Re: trigger command on successful upload?
On Wed, Jun 16, 2004 at 03:15:00PM +1200, Jason Haar wrote: > e.g. > rsync -x -e ssh src_dir remote:dst_share > ssh remote "/usr/local/bin/cleanup" You don't need the separate ssh connection if you use --rsync-path to point to a script that first runs rsync (using the supplied args) and then does the post-processing work (as appropriate for any error code that was returned). ..wayne.. -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: trigger command on successful upload?
Wayne Davison ([EMAIL PROTECTED]) said, in message <[EMAIL PROTECTED]>: > > Yup, I was thinking the same thing. One way to make your feature safer > would be to turn it into a config-file setting (and leave the script > outside the download/upload area). Since a non-daemon setup should be > able to accomplish the post-processing using a wrapper script around > rsync (local or remote), it's not particularly needed in that scenario. Can I add my vote to the request? We push things like iptables firewall scripts from a central server out to a bunch of other machines. At the moment, I'm running a little custom built service called issync on each machine which does: > #!/usr/bin/perl > system "/usr/bin/rsync", "--daemon", "--config=/etc/issync.conf"; > chdir("/var/spool/issync"); > system "/usr/bin/make", "-f", "/etc/issync.mk"; where the issync.mk makefile can look at what files were synchronised and take appropriate actions. This is a messy way of doing things, and a postexec script on the "share" would let me lose this messy thing. Cheers, Alun. -- Alun Jones [EMAIL PROTECTED] Systems Support, (01970) 62 2494 Information Services, University of Wales, Aberystwyth -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: trigger command on successful upload?
On Tue, Jun 15, 2004 at 12:56:39PM -0700, Wayne Davison wrote: > On Tue, Jun 15, 2004 at 11:56:12AM -0700, Robert Helmer wrote: > > It is a potential security problem > > Yup, I was thinking the same thing. One way to make your feature safer > would be to turn it into a config-file setting (and leave the script This whole idea smells of the Samba "postexec" style feature. If done, it definitely should be only allowed to be defined within /etc/rsyncd.conf (assuming rsync transport of course). e.g. [backup] path=/var/spool/backup preexec="/usr/local/bin/initialize /var/spool/backup/" postexec="/usr/local/bin/cleanup /var/spool/backup/" uid = root That way it can run under whatever security context you define for that given rsync "share". Allowing the rsync client to define what remote command to run is WAY too insecure. Obviously, if they are running rsync over rsh/ssh/other then a "--trigger-script=..." client option starts making sense - but I can't see the point - you should just call that script after doing the rsync job e.g. rsync -x -e ssh src_dir remote:dst_share ssh remote "/usr/local/bin/cleanup" what's the difference? -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: trigger command on successful upload?
On Tue, Jun 15, 2004 at 11:56:12AM -0700, Robert Helmer wrote: > It is a potential security problem Yup, I was thinking the same thing. One way to make your feature safer would be to turn it into a config-file setting (and leave the script outside the download/upload area). Since a non-daemon setup should be able to accomplish the post-processing using a wrapper script around rsync (local or remote), it's not particularly needed in that scenario. ..wayne.. -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: trigger command on successful upload?
Hi Tim, On Tue, Jun 15, 2004 at 10:22:14AM -0400, Tim Conway wrote: > If you're rsyncing over an external transport, I can't imagine what the > issue is in running a postprocessing command over the same transport. But, > if what you're looking for is a way to do this over rsync internal > transport, and want to get rid of the remote shell, perhaps for security > reasons, leave a daemon, or perhaps a cron-driven script, to watch for the > appearance of a trigger file. If the rsync transfer finishes correctly, > you send up the trigger file, which is harvested by the receiver, which > performs the desired post-transfer processing. I would like to do it over the rsync internal transport, and not use SSH for internal transfers anymore (too much overhead for the encryption). I have considered using an approach like what you describe using the FAM daemon (opensourced by SGI) but it occurred to me that making the rsync client take something like this: --trigger-script=/usr/local/bin/run.sh would eliminate the need for anything to be constantly running on the frontend machine. This machine is being uploaded to, not downloaded from, by rsync (it's impossible to know when the files on the backend machine will be ready for download). Not a big deal, just seems a bit more efficient this way, and less setup on the frontend machines for me :) It is a potential security problem, so I won't be surprised if people don't want it in the mainstream rsync distribution. > start pseudoscript:+++ > [ -f "$triggerfile" ] || exit 0 > rm $triggerfile > perform whatever it is you wanted > end pseudoscript:+++ > Cronjob: > * * * * * /path/to/the/script > > Tim Conway > Unix System Administration > Contractor - IBM Global Services > desk:3032734776 > [EMAIL PROTECTED] > > > I would like to be able to trigger a script for #3 instead of having > to ssh over (to make the frontend server a bit more autonomous, and > simplify the process). > > Does this seem reasonable, or am I just making things more complex > for myself? :) > -- > To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html > -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: trigger command on successful upload?
If you're rsyncing over an external transport, I can't imagine what the issue is in running a postprocessing command over the same transport. But, if what you're looking for is a way to do this over rsync internal transport, and want to get rid of the remote shell, perhaps for security reasons, leave a daemon, or perhaps a cron-driven script, to watch for the appearance of a trigger file. If the rsync transfer finishes correctly, you send up the trigger file, which is harvested by the receiver, which performs the desired post-transfer processing. start pseudoscript:+++ [ -f "$triggerfile" ] || exit 0 rm $triggerfile perform whatever it is you wanted end pseudoscript:+++ Cronjob: * * * * * /path/to/the/script Tim Conway Unix System Administration Contractor - IBM Global Services desk:3032734776 [EMAIL PROTECTED] I would like to be able to trigger a script for #3 instead of having to ssh over (to make the frontend server a bit more autonomous, and simplify the process). Does this seem reasonable, or am I just making things more complex for myself? :) -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: trigger command on successful upload?
Hi, On Tue, 15 Jun 2004 [EMAIL PROTECTED] wrote: > I think this would be a useful feature. I can think of how I could use a > feature like that. If you are successful let me know. rsync has wonderful precise return codes. "man rsync" will tell. You can already do somehing like this: rsync ${OPTS} ${SRC} ${DST} >>${PROT} 2>&1 RC=$? if test "${RC}" = "0" -o "${RC}" = "23"; then echo "normal termination." elif test "${RC}" = "10"; then echo "no connection." elif test "${RC}" = "24"; then echo "OK, but some file(s) vanished." fi and distinguish many more cases. Cheers -e -- Eberhard Moenkeberg ([EMAIL PROTECTED], [EMAIL PROTECTED]) -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: trigger command on successful upload?
Robert, I think this would be a useful feature. I can think of how I could use a feature like that. If you are successful let me know. Thanks, Paul Enright Robert Helmer <[EMAIL PROTECTED] mer.com> To Sent by: [EMAIL PROTECTED] rsync-bounces+pen cc right=braums.com@ lists.samba.org Subject trigger command on successful upload? 06/14/2004 10:57 PM Hello, I am working on implementing rsync to replace a server distribution mechanism that currently works like this: 1) process new file on backend server 2) upload file to frontend server using scp or rsync over ssh 3) ssh to frontend server to trigger script #3 is only used in a couple special cases I have this tested and working: 1) (same as above) 2) upload file to frontend server using rsync (with patch to rsynd to be verbose in error reporting) 3) (same as above) I would like to be able to trigger a script for #3 instead of having to ssh over (to make the frontend server a bit more autonomous, and simplify the process). I am already maintaining a fork of rsync for #2, so I don't mind making modifications to the source. Ideally I'd like to have a param on the client side like --trigger-script="script.sh", that will trigger a script on the server side only if the upload is successful. Does this seem reasonable, or am I just making things more complex for myself? :) Thanks! Rob -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
trigger command on successful upload?
Hello, I am working on implementing rsync to replace a server distribution mechanism that currently works like this: 1) process new file on backend server 2) upload file to frontend server using scp or rsync over ssh 3) ssh to frontend server to trigger script #3 is only used in a couple special cases I have this tested and working: 1) (same as above) 2) upload file to frontend server using rsync (with patch to rsynd to be verbose in error reporting) 3) (same as above) I would like to be able to trigger a script for #3 instead of having to ssh over (to make the frontend server a bit more autonomous, and simplify the process). I am already maintaining a fork of rsync for #2, so I don't mind making modifications to the source. Ideally I'd like to have a param on the client side like --trigger-script="script.sh", that will trigger a script on the server side only if the upload is successful. Does this seem reasonable, or am I just making things more complex for myself? :) Thanks! Rob -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html