rsync run as root sudo without password

This is a common issue, what if a issue shouldn't have root but you want to use that user to make a full backup of a system?  They of course need root access.

You can actually just give them passwordless sudo access to rsync in /etc/sudoers:

sudo vi /etc/sudoers

yourusername ALL = NOPASSWD: /usr/bin/rsync
 

Here is how you would execute rsync:

The key thing for the remote host is to use:

--rsync-path="sudo rsync"

This (above) executes rsync on the remote host as root.

To run rsync locally with root privileges you also need to start it with "sudo rsync" as shown below.

sudo rsync -e 'ssh -i /home/yourlocalusername/.ssh/id_rsa' --rsync-path="sudo rsync" -Phaz remoteuser@remotehost.com /remote/path /local/path

It is also important to use the -e swtich as above if you are depending on a key to login (which most will be):

'ssh -i /home/yourlocalusername/.ssh/id_rsa'

You are basically specifying your keyfile location so that root doesn't use its own since you are likely not using root's ssh public key (and shouldn't be!)


Tags:

rsync, sudo, passwordthis, shouldn, user, passwordless, etc, sudoers, vi, yourusername, nopasswd, usr, bin, execute, quot, executes, locally, privileges, ssh, yourlocalusername, id_rsa, phaz, remoteuser, remotehost, swtich, depending, login, specifying, keyfile, doesn,

Latest Articles

  • Linux Mint 18.2 Create Config File To Start Application Upon Login
  • Dell Wyse Thin Client BIOS Access Key
  • sudoers fle in /etc warning about comments/includes!
  • Centos 7 Reallocate logical volume space to another
  • lvm how to reduce volume size
  • letsencrypt certbot error "Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80."
  • SSH error cannot Forward or Listen "bind: Cannot assign requested address"
  • X11 SSH Linux Forwarding Error
  • Using Microsoft's Group Policy Management Editor (GPME) To Change Default Permissions and Internet Explorer Security Settings
  • Thunderbird How To Disable An Email Account
  • iptables linux firewall recommended rules for public computing
  • LVM How To Create Pool (dynamically allocated and not fully allocated)
  • VMWare Pro Workstation Nic Disconnected and No IP Using NAT
  • Linux How To Create A RamDisk
  • mdadm force resync when resync=PENDING solution
  • Proxmox Breaks Storage/LVM Backing If Killing QEMU-IMG
  • Proxmox trying to acquire lock... TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout
  • Debian 9 SSH root password authentication failure password not working problem / solution
  • QEMU / KVM How To Manually Create Basic Virtual Machine VM
  • Linux wlan0 check all wireless clients