Using sudo on a remote rsync session (via ssh)

I have been using rsync to back up almost a dozen servers for years now and I am convinced that it is the best solution for remote back ups. A couple of months ago I ran into a situation where I need to rely on one of those backups and everything went expected.... well, sort of. All of my data was there and I was able to get things back up and running on a new server in only a few hours but it would have been much quicker if the permissions and file ownership was preserved. Once I got the system back up and running I wanted to make sure my the back up process was going to start preserving the file permissions and ownership. I found that the to accomplish this you absolutely had to be putting the files on the remote server as root. Of course, this is a security concern. The solution was permitting the rsync process to have access to sudo.

Step 1:
On the server that is receiving the back ups you need to add the following line to the /etc/sudoers file (according to Johannes in comments this needs to be the last line -- thanks):

• username ALL= NOPASSWD:/usr/bin/rsync

You will, of course, want to replace "username" with the user that the sending server will be logging in as through the rsync process. Step 2: Now you'll need to make sure that your rsync command is using the -a flag and then use the --rsync-path flag to tell it to run the rsync process on the remote via sudo. Here is an example command line:

• rsync -av -e "ssh" --rsync-path="sudo rsync" /source/ user@server.com:/destination/

You're all set You can combine this with using automated SSH login keys. Also, I want to note that this can compromise security in some scenarios.

Reference Link