1rsnapshot(1) rsnapshot-tools rsnapshot(1)
2
3
4
6 rsnapshot - remote filesystem snapshot utility
7
9 rsnapshot [-vtxqVD] [-c cfgfile] [command] [args]
10
12 rsnapshot is a filesystem snapshot utility. It can take incremental
13 snapshots of local and remote filesystems for any number of machines.
14
15 Local filesystem snapshots are handled with rsync(1). Secure remote
16 connections are handled with rsync over ssh(1), while anonymous rsync
17 connections simply use an rsync server. Both remote and local transfers
18 depend on rsync.
19
20 rsnapshot saves much more disk space than you might imagine. The amount
21 of space required is roughly the size of one full backup, plus a copy
22 of each additional file that is changed. rsnapshot makes extensive use
23 of hard links, so if the file doesn't change, the next snapshot is
24 simply a hard link to the exact same file.
25
26 rsnapshot will typically be invoked as root by a cron job, or series of
27 cron jobs. It is possible, however, to run as any arbitrary user with
28 an alternate configuration file.
29
30 All important options are specified in a configuration file, which is
31 located by default at /etc/rsnapshot.conf. An alternate file can be
32 specified on the command line. There are also additional options which
33 can be passed on the command line.
34
35 The command line options are as follows:
36
37 -v verbose, show shell commands being executed
38
39 -t test, show shell commands that would be executed
40
41 -c path to alternate config file
42
43 -x one filesystem, don't cross partitions within each backup point
44
45 -q quiet, suppress non-fatal warnings
46
47 -V same as -v, but with more detail
48
49 -D a firehose of diagnostic information
50
52 /etc/rsnapshot.conf is the default configuration file. All parameters
53 in this file must be separated by tabs. /etc/rsnapshot.conf.default can
54 be used as a reference.
55
56 It is recommended that you copy /etc/rsnapshot.conf.default to
57 /etc/rsnapshot.conf, and then modify /etc/rsnapshot.conf to suit your
58 needs.
59
60 Long lines may be split over several lines. "Continuation" lines must
61 begin with a space or a tab character. Continuation lines will have
62 all leading and trailing whitespace stripped off, and then be appended
63 with an intervening tab character to the previous line when the
64 configuration file is parsed.
65
66 Here is a list of allowed parameters:
67
68 config_version Config file version (required). Default is 1.2
69
70 snapshot_root Local filesystem path to save all snapshots
71
72 include_conf Include another file in the configuration at
73 this point.
74
75 This is recursive, but you may need to be careful about paths
76 when specifying which file to include. We check to see if the
77 file you have specified is readable, and will yell an error if
78 it isn't. We recommend using a full path. As a special case,
79 include_conf's value may be enclosed in `backticks` in which
80 case it will be executed and whatever it spits to STDOUT will
81 be included in the configuration. Note that shell meta-
82 characters may be interpreted.
83
84 no_create_root If set to 1, rsnapshot won't create
85 snapshot_root directory
86
87 cmd_rsync Full path to rsync (required)
88
89 cmd_ssh Full path to ssh (optional)
90
91 cmd_cp Full path to cp (optional, but must be GNU
92 version)
93
94 If you are using Linux, you should uncomment cmd_cp. If you are
95 using a platform which does not have GNU cp, you should leave
96 cmd_cp commented out.
97
98 With GNU cp, rsnapshot can take care of both normal files and
99 special files (such as FIFOs, sockets, and block/character
100 devices) in one pass.
101
102 If cmd_cp is disabled, rsnapshot will use its own built-in
103 function, native_cp_al() to backup up regular files and
104 directories. This will then be followed up by a separate call
105 to rsync, to move the special files over (assuming there are
106 any).
107
108 cmd_rm Full path to rm (optional)
109
110 cmd_logger Full path to logger (optional, for syslog
111 support)
112
113 cmd_du Full path to du (optional, for disk usage
114 reports)
115
116 cmd_rsnapshot_diff Full path to rsnapshot-diff (optional)
117
118 cmd_preexec
119
120 Full path (plus any arguments) to preexec script (optional).
121 This script will run immediately before each backup operation
122 (but not any rotations). If the execution fails, rsnapshot will
123 stop immediately.
124
125 cmd_postexec
126
127 Full path (plus any arguments) to postexec script (optional).
128 This script will run immediately after each backup operation
129 (but not any rotations). If the execution fails, rsnapshot will
130 stop immediately.
131
132 linux_lvm_cmd_lvcreate
133
134 linux_lvm_cmd_lvremove
135
136 linux_lvm_cmd_mount
137
138 linux_lvm_cmd_umount
139
140 Paths to lvcreate, lvremove, mount and umount commands, for use
141 with Linux LVMs. You may include options to the commands also.
142 The lvcreate, lvremove, mount and umount commands are required
143 for managing snapshots of LVM volumes and are otherwise
144 optional.
145
146 retain [name] [number]
147
148 "name" refers to the name of this backup level (e.g., alpha,
149 beta, so also called the 'interval'). "number" is the number of
150 snapshots for this type of interval that will be retained. The
151 value of "name" will be the command passed to rsnapshot to
152 perform this type of backup.
153
154 A deprecated alias for 'retain' is 'interval'.
155
156 Example: retain alpha 6
157
158 [root@localhost]# rsnapshot alpha
159
160 For this example, every time this is run, the following will
161 happen:
162
163 <snapshot_root>/alpha.5/ will be deleted, if it exists.
164
165 <snapshot_root>/alpha.{1,2,3,4} will all be rotated +1, if they
166 exist.
167
168 <snapshot_root>/alpha.0/ will be copied to
169 <snapshot_root>/alpha.1/ using hard links.
170
171 Each backup point (explained below) will then be rsynced to the
172 corresponding directories in <snapshot_root>/alpha.0/
173
174 Backup levels must be specified in the config file in order,
175 from most frequent to least frequent. The first entry is the
176 one which will be synced with the backup points. The subsequent
177 backup levels (e.g., beta, gamma, etc) simply rotate, with each
178 higher backup level pulling from the one below it for its .0
179 directory.
180
181 Example:
182
183 retain alpha 6
184
185 retain beta 7
186
187 retain gamma 4
188
189 beta.0/ will be moved from alpha.5/, and gamma.0/ will be moved
190 from beta.6/
191
192 alpha.0/ will be rsynced directly from the filesystem.
193
194 link_dest 1
195
196 If your version of rsync supports --link-dest (2.5.7 or newer),
197 you can enable this to let rsync handle some things that GNU cp
198 or the built-in subroutines would otherwise do. Enabling this
199 makes rsnapshot take a slightly more complicated code branch,
200 but it's the best way to support special files on non-Linux
201 systems.
202
203 sync_first 1
204
205 sync_first changes the behaviour of rsnapshot. When this is
206 enabled, all calls to rsnapshot with various backup levels
207 simply rotate files. All backups are handled by calling
208 rsnapshot with the "sync" argument. The synced files are stored
209 in a ".sync" directory under the snapshot_root.
210
211 This allows better recovery in the event that rsnapshot is
212 interrupted in the middle of a sync operation, since the sync
213 step and rotation steps are separated. This also means that you
214 can easily run "rsnapshot sync" on the command line without
215 fear of forcing all the other directories to rotate up. This
216 benefit comes at the cost of one more snapshot worth of disk
217 space. The default is 0 (off).
218
219 verbose 2
220
221 The amount of information to print out when the program is run.
222 Allowed values are 1 through 5. The default is 2.
223
224 1 Quiet Show fatal errors only
225 2 Default Show warnings and errors
226 3 Verbose Show equivalent shell commands being executed
227 4 Extra Verbose Same as verbose, but with more detail
228 5 Debug All kinds of information
229
230 loglevel 3
231
232 This number means the same thing as verbose above, but it
233 determines how much data is written to the logfile, if one is
234 being written.
235
236 logfile /var/log/rsnapshot
237
238 Full filesystem path to the rsnapshot log file. If this is
239 defined, a log file will be written, with the amount of data
240 being controlled by loglevel. If this is commented out, no log
241 file will be written.
242
243 include [file-name-pattern]
244
245 This gets passed directly to rsync using the --include
246 directive. This parameter can be specified as many times as
247 needed, with one pattern defined per line. See the rsync(1) man
248 page for the syntax.
249
250 exclude [file-name-pattern]
251
252 This gets passed directly to rsync using the --exclude
253 directive. This parameter can be specified as many times as
254 needed, with one pattern defined per line. See the rsync(1) man
255 page for the syntax.
256
257 include_file /path/to/include/file
258
259 This gets passed directly to rsync using the --include-from
260 directive. See the rsync(1) man page for the syntax.
261
262 exclude_file /path/to/exclude/file
263
264 This gets passed directly to rsync using the --exclude-from
265 directive. See the rsync(1) man page for the syntax.
266
267 rsync_short_args -a
268
269 List of short arguments to pass to rsync. If not specified,
270 "-a" is the default. Please note that these must be all next to
271 each other. For example, "-az" is valid, while "-a -z" is not.
272
273 "-a" is rsync's "archive mode" which tells it to copy as much
274 of the filesystem metadata as it can for each file. This
275 specifically does *not* include information about hard links,
276 as that would greatly increase rsync's memory usage and slow it
277 down. If you need to preserve hard links in your backups, then
278 add "H" to this.
279
280 rsync_long_args --delete --numeric-ids --relative
281 --delete-excluded
282
283 List of long arguments to pass to rsync. The default values
284 are
285 --delete --numeric-ids --relative --delete-excluded This
286 means that the directory structure in each backup point
287 destination will match that in the backup point source.
288
289 Quotes are permitted in rsync_long_args, eg --rsync-path="sudo
290 /usr/bin/rsync". You may use either single (') or double (")
291 quotes, but nested quotes (including mixed nested quotes) are
292 not permitted. Similar quoting is also allowed in per-backup-
293 point rsync_long_args.
294
295 ssh_args -p 22
296
297 Arguments to be passed to ssh. If not specified, the default is
298 none.
299
300 du_args -csh
301
302 Arguments to be passed to du. If not specified, the default is
303 -csh. GNU du supports -csh, BSD du supports -csk, Solaris du
304 doesn't support -c at all. The GNU version is recommended,
305 since it offers the most features.
306
307 lockfile /var/run/rsnapshot.pid
308
309 stop_on_stale_lockfile 0
310
311 Lockfile to use when rsnapshot is run. This prevents a second
312 invocation from clobbering the first one. If not specified, no
313 lock file is used. Make sure to use a directory that is not
314 world writeable for security reasons. Use of a lock file is
315 strongly recommended.
316
317 If a lockfile exists when rsnapshot starts, it will try to read
318 the file and stop with an error if it can't. If it *can* read
319 the file, it sees if a process exists with the PID noted in the
320 file. If it does, rsnapshot stops with an error message. If
321 there is no process with that PID, then we assume that the
322 lockfile is stale and ignore it *unless* stop_on_stale_lockfile
323 is set to 1 in which case we stop.
324
325 stop_on_stale_lockfile defaults to 0.
326
327 one_fs 1
328
329 Prevents rsync from crossing filesystem partitions. Setting
330 this to a value of 1 enables this feature. 0 turns it off. This
331 parameter is optional. The default is 0 (off).
332
333 use_lazy_deletes 1
334
335 Changes default behavior of rsnapshot and does not initially
336 remove the oldest snapshot. Instead it moves that directory to
337 _delete.[processid] and continues as normal. Once the backup
338 has been completed, the lockfile will be removed before
339 rsnapshot starts deleting the directory.
340
341 Enabling this means that snapshots get taken sooner (since the
342 delete doesn't come first), and any other rsnapshot processes
343 are allowed to start while the final delete is happening. This
344 benefit comes at the cost of using more disk space. The default
345 is 0 (off).
346
347 The details of how this works have changed in rsnapshot version
348 1.3.1. Originally you could only ever have one .delete
349 directory per backup level. Now you can have many, so if your
350 next (eg) alpha backup kicks off while the previous one is
351 still doing a lazy delete you may temporarily have extra
352 _delete directories hanging around.
353
354 linux_lvm_snapshotsize 2G
355
356 LVM snapshot(s) size (lvcreate --size option).
357
358 linux_lvm_snapshotname rsnapshot
359
360 Name to be used when creating the LVM logical volume
361 snapshot(s) (lvcreate --name option).
362
363 linux_lvm_vgpath /dev
364
365 Path to the LVM Volume Groups.
366
367 linux_lvm_mountpath /mnt/lvm-snapshot
368
369 Mount point to use to temporarily mount the snapshot(s).
370
371 backup /etc/ localhost/
372
373 backup root@example.com:/etc/ example.com/
374
375 backup rsync://example.com/path2/ example.com/
376
377 backup /var/ localhost/ one_fs=1
378
379 backup lvm://vg0/home/path2/ lvm-vg0/
380
381 backup_script /usr/local/bin/backup_pgsql.sh pgsql_backup/
382
383 Examples:
384
385 backup /etc/ localhost/
386
387 Backs up /etc/ to <snapshot_root>/<retain>.0/localhost/etc/
388 using rsync on the local filesystem
389
390 backup /usr/local/ localhost/
391
392 Backs up /usr/local/ to
393 <snapshot_root>/<retain>.0/localhost/usr/local/ using rsync
394 on the local filesystem
395
396 backup root@example.com:/etc/ example.com/
397
398 Backs up root@example.com:/etc/ to
399 <snapshot_root>/<retain>.0/example.com/etc/ using rsync
400 over ssh
401
402 backup example.com:/etc/ example.com/
403
404 Same thing but let ssh choose the remote username (as
405 specified in ~/.ssh/config, otherwise the same as the local
406 username)
407
408 backup root@example.com:/usr/local/ example.com/
409
410 Backs up root@example.com:/usr/local/ to
411 <snapshot_root>/<retain>.0/example.com/usr/local/ using
412 rsync over ssh
413
414 backup rsync://example.com/pub/ example.com/pub/
415
416 Backs up rsync://example.com/pub/ to
417 <snapshot_root>/<retain>.0/example.com/pub/ using an
418 anonymous rsync server. Please note that unlike backing up
419 local paths and using rsync over ssh, rsync servers have
420 "modules", which are top level directories that are
421 exported. Therefore, the module should also be specified in
422 the destination path, as shown in the example above (the
423 pub/ directory at the end).
424
425 backup /var/ localhost/ one_fs=1
426
427 This is the same as the other examples, but notice the
428 fourth column. This is how you specify per-backup-point
429 options to over-ride global settings. This extra parameter
430 can take several options, separated by commas.
431
432 It is most useful when specifying per-backup rsync excludes
433 thus:
434
435 backup root@somehost:/ somehost
436 +rsync_long_args=--exclude=/var/spool/
437
438 Note the + sign. That tells rsync_long_args to add to the
439 list of arguments to pass to rsync instead of replacing the
440 list. The + sign is only supported for rsnapshot's
441 rsync_long_args and rsync_short_args.
442
443 backup lvm://vg0/home/path2/ lvm-vg0/
444
445 Backs up the LVM logical volume called home, of volume
446 group vg0, to <snapshot_root>/<retain>.0/lvm-vg0/. Will
447 create, mount, backup, unmount and remove an LVM snapshot
448 for each lvm:// entry.
449
450 backup_script /usr/local/bin/backup_database.sh
451 db_backup/
452
453 In this example, we specify a script or program to run.
454 This script should simply create files and/or directories
455 in its current working directory. rsnapshot will then take
456 that output and move it into the directory specified in the
457 third column.
458
459 Please note that whatever is in the destination directory
460 will be completely deleted and recreated. For this reason,
461 rsnapshot prevents you from specifying a destination
462 directory for a backup_script that will clobber other
463 backups.
464
465 So in this example, say the backup_database.sh script
466 simply runs a command like:
467
468 #!/bin/sh
469
470 mysqldump -uusername mydatabase > mydatabase.sql
471
472 chmod u=r,go= mydatabase.sql # r-------- (0400)
473
474 rsnapshot will take the generated "mydatabase.sql" file and
475 move it into the <snapshot_root>/<retain>.0/db_backup/
476 directory. On subsequent runs, rsnapshot checks the
477 differences between the files created against the previous
478 files. If the backup script generates the same output on
479 the next run, the files will be hard linked against the
480 previous ones, and no additional disk space will be taken
481 up.
482
483 backup_exec ssh root@1.2.3.4 "du -sh /.offsite_backup"
484 optional/
485
486 backup_exec rsync -az /.snapshots/daily.0
487 root@1.2.3.4:/.offsite_backup/ required/
488
489 backup_exec /bin/true/
490
491 backup_exec simply runs the command listed. The second
492 argument is not required and defaults to a value of
493 'optional'. It specifies the importance that the command
494 return 0. Valid values are 'optional' and 'required'. If
495 the command is specified as optional, a non-zero exit
496 status from the command will result in a warning message
497 being output. If the command is specified as 'required', a
498 non-zero exit status from the command will result in an
499 error message being output and rsnapshot itself will exit
500 with a non-zero exit status.
501
502 Remember that tabs must separate all elements, and that there must
503 be a trailing slash on the end of every directory.
504
505 A hash mark (#) on the beginning of a line is treated as a comment.
506
507 Putting it all together (an example file):
508
509 # THIS IS A COMMENT, REMEMBER TABS MUST SEPARATE ALL ELEMENTS
510
511 config_version 1.2
512
513 snapshot_root /.snapshots/
514
515 cmd_rsync /usr/bin/rsync
516 cmd_ssh /usr/bin/ssh
517 #cmd_cp /bin/cp
518 cmd_rm /bin/rm
519 cmd_logger /usr/bin/logger
520 cmd_du /usr/bin/du
521
522 linux_lvm_cmd_lvcreate /sbin/lvcreate
523 linux_lvm_cmd_lvremove /sbin/lvremove
524 linux_lvm_cmd_mount /bin/mount
525 linux_lvm_cmd_umount /bin/umount
526
527 linux_lvm_snapshotsize 2G
528 linux_lvm_snapshotname rsnapshot
529 linux_lvm_vgpath /dev
530 linux_lvm_mountpath /mnt/lvm-snapshot
531
532 retain alpha 6
533 retain beta 7
534 retain gamma 7
535 retain delta 3
536
537 backup /etc/ localhost/
538 backup /home/ localhost/
539 backup_script /usr/local/bin/backup_mysql.sh mysql_backup/
540
541 backup root@foo.com:/etc/ foo.com/
542 backup root@foo.com:/home/ foo.com/
543 backup root@mail.foo.com:/home/ mail.foo.com/
544 backup rsync://example.com/pub/ example.com/pub/
545 backup lvm://vg0/xen-home/ lvm-vg0/xen-home/
546 backup_exec echo "backup finished!"
547
549 rsnapshot can be used by any user, but for system-wide backups you will
550 probably want to run it as root.
551
552 Since backups usually get neglected if human intervention is required,
553 the preferred way is to run it from cron.
554
555 When you are first setting up your backups, you will probably also want
556 to run it from the command line once or twice to get a feel for what
557 it's doing.
558
559 Here is an example crontab entry, assuming that backup levels alpha,
560 beta, gamma and delta have been defined in /etc/rsnapshot.conf
561
562 0 */4 * * * /usr/local/bin/rsnapshot alpha
563
564 50 23 * * * /usr/local/bin/rsnapshot beta
565
566 40 23 * * 6 /usr/local/bin/rsnapshot gamma
567
568 30 23 1 * * /usr/local/bin/rsnapshot delta
569
570 This example will do the following:
571
572 6 alpha backups a day (once every 4 hours, at 0,4,8,12,16,20)
573
574 1 beta backup every day, at 11:50PM
575
576 1 gamma backup every week, at 11:40PM, on Saturdays (6th day of
577 week)
578
579 1 delta backup every month, at 11:30PM on the 1st day of the month
580
581 It is usually a good idea to schedule the larger backup levels to run a
582 bit before the lower ones. For example, in the crontab above, notice
583 that "beta" runs 10 minutes before "alpha". The main reason for this
584 is that the beta rotate will pull out the oldest alpha and make that
585 the youngest beta (which means that the next alpha rotate will not need
586 to delete the oldest alpha), which is more efficient. A secondary
587 reason is that it is harder to predict how long the lowest backup level
588 will take, since it needs to actually do an rsync of the source as well
589 as the rotate that all backups do.
590
591 If rsnapshot takes longer than 10 minutes to do the "beta" rotate
592 (which usually includes deleting the oldest beta snapshot), then you
593 should increase the time between the backup levels. Otherwise
594 (assuming you have set the lockfile parameter, as is recommended) your
595 alpha snapshot will fail sometimes because the beta still has the lock.
596
597 Remember that these are just the times that the program runs. To set
598 the number of backups stored, set the retain numbers in
599 /etc/rsnapshot.conf
600
601 To check the disk space used by rsnapshot, you can call it with the
602 "du" argument.
603
604 For example:
605
606 rsnapshot du
607
608 This will show you exactly how much disk space is taken up in the
609 snapshot root. This feature requires the UNIX du command to be
610 installed on your system, for it to support the "-csh" command line
611 arguments, and to be in your path. You can also override your path
612 settings and the flags passed to du using the cmd_du and du_args
613 parameters.
614
615 It is also possible to pass a relative file path as a second argument,
616 to get a report on a particular file or subdirectory.
617
618 rsnapshot du localhost/home/
619
620 The GNU version of "du" is preferred. The BSD version works well also,
621 but does not support the -h flag (use -k instead, to see the totals in
622 kilobytes). Other versions of "du", such as Solaris, may not work at
623 all.
624
625 To check the differences between two directories, call rsnapshot with
626 the "diff" argument, followed by two backup levels or directory paths.
627
628 For example:
629
630 rsnapshot diff beta.0 beta.1
631
632 rsnapshot diff beta.0/localhost/etc beta.1/localhost/etc
633
634 rsnapshot diff /.snapshots/beta.0 /.snapshots/beta.1
635
636 This will call the rsnapshot-diff program, which will scan both
637 directories looking for differences (based on hard links).
638
639 rsnapshot sync
640
641 When sync_first is enabled, rsnapshot must first be called with the
642 sync argument, followed by the other usual cron entries. The sync
643 should happen as the lowest, most frequent backup level, and right
644 before. For example:
645
646 0 */4 * * * /usr/local/bin/rsnapshot sync &&
647 /usr/local/bin/rsnapshot alpha
648
649 50 23 * * * /usr/local/bin/rsnapshot beta
650
651 40 23 1,8,15,22 * * /usr/local/bin/rsnapshot gamma
652
653 30 23 1 * * /usr/local/bin/rsnapshot delta
654
655 The sync operation simply runs rsync and all backup scripts. In
656 this scenario, all calls simply rotate directories, even the lowest
657 backup level.
658
659 rsnapshot sync [dest]
660
661 When sync_first is enabled, all sync behaviour happens during an
662 additional sync step (see above). When using the sync argument, it
663 is also possible to specify a backup point destination as an
664 optional parameter. If this is done, only backup points sharing
665 that destination path will be synced.
666
667 For example, let's say that example.com is a destination path
668 shared by one or more of your backup points.
669
670 rsnapshot sync example.com
671
672 This command will only sync the files that normally get backed up
673 into example.com. It will NOT get any other backup points with
674 slightly different values (like example.com/etc/, for example). In
675 order to sync example.com/etc, you would need to run rsnapshot
676 again, using example.com/etc as the optional parameter.
677
678 rsnapshot configtest
679
680 Do a quick sanity check to make sure everything is ready to go.
681
683 0 All operations completed successfully
684
685 1 A fatal error occurred
686
687 2 Some warnings occurred, but the backup still finished
688
690 /etc/rsnapshot.conf
691
693 rsync(1), ssh(1), logger(1), sshd(1), ssh-keygen(1), perl(1), cp(1),
694 du(1), crontab(1)
695
697 Use the -t flag to see what commands would have been executed. This
698 will show you the commands rsnapshot would try to run. There are a few
699 minor differences (for example, not showing an attempt to remove the
700 lockfile because it wasn't really created in the test), but should give
701 you a very good idea what will happen.
702
703 Using the -v, -V, and -D flags will print increasingly more information
704 to STDOUT.
705
706 Make sure you don't have spaces in the config file that you think are
707 actually tabs.
708
709 Much other weird behavior can probably be attributed to plain old file
710 system permissions and ssh authentication issues.
711
713 Please report bugs (and other comments) to the rsnapshot-discuss
714 mailing list:
715
716 http://lists.sourceforge.net/lists/listinfo/rsnapshot-discuss
717
719 Make sure your /etc/rsnapshot.conf file has all elements separated by
720 tabs. See /etc/rsnapshot.conf.default for a working example file.
721
722 Make sure you put a trailing slash on the end of all directory
723 references. If you don't, you may have extra directories created in
724 your snapshots. For more information on how the trailing slash is
725 handled, see the rsync(1) manpage.
726
727 Make sure to make the snapshot directory chmod 700 and owned by root
728 (assuming backups are made by the root user). If the snapshot directory
729 is readable by other users, they will be able to modify the snapshots
730 containing their files, thus destroying the integrity of the snapshots.
731
732 If you would like regular users to be able to restore their own
733 backups, there are a number of ways this can be accomplished. One such
734 scenario would be:
735
736 Set snapshot_root to /.private/.snapshots in /etc/rsnapshot.conf
737
738 Set the file permissions on these directories as follows:
739
740 drwx------ /.private
741
742 drwxr-xr-x /.private/.snapshots
743
744 Export the /.private/.snapshots directory over read-only NFS, a read-
745 only Samba share, etc.
746
747 See the rsnapshot HOWTO for more information on making backups
748 accessible to non-privileged users.
749
750 For ssh to work unattended through cron, you will probably want to use
751 public key logins. Create an ssh key with no passphrase for root, and
752 install the public key on each machine you want to backup. If you are
753 backing up system files from remote machines, this probably means
754 unattended root logins. Another possibility is to create a second user
755 on the machine just for backups. Give the user a different name such as
756 "rsnapshot", but keep the UID and GID set to 0, to give root
757 privileges. However, make logins more restrictive, either through ssh
758 configuration, or using an alternate shell.
759
760 BE CAREFUL! If the private key is obtained by an attacker, they will
761 have free run of all the systems involved. If you are unclear on how to
762 do this, see ssh(1), sshd(1), and ssh-keygen(1).
763
764 Backup scripts are run as the same user that rsnapshot is running as.
765 Typically this is root. Make sure that all of your backup scripts are
766 only writable by root, and that they don't call any other programs that
767 aren't owned by root. If you fail to do this, anyone who can write to
768 the backup script or any program it calls can fully take over the
769 machine. Of course, this is not a situation unique to rsnapshot.
770
771 By default, rsync transfers are done using the --numeric-ids option.
772 This means that user names and group names are ignored during
773 transfers, but the UID/GID information is kept intact. The assumption
774 is that the backups will be restored in the same environment they came
775 from. Without this option, restoring backups for multiple heterogeneous
776 servers would be unmanageable. If you are archiving snapshots with GNU
777 tar, you may want to use the --numeric-owner parameter. Also, keep a
778 copy of the archived system's /etc/passwd and /etc/group files handy
779 for the UID/GID to name mapping.
780
781 If you remove backup points in the config file, the previously archived
782 files under those points will permanently stay in the snapshots
783 directory unless you remove the files yourself. If you want to conserve
784 disk space, you will need to go into the <snapshot_root> directory and
785 manually remove the files from the smallest backup level's ".0"
786 directory.
787
788 For example, if you were previously backing up /home/ with a
789 destination of localhost/, and alpha is your smallest backup level, you
790 would need to do the following to reclaim that disk space:
791
792 rm -rf <snapshot_root>/alpha.0/localhost/home/
793
794 Please note that the other snapshots previously made of /home/ will
795 still be using that disk space, but since the files are flushed out of
796 alpha.0/, they will no longer be copied to the subsequent directories,
797 and will thus be removed in due time as the rotations happen.
798
800 Mike Rubel - http://www.mikerubel.org/computers/rsync_snapshots/
801
802 - Created the original shell scripts on which this project is based
803
804 Nathan Rosenquist (nathan@rsnapshot.org)
805
806 - Primary author and original maintainer of rsnapshot.
807
808 David Cantrell (david@cantrell.org.uk)
809
810 - Previous maintainer of rsnapshot
811 - Wrote the rsnapshot-diff utility
812 - Improved how use_lazy_deletes work so slow deletes don't screw up the
813 next backup at that backup level.
814
815 David Keegel <djk@cybersource.com.au>
816
817 - Previous rsnapshot maintainer
818 - Fixed race condition in lock file creation, improved error reporting
819 - Allowed remote ssh directory paths starting with "~/" as well as "/"
820 - Fixed a number of other bugs and buglets
821
822 Benedikt Heine <benedikt@heine.rocks>
823
824 - Current rsnapshot maintainer
825
826 Carl Wilhelm Soderstrom (chrome@real-time.com)
827
828 - Created the RPM .spec file which allowed the RPM package to be built,
829 among other things.
830
831 Ted Zlatanov (tzz@lifelogs.com)
832
833 - Added the one_fs feature, autoconf support, good advice, and much
834 more.
835
836 Ralf van Dooren (r.vdooren@snow.nl)
837
838 - Added and maintains the rsnapshot entry in the FreeBSD ports tree.
839
840 SlapAyoda
841
842 - Provided access to his computer museum for software testing.
843
844 Carl Boe (boe@demog.berkeley.edu)
845
846 - Found several subtle bugs and provided fixes for them.
847
848 Shane Leibling (shane@cryptio.net)
849
850 - Fixed a compatibility bug in utils/backup_smb_share.sh
851
852 Christoph Wegscheider (christoph.wegscheider@wegi.net)
853
854 - Added (and previously maintained) the Debian rsnapshot package.
855
856 Bharat Mediratta (bharat@menalto.com)
857
858 - Improved the exclusion rules to avoid backing up the snapshot root
859 (among other things).
860
861 Peter Palfrader (weasel@debian.org)
862
863 - Enhanced error reporting to include command line options.
864
865 Nicolas Kaiser (nikai@nikai.net)
866
867 - Fixed typos in program and man page
868
869 Chris Petersen - (http://www.forevermore.net/)
870
871 Added cwrsync permanent-share support
872
873 Robert Jackson (RobertJ@promedicalinc.com)
874
875 Added use_lazy_deletes feature
876
877 Justin Grote (justin@grote.name)
878
879 Improved rsync error reporting code
880
881 Anthony Ettinger (apwebdesign@yahoo.com)
882
883 Wrote the utils/mysqlbackup.pl script
884
885 Sherman Boyd
886
887 Wrote utils/random_file_verify.sh script
888
889 William Bear (bear@umn.edu)
890
891 Wrote the utils/rsnapreport.pl script (pretty summary of rsync
892 stats)
893
894 Eric Anderson (anderson@centtech.com)
895
896 Improvements to utils/rsnapreport.pl.
897
898 Alan Batie (alan@batie.org)
899
900 Bug fixes for include_conf
901
902 Dieter Bloms (dieter@bloms.de)
903
904 Multi-line configuration options
905
906 Henning Moll (newsScott@gmx.de)
907
908 stop_on_stale_lockfile
909
910 Ben Low (ben@bdlow.net)
911
912 Linux LVM snapshot support
913
915 Copyright (C) 2003-2005 Nathan Rosenquist
916
917 Portions Copyright (C) 2002-2007 Mike Rubel, Carl Wilhelm Soderstrom,
918 Ted Zlatanov, Carl Boe, Shane Liebling, Bharat Mediratta, Peter
919 Palfrader, Nicolas Kaiser, David Cantrell, Chris Petersen, Robert
920 Jackson, Justin Grote, David Keegel, Alan Batie, Dieter Bloms, Henning
921 Moll, Ben Low, Anthony Ettinger
922
923 This man page is distributed under the same license as rsnapshot: the
924 GPL (see below).
925
926 This program is free software; you can redistribute it and/or modify it
927 under the terms of the GNU General Public License as published by the
928 Free Software Foundation; either version 2 of the License, or (at your
929 option) any later version.
930
931 This program is distributed in the hope that it will be useful, but
932 WITHOUT ANY WARRANTY; without even the implied warranty of
933 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
934 General Public License for more details.
935
936 You should have received a copy of the GNU General Public License along
937 with this program; if not, write to the Free Software Foundation, Inc.,
938 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
939
940
941
942rsnapshot-tools 2023-01-20 rsnapshot(1)