Linux 盒子和 NAS 之间的 rsyncd 权限问题

Linux 盒子和 NAS 之间的 rsyncd 权限问题

我已经设置了一个小型 1TB NAS 设备,现在在 OpenWRT 上运行,用于备份我的 Devuan Linux 盒子内的一个小型 500Gb 驱动器中的文件,其中包含我的所有Timeshift快照BackInTime

NAS 的规格 -800MHz APM82181/256MB RAM - 要求避免使用ssh或等待作业以最大 7.50MiB/s 的速度完成,尽管两端都有 GbE 端口以 1000M 进行协商。

碰巧它ssh以几乎恒定的 100% CPU 负载击败了这个硬件,这主要是由于加密,所以它不是一个可行的选择。

所有这些都是在本地网络内完成的,无法从外部访问,而且我是唯一的用户,因此缺乏加密不是问题。

考虑到这一点,我别无选择,只能rsync在 NAS 端用作守护进程,这将使我的吞吐量至少提高 3.5/4.0 倍ssh

问题是我收到一个无法找到解决方案的错误。

:~$ rsync -av --progress /media/stuff/firefox.oldfile  rsync://[email protected]:/stuff
sending incremental file list
firefox.oldfile
     85,812,416 100%   28.23MB/s    0:00:02 (xfr#1, to-chk=0/1)
rsync: [receiver] mkstemp "/.firefox.oldfile.hiOlHH" (in stuff) failed: Permission denied (13)

sent 85,833,480 bytes  received 142 bytes  24,523,892.00 bytes/sec
total size is 85,812,416  speedup is 1.00
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1207) [sender=3.1.3]
:~$ 

好消息是(显然)可以获得 28.23MB/s。 =^)

我读到这是一个权限问题,源于rsync无法将临时文件写入/.firefox.oldfile.dMAADG目标文件夹 /mnt/sda3/stuff

日志文件不会向终端打印输出添加任何内容:

root@OpenWrt:~# cat /var/log/rsyncd.log
[2726] connect from UNDETERMINED (192.168.1.2)
[2726] rsync allowed access on module stuff from UNDETERMINED (192.168.1.2)
[2726] rsync to stuff/ from UNDETERMINED (192.168.1.2)
[2726] receiving file list
[2726] rsync: [receiver] mkstemp "/.firefox.oldfile.dMAADG" (in stuff) failed: Permission denied (13)
root@OpenWrt:~#

我认为我的rsyncd.conf文件是正确的:

:/etc$ cat /etc/rsyncd.conf
# /etc/rsyncd.conf
# minimal configuration for rsync daemon
# -----------------------
# begin global parameters 

uid = %RSYNC_USER_NAME%
gid = *
use chroot = true
max connections = 1
pid file = /var/run/rsyncd.pid
log file = /var/log/rsyncd.log
read only = false
reverse lookup = no
exclude = lost+found
timeout = 180

hosts allow = 192.168.1.2  # use after everything is working properly
# port =                   # set other than default 873
# socket options =
# ignore nonreadable = 
# dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 

# end global parameters 
# ---------------------------
# begin module parameters

# shared folder for testing
[testdir]
path = /mnt/sda3
read only = false
# comment =

# shared folder for stuff
[stuff]
path = /mnt/sda3
read only = false
# comment =

# shared folder for bkups
[bkups]
path = /mnt/sda3
read only = false
# comment =

据我所知,目标目录的所有权是正确的:

:~$ ls -l /mnt/sda3
drwxrwxrwx    4 groucho  groucho       4096 Apr 25 19:03 bkups
drwxrwxrwx    2 groucho  groucho       4096 Apr 29 18:47 stuff
drwxrwxrwx    2 groucho  groucho       4096 Apr 28 17:53 testdir
:~$ ls -l /mnt

我已经在这个问题上坚持了几天了,但毫无效果。

如果有人能为我阐明这一点,我将不胜感激。

提前致谢,

G。

答案1

您的路径缺少最低级别。例如:

[stuff]
path = /mnt/sda3
read only = false

这定义了一个名为stuff、根为 的共享/mnt/sda3。我想/mnt/sda3您的用户无法写入它本身rsyncd,并且根据您提供给我们的目录列表,我会说这不是您想要的。

相反,您实际上应该指定完整路径。

[stuff]
    path = /mnt/sda3/stuff
    read only = false
    fake user = yes

我已fake user在此处包含了该设置,以便即使rsyncd守护程序用户(可能)不是 root,也可以捕获用户、组和权限详细信息。

我通常有这些选项,其中许多可以放在全局部分:

[stuff]
    comment = Backup space for stuff
    path = /mnt/sda3/stuff
    hosts allow = ...
    auth users = *
    secrets file = /etc/rsyncd.secrets

    use chroot = yes
    read only = no
    list = yes
    strict modes = yes
    ignore errors = no
    ignore nonreadable = no
    fake super = yes
    transfer logging = no
    timeout = 600
    refuse options = delete
    dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.vib *.vbk

相关内容