From owner-freebsd-questions Tue Nov 27 11:12: 6 2001 Delivered-To: freebsd-questions@freebsd.org Received: from shikima.mine.nu (pc1-card4-0-cust77.cdf.cable.ntl.com [62.252.49.77]) by hub.freebsd.org (Postfix) with ESMTP id 6C84C37B417 for ; Tue, 27 Nov 2001 11:12:03 -0800 (PST) Received: from rasputin by shikima.mine.nu with local (Exim 3.33 #1) id 168ng0-0002u4-00 for questions@freebsd.org; Tue, 27 Nov 2001 19:13:52 +0000 Date: Tue, 27 Nov 2001 19:13:52 +0000 From: Rasputin To: questions@freebsd.org Subject: rsync as a remote backup tool Message-ID: <20011127191352.A11126@shikima.mine.nu> Reply-To: Rasputin Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi there we're playing around with rsync as a backup tool at work. It's awesome as far as smart use of bandwidth goes, but if we want to preserve permissions, etc we need to run it as root. (Also we can't see the entire remote directory tree to copy it otherwsie) We use SSH as a transport, and I've been using a paswordless RSA key to let it run from cron - just wondered if there was a way to avoid running this as root with a blank 'get root free' key? I know of a few ways to restrict what a user can run, but I'm not sure how to find out what commands rsync is using? I know it's not FreeBSD-specific, but wondered if anyone here was doing something similar and had found a safe(r) way of doing it? Cheers. (please cc me in on replies - ta). -- Turnaucka's Law: The attention span of a computer is only as long as its electrical cord. Rasputin :: Jack of All Trades - Master of Nuns :: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message