l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2011 Jan 28 13:59

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Backup User Permissions
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Backup User Permissions



On 01/24/2011 02:43 PM, Kyle Ambroff wrote:
> On Mon, Jan 24, 2011 at 1:27 PM, Alex Mandel <tech_dev@wildintellect.com> wrote:
>> So I'm trying to setup automated remote backup of some files from
>> machine1 to machine2 using something simple like rsync. What I'm having
>> trouble figuring out is what user to run it as and how to get that user
>> the correct permissions.
>>
>> In the example use case I want to copy my Apache logs over to a 2nd
>> machine to run awstats on it without putting much of a load on the
>> actual web server. I was thinking of creating a "backup" user,
>> generating a passphraseless key and then rsync on a cron timer.
>> Should this user be a system user (below 1000) or a regular user (above
>> 1000), since it needs a key I would assume it needs to be a regular user
>> with a home directory?
>>
>> Question 2 is how do I make sure it has permissions to read the logs?
>> It appears that most of /var/log/apache2 files are root:adm but some are
>> root:root. If they were all g+r for adm then just adding my backup user
>> to the adm group should work?
>>
>> Looks like I need to go figure out why some logs have a different group.
> 
> I really don't think using SSH for stuff like this is a good idea.
> It's just too hard to get the security right, especially with a
> passphraseless key. Too scary for me. Just don't do it.
> 
> If your main use case is collecting statistics from your web servers
> then I suggest you look at Ganglia[1]. One of my coworkers has
> released a bunch of really awesome Ganglia tools that we use at Linden
> Lab for monitoring 10k+ servers, many of which are running Apache.
> 
> http://ben.hartshorne.net/ganglia/
> 
> Check out ganglia-logtailer for example. It includes support for
> collecting the following stats from Apache:
> 
>  * Requests per second
>  * Requests per second broken down by HTTP method
>  * Average query processing time
>  * Ninetieth percentile query processing time
>  * Number of 200, 300, 400 and 500 responses per second.
> 
> All of this data ends up on your Ganglia dashboard, along with general
> system health. As an added bonus you can use his ganglios plugin for
> Nagios[2] to set up alerts on any value in Ganglia. This is just
> fantastic once you have it set up. You can set it up to send SMS
> messages or emails if you have a spike in 500 responses, for example.
> Having historical performance data can be a life saver as well.
> 
> -Kyle
> 
> [1] http://ganglia.sourceforge.net/
> [2] http://www.nagios.org/

Interesting idea, but that isn't really the data I'm trying to get. I
already have munin running for general health tracking. The analysis of
the logs is more about who is visiting what, and where are they from, +
inferring how long they stayed on the site. So it really relies on
having the log files as a whole and running through some tools, one of
which is awstats, another is an import to a RBDMs for more exact query
reporting.

Thanks,
Alex
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.