Location>code7788 >text

Getting Started to Mastering rsync and inotify

Popularity:892 ℃/2024-07-22 15:38:12

Description:

--password-file= The system can automatically read the password from the file specified under this location.

Summary:

Server-side configuration

1, create configuration file

2, create a password file, change the permissions to 600

3, create system users

4, create the corresponding directory of the module, modify the owner of the directory, the genus group for the system user

5, start damon mode

 

Client Configuration

1, create a password file for the virtual user with permissions of 600

2, pass files to a module or pull files from a directory

If an error occurs

Step 1; Check the logs

Part 2: Check if selinux, iptables are started

Step 3: Check that the virtual user's file name is correct and that the permissions are correct

 

Supplement:

--delete: make client-side and server-side files identical

--exclude: excludes specified files when doing file transfers

Exclude implementations (client-side)

Way one:Excluding a file

--exclude=file

Way two:Excluding multiple files

--exclude={file1,file2}

Way 3:The wildcard approach

Exclude implementations (server-side)

Add a keyword exclude to the configuration file: this specifies a list of files to be excluded, the contents of the list are separated by spaces

Example:

exclude =

Principle of Perfect Synchronization

During the transfer of files

What the sender has will be transmitted directly to the receiver

Files that the sender does not have, but the receiver does, are deleted

basic composition

global parameter

......

[Module 1]

Module parameters

. . . . . .

[Module 2]

Module parameters

. . . . . .

global parameter

pid file: Specifies the path and name of the pid file for the rsync process

lock file: Specifies the path and name of the file for the rsync process.

log file: path and name of the rsync log file

uid: specifies in what capacity the rsync process is running in the background, (must be a system user)

gid: specify user group

Module Parameters (can be written in the global section, if it is written in the global section, it works for all modules)

path:Specifies the path to the backup directory.

use chroot: whether to lock the user in the home directory

max connections: Specifies the maximum number of simultaneous connections that can be made.

read only:true|false

write only:true|false

list=true|false: set whether to display the full list of modules.

auth users: specify the user name to be used to access the module, here it is a virtual user (not /etc/password).

secrets file: Specifies the database file in which virtual usernames and passwords are stored.

hosts allow: Specifies the ip addresses that can access the module or the rsync server side.

hosts deny: blacklist

timeout: specify the idle timeout period

Supplement:

When neither parameter is present, then all users have arbitrary access to the

Only allow, then only whitelisted users can access the module

Only deny, then only blacklisted users are prohibited from accessing the module

Both parameters are present, prioritize checking the whitelist

If the match is successful, access is granted

If the match fails, go check the blacklist, and if the match is successful disable access

If none of the matches are successful, what about allowing access?

 

Real-time file synchronization

rsync+inotify

rsync+sersync

inotify

hardware

Function:

You can monitor files in a specified directory

When a file is changed, an event is triggered so that you can output information about the file that triggered the event

Monitoring Events

establish

removing

modifications

mobility

epel

mounting position

client (computing)

Apps:

/usr/bin/inotifywait: really realizing what I see monitoring program

/usr/bin/inotifywatch: Statistics

inotify+rsync

inotifywait

options (as in computer software settings)

-r: recursive, monitoring files in subdirectories of a directory

-q: prints only a small amount of information (only monitored events)

-m: always monitoring (default is to monitor in the foreground)

-d: daemon way to run (runs in the background)

-o file: output monitored time to file (default is output to standard output)

-s: output error messages to syslog (default is to output error-messages to standard output)

--excludei: ignore file case

-e <event>: Specify the events to monitor

access: access events

modify: edit event

attrib: modify file attribute event (modifies the source data of the file)

close_write: triggered when the current file is closed from write mode

close_nowrote: triggered when a file is closed from read-only mode

close: This event is triggered when the file is closed, regardless of how it was opened.

open: triggered when the file is opened.

moved--to: triggered when a file is moved to that directory

moved_from: Triggered when a file is moved from the monitored directory.

moved_self: This event is triggered when a move operation is performed in the monitored directory

move: this event is triggered whenever a file move occurs

create: event that creates a file

delete: event that deletes a file

-- timefmt <fmt>: Specify the display format for outputting the point in time at which this event occurred

--format <ftm>:: The specified number of messages to be output when an event occurs.

%f: name of the file in which the event was recorded

%w: absolute path to the directory where the event file was recorded

%e: record the name of the event that occurred (if there is more than one event multiple events are separated by spaces)

%xe: record the name of the event that occurred (if there is more than one event, multiple events are separated by X)

%T: outputs the time when the event occurred (the format of the time is given by --timefmt).<fmt>)

Example:

@web1 ~]#inotifywait -mrq --timefmt "%F%T" --format "%T %w%f %e" -e create,delete,modify /var/robot/video/
@web1 video]# touch 
web1 ~]# inotifywait -mrq --timefmt "%F%T" --format "%T %w%f %e" -e create,delete,modify /var/robot/video/
2024-07-1915:11:58 /var/robot/video/ CREATE

 

The real-time monitoring script is as follows:

#!/bin/bash
prog="inotifywait"
events="create,delete,modify,attrib"
iopt="-mrq"
​
lpath="/var/robot/video"
​
rhost="192.168.1.10"
user="vuser"
secfile="/etc/"
ropt="-az"
modName="mod"
​
​
$prog $iopt --format "%w%f" -e $events $lpath | while read line
do
  rsync $ropt $line $user@$rhost::$modName --password-file=$secfile
done

Major:

In practice, a full backup (rsync) needs to be performed first

The script is then executed for real-time monitoring