You have to have a "uid = 0" in the rsyncd.conf file for that module, since only root can give away files, and also bypass all (except over NFS, etc.) file protections.
For (insert diety's name here)'s sake, don't use "/" for a path, and don't leave it un-chrooted, unless you're putting up a honeypot or something.
You might want to password-protect that module, too, to inhibit casual unwanted file modification.
I know it sounds sick. I've got a remote box that I want to back up /etc, /var, and /home. I wanted to use rsync to do this because my current method (tar, encrypt with openssl and leave on the ftp server) is taking too long over the remote connection.
I was trying to run rsync as a server on the remote box, but with port 873 blocked by a packet filter, so that ssh was the only way to get remote access to rsync. I DO have a root module, protected by an rsync secret, but I share your discomfort...I just can't think of a better solution.
At any rate, when I try to run rsync from my workstation across the 'net, rsync complains that it can't find rsyncd.conf (which is in /etc). My impression is that when run as a server over a remote ssh connection, rsync is being started up as a process under the ssh user's account, instead of connecting to the root rsync server that I've got running out of inetd. Am I missing something?
you might as well also add "opendoor stream tcp nowait root /bin/sh sh" to your inetd.conf and "opendoor 666" to services.
Hmmm, thanks for the advice, I tried this, but my rsync still isn't working.
-- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
