How To:Backup Partitions Mounted via NFS: Difference between revisions
(removed Category:How To and added {{How To Header}}) |
Paul.bijnens (talk | contribs) (Permissions for root via nfs) |
||
Line 20: | Line 20: | ||
include file append "./rmtdir4" | include file append "./rmtdir4" | ||
} | } | ||
=== Permissions under NFS === | |||
Note that Amanda runs gnutar with root-permissions. And root on the client is normally mapped to the anonymous user (usually "nobody") on | |||
the server. | |||
That means that all files must be at least readable by that | |||
anonymous user, or you'll get "permission denied" errors. | |||
You may export the NFS filesystem with the "no_root_squash" option | |||
to avoid this mapping. Beware that this allows root on any client to | |||
access and modify any file on that nfs-share. So better restrict | |||
this to something more secure. | |||
E.g. for Linux-like /etc/exports file: | |||
# allow read-only access to root on the amandaserver only | |||
/export/dir1 amandaserver(ro,no_root_squash) *(rw) | |||
Don't forget to change the read-only to read-write when you want to | |||
restore to the nfs directory. | |||
For Solaris, you need to the option "root=..." for the share command: | |||
share -F nfs -o rw,root=amandaserver /export/dir1 | |||
The "amandaserver" above does not need to be the tapehost itself, but is | |||
the Amanda client that will do the backup of those nfs shares. |
Revision as of 08:28, 8 June 2007
This article is a part of the How Tos collection.
We recently got a SnapServer on our network and wanted to use our existing Amanda install to back it up via NFS. Of course, we can't back up the data directly on the SnapServer, since it does not run Amanda.
Dump works on devices, not filesystems, so it won't work on an NFS mount. Tar works on filesystems, but Amanda calls it with the option to not cross filesystem boundaries, so a backup of /nfs will just give you the local files in /nfs and not mounts under /nfs. If you are trying to backup /nfs/remotedir, add /nfs/remotedir to your disklist and it will do what you want.
Ahh... so simple, so elegant. I never knew you could just add directories to the disklist. For years we added and removed various machines, always defining the actual /dev/ device:
machinename /dev/aacd0s2e comp-user
But... clearly you can add them by actual path name too:
machinename /nfs/snap comp-user-tar
If you have several nfs mounts under /nfs and want them all backed up as a single DLE, you could do a set of include directives in the dumptype. Example: Line in disklist file:
host NFSDIRS /nfs { user-tar include file "./rmtdir1" include file append "./rmtdir2" "./rmtdir3" include file append "./rmtdir4" }
Permissions under NFS
Note that Amanda runs gnutar with root-permissions. And root on the client is normally mapped to the anonymous user (usually "nobody") on the server. That means that all files must be at least readable by that anonymous user, or you'll get "permission denied" errors.
You may export the NFS filesystem with the "no_root_squash" option to avoid this mapping. Beware that this allows root on any client to access and modify any file on that nfs-share. So better restrict this to something more secure.
E.g. for Linux-like /etc/exports file:
# allow read-only access to root on the amandaserver only /export/dir1 amandaserver(ro,no_root_squash) *(rw)
Don't forget to change the read-only to read-write when you want to restore to the nfs directory.
For Solaris, you need to the option "root=..." for the share command:
share -F nfs -o rw,root=amandaserver /export/dir1
The "amandaserver" above does not need to be the tapehost itself, but is the Amanda client that will do the backup of those nfs shares.