From 98cb7f5822cdff5c48392314ab5a15487e4baf46 Mon Sep 17 00:00:00 2001 From: Fuxino Date: Wed, 31 May 2023 20:39:03 +0200 Subject: [PATCH] Fix ssh authentication when running with sudo --- README.md | 10 ++++++++-- simple_backup/simple_backup.py | 6 ++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 266b844..df0dcb2 100644 --- a/README.md +++ b/README.md @@ -49,8 +49,14 @@ After installing, copy simple_backup.conf (if you used the PKGBUILD on Arch, it > **Warning** > This feature is experimental -It's possible to use a remote server as destination for the backup. Just use the --username and --host arguments (or set them in the configuration file). +It's possible to use a remote server as destination for the backup. Just use the --username (or -u) and --host arguments (or set them in the configuration file). For this to work, rsync must be installed on the server too. ### Server authentication -Right now only authentication using SSH key works. If an ssh-agent is running on your system, available ssh keys will be used automatically. Otherwise, it's possible to specify the key location. Note that if no ssh agent is running, it might be necessary to unlock the private key more than once. +Right now only authentication using SSH key works. If an ssh-agent is running on your system, available ssh keys will be used automatically. Otherwise, it's possible to specify the key location with --keyfile or in the configuration file. Note that if no ssh agent is running, it might be necessary to unlock the private key more than once. + +To be able to connect to the user authentication agent when running simple_backup with sudo, use: + +```bash +sudo --preserve-env=SSH_AUTH_SOCK -s simple_backup [options] +``` diff --git a/simple_backup/simple_backup.py b/simple_backup/simple_backup.py index 5c98c33..06e42a5 100755 --- a/simple_backup/simple_backup.py +++ b/simple_backup/simple_backup.py @@ -425,6 +425,9 @@ class Backup: f'{self._exclude_path} --files-from={self._inputs_path} / "{self._server}{self._output_dir}" ' +\ '--ignore-missing-args --mkpath --protect-args' + if euid == 0 and self.ssh_keyfile is not None: + rsync = f'{rsync} -e \'ssh -i {self.ssh_keyfile}\'' + args = shlex.split(rsync) with Popen(args, stdin=PIPE, stdout=PIPE, stderr=STDOUT, shell=False) as p: @@ -436,8 +439,7 @@ class Backup: output = output.decode("utf-8").split('\n') if self._err_flag: - logger.error('rsync: %s', output[-3]) - logger.error('rsync: %s', output[-2]) + logger.error('rsync: %s', output) else: logger.info('rsync: %s', output[-3]) logger.info('rsync: %s', output[-2])