We currently use rsync in daemon mode running on linux boxes to provide a Windows client backup facility. Although restricted by IP range we have not setup username/password authentication (this would be too much to maintain for us) but I am aware that this is a security problem as any users with a knowledge of rsync could potentially retrieve other users files from the rsync windows backup module. I know there is a read only option that can be specified in rsyncd.conf - is there any way to make it upload only? Appologies is the answer is obvious. Tim --------------------------------- Yahoo! Messenger - Communicate instantly..."Ping" your friends today! Download Messenger Now
On Wed, Jan 14, 2004 at 09:32:37AM +0000, a a wrote:> I know there is a read only option that can be specified in > rsyncd.conf - is there any way to make it upload only?You can exclude everything from the download, like this: exclude = * That would prevent rsync of allowing any file to be downloaded. Files can still be sent to the server without restriction. The bad thing is that if you're worried about other people reading files they shouldn't, you should be worried about other people writing files they shouldn't. I'd recommend you switch the backup server over to a pull model. Have it grab files from each machine, either using ssh (with an authorized key to allow it to login without a password) or by running an rsync daemon on each machine that you want to backup and restricting who can connect to it just the backup server's IP. ..wayne..
Thanks for the suggestion Wayne - it's not one I was aware of and works. We can't use it though - every 20th backup, the program which runs rsync on the user client does --delete to remove dead files from the server. With exclude = * this doesn't work. Any other ideas? ________________________________________________________________________ Yahoo! Messenger - Communicate instantly..."Ping" your friends today! Download Messenger Now http://uk.messenger.yahoo.com/download/index.html