I was wondering if it's possible to restrict rsync in various ways on the server side when it is invoked via ssh. Two restrictions I had in mind are disallowing deletes and/or restricting all actions to a particular subdirectory. I was hoping to be able to do this without having to be root (for a chroot) or having to set up special sshd server instances/chroots.
If there's not already a way to do this, one possibility I had thought of is a ssh key command= wrapper, so that you could generate an ssh key like this: command="rsync-ssh-wrapper --root=/home/foo/bar --disable-delete",... and then when invoked rsync-ssh-wrapper would then look at SSH_ORIGINAL_COMMAND to see the actual incoming request (presuming there were any relevant options there; are rsync --server invocations documented anywhere?), and combine that with the wrapper options to decide how to invoke rsync --server. Of course this approach presumes that rsync --server would support suitable arguments. Is there interest in such a facility? It seems like something similar might be useful for sftp and scp as well, but I haven't managed to think of a way to implement a common solution. Also, I could imagine that this solution for rsync might be somewhat difficult to implement (perhaps complicated by symlinks, etc.), but it's the best thing I've thought of so far. Thanks -- Rob Browning rlb @defaultvalue.org, @linuxdevel.com, and @debian.org Previously @cs.utexas.edu GPG starting 2002-11-03 = 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4 -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html
