Securely backing up your files with rdiff-backup and sudo

Backups are important, whether you are backing up your databases or your wedding pictures. The loss of data can ruin your day. While there is a huge list of backup software to choose from; some good, some not so good. One of the tools that I have used for years is rdiff-backup. rdiff-backup is a rsync delta based backup tool that both stores a full mirror and incremental changes. It determines changes based on the rsync method of creating small delta files, which allows for rdiff-backup to restore files to any point in time (within the specified retention period)....

 · 12 min · Benjamin Cane

Cheat Sheet: 21 useful find commands

For todays article I wanted to put together a quick little cheat sheet for some GNU find command examples. Some of these commands will be basic some will be more advanced, but they all will be useful. As a caveat some commands don't work in all Unix environments and this is especially true with older releases. If you find yourself in one of those situations there is a way to make the find command work you will just need to use different methods like the -exec flag....

 · 3 min · Benjamin Cane

Sudoedit: Securely allow users to edit files

Allowing unprivileged users to edit files that are normally beyond their rights is a task that is easy to perform however it requires a great deal of forethought to implement without opening security holes. You can give users the ability to edit privileged files by using User/Group Permissions, ACL's, or even sudo; but no matter which way you choose there are some things you must consider. For an example lets take a look at 2 files /etc/services and /etc/cron....

 · 4 min · Benjamin Cane

Why you should avoid running applications as root

I'm going to start this post by saying what I'm really thinking. 90% of the time if an application is running as the root user on a Unix/Linux machine; it is because the sysadmin who setup or designed the environment was being lazy. Now before getting offended, being a lazy sysadmin is a good thing. The fact is that most systems administrators are lazy in some way, and that is the reason why most systems administration tasks end up being scripted....

 · 3 min · Benjamin Cane

Sudo: Running as a specific user

Sudo is usually used to allow a user to run commands as root, but what happens if you want a user to run a command as another user? You can use the example below to configure your sudo rule. Example: [[email protected] ~]$ sudo -u sudoguy whoami sudoguy The rule from /etc/sudoers: bcane ALL=(sudoguy) /usr/bin/whoami, NOPASSWD: ALL Same thing but instead of bcane the users group: %users ALL=(sudoguy) /usr/bin/whoami, NOPASSWD: ALL ...

 · 1 min · Benjamin Cane