I am stuck. I have read HOWTOs all over the place saying how to get rdiff-backup to use a public key with a 'command="(shell script name)"'. The script then executes the client side version of rdiff-backup sudo'd which then safely backups up everything. Here is the HOWTO that explains what I am trying to do in detail (for rsync but I'm trying to do it for rdiff-backup): http://troy.jdmz.net/rsync/index.html
I can do this (with ridff-backup) using public-key authentication as root on the client with the forced command in the key on the client side. But I just CANNOT get the forced-command in a script to work with rdiff-backup. BTW, I can get the forced-command to work calling a script merely containing the 'ls' command. Maybe this all has something to so with the shell messing with STDOUT and potential fundamental misunderstanding of shell environments as hinted at here: http://www.mail-archive.com/rdiff-backup-users@nongnu.org/msg02954.html ? What Works Currently 'rdiff-backup' works great on the client/backup-machine with the command: rdiff-backup user@server::/home/user /home/server-backups/user The login uses a password-less key-based authentication and the ssh client-side configuration (.ssh/config) file reading: host client hostname client user user identityfile /home/client/key/server-passwordless-key compression yes protocol 2 NOTE: they private key is in /home/client/key/server-password-less-key. On the server the public-key starts with the following constraints: from="client",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pt y,command="rdiff-backup --server --restrict-read-only /" ssh-rsa AAasdfaj23jasljjj..etc., etc. This works perfectly. Both machines are Ubuntu Server 10.04 LTS. The Error The problem is that if I want to "force the command" on the server by altering the server-side public key so it looks for '/usr/local/bin/hard-coded-rdiff' as follows: from="client",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pt y,command="/usr/local/bin/hard-coded-rdiff" ssh-rsa AAasdfaj23jasljjj..etc., etc. I have run: chmod 744 /usr/local/bin/hard-coded-rdiff ...so it should be executable by all. 'user' can execute /user/local/bin/hard-coded-rdiff. /usr/local/bin/hard-coded-rdiff's contents are: #! /usr/bin/sh /usr/bin/rdiff-backup --server --restrict-read-only / This fails on the client with the message: Exception '' raised of class '<type 'exceptions.MemoryError'>': File "/usr/lib/pymodules/python2.6/rdiff_backup/Main.py", line 304, in error_check_Main try: Main(arglist) File "/usr/lib/pymodules/python2.6/rdiff_backup/Main.py", line 321, in Main rps = map(SetConnections.cmdpair2rp, cmdpairs) File "/usr/lib/pymodules/python2.6/rdiff_backup/SetConnections.py", line 76, in cmdpair2rp if cmd: conn = init_connection(cmd) File "/usr/lib/pymodules/python2.6/rdiff_backup/SetConnections.py", line 152, in init_connection check_connection_version(conn, remote_cmd) File "/usr/lib/pymodules/python2.6/rdiff_backup/SetConnections.py", line 160, in check_connection_version try: remote_version = conn.Globals.get('version') File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 450, in __call__ return apply(self.connection.reval, (self.name,) + args) File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 368, in reval result = self.get_response(req_num) File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 315, in get_response try: req_num, object = self._get() File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 240, in _get data = self._read(length) File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 210, in _read try: return self.inpipe.read(length) Traceback (most recent call last): File "/usr/bin/rdiff-backup", line 30, in <module> rdiff_backup.Main.error_check_Main(sys.argv[1:]) File "/usr/lib/pymodules/python2.6/rdiff_backup/Main.py", line 304, in error_check_Main try: Main(arglist) File "/usr/lib/pymodules/python2.6/rdiff_backup/Main.py", line 321, in Main rps = map(SetConnections.cmdpair2rp, cmdpairs) File "/usr/lib/pymodules/python2.6/rdiff_backup/SetConnections.py", line 76, in cmdpair2rp if cmd: conn = init_connection(cmd) File "/usr/lib/pymodules/python2.6/rdiff_backup/SetConnections.py", line 152, in init_connection check_connection_version(conn, remote_cmd) File "/usr/lib/pymodules/python2.6/rdiff_backup/SetConnections.py", line 160, in check_connection_version try: remote_version = conn.Globals.get('version') File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 450, in __call__ return apply(self.connection.reval, (self.name,) + args) File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 368, in reval result = self.get_response(req_num) File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 315, in get_response try: req_num, object = self._get() File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 240, in _get data = self._read(length) File "/usr/lib/pymodules/python2.6/rdiff_backup/connection.py", line 210, in _read try: return self.inpipe.read(length) MemoryError The message from rdiff-backup on the server (pulling from client) ends with a dump of errors from the python executable and a "memory error." Same command on the client, small change to force the user of a shell script on the server and it fails - why please? Thanks for your suggestions. Respectfully, Richard P.S. I also listed this question on serverfault.com here: http://serverfault.com/questions/271518/rdiff-backup-fails-with-forced-comma nd-but-works-through-shell if you want to answer the question for points there.
_______________________________________________ rdiff-backup-users mailing list at rdiff-backup-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/rdiff-backup-users Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
