Trying to elevate rsync privileges when connecting over ssh without using NOPASSWD in sudoers
Dan Stromberg
drsalists at gmail.com
Sat Mar 12 22:14:12 UTC 2022
On Sat, Mar 12, 2022 at 12:23 PM Dr. Mark Asbach via rsync <
rsync at lists.samba.org> wrote:
> Hi there, hi past me,
>
> > My (non-working) attempt:
> > […]
> > So it seems the "-l" is dropped into the void letting ssh assume USER
> was the target host? I don’t actually get what I can do.
>
> Turns out, I have to write down the description of my issue and then send
> the email before I magically understand the solution ;-)
>
> Here’s a working example that does not need a wrapper script:
>
> PASSWORD=<SUDOPASS> rsync -vv --delete-after --delay-updates '/bin/sh -c
> "{ echo $PASSWORD; cat - ; } | ssh -i ~/.ssh/id.key $0 $* &"'
> --rsync-path='sudo -S rsync‘ ./SRCDIR USER at HOST:DSTDIR
>
> The trick was actually to add "$0" because $* will drop the first argument
> from the list as this typically is the name of the script itself (duh!).
>
> Hope this is of help to anyone,
>
Cool, glad you found a solution you're happy with.
Bear in mind, putting a password in an environment variable can be seen by
other users on the same system with "ps auxwwe".
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/rsync/attachments/20220312/34f86f0f/attachment.htm>
More information about the rsync
mailing list