Ah, I see. Sounds like you're down to either running as root on both ends, or ignoring errors.Or he could use SSH2 keys and an authorized_keys2 file, with ssh set to allow root on forced-command-only. This would prevent root logins, but allow a single box (or boxes) to rsync in and have read-only access to a specific share. Or you could create a passwordless uid 0 user specifically for this purpose. If you were really paranoid, the forced-command could be a script to check for abnormal behaviors and bail out if something is fishy. There's multiple layers of authentication (the key itself, the from-host of ssh, and the allowed host in rsync), and exactly what is backed up can be pretty locked down and chrooted to prevent intentional or unintentional misuse.
Have you considered using sudo such that the fileserver isn't actually logging into the backupserver as root, but only logging in as a heavily *un*privileged account which can do nothing but run a script chmodded 750 and chowned root.backup, which then sudo's rsync to do your bidding?
Tom
-- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
