For $reasons, I’d like my repo files owned by my “normal” user. But I’d also like to be able to backup all files, even those “normally” requiring root to access.
$reasons include that later I’d like to restic copy to an sftp:// URL and I only want my normal user to have ssh setup - I’d like to avoid having to maintain /root/.ssh also.
Is there some way I’ve missed to backup all files but still have the repo files owned by id?
I see at least these two solutions:
sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo- but that seems like a hack.- Use the approach from Examples / Backing up your system without running restic as root, but with my own user instead of the
resticuser.
I think 2 has some problems.
- I now won’t get updates with
apt. - If I allow
~peter/bin/resticto read all file withsetcap, I’m essentially giving thepeteruser access to read all files on the system (withoutsudo) via aresticbackup/restore. I’m not crazy about that.
If I use the restic user for this, my repo will now be owned by restic instead of root which is not much better, if I then afterwards want to restic -r sftp:// ... copy ....
I guess what I’m looking for is:
restic -r ... init --force-file-ownership peter
or
restic -r ... backup --force-file-ownership peter
But realistically I guess sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo will work too, I’m just hoping there’s something I’ve missed.