Hi Nick, Just in case you aren't already aware of it, there is a tool that limits rsync to particular directories:
rrsync - Restricts rsync to subdirectory declared in .ssh/authorized_keys https://www.samba.org/ftp/unpacked/rsync/support/rrsync There is also a generic tool (I wrote this one) for limiting incoming ssh commands to a fixed list of specific actual commands (with semi-automatic learning of commands based on observed behaviour during training mode): sshdo - controls which commands may be executed via incoming ssh http://raf.org/sshdo https://github.com/raforg/sshdo And another (less easy to use) generic alternative: authprogs - SSH Command Authenticator https://github.com/daethnir/authprogs I don't know if any of the above commands would give you what you want but they might. Suggestion: If the above won't do what you need, I'd suggest different syntax. I don't like a directive that starts with "refuse options" and then is mostly followed by the options that are allowed. It's really saying refuse all options except the following. I think it would be more intuitive if it looked like: allowed options = verbose archive and the presence of "allowed options" in rsyncd.conf causes all other options (not present in that or any other "allowed options" directive) to be disallowed. Just a thought. A potential problem with your approach I imagine is that it would apply equally to all local users but different users might have different use cases. The tools mentioned above would support handling different users distinctly. cheers, raf Nick Cleaton via rsync wrote: > This adds support for whitelisting the acceptable options in the > "refuse options" setting in rsyncd.conf. It introduces "!" as a > special option string that refuses most options and interprets > any following strings as patterns of options to allow. > > For example, to allow only verbose and archive: > > refuse options = ! verbose archive > > The "!" does't refuse no-iconv, but you can still refuse it and > use a whitelist if you want: > > refuse options = no-iconv ! verbose archive > > It's not finished (needs tests and doc) I just wanted to see if > there'd be any interest in merging something of this shape > before I put more work into it. > > My use case is setting up a restricted trust relationship by > allowing host A to ssh to host B with a forced command of > "rsync --server --daemon --config=/path/to/rsyncd.conf ." and > configuring the restictions in rsyncd.conf. I know what options > I want to use, it'd be nice to enforce that on the server side > without listing every other option in "refuse options". -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html