Craig Barrat wrote:
> > But I hit a snag with rsyncd authentication: I'm getting an "auth required, > > but service <XXX> is open/insecure" error. I'm copying some files (would it > > be better if I attached them?), suitably sanitized, to see if anything > > rings a bell with somebody that can help me. I don't have much experience > > with rsyncd, so I'm hoping it'll be obvious to somebody else with more > > experience. > > > > [...] > > But I really don't recommend that. Instead you should configure > rsyncd with a password: > > > The client's /etc/rsyncd.conf: > > > > gid = users > > read only = true > > use chroot = true > > transfer logging = true > > log format = %h %o %f %l %b > > log file = /var/log/rsyncd.log > > #hosts allow = trusted.hosts > > hosts allow = <IP address of BackupPC server> > > slp refresh = 300 > > > > #[Example] > > # path = /home/Example > > # comment = An Example > > # auth users = user > > # secrets file = /etc/rsyncd.secrets > > > > [...] > > You need to specify "secrets file", "strict modes = false", > and "auth users". Thanks a lot for that, it would have taken me for ever to find out. I'm going to be traveling for the rest of the week, so I won't get to this until next week. I'll report then what happens with those changes. > > By the way, Craig may be cringing at the way I'm butchering the > > config file, and adding all kinds of extraneous stuff. I don't > > like it myself, but it seemed the quickest way to explore the > > idea of automatic backup chunking. Any ideas welcome. > > Putting perl code in the config file has some drawbacks. First, it won't > work with the new config editor (but that's not released yet). Second, > any code that takes time to execute (eg: contacting a client to list its > modules) will make the CGI script run slowly since it is read on every > request specific to that client. Ah, that's a great point. I didn't realize the config file is read every CGI request for a client, not every dump. That approach, then, is a no-no, because I am pretty sure the chunking code will take significant time to run. > A better approach is to add new (static) config variables and > add the appropriate code to the rsync xfer method. Or you > could use some kind of magic string (eg: "*") for the rsync > share name, and take that to mean use the module list for > the rsync share names. I eventually would prefer something like that, even if only on the grounds of config file cleanliness. Bernardo ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ BackupPC-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/
