So, I guess this is the answer to my question as to why the config wasn't limiting the users.
Great, thanks for that answer, but this still leave me with how can I limit access to specific portion of the file system as I put in my email to make sure the users only access what I would like them to access via rsync other then having to change the right of each users on the server side of the connection? Now as to -daemon and ssh not working together. You may be right, I don't know. I discover rsyn just two days ago. SO, I don't know much about it yet, just plenty of reading, trial and error you may say! Am I understanding you correctly when you say ssh and -daemon are not working together when you use the :: syntax or are you saying that they just don't period regardless of : or ::? Because, I do not have RSH, only SSH on my server and it does work for me. I do have to use the SSH Verion 2 as I wasn't able to do it with the version 1 and I use DSA not RSA. When I setup my box to use the daemon and have my cron on the client, I generate my key with: ssh-keygen -t dsa Is that help. I am not trying to make a debate at all, I would like to understand it right. You are 100% right as to the ::. That I wasn't able to and that's why in my email I did put the : and ask if there was a problem with SSH and rsync. I can tell you that it does work with : but not with ::, that I knock my head on it a lot two night ago! So, do you provide me the answer here as to why. Thanks! Finally, when you say that the -daemon doesn't see the rsync.conf, you mean the module portions right? As I just test it and if I change: log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock read only=yes uid=nobody gid=nobody to log file = /var/log/rsyncd.logss pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock read only=yes uid=nobody gid=nobody for the test, then the log file use rsyncd.logss and I see inside: webfarm1# more /var/log/rsyncd.logss 2002/02/06 11:57:30 [12838] rsyncd version 2.5.2 starting, listening on port 873 So, I am not sure that I follow up 100% yet. I would appreciate if you would take a bit of your time to put light on this for me if you have time of course! Many thanks for your help! Daniel -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dave Dykstra Sent: Wednesday, February 06, 2002 9:56 AM To: Daniel Ouellet Cc: [EMAIL PROTECTED] Subject: Re: [path] & module options with SSH rsync --daemon and ssh do not currently work together at all. If you use the syntax "hostname::module", rsync ignores the '-e ssh'. It sounds like you are not using the double-colon syntax so rsyncd.conf is ignored. Someone has posted a patch that enable the two to work together but it hasn't yet been integrated. - Dave Dykstra On Tue, Feb 05, 2002 at 08:45:52PM -0500, Daniel Ouellet wrote: > Hi, > > I am running rsync 2.5.2 and have a server running rsync --daemon over ssh. > > Now, I read plenty of information on rsync, all the man & all the info on > the rsync.samba.org + many other sites that for the most part all say the > same with a few exceptions. Did search on google and even look at the marc > lists. What I am looking for, unless I do not understand it and please > correct me if that's the case, it look like that the module section would be > use to limit the access to specific users to a limit part of the files > system. Example, if I have: > > [simple_path_name] > path = /rsync/files/here > comment = My Very Own Rsync Server > uid = nobody > gid = nobody > read only = no > list = yes > auth users = username > secrets file = /etc/rsyncd.secrets > > Then I would expect the users ( username) to have access only to my files > inside the /rsync/files/here, but with ssh anyway, you have access to all of > it and only the user rights on the server will limit you. I don't know under > RSH if that's the same or not as I only have servers with SSH, so I didn't > test that part out. > > Also, the hosts allow option if I put it in the global section to limit > access to my box, is not recognize either. > > I can have: hosts allow 192.168.2.2 and obviously this is not a routable IP > and it is not my IP either, but I will still have access to the rsync > server. > > So, in short, is there a place that would list the options that are not > active under SSH? > > What I want to do is to limit access to some IP's, or block of IP under SSH > and also limit access to a portion of the files system as above. I wouldn't > mind if the auth users is not used as SSH is find for that, but I sure would > love if I could have limit on the files system and as a bonus if the auth > users would recognize the user that sign up via SSH and provide access to > the path only. Obviously the secrets file wouldn't be use in the SSH case, > but would be use only to limit access per users. > > So, is that make sense or am I way off in the understanding of the system > and the intention behind the module portion. > > As a last question, this is not a big deal, but I was curious as if anyone > would know of an option that would only send out the actual name&path of the > files transfer without the final small stats and not show the portion where > you get the initial directory list. The reason why I am asking is that if > so, I could plug the output of it to MySQL and log the files transfer for > audit reason. > > Many thanks for your help and time! > > Daniel > > >
