Bug#576629: scponly-full: scponly 4.8 does not support rsync 3.0 option -e

Mon, 05 Apr 2010 20:23:02 -0700 

Package: scponly-full
Version: 4.8-4.1
Severity: normal

When trying to use rsync connecting to a scponly-restricted user, scponly 
complains that a non-permitted option has been used and aborts the connection

Here is the output with /etc/scponly/debuglevel set to 2

% rsync test bk-tallest-m...@gaz:                                               
                                               ~
[email protected]'s password: 
scponly[19599]: chrooted binary in place, will chroot()
scponly[19599]: 3 arguments in total.
scponly[19599]:         arg 0 is scponlyc
scponly[19599]:         arg 1 is -c
scponly[19599]:         arg 2 is rsync --server -e.Ls . 
scponly[19599]: opened log at LOG_AUTHPRIV, opts 0x00000029
scponly[19599]: determined USER is "bk-tallest-matt" from environment
scponly[19599]: retrieved home directory of "/home/bk-tallest-matt" for user 
"bk-tallest-matt"
scponly[19599]: chrooting to dir: "/home/bk-tallest-matt"
scponly[19599]: chdiring to dir: "/"
scponly[19599]: setting uid to 1003
scponly[19599]: processing request: "rsync --server -e.Ls . "
scponly[19599]: Using getopt processing for cmd /usr/bin/rsync
 (username: bk-tallest-matt(1003), IP/port: 10.0.0.10 45722 22)
scponly[19599]: getopt processing returned '?' (username: 
bk-tallest-matt(1003), IP/port: 10.0.0.10 45722 22)
scponly[19599]: getopt processing returned 'e' (username: 
bk-tallest-matt(1003), IP/port: 10.0.0.10 45722 22)
scponly[19599]: option 'e' or a related long option is not permitted for use 
with /usr/bin/rsync (arg was .Ls) (username: bk-tallest-matt(1003), IP/port: 
10.0.0.10 45722 22))
scponly[19599]: requested command (/usr/bin/rsync --server -e.Ls .) tried to 
use disallowed argument (username: bk-tallest-matt(1003), IP/port: 10.0.0.10 
45722 22))
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(600) 
[sender=3.0.6]


The changelog for the current CVS version of scponly says this issue is fixed, 
but no release has yet been made containing the fix

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages scponly-full depends on:
ii  debconf [debconf-2.0]        1.5.30      Debian configuration management sy
ii  libc6                        2.10.2-6    Embedded GNU C Library: Shared lib
ii  passwd                       1:4.1.4.2-1 change and administer password and

Versions of packages scponly-full recommends:
ii  openssh-server                1:5.3p1-3  secure shell (SSH) server, for sec

scponly-full suggests no packages.

-- debconf information:
* scponly/chroot: true
* scponly/fullwarning:



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to