I’m trying to create a complete backup for my FreePBX servers, but so far I haven’t been able to include everything I want. I have FOP2 on most of my servers, I’ve changed the ssh settings, created a new cli user with ssh keys, etc. I’ve tried to locate the locations for these setting changes, and I’ve been somewhat successful. However, on some of the locations, I get permission errors.
Saving Backup 4...done!
Initializing Backup 4
Backup Lock acquired!
Running pre-backup hooks...
Adding items...
rsync: send_files failed to open "/usr/local/fop2/autoconfig-buttons.sh": Permission denied (13)
rsync: send_files failed to open "/usr/local/fop2/autoconfig-users.sh": Permission denied (13)
rsync: send_files failed to open "/usr/local/fop2/autofill-groups.sh": Permission denied (13)
rsync: send_files failed to open "/usr/local/fop2/fop2_server": Permission denied (13)
rsync: send_files failed to open "/usr/local/fop2/generate_override_contexts.pl": Permission denied (13)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1178) [sender=3.1.2]
rsync: change_dir "/home/defaultuser" failed: Permission denied (13)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1178) [sender=3.1.2]
/usr/bin/cp: cannot open ‘/etc/ssh/sshd_config’ for reading: Permission denied
Building manifest...
Creating backup...
Storing backup...
Running post-backup hooks...
Backup successfully completed!
It seems like I need to somehow run the backup as sudo or something.
Also, is there an easier way to get a full back than trying to find all of the files and directories and including them in the backup? What about creating an image of the server and automatically sending that to AWS? What would be the best way to do that?
Just to be clear, I need to change the permissions on the files I’m backing up? Or do I somehow need to add the asterisk user to a group that has those permissions? What would that look like? I’m worried to start changing permissions, because I feel like I’ll break something and I won’t know how to fix it or that I will inadvertently open up some security flaws.
Thanks @dicko . What about changing the user file permissions? It seems like changing the permissions of a users home folder might cause problems. Basically, I use a user other than root for ssh connections and I use ssh keys that reside in that users home folder. If I make asterisk the owner of that users home folder, would that not messing anything else up?
fop2 runs as root, it’s home folder is /root/, root has supercow powers, you are conflating everything here, /usr/local/fop2 is the location where fop2 stores it’s state there is nothing I said anywhere about users home folder, if you don’t wont to do the change , then don’t and everything will continue to work but the backups, if you DO the changes, then everything will continue to work with the additional fact that the backups WILL start to work also.
Obviously I didn’t make myself clear. Sorry about that. I was the one who had mentioned the user folder in my initial post. I understand what you mean about fop2 and how that will continue to work after changing the permissions. My follow up question was specifically about another aspect of this issue where asterisk couldn’t back up the home folder of the user I had created to manage freepbx from the CLI.
If you examine your methodology, there is not any good reason that the asterisk user should have access to your “home folder” if you need to do that for any strange reason , that then you should add the asterisk user with read permissions to your user group permissions, but be very careful because the asterisk user is also the user than runs apache2/httpd, think about that and what you have in that directory . . .
A better way might be to copy your needed files into /var/lib/asterisk or /home/asterisk, depending on how you installed asterisk/freepbx
