Backup files owned by root, but have repo owned by $USER?

For $reasons, I’d like my repo files owned by my “normal” user. But I’d also like to be able to backup all files, even those “normally” requiring root to access.

$reasons include that later I’d like to restic copy to an sftp:// URL and I only want my normal user to have ssh setup - I’d like to avoid having to maintain /root/.ssh also.

Is there some way I’ve missed to backup all files but still have the repo files owned by id?

I see at least these two solutions:

  1. sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo - but that seems like a hack.
  2. Use the approach from Examples / Backing up your system without running restic as root, but with my own user instead of the restic user.

I think 2 has some problems.

  1. I now won’t get updates with apt.
  2. If I allow ~peter/bin/restic to read all file with setcap, I’m essentially giving the peter user access to read all files on the system (without sudo) via a restic backup/restore. I’m not crazy about that.

If I use the restic user for this, my repo will now be owned by restic instead of root which is not much better, if I then afterwards want to restic -r sftp:// ... copy ....

I guess what I’m looking for is:

restic -r ... init --force-file-ownership peter
or
restic -r ... backup --force-file-ownership peter

But realistically I guess sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo will work too, I’m just hoping there’s something I’ve missed.

You could run rest-server as the peter user and backup against that. The resulting repo will be the same. But that’s even a little more hacky than the chown-variant you suggested.

Basically you have the problem that when doing this in one file system, the result is a situation where the peter user will be able to access files (in the backup) that only root should be able to access. Not sure how much sense that makes.

Maybe see if $reasons can be adapted? :innocent:

Thanks, I didn’t know about rest-server (restic noob coming from borgbackup). Yeah, that would do the user separation just great.

Apparently I can even use rest-server --listen unix:/tmp/rest-socket --data /path/to/data and then restic -r rest:http+unix:///tmp/rest.socket:/my_backup_repo/ which sounds pretty sweet, because then I can set permissions on /tmp/rest.socket to control that only peter can read (user) and root can read+write (group) - I didn’t try it yet, though.

And you have a point that the repo (now owned by peter) will have access to read files it shouldn’t (if it has access to the repo password). But any automated restic use by peter will need access to that password as well, so peter will need access to that password “somehow”. And then peter can read files he shouldn’t. I’ll see if $reasons can be adapted… :innocent:. Part of which could be to run rest-server on the remote side so we don’t need ssh setup and it doesn’t matter that the local repo is owned by root.

1 Like