[NTLUG:Discuss] Bash Scripting and permissions

Ed Coates edcoates at nighthawk.dyndns.org
Sat Nov 30 11:41:25 CST 2002 

Quoting kbrannen at gte.net:

> Patrick Parks wrote:
> > I am working on a simple bash script, that will tar and zip my home dir 
> > onto a remote backup computer across nfs. On the backup computer in the
> > /etc/exports file the permissions for the share that is exported to nfs
> > is using the defaults, the root_squash. I would like to keep this as is
> > if possible, for security. Now back to my script. My script checks to
> > see if the directory is mounted before trying to tar then zip the file
> > to it.If it is not mounted, it then attempts to mount it. This is where
> > the problem comes in. In order to mount the nfs directory, I must be
> > root. If I run the script as root, when it gets to the part about
> > copying the files to the remote mounted nfs drive, it does not let me
> > copy, cause I am root, and the root_squash is on   in the exports
> > permissions. As I am writing this I am getting some ideas :) Can a user
> > have permissions to mount a remote nfs directory without having to sudo?
> > That may be my answer there, off to the search engines to see if this
> > will work, would appreciate any suggestions. Thanks
> 
> Use 2 scripts (programs).  Have 1 program that all it does is [un]mount the 
> NFS dir, and the other script to do all the other work.  Something like
> this:
> 
> #!/bin/bash
> # mount as root
> /usr/local/bin/mountnfs /backup
> # backup
> tar -czvf /backup/`date`.tgz /home
> # unmount as root
> /usr/local/bin/mountnfs -u /backup
> 
> So the script above is the controlling script and makes the calls to the
> other 
> program to do the "special" work; and the mountnfs script you write should be
> 
> able to do nothing other than mount and umount (or you could use sudo as you
> 
> imply).
> 
> HTH,
> Kevin

What he might try also is something that I just learned the other day.  You can 
forgo the whole nfs mount and use tar through ssh to transfer it directly.  
Here is a small script that I use to tar directly to a remote tape drive,  but 
you can do the same thing to a file in a remote dir.

for ii in boot etc var home usr/local
do
tar --rsh-command=/usr/bin/ssh zcvf nighthawk:/dev/nst0 ${ii}
done

This works seemlessly if you have the /root/.ssh/authorized_keys2 file 
populated with the correct keys.

You can substitute the tape drive above with your path and filename of the 
archive.

Hope that this helps.

Ed

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

More information about the Discuss mailing list