On Sat, 12 Mar 2022 at 08:45, Florian Sager via rsync
wrote:
> Hi,
>
> I gave up using rrsync some years ago because of
> a) potential security issues with path references that can occur within
> the rsync execution in the call of rrsync
> b) possibly unmatched rsync options (rrsync must be kept
On Wed, 19 May 2021 at 20:34, Christopher O Cowan
wrote:
>
> So, I'm wondering if you or anyone else knows a way to force rsync into
> --daemon mode from the server side?
> Unless I'm wrong, I probably still need one of the shims I mentioned.
>
> Perhaps I could do the poor man's by writing a
On Sun, 25 Apr 2021 at 17:53, Chris Cowan via rsync
wrote:
>
> I’ve also been looking at several solutions that try to sandbox
> openssh/rsync.These include rssh (which should not be used anymore,
> because it's Abandon-ware. But, it is what I am most familiar with), GNU
> rush, and
On Thu, 18 Feb 2021, 15:28 Karl O. Pinc via rsync,
wrote:
>
> For some 15 years+ (?) I've had a /root/.ssh/authorized keys line
> that starts with:
>
> "no-pty,no-agent-forwarding,no-port-forwarding,no-user-rc,no-X11-forwarding,command="rsync
> --server --daemon ."
>
> Occasionally I frob the
On Tue, 11 Feb 2020 at 01:36, raf via rsync wrote:
> rrysnc
> sshdo - controls which commands may be executed via incoming ssh
> authprogs - SSH Command Authenticator
Those work for command line argument restrictions, but I like daemon
mode for restriction. It's a way to tell rsync
This adds support for whitelisting the acceptable options in the
"refuse options" setting in rsyncd.conf. It introduces "!" as a
special option string that refuses most options and interprets
any following strings as patterns of options to allow.
For example, to allow only verbose and archive: