Hi Bob,
thanks. That was it. Meanwhile I even found it from the horse's mouth:
"The default when run by a super-user is to switch to the system's
"nobody" user." See: https://www.samba.org/ftp/rsync/rsyncd.conf.html
In a nutshell, rsync is doing work as nobody specifically run as root.
That's why the "o" - flags matter. I think one should add the "read only
= yes" option, too. Just in case when somebody gets access to the backup
server, he can't do rogue restore everywhere.
BR,
Sebastian
Am 27.03.2015 um 13:00 schrieb openindiana-discuss-requ...@openindiana.org:
Message: 2
Date: Thu, 26 Mar 2015 08:34:01 -0500 (CDT)
From: Bob Friesenhahn<bfrie...@simple.dallas.tx.us>
To: Discussion list for OpenIndiana
<openindiana-discuss@openindiana.org>
Subject: Re: [OpenIndiana-discuss] rsyncd configuration
Message-ID:
<alpine.gso.2.01.1503260825260.4...@freddy.simplesystems.org>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Thu, 26 Mar 2015, Sebastian Gabler wrote:
>Hi,
>
>I am trying to solve a problem that i have ignored for quite a long time. The
>issue is that "messages" are flooded with rsync permission errors, and that
>some files are not backed up properly. What I have found so far is the
>following:
>- rsyncd is running as "root"
Check your rsyncd.conf file. For example, one of my rsyncd.conf files
starts with:
uid = nobody
gid = nobody
so that rsync changes its effective uid to 'nobody' before doing
anything. This is pretty common since rsyncd is often used in
evironments with untrusted users.
On another rsyncd.conf file which is used to successfully transfer ssh
private key files, I am using
uid = root
gid = root
Bob
-- Bob Friesenhahn bfrie...@simple.dallas.tx.us,
http://www.simplesystems.org/users/bfriesen/ GraphicsMagick
Maintainer, http://www.GraphicsMagick.org/
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
