Re: [BackupPC-users] escaping command line options

Mon, 20 Feb 2006 07:10:05 -0800 

Well, thanks for the reply.  The command I allow is nice\ -n\ 19\
sudo\ /usr/bin/rsync\ --server*  (notice the splat) because the
command line changes depending on what arguments are passed.  The
actual command is really, really long.  I'd prefer to restrict the
user to only running rsync, but I haven't been successful.  I suppose
I could change the user to be a backup only user (instead of my
userid) and limit via sudo what commands the user can run.  I'd still
like to get the ssh wrapper working just because!

Thanks,
Brian

On 2/20/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
>
> In the message dated: Sat, 18 Feb 2006 23:09:31 EST,
> The pithy ruminations from "Brian Wilson" on
> <[BackupPC-users] escaping command line options> were:
>
>         [SNIP!]
>
> =>
> => Anyways, I'm attempting to do a remote rsync of a machine over ssh
> => with sudo.  The backup is successful as long as I don't use the
> => command="/home/user/bin/rsync-wrapper.sh" directive in my ssh
>
> Duh. I just realized that I didn't read your original posting very closely, 
> and
> told you things that you clearly already know. I'll blame it on the hour of 
> the
> day, and the jet-lag.
>
> I guess I'm still a bit confused...if you're trying to restrict untrusted 
> users
> to just running rsync, why allow them to pass options or command-line 
> arguments
> at all?
>
> Mark
>
> => authorized_keys file.  I am guessing it has something to do with the
> => escaping of things as they get passed to the script.
> =>
>
>         [SNIP!]
>
> =>
> => Thanks,
> => Brian
> =>
> =>
> => -------------------------------------------------------
> => This SF.net email is sponsored by: Splunk Inc. Do you grep through log 
> files
> => for problems?  Stop!  Download the new AJAX search engine that makes
> => searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
> => 
> http://sel.as-us.falkag.net/sel?cmd_______________________________________________
> => BackupPC-users mailing list
> => BackupPC-users@lists.sourceforge.net
> => https://lists.sourceforge.net/lists/listinfo/backuppc-users
> => http://backuppc.sourceforge.net/
> =>
> =>
>
>
>
>


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid3432&bid#0486&dat1642
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/

Reply via email to