How to Vary Module Path Based on User

Matt McCutchen hashproduct+rsync at gmail.com
Thu Jan 4 01:20:31 GMT 2007


On 1/3/07, Bill @ 83 North <bill at 83north.com> wrote:
> I want to vary the path rsync uses based on the user that authenitcated to
> the module.
> [...]
> Is there a function in rsync that does this?

No, the standard rsync does not support appending the username to the
module path.  However, this would be easy to implement in a custom
version of rsync.  In fact, I implemented it; the patch to rsync is
attached.

> Is there an ability to use the
> pre transfer execute to modify a variable to make that happen?

You could have the module path point to a symlink and have the
pre-xfer command modify that symlink to point to the appropriate
directory based on $RSYNC_USER_NAME.  However, concurrent connections
might fight over the symlink so that some clients would end up
accessing the wrong user's directory, so you should set max
connections = 1 for that module.

I feel that having a module that behaves differently for different
users is kludgy.  It would be better to have a different module for
each user but only show each user his/her own module.  To this end,
the daemon could ask a client requesting a module listing to provide a
username and password and then show the client the modules it could
access with those credentials.  The standard rsync daemon never asks
the client to provide credentials for a module listing, but it looks
like the standard rsync client would prompt the user  and provide the
credentials correctly; I can't speak for your GUI wrapper for the
client.

However, this technique is awkward to implement because checking a
single username and password against many modules (which might even
have different secrets files) would require significant rearrangements
to authenticate.c .  It would become even more awkward if support for
keyboard-interactive PAM authentication were added to the rsync
daemon, because authentication for different modules might even
require different PAM conversations.

Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: append-username.diff
Type: text/x-patch
Size: 9509 bytes
Desc: not available
Url : http://lists.samba.org/archive/rsync/attachments/20070103/8d3b60bc/append-username.bin


More information about the rsync mailing list