Why is -e sent to the remote rsync side?

Shachar Shemesh shachar at shemesh.biz
Sun Oct 5 04:47:47 GMT 2008

> $ rsync -e 'ssh -v' lingnu.com:
> OpenSSH_5.1p1 Debian-2, OpenSSL 0.9.8g 19 Oct 2007
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to lingnu.com [] port 22.
> debug1: Connection established.
> debug1: Sending command: rsync --server --sender -de.L .
As we can see, rsync runs ssh, and tells it to run, on the other side, 
rsync with the "-e" flag. I am not really sure what and how the "." and 
"L" are parsed by rsync (part of my problem).

The reason this is brought up is because I'm using rssh 
(http://www.pizzashack.org/rssh/) as the user's shell to limit that user 
to only be allowed to run rsync. Rssh, however, prevent the passing of 
the "-e" option to rsync, as it claims (with some amount of 
justification) that this option allows someone to cause rsync to run any 
command at all, escaping the limitations imposed by rssh.

So my questions:
1. Why does rsync need to pass "-e" to the remote side? After all, the 
connection is already established at that point.
2. What does this -e mean? What causes the remote side to really not run 
anything (trying to run ".L" from the path would be the way I would 
interpret the command at that point - obviously rsync disagrees :-)


More information about the rsync mailing list