[CentOS] rsync and selinux
Daniel J Walsh
dwalsh at redhat.com
Mon Jan 7 16:29:27 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/07/2013 10:41 AM, m.roth at 5-cent.us wrote:
> lhecking at users.sourceforge.net wrote:
>>
>>> I use rsync extensively to transfer entire systems from and to SElinux
>>> enforcing environments and have never had a problem with reads using
>>> rsync when logged on as the root user. My typical command line is some
>>> variation of the following:
>>>
>>> /usr/bin/rsync -avX --delete-after --specials --times \
>>> --exclude-from=/root/rsync.d/exclude.list \ 192.168.216.29:/* /.
>>
>> (-a includes --times :)
>>
>>> Are you connecting as the root user?
>>
>> I'm connecting in daemon mode since I'm using pre-defined modules. Any
>> other solution requires either a password or setting up passwordless
>> ssh, which I'm not inclined to do in this case. The purpose here is
>> automation.
>
> Over here, we have a key we use only for backups with rsync, and we
> restrict what commands can be run with that key to rsync.
>
> mark
>
> _______________________________________________ CentOS mailing list
> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos
>
Seemed to be worthy of a blog
http://danwalsh.livejournal.com/61646.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlDq9+cACgkQrlYvE4MpobP2LgCgmj4zjsUNmqhV+wNyMcpDUzE7
TY0AnjeBlsW0Ae8cxPbZebf5NEugti4E
=xvKd
-----END PGP SIGNATURE-----
More information about the CentOS
mailing list