Back to article

Linux Backup Server: Refining Rsync, Passwordless Authentication

Rsync Backup Script

February 28, 2011

At last here are the final two parts of this series. Today we learn how to tell rsync which files to include or exclude, set up passwordless login on the backup server, and safely test everything. Tomorrow we put it all together and completely automate wakeup, backup, and shutdown.
The first three parts:
Antec 300 Computer Case Quick Review
Arch Linux Backup Server-- Headless Administration
Linux Backup Server: Remote Wakeup, Automatic Shutdown

Prequisite: SSH Everywhere

You need SSH already set up, tested and working on all your computers. At a minimum you need the SSH daemon running on the backup server, user accounts on the server, and logins tested from the client PCs.

Rsync Backup Script

While rsync has a huge number of options, there are just a few that I use regularly. This is the script I use the most. It is installed on all the PCs that I want backed up. My backup server is named "backup_server", and why don't we call this backup script "backup_script".

#Simple backup script to backup homedir, with exclude or include options.
#To include files instead of exclude, comment out the exclude line and
#uncomment the include line. And, of course, have an exclude or include file.

rsync -ave ssh /home/carla/ --exclude-from=/home/carla/rsync/exclude.txt --delete --force backup_server:/home/carla/

#rsync -ave ssh /home/carla/ --include-from=/home/carla/rsync/include.txt --delete --force backup_server:/home/carla/

--delete means delete files from the backup server that have been deleted from the source PC. I'm comfortable doing this because I'm careful, and I don't care to backup every file ever created for eternity. Take into account your users' habits, such as the chronic accidental-deleters. --force means delete directories even if they are not empty.

Mind your trailing slashes on the source directories. This trips up admins all the time. /home/carla/ means copy the contents of carla. /home/carla means copy the carla directory as well, so I would end up with /home/carla/carla/ on the backup server. The file must be made executable, so I like to use chmod 0700 backup_script, which limits read-write-execute permissions only to the file owner.

Exclude/Include File

I use the --exclude-from option because I have way more files to include. Put your excluded or included files in a separate plain text file. Here is a simple example for my personal home directory, named most imaginatively exclude.txt:


Excluding the Desktop means I don't backup the Trash directory. ~./macromedia is where Flash cookies live, and I don't see any reason to backup the squillion browser cache files in ~./mozilla. I could fine-tune the file selection to backup my Firefox bookmarks. If I wanted to.

Now you can test this manually. You might want to include the --dry-run option so it doesn't change anything, like this:

$ rsync --dry-run -ave ssh /home/carla/ --exclude-from=/home/carla/rsync/exclude.txt --delete --force backup_server:/home/carla/ | tee dryrun.txt

Piping the output to the tee command lets you see all the output on screen, and it also goes into a text file for easy review. You can omit | tee dryrun.txt without affecting the backup; all that does is record what it does. Once you're satisfied, remove the --dry-run option and the -v option, since you won't need verbose output for automatic unattended backups.