rsync as root (Was: [CentOS-mirror] New Mirror)

Wed Jul 30 01:46:44 UTC 2008
mirror-maintainer at mirror.averse.net <mirror-maintainer at mirror.averse.net>

On Tue, 29 Jul 2008, Olivier Thauvin wrote:

>>> Your rsync user - don't run rsync as root!  And don't run it as your
>>> web/ftp service account either.
>>
>> I can understand not running rsync in daemon mode as root but what is
>> the problem with running the rsync client as root?
>
> There is many reasons:
[snip]

Thanks Olivier.  Although this question wasn't asked, I'd add a reason not 
to run as the web/ftp service account, which is to ensure that the web/ftp 
service is unable to access the content if it isn't world readable; eg 
when content is made available to mirrors before public announcements, and 
a permission bitflip is used to make the content available on the release 
date.

Ironically, I do run rsync --daemon as root for a few reasons:
- use chroot=true
- listen on port 873
- specify per-module uid, gid

Admittedly, I could manually chroot the daemon to the entire mirror 
tree before running it as a regular user, and I could do some port 
forwarding or iptables stuff and run rsyncd on a high port, and use a 
common nobody-like account for all modules...

What do you guys do?