In the development version of rsync now in CVS, ssh and daemon mode can
be used together by using '-e ssh' along with '::'. That is probably
just what Rob needs, please check it out/test it. The documentation has
been updated to describe putting a ssh wrapper key to to restrict rsync
operations t
This has been discussed before.
The only way to restrict what rsync-over-ssh can do is to lodge the
restriction in the authorized_keys command= field, restricting what
command a given key can run.
For a single rsync invocation it's easy to figure out: just set up
command=/path/to/wrapper
jw schultz <[EMAIL PROTECTED]> writes:
> For the most part there shouldn't be much of a problem. What you
> are talking about doing is erroring out if the path(s) are out of
> bounds, and either adding/removing options or erroring if they are
> missing/present.
>
> You could just take the SSH_ORI
On Sun, Jan 05, 2003 at 07:50:57PM -0600, Rob Browning wrote:
> jw schultz <[EMAIL PROTECTED]> writes:
>
> > I'm just wondering what you are suggesting be added to rsync
> > that couldn't be done by the wrapper you already need.
> >
> > You can already restrict --delete and check the paths rsync
>
jw schultz <[EMAIL PROTECTED]> writes:
> I'm just wondering what you are suggesting be added to rsync
> that couldn't be done by the wrapper you already need.
>
> You can already restrict --delete and check the paths rsync
> will operate on to ensure they are within the designated
> trees. As it
On Sun, Jan 05, 2003 at 06:32:53PM -0600, Rob Browning wrote:
> jw schultz <[EMAIL PROTECTED]> writes:
>
> > A general purpose wrapper could be done but you would have to have
> > ways to tell it to require these options, disallow these options,
> > which of those options require args, and what ar
jw schultz <[EMAIL PROTECTED]> writes:
> A general purpose wrapper could be done but you would have to have
> ways to tell it to require these options, disallow these options,
> which of those options require args, and what arguments must match
> what patterns. A full implementation would probabl
Rob Browning wrote
> Aaron Morris <[EMAIL PROTECTED]> writes:
>
> > I only mention this because I do not believe most people even realize
> > there is this other mode to rsync. I tried describing it to a
> > co-worker who uses rsync regularly, but he kind of just stared at me
> > blankly.
>
> Ri
Aaron Morris <[EMAIL PROTECTED]> writes:
> I only mention this because I do not believe most people even realize
> there is this other mode to rsync. I tried describing it to a
> co-worker who uses rsync regularly, but he kind of just stared at me
> blankly.
Right. I was aware of that mode, but
On Sun, Jan 05, 2003 at 11:30:41AM -0600, Rob Browning wrote:
>
> I was wondering if it's possible to restrict rsync in various ways on
> the server side when it is invoked via ssh. Two restrictions I had in
> mind are disallowing deletes and/or restricting all actions to a
> particular subdirect
I do not think you can use it with ssh, but if you use rsync in rsync
mode (::) instead of just an interface to rsh (:), you can limit the
directories where you can transfer files (using modules). This involves
setting up the rsync daemon on the server side. The rsync daemon has
the ability t
I was wondering if it's possible to restrict rsync in various ways on
the server side when it is invoked via ssh. Two restrictions I had in
mind are disallowing deletes and/or restricting all actions to a
particular subdirectory. I was hoping to be able to do this without
having to be root (for
12 matches
Mail list logo
