Backup server question
mroselinux at eastgranby.k12.ct.us
mroselinux at eastgranby.k12.ct.us
Fri Apr 22 00:31:15 UTC 2005
> On Thu, 2005-04-21 at 10:54 -0400, mroselinux at eastgranby.k12.ct.us
> wrote:
>> We have a FC3 server running samba, dhcpd, and named (for internal names
>> only). Each night, a backup server to the primary runs rsync to
>> download
>> changed/new files.
>>
>> This is a vacation week at our high school and I tried our backup plan
>> for
>> the first time since upgrading to FC3. When bringing up the backup
>> server
>> as primary, I ran into a security problem with dhcpd (dhcpd: Can't open
>> lease database /var/lib/dhcp/dhcpd.leases: Permission denied). I issued
>> a
>> setforce 0 command and restarted dhcpd and all was ok. I then again
>> stopped dhcpd, issued a setenforce 1 command, restarted dhcpd and again
>> all was ok.
>>
>> So, should I be running fixfiles each night at the end of the rsync
>> script? Or is there a better solution that someone with expertise can
>> suggest?
>
> I think that the FC4/development tree includes a patch to rsync to allow
> preservation of extended attributes (which would include the SELinux
> attributes). Hence, you might try building the development rsync SRPM
> on FC3 and trying it there (using the -X option). You need the updated
> rsync on both the client and server. Naturally, you'd want to test it
> out somewhere other than your production machine first.
>
> --
> Stephen Smalley <sds at tycho.nsa.gov>
> National Security Agency
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
Stephen - Thanks for the info, but I don't think that I have the
capability to build rsync. I will look forward to it. But in the
meantime, is running fixfiles at the end of the rsync script an ok
approach?
Mark
More information about the fedora-selinux-list
mailing list