Hi all,
I'm putting together a script to create zfs snapshots after a backup has been
completed (via Apple TimeMachine or rsync for example). When I'm logged into
the machine, I can only access the "zfs snapshot" command as root via "sudo" or
"pfexec". Neither of these are available directly fr
Hmmm, well, what I've seen a couple of places (and have been using myself)
is rsyncd.conf on the OS box having a post-exec cmd that takes the
snapshot...
-Original Message-
From: Matt Connolly [mailto:matt.connolly...@gmail.com]
Sent: Sunday, May 01, 2011 9:46 AM
To: Discussion list for O
On 01/05/2011, at 11:48 PM, Dan Swartzendruber wrote:
> Hmmm, well, what I've seen a couple of places (and have been using myself)
> is rsyncd.conf on the OS box having a post-exec cmd that takes the
> snapshot...
So that means having some daemon running as root (or with required privileges)
th
-Original Message-
From: Matt Connolly [mailto:matt.connolly...@gmail.com]
Sent: Sunday, May 01, 2011 10:22 AM
To: Discussion list for OpenIndiana
Subject: Re: [OpenIndiana-discuss] zfs snapshot script
On 01/05/2011, at 11:48 PM, Dan Swartzendruber wrote:
> Hmmm, well, what I've seen
ssh -t host 'sudo.zfs snapshot. ..'
That should do what you Jews. Sudo requires a tty that you don't get when
running commands unless you include -t.
Sent from my Droid Incredible.
Matt Connolly wrote:
>Hi all,
>
>I'm putting together a script to create zfs snapshots after a backup has been
On Sun, 1 May 2011 09:48:22 -0400, you wrote:
>Hmmm, well, what I've seen a couple of places (and have been using myself)
>is rsyncd.conf on the OS box having a post-exec cmd that takes the
>snapshot...
>
>-Original Message-
>From: Matt Connolly [mailto:matt.connolly...@gmail.com]
>Sent:
Ugh. Vlingo keyboard has some strange autocorrections. Switched back to android
keyboard. That should have said "that should do what you want."
Sent from my Droid Incredible.
Gregory Youngblood wrote:
>ssh -t host 'sudo.zfs snapshot. ..'
>
>That should do what you Jews. Sudo requires a tty t
"Are there any permission tricks that would allow a script executed via ssh
to execute "zfs snapshot"??"
It's called setuid bit. There are a host of security concerns around setuid
scripts and programs, so consider how you set things up and what your risks are.
Here's a rough approximation of
On Sun, May 01, 2011 at 08:23:25AM -0700, Reginald Beardsley wrote:
> "Are there any permission tricks that would allow a script executed via ssh
> to execute "zfs snapshot"??"
>
> It's called setuid bit. There are a host of security concerns
> around setuid scripts and programs, so consider how
> From: Matt Connolly [mailto:matt.connolly...@gmail.com]
>
> client$ ssh user@host sudo zfs snapshot blah -> fails = sudo: no tty
present
> and no askpass program specified
# Note: must have a TTY to run sudo, hence the double -t
ssh -t -t user@host 'sudo blah'
On 5/1/2011 9:46 AM, Matt Connolly wrote:
> Hi all,
>
> I'm putting together a script to create zfs snapshots after a backup has been
> completed (via Apple TimeMachine or rsync for example). When I'm logged into
> the machine, I can only access the "zfs snapshot" command as root via "sudo"
> o
Can zfssnap role be restricted to specific filesystems? If not, I'd be
concerned about allowing too much power...
-Original Message-
From: Jamon Camisso [mailto:jamonat...@gmail.com]
Sent: Sunday, May 01, 2011 11:50 AM
To: Discussion list for OpenIndiana
Subject: Re: [OpenIndiana-discus
On 05/01/2011 02:10 PM, Dan Swartzendruber wrote:
>
> Can zfssnap role be restricted to specific filesystems? If not, I'd be
> concerned about allowing too much power...
If that's an issue (I have no idea, haven't investigated), one option
would be to match users in sshd_config and use the Force
On May 1, 2011, at 1:34 PM, Jamon Camisso wrote:
> On 05/01/2011 02:10 PM, Dan Swartzendruber wrote:
>>
>> Can zfssnap role be restricted to specific filesystems? If not, I'd be
>> concerned about allowing too much power...
>
> If that's an issue (I have no idea, haven't investigated), one opt
Thanks Gary - best answer!!
"zfs allow" is exactly what I was looking for. (also great to learn the extra
-t trick with sudo, thanks to others).
And yes, "zfs allow" does apply only to one filesystem (or optionally including
its descendants).
Best,
Matt.
On 02/05/2011, at 1:38 AM, Gary Mills
Good point!
-Original Message-
From: Matt Connolly [mailto:matt.connolly...@gmail.com]
Sent: Sunday, May 01, 2011 5:14 PM
To: Discussion list for OpenIndiana
Cc: Discussion list for OpenIndiana
Subject: Re: [OpenIndiana-discuss] zfs snapshot script
Thanks Gary - best answer!!
"zfs allow
On 27/04/11 01:34 PM, Dave Koelmeyer wrote:
Hi All,
More of an OpenSolaris query originally, as I've always had this
problem, but still have it on oi_147 x86. In certain applications
such as Pidgin and the bundled vncserver,. I have saved my password
(for various chat accounts in the former,
On Sun, May 1, 2011 at 11:44 PM, Dave Koelmeyer wrote:
> On 27/04/11 01:34 PM, Dave Koelmeyer wrote:
>>
>> Hi All,
>>
>> More of an OpenSolaris query originally, as I've always had this problem,
>> but still have it on oi_147 x86. In certain applications such as Pidgin and
>> the bundled vncserve
18 matches
Mail list logo
