Tuesday, December 15, 2020

How to Configure rsync as a Daemon


 


What is rsync?

Rsync is a free software utility for Unix- and Linux-like systems that copies files and directories from one host to another. Rsync, which stands for “remote sync”, is a remote and local file synchronization tool. It uses an algorithm that minimizes the amount of data copied by only moving the portions of files that have changed. 

Activity

In this example I am going to configure rsync as a daemon service. For that we need two Linux PCs. For this activity I am using CentOS-7.

Step 1: Install and enable rsync service

Open the terminal and execute below command to install rsync package on both servers.

# yum install rsync 


To enable the service, execute this command. No need to enable the service on both server. You have to pick one server as your source.

# systemctl enable rsyncd

 


Step 2: Edit rsync Configuration File

rsync configuration file available under "/etc/rsyncd.conf". You can use any text file editor to edit the file. Add below configurations to config file.

pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsync.log
port = 12000
uid = root
gid = root

[web-public]
path = /usr/share/html
comment = Web Static Files
read only = false
timeout = 300

After save the config file, start the rsyncd service. 

# systemctl start rsyncd


Verify the service is running with this command.

# systemctl status rsyncd



Step 3: Sync Files

Now go to another server and check whether file are available to sync. You can execute below command to test your connection to the rsync daemon and find which paths are available to you.

# /bin/rsync -rda rsync://192.168.1.17:12000


Execute below command to sync the files to your local pc.

# /bin/rsync -rda rsync://192.168.1.17:12000/web-public /usr/share/html/


Step 4: Secure the rsync

  • Allow only for specific source IPs
To do this add below configurations parameters to rsync config file and restart the service.

hosts allow = 192.168.1.18
hosts deny = *
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsync.log
port = 12000
uid = root
gid = root

  •  Adding Usernames and Passwords

You can make your rsync daemon more secure by adding a username and password requirement in its configuration file. Open /etc/rsyncd.conf add these configurations.

[web-public]
path = /usr/share/html
comment = Web Static Files
read only = false
timeout = 300
auth users = rsync1,rsync2
secrets file = /etc/rsyncd.secrets

Now create credential file "/etc/rsyncd.secrets" and add these users.

rsync1:123123
rsync2:123123
rsync3:123123

Once you have saved this file, secure it so only the root user can read or edit it.

# chmod 600 /etc/rsyncd.secrets 


Now restart the service and very the configurations. First try to sync in normal way without an user.

# /bin/rsync -rda rsync://192.168.1.17:12000/web-public /usr/share/html


It will prompt for password. Now try to sync the files by specifying the user we put in the "rsyncd.secrets" file.

# /bin/rsync -rda rsync://rsync1@192.168.1.17:12000/web-public /usr/share/html




 

on
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)