[root@GJB-UAT ~]# groupadd rsync
[root@GJB-UAT ~]# useradd -g rsync.rsync
[root@GJB-UAT ~]# useradd -g rsync rsync
[root@GJB-UAT ~]# grep rsync /etc/passwd
rsync:x:501:501::/home/rsync:/bin/bash
[root@GJB-UAT ~]# mkdir /home/rsync/backup/
[root@GJB-UAT ~]# ll /home/rsync/
总用量 4
drwxr-xr-x. 2 root root 4096 1月 17 17:15 backup
[root@GJB-UAT ~]# chown -R rsync.rsync /home/rsync/backup/
[root@GJB-UAT ~]# ll /home/rsync/
总用量 4
drwxr-xr-x. 2 rsync rsync 4096 1月 17 17:15 backup
5,创建rsync daemon的配置文件
[root@GJB-UAT ~]# vim /etc/rsyncd.conf
uid = rsync
gid = rsync
use chroot = no
x connections = 40
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
log file = /home/rsync/backup/rsyncd.log
[backup]
path = /home/rsync/backup/
ignore errors
read only = false
list = false
hosts allow = 192.168.180.0/24
auth users = rsync
secrets file =/etc/rsync.password
[root@GJB-UAT ~]# vim /etc/rsync.password
rsync:liqingbiao
[root@GJB-UAT ~]# chmod 600 /etc/rsync.password
[root@GJB-UAT ~]# chmod 600 /etc/rsyncd.conf
(二)安装rsync客户端(源端)
1,关闭SELINUX
[root@Monitor conf]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
2,开启防火墙tcp 873端口
[root@Monitor conf] vim /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 873 -j ACCEPT
"/etc/sysconfig/iptables" 15L, 607C 已写入
[root@Monitor conf] /etc/init.d/iptables restart
[root@Monitor conf] iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:873
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0