Hello, I am trying to run rsync under my own userid on a high-numbered port. The problem is that, when I use the --daemon option, I get an error saying that a chroot() call failed. My config file does *not* have any chroot call in it. How can I avoid a chroot() invocation when running as a normal non-root user? Thanks in advance for any advice! -- Daniel Ortmann, LSI Logic, 3425 40th Av NW, Suite 200, Rochester MN 55901 work: Daniel.Ortmann@lsil.com / 507.535.3861 / 63861 int / 8012.3861 gdds home: ortmann@venturecs.net / 507.288.7732, 2414 30Av NW #D, Rochester MN 55901
Ok, I figured out the answer, and as a result I have a suggestion:
The rsyncd.conf documentation for "use chroot" should specify that:
"use chroot = yes" is the default.
To: rsync@samba.org
Subject: an unwanted chroot() call
From: Daniel Ortmann <dortmann@lsil.com>
Date: 12 Nov 2003 14:01:25 -0600
Message-ID: <hc6ekwdicfe.fsf@praxis.lsil.com>
> Hello,
>
> I am trying to run rsync under my own userid on a high-numbered port.
> The problem is that, when I use the --daemon option, I get an error
> saying that a chroot() call failed.
>
> My config file does *not* have any chroot call in it.
>
> How can I avoid a chroot() invocation when running as a normal non-root
> user?
>
> Thanks in advance for any advice!
--
Daniel Ortmann, LSI Logic, 3425 40th Av NW, Suite 200, Rochester MN 55901
work: Daniel.Ortmann@lsil.com / 507.535.3861 / 63861 int / 8012.3861 gdds
home: ortmann@venturecs.net / 507.288.7732, 2414 30Av NW #D, Rochester MN 55901
Daniel Ortmann wrote:>Ok, I figured out the answer, and as a result I have a suggestion: > >The rsyncd.conf documentation for "use chroot" should specify that: > > "use chroot = yes" is the default. > > >Oh, but it does. Quote from man rsyncd.conf use chroot If "use chroot" is true, the rsync server will chroot to the "path" before starting the file transfer with the client. This has the advantage of extra protection against possible implemen- tation security holes, but it has the disadvantages of requiring super-user privileges, of not being able to follow symbolic links outside of the new root path when reading, and of implying the --numeric-ids option because /etc/passwd becomes inaccessi- ble. When "use chroot" is false, for security reasons symlinks may only be relative paths pointing to other files within the root path, and leading slashes are removed from absolute paths. The default for "use chroot" is true.
Lao Coon <laocoon@fastmail.fm> writes:> Daniel Ortmann wrote: > >> Ok, I figured out the answer, and as a result I have a suggestion:>> The rsyncd.conf documentation for "use chroot" should specify that: >> >> "use chroot = yes" is the default. >> >>> Oh, but it does. Quote from man rsyncd.conf> use chroot > If "use chroot" is true, the rsync server will chroot to the > "path" before starting the file transfer with the client. This > has the advantage of extra protection against possible implemen- > tation security holes, but it has the disadvantages of requiring > super-user privileges, of not being able to follow symbolic > links outside of the new root path when reading, and of implying > the --numeric-ids option because /etc/passwd becomes inaccessi- > ble. When "use chroot" is false, for security reasons symlinks > may only be relative paths pointing to other files within the > root path, and leading slashes are removed from absolute paths. > The default for "use chroot" is true.Sorry. Somehow I missed it. :-/ Maybe chroot, both yes and no, could be use in the examples? -- Daniel Ortmann, LSI Logic, 3425 40th Av NW, Suite 200, Rochester MN 55901 work: Daniel.Ortmann@lsil.com / 507.535.3861 / 63861 int / 8012.3861 gdds home: ortmann@venturecs.net / 507.288.7732, 2414 30Av NW #D, Rochester MN 55901