remote logging non-daemon mode

Matt McCutchen matt at
Thu Dec 6 05:52:22 GMT 2007

On Wed, 2007-12-05 at 23:21 -0500, Doug Lochart wrote:
> Now I am having another issue and that is passing a log format in the
> rsync-path.  I can see it is coming over but for some reason a defauly
> --log-format=%o is appended after --server is added by rsync.  This
> effectively overrides the log-format I supplied.  How do I stop this
> default log-format from being appended after --server? 

You want to use --log-file-format to control the server's log file.  A
--log-format option passed to a server is a hint that helps the client
perform its own logging properly.

But seriously, you should use a properly configured rsync daemon.
Making the client pass the log format in the --rsync-path and making the
validation script check it is a hack to achieve centralized control of
logging in a plain-server setup, while an rsync daemon is *designed* to
give you this control;

> On the protocol version error I have discovered the problem  I am
> using a validation script as part of rthe ssh key to make sure that
> only rsync is executed within that shell.

if you stick with the plain server, you can expect more headaches like
this one.

> We used ssh to create a tunnel using a users ssh key.  With this
> tunnel we were able to access any module defined in the system.

> Each module needs to be protected from the others so if a user logs in
> with their credentials they should not have access to any other
> module.

Of course.  I'm trying to understand your initial setup and how users
could access each other's modules.  By a "tunnel", do you mean that you
forwarded a background-listening daemon's port or that you invoked a
single-use daemon over ssh?  I assume each user has his/her own ssh key?
Are you using the rsync daemon's own authentication protocol ("auth

Anyway, it's easy do a secure rsync daemon setup with ssh connections
and authentication.  Make a separate daemon configuration file for each
user listing only the modules he/she is allowed to access.  Then set
each user's forced command to invoke a single-use daemon with the
appropriate configuration file ("rsync --daemon --server
--config=<rsyncd-user.conf> .").  The situation for multiple single-use
daemons sharing a single log file is exactly the same as for multiple
concurrent connections to a background daemon: lines of output get
intermingled, but nothing terrible happens.

You don't have to write a separate configuration file for each user
manually.  You can force a script that generates a configuration file
specific to the user from a global template and provides the file to the
daemon on one of its fds.  A better alternative might be to enhance
rsync with a --client-user=USER daemon option that makes the daemon
assume the client is USER without performing its own authentication
protocol.  Then all the forced commands could use a single configuration
file but pass different --client-user options.


More information about the rsync mailing list