I would like to have everyone in the group 'operators' be able to read
files in the snapshot root tree. Would there be any problem doing
chown -R :operators .snapshot
chmod -R 740 .snapshot
In short, I'd recommend against doing this. It's entirely up to you, but
here are the factors involved:
1) If files have group ownership of "operators", the original group
ownership will be lost on a system restore.
2) Any file with group write privileges can now be overwritten by anyone
in the operators group.
3) I have not verified, but I believe that, at least with link_dest
enabled, the files will be re-copied since the permissions and ownership
has changed. This will negate any benefits of using snapshot backups. I
would need to double check, but this may not happen while using GNU cp
or native_cp_al() (the cmd_cp substitute).
What I would instead recommend, based on my knowledge of the situation,
is create a read-only NFS mount of the snapshot root, as described in
the rsnapshot HOWTO. However, since it sounds like you only want the
operators group to have access, change the permissions on the NFS mount
point the way you described (or possibly a container directory above that).
In this way, only members of the operators group will have read access
to the snapshots.
If you wish for members of the operators group to be able to write to
the snapshot root, I'd have to think about this some more. Perhaps using
sudo or some other system to enable selective access.
Anyone on the list have any ideas for non-root write access to the
snapshot root? Perhaps there's a tool on SourceForge that fills this need.
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
rsnapshot-discuss mailing list
rsnapshot-discuss < at > lists.sourceforge.net