I've encountered a similar situation, and tracked it down. It seems that if the shell for your user is set to bash2 versions 2.0 -> 2.05.0, it causes your IP to appear as 0.0.0.0 . However, this has been fixed in 2.05b.0, and also works as normal in every other shell I've tested (zsh, csh, bash v1.x, ash). When I use SSH keys, I use a forced command, with a from address, but I also use the rsync hosts allow/deny so that the keys can be used to access some shares from some machines, and some from others. the 2.05b version can be found at http://www.gnu.org/directory/GNU/bash.html . Hope that helps.
> On Tue, Jan 27, 2004 at 04:31:53PM -0800, AI Connex wrote: >> I use rsync to mirror several servers. >> >> I run RH7.3 >> >> My rsyncd.conf file is: >> >> motd file = /etc/rsync.d/rsync.motd >> log file = /var/log/rsyncd.log >> pid file = /var/run/rsyncd.pid >> lock file = /var/run/rsync.lock >> hosts allow = 10.1.2.200 10.1.2.201 >> hosts deny = 0.0.0.0/0.0.0.0 >> use chroot = yes >> max connections = 3 >> #syslog facility = >> >> [website] >> path = /var/www/website >> comment = Connex Live WWW Server >> uid = nobody >> gid = nobody >> read only = no >> list = yes >> auth users = someone,root >> secrets file = /etc/rsync.d/rsync.secrets >> >> >> I use the --rsh=ssh option to use a ssh protocol >> >> A typical script contains: >> >> #!/bin/ash >> PATH=/usr/local/bin:/bin:/usr/bin >> ### Setting user >> USER=root >> >> echo Synchronizing Website >> #echo >> >> rsync --rsh=ssh \ >> --password-file=/root/.rsyncpwd \ >> --compress --recursive --times --perms --links --owner --group \ >> --include "web_order*" --include "web_user.*" --include >> "web_user_c*" --include "web_user_h*" \ >> --include "web_user_l*" --include "web_org*" --include "web_in*" >> --include >> "web_quote*" \ >> --include "quick_connect.*" \ >> --exclude "*" \ >> 10.1.2.190::website /var/www/website >> >> >> Everything worked perfectly. >> >> I am now getting the error >> @ERROR: access denied to server.domain.com from unknown (0.0.0.0) > > The question is, what changed? > >> If I changed the script so I do not use a ssh shell, everything works >> fine. >> >> I have hunted the web for a solution, but no joy. >> >> Please advise how I correct the problem. > > As near as i can tell it never should have worked because > a local connection, via ssh, would never be allowed access with "hosts > allow" clause unless perhaps one of the hosts listed were > 0.0.0.0 > > I've attached an UNTESTED patch (against CVS HEAD but should > be applicable to some older versions) that disables hosts > [allow|deny] for rsync over ssh so that the same config file > may be used for both ssh and direct socket connections. > > > > -- > ________________________________________________________________ > J.W. Schultz Pegasystems Technologies > email address: [EMAIL PROTECTED] > > Remember Cernan and Schmitt > -- > To unsubscribe or change options: > http://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html