Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
mirrors
/
borg
zrkadlo https://github.com/borgbackup/borg
2
0
Fork 0
Súbory Issues 0 Wiki
Strom: 0ee5d6f018
Branche Tagy
borg
/
docs
/
deployment
/
non-root-user.rst

non-root-user.rst 2.4 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. .. include:: ../global.rst.inc
    2. 

  2. .. highlight:: none
    3. 

  3. .. _non_root_user:
    4. 

  4. 

  5. ================================
    6. 

  6. Backing up using a non-root user
    7. 

  7. ================================
    8. 

  8. 

  9. This section describes how to run Borg as a non-root user and still be able to
    10. 

  10. back up every file on the system.
    11. 

  11. 

  12. Normally, Borg is run as the root user to bypass all filesystem permissions and
    13. 

  13. be able to read all files. However, in theory this also allows Borg to modify or
    14. 

  14. delete files on your system (for example, in case of a bug).
    15. 

  15. 

  16. To eliminate this possibility, we can run Borg as a non-root user and give it read-only
    17. 

  17. permissions to all files on the system.
    18. 

  18. 

  19. 

  20. Using Linux capabilities inside a systemd service
    21. 

  21. =================================================
    22. 

  22. 

  23. One way to do so is to use Linux `capabilities
    24. 

  24. <https://man7.org/linux/man-pages/man7/capabilities.7.html>`_ within a systemd
    25. 

  25. service.
    26. 

  26. 

  27. Linux capabilities allow us to grant parts of the root user’s privileges to
    28. 

  28. a non-root user. This works on a per-thread level and does not grant permissions
    29. 

  29. to the non-root user as a whole.
    30. 

  30. 

  31. For this, we need to run the backup script from a systemd service and use the `AmbientCapabilities
    32. 

  32. <https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#AmbientCapabilities=>`_
    33. 

  33. option added in systemd 229.
    34. 

  34. 

  35. A very basic unit file would look like this:
    36. 

  36. 

  37. ::
    38. 

  38. 

  39.     [Unit]
    40. 

  40.     Description=Borg Backup
    41. 

  41. 

  42.     [Service]
    43. 

  43.     Type=oneshot
    44. 

  44.     User=borg
    45. 

  45.     ExecStart=/usr/local/sbin/backup.sh
    46. 

  46. 

  47.     AmbientCapabilities=CAP_DAC_READ_SEARCH
    48. 

  48. 

  49. The ``CAP_DAC_READ_SEARCH`` capability gives Borg read-only access to all files and directories on the system.
    50. 

  50. 

  51. This service can then be started manually using ``systemctl start``, a systemd timer or other methods.
    52. 

  52. 

  53. Restore considerations
    54. 

  54. ======================
    55. 

  55. 

  56. Use the root user when restoring files. If you use the non-root user, ``borg extract`` will
    57. 

  57. change ownership of all restored files to the non-root user. Using ``borg mount`` will not allow the
    58. 

  58. non-root user to access files it would not be able to access on the system itself.
    59. 

  59. 

  60. Other than that, you can use the same restore process you would use when running the backup as root.
    61. 

  61. 

  62. .. warning::
    63. 

  63. 

  64.     When using a local repository and running Borg commands as root, make sure to use only commands that do not
    65. 

  65.     modify the repository itself, such as extract or mount. Modifying the repository as root will break it for the
    66. 

  66.     non-root user, since some files inside the repository will then be owned by root.
    67.