Subject: Re: standard operating procedure for doing backups as 'operator'
To: Jim Breton <>
From: Ian P.Thomas <>
List: netbsd-users
Date: 01/16/2002 00:23:23
On Tuesday, January 15, 2002, at 08:58 PM, Jim Breton wrote:

> Hey folks.. I'm getting off my butt and have started doing some backups.
> I understand that the 'operator' user is intended to be used for this
> purpose, doing dumps and so forth.
> How do people normally use this account (with ssh) to perform this?
> On one pair of machines I've given operator a shell of /bin/sh, left his
> home dir as /, and created /.ssh/ and /.ssh/authorized_keys.  That
> works, but is there some cleaner and/or safer way that I'm missing?
> Maybe one that doesn't require giving that account a valid shell?
> (While still using ssh of course.)  I would like to make it as
> restrictive as possible while still being able to get the job done.
> Just looking for advice.  Thanks.
	You could set up your sudoers file to allow your user to run backup 
commands as root.  You can even have it not ask for a password, which is 
convenient if you have scripts set up to do it.  If you want to automate 
it, you can setup a cron job.  This eliminates the need for another 
user, operator.  You could make it restrictive so that your normal user 
could only run backup commands as root and nothing else.

Ian P. Thomas

Do You Yahoo!?
Get your free address at