MobileUserSync started out as just a GUI application to manually copy a local Home directory to a server for backup purposes. The script that does the actual syncing was also called via cron to run the backup on a schedule. But since most of our Mobile Users (laptop users all) were on the go, the script would fail often as the machine was not connected to the network when the cron job would fire off. MobileUserSync then grew into what you see now.
The desire was to allow a single machine to be as flexible as possible, allowing MobileUserSync to be used in as many cases as possible. This led to the ability to sync any user of the system individually from any other. Each user has their own MobileUserSync preferences, and their information will be synced specified by their preference files. Each user has their own list of files to exclude from the sync process, as well as a list of directories to specifically sync (These are rooted in the users Home directory so nothing outside the users Home is synced)
When a local user logs out from a system that has MobileUserSync configured on it, the user will be presented with a configuration dialog. This states that if you DO NOT want to sync the current user to cancel this step, otherwise in 5 seconds the account will be automatically configured to sync to the defaults specified on installation of the system.This allows for both great flexibility and mass deployment capability.
Each system is now synced on logout, and each user is trained to log out every time they disconnect from our network and every evening.
Each User has their own preferences, initially set to the defaults you as administrator create on system installation (either directly on the machine or distributing the package via ARD or like tool) You can customize any users preferences by using the GUI Application in the /Applications Folder)
The idea came up to use the ldap information to determine most of the settings for the sync process. It was determined that the tool would be more flexible and able to be used in more instances if this was not done. It may be added in future as an optional configuration.
What it does:
MobileUserSync is triggered by a LogoutHook much like the Windows Offline Files/Folders action. But because the LogoutHook is run after the user actually logs off the machine it is run as root, not the latest user. MobileUserSync knows who the last logged on user was (it’s stored in “/Library/Preferences/com.apple.loginwindow.plist”) and will go to that user’s Library/Preferences to pull the preferences for the current sync action. It then rsync’s the users set of selected directories to the server/path found in the users preferences.
The process looks like this:
- LogoutHook calls the LOMobileUserSyncExecute script which is in MibleUserSync.app bundle in /Applications this MUST NOT BE MOVED)
- LOMobileUserSyncExecute Determines the latest user (from “/Library/Preferences/com.apple.loginwindow.plist”)
- It looks for the preference file and a skip file to see if the user has selected to be skipped (this would be done by the admin accounts etc.)
- Check to see if the user is configured.
- If yes proceed to the sync step.
- If not then it runs the LIMobileUserSync script to push the default preferences to the user’s Preferences folder.
- Use the Users preferences to determine:
- Directories to include
- Directories/Files to exclude
- Server location and path on server to backup destination
- users password for ssh
- Once MobileUserSync has all it’s necessary information it determines whether the destination server is known to the root account (looks for it in var/root/.ssh/known_hosts) if it is not it puts the server key into the known_hosts file.
- Next it determines if the users password is present in the user preferences, or if the last sync attempt failed, possibly due to a password change.
- If failure is detected or no password is found it presents a dialog box asking for the users current server password.
- Next it builds an expect script to run the rsync over ssh logging in as the user with user’s password. The expect script logs to a local tmp file which is then parsed and emailed to the backup administrator on completion if this preference was detected. This expect script is stored in the users/Library/Preferences folder.
- It then runs the expect script and removes it after completion.
rsync is used as the backup/sync tool
rsync hfs+ additions as described here.
iHook is used to provide a GUI for the LogoutHook rsync process
Pashua is used to provide the GUI for the configuration (the Main Application Bundle in /Applications) and the password request dialog
Platypus is used to build the Application bundle
IceBurg is used to build the Installer Package.