Why is -e sent to the remote rsync side?
shachar at shemesh.biz
Sun Oct 5 04:47:47 GMT 2008
> $ rsync -e 'ssh -v' lingnu.com:
> OpenSSH_5.1p1 Debian-2, OpenSSL 0.9.8g 19 Oct 2007
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to lingnu.com [18.104.22.168] port 22.
> debug1: Connection established.
> debug1: Sending command: rsync --server --sender -de.L .
As we can see, rsync runs ssh, and tells it to run, on the other side,
rsync with the "-e" flag. I am not really sure what and how the "." and
"L" are parsed by rsync (part of my problem).
The reason this is brought up is because I'm using rssh
(http://www.pizzashack.org/rssh/) as the user's shell to limit that user
to only be allowed to run rsync. Rssh, however, prevent the passing of
the "-e" option to rsync, as it claims (with some amount of
justification) that this option allows someone to cause rsync to run any
command at all, escaping the limitations imposed by rssh.
So my questions:
1. Why does rsync need to pass "-e" to the remote side? After all, the
connection is already established at that point.
2. What does this -e mean? What causes the remote side to really not run
anything (trying to run ".L" from the path would be the way I would
interpret the command at that point - obviously rsync disagrees :-)
More information about the rsync