Ok I have an rsync running successfully from an automounting windows cifs share. I run the rsync command just fine, now I want to secure it..I have the share mounting in a zfs file system and I am backing up to that same file system. My question is this. lets say the file system is zfssystem mounted in root directory. I want to make it so that only rsync can execute in that directory and nothing else. so if I disable execution by everything except root (I dont want rsync to run as root tho), then rsync cannot run. How would I make it so that execution is disabled, but somehow add an exception for rsync and rsync ONLY.
for instance: /zfssystem is: rwx _ _ _ _ _ _. (I can only access both the share and the backup directories as root as they are both mounted/stored in /zfssystem, currently only root can do anything, thus rsync is blocked). is it somehow possible to add an exception so that ONLY rsync can run its routine within /zfssystem but NOT as root while keeping these permissions? because if I make it where allothers has execute permissions (rwx_ _ _ _ _ x) then its possible for rm -r * to be run also, and we dont want that, but at the same time I dont want anything, even rsync, running as root. if this is possible with rsync, that would mean its also possible with a few other useful utilities while denying execute permissions to the whole system, say if the machine were to get compromised.. (i will eventually change the whole system and run the backup machine as a personal server for personal access remotely). thanks unix/linux gurus -- This message posted from opensolaris.org
