28 lines
1001 B
Markdown
28 lines
1001 B
Markdown
# ZFS SnapZD
|
|
|
|
I guess I'm rewriting Sanoid/Syncoid because I don't want 100 perl AURs on my machine
|
|
|
|
|
|
# Notes
|
|
|
|
There are two programs included in this package
|
|
|
|
## snapzd
|
|
|
|
Main program responsible for taking snapshot and managing ZFS datasets
|
|
|
|
## snapzr
|
|
|
|
snapz reciever responsible for recieving snapshots. This must be installed on the target machine
|
|
|
|
## Info
|
|
|
|
`snapzd` should be run as root
|
|
`snapzr` can be run as root, but this encourages root ssh, so maybe don't do that. Instead, create a role account on the target machine called `snapz` and a group `snapzr`. The `snapzr` binary should have the `setuid` flag set.
|
|
as root:
|
|
```
|
|
$ chown root:snapzr snapzr
|
|
$ chmod 4650 snapzr
|
|
```
|
|
if this is done, only users in the snapzr group can run `snapzr`. The binary WILL RUN AS ROOT. To ensure it's secure, `snapzr` has limited functionality - it takes just the name of the dataset to overwrite with the snapshot. This is configured in `/etc/snapzd/recv/targets.yaml`. This file should be owned by root.
|