On Thu, Sep 10, 2015 at 12:58:52AM +0200, Alexander Hall wrote: > I'm going wide with this diff I've been pushing for quite some time now. > > Is *anyone* but me using rdump(8) + rmt(8)?
I use dump(8) for doing remote backup, but I don't use rmt(8), due to plaintext storage on remote side. > *If you are currently using rdump/rrestore + rmt, I urge you to test > this diff to make sure it causes no regression. It shouldn't, but > you've been warned. > > So, anyway, this diff allows running a restricted rmt(8), in my case > for remote dumps over ssh, a.k.a rdump(8). > > For restricting rmt(8) when dumping/restoring to/from a remote machine: > > -d <directory> confines rmt to operate within a single directory. > -r enforces read-only mode. > -w enforces write-only mode. > > With this, rmt could be used with the following (simplified) > .ssh/authorized_keys entries > > command="/etc/rmt -wd /dumps/host/foo" ssh-ed25519 ...dumpkey... > command="/etc/rmt -rd /dumps/host/foo" ssh-ed25519 ...restorekey... > > This has the major advantage that a remote user cannot ever destroy or > manipulate former backups. A bit more detail is in the man page. > > OK? > I will try to get time soon to review it a bit. -- Sebastien Marie