search

nicolaschan / minecraft-backup

Backup script for Minecraft servers on Linux. Supports screen, tmux, RCON, and docker. Supports tar and restic backup format.
MIT License
218 stars 37 forks source link

Running the script as root, minecraft running under different user #24

Open lmorgh opened 3 years ago

lmorgh commented 3 years ago

Hello,

hopefully you can help me out, my minecraft server is ran by user "minecraft", and I'm trying to run the backup script as root. This results in "no screen session found". I'm a noob at managing my own server, so you can imagine I'm quite lost as far as figuring out the solution goes. I would be extremely grateful if you could point me in the right direction here. Should I just run the backup task as "minecraft" user, or should I somehow alter the command which runs the backup, or is there a better option yet?

Would really mean the world if you could help me out here.

cgmckeever commented 3 years ago

Run the command as the user, or set up the scheduled task to run as that user Let me ask, HOW are you running it now , just manually or scheduled?

lmorgh commented 3 years ago

I was actually just trying to set up an automatic backup script, I don't have any backup solution atm. I will try to set up a cron job with the minecraft user then, as described. I worry because just running the command as the user gives me this:

./backup.sh: line 505: /home/nomblox/minecraft/backups/2021-08-15_14-28-13.tar.gz: Permission denied
tar: Removing leading `/' from member names
FATAL: Archive command exited with nonzero exit code 141
du: cannot access '/home/nomblox/minecraft/backups/2021-08-15_14-28-13.tar.gz': No such file or directory
du: cannot access '/home/nomblox/minecraft/backups/2021-08-15_14-28-13.tar.gz': No such file or directory
rm: cannot remove '/home/nomblox/minecraft/backups/2021-08-15_14-28-13.tar.gz': No such file or directory

Unpacking the archive shows that not all files were backed up successfully (a lot is missing), and I have no idea what is causing it.

EDIT: also ingame chat says "[Backup] Backup was not saved!", if that helps.

cgmckeever commented 3 years ago

How are you launching Minecraft itself?

What does your backup.sh look like?

What does ls -la /home/nomblox/minecraft/backups/ output?

cgmckeever commented 3 years ago

Id first try to get the backup running manually as the user before fighting cron, there is somethng not right if as the user you are getting errors

lmorgh commented 3 years ago

I'm afraid I don't know how to easily copy the entire contents of the script, so I simply copied whatever was visible when opening it with nano. I haven't made any changes to the script itself though, if that's what you're wondering.

#!/usr/bin/env bash

# Minecraft server automatic backup management script
# https://github.com/nicolaschan/minecraft-backup
# MIT License
#
# For Minecraft servers running in a GNU screen, tmux, or RCON.
# For most convenience, run automatically with cron.

# Default Configuration
SCREEN_NAME="" # Name of the GNU Screen, tmux session, or hostname:port:password for RCON
SERVER_WORLDS=() # Server world directory
BACKUP_DIRECTORY="" # Directory to save backups in
MAX_BACKUPS=128 # -1 indicates unlimited
DELETE_METHOD="thin" # Choices: thin, sequential, none; sequential: delete oldest; thin: keep last 24 hourly, last 3$
COMPRESSION_ALGORITHM="gzip" # Leave empty for no compression
COMPRESSION_FILE_EXTENSION=".gz" # Leave empty for no compression; Precede with a . (for example: ".gz")
COMPRESSION_LEVEL=3 # Passed to the compression algorithm
ENABLE_CHAT_MESSAGES=false # Tell players in Minecraft chat about backup status
PREFIX="Backup" # Shows in the chat message
DEBUG=false # Enable debug messages
SUPPRESS_WARNINGS=false # Suppress warnings
RESTIC_HOSTNAME="" # Leave empty to use system hostname
LOCK_FILE="" # Optional lock file to acquire to ensure two backups don't run at once
LOCK_FILE_TIMEOUT="" # Optional lock file wait timeout (in seconds)
WINDOW_MANAGER="screen" # Choices: screen, tmux, RCON

# Other Variables (do not modify)
DATE_FORMAT="%F_%H-%M-%S"
TIMESTAMP=$(date +$DATE_FORMAT)

log-fatal () {
  echo -e "\033[0;31mFATAL:\033[0m $*"
}
log-warning () {
  echo -e "\033[0;33mWARNING:\033[0m $*"
}
debug-log () {
  if "$DEBUG"; then
    echo "$1"
  fi
}

while getopts 'a:cd:e:f:hH:i:l:m:o:p:qr:s:t:u:vw:x' FLAG; do
  case $FLAG in
    a) COMPRESSION_ALGORITHM=$OPTARG ;;
    c) ENABLE_CHAT_MESSAGES=true ;;
    d) DELETE_METHOD=$OPTARG ;;
    e) COMPRESSION_FILE_EXTENSION=".$OPTARG" ;;
    f) TIMESTAMP=$OPTARG ;;
    h) echo "Minecraft Backup"
       echo "Repository: https://github.com/nicolaschan/minecraft-backup"
       echo "-a    Compression algorithm (default: gzip)"
       echo "-c    Enable chat messages"
       echo "-d    Delete method: thin (default), sequential, none"
       echo "-e    Compression file extension, exclude leading \".\" (default: gz)"
       echo "-f    Output file name (default is the timestamp)"
                                         [ File 'backup.sh' is unwritable ]

The command ouput shows the couple of times I tried running the command, which produced some kind of archive every time, but the archives are incomplete.

minecraft@sd-150741:~$ ls -la /home/nomblox/minecraft/backups/
total 321688
drwxr-xr-x 2 root      root           4096 Aug 15 12:31 .
drwxrwxr-x 5 minecraft minecraft      4096 Aug 15 12:12 ..
-rw-r--r-- 1 root      root       81412096 Aug 15 12:18 2021-08-15_12-18-01.tar.gz
-rw-r--r-- 1 root      root      152436736 Aug 15 12:19 2021-08-15_12-19-32.tar.gz
-rw-r--r-- 1 root      root       32292864 Aug 15 12:23 2021-08-15_12-23-57.tar.gz
-rw-r--r-- 1 root      root       25542656 Aug 15 12:24 2021-08-15_12-24-15.tar.gz
-rw-r--r-- 1 root      root       37715968 Aug 15 12:31 2021-08-15_12-31-02.tar.gz

And yes, I agree that just sorting out the manual backup first is the way to go before tackling cron. I don't seem to be doing a great job of it though, lol.

cgmckeever commented 3 years ago

so, you need to take a few steps back. Those backup files as root came from somewhere and are not owned by the minecraft user. I would almost say delete them ...

Maybe Im doing something wrong, or in my own little way, but I cant just run the backup script without commands (That is why I asked you what backup/sh was, because I thought it was your script that. called backup) .. for example, I run mine as 

backups=PATH/TO/BACKUPS
minecraft=PATH/TO/MINECRAFT

$backups/backup.sh -c -i $minecraft/world -o $backups/world -s minecraft -d sequential -m 30

also . how are you starting minecraft?

cgmckeever commented 3 years ago

Here are my notes that I use to set up minecraft all the way to backing up ..Im sure there are some holes my brain fills in, I think this is for debian flavor linux

https://github.com/cgmckeever/notes-and-such/tree/master/minecraft

cgmckeever commented 3 years ago

Is this your minecraft executable directory? /home/nomblox/minecraft/ ... I'd suggest, for sanity to move the backups out of there and leave that only for the executable minecraft files and not pollute it .. I think also is nomblox is some user and you are running things as minecraft you got some weird things going on .. those are home directories, you should never really cross user them .. but thats my opinion here

lmorgh commented 3 years ago

I'm the first to admit I had no clue what I was doing when setting up my server - I purchased a dedi, main purpose being mincraft server. I read through several tutorials, some were pretty outdated, some were for different linux distros (I use debian), so the result was a mix of everything. I read that it's crucial for security that you create a separate user for every service (not sure if service is the right word here) you run on your machine. So I sort of tried doing that. Looking back, 95% of my problems I encountered doing various things were related to users and permissions. So I'm pretty sure I funked something up along the way. My understanding of things is such:

It's hard for me as I don't have any pre-existing server admin knowledge, I sort of been learning as I go, and a lot of tutorials and documentation is just gibberish to me, as it's simply too advanced for me to grasp. I'm not giving up tho, just wanted to shed some light onto why my setup is such a mess. Then on top of everything I'm setting up a website not related to minecraft on the same dedi machine, so I would be shooting myself in the leg if I installed debian from scratch and tried again (which I have considered doing).

Now back to the topic: I must have created those archives when running the command as root, meaning that it did something, but not the best job, as the archives are incomplete. Also meaning that running the command as minecraft user did nothing, as there are no archives from that user.

My server is located under /home/nomblox/minecraft/server-1, so the backup folder isn't a part of it.

I run minecraft with this script:

screen -d -m -S Minecraft ./startserver.sh

which in turn runs this script I picked up somewhere online:


JAR=paper.jar
MAXRAM=10G
MINRAM=10G
TIME=20

while [ true ]; do
        java -Xmx$MAXRAM -Xms$MINRAM -XX:+UseG1GC -XX:+ParallelRefProcEnabled -XX:MaxGCPauseMillis=200 -XX:+UnlockEx$
    if [[ ! -d "exit_codes" ]]; then
        mkdir "exit_codes";
    fi
    if [[ ! -f "exit_codes/server_exit_codes.log" ]]; then
        touch "exit_codes/server_exit_codes.log";
    fi
    echo "[$(date +"%d.%m.%Y %T")] ExitCode: $?" >> exit_codes/server_exit_codes.log
    echo "----- Press enter to prevent the server from restarting in $TIME seconds -----";
    read -t $TIME input;
    if [ $? == 0 ]; then
        break;
    else
        echo "------------------- SERVER RESTARTS -------------------";
    fi
done

Again the code was cut off in that java -Xmx line, as I just copied it in nano, it's the Aikar's flags that make the line so long.

All this mess makes my head hurt. What do you suggest I do? A part of me wants to start over, but I'm not sure I can do a better job, and thinking of all the hours I spent trying to make everything work is just... waaaaaa.

cgmckeever commented 3 years ago

you run this as the minecraft user? 

screen -d -m -S Minecraft ./startserver.sh
lmorgh commented 3 years ago

Yes.

cgmckeever commented 3 years ago

This is what I would do ..

stop minecraft from running

As root -

Switch to the minecraft user

cgmckeever commented 3 years ago

I re-read your steps, I dont think you are as far off as you feel .. you are just tripping up on a few things .. you can probably unwind this with a deep breathe, some re-org, and maybe a slight hit with a hammer ... just to get it going

lmorgh commented 3 years ago

I created the minecraft user without the home folder. Does that change anything?

cgmckeever commented 3 years ago

yes .. but you can either

cgmckeever commented 3 years ago

I'd do the latter, and just put the files in opt

cgmckeever commented 3 years ago 
root@zuckuss:~# ls -la /usr/games/
total 12
drwxr-xr-x  3 root  root  4096 Jun 14 21:34 .
drwxr-xr-x 13 root  root  4096 Oct 21  2019 ..
drwxr-xr-x 13 miner miner 4096 Jul 14 20:32 minecraft
lmorgh commented 3 years ago

Okay. So I will first of all make a backup of the entire thing and download it to my local pc, just in case. That will take me some time, because my bandwidth sucks. Then I'll relocate the server into /opt/minecraft as you suggested, then I'll report back, if that's okay with you. Thank you for all your time and patience, much appreciated!

Also I'm not sure what this last post is supposed to tell me...

cgmckeever commented 3 years ago

you can tuck the backup somewhere else on the machine so you dont have to download it .. just put it somewhere you arent working in/near ;)

cgmckeever commented 3 years ago

oh, I was just showing you where I have mine, and that its all owned by the user that runs minecraft

cgmckeever commented 3 years ago

stop minecraft

as root

mkdir -p /opt/minecraft
mkdir -p /opt/minecraft-backups

cp -R /home/nomblox/minecraft/* /opt/minecraft
chown -R minecraft.minecraft /opt/minecraft

you original install will be untouched and avail for you

cgmckeever commented 3 years ago

Then, log in as minecraft

cgmckeever commented 3 years ago

I have a typo :( 

mkdir -p /opt/minecraft
mkdir -p /opt/minecraft-backups
nicolaschan commented 3 years ago

This looks like a great discussion -- thanks for the awesome advice, @cgmckeever!

I'll just chime in that this looks like a problem with file permissions to me. Basically there are three things that your user will need permissions for to successfully run the backup script:

As @cgmckeever mentioned, before doing anything make a copy of your world and check that the copy is correct! Maybe even save it to another computer to be safe. We wouldn't want anything to happen to your world.

If you're new to unix, it's a good idea to learn about file permissions and ownership. Knowing this will give you the skills to debug these kind of "Permission denied" errors.

It sounds like these are the relevant directories:

You can check file permissions with ls -l. You should see your minecraft user and group listed in the second and third columns if it owns the file. Based on the info you provided, I think the problem is that your backup directory is not owned by the minecraft user+group. You said:

minecraft@sd-150741:~$ ls -la /home/nomblox/minecraft/backups/
total 321688
drwxr-xr-x 2 root      root           4096 Aug 15 12:31 .
drwxrwxr-x 5 minecraft minecraft      4096 Aug 15 12:12 ..
-rw-r--r-- 1 root      root       81412096 Aug 15 12:18 2021-08-15_12-18-01.tar.gz
-rw-r--r-- 1 root      root      152436736 Aug 15 12:19 2021-08-15_12-19-32.tar.gz
-rw-r--r-- 1 root      root       32292864 Aug 15 12:23 2021-08-15_12-23-57.tar.gz
-rw-r--r-- 1 root      root       25542656 Aug 15 12:24 2021-08-15_12-24-15.tar.gz
-rw-r--r-- 1 root      root       37715968 Aug 15 12:31 2021-08-15_12-31-02.tar.gz

This line in particular,

drwxr-xr-x 2 root      root           4096 Aug 15 12:31 .

says that the backup directory (called . in this context) is owned by root and has permissions drwxr-xr-x. The d means it is a directory. The first rwx means the owner root has read+write+execute permissions on the directory. The second r-x means members of the group root have read+execute permissions. The third r-x means everyone else has read+execute permissions. You should see a problem here. Since the minecraft user is not the owner, it only has read+execute permissions on the backup directory, not write! So it doesn't have permissions to save the backups.

To make a long story short, change ownership of the backup directory to the minecraft user:

chown -R minecraft:minecraft /home/nomblox/minecraft/backups

And for good measure I would also do the same for the server:

chown -R minecraft:minecraft /home/nomblox/minecraft/server-1

Let me know if you need any help on any part of this!

Edit: chown will need to be run by root or with sudo

lmorgh commented 3 years ago

My progress so far:

mkdir -p /opt/minecraft mkdir -p /opt/minecraft-backups

cp -R /home/nomblox/minecraft/* /opt/minecraft chown -R minecraft.minecraft /opt/minecraft

I assumed the period in the above step was a typo, I used minecraft:minecraft

Then, log in as minecraft. start minecraft from /opt/minecraft (make sure all your scripts point to the right place now) verify it is how you left it

All that seems to be in order, I also made a manual tar.gz backup of my server and went on to change permissions for all server files.

That's where I encountered problems with my ftp access - I log in with the user nomblox, which is in group minecraft (verified with groups command). So I assumed chmod -R 664 would do the trick, at least that's how I had permissions set up before in the old folder, and I could access all files normally via Filezilla. However, somehow it didn't work here, and anything else than 777 didn't allow me to browse the files, so I left it at that for the time being. I realize it's not the best practice, but I have no idea what to do here, even after messing around with different settings for a far greater amount of time that I care to admit.

Apart from that, the next thing to tackle are I believe backups. I tried my luck with ./backup.sh -c -i /opt/minecraft/server-1 -o /opt/minecraft-backups -s Minecraft after all this and got

tar: Removing leading `/' from member names
tar: /opt/minecraft/server-1/plugins/CoreProtect/database.db: file changed as we read it
tar: /opt/minecraft/server-1/plugins/CoreProtect: file changed as we read it
tar: /opt/minecraft/server-1/world: file changed as we read it

The server was running at the time, so I guess the warnings are called for. It produced a 10GB backup file, which is the same size as my manual backup I did earlier, so I believe it's safe to say the command ran successfully.

I'll try creating the cron job tomorrow when I'm rested, and I'll report back. In the meantime any ideas on the ftp access thing would be greatly appreciated. Also thanks again for all the help so far, I am sincerely grateful.

nicolaschan commented 3 years ago

Make sure you also chown the backup directory to minecraft.

chown -R minecraft:minecraft /opt/minecraft-backups

For the FTP issue, 664 is not enough because a user cannot list the directory contents without execute permissions on the directory. 775 should do the trick.

lmorgh commented 3 years ago

I'm sorry it took me so long to reply, I've had some other stuff going on and was only now able to get back to this.

I just wanted to let you know everything seems to be working well, I have made a crop job to automate the backups and I want to say thanks for helping me out with this. You rock!

nicolaschan commented 3 years ago

Awesome, glad it's working!!

ripley06 commented 1 year ago

I just take 5 minute out of my day download my minecraft directory and then upload it to the cloud. Simple