For $reasons, I’d like my repo files owned by my “normal” user. But I’d also like to be able to backup all files, even those “normally” requiring root to access.
$reasons include that later I’d like to restic copy to an sftp:// URL and I only want my normal user to have ssh setup - I’d like to avoid having to maintain /root/.ssh also.
Is there some way I’ve missed to backup all files but still have the repo files owned by id
?
I see at least these two solutions:
sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo
- but that seems like a hack.- Use the approach from Examples / Backing up your system without running restic as root, but with my own user instead of the
restic
user.
I think 2 has some problems.
- I now won’t get updates with
apt
. - If I allow
~peter/bin/restic
to read all file withsetcap
, I’m essentially giving thepeter
user access to read all files on the system (withoutsudo
) via arestic
backup/restore. I’m not crazy about that.
If I use the restic
user for this, my repo will now be owned by restic
instead of root
which is not much better, if I then afterwards want to restic -r sftp:// ... copy ...
.
I guess what I’m looking for is:
restic -r ... init --force-file-ownership peter
or
restic -r ... backup --force-file-ownership peter
But realistically I guess sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo
will work too, I’m just hoping there’s something I’ve missed.