rsync & ldap authentication

Donovan Baarda abo at
Wed Feb 12 10:11:10 EST 2003

On Wed, 2003-02-12 at 04:25, Darren Jung wrote:
> Hi,
> I'm trying to get rsync 2.5.6 to authenticate users via
> openldap-2.0.23.  I was looking through the mailing list archives and
> found a patch for rsync-2.4.6 that does this for me.  I was just
> wondering if this is still valid, or if there has been a new patch or
> new implementation that has superceded this patch.  Any help would be
> great.  The message I am referring to is as follows:

I'm not sure exactly what you are trying to achieve, but I'm not sure
you need to patch rsync at all.

Provided rsync uses libc to lookup users, all you need is to configure
nsswitch to use ldap properly. This is enough to make any unix
application work with ldap, provided it uses the proper libc routines
and doesn't access /etc/passwd and /etc/shadow directly.

This does mean that all the users in ldap look like real unix users on
that host. If you don't want this, and want to keep the unix users in
/etc/passwd and only use ldap for rsync users, then you probably want
rsync to use PAM for authentication, and use the pam_ldap module.

I'm not sure if rsync can use PAM for authentication, but if you really
want rsync to directly use ldap auth (ie, not via nsswitch), PAM is the
"proper" way to do it. Please don't hack rsync to lookup ldap directly.

BTW, there is a Debian wiki page that explains LDAP Authentication at;

ABO: finger abo at for more info, including pgp key

More information about the rsync mailing list