rsync as root (Was: [CentOS-mirror] New Mirror)

Wed Aug 6 23:52:16 UTC 2008
H. Peter Anvin <hpa at zytor.com>

Keld Jørn Simonsen wrote:
> 
> I would also like to run rsync as non-root, although I run it as root
> now.
> 
> I would like to do:
> 
> start rsync standalone
> connect to port 873
> possibly chroot
> run as nobody
> 
> Is that possible? I understand that rsync changes from root to some
> non-root uid when it starts transferring, but in the mode where it
> processes commands there is a window of opportunity to make it do things. 
> I would then like to close that window.

Nevermind the previous message.  If you want to chroot, you have to run 
as root -- capabilities could be used to close that hole, though, but I 
don't think that's supported in rsync yet.

	-hpa