[path] & module options with SSH

Dave Dykstra dwd at bell-labs.com
Thu Feb 7 01:56:15 EST 2002 

rsync --daemon and ssh do not currently work together at all.  If you use
the syntax "hostname::module", rsync ignores the '-e ssh'.  It sounds like
you are not using the double-colon syntax so rsyncd.conf is ignored.
Someone has posted a patch that enable the two to work together but it
hasn't yet been integrated.

- Dave Dykstra


On Tue, Feb 05, 2002 at 08:45:52PM -0500, Daniel Ouellet wrote:
> Hi,
> 
> I am running rsync 2.5.2 and have a server running rsync --daemon over ssh.
> 
> Now, I read plenty of information on rsync, all the man & all the info on
> the rsync.samba.org + many other sites that for the most part all say the
> same with a few exceptions. Did search on google and even look at the marc
> lists. What I am looking for, unless I do not understand it and please
> correct me if that's the case, it look like that the module section would be
> use to limit the access to specific users to a limit part of the files
> system. Example, if I have:
> 
> [simple_path_name]
>    path = /rsync/files/here
>    comment = My Very Own Rsync Server
>    uid = nobody
>    gid = nobody
>    read only = no
>    list = yes
>    auth users = username
>    secrets file = /etc/rsyncd.secrets
> 
> Then I would expect the users ( username) to have access only to my files
> inside the /rsync/files/here, but with ssh anyway, you have access to all of
> it and only the user rights on the server will limit you. I don't know under
> RSH if that's the same or not as I only have servers with SSH, so I didn't
> test that part out.
> 
> Also, the hosts allow option if I put it in the global section to limit
> access to my box, is not recognize either.
> 
> I can have: hosts allow 192.168.2.2 and obviously this is not a routable IP
> and it is not my IP either, but I will still have access to the rsync
> server.
> 
> So, in short, is there a place that would list the options that are not
> active under SSH?
> 
> What I want to do is to limit access to some IP's, or block of IP under SSH
> and also limit access to a portion of the files system as above. I wouldn't
> mind if the auth users is not used as SSH is find for that, but I sure would
> love if I could have limit on the files system and as a bonus if the auth
> users would recognize the user that sign up via SSH and provide access to
> the path only. Obviously the secrets file wouldn't be use in the SSH case,
> but would be use only to limit access per users.
> 
> So, is that make sense or am I way off in the understanding of the system
> and the intention behind the module portion.
> 
> As a last question, this is not a big deal, but I was curious as if anyone
> would know of an option that would only send out the actual name&path of the
> files transfer without the final small stats and not show the portion where
> you get the initial directory list. The reason why I am asking is that if
> so, I could plug the output of it to MySQL and log the files transfer for
> audit reason.
> 
> Many thanks for your help and time!
> 
> Daniel
> 
> 
>

More information about the rsync mailing list