Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!clyde.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!apple!usc!elroy.jpl.nasa.gov!sdd.hp.com!news.cs.indiana.edu!purdue!clt From: clt@cs.purdue.EDU (Carrick Talmadge) Newsgroups: comp.sys.next Subject: Re: Don't backup from root ! Message-ID: <12890@medusa.cs.purdue.edu> Date: 5 Jan 91 22:41:45 GMT References: <7u98u2w163w@questor.wimsey.bc.ca> <12886@medusa.cs.purdue.edu> <1092@toaster.SFSU.EDU> Sender: news@cs.purdue.EDU Reply-To: clt@cs.purdue.edu (Carrick Talmadge) Organization: Department of Computer Science, Purdue University Lines: 39 On 5 Jan 91 06:17:38 GMT, eps@toaster.SFSU.EDU (Eric P. Scott) puts his foot in his mouth: Eric> As a previous poster mentioned, this isn't VAX/VMS, and there Eric> ain't no such thing as READALL privilege. What good does read Eric> access to the raw device give you? Nothing!!! What were you Eric> planning to do? Image copy the bits? Good luck ever restoring Eric> anything from *that*. The only way you're going to get anything Eric> useful on backup media is if you read the disk ->through the Eric> filesystem<-. You know what it takes to do that? Eric> Eric> [dramatic pause] Eric> Eric> You have to be root! In article fischer@iesd.auc.dk (Lars P. Fischer) responds: Lars> You write fine dramatic prose, but im sorry to report that it won't Lars> help you; you're quite wrong. "dump" actually reads the raw file Lars> system. It does *not* go through the file system. Why do you think you Lars> specify the raw SCSI device as an argument to dump? Lars> Lars> I've been a UNIX sysadm for quite a few years now, and I can't Lars> remember when I last did an ordinary dump as root. It has worked on Lars> just about every UNIX box I've come a cross -- even on a PC, but don't Lars> tell anyone I said that. Lars> Lars is correct -- dump does not go through the file system to perform backups. This is why it is a fairly efficient means of performing system dumps. It is actually not very difficult to read files directly off of a raw disk device; I have written which does exactly this sort of thing. We *never* perform tape dumps as root on our system [physics.purdue.edu]. We have a user "operator" which has as its login group "operator". Our tape monkey logs into this group to perform the daily incremental backups on our system. And yes, Eric, we are able to successfully restore files dumped via our operator account. Carrick Talmadge clt@physics.purdue.edu clt@hercules.cs.purdue.edu