Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Ubuntu server and sudo

  1. #1

    Question Ubuntu server and sudo

    Hi,

    I am trying to get a user backuppc on a ubuntu server installation to be able to backup everything using tar. So I added to my sudoers file:
    Code:
    root    ALL=(ALL) ALL
    backuppc ALL=(root) NOPASSWD:/bin/tar
    However, when I try to backup /home with tar using backuppc I get permission denied:
    Code:
    $ sudo -u backuppc /bin/tar cvf /tmp/pmatos.tar /home
    /bin/tar: Removing leading `/' from member names
    /home/
    /home/pmatos/
    /bin/tar: /home/pmatos/.bash_history: Cannot open: Permission denied
    /bin/tar: /home/pmatos/.lesshst: Cannot open: Permission denied
    /home/pmatos/.emacs.d/
    /bin/tar: /home/pmatos/.emacs.d/auto-save-list: Cannot open: Permission denied
    /home/pmatos/.sudo_as_admin_successful
    /bin/tar: /home/pmatos/.rnd: Cannot open: Permission denied
    /bin/tar: /home/pmatos/.cache: Cannot open: Permission denied
    /home/pmatos/.bash_logout
    /bin/tar: /home/pmatos/.ssh: Cannot open: Permission denied
    /home/pmatos/.profile
    /bin/tar: /home/pmatos/Maildir: Cannot open: Permission denied
    /home/pmatos/.bashrc
    /bin/tar: /home/pmatos/.nano_history: Cannot open: Permission denied
    /bin/tar: Exiting with failure status due to previous errors

    Any ideas on why this happens?

  2. #2
    Join Date
    Oct 2008
    Location
    New York
    Beans
    2,649
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Ubuntu server and sudo

    I wonder what the file permissions are in ~/home

    Try this:

    ls -al /home/pmatos

    Post the output here.
    My Launchpad
    ----------------------------------------------------------------------------------------
    My Wiki Page

  3. #3

    Re: Ubuntu server and sudo

    Quote Originally Posted by RedSingularity View Post
    I wonder what the file permissions are in ~/home

    Try this:

    ls -al /home/pmatos

    Post the output here.
    Hi,

    Code:
    pmatos@zeus:~$ ls -la /home/pmatos
    total 60
    drwxr-xr-x 6 pmatos pmatos  4096 2011-01-07 14:59 .
    drwxr-xr-x 3 root   root    4096 2010-12-27 11:41 ..
    -rw------- 1 pmatos pmatos 10178 2011-01-09 00:26 .bash_history
    -rw-r--r-- 1 pmatos pmatos   220 2010-12-27 11:41 .bash_logout
    -rw-r--r-- 1 pmatos pmatos  3103 2010-12-27 11:41 .bashrc
    drwx------ 2 pmatos pmatos  4096 2010-12-27 11:42 .cache
    drwxr-xr-x 3 pmatos pmatos  4096 2011-01-06 15:14 .emacs.d
    -rw------- 1 pmatos pmatos    43 2011-01-07 02:17 .lesshst
    drwx------ 9 pmatos pmatos  4096 2011-01-08 20:51 Maildir
    -rw------- 1 pmatos pmatos     6 2011-01-08 22:14 .nano_history
    -rw-r--r-- 1 pmatos pmatos   675 2010-12-27 11:41 .profile
    -rw------- 1 pmatos pmatos  1024 2010-12-29 11:13 .rnd
    drwx------ 2 pmatos pmatos  4096 2010-12-28 19:09 .ssh
    -rw-r--r-- 1 pmatos pmatos     0 2010-12-27 16:06 .sudo_as_admin_successful
    The strangest thing is that if I use sudo -u root for the tar instead of sudo -u backuppc it does work.

  4. #4
    Join Date
    Jun 2006
    Beans
    Hidden!

    Re: Ubuntu server and sudo

    backuppc doesn't have access to the photos directory, but root will do because root always has access.

    Add backupppc to the group 'pmatos' and you should be fine.

    Code:
    sudo adduser backupppc pmatos

  5. #5

    Re: Ubuntu server and sudo

    Quote Originally Posted by truant View Post
    backuppc doesn't have access to the photos directory, but root will do because root always has access.

    Add backupppc to the group 'pmatos' and you should be fine.

    Code:
    sudo adduser backupppc pmatos

    Which photos directory, I have no photos directory. Moreover, the whole point was to do this with sudo through the sudoers file by allowing backuppc act as root when using /bin/tar. I don't want to add backuppc to the group 'pmatos' cause then I will hit the same problem on /home/jen where all files are jen:jen and so on and so forth for other users...

  6. #6
    Join Date
    Oct 2008
    Location
    New York
    Beans
    2,649
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Ubuntu server and sudo

    Try this:

    sudo chmod -R 744 /home/pmatos

    Then try using the backuppc command again.
    My Launchpad
    ----------------------------------------------------------------------------------------
    My Wiki Page

  7. #7
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Ubuntu server and sudo

    Quote Originally Posted by RedSingularity View Post
    Try this:

    sudo chmod -R 744 /home/pmatos

    Then try using the backuppc command again.
    Be careful doing chown/chmod recursively (-R) as there are some files that need to have specific permissions - even in your home directory.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  8. #8

    Re: Ubuntu server and sudo

    Quote Originally Posted by CharlesA View Post
    Be careful doing chown/chmod recursively (-R) as there are some files that need to have specific permissions - even in your home directory.

    Even so 744 doesn't work. 755 does but forces me to chmod/chown which is not so good. I can't understand why backuppc given that it acts as root (through sudoers file config) with /bin/tar doesn't work.

  9. #9
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Ubuntu server and sudo

    backuppc isn't the same as "root" you'd need to have it added to the group "pmatos" and change permissions to give read access to the group for it to be able to back up your stuff.

    I do backups differently - I use a rsync script in a root crontab. I suppose a tar script would work the same way, but I am not sure as I don't really use tar all that much.

    EDIT: I can run my rsync script manually by running it with sudo:

    Code:
    sudo ./backup.sh
    Last edited by CharlesA; January 9th, 2011 at 09:51 PM.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  10. #10
    Join Date
    Jun 2006
    Beans
    Hidden!

    Re: Ubuntu server and sudo

    Quote Originally Posted by pmatos View Post
    Which photos directory, I have no photos directory. Moreover, the whole point was to do this with sudo through the sudoers file by allowing backuppc act as root when using /bin/tar. I don't want to add backuppc to the group 'pmatos' cause then I will hit the same problem on /home/jen where all files are jen:jen and so on and so forth for other users...
    Sorry, not sure where I got 'photos' from.

    I didn't realise there were other users involved.

    Several solutions I can see:

    - run your backup script as root instead

    - add all your users to a group such as 'staff' and add backuppc to that too.

    - As mentioned above, sudo your backup script so the whole thing runs as root, not just the tar bit of it.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •