On 13 Jun 2002, Dave Dykstra <[EMAIL PROTECTED]> wrote: > On Tue, Jun 11, 2002 at 06:05:37PM +0100, Tom Worley wrote: > > On Tuesday 11 June 2002 5:24 pm, you wrote: > > > Tom: You just need to tell rsync to use numeric IDS, or else make a /etc > > > in the chroot root, so that names can be resolved (it's chrooted, so it > > > can't see the real /etc... ever notice the /etc in anon ftp sessions?). By > > > default, rsync uses the names, rather than the numbers, since it was > > > developed as a mirroring tool, where you might be mirroring a system where > > > the ids don't match. If it's not told to use numeric ids, it will attempt > > > to resolve names to local numeric ids, and use them, else it uses the euid > > > and egid of the rsync process. > > > > Tim, I had already tried that with no joy, e.g.: > > > > rsync --delete-excluded --delete -essh -avzog --numeric-ids /home/admin/ > > test@localhost:/home/backup > > > > Same results, all files are owned by root as rsync is SUID root in the chroot > > enviroment. There is an /etc/passwd in there, but only with root and the test > > user's entries. > > Oh, and I'm using linux 2.4.18 kernel, chroot 2.0.11, rsync 2.5.6CVS (from > > debian sid packages)
I suspect some kind of bug with real vs effective uids. I'm not how that script will cause them to be set, but it may be eff=root, real=testluser. In that case rsync will probably get pretty confused, because I think it calls getuid() and will therefore think it's not root, even though it is. As Dave says, this is not a supported mode of operation: rsync wants to either be root, or not, but not halfway. > rsync is not designed to run setuid-root so I'm not surprised that it > behaves strangely. It might help to write a small setuid-root wrapper > program that sets the real user id to root and execs rsync. > > In general it's a bad idea to make a program setuid if it isn't designed > for it. .. and that's putting it politely! Manipulating uids from shell scripts is a bad idea, for large values of 'bad'. -- Martin The total cost of the development work on Olestra has been estimated at $200M. -- http://www.ifst.org/hottop13.htm -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html