=实测=
1.daemon模式
yum -y install rsync xinetd
#rsync_config_____________________________start
#created by oldboy 15:01 2007-6-5
##rsyncd.conf start##
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
log file = /var/log/rsyncd.log
[backup]
path =/backup
ignore errors
read only = false
list = false
hosts allow = 192.168.155.0/24
##hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file =/etc/rsync.password
#rsync_config________________________end
其中rsync用户默认是不存在的,需要创建用户
useradd rsync -s /sbin/nologin -M
root@rsync ~]# useradd rsync -s /sbin/nologin -M
[root@rsync ~]# cat /etc/passwd|grep rsync
rsync:x:501:501::/home/rsync:/sbin/nologin
[root@rsync ~]# id rsync
uid=501(rsync) gid=501(rsync) 组=501(rsync)
为什么用虚拟用户?
应答:文件和进程都要满足属主的要求,文件和进程的存在一定是需要用户的,也是为了安全问题。
[root@rsync ~]# mkdir /backup/ -p
[root@rsync ~]# chown -R rsync.rsync /backup/
[root@rsync ~]# ls -ld /backup/
[root@rsync ~]# cat /etc/rsync.password
rsync_backup:oldboy
[root@rsync ~]#chmod 600 /etc/rsync.password
[root@rsync ~]# ls -l /etc/rsync.password
-rw-------. 1 root root 20 11月 29 01:14 /etc/rsync.password
启动服务:
配置生效service xinetd restart
[root@rsync ~]# rsync --daemon
[root@rsync ~]#ps -ef|grep rsync|grep -v grep ##查看进程有没有启动
root 3046 1 0 15:19 ? 00:00:00
=================未做实验=
加入开机自启动
[root@rsync ~]# tail -1 /etc/rc.local
/usr/bin/rsync --daemon
三、Rsync客户端的安装
vim /etc/rsync.password
[root@oldboy backup]# cat /etc/rsync.password
oldboy
chmod 600 /etc/rsync.password
创建backup目录
mkdir -p /backup
cd /backup
touch stu{01,100}
客户端推送:
方法1:
[root@oldboy backup]# rsync -avz /backup/ rsync_backup@172.16.1.41::backup/ --password-file=/etc/rsync.password
方法2:
[root@oldboy backup]# rsync -avz /backup/ rsync://rsync_backup@172.16.1.41/backup/ --password-file=/etc/rsync.password
从客户端把服务端的东西拉回来的方案
服务端:
[root@oldboy backup]# touch 1 234
[root@oldboy backup]# ls
1 234
客户端
[root@oldboy ming]# rsync -avz rsync_backup@172.16.1.41::backup/ /ming/ --password-file=/etc/rsync.password
receiving incremental file list
./
1
234
sent 105 bytes received 204 bytes 618.00 bytes/sec
total size is 0 speedup is 0.00
[root@oldboy ming]# ls
1 234
四、Rsync多模块实战
实例1:
[root@oldboy ~]# cat /etc/rsyncd.conf
#rsync_config_____________________________start
#created by oldboy 15:01 2007-6-5
##rsyncd.conf start##
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
path = /backup
[chen]
path = /chen
#rsync_config________________________end
服务器端:
[root@oldboy ~]# mkdir /chen
[root@oldboy ~]# ls -ld /chen/
drwxr-xr-x 2 rsync rsync 4096 12月 2 18:58 /chen/
客户端
[root@oldboy ~]# ls -ld /ming
drwxr-xr-x 2 root root 4096 12月 2 18:26 /ming
[root@oldboy ~]# rsync -avz /ming/ rsync_backup@172.16.1.41::chen/ --password-file=/etc/rsync.password
sending incremental file list
./
ming1
ming10
ming2
ming3
ming4
ming5
ming6
ming7
ming8
ming9
sent 463 bytes received 201 bytes 1328.00 bytes/sec
total size is 0 speedup is 0.00
服务端查看效果:
[root@oldboy chen]# ls
ming1 ming10 ming2 ming3 ming4 ming5 ming6 ming7 ming8 ming9
实例2:
[root@oldboy chen]# cat /etc/rsyncd.conf
#rsync_config_____________________________start
#created by oldboy 15:01 2007-6-5
##rsyncd.conf start##
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
path = /backup
[chen]
path = /chen
[luo]
path = /luo
ignore errors
read only = false
list = false
osts allow = 172.16.1.0/24
hosts deny = 0.0.0.0/32
auth users = tang
secrets file = /etc/tang
#rsync_config________________________end
[root@oldboy chen]# mkdir /luo
[root@oldboy chen]# chown rsync.rsync /luo
[root@oldboy chen]# ls -ld /luo/
drwxr-xr-x 2 rsync rsync 4096 12月 2 19:18 /luo/
[root@oldboy chen]# cat /etc/tang
tang:tangguo
[root@oldboy luo]# ls /etc/tang -ld
-rw------- 1 root root 13 12月 2 19:34 /etc/tang
权限一定要是600
[root@oldboy ming]# cat /etc/tang
tangguo
[root@oldboy ming]# ls /etc/tang -ld
-rw------- 1 root root 8 12月 2 19:35 /etc/tang
客户端权限也一定要是600
[root@oldboy ming]# rsync -avz /ming/ tang@172.16.1.41::luo/ --password-file=/etc/tang
sending incremental file list
./
ming1
ming10
ming2
ming3
ming4
ming5
ming6
ming7
ming8
ming9
sent 463 bytes received 201 bytes 1328.00 bytes/sec
total size is 0 speedup is 0.00
五、Rsync案例排错
5.1 案例1
[root@oldboy ming]# rsync -avz /ming/ tang@172.16.1.41::luo/ --password-file=/etc/tang
@ERROR: auth failed on module luo
rsync error: error starting client-server protocol (code 5) at main.c(1503) [sender=3.0.6]
[root@oldboy luo]# tail -3 /var/log/rsyncd.log
2016/12/02 19:46:18 [3601] secrets file must not be other-accessible (see strict modes option)
2016/12/02 19:46:18 [3601] continuing without secrets file
2016/12/02 19:46:18 [3601] auth failed on module luo from unknown (172.16.1.31): missing secret for user “tang”
报错的原因是服务器端的/etc/tang的权限问题没有设置为600,我们查看一下。
[root@oldboy luo]# ls -ld /etc/tang
-rwxr-xr-x 1 root root 13 12月 2 19:34 /etc/tang
权限改为600就可以了
5.2 案例2
[root@oldboy ~]# rsync -avz /ming/ tang@172.16.1.41::luo/ --password-file=/etc/tang
@ERROR: auth failed on module luo
rsync error: error starting client-server protocol (code 5) at main.c(1503) [sender=3.0.6]
查看日志
[root@oldboy luo]# tail -3 /var/log/rsyncd.log
2016/12/02 19:52:12 [3614] name lookup failed for 172.16.1.31: Name or service not known
2016/12/02 19:52:12 [3614] connect from UNKNOWN (172.16.1.31)
2016/12/02 19:52:12 [3614] auth failed on module luo from unknown (172.16.1.31): password mismatch
password mismatch,密码错误,客户端和服务器端的密码不一致导致的问题。
【注意】有的客户端和服务器端密码看起来一样,实际里面有空格,也能报错,注意一下
5.3 案例3
[root@oldboy ~]# rsync -avz /backup/ rsync://rsync_backup@172.16.1.41/backup/ --password-file=/etc/rsync.password
@ERROR: chdir failed
rsync error: error starting client-server protocol (code 5) at main.c(1503) [sender=3.0.6]
原因:服务端的backup目录不存在
[root@oldboy ~]# rsync -avz /backup/ rsync://rsync_backup@172.16.1.41/backup/ --password-file=/etc/rsync.password
sending incremental file list
./
rsync: failed to set times on “.” (in backup): Operation not permitted (1)
1
sent 4325 bytes received 1911 bytes 12472.00 bytes/sec
total size is 0 speedup is 0.00
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1039) [sender=3.0.6]
原因:服务端backup的属组和属主问题