thanks,
i have to admit i have underestimated rrsync.? looks like a powerful
tool, and testing looks quite promsing.
it seems i need to do only minimal changes to our backup solution.
unfortunately, rrsync is not available on some platforms like macos, not
even homebrew rsync 3.4.1 does bundle it (yet).
regards
Roland
Am 08.04.26 um 18:22 schrieb Kevin Korb via rsync:> You can do this by restricting the ssh key to rrsync (comes with rsync
> in the contrib dir).? It has a read only and a write only mode. If the
> path you give it is / then it is pretty much transparent unless one of
> those options is also used.
>
> Otherwise, you can use the rsyncd over ssh setup which is kinda ugly
> and would require the same forcing method to not just be optional.
>
> On 4/8/26 12:18, RolandK via rsync wrote:
>> Hello,
>>
>> we are using rsync mostly exclusively for packup purpose in "pull
>> mode" , run via script from a central backup server.
>>
>> for that, we typically have allowed remote root login via ssh key.?
>> rsync from the backup server pulls data from all hosts to be backed
>> up via ssh/rsync remote pipe.
>> it's running great for years in conjunction with zfs + inplace +
>> rotating snapshots.
>>
>> besides the fact that we can use ssh security features to restrict
>> what commands can be run from remote - i am curious:
>>
>> wouldn't it be an interesting idea to have some feature/switch in
>> rsync, which can globally (on a per host basis) turn rsync
>> into??"read-only" mode,
>> i.e. which makes rsync binary drop any capability of using
>> write/modify/ delete syscalls ?? maybe via some hard-coded
>> /etc/rsync.conf , checked on startup ?
>>
>> does this sound reasonable and wold someone find this useful , too ?
>>
>> regards
>> roland
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.samba.org/pipermail/rsync/attachments/20260409/a64d378a/attachment.htm>