Package: rssh Version: 2.3.2-2 Severity: important I have two servers which sync a directory tree using rsync.
Server A is the target (mirror) server. Is a Debian Stable (Etch). Has an user account (bkpns1) which is restricted to use only rsync. Server B is the source server. Is a Debian Testing (Lenny). As a cron job it executes an rsync to mirror part of the filesystem to server B using the username (bkpns1) and ssh certificates for automatic login. It's all been working like a charm until recently rsync was updated to 3.0.0 on testing so server B got it. Now I get this: On server B (executing rsync): insecure -e option not allowed. This account is restricted by rssh. Allowed commands: rsync If you believe this is in error, please contact your system administrator. rsync: connection unexpectedly closed (0 bytes received so far) [sender] rsync error: error in rsync protocol data stream (code 12) at io.c(600) [sender=3.0.0] Warning: Permanently added the RSA host key for IP address '83.38.48.87' to the list of known hosts. On server A (target server, using rssh), on the syslog: Mar 20 10:10:03 srv rssh[9637]: setting log facility to LOG_USER Mar 20 10:10:03 srv rssh[9637]: allowing sftp to all users Mar 20 10:10:03 srv rssh[9637]: allowing rsync to all users Mar 20 10:10:03 srv rssh[9637]: setting umask to 022 Mar 20 10:10:03 srv rssh[9637]: chrooting all users to /var/www Mar 20 10:10:03 srv rssh[9637]: line 52: configuring user bkpns1 Mar 20 10:10:03 srv rssh[9637]: setting bkpns1's umask to 011 Mar 20 10:10:03 srv rssh[9637]: allowing rsync to user bkpns1 Mar 20 10:10:03 srv rssh[9637]: insecure -e option in rdist command line! Mar 20 10:10:03 srv rssh[9637]: user bkpns1 attempted to execute forbidden commands Mar 20 10:10:03 srv rssh[9637]: command: rsync --server -vlogDtprze.iL --bwlimit=15 --delete-excluded --partial . /bkps/bkpns1 If I try to execute directly rsync from B to A using an standard account (not restricted by ssh) it works. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages rssh depends on: ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii openssh-server 1:4.3p2-9 Secure shell server, an rshd repla rssh recommends no packages. -- debconf information: * rssh/secnote: rssh/update-10: rssh/update-config-pre-2.2: * rssh/chroot_helper_setuid: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
