Hi

This is really non-specific as far as Distros go, however here's my problem:

I've got a low-privileged user that connects from our office to our servers in internetland. Part of the tasks it needs to perform is to backup key data from our system(s). Now aside from the files it's backing up it has also recently been decided (owing to a server collapse) that it would be a good idea if the backup also contained the contents of folder /etc (and all sub-folders) as well as /var/spool/crontab.

I could up the privileges for the user, but I'd be interested to hear if anyone else has any obvious or less than obvious methods for achieving the same result, preferably without compromising the required security for these folders.

Create a backup script that does the backup job of those folders. Setup sudo and allow the user to use the sudo command for exactly that script, not more.

Unless it's very difficult to do it without human intervention, you could just trash that whole idea and setup a cron script to do the work for you. Then it could upload the files somewhere, or mail them, or put them into a dropbox or whatever you prefer.

Excellent suggestions from both of you.

I have a question relating to this, which may enlighten, and/or change your opinions of how this may be achieved.

We currently use rsync for the job. If I were to use rsync for this purpose, is it possible to have the rsync at the far end execute as a sudo'd user to get the information back? If not, how about an rsync daemon?

If I understand you right (let rsync do the job via script on the remote machine connecting to the backup server) you don't need sudo, just set up a cron job as root for that script.