If not created already, assign the user a home directory. Therefore the default login shell needs to reflect this. On the remote system/Pi/server: # vim /etc/ssh/sshd_config PasswordAuthentication yes # systemctl restart sshīackintime uses SSH, so the user accounts need to be allowed to login. If you have disabled passwords and are only using keys, you will need to temporarily change the security settings to allow Backintime to exchange keys. Backintime setup Configuring Backintime Prepare users Some notes of things to check from the server side (Time Capsule server):
If you go to your Mac’s Time Machine preferences the new volume will be available and you can start using it. # vim /etc/netatalk/afp.conf Ĭheck configuration and reload if needed: # systemctl status avahi-daemon If you are running an older version go ahead, otherwise jump to the next section.Ĭreate /etc/avahi/services/rvice as root # vim /etc/avahi/services/rviceĮdit the configuration file. Note that if you are running Netatalk 3.1.11 or above it is not necessary any more to create the /etc/avahi/services/rvice. To this: hosts: files mdns4_minimal dns mdns4 mdns Server messages path: /var/lib/netatalk/msg/ Configure netatalk # vim /etc/nfĬhange this line: hosts: files mdns4_minimal dns Restart the service: # systemctl restart netatalkĬheck that netatalk has been installed correctly: # afpd -VĪfpd 3.1.12 - Apple Filing Protocol (AFP) daemon of NetatalkĪfpd has been compiled with support for these features:Īfp_nf: /var/lib/netatalk/afp_nfĪfp_nf: /var/lib/netatalk/afp_nf Note that you can give the capsule a name with spaces above. # vim /etc/netatalk/faultĮnter the following: /backups/timecapsule "pi-capsule" options:tm
Netatalk drive not showing up install#
# apt install netatalkĪllow access to all the appropriate accounts to the directory where the backups are going to be written to: # chown :timemachine_john /backups/timecapsule/Įdit the settings of the netatalk service so that that share can be seen with the name of your choice and work as a Time Capsule server. # groupmod -g 1012 timemachine Time Capsule Install netatalk # usermod -g timemachine_john -G backupusers timemachine_johnĪlthough not required, you could force the UID and GID to be a specific one. The backup group can access the backintime dataset, but not each other’s data.Īssign main group and secondary group (the secondary group would be the shared one). It is possible to isolate users by assigning them individual datasets, but that might create storage silos.Īn alternative is to create individual users that belong to the same backup group.
If more than one system is going to be backed up it is advisable to use different accounts for each. If required, the default shell can be changed with: # usermod -s /usr/sbin/nologin timemachine_john Setting up backup user groups Generic user example: # useradd -s /usr/sbin/nologin timemachineĭedicated user example: # useradd -s /usr/sbin/nologin timemachine_john If there is no entry add it: # vim /etc/shells # /etc/shells: valid login shellsĬreate a generic user for the backups, or dedicated accounts for each user to increase security: We are also creating accounts that can’t login into the system for Time Machine, only authenticate.Ĭheck if there is an entry for nologin in: $ cat /etc/shells As in a given user shouldn’t have any visibility or notion of other users’ backups. You want to keep files and access as isolated as possible. You are going to have to create users for each of the services/users that will be connecting to the server.
I am using a Raspberry Pi that has Ubuntu installed, with a USB disk that has been configured into a ZFS pool. In this post, I am setting up a Time Capsule and Backintime server.
0 kommentar(er)
