[CentOS] RE: Keeping data on 2 servers in sync !

Leonard Isham leonard.isham at gmail.com
Sat Dec 10 11:35:47 UTC 2005


On 12/9/05, Yiorgos Stamoulis <yiorgos-lists at 272deg.homelinux.net> wrote:
> Bryan J. Smith wrote:
>
> >getfacl can dump an entire tree's permissions to a file --
> >both UNIX and Extended Attributes (EA) Access Control Lists
> >(ACLs).  You could then rsync that file, and run it on the
> >other side.  In
> >fact, that's how I deal with the fact I don't want another
> >system login in to SSH as root.
> >
> >Basically:
> >   cd /wherever
> >   syncstamp="`date +%Y%m%d%H%M%S`"
> >   getfacl -R . > .facl_${syncstamp}
> >   rsync -ave "ssh" . reguser at otherserver
> >   rm .facl_${syncstamp}
> >
> >And then a root cronjob on another server basically looks for
> >.facl_* files periodically and runs:
> >   cd /whereever
> >   set -o noglob
> >   for ifacl in .facl_*; do
> >     setfacl --restore=${ifacl}
> >     rm ${ifacl}
> >   done
> >
> >In fact, since Red Hat insists on not supporting XFS with its
> >xfsdump that maintains EAs, and Ext3's dump does nothing of
> >the sort (and I'm not a huge fan of star), I use getfacl to
> >store the original ACLs with my backup in a file included
> >with the backup.
> >
> >
> >
> >
> >
> That 's great Bryan!

hmmm... would this work for SELinux as well?

--
Leonard Isham, CISSP
Ostendo non ostento.



More information about the CentOS mailing list