On Wed, Feb 06, 2002 at 12:04:49PM -0500, Daniel Ouellet wrote: > So, I guess this is the answer to my question as to why the config wasn't > limiting the users. > > Great, thanks for that answer, but this still leave me with how can I limit > access to specific portion of the file system as I put in my email to make > sure the users only access what I would like them to access via rsync other > then having to change the right of each users on the server side of the > connection?
JD Paul's patch which I previously referred to will give you what you want. > Now as to -daemon and ssh not working together. You may be right, I don't > know. I discover rsyn just two days ago. SO, I don't know much about it yet, > just plenty of reading, trial and error you may say! > > Am I understanding you correctly when you say ssh and -daemon are not > working together when you use the :: syntax or are you saying that they just > don't period regardless of : or ::? ":" syntax uses rsh (or ssh if you use -e ssh) to run another copy of the rsync program on the remote side. "::" syntax skips that completely, ignores -e, and instead connects to a daemon separately started to listen on port 873 on the remote host. In the future, when JD Paul's patch is accepted, the expectation will be that if you use "::" and "-e ssh" together it will still use ssh to connect but it will run rsync -daemon interactively so it can honor your rsyncd.conf. Does that make it clear? > Because, I do not have RSH, only SSH on my server and it does work for me. I > do have to use the SSH Verion 2 as I wasn't able to do it with the version 1 > and I use DSA not RSA. That doesn't matter; "::" syntax bypasses both RSH and SSH. > When I setup my box to use the daemon and have my cron on the client, I > generate my key with: > > ssh-keygen -t dsa > > Is that help. > > I am not trying to make a debate at all, I would like to understand it > right. > > You are 100% right as to the ::. That I wasn't able to and that's why in my > email I did put the : and ask if there was a problem with SSH and rsync. > > I can tell you that it does work with : but not with ::, that I knock my > head on it a lot two night ago! So, do you provide me the answer here as to > why. Thanks! > > Finally, when you say that the -daemon doesn't see the rsync.conf, you mean > the module portions right? As I just test it and if I change: > > log file = /var/log/rsyncd.log > pid file = /var/run/rsyncd.pid > lock file = /var/run/rsync.lock > read only=yes > uid=nobody > gid=nobody > > to > > log file = /var/log/rsyncd.logss > pid file = /var/run/rsyncd.pid > lock file = /var/run/rsync.lock > read only=yes > uid=nobody > gid=nobody > > for the test, then the log file use rsyncd.logss and I see inside: > > webfarm1# more /var/log/rsyncd.logss > 2002/02/06 11:57:30 [12838] rsyncd version 2.5.2 starting, listening on port > 873 > > So, I am not sure that I follow up 100% yet. The --daemon is seeing the rsyncd.conf, but the client never talks to that process if you're using the ":" syntax. - Dave Dykstra
