Change ownership of OwnCloud file


#1

User case

We are looking to use OwnCloud as a centralized backup point. We have about 30 servers that generate archives locally. Each server has its own OC username/password and uploads its archive using CURL requests. This allows us to have all the files for all our infrastructure backed up in a single point and then, we can simply backup the hard drive of our OC server (or even run multiple OC servers that sync together).

Problems

  1. Security: If a server is compromised, the hacker will have access to the OC username / password and endpoint. He/she can then simply login and pull out all the historical backups.
    • Yes, in theory he/she would have access to the hacked server anyway, but some of our servers archive their data frequently (e.g. user logs for 2015 when we're in 2017 can be stored in something like Amazon Glacier in an encrypted format).
  2. Monitoring: in order for us to ensure all the files are backed-up as expected, we need to login to 30 different OC accounts which is unrealistic.

Solution

We'd like to run a cron job every day on the OC server that changes the ownership of all files to the admin account. This would solve the 2 problems above.

We have tried to move the files around but have had no luck. What is the cleanest way to do this ?

Specs

OC 9.1.4 on Ubuntu


#2

A few remarks:

Do you really think ownCloud is the right software for your use case? There have been quite a few discussions here that ownCloud is not the right tool to be a backup endpoint, see also e.g. [1]. If its just a storage backend it might be not that critical but you still might to re-think your use-case to see if other tools like plain rsync via SSH might fit better into that.

[1] https://owncloud.org/faq/#backup


#3

In 10.0 there is a new occ command which can move selected folders or selected files from one user to another. Not sure how you would exactly script it, but thats the best path likely. Other option: Use a folder which is shared by Admin with each of the clients and take away delete and update rights. In this case your clients an write, but nothing else.
Of course, ownCloud is not really a backup solution :wink: But the above should enhance your use case and it is about syncing and sharing in some ways ...


#4

We saw the following cons of the rsync ssh (or any other file transfer protocol with rsync):
- You need RSync installed on each clients.
- You need to configure RSync on each clients.
- If one client is compromised, then the hacker has a ssh access to your backup server !
- You need to update each node's firewall to allow connection from the master and the master's firewall to allow each nodes.

Current solution offers the following:
- 1-line setup (CURL -XPOST .... ) in a cron and you're good to go.
- Highly segregated: (if I can manage to move the files automatically) a hacker who compromise node x will only have access to an empty OC account...
- Firewall is setup on the backup server only as files are pushed from nodes to the OC endpoint.

The points in OwnCloud's FAQ are invalid in this user case as each archive is kept (e.g. database-2017-01-01.sql , database-2017-01-02.sql etc.), is only used by 1 admin and is replicated in the background (e.g. even if owncloud doesn't work or corrupts the file, we can pull them back from Amazon Glacier and the likes).

When looking at different solutions and trying lots of them, OC actually seemed the best backup solution for an IT infrastructure that's expanding quickly. It is easy to setup (1-click run on most cloud providers and server providers) and offers a working GUI out of the box.

I will try what @hodyroff mentions, see how it integrates. The problem I see is that a hacker with an OC account (e.g. server-007) will have read capacity of all the files in the shared folder so it doesn't help much.

I really think there's a 5-line PHP script that we can pull off and run in a cron, even if it's ugly