On Thu, 2017-08-03 at 10:00 -0700, Paul Rogers wrote: > I've not found a necessity to actually use rsync yet. I followed the > book's instructions and moved on, leaving it for "later". (I'd like to > be able to use it to make one backup/archive for my accounts on all my > systems, but it doesn't seem to have a robust "collision avoidance > system".) > > The book warns us about security concerns, but then proceeds to create a > /home/rsync directory, to which rsync would have FS RW access, and then > use that as a file distribution point, relying on rsync itself to > enforce the directory as RO. It does seem a little odd we assigning it > a "system" UID/GID, but a home directory in user-space /home. > > If we're trying to be security conscious, wouldn't the wiser course be > to set the rsync user's home /dev/null, then make a file "module" that > refers to a directory it does not have write access to in FS > permissions? Would rsync not work without a writable directory? > > Realizing the file distribution point is perhaps primarily just a very > basic example, I fear it may be a "tail wagging the dog" if it has > prompted giving rsync a FS writable directory. > > -- > Paul Rogers > [email protected] > Rogers' Second Law: "Everything you do communicates." > (I do not personally endorse any additions after this line. TANSTAAFL > :-)
I've been using rsync for years to do my system backups and in that time I've never used rsync daemon. So I'm not sure what the befits are to using it. Maybe there should be a blurb on why you would use it? Ssh with user key authentication is the way to go for me. If anyone is interested, I can post my backup script which includes snapshots. Regards, Wayne. -- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
