Giving user read permissions everywhere (Linux)

backup linux permissions

Solution 1:

You're mixing two commands:

  • chown that is used to change the owner of a file. Exemple: chown root:adm /etc/passwd

  • chmod that is used to change the permission of a file. Exemple: chmod g+r myfile

Whatever your goal is, you really don't want to have your backup user to own every file and you certainly don't want to have every users on your system the right to read every files of your system.

What is your goal?

Solution 2:

Under Linux, if you use an ACL capable filesystem (ext3, ReiserFS, ZFS will do I think), then you can set read and directory traversal right to your backup operator user.

Let's say you want to backup /home

  1. Your partition should be mounted with the "acl" option (you can do that with mount -o remount,acl /home )
  2. Install acl tools (setfacl and getfacl)
  3. setfacl -R -m u:"Backup User":rx /home

If you want to ensure that new files and directories will have proper rights too, the set the default ACL :

  1. setfacl -R -m d:u:"Backup User":rx /home

You can obviously do that with a finer grain (for instance if you don't want to backup gnupg or ssh keys, - which should be protected by a password anyway)

Performing a backup as root is not wise, IMHO. First if you inadvertently run out of disk space, you can consume up to the last available block, and render your system unstable. Second, if you are not completely sure of the script or command you use for backup, a malicious user could make your backup go recursive, or do nasty things as root.

I personally use a rsync mechanism for syncing a server on a replica. I use simple group rights on most of the sync points, except for the home where I use ACLs

Solution 3:

The right way to do this is not by changing your file permissions. You should use sudo and/or setuid executables.

Solution 4:

The simple answer is to run the backup as root. In fact, short of doing very onerous and/or dangerous things, that is the only answer as far as I can tell.

If you were to you can't set backup as the owner of everthing, nor can you set it as the group for everthing, so the only other way to give it access is to give everyone access. Simply put, you run backups are root or make a mess of your system.

It is totally normal to back up as root.

Bart.

Solution 5:

chmod g+r myfile

g represents the group of the file (administrators).

r represents the read permission.

  • represents the fact that the permission is added.

Related

Which RAID solutions can handle 2 disk failures
How similar is Ubuntu to SUSE Enterprise
Advantages of IPv4 over IPv6
Stop Excel formula from changing when inserting/deleting rows
How to play an MKV 3D side-by-side video?
Migrate Google docs to Office 365, convert from .gdoc to .docx [closed]
bitlocker - how to create recovery key?
Lenovo W540 won't enter BIOS
How to get two separated connections on one cable?
My WD passport detected but not working
How to increase disk space in Wubi (Ubuntu via windows)?
SSH from host machine Win7 to guest Fedora Machine in VirtualBox