-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
20 lines (15 loc) · 982 Bytes
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
rsync-server-wrapper: minimal privilege "rsync --server" chroot wrapper
-----------------------------------------------------------------------
This is rsync-server-wrapper, a wrapper for the rsync command that can be
used as a shell for minimum privilege rsync-over-ssh users. It works by
requiring that the first parameter to the rsync command is "--server".
It requires that the ssh daemon perform the chroot. See the ChrootDirectory
option in the sshd_config(5) man page.
It also requires that a ".rsync-server-wrapper-ok" file appear at the
top-level of the chroot. This ensures that rsync-server-wrapper isn't
mistakenly executed outside of the chroot.
The path to the rsync binary to be executed is hardcoded as "/bin/rsync".
(This is the path inside the chroot.)
It is recommended that the chroot binary be a statically linked binary.
Otherwise additional files (dynamic loader, runtime library dependencies)
will be needed inside the chroot in order to execute rsync.