我有一個想要備份的 Docker 伺服器。我的部署資料夾具有非常特定的所有權和權限來支援我的容器:
$ ls -lhaF /opt/docker
total 32K
drwxr-xr-x 7 devops devops 4.0K Aug 23 02:34 ./
drwxr-xr-x 6 root root 4.0K Aug 23 04:20 ../
drwxrwxr-x 2 devops devops 4.0K Aug 21 00:00 .certs/
drwxrwxr-x 2 devops devops 4.0K Aug 23 03:53 .scripts/
-rw-rw-r-- 1 devops devops 1.2K Aug 21 01:52 docker-compose.yml
drwxrwxr-x 4 1000 1000 4.0K Aug 21 02:05 minecraft/
drwxrwxr-x 4 devops devops 4.0K Aug 20 23:38 pihole/
drwx------ 19 70 70 4.0K Aug 19 01:31 postgres/
然後我嘗試使用以下命令壓縮該資料夾。據我所知,保留檔案權限/所有權需要tar
以 root/sudo 身分執行:
$ sudo tar -czpf "/tmp/server-backup.tar.gz" --directory="/opt/docker" .
此命令壓縮資料夾,但檢查 .tar.gz 顯示所有資料夾的所有權現在都是 root:
$ tar -tvf /tmp/server-backup.tar.gz
drwxr-xr-x root/root 0 2021-08-23 12:10 ./
drwxr-xr-x root/root 0 2021-08-23 12:10 ./minecraft/
-rw-r--r-- root/root 2 2021-08-23 12:10 ./minecraft/whitelist.json
-rw-r--r-- root/root 111 2021-08-23 12:10 ./minecraft/usercache.json
-rw-r--r-- root/root 1204 2021-08-23 12:10 ./minecraft/server.properties
-rw-r--r-- root/root 43626592 2021-08-23 12:10 ./minecraft/minecraft_server.1.17.1.jar
-rw-r--r-- root/root 68 2021-08-23 12:10 ./minecraft/eula.txt
-rw-r--r-- root/root 2 2021-08-23 12:10 ./minecraft/banned-players.json
-rw-r--r-- root/root 2 2021-08-23 12:10 ./minecraft/banned-ips.json
# -- Other minecraft files
drwxr-xr-x root/root 0 2021-08-23 12:10 ./.certs/
# -- Certs folder contents redacted
drwx------ root/root 0 2021-08-23 12:10 ./postgres/
drwx------ root/root 0 2021-08-23 12:10 ./postgres/pg_subtrans/
-rw------- root/root 8192 2021-08-23 12:10 ./postgres/pg_subtrans/0000
drwx------ root/root 0 2021-08-23 12:10 ./postgres/pg_multixact/
drwx------ root/root 0 2021-08-23 12:10 ./postgres/pg_multixact/offsets/
-rw------- root/root 8192 2021-08-23 12:10 ./postgres/pg_multixact/offsets/0000
drwx------ root/root 0 2021-08-23 12:10 ./postgres/pg_multixact/members/
-rw------- root/root 8192 2021-08-23 12:10 ./postgres/pg_multixact/members/0000
drwx------ root/root 0 2021-08-23 12:10 ./postgres/pg_xact/
-rw------- root/root 8192 2021-08-23 12:10 ./postgres/pg_xact/0000
# -- Other postgres files
drwxr-xr-x root/root 0 2021-08-23 12:10 ./pihole/
drwxr-xr-x root/root 0 2021-08-23 12:10 ./pihole/etc-pihole/
-rw-r--r-- root/root 0 2021-08-23 12:10 ./pihole/etc-pihole/custom.list
-rw-r--r-- root/root 5201920 2021-08-23 12:10 ./pihole/etc-pihole/gravity.db
-rw-r--r-- root/root 485 2021-08-23 12:10 ./pihole/etc-pihole/setupVars.conf
-rw-r--r-- root/root 0 2021-08-23 12:10 ./pihole/etc-pihole/setupVars.conf.update.bak
-rw-r--r-- root/root 1812161 2021-08-23 12:10 ./pihole/etc-pihole/list.1.raw.githubusercontent.com.domains
-rw-r--r-- root/root 73728 2021-08-23 12:10 ./pihole/etc-pihole/pihole-FTL.db
-rw-r--r-- root/root 0 2021-08-23 12:10 ./pihole/etc-pihole/pihole-FTL.conf
-rw-r--r-- root/root 37 2021-08-23 12:10 ./pihole/etc-pihole/local.list
-rw-r--r-- root/root 95 2021-08-23 12:10 ./pihole/etc-pihole/list.1.raw.githubusercontent.com.domains.sha1
-rw-r--r-- root/root 20 2021-08-23 12:10 ./pihole/etc-pihole/localbranches
drwxr-xr-x root/root 0 2021-08-23 12:10 ./pihole/etc-pihole/migration_backup/
-rw-r--r-- root/root 65 2021-08-23 12:10 ./pihole/etc-pihole/migration_backup/adlists.list
-rw-r--r-- root/root 618 2021-08-23 12:10 ./pihole/etc-pihole/dns-servers.conf
-rw-r--r-- root/root 20 2021-08-23 12:10 ./pihole/etc-pihole/GitHubVersions
-rw-r--r-- root/root 44 2021-08-23 12:10 ./pihole/etc-pihole/localversions
drwxr-xr-x root/root 0 2021-08-23 12:10 ./pihole/etc-dnsmasq.d/
-rw-r--r-- root/root 1475 2021-08-23 12:10 ./pihole/etc-dnsmasq.d/01-pihole.conf
drwxr-xr-x root/root 0 2021-08-23 12:10 ./.scripts/
-rwxr-xr-x root/root 1638 2021-08-23 12:10 ./.scripts/create-backup.sh
-rwxr-xr-x root/root 511 2021-08-23 12:10 ./.scripts/new-cert-pihole.sh
-rwxr-xr-x root/root 345 2021-08-23 12:10 ./.scripts/fix-permissions.sh
-rw-r--r-- root/root 1170 2021-08-23 12:10 ./docker-compose.yml
如果我嘗試提取 .tar.gz 文件,我們可以確認所有所有權都已遺失:
$ sudo mkdir /tmp/server-backup
$ sudo tar -xzpf /tmp/server-backup.tar.gz --directory=/tmp/server-backup
$ ls -lhaF /tmp/server-backup
total 32K
drwxr-xr-x 7 root root 4.0K Aug 23 12:10 ./
drwxrwxrwt 13 root root 4.0K Aug 23 12:16 ../
drwxr-xr-x 2 root root 4.0K Aug 23 12:10 .certs/
drwxr-xr-x 2 root root 4.0K Aug 23 12:10 .scripts/
-rw-r--r-- 1 root root 1.2K Aug 23 12:10 docker-compose.yml
drwxr-xr-x 4 root root 4.0K Aug 23 12:10 minecraft/
drwxr-xr-x 4 root root 4.0K Aug 23 12:10 pihole/
drwx------ 19 root root 4.0K Aug 23 12:10 postgres/
根據我的發現,保留所有權和權限應該是tar
.我在這裡缺少什麼嗎?我希望能夠備份伺服器的狀態,而不會弄亂我運行的某些 Docker 容器所需的微妙檔案所有權。
系統資訊:
$ lsb_release -d
Description: Ubuntu 20.04.3 LTS
$ uname -a
Linux rpi-1 5.4.0-1042-raspi #46-Ubuntu SMP PREEMPT Fri Jul 30 00:35:40 UTC 2021 aarch64 aarch64 aarch64 GNU/Linux
答案1
看來,tar
罪魁禍首不是這裡。這是用於備份我的部署資料夾的較大腳本的一部分。我在壓縮之前複製了資料夾,以避免容器仍在運行時讀取不一致。該腳本包含以下內容:
cp -R "/opt/docker" "/tmp/server-backup"
tar -czf "/tmp/server-backup.tar.gz" --directory="/tmp/server-backup" .
資料夾複製期間檔案所有權遺失。-p
需要該標誌來保留資料夾副本的權限/所有權。正確的命令是這樣的:
cp -Rp "/opt/docker" "/tmp/server-backup"
tar -czf "/tmp/server-backup.tar.gz" --directory="/tmp/server-backup" .