GNU Rush – a restricted user shell. (split by section): Section: Back: 6.1 scp Forward: 6.3 sftp Chapter: FastBack: 6. Usage Tips Up: 6. Usage Tips FastForward: 7. Test Mode Doc: Contents: Table of Contents Index: Concept Index   ?

6.2 rsync

On the server side, rsync is executed with the ‘--server’ command line option. In addition, when copying files from the server, the ‘--sender’ option is used. This allows to discern between incoming and outgoing requests.

In our setup, rsync is used the same way as scp, so the two rules will be:

 
rule rsync-incoming
  command ^rsync --server
  command ! --sender
  match[$] /incoming/
  match[$] ! \.\./
  transform[0] s|^|/usr/bin/|
  transform[$] s|^|/home/ftp/|

rule rsync-home
  command ^rsync
  match[$] ! ^[^/]
  match[$] ! \.\./
  transform[0] s|^|/usr/bin/|
  transform[$] s|^|public_html/|
  chdir ~

The trap rules for rsync are trivial:

 
rule rsync-to-trap
  command ^rsync
  command --sender
  exit Error: Downloads from this directory prohibited

rule rsync-from-trap
  command ^rsync
  exit Error: Uploads to this directory prohibited
GNU Rush – a restricted user shell. (split by section): Section: Back: 6.1 scp Forward: 6.3 sftp Chapter: FastBack: 6. Usage Tips Up: 6. Usage Tips FastForward: 7. Test Mode Doc: Contents: Table of Contents Index: Concept Index   ?
This document was generated by Sergey Poznyakoff on July, 8 2010 using texi2html 1.78.

Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.