A while ago, in a long thread, the following was said:-
>
> Regarding first creating new repositories, yes, I think that too will be
> blocked. There was some discussion a few years ago about this:
> http://savannah.nongnu.org/bugs/?16897 ... I don't remember what was
> resolved. I suppose we could add os.mkdir() to the safe list.
>
It's not a big issue for me, if/when I set up new clients and/or new
hierarchies to back up I'm quite happy to do some manual backups or
remove the --restrict-update-only from teh destination temporarily.
Well, I can now confirm this is true, you can't create a new backup
with a --restrict-update-only in place. However, once you have created
the backup then --restrict-update-only can be added and seems to do
what's expected.
I have thus got the following in the ~/.ssh/authorized_keys file on the
backup 'server':-
command="rdiff-backup --server --restrict-update-only
backups",no-pty,no-port-forwarding ssh-rsa <the key>
I have a dedicated client account for running the backup which has a
passphraseless ssh key and is restricted to only doing backups by the
above.
It's obviously not totally secure but it's good enough while at the
same time doing backups daily with no effort on my part. (It's only
one of several backups I do, each with different strengths and
weaknesses)
--
Chris Green
_______________________________________________
rdiff-backup-users mailing list at rdiff-backup-users@nongnu.org
http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
