Shulou(Shulou.com)06/01 Report--

This article mainly explains "the installation and configuration of rsync server in CentOS6". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Next let the editor to take you to learn "the installation and configuration of rsync server in CentOS6"!

A brief introduction to rsync

Rsync (remote synchronize) is a remote data synchronization tool that allows you to quickly synchronize files between multiple hosts through LAN/WAN, or to synchronize different directories on your local hard disk using Rsync.

Rsync is a tool to replace rcp. Rsync uses the so-called "Rsync algorithm" to synchronize files between local and remote hosts. This algorithm transfers only different parts of the two files, rather than the whole file each time, so it is quite fast. You can refer to How Rsync Works A Practical Overview to learn more about how rsync works.

Rsync supports most Unix-like systems, and has been well tested on Linux, Solaris, and BSD. In addition, it also has corresponding versions under the windows platform, the more well-known are cwRsync and Sync2NAS.

The initial authors of Rsync are Andrew Tridgell and Paul Mackerras, which is currently maintained by http://rsync.samba.org.

The basic features of Rsync are as follows:

1. You can mirror and save the entire directory tree and file system

two。 It is easy to maintain the permissions, time, soft and hard links of the original file, etc.

3. Can be installed without special permission

4. Optimized process, high efficiency of file transfer

5. You can use rcp, ssh, etc., to transfer files, of course, through a direct socket connection

6. Anonymous transfer is supported to facilitate site mirroring.

When using rsync for remote synchronization, there are two ways to use: remote Shell mode (ssh is recommended, ssh is responsible for user authentication) and ssh S mode (that is, the customer connects to the remote rsync server, and the user authentication is carried out by the rsync server).

Whether you synchronize the directory locally or remotely, all files will be copied once at the first run, and only the changed files (for new files) or the changed parts of the files (for original files) will be copied when you run them later.

Rsync has no speed advantage in the first replication, and the speed is not as fast as tar, so when the amount of data is large, you can consider using tar for the first replication, and then using rsync for data synchronization.

II. System environment

System platform: CentOS release 6.3 (Final)

Rsync version: rsync-3.0.9-2.el6.rfx.x86_64.rpm

Rsync server: TS-DEV (172.16.1.135)

Rsync client: TS-CLIENT (172.16.1.136)

Third, install rsync service on the server side

3.1. Check if rsync is installed

# rpm-qa | grep rsync

If already installed, use the rpm-e command to uninstall.

3.2. Download the RPM package

# wget http://pkgs.repoforge.org/rsync/rsync-3.0.9-2.el6.rfx.x86_64.rpm

3.3. Install rsync

# rpm-ivh rsync-3.0.9-2.el6.rfx.x86_64.rpm

4. Configure rsync service

4.1. To configure a rsync server

First of all, you need to choose the server startup method.

Rsync servers with heavy loads should be run independently.

Xinetd operation mode can be used for lighter rsync servers.

Create a profile rsyncd.conf

It is also necessary to create authentication password files for rsync servers with non-anonymous access.

4.2. Run the rsync service as xinetd

CentOS runs the rsync service as xinetd by default. Xinetd profile for rsync

In / etc/xinetd.d/rsync. To configure a rsync service running as xinetd, you need to execute the following command:

# chkconfig rsync on# service xinetd restart

The administrator can modify the / etc/xinetd.d/rsync configuration file to suit your needs. For example, you can modify the configuration line

Server_args =-- daemon

Add the service option for rsync later.

4.3. Run the rsync service independently

The easiest way to run the rsync service independently is to execute the following command:

# / usr/bin/rsync-daemon

You can write the above command to the / etc/rc.local file to run the rsync service each time you start the server. Of course, you can also write a script to start the rysnc service automatically when you boot.

4.4. Profile rsyncd.conf

Both modes of operation of rsync services require configuration of rsyncd.conf, which is similar to the main configuration file of samba.

The configuration file rsyncd.conf is in the / etc directory by default. To put all files related to the rsync service in a separate directory, execute the following command:

# mkdir / etc/rsyncd# touch / etc/rsyncd/rsyncd.conf# ln-s / etc/rsyncd/rsyncd.conf / etc/rsyncd.conf

The configuration file rsyncd.conf consists of a global configuration and several module configurations. The syntax of the configuration file is:

The module starts with [module name]

The format of the parameter configuration line is name = value, where value can have two data types:

String (you can delimit a string without quotation marks)

Boolean value (1 yes/no or true/false)

Behavior comments that begin with # or;

\ is a continuation character

Global parameter

All configuration lines except [module] in the file are global parameters. Of course, you can also define a module parameter in the global parameters section, where the value of this parameter is the default value of all modules.

Parameter describes the IP address at which the specified server is running when the default value, address, is running independently. This parameter is ignored by the xinetd runtime and replaced with the-address option on the command line. All local IPport specifies the port number that the rsync daemon listens to. This parameter is ignored by the xinetd runtime and replaced with the-port option on the command line. 873motd file specifies a message file whose contents are displayed to the client when the client connects to the server. Daemons without pid filersync write their PID to the specified file. No log file specifies the log file for the rsync daemon without sending the log to syslog. No syslog facility specifies the message level at which rsync sends log messages to syslog. Daemonsocket options specifies custom TCP options. None

Module parameters

Module parameters are mainly used to define which directory of the rsync server will be synchronized. The module declaration must be in the form of [module], which is the name you see on the rsync client, similar to the share name provided by the Samba server. The data that the server actually synchronizes is specified through path. You can specify multiple modules according to your needs, and the following parameters can be defined in the module:

a. Basic module parameters

Parameter description the default value, path, specifies the synchronization path of the current module on the rsync server, which must be specified. No comment assigns a description to the module, which, along with the module name, is displayed to the customer when the client connects to get the module list. None

b. Module control parameters

Parameter description: if the default value use chroot is true, rsync will first chroot to the directory specified by the path parameter before transferring the file. The reason for this is to implement additional security, but the disadvantage is that root permissions are required and the directory files pointed to by symbolic links outside path cannot be backed up. Trueuid specifies that the module transfers files at the specified UID. Nobodygid specifies that the module transfers files at the specified GID. Nobodymax connections specifies the maximum number of concurrent connections for the module to protect the server, and connection requests that exceed the limit are told to try again later. 0 (No limit) lock file specifies the lock file that supports the max connections parameter. / var/run/rsyncd.locklist specifies whether the module should be listed when the customer requests a list of modules that can be used. If you set this option to false, you can create hidden modules. Trueread only specifies whether to allow customers to upload files. Upload is not allowed if it is true; if it is false and the server directory also has read and write access, upload is allowed. Truewrite only specifies whether to allow customers to download files. If true, download is not allowed; if false and the server directory also has read access, download is allowed. Falseignore errors specifies whether to ignore the delete O error when running the delete operation on the rsync server. Generally speaking, rsync will skip the-delete operation in the event of an IAccord O error to prevent serious problems caused by temporary insufficient resources or other IAccord O errors. Trueignore nonreadable specifies that the rysnc server completely ignores files that the user does not have access to. This makes sense when there are some files in the directory that need to be backed up that should not be obtained by the backup. Falsetimeout this option overrides the IP timeout specified by the customer. This ensures that the rsync server does not wait forever for a crashed client. For anonymous rsync servers, the ideal number is 600 (in seconds). 0 (unrestricted) dont compress is used to specify files that are not compressed before transfer. This option defines a list of command options that customers are not allowed to use on the module. You must use the full name of the option, not the abbreviation. When an option is rejected, the server reports an error message and exits. For example, to prevent the use of compression, it should be: "dont compress = *". * .gz * .tgz * .zip * .z * .rpm * .deb * .iso * .bz2 * .tbz

c. Module file filter parameters

Parameter description the default value exclude specifies multiple files or directories (relative paths) separated by spaces and adds them to the exclude list. This is equivalent to using-exclude in a client command to specify the mode. An empty exclude from specifies a file name that contains the exclude rule definition from which the server reads the exclude list definition. An empty include specifies multiple files or directories (relative paths) separated by spaces and adds them to the include list. This is equivalent to using-include in a client command to specify the mode. An empty include from specifies a file name that contains the include rule definition from which the server reads the include list definition. Vbl.

A module can only specify one exclude parameter and one include parameter. Complex exclude/include rules can be defined by combining include and exclude. These parameters are equivalent to the corresponding rsync client command options, except that they work on the server side. For information on how to write rule files, please refer to http://www.howtocn.org/rsync:use_rsync.

d. Module user authentication parameters

Parameter description the default value, auth users, specifies a list of user names separated by spaces or commas, and only these users are allowed to connect to the module. The users here have nothing to do with the users of the system. The user name and password are stored in clear text in the file specified by the secrets file parameter. (anonymous) secrets file specifies an rsync authentication password file. This file works only if auth users is defined. An empty strict modes specifies whether to monitor the permissions of the password file. If true, the password file can only be accessed by the user running as the rsync server, and no other user can access the file. True

The permissions for the rsync authentication password file must be 600, otherwise the client will not be able to connect to the server. Each line in the rsync authentication password file specifies a user name: password pair in the format:

Username:passwd

Generally speaking, passwords should not exceed 8 characters. If you configure only anonymously accessed rsync servers, you do not need to set the above parameters.

e. Module access control parameters

Parameter description the default value hosts allow uses a list of hosts to specify which host customers are allowed to connect to the module. Hosts that do not match the list of hosts will be rejected. * hosts deny uses a list of hosts to specify which host customers are not allowed to connect to the module. Vbl.

The customer host list definition can be in the following form:

A single IP address. For example: 192.168.0.1 the entire network segment. For example, a single hostname that can be resolved by 192.168.0.0 Universe 24192.168.0.0 Universe 255.255.255.0. For example: all hosts in the domain centos, centos.bsmart.cn. For example: * .bsmart.cn "*" means all. Multiple list items are separated by spaces.

f. Module log parameters

Parameter description the default value of transfer logging causes the rsync server to log the transfer operation to the transfer log file. Falselog format specifies the field for the transfer log file. "o h [a] m (u) f l"

When the "log file" parameter is set, "% t [% p]" is added at the beginning of each line of the log.

The log format definers that can be used are as follows:

% a-remote IP address

% h-remote hostname

% l-number of file length characters

% p-PID of this rsync session

% o-Action type: "send" or "recv"

% f-File name

% P-Module path

% m-module name

% t-current time

% u-authenticated user name (null when anonymous)

% b-actual number of bytes transferred

% c-record the check code of the file when it is sent

5. Application case of rsync server

5.1. Configure rsync services on the server-side TS-DEV

a. Edit configuration file

# vi / etc/rsyncd/rsyncd.conf

# Minimal configuration file for rsync daemon# See rsync (1) and rsyncd.conf (5) man pages for help# This line is required by the / etc/init.d/rsyncd script

# GLOBAL OPTIONSuid = root gid = root

Use chroot = no

Read only = yes # limit access to private LANshosts allow=172.16.0.0/255.255.0.0 192.168.1.0 limit access to private LANshosts allow=172.16.0.0/255.255.0.0 255.255.255.0 10.0.1.0/255.255.255.0hosts deny=* max connections = 5

Pid file = / var/run/rsyncd.pid

Secrets file = / etc/rsyncd/rsyncd.secrets # lock file = / var/run/rsync.lock

Motd file = / etc/rsyncd/rsyncd.motd # This will give you a separate log filelog file = / var/log/rsync.log # This will log every file transferred-up to 85000 + per user, per synctransfer logging = yes log format =% t% a% m% f% bsyslog facility = local3timeout = 300

# MODULE OPTIONS [davidhome] path = / home/david/ list=yes ignore errorsauth users = david comment = David home exclude = important/ [chinatmp] path = / tmp/china/list=noignore errorsauth users = chinacomment = tmp_china

b. Create / etc/rsyncd/rsyncd.secrets file

# vim / etc/rsyncd/rsyncd.secrets

David:asdf # format username: password

China:jk # this user is not required to be a system user

c. For the security of the password, we set the permission to 600

# chown root:root / etc/rsyncd/rsyncd.secrets

# chmod 600 / etc/rsyncd/rsyncd.secrets

d. Establish the welcome information file / etc/rsyncd/rsyncd.motd seen by the client connecting to the server

# vim / etc/rsyncd/rsyncd.motd

+ +

+ David Camp +

+ +

e. Start rsync

# / etc/init.d/xinetd restart

f. Check to see if port 873 is up

# netstat-an | grep 873

If rsync starts successfully, you can see that port 873 is already listening.

g. Server-side file details

5.2. Client configuration

a. Client installs rsync

# yum-y install rsync

b. Synchronize data through the rsync client

Scenario 1:

# rsync-avzP david@172.16.1.135::davidhome / tmp/david/

Password: enter the password of david here, which is provided by the server. In the previous example, we used asdf, and the password entered is not shown. Enter enter after typing.

Note: this command means that you log in to the server with the david user and synchronize the davidhome data to the local directory / tmp/david/. Of course, you can define the local directory, such as dave; when you are on the client, there is no davidhome directory under the current operation directory, the system will automatically create one for you; when it exists in the davidhome directory, you should pay attention to its write permission.

Description:

-a parameter, equivalent to-rlptgoD,-r is recursive-l is a linked file, meaning to copy a linked file;-p means to keep the original permissions of the file;-t to keep the original time of the file;-g to keep the original user group of the file;-o to keep the original owner of the file;-D is equivalent to the block device file.

-z compression during transmission

-P transmission progress

The progress of-v transmission and other information has something to do with-P, try it yourself. You can read the document.

Scenario 2:

# rsync-avzP-- delete david@172.16.1.135::davidhome / tmp/david/

This time we introduce a-delete option, which means that the data on the client side should be exactly the same as the server side, and if there are files in the / tmp/david/ directory that do not exist on the server, delete them. The ultimate goal is to keep the data on the / tmp/david/ directory exactly the same as on the server; be careful when using it, it is best not to use the directory that already has important numbers as a local update directory, otherwise all your data will be deleted

Scenario 3:

# rsync-avzP-- delete-- password-file=/tmp/rsync.password david@172.16.1.135::davidhome / tmp/david/

This time we added an option-password-file=rsync.password, so that when we log in to the rsync server as david to synchronize data, the password will read the file / tmp/rsync.password. The content of this file is only the password of the david user. We need to do the following

# touch / tmp/rsync.password

# chmod 600 / tmp/rsync.password

# echo "asdf" > / tmp/rsync.password

# rsync-avzP-- delete-- password-file=/tmp/rsync.password david@172.16.1.135::davidhome / tmp/david/

Note: this eliminates the need for a password; in fact, this is more important, because it is necessary for the server to schedule tasks through crond

5.3. The rsync client automatically synchronizes data with the server

Edit crontab

# crontab-e

Add the following code:

100 * rsync-avzP-- delete-- password-file=/tmp/rsync.password david@172.16.1.135::davidhome / tmp/david/

Indicates that the following commands are executed at 00:10 every day.

VI. Error analysis

@ ERROR: chdir failed

Rsync error: error starting client-server protocol (code 5) at main.c (1530) [receiver=3.0.6]

Rsync: opendir "." (in xxxxxxx) failed: Permission denied (13)

Solution:

1. Remove all restrictions on rsync imposed by selinux:

# / usr/sbin/setsebool-P rsync_disable_trans 1

# service xinetd restart

2. Be ruthless and prohibit the whole selinux:

# vim / etc/selinux/config

Change the SELINUX=enforcing to SELINUX=disabled

After saving and exiting, restart the machine.

At this point, the rsync server is configured.

At this point, I believe you have a deeper understanding of the "installation and configuration of rsync server in CentOS6". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.