Full-system backups without root on Linux
When running a Linux system, you often want to create full-system backups. However, running processes as root is generally bad practice. This article looks at how to run a full-system backup as a non-root user. Capabilities primer Linux has a concept of capabilities, which are fine-grained privileges that can be granted to processes and executable files. The capabilities(7) man page has a good summary: For the purpose of performing permission checks, traditional UNIX implementations distinguish two categories of processes: privileged processes (whose effective user ID is 0, referred to as superuser or root), and unprivileged processes (whose effective UID is non‐zero)....