rsync實驗練習

準備

selinux、iptables關閉

duwen111的配置

[root@duwen111 ~]# cat /etc/xinetd.d/rsync
# default: off
# description: The rsync server is a good addition to an ftp server, as it \
#allows crc checksumming etc.
service rsync
{
disable= no            #這裏改成no了
flags= IPv6
socket_type     = stream
wait            = no
user            = root
server          = /usr/bin/rsync
server_args     = --daemon
log_on_failure  += USERID
}

 

[root@duwen111 xinetd.d]# /etc/init.d/xinetd start
正在啓動 xinetd：                                          [確定]
[root@duwen111 xinetd.d]# netstat -anptu | grep 873
tcp        0      0 :::873                      :::*                        LISTEN      17151/xinetd        
[root@duwen111 xinetd.d]#

準備好測試數據

服務端duwen111

[root@duwen111 html]# ls
config-2.6.32-431.el6.x86_64  initramfs-2.6.32-431.el6.x86_64.img  System.map-2.6.32-431.el6.x86_64
efi                           lost+found                           vmlinuz-2.6.32-431.el6.x86_64
grub                          symvers-2.6.32-431.el6.x86_64.gz
[root@duwen111 html]# pwd
/var/www/html
[root@duwen111 html]#

客戶端duwen112

[root@duwen112 ~]# mkdir /web_back
[root@duwen112 ~]# cd /web_back/
[root@duwen112 web_back]# ls
[root@duwen112 web_back]#

實驗1

使用rsync備份數據

[root@duwen111 ~]# useradd rget1  
[root@duwen111 ~]# useradd rput1  
[root@duwen111 ~]# echo rget1:123456 | chpasswd
[root@duwen111 ~]# echo rput1:123456 | chpasswd
[root@duwen111 ~]# setfacl -R -m user:rput1:rwx /var/www/html/
[root@duwen111 ~]# setfacl -R -m default:user:rput1:rwx /var/www/html/
[root@duwen111 ~]# setfacl -R -m user:rget1:rwx /var/www/html/
[root@duwen111 ~]# setfacl -R -m default:rget1:rwx /var/www/html/

來看看效果

[root@duwen111 ~]# getfacl  /var/www/html
getfacl: Removing leading '/' from absolute path names
# file: var/www/html
# owner: root
# group: root
user::rwx
user:rget1:rwx
user:rput1:rwx
group::r-x
mask::rwx
other::r-x
default:user::rwx
default:user:rget1:rwx
default:user:rput1:rwx
default:group::r-x
default:mask::rwx
default:other::r-x
[root@duwen111 ~]#

開始幹活

[root@duwen112 web_back]# rsync -avz --delete [email protected]:/var/www/html/ /web_back
The authenticity of host '10.211.55.11 (10.211.55.11)' can't be established.
RSA key fingerprint is 40:e1:ad:c0:9a:b6:fc:e7:d9:6d:c3:0e:f4:4d:3a:49.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.211.55.11' (RSA) to the list of known hosts.
[email protected]'s password: 
Permission denied, please try again.
[email protected]'s password: 
receiving incremental file list
./
System.map-2.6.32-431.el6.x86_64
config-2.6.32-431.el6.x86_64
initramfs-2.6.32-431.el6.x86_64.img
symvers-2.6.32-431.el6.x86_64.gz
vmlinuz-2.6.32-431.el6.x86_64
efi/
efi/EFI/
efi/EFI/redhat/
efi/EFI/redhat/grub.efi
grub/
grub/device.map
grub/e2fs_stage1_5
grub/fat_stage1_5
grub/ffs_stage1_5
grub/grub.conf
grub/iso9660_stage1_5
grub/jfs_stage1_5
grub/menu.lst -> ./grub.conf
grub/minix_stage1_5
grub/reiserfs_stage1_5
grub/splash.xpm.gz
grub/stage1
grub/stage2
grub/ufs2_stage1_5
grub/vstafs_stage1_5
grub/xfs_stage1_5
lost+found/
sent 436 bytes  received 22393077 bytes  1791481.04 bytes/sec
total size is 24888221  speedup is 1.11
[root@duwen112 web_back]#

實驗2

rsync非系統用戶備份數據

使用系統配置文件/etc/rsyncd.conf來備份數據，創建備份賬戶，最後把rsync以deamon方式運行

[root@duwen111 ~]# cat /etc/rsyncd.conf
uid = nobody
gid = nobody
address =10.211.55.11
port =873
hosts allow =10.211.55.12
use chroot = yes
max connections = 5
pid file =/var/run/rsyncd.pid
lock file =/var/run/rsync.lock
log file =/var/log/rsyncd.log
motd file =/etc/rsyncd.motd
[MOShen]
path =/var/www/html
comment = used for web_back root
read only = yes
list = yes
auth users = rsyncuser
secrets file =/etc/rsync.passwd
[root@duwen111 ~]#

創建提示文件和用戶密碼

[root@duwen111 ~]# echo "Welcome to Backup Server" > /etc/rsyncd.motd
[root@duwen111 ~]# vim /etc/rsync.passwd
[root@duwen111 ~]# cat /etc/rsync.passwd
rsyncuser:111111
[root@duwen111 ~]# chmod 600 /etc/rsync.passwd
[root@duwen111 ~]#

啓動服務

rsync --daemon —config=/etc/rsyncd.conf
[root@duwen111 ~]# netstat -antup | grep :873
tcp        0      0 :::873                      :::*                        LISTEN      17151/xinetd        
[root@duwen111 ~]# chkconfig xinetd on

測試下

rsync語法：   rsync 選項 用戶名@備份源服務器IP::共享模塊名 目標目錄

[root@duwen112 ~]# rsync -avz [email protected]::MOShen /web_back/

執行後的屏幕輸出，要輸入密碼：

Welcome to Backup Server

Password: 

receiving incremental file list

rsync: opendir "/lost+found" (in MOShen) failed: Permission denied (13)

./

System.map-2.6.32-431.el6.x86_64

config-2.6.32-431.el6.x86_64

rsync: send_files failed to open "/initramfs-2.6.32-431.el6.x86_64.img" (in MOShen): Permission denied (13)

symvers-2.6.32-431.el6.x86_64.gz

vmlinuz-2.6.32-431.el6.x86_64

efi/

efi/EFI/

efi/EFI/redhat/

efi/EFI/redhat/grub.efi

grub/

grub/device.map

grub/e2fs_stage1_5

grub/fat_stage1_5

grub/ffs_stage1_5

rsync: send_files failed to open "/grub/grub.conf" (in MOShen): Permission denied (13)

grub/iso9660_stage1_5

grub/jfs_stage1_5

grub/menu.lst -> ./grub.conf

grub/minix_stage1_5

grub/reiserfs_stage1_5

grub/splash.xpm.gz

grub/stage1

grub/stage2

grub/ufs2_stage1_5

grub/vstafs_stage1_5

grub/xfs_stage1_5

lost+found/

sent 486 bytes  received 5059591 bytes  440006.70 bytes/sec

total size is 24888221  speedup is 4.92

rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1505) [generator=3.0.6]

[root@duwen112 ~]# 

這裏有幾行報錯

/grub/grub.conf

/initramfs-2.6.32-431.el6.x86_64.img

/lost+found

由於在上實驗1中已經給了/var/www/html/文件夾足夠的acl權限

我們把duwen112上的/var/www/html 改成744權限

再次測試

[root@duwen112 ~]# rsync -avz [email protected]::MOShen /web_back/
Welcome to Backup Server
Password: 
receiving incremental file list
./
System.map-2.6.32-431.el6.x86_64
config-2.6.32-431.el6.x86_64
initramfs-2.6.32-431.el6.x86_64.img
symvers-2.6.32-431.el6.x86_64.gz
vmlinuz-2.6.32-431.el6.x86_64
efi/
efi/EFI/
efi/EFI/redhat/
efi/EFI/redhat/grub.efi
grub/
grub/device.map
grub/e2fs_stage1_5
grub/fat_stage1_5
grub/ffs_stage1_5
grub/grub.conf
grub/iso9660_stage1_5
grub/jfs_stage1_5
grub/menu.lst -> ./grub.conf
grub/minix_stage1_5
grub/reiserfs_stage1_5
grub/splash.xpm.gz
grub/stage1
grub/stage2
grub/ufs2_stage1_5
grub/vstafs_stage1_5
grub/xfs_stage1_5
lost+found/
sent 436 bytes  received 22393077 bytes  1791481.04 bytes/sec
total size is 24888221  speedup is 1.11
[root@duwen112 web_back]#

密碼處理

新建一個文件保存好密碼，然後在rsync命令中使用--password-file指定此文件即可

[root@duwen112 ~]# vim passfile
[root@duwen112 ~]# cat passfile
111111
[root@duwen112 ~]# 
[root@duwen112 ~]# chmod 600 /root/passfile

先把web_back目錄刪掉

[root@duwen112 ~]# rm -rf /web_back/

自動密碼測試

[root@duwen112 ~]# rsync -avz [email protected]::MOShen --password-file=/root/passfile /web_back/
Welcome to Backup Server
receiving incremental file list
created directory /web_back
rsync: opendir "/lost+found" (in MOShen) failed: Permission denied (13)
./
System.map-2.6.32-431.el6.x86_64
config-2.6.32-431.el6.x86_64
rsync: send_files failed to open "/initramfs-2.6.32-431.el6.x86_64.img" (in MOShen): Permission denied (13)
symvers-2.6.32-431.el6.x86_64.gz
vmlinuz-2.6.32-431.el6.x86_64
efi/
efi/EFI/
efi/EFI/redhat/
efi/EFI/redhat/grub.efi
grub/
grub/device.map

有錯誤，跟上面一樣的原因了，，，

實驗3

腳本實現定時同步

這裏有個腳本

[root@duwen112 ~]# vim /root/autobackup.sh
[root@duwen112 ~]# cat /root/autobackup.sh
#!/bin/bash
rsync -avz [email protected]::MOShen --password-file=/root/passfile /web_back
[root@duwen112 ~]#

先手動測試下腳本

[root@duwen112 ~]# rm -rf /web_back/*
[root@duwen112 ~]# source autobackup.sh 
Welcome to Backup Server
receiving incremental file list
rsync: opendir "/lost+found" (in MOShen) failed: Permission denied (13)
./
System.map-2.6.32-431.el6.x86_64
config-2.6.32-431.el6.x86_64
rsync: send_files failed to open "/initramfs-2.6.32-431.el6.x86_64.img" (in MOShen): Permission denied (13)
symvers-2.6.32-431.el6.x86_64.gz
vmlinuz-2.6.32-431.el6.x86_64
efi/
efi/EFI/
efi/EFI/redhat/
efi/EFI/redhat/grub.efi
grub/
grub/device.map
grub/e2fs_stage1_5
grub/fat_stage1_5
grub/ffs_stage1_5
rsync: send_files failed to open "/grub/grub.conf" (in MOShen): Permission denied (13)
grub/iso9660_stage1_5
grub/jfs_stage1_5
grub/menu.lst -> ./grub.conf
grub/minix_stage1_5
grub/reiserfs_stage1_5
grub/splash.xpm.gz
grub/stage1
grub/stage2
grub/ufs2_stage1_5
grub/vstafs_stage1_5
grub/xfs_stage1_5
lost+found/
sent 486 bytes  received 5059591 bytes  440006.70 bytes/sec
total size is 24888221  speedup is 4.92
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1505) [generator=3.0.6]
[root@duwen112 ~]# 
[root@duwen111 ~]# ll /var/www/html/grub/grub.conf
-rw-rwx---+ 1 root root 787 9月   5 12:15 /var/www/html/grub/grub.conf
[root@duwen111 ~]# getfacl /var/www/html/
getfacl: Removing leading '/' from absolute path names
# file: var/www/html/
# owner: root
# group: root
user::rwx
user:rget1:rwx
user:rput1:rwx
group::r-x
mask::rwx
other::r-x
default:user::rwx
default:user:rget1:rwx
default:user:rput1:rwx
default:group::r-x
default:mask::rwx
default:other::r-x

 

[root@duwen111 ~]# chmod +r /var/www/html/grub/grub.conf
[root@duwen111 ~]# ll /var/www/html/grub/grub.conf
-rw-rwxr--+ 1 root root 787 9月   5 12:15 /var/www/html/grub/grub.conf

再次測試

[root@duwen112 ~]# rm -rf /web_back/*
[root@duwen112 ~]# source autobackup.sh 
Welcome to Backup Server
receiving incremental file list
rsync: opendir "/lost+found" (in MOShen) failed: Permission denied (13)
./
System.map-2.6.32-431.el6.x86_64
config-2.6.32-431.el6.x86_64
rsync: send_files failed to open "/initramfs-2.6.32-431.el6.x86_64.img" (in MOShen): Permission denied (13)
symvers-2.6.32-431.el6.x86_64.gz
vmlinuz-2.6.32-431.el6.x86_64
efi/
efi/EFI/
efi/EFI/redhat/
efi/EFI/redhat/grub.efi
grub/
grub/device.map
grub/e2fs_stage1_5
grub/fat_stage1_5
grub/ffs_stage1_5
grub/grub.conf
grub/iso9660_stage1_5
grub/jfs_stage1_5
grub/menu.lst -> ./grub.conf
grub/minix_stage1_5
grub/reiserfs_stage1_5
grub/splash.xpm.gz
grub/stage1
grub/stage2
grub/ufs2_stage1_5
grub/vstafs_stage1_5
grub/xfs_stage1_5
lost+found/
sent 486 bytes  received 5060002 bytes  3373658.67 bytes/sec
total size is 24888221  speedup is 4.92
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1505) [generator=3.0.6]
[root@duwen112 ~]#

同理，修改下列文件的權限

[root@duwen111 html]# chmod +r /var/www/html/initramfs-2.6.32-431.el6.x86_64.img
[root@duwen111 ~]# chmod +r /var/www/html/lost+found/

再測試一次

[root@duwen112 ~]# rm -rf /web_back/*
[root@duwen112 ~]# source autobackup.sh 
Welcome to Backup Server
receiving incremental file list
./
System.map-2.6.32-431.el6.x86_64
config-2.6.32-431.el6.x86_64
initramfs-2.6.32-431.el6.x86_64.img
symvers-2.6.32-431.el6.x86_64.gz
vmlinuz-2.6.32-431.el6.x86_64
efi/
efi/EFI/
efi/EFI/redhat/
efi/EFI/redhat/grub.efi
grub/
grub/device.map
grub/e2fs_stage1_5
grub/fat_stage1_5
grub/ffs_stage1_5
grub/grub.conf
grub/iso9660_stage1_5
grub/jfs_stage1_5
grub/menu.lst -> ./grub.conf
grub/minix_stage1_5
grub/reiserfs_stage1_5
grub/splash.xpm.gz
grub/stage1
grub/stage2
grub/ufs2_stage1_5
grub/vstafs_stage1_5
grub/xfs_stage1_5
lost+found/
sent 486 bytes  received 22393158 bytes  6398184.00 bytes/sec
total size is 24888221  speedup is 1.11
[root@duwen112 ~]#

可以看到成功了

加入任務計劃

[root@duwen112 ~]# crontab -e
[root@duwen112 ~]# crontab -l
11 23 * * * /bin/sh /root/autobackup.sh

重啓crond服務器

[root@duwen112 ~]# killall crond 
[root@duwen112 ~]# ps aux | grep crond
root     17902  0.0  0.1 103256   844 pts/0    S+   22:09   0:00 grep crond
[root@duwen112 ~]# /usr/sbin/crond
[root@duwen112 ~]# ps aux | grep crond
root     17961  0.0  0.2 117296  1244 ?        Ss   22:09   0:00 /usr/sbin/crond
root     17975  0.0  0.1 103256   844 pts/0    S+   22:09   0:00 grep crond

 

結果

[root@duwen112 ~]# date
2016年 09月 05日 星期一 23:11:58 CST
You have new mail in /var/spool/mail/root
[root@duwen112 ~]# vim /var/spool/mail/root #先看下郵件，不過沒有關係
[root@duwen112 ~]# ls /web_back/
config-2.6.32-431.el6.x86_64  initramfs-2.6.32-431.el6.x86_64.img  System.map-2.6.32-431.el6.x86_64
efi                           lost+found                           vmlinuz-2.6.32-431.el6.x86_64
grub                          symvers-2.6.32-431.el6.x86_64.gz
[root@duwen112 ~]#

實驗4

rsync+inotify實時同步

上傳inotify源碼包

[root@duwen111 ~]# scp [email protected]:/Users/duwen/Downloads/inotify-tools-3.13.tar.gz /root
The authenticity of host '10.211.55.2 (10.211.55.2)' can't be established.
RSA key fingerprint is d6:3c:6e:2f:5d:46:c0:70:8b:a4:2f:40:d6:d5:3e:36.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.211.55.2' (RSA) to the list of known hosts.
Password:
inotify-tools-3.13.tar.gz                                                                   100%  380KB 380.3KB/s   00:00    
[root@duwen111 ~]#

源碼編譯環境

[root@duwen111 ~]# yum -y install gcc* zlib* pcre*

查看內核支持inotify和調整

[root@duwen111 ~]# ls /proc/sys/fs/inotify/ 
max_queued_events  max_user_instances  max_user_watches

[root@duwen111 ~]# vim /etc/sysctl.conf

在最下面添加：

fs.inotify_max_queued_events = 32768

fs.inotify_max_user_instances = 1024

fs.inotify.max_user_watches = 90000000

安裝inotify-tools

tar xf inotify-tools-3.13.tar.gz -C /usr/local/src/
cd /usr/local/src/inotify-tools-3.13/
./configure --prefix=/usr/local/inotify-tools
make ; make install
cd ; ln -s /usr/local/inotify-tools/bin/* /usr/bin/

 

實現密鑰訪問

生成密鑰文件

ssh-keygen

發佈密鑰

ssh-copy-id [email protected]

寫好inotify監控腳本

[root@duwen111 ~]# cat inotify.sh
#!/bin/bash
SRC=/var/www/html
[email protected]:/web_back
inotifywait -mrq -e modify,delete,create,attrib ${SRC} | while read D E F
do 
/usr/bin/rsync -avz --delete $SRC $DST
done
[root@duwen111 ~]#

把腳本/root/inotify.sh加入後臺監控

[root@duwen111 ~]# chmod +x inotify.sh ; echo "sh /root/inotify.sh &" >> /etc/rc.local