Current Lucid rsync client: da...@ubuntu:~$ rsync --version rsync version 3.0.7 protocol version 30
I'm not 100% clear on the exact implications of doing this, but it appears that forcing the rsync client to downgrade to the older version 29 rsync protocol does enable scponly-full chrooted rsync. Verbose client output: da...@ubuntu:~$ rsync -r --protocol=29 dir1 scponly-patc...@localhost:/incoming scponly-patc...@localhost's password: scponly[1596]: chrooted binary in place, will chroot() scponly[1596]: 3 arguments in total. scponly[1596]: arg 0 is scponlyc scponly[1596]: arg 1 is -c scponly[1596]: arg 2 is rsync --server -r . /incoming scponly[1596]: opened log at LOG_AUTHPRIV, opts 0x00000029 scponly[1596]: determined USER is "scponly-patched" from environment scponly[1596]: retrieved home directory of "/home/scponly-patched" for user "scponly-patched" scponly[1596]: chrooting to dir: "/home/scponly-patched" scponly[1596]: chdiring to dir: "/" scponly[1596]: setting uid to 1002 scponly[1596]: processing request: "rsync --server -r . /incoming" scponly[1596]: Using getopt processing for cmd /usr/bin/rsync (username: scponly-patched(1002), IP/port: ::1 38334 22) scponly[1596]: getopt processing returned '?' (username: scponly-patched(1002), IP/port: ::1 38334 22) scponly[1596]: getopt processing returned '?' (username: scponly-patched(1002), IP/port: ::1 38334 22) scponly[1596]: Found "HOME" and setting it to "/home/scponly-patched" scponly[1596]: Environment contains "HOME=/home/scponly-patched" scponly[1596]: Looking for 'HOME=' in 'HOME=/home/scponly-patched' scponly[1596]: 'HOME' env entry now reads 'HOME=/home/scponly-patched' scponly[1596]: set non-chrooted HOME environment variable to /home/scponly-patched (username: scponly-patched(1002), IP/port: ::1 38334 22) scponly[1596]: running: /usr/bin/rsync --server -r . /incoming (username: scponly-patched(1002), IP/port: ::1 38334 22) scponly[1596]: about to exec "/usr/bin/rsync" (username: scponly-patched(1002), IP/port: ::1 38334 22) Verbose server auth.log output: Nov 2 09:32:58 ubuntu sshd[1580]: Accepted password for scponly-patched from ::1 port 38334 ssh2 Nov 2 09:32:58 ubuntu sshd[1580]: pam_unix(sshd:session): session opened for user scponly-patched by (uid=0) Nov 2 09:32:58 ubuntu scponly[1596]: chrooted binary in place, will chroot() Nov 2 09:32:58 ubuntu scponly[1596]: 3 arguments in total. Nov 2 09:32:58 ubuntu scponly[1596]: #011arg 0 is scponlyc Nov 2 09:32:58 ubuntu scponly[1596]: #011arg 1 is -c Nov 2 09:32:58 ubuntu scponly[1596]: #011arg 2 is rsync --server -r . /incoming Nov 2 09:32:58 ubuntu scponly[1596]: opened log at LOG_AUTHPRIV, opts 0x00000029 Nov 2 09:32:58 ubuntu scponly[1596]: determined USER is "scponly-patched" from environment Nov 2 09:32:58 ubuntu scponly[1596]: retrieved home directory of "/home/scponly-patched" for user "scponly-patched" Nov 2 09:32:58 ubuntu scponly[1596]: chrooting to dir: "/home/scponly-patched" Nov 2 09:32:58 ubuntu scponly[1596]: chdiring to dir: "/" Nov 2 09:32:58 ubuntu scponly[1596]: setting uid to 1002 Nov 2 09:32:58 ubuntu scponly[1596]: processing request: "rsync --server -r . /incoming" Nov 2 09:32:58 ubuntu scponly[1596]: Using getopt processing for cmd /usr/bin/rsync#012 (username: scponly-patched(1002), IP/port: ::1 38334 22) Nov 2 09:32:58 ubuntu scponly[1596]: getopt processing returned '?' (username: scponly-patched(1002), IP/port: ::1 38334 22) Nov 2 09:32:58 ubuntu scponly[1596]: getopt processing returned '?' (username: scponly-patched(1002), IP/port: ::1 38334 22) Nov 2 09:32:58 ubuntu scponly[1596]: Found "HOME" and setting it to "/home/scponly-patched" Nov 2 09:32:58 ubuntu scponly[1596]: Environment contains "HOME=/home/scponly-patched" Nov 2 09:32:58 ubuntu scponly[1596]: Looking for 'HOME=' in 'HOME=/home/scponly-patched' Nov 2 09:32:58 ubuntu scponly[1596]: 'HOME' env entry now reads 'HOME=/home/scponly-patched' Nov 2 09:32:58 ubuntu scponly[1596]: set non-chrooted HOME environment variable to /home/scponly-patched (username: scponly-patched(1002), IP/port: ::1 38334 22) Nov 2 09:32:58 ubuntu scponly[1596]: running: /usr/bin/rsync --server -r . /incoming (username: scponly-patched(1002), IP/port: ::1 38334 22) Nov 2 09:32:58 ubuntu scponly[1596]: about to exec "/usr/bin/rsync" (username: scponly-patched(1002), IP/port: ::1 38334 22) Nov 2 09:32:58 ubuntu sshd[1595]: Received disconnect from ::1: 11: disconnected by user Nov 2 09:32:58 ubuntu sshd[1580]: pam_unix(sshd:session): session closed for user scponly-patched This may be a potential workaround. The last release of an rsync with version 29 protocol was 4 years ago: http://rsync.samba.org/ftp/rsync/src/rsync-2.6.9-NEWS And version 30 was introduced here: http://rsync.samba.org/ftp/rsync/src/rsync-3.0.0-NEWS There may be some features added or bugs addressed since version 29 that may make this impractical. ** Bug watch added: Debian Bug tracker #576629 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576629 -- Scponly-full preventing rsync due to "-e" option https://bugs.launchpad.net/bugs/670015 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
