使用 rsync 备份 gitosis 存储库?
我有一个标准的 gitosis 设置,我想使用 rsync 进行备份。当我尝试:
rsync -avz [email protected]:/home/git git_origin/
或
rsync -avz --rsync-path 'sudo rsync' 192.168.0.2:/home/git git_origin/
它不处理任何存储库文件。很确定这与“git”用户没有密码并完全拥有 /home/git/repositories 目录结构中所有文件的所有权有关。由于您无法“ssh git”或“su git”,我无法达到正确的权限级别。
那么,如何使用 rsync 备份我的所有 gitosis 存储库?
I have a standard gitosis setup that I would like to backup using rsync. When I try:
rsync -avz [email protected]:/home/git git_origin/
or
rsync -avz --rsync-path 'sudo rsync' 192.168.0.2:/home/git git_origin/
It copes no repository files. Pretty sure it has to do with how the 'git' user has no password and complete ownership of all files in it's /home/git/repositories directory structure. Since you can't 'ssh git' or 'su git' I can't achieve the correct permission level.
So, how do I use rsync to backup all my gitosis repositories?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
IMO 最简单的方法是将自定义密钥添加到 git 用户的
authorized_keys文件中。在
### auto generated by gitosis, DO NOT EDIT行上方添加一个条目,以 root 用户身份在/home/git/.ssh/authorized_keys下(在大多数情况下) Linux 系统),你应该可以开始了。默认情况下,Gitosis 在重新生成时会忽略authorized_keys文件的自定义条目。如果您想进一步锁定服务器,您可以随时在密钥输入之前添加自定义
command=指令,谷歌搜索“rsync ssh lock down”会为您提供http://sixohthird.com/1458/locking-down-rsync-using-ssh 作为第一个命中,其中应该可以帮助你开始。通过 rsync 抓取文件而不跳过一些随机用户切换环(如 user->root->git 切换)的唯一其他方法是使用 ssh 以 root 用户身份连接并使用它抓取文件。
通过提供自定义
authorized_keys条目,以 root 用户身份运行并以 git 用户身份进行 ssh 操作,都应该为您提供访问要 rsync 的文件所需的权限。Easiest way IMO would be to add a custom key into your
authorized_keysfile for the git user.Add in an entry above the line that says
### autogenerated by gitosis, DO NOT EDITas the root user under/home/git/.ssh/authorized_keys(on most Linux systems) and you should be good to go. Gitosis by default ignores custom entries to theauthorized_keysfile when regenerating it.If you want to lock the server down more, you can always add a custom
command=directive before the key entry, googling "rsync ssh lock down" gives you http://sixohthree.com/1458/locking-down-rsync-using-ssh as the first hit, which should get you started.The only other way of grabbing the files over rsync without jumping through some random user switching hoops (as in user->root->git switches) would be to use ssh to connect as the root user and grab the files with it.
Both running as the root user and ssh'ing as the git user by providing a custom
authorized_keysentry should give you the permissions you need to access the files you want to rsync.gitolite 将 rsync 列为它可以提供授权的受支持外部命令之一。
我还没有这样做,但我相信您可以使用允许在每个存储库上使用 rsync 的特定 ssh 密钥进行设置。第一步是在
gitolite.rc文件中设置$RSYNC_BASE。example.conf显示了如何指定 rsync 的权限。如果你想知道为什么我回答 gitolite 而不是 gitosis,gitosis 是不维护的,不推荐使用的,并且已经死了,停止使用它并切换到 gitolite。
gitolite lists rsync as one of the supported external commands that it can provide authorization for.
I have not done this but I believe you can set this up with a specific ssh key allowed to use rsync on every repository. The first step is setting
$RSYNC_BASEin thegitolite.rcfile. Theexample.confshows how to specify permissions for rsync.And encase you are wondering why I answered about gitolite instead of gitosis, gitosis is unmaintained, deprecated, and dead, stop using it and switch to gitolite.
我正在使用这个 脚本开始我的自定义脚本,它正在使用
也许这可以帮助?
I was using this script for a start for my customized scripts, and it is using
Maybe that could help?