Open nordurljosahvida opened 5 years ago
I'm pretty sure the script is already run as root....
Not exactly:
# Execute a pre-backup script that copies files outside the homedir.
# Run as the STORAGE_USER user, not as root. Pass our settings in
# environment variables so the script has access to STORAGE_ROOT.
pre_script = os.path.join(backup_root, 'before-backup')
if os.path.exists(pre_script):
shell('check_call',
['su', env['STORAGE_USER'], '-c', pre_script, config["target"]],
env=env)
and as you know:
root@mb:~# ls -ld /home/user-data/*
drwxr-xr-x 4 root root 4096 Feb 15 00:19 /home/user-data/backup
drwxr-xr-x 3 root root 4096 Dec 24 2017 /home/user-data/dns
drwxrwxr-x 7 root www-data 4096 Feb 16 22:24 /home/user-data/mail
-rw-r--r-- 1 user-data user-data 3 Feb 12 21:14 /home/user-data/mailinabox.version
drwxrwx--- 28 www-data www-data 4096 Feb 18 15:56 /home/user-data/owncloud
drwxr-xr-x 8 root root 4096 Feb 12 21:20 /home/user-data/owncloud-backup
-rw-r--r-- 1 root root 15 Feb 27 2016 /home/user-data/settings.yaml
drwxr-xr-x 4 root root 4096 Feb 17 03:01 /home/user-data/ssl
drwxr-xr-x 3 user-data root 4096 Oct 20 2015 /home/user-data/www
so if as I do you want to rsync everything to a remote machine on before-backup [since I use the MIAB S3 option, but I want MOAR], it would never work.
Ahha, right!
I don't think there's much to be done here. The script is really an advanced, undocumented feature, and I don't want to add an option just to configure that. I'd recommend just modifying the source code on your box.
Yes I've already changed the code on my box to the following:
pre_script = os.path.join(backup_root, 'before-backup')
if os.path.exists(pre_script):
shell('check_call',
['bash', pre_script, config["target"]],
env=env)
however wouldn't it make sense to run any before-backup
operation as root, since the very backup contents themselves are almost entirely owned by root? This way we wouldn't need an extra option, we'd just make them always run as root. Don't you think?
@nordurljosahvida Do you think this is closely similar to what other large email providers do for redundancy? Eventually MIAB will evolve to something much more down the road.
What do you think?
I've tried so many times to run a clusterized mail server and never succeeded. I have absolutely no idea how the others do it. With this hack at least I have a server on standby ready to take over should the first one get deleted. About real time sync, it would be the definitive feature for MIAB.
For full
/home/user-data
offsite backups with rsync for instance. See this user case: https://discourse.mailinabox.email/t/nightly-backup-to-a-full-secondary-standby-server/4599Thanks