Home Forums OS X Server and Client Discussion Questions and Answers logout rsync 10.6

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • May 21, 2010 at 4:00 pm #378629
    cmra
    Participant

    we are planning on using rsync as a replacement for mobile acc syncing in 10,6. (the reasons are outlined in my post in the AD integration forum) The setup is the classic magic triangle,

    We have enabled kerberized ssh to allow rsync without password prompting
    Our afp server is kerberos only

    I have created 2 launch agents one which syncs user data from server on login and one which syncs data every n minutes back to the server. All very nice but in replicating the functionality of the mobile syncing I need to run the rsync command on logout also. This seems to be the tricky bit! we cant run a logout hook or logout script as these both run as root and wont have the users TGT. There does not seem to be a way of doing this via a daemon unless Im mistaken? I have looked at etc/rc.shutdown which is only useful for when as the name suggests shutting down the machine and it seems at somepoint (pre launchd?) there was a .logout file in the user folder which I assume is deprecated. Has anyone else here tackled this?

    May 25, 2010 at 3:30 pm #378639
    cmra
    Participant

    Ok we have found a solution to this using the mcx logoutscript

    As we all know logout scripts run as the root user and you can pass the login username in with username=${1}

    but if we try to run an rsync as the login user (using kerberized ssh) it doesn’t find the correct tickets for the user as its still trying to run the command as the root user

    Solution,we fork out a background session as the login user
    ———————————————————————————————-
    #Note the & symbol which forks out the session

    echo “forking out session for user” &

    rsync -avuF –exclude=Library –exclude=.Trash –delete /Users/$username/ [email protected]:/Volumes/DATA/Homes/$username
    —————————————————————————————————————————————————-
    This will then rsync as the login user with the correct tickets, you can run a klist in the logout script to test this. The users principals should then be listed in the system.log on the client.

    Note: this doesn’t work with a login script, only on logout with Magic Triangle 10.6.3 due to the flaky kerberos problems on the client (see my post in the Active Directory Forum)

    July 26, 2010 at 5:48 am #379179
    yagmot
    Participant

    I always thought you use the ampersand at the end of a command that you would like to run as a background process. So shouldn’t your command be some like [code]rsync -whatever somestuff &[/code]? or am i completely missing what you’re doing here with the ampersand?

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.