Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Change the user on networked Time Machine backups System
When I first set up Time Machine over the network, I realized that I didn't want the backup to happen using my regular user account, so that I could change my personal password at will. This hint quickly lists the steps you need to go through in order to make the change to an existing sparsebundle, so that you can keep doing incremental backups. It avoids the pain of a full backup after changing the user.

This setup assumes the following: Mac Pro with connected FW800 external drive and MacBook Pro laptop. Mac Pro backs up locally along with the MBP storing a sparsebundle over the network onto the same disk.

First, turn off Time Machine for the device associated with the sparsebundle you are changing. At a high level, the steps are:
  1. Create a new user on the Mac Pro called backup.
  2. Recursively change the permissions on the sparsebundle to include backup.
  3. Check whether the mount works correctly from the MBP.
  4. Turn Time Machine back on.
Read on for the detailed walkthrough...

Create a new user on the Mac Pro called backup

The first order of business is to create a new user from the Account Preferences screen. I created one with the name of Time Machine and used the username of backup. I also selected the option to make this account a "sharing-only" type, because I am not planning on using the account to login.

Recursively change the permissions on the sparsebundle to include "backup".

This is the tricky part. Yes, you can chown -R backup *sparsebundle on the sparsebundle you are working with, but then you lose the ability to look at it with your personal user account. So, I used the ACL facilities of chmod to add the new backup user into the mix.
$ cd /Volumes
$ sudo find Bob\'s\ MacBook\ Pro.sparsebundle -type d -exec chmod +a \
    "backup allow read,write,list,add_file,search,add_subdirectory,readattr,writeattr,readextattr,writeextattr,readsecurity" {} \; 
$ sudo find Bob\'s\ MacBook\ Pro.sparsebundle -type f -exec chmod +a \
    "backup allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity" {} \;
Check whether the mount works correctly from the MBP.

Mount the network share using the backup user and subsequently, try to mount the sparsebundle that is stored within. If you see a folder icon with a red circle to the lower right, the permissions are messed up. Go back to the Mac Pro and use ls -le to check out what the ACLs are on the folder.

If you don't know how to flip over from your personal account to backup on the MBP, you can open up Keychain and delete the password from the System keychain. This will force Finder or Time Machine to re-authenticate.

Turn Time Machine back on.

If you can mount via Folder, Time Machine will work. Turn it on and enjoy an incremental backup using your new user.

[robg adds: I haven't tested this one.]
    •    
  • Currently 1.75 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (16 votes cast)
 
[8,421 views]  

Change the user on networked Time Machine backups | 4 comments | Create New Account
Click here to return to the 'Change the user on networked Time Machine backups' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Change the user on networked Time Machine backups
Authored by: mdzorn on Dec 10, '09 10:16:51AM

I may have missed something in your post, but on my computers Time Machine backups are not tied to a particular user. The top directory is owned by the System and it backs up everything on your disk (excluding files in your exclude list of course).

So I don't understand why you need to add a "backup" user. Access to your user account is tied to your userid, not your password. A file owned by <user> is still owned and available to <user> after a password change. Unix permissions (which underlie MacOSX) remember userid and groupid, not the passwd.



[ Reply to This | # ]
This is my understanding as well
Authored by: hamarkus on Dec 10, '09 12:58:50PM

UID is what counts. Which incidentally can cause problems if for some reason the UID of your account changes (when you move to a new computer this can happen if you don't watch out).

Edited on Dec 10, '09 01:00:36PM by hamarkus



[ Reply to This | # ]
Change the user on networked Time Machine backups - useful after all?
Authored by: kopf on Dec 12, '09 07:09:02PM

If I understand the hint correctly, it's not about *local* access to the Time Machine backup on the Mac being backed up (MacBook Pro?, I'll call it MacB). It is about the remote volume hosted on the other (Mac Pro?, I'll call it MacS). So chill with your derogatory ratings ;-)

In order for Time Machine to mount the sparsebundle on MacB, it needs an account on MacS and its password (saved in the local MacB keychain). If that is set up with one of the regular users on MacS, changing that account's password on MacS will break the ability to mount "Backup of MacB" on MacB's desktop. I'm not sure if it will just fail or ask for the password again (which the MacB user may not know).

The hint therefore is about changing access to the sparsebundle using a generic "backup" user on MacS whose password can stay unchanged, given the limited access rights.

(I hope I got that right - phew ...)



[ Reply to This | # ]
Change the user on networked Time Machine backups
Authored by: hamarkus on Dec 10, '09 01:08:26PM

I have successfully migrated a TM backup from an existing TC disk to a new disk I put into the TC via SuperDuper. To do this, let TM start a new backup on your new disk (with the new disk inside the TC), cancel it after a few seconds. Then manually mount the old and the new image and use SD to copy the old image to the new one.



[ Reply to This | # ]