Configure server rsync service
1. Configure rsync service configuration file: vim /etc/
The contents in the configuration file are as follows:(This method is a method of specifying users to transfer files, and can be connected using interactive or non-interactive mode)
uid = rsync
gid = rsync
use chroot = no
#Security-related configurations can usually be set to no
fake super = yes
#Permissions Issue Rsync temporary escalation of rights gives you permissions
max connections = 200
#The maximum number of connections is 4 by default
pid file = /var/run/rsyncd.pid
#Process Number
log file = /var/log/rsyncd.log
#Specify log file to display error message or program running information
# exclude = lost+found/
# transfer logging = yes
timeout = 300
#Default timeout How long does it take to disconnect without transmission
port = 873
#rsync port number is 873 by default, and can also be changed to 8873
read only = false
#Read Only Close
#auth user = rsync_backup
#Specify the name of the login user to use for client login
#secrets file = /etc/
#Path to password file
[backup]
#Add backup module
comment = "Welcome to Azkaban RsyncBackUp"
path = /backup
auth users = rsync_backup
#Specify the name of the login user to use for client login
secrets file = /etc/rsync.passwd
#Path to password file
2. Create a virtual user rsync without adding a group, and users are not allowed to log in:
useradd -s /sbin/nologin -M rsync
3. Create a password file for authorized user rsync_backup under etc:
echo "rsync_backup:123456" > /etc/rsync.passwd
4. Change the file permissions of the password file:
chmod 600 /etc/rsync.passwd
5. Create a directory called backup in the root directory:
mkdir /backup
6. Change the owner and group of the contents of the backup directory and the contents in the directory to rsync:
chown -R rsync.rsync /backup/
7. Start rsync service:
systemctl restart rsyncd
8. Set the rsync service to start automatically:
systemctl enable rsyncd
System feedback after incoming: Created symlinkfrom /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
Experimental deployment: Client push to server-side experimental deployment—Client deployment
There are two ways to do this:Interactive and non-interactive
Interactive:
Interactive means that after we execute the push or pull command, the system prompts to enter the user's password. When our server is configured to connect to the specified user to transmit, we are required to enter the password when using the user to transmit. Each time the transmission command is executed, we must enter the password.
Non-interactive:
1. Variable non-interactive: We first set a temporary variable on the client, so that when we execute the transmission command, we do not need to enter a password, and execute it directly. This is the most recommended way in non-interactive. The advantage is that it is relatively safe. When we close the client, this variable will be invalid.
export RSYNC_PASSWORD=123456 #Set a temporary variable
2. Non-interactive key file: We create a key file, and then read the key file when executing the command first and then execute the transfer command to achieve non-interactive transmission.
echo '123456' > /etc/rsync.passwd #Create a new password file
chmod 600 /etc/rsync.passwd #Modify file permissions
rsync -avzP --password-file=/etc/rsync.passwd /tmp/8848 rsync_backup@10.0.0.139::backup #Specify the key file location in the command