Full-system backups without root on Linux

When running a Linux system, you often want to create full-system backups. However, running processes as root is generally bad practice. This article looks at how to run a full-system backup as a non-root user. Capabilities primer Linux has a concept of capabilities, which are fine-grained privileges that can be granted to processes and executable files. The capabilities(7) man page has a good summary: For the purpose of performing permission checks, traditional UNIX implementations distinguish two categories of processes: privileged processes (whose effective user ID is 0, referred to as superuser or root), and unprivileged processes (whose effective UID is non‐zero)....

June 1, 2025 · 7 min · Kian Kasad

Start Docker containers on-demand with systemd socket activation

If you have a Docker container which is running all the time but is used infrequently, it may be a good idea to start the container only when a connection is received. This is particularly useful for resource-intensive servers. In my case, I use this for a Minecraft server, which can take several gigabytes of memory even when idle, so I want to keep it running as little as possible....

June 17, 2024 · 7 min · Kian Kasad