I am doing rsync backups of our samba shares with a shell script. I wonder what is the best practice about where to actually store such a script? Currently it's residing in the /home of my admin user.
Also, what kind of access rights would a good admin use on such a script? 744 maybe?
I wonder what is the best practice about where to actually store such a script?
/usr/local/bin/ is intended for this.
4.9.1 Purpose
The
/usr/localhierarchy is for use by the system administrator when installing software locally. It needs to be safe from being overwritten when the system software is updated. It may be used for programs and data that are shareable amongst a group of hosts, but not found in/usr.Locally installed software must be placed within
/usr/localrather than/usrunless it is being installed to replace or upgrade software in/usrSoftware placed in / or /usr may be overwritten by system upgrades (though we recommend that distributions do not overwrite data in /etc under these circumstances). For this reason, local software must not be placed outside of /usr/local without good reason.
Also, what kind of access rights would a good admin use on such a script? 744 maybe?
That depends on who is suppose to be able to read, write and/or execute it. If it is only the admin even 700 can be acceptable. If an admin has a group of trusted people that should be able to execute this too 750. If those other also are allowed to edit the file you would need at least 770.
In general I would say: set the permissions as low as possible. People who are suppose to do something with it that can not will complain. People who can do something with it and are not allowed to will keep quiet. Better to be on the safe side and start with 700 (admin only) or 740 (group can read) or 750 (group can read, execute).
