Linux-Rsync环境搭建

操作系统：Centos 7.1

Server端环境搭建：

第一步：安装rsync包

[root@localhost etc]# yum install rsync

第二步：创建三个文件：

[root@localhost etc]# ls rsync*

rsyncd.conf  rsyncd.motd  rsyncd.secrets

1）rsyncd.conf内容：

[root@localhost etc]# cat rsyncd.conf 

# /etc/rsyncd: configuration file for rsync daemon mode

# See rsyncd.conf man page for more options.

# configuration example:

# uid = nobody

# gid = nobody

# use chroot = yes

# max connections = 4

# pid file = /var/run/rsyncd.pid

# exclude = lost+found/

# transfer logging = yes

# timeout = 900

# ignore nonreadable = yes

# dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2

# [ftp]

#        path = /home/ftp

#        comment = ftp export area

#####Vincent Audited#########

pid file = /var/run/rsyncd.pid   

address = 10.1.3.24

port = 873

#uid = nobody 

#gid = nobody    

uid = root   

gid = root  

use chroot = yes

read only = yes

#limit access to private LANs

hosts allow=10.1.2.0/255.255.255.0

hosts deny=*

max connections = 20

motd file = /etc/rsyncd.motd

#This will give you a separate log file

log file = /var/log/rsync.log

#This will log every file transferred - up to 85,000+ per user, per sync

#transfer logging = yes

log format = %t %a %m %f %b

syslog facility = local3

timeout = 600

[server01]   

path = /home/owvm/media/Machines    

list = yes

#ignore errors 

auth users = root

secrets file = /etc/rsyncd.secrets

comment = Owtware Machines Folder Backup Server01(192.168.10.11) to Server02(192.168.10.12)

####Vincent Audited######

2）rsyncd.motd文件内容：

[root@localhost etc]# cat rsyncd.motd 

#############################

Welcome to RSYNC Server01

#############################

3）rsyncd.secrets文件内容：

[root@localhost etc]# cat rsyncd.secrets 

root:password

[root@localhost etc]# cat /etc/init.d/rsync 

# default: off

　　# description: The rsync server is a good addition to am ftp server, as it \

　　#       allows crc checksumming etc.

　　service rsync

　　{

        disable = no

        socket_type     = stream

        wait            = no

        user            = root

        server          = /usr/bin/rsync

        server_args     = --daemon

        log_on_failure  += USERID

　　}

第三步：设置rsyncd服务开机启动：

[root@localhost etc]# systemctl enable rsyncd.service

ln -s '/usr/lib/systemd/system/rsyncd.service' '/etc/systemd/system/multi-user.target.wants/rsyncd.service'

第四步：启动rsyncd服务

[root@localhost etc]# service rsyncd restart

Redirecting to /bin/systemctl restart  rsyncd.service

第五步：查看rsyncd服务状态

[root@localhost etc]# service rsyncd status

Redirecting to /bin/systemctl status  rsyncd.service

rsyncd.service - fast remote file copy program daemon

   Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled)

   Active: active (running) since 五 2016-04-15 18:38:46 CST; 11s ago

 Main PID: 29210 (rsync)

   CGroup: /system.slice/rsyncd.service

           └─29210 /usr/bin/rsync --daemon --no-detach

4月 15 18:38:46 localhost systemd[1]: Starting fast remote file copy program daemon...

4月 15 18:38:46 localhost systemd[1]: Started fast remote file copy program daemon.

第六步：修改防火规则：

[root@localhost etc]# vi /etc/sysconfig/iptables

# Firewall configuration written by Owtware setup.

# Manual customization of this file is not recommended.

# If customizations needed, make sure the rules are written beyond OWTWARE RULES REGION.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

# OWTWARE RULES REGION START

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp -i eno2 --dport 9067 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp -i eno2 --dport 9068 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 2443 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp -i eno2 --dport 9800 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp -i eno2 --dport 3306 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp -i eno2 --dport 80 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp -i eno2 --dport 9000 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp -i eno2 --dport 7101 -j ACCEPT

# OWTWARE RULES REGION END

#-A INPUT -m state --state NEW -m udp -p udp --dport 873 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 873 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

第七步：重启防火墙服务

[root@localhost etc]# service iptables restart

Redirecting to /bin/systemctl restart  iptables.service

---

Client端环境搭建：

第一步：设置密码文件权限，必须设置为600：

[root@localhost ~]# chmod 600 /etc/rsyncd.pw

[root@localhost ~]# rsync --list-only --password-file=/etc/rsyncd.pw [email protected]::server01

#############################

Welcome to RSYNC Server01

#############################

drwxrwxrwx        4096 2016/04/15 10:32:56 .

drwxr-xr-x        4096 2016/04/15 13:30:35 1ae9bbeb-085c-ce68-db6a-00002de675c9

drwxr-xr-x        4096 2016/04/15 10:39:22 5adf3137-3fc4-d848-db67-00002bc019d3