First, what you're missing. as i had speculated, it is the word
"use".
The line that reads
"
chroot = yes
"
should read
"
use chroot = yes
"
As for the uid and gid, that is up to you. The module is defined
read-only, so rsyncd can't be used to modify anything, but if there are
things inside that module that you don't want to have visible through
rsyncd, you'll need to choose a uid and/or gid that cannot see them, or
else exclude them.
If you do not specify otherwise, it will be '-2', which is usually
"nobody".
I usually avoid giving root privilege to anything that does not require
it, but if the data is non-sensitive and read-only, and owned by more than
one user, with the possibility of not having read permission, and you're
running chrooted, so that nobody can use the module to peek outside the
module tree, i reckon root is about the only solution, short of breaking
each users areas out into individual modules, running as the owner of the
module, or regularly enforcing open reading permission for a uid or gid,
down through the tree.
Now, as you mention "all system backup", i wonder if you're
talking about
a module with the path "/". If you are, and you make that run as
root,
your passwd hashes will be downloadable for easier hacking. I'd suggest
that you exclude the files containing the passwd hashes, and if you must
back up passwords, use gpg or something to make encrypted copies of the
files which you can back up. I'll leave it to you to secure and preserve
the encryption keys.
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
? ?? <shakey001@yahoo.co.kr>
01/23/2002 02:58 AM
To: Tim Conway/LMT/SC/PHILIPS@AMEC
cc: rsync@lists.samba.org
rsync-admin@lists.samba.org
Subject: Re: What is mean this messages?
Classification:
thank you.
This is my rsyncd.conf file.
I used with chroot. I run rsynd without chroot command
line at saw your mail. but I guess what use chroot
command. I thing chang path moved by chroot.
and I make rsyncd.conf file after viewed manual.
What is my missing?
I am sorry, one more.
I thing rsyncd daemon get uid,gid then what is uid,gid
for all system backup. root?, nobody?
====================================[home]
path = /path/of/dir
comment = dir
uid = nobody
gid = nobody
chroot = yes
read only = yes
hosts allow = xxx.xxx.xxx.xxx
max connections = 1
===================================
have a nice day.
--- tim.conway@philips.com wrote: > Looks like an
error in your rsyncd.conf file. I'm> guessing that a "use
> chroot =" line is missing its "use". toss me a
> copy, and i'll take a
> look, if that isn't it.
>
> Tim Conway
> tim.conway@philips.com
> 303.682.4917
> Philips Semiconductor - Longmont TC
> 1880 Industrial Circle, Suite D
> Longmont, CO 80501
> Available via SameTime Connect within Philips, n9hmg
> on AIM
> perl -e 'print pack(nnnnnnnnnnnn,
>
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),>
> ".\n" '
> "There are some who call me.... Tim?"
>
>
>
>
> ? ?? <shakey001@yahoo.co.kr>
> Sent by: rsync-admin@lists.samba.org
> 01/21/2002 10:19 PM
>
>
> To: rsync@lists.samba.org
> cc: (bcc: Tim Conway/LMT/SC/PHILIPS)
> Subject: What is mean this messages?
> Classification:
>
>
>
> Hello, evevryone.
>
> thank you for your mails.
>
> I used rsync(rsync-2.4.6-2) for backup Server.(My
> Linux is RedHat7.1)
> I am very comfortable backup system by rsync.
> but, I saw this messages in use rsyncd
> daemon.(/var/log/messages)
> I don't know mean this messages.
> but, It is right use rsyncd. and
> I used rsyncd at every day. but this messages writed
> log at every minute(?) or every time.
>
> What should i do?
>
> =========================messages ==>
> Jan 22 13:59:52 ux001 rsyncd[10868]: IGNORING
> unknown
> parameter "chroot"
> Jan 22 13:59:52 ux001 rsyncd[10868]: Unknown
> Parameter
> encountered: "chroot"
> Jan 22 13:59:52 ux001 rsyncd[10868]: IGNORING
> unknown
> parameter "chroot"
> Jan 22 13:59:52 ux001 rsyncd[10868]: Unknown
> Parameter
> encountered: "chroot"
> Jan 22 13:59:52 ux001 rsyncd[10868]: IGNORING
> unknown
> parameter "chroot"
> Jan 22 13:59:52 ux001 rsyncd[10868]: Unknown
> Parameter
> encountered: "chroot"
> Jan 22 13:59:52 ux001 rsyncd[10868]: IGNORING
> unknown
> parameter "chroot"
> =========================== cut
>
> I'm sorry, I can write eng a little.
> thank you.
>
>
_____________________________________________________________________> ??? ??? ?? ????? ??? ??? ???~
> - ??! ???
> http://education.yahoo.co.kr/
> ???? ????? ???? ? ??? - ??! ??
> http://kr.chat.yahoo.com/
>
>
>
>
_____________________________________________________________________
??? ??? ?? ????? ??? ??? ???~ - ??! ???
http://education.yahoo.co.kr/
???? ????? ???? ? ??? - ??! ??
http://kr.chat.yahoo.com/