features of rsync include
rsync include the following characteristics:
* Can update whole directory trees and filesystems
Can update whole directory trees and files and systems;
* Optionally preserves symbolic links, hard links, file ownership, permissions, devices and times
To maintain selective Chain symbols, hard links, documents belonging to, powers, equipment and time;
* Requires no special privileges to install
For installation without any special authority requirements;
* Internal pipelining reduces latency for multiple files
For multiple files, the internal pipeline to reduce the paper wait for the delay;
* Can use rsh, ssh or direct sockets as the transport
Use rsh, ssh or direct port as input port Chuan;
* Supports anonymous rsync which is ideal for mirroring
Support for anonymous rsync file synchronization, mirroring is the ideal tool;


2 rsync server grounds;


relatively simple to set up rsync server, rsync may be installed after we did not find configuration file, as well as the rsync server startup process, because each manager is not likely to use the same rsync, so the general release of the software is installed on done, and allows administrators to use and in accordance with the direction of their own to set up their own rsync server; rsync application because the relatively wide range of hosts in the same work back up, but also between the different work the host. Between different host for backup, it is necessary to set up the rsync server.

In my point of view, if carried out on the same host Backup files with a copy tools like cp. Rsync so no need to use relatively sophisticated tools, cp also easy-to-use, of course, this is just a personal point of view;

For heavy-weight servers, the network should have a backup server, only the local backup is not enough, it is best to back up the host or network, it can only be guaranteed the security of data. After all, data on local servers or less secure, such as a broken disk, the hacker deleted data into the server. In fact, the value of the server itself is not large, it is important that the value of data.

In addition to a large number of files from one server to another server, rsync is not an instrument transmission. Companies have a file server, configuration is CPU Intel Celeon 333Mhz, RAM 128M, Hard Drive IDE 80Gx3 = 240G, there is only a 12G hard drive partition to install the system, with a 256M partition as the exchange, other space I have the data used by LVM volumes to manage disk space, I am a 180G of space for data storage, then data storage capacity has reached more than 160 G. At that time, server space is limited, not so local backup. Is impossible to add the hard disk up, because the machine did not do RAID, a broken hard drive, data will be wholly destroyed, without any security protection. In this case, in order to ensure data security, I was forced to do so with a file server support Raid5. In the choice of how to complete transmission of data files to a new server, I think a lot of tools, and finally thought of rsync. I spent 10 minutes to set up and debug the rsync, and then start the file transfer, because the files on a file server too much, the old file server to configure a low, it took about 23 days before it can be completed for all file transfers.


3 to set up rsync server process;


Relatively simple to set up rsync server, write a configuration file rsyncd.conf. Documents are also the rules of writing, we can refer to the document do rsync.samba.org; of course, we must first install the software do a good rsync;

3.1 rsync installation;


Software installation is too simple, the major Linux distributions now offer this package, of course, you could compile your own installation, in the present circumstances, I do not need for too much;


[root @ linuxsir: beinan] $ sudo apt-get install rsync Note: debian, ubuntu-line installation method, etc.;
[root @ linuxsir: beinan] # slackpkg install rsync Note: Slackware packages installed online;
[root @ linuxsir: beinan] # yum install rsync Note: Fedora, Redhat, such as system installation methods;

Other Linux distributions, please use the appropriate package management to install; If it is a source package, that is, use the following approach;


[root @ linuxsir: / home / beinan] # tar xvf sync-xxxx.tar.gz or sync-xxx.tar.bz2
[root @ linuxsir: / home / beinan] # cd sync-xxx
[root @ linuxsir: / home / beinan / sync-xxx] #. / configure - prefix = / usr; make; make install Note: the installation used to compile source packages, you have to install the gcc compiler, etc. issued by us in;

3.2 rsync server configuration file rsyncd.conf;


We can look at rsyncd.conf.html. Concrete steps are as follows;


[root @ linuxsir: ~] # mkdir / etc / rsyncd Note: In the / etc directory create a directory rsyncd, we rsyncd.conf and rsyncd.secrets used to store documents;
[root @ linuxsir: ~] # touch / etc / rsyncd / rsyncd.conf Note: the creation of rsyncd.conf, this is the rsync server's configuration file;
[root @ linuxsir: ~] # touch / etc / rsyncd / rsyncd.secrets Note: the creation of rsyncd.secrets, this is the user's password file;
[root @ linuxsir: ~] # chmod 600 / etc / rsyncd / rsyncd.secrets Note: In order to password security, we set the permissions 600;
[root @ linuxsir: ~] # ls-lh / etc / rsyncd / rsyncd.secrets
-rw ------- 1 root root 14 2007-07-15 10:21 / etc / rsyncd / rsyncd.secrets
[root @ linuxsir: ~] # touch / etc / rsyncd / rsyncd.motd

The next is that we modify and rsyncd.conf and rsyncd.motd document rsyncd.secrets time;

rsync server rsyncd.conf is the main configuration file, we come to a simple example; instance, we want to back up the server / home and / opt, in the / home, I wanted to samba directory beinan and excluded;

# Distributed under the terms of the GNU General Public License v2


# Minimal configuration file for rsync daemon
# See rsync (1) and rsyncd.conf (5) man pages for help

# This line is required by the / etc / init.d / rsyncd script
pid file = / var / run / rsyncd.pid
port = 873
address = 192.168.1.171
# uid = nobody
# gid = nobody
uid = root
gid = root

use chroot = yes
read only = yes


# limit access to private LANs
hosts allow = 192.168.1.0/255.255.255.0 10.0.1.0/255.255.255.0
hosts deny =*

max connections = 5
motd file = / etc / rsyncd / rsyncd.motd

# This will give you a separate log file
# log file = / var / log / rsync.log

# This will log every file transferred - up to 85,000 + per user, per sync
# transfer logging = yes

log format =% t% a% m% f% b
syslog facility = local3
timeout = 300

[linuxsirhome]
path = / home
list = yes
ignore errors
auth users = linuxsir
secrets file = / etc / rsyncd / rsyncd.secrets
comment = linuxsir home
exclude = beinan / samba /

[beinan]
path = / opt
list = no
ignore errors
comment = optdir
auth users = beinan
secrets file = / etc / rsyncd / rsyncd.secrets

Note: The auth users on the server must exist in the real system users, if you want to use multiple users, it is to, No. separated; such as auth users = beinan, linuxsir

Password file: / etc / rsyncd / rsyncd.secrets content format;


Username: Password

And we have the example reads as follows rsyncd.secrets similar; in the document that some systems do not support long password, try to set up their own you. In addition rsyncd.secrets file permissions to other user groups is unreadable. If you set wrong, rsync may not work.


linuxsir: 222222
beinan: 333333

Note: It is worth noting here the password, for security, you can not write system user's password here. For example, users of the system linuxsir your password is abcdefg, for safety, you can rsync to linuxsir of 222,222. This is the samba password for user authentication is more or less the same principle;

rsyncd.motd documents;

It is the definition of information rysnc server, that is, user login information. For example, allow users to know who the server is provided, etc.; similar ftp server log, we have seen linuxsir.org ftp ... .... Of course, this definition of variables in the overall situation is not necessary, you can note the # out, or deleted; I would like to write the contents of a rsyncd.motd as follows:


+++++++++++++++++++++++++++
+ Linuxsir.org rsync 2002-2007 +
+++++++++++++++++++++++++++


4 to set up an example of the rsync server;



The definition of 4.1 overall;


Rsync server in the overall definition of a few of the key comparison, according to our previous configuration files given rsyncd.conf documents;


pid file = / var / run / rsyncd.pid Note: wrote to tell the process of / var / run / rsyncd.pid document;
port = 873 Note: The specified port is running, the default is 873, you can specify their own;
address = 192.168.1.171 Note: The specified server IP address;
uid = nobody
gid = nobdoy

Note: The server-side transfer document, which should be made of users and user groups to implement, the default is nobody. If the nobody user and user group permissions that may be encountered, some files from the server pull-down. So I will be lazy, in order to facilitate use of the root. However, you can sync to in the definition of the module directory specified in the definition of the user to resolve the issue of competence.


use chroot = yes

Note: use chroot, in the transmission file, the server daemon will chroot to the file in the directory system, the benefits of doing so is possible loopholes in the protection system was installed on the possibility of invasion. The disadvantage is the need for super-user privileges. In addition to the symbolic link file will be excluded. In other words, your rsync server, if there is a symbolic link, you run the backup server data synchronization client, the only sign of synchronous down link will not synchronize the contents of symbolic links; the need to try their own ;


read only = yes

Note: read only read-only option, that is, upload files from client to server. There is also a write only option is to try to do what you used;


# limit access to private LANs
hosts allow = 192.168.1.0/255.255.255.0 10.0.1.0/255.255.255.0

Note: You can specify a single IP, can also specify the entire network segment, to increase security. Ip and ip format between, ip network segment and between the network and use a space between the segment and separated;


max connections = 5

Note: The maximum number of connections the client;


motd file = / etc / rsyncd / rsyncd.motd

Note: motd file is the definition of the server information, rsyncd.motd to write the contents of the documents themselves. When the user logged on will see this message. For example, I wrote that:


+++++++++++++++++++++++++++
+ Linuxsir.org rsync 2002-2007 +
+++++++++++++++++++++++++++


log file = / var / log / rsync.log

Note: rsync server log;


transfer logging = yes

Note: This is the transmission of the log file;


log format =% t% a% m% f% b
syslog facility = local3
timeout = 300


4.2 Module definition;


What does module definition? Which is mainly the definition of directory servers to be synchronized. Each module must be [name] format. Rsync is the name to see the name of the client, in fact, somewhat like the Samba server to provide a shared name. The real server data synchronization through the path to the specified. We can according to their own needs, to specify the number of modules. Each module to specify user authentication, password files, but is not necessary to exclude;

The following configuration file in front of the example module:


[linuxsirhome]
Note: The module, which provides us with the name of a link, where it links in this module, the link to the / home directory; use [name] format;
path = / home Note: specify the file directory location, which must be specified;
auth users = linuxsir Note: The user authentication is linuxsir, must exist on the server users;
list = yes Note: list means that the rsync server to provide synchronous data directory on the server whether to display a list of modules. The default is yes. If you do not want to list on no; If no is relatively safe, at least people do not know your server, which provides a directory. You know on the list;
ignore errors Note: ignore IO errors, please check the document in detail;
secrets file = / etc / rsyncd / rsyncd.secrets Note: the password which the existence of documents;
comment = linuxsir home data Note: the definition of the Notes can write anything, write the contents of the relevant points on the line;
exclude = beinan / samba /

Note: exclude is excluded from the meaning, that is, to / home directory samba excluded beinan and; beinan / and samba / directory separate spaces between;


[beinan]
path = / opt Note: specify the file directory location;
list = no
comment = optdir
auth users = beinan Note: The above is certainly there on the server of the user;
secrets file = / etc / rsyncd / rsyncd.secrets
ignore errors

5 to start the rsync server and firewall settings;



5.1 Start rsync server;


Start rsync server is quite simple, - daemon is running rsync in server mode;


[root @ linuxsir :~]#/ usr / bin / rsync - daemon - config = / etc / rsyncd / rsyncd.conf

Note: If you can not find rsync command, you should know what rsync is installed on the. For example, the possible installation of rsync command executable in / usr / local / bin directory; the order is as follows;


[root @ linuxsir :~]#/ usr / local / bin / rsync - daemon - config = / etc / rsyncd / rsyncd.conf

Of course you can also write a script to automatically start the boot rysnc server, check your own documents to try, this simple. Slackware because I also have a similar script. I feel not as good as the direct manual operation, or to write this command in the rc.local file, so that can automatically run the same;


5.2 rsync server and firewall;


Linux firewall with iptables, so we let the server-side, at least in the definition of your rsync server port through the client also should be allowed through.


[root @ linuxsir: ~] # iptables-A INPUT-p tcp-m state - state NEW-m tcp - dport 873-j ACCEPT
[root @ linuxsir: ~] # iptables-L look at the firewall is not opened the 873 port;


6 through rsync to synchronize client data;



6.1 are listed on the rsync server sync content provided;



First of all: We take a look at the rsync server, which can be used to provide the data source;



[beinan @ beinnaIBM: ~] $ rsync - list-only linuxsir@linuxsir.org::

+++++++++++++++++++++++++++++++++
+ + + Linuxsir.org rsync server + +
+++++++++++++++++++++++++++++++++


linuxsirhome linuxsir home data

Note: rsync front is provided by data source, that is, we rsyncd.conf written in [linuxsirhome] module. And "linuxsir home data" by [linuxsirhome] module comment = linuxsir home data provided; Why is there no data sources are listed in the beinan come from? Because we [beinan] has been to the list = no.


[beinan @ beinnaIBM: ~] $ rsync - list-only linuxsir@linuxsir.org:: linuxsirhome

Try this?


6.2 rsync client synchronization data;


[beinan @ beinnaIBM: ~] $ rsync-avzP linuxsir@linuxsir.org:: linuxsirhome linuxsirhome
Password: here To enter the password linuxsir is provided by server-side, in front of the case, we used 222,222, enter the password is not displayed; lose after a good return;

Note: the meaning of this command that is to say, with linuxsir users log on to the server, the linuxsirhome data, synchronized to a local directory on linuxsirhome. Of course, the local directory is the definition of your own, such as it is the linuxsir; when you the client, the current operation of the directory does not linuxsirhome this directory, the system will automatically create one for you; when there linuxsirhome this directory you should pay attention to its written permission.

Description:

-a parameter, which is equivalent to-rlptgoD,-r is recursive-l is a link to a document, copy the link means that document;-p permissions to maintain the original document;-t time to maintain the original document;-g users to maintain the original document Group;-o to maintain the original document is a master;-D block device equivalent documents;

-z compression transmission;
-P transfer progress;
-v at the time of the progress of transmission of information, and-P is somewhat related, his own try. Documents can be seen;


[beinan @ beinnaIBM: ~] $ rsync-avzP - delete linuxsir@linuxsir.org:: linuxsirhome linuxsirhome

This time we introduce a - delete option, and that the client's data is fully consistent with the server-side, if there linuxsirhome directory server, the document does not exist, then delete. Linuxsirhome ultimate goal is to catalog the data completely consistent with the server; to be careful when using point, it is best not to have been important as far as the number of the directory, as a local update directory, otherwise your data will be deleted in its entirety;


[beinan @ beinnaIBM: ~] $ rsync-avzP - delete - password-file = rsync.password linuxsir@linuxsir.org:: linuxsirhome linuxsirhome

This time, we added an option - password-file = rsync.password, this is when we linuxsir User Login rsync server data synchronization, password rsync.password will read the document. Linuxsir the content of this document is the user's password. We have to do is as follows;


[beinan @ beinnaIBM: ~] $ touch rsync.password
[beinan @ beinnaIBM: ~] $ chmod 600 rsync.passwod
[beinan @ beinnaIBM: ~] $ echo "222222"> rsync.password

[beinan @ beinnaIBM: ~] $ rsync-avzP - delete - password-file = rsync.password linuxsir@linuxsir.org:: linuxsirhome linuxsirhome

Note: This does not require a password; In fact, this is more important, because the server program through the task crond or necessary;


6.3 Let rsync client automatically synchronize data with the server;


Application servers are heavy-weight, so the network data is extremely important to back up. We can type in the production server, rsync server configured. We can rysnc machine equipped with a backup server as is. So that this backup server, 4 o'clock in the morning every day to start the data synchronization server; and each backup is a complete backup. Sometimes a broken hard drive, or server data is deleted, a full backup or very important. This is equivalent to a daily backup of the data server as a mirror, when the production server the event of an accident, we can easily recover data, can minimize data loss; is really going on? ?

The first step: Create file synchronization and password script



[beinan @ beinnaIBM: ~] mkdir / etc / cron.daily.rsync
[beinan @ beinnaIBM: ~] cd / etc / cron.daily.rsync
[beinan @ beinnaIBM: ~] touch linuxsir.sh beinan.sh
[beinan @ beinnaIBM: ~] chmod 755 / etc / cron.daily.rsync / *. sh
[beinan @ beinnaIBM: ~] mkdir / etc / rsyncd /
[beinan @ beinnaIBM: ~] touch / etc / rsyncd / rsynclinuxsir.password
[beinan @ beinnaIBM: ~] touch / etc / rsyncd / rsyncbeinan.password
[beinan @ beinnaIBM: ~] chmod 600 / etc / rsyncd / rsyncbeinan .*

Note: We are in / etc / cron.daily / create the two documents beinan.sh and linuxsir.sh, and authority is the 755. Password file to create two, linuxsir users is rsynclinuxsir.password, which is beinan users rsyncbeinan.password, permissions 600;

We edit linuxsir.sh, is as follows:


#! / bin / sh
# linuxsir.org home backup
/ usr / bin / rsync-avzP - password-file = / etc / rsyncd / rsynclinuxsir.password linuxsir@192.168.1.171:: linuxsirhome / home / linuxsirhome / $ (date + '% m-% d-% y')

We edit beinan.sh, are:


#! / bin / sh
# linuxsir.org beinan home backup
/ usr / bin / rsync-avzP - password-file = / etc / rsyncd / rsyncbeinan.password linuxsir@192.168.1.171:: beinan / home / beinanhome / $ (date + '% m-% d-% y')

Note: You can put the contents of linuxsir.sh and beinan.sh into one document, for example, all wrote in linuxsir.sh;

Then we modified / etc / rsyncd / rsynclinuxsir.password and rsyncbeinan.password content;


[beinan @ beinnaIBM: ~] echo "222222"> / etc / rsyncd / rsynclinuxsir.password
[beinan @ beinnaIBM: ~] echo "333333"> / etc / rsyncd / rsyncbeinan.password

Then we will have / home directory create a directory linuxsirhome and two beinanhome, meaning linuxsirhome server-side data synchronization to the backup server / home / linuxsirhome under, beinan data synchronization to / home / beinanhome / directory. Filing date and create a directory; daily backup are archived;


[beinan @ beinnaIBM: ~] mkdir / home / linuxsirhome
[beinan @ beinnaIBM: ~] mkdir / home / beinanhome

Step two: modify the configuration file server crond


[beinan @ beinnaIBM: ~] crontab-e

By adding the following:


# Run daily cron jobs at 4:10 every day backup linuxsir data:
10 4 * * * / usr / bin / run-parts / etc / cron.daily.rsync 1> / dev / null

Note:
Note the first line is, is that the content, so remember to own.
The second line, said every morning in the 4:10 time, run / etc / cron.daily.rsync script executable under the mandate;

The third step: crond restart the server;

After configuration, it is necessary to restart the server crond;


[beinan @ beinnaIBM: ~] # killall crond Note: killing process crond server;
[beinan @ beinnaIBM: ~] # ps aux | grep crond Note: check whether they were killed;
[beinan @ beinnaIBM: ~] # / usr / sbin / crond Note: crond restart the server;
[beinan @ beinnaIBM: ~] # ps aux | grep crond Note: check whether or not to start it?
root 3815 0.0 0.0 1860 664? S 14:44 0:00 / usr / sbin / crond
root 3819 0.0 0.0 2188 808 pts / 1 S + 14:45 0:00 grep crond