Sorry, it seems the base version of rrsync I used is quite old compared to the current one, and I can't pinpoint which modifications are mine and which are 'upstream'. All I can say is that:
- the attached version works with BackupPC 4.3.2, using the following command line in the client's authorized_keys: command="$HOME/.bin/rrsync_bkpc -ro /path/to/backup",from="192.168.1.2",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding - I vaguely remember having added and/or modified the allowed options for rsync in the rrsync script (lines 55 to 139). If there is more than that, I don't remember I hope this helps. Best regards, Guillermo PS: I don't use sudo or root, BackupPC connects as the (only) non-root user of the client using rrsync, restricted to the folder I want to backup (basically the user's home, so there is no need for root access). Even if rrsync is compromised, the remote has no way to gain root access as there is no passwordless sudo configured in the machines. On Wed, Feb 10, 2021 at 10:51 AM Felix Wolters <li...@felix-wolters.com> wrote: > Thank you, Guillermo in advance, this will be great! > > Felix > > > Am 10.02.21 um 14:01 schrieb Guillermo Rozas: > > Hi, > I use rrsync in a couple of clients. You need to slightly modify the > rrsync script to correctly parse BackupPC rsync call, and after that it > will work without problems. Later in the week I'll look into my systems and > post my rrsync modified version. > Regards, > Guillermo > > On Tue, Feb 9, 2021, 13:11 Felix Wolters <li...@felix-wolters.com> wrote: > >> Hello! >> >> Let me first thank you for providing BackupPC as open source software. I >> appreciate it a lot and consider it to be one of the most usefull backup >> systems out there! >> >> I’d like to use it with restricted access to the client, so a >> potentially corrupted BackupPC server wouldn’t be able to damage the >> client machine and data. Using rsync for transfer with a Linux client, >> rrsync (restricted rsync – as part of the rsync package) would be a >> straigt forward solution to restrict an incoming ssh connection to only >> rsync and only a given folder which I will set read only – which would >> perfectly do the trick. Unfortunately, this doesn’t seem to work with >> BackupPC over rsync, as far as I can see. I’m positive rrsync generally >> works on the client as I use it successfully with plain rsync over ssh >> on the same machine. >> >> I’ve seen rare information on the internet about this, and it wouldn’t >> help me so far. >> >> Thank you for some help or instruction! >> >> Best >> >> >> >> _______________________________________________ >> BackupPC-users mailing list >> BackupPC-users@lists.sourceforge.net >> List: https://lists.sourceforge.net/lists/listinfo/backuppc-users >> Wiki: https://github.com/backuppc/backuppc/wiki >> Project: https://backuppc.github.io/backuppc/ >> > > > _______________________________________________ > BackupPC-users mailing listbackuppc-us...@lists.sourceforge.net > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: https://github.com/backuppc/backuppc/wiki > Project: https://backuppc.github.io/backuppc/ > > _______________________________________________ > BackupPC-users mailing list > BackupPC-users@lists.sourceforge.net > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: https://github.com/backuppc/backuppc/wiki > Project: https://backuppc.github.io/backuppc/ >
rrsync_bkpc_mod
Description: Binary data
_______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: https://github.com/backuppc/backuppc/wiki Project: https://backuppc.github.io/backuppc/
