How to manage root<-->root rsync keeping permissions?
cl at isbd.net
Tue Aug 3 14:06:54 UTC 2021
Andy Smith via rsync <rsync at lists.samba.org> wrote:
> Hi Chris,
> On Tue, Aug 03, 2021 at 09:48:37AM +0100, Chris Green via rsync wrote:
> > But how do you handle the other end to restore the root ownership etc.?
> > The script has to do something like:-
> > rsync -a /etc/ chris at remote:backups/etc/
> > So at the remote end it only has chris' privileges.
> A couple of options:
> Since you want to automate it I'd go with letting root log in by ssh
> key only, and force the key to work only with a specific script.
> Here is an example forced command that only allows rsync
> This is still vulnerable to doing anything that rsync can do. You
> can secure it further by making a script that only does the specific
> things you need rsync to do, e.g. the exact parameters and paths,
> and force that script instead.
Ah yes, I've done this elsewhere using 'rrsync' at the receiving end,
it's another possible approach to investigate, thanks.
More information about the rsync