Giving user read permissions everywhere (Linux)
Solution 1:
You're mixing two commands:
chown that is used to change the owner of a file. Exemple:
chown root:adm /etc/passwd
chmod that is used to change the permission of a file. Exemple:
chmod g+r myfile
Whatever your goal is, you really don't want to have your backup user to own every file and you certainly don't want to have every users on your system the right to read every files of your system.
What is your goal?
Solution 2:
Under Linux, if you use an ACL capable filesystem (ext3, ReiserFS, ZFS will do I think), then you can set read and directory traversal right to your backup operator user.
Let's say you want to backup /home
- Your partition should be mounted with the "acl" option (you can do that with
mount -o remount,acl /home
) - Install acl tools (setfacl and getfacl)
setfacl -R -m u:"Backup User":rx /home
If you want to ensure that new files and directories will have proper rights too, the set the default ACL :
setfacl -R -m d:u:"Backup User":rx /home
You can obviously do that with a finer grain (for instance if you don't want to backup gnupg or ssh keys, - which should be protected by a password anyway)
Performing a backup as root is not wise, IMHO. First if you inadvertently run out of disk space, you can consume up to the last available block, and render your system unstable. Second, if you are not completely sure of the script or command you use for backup, a malicious user could make your backup go recursive, or do nasty things as root.
I personally use a rsync mechanism for syncing a server on a replica. I use simple group rights on most of the sync points, except for the home where I use ACLs
Solution 3:
The right way to do this is not by changing your file permissions. You should use sudo
and/or setuid executables.
Solution 4:
The simple answer is to run the backup as root. In fact, short of doing very onerous and/or dangerous things, that is the only answer as far as I can tell.
If you were to you can't set backup as the owner of everthing, nor can you set it as the group for everthing, so the only other way to give it access is to give everyone access. Simply put, you run backups are root or make a mess of your system.
It is totally normal to back up as root.
Bart.
Solution 5:
chmod g+r myfile
g represents the group of the file (administrators).
r represents the read permission.
- represents the fact that the permission is added.