[scponly] scponly and rsync

roger at rope.net roger at rope.net
Thu Sep 15 15:22:14 EDT 2005 

	I have one user that has been using scponly with rsync to do file
transfers to/from his website account. I have transferred his account from
a system using an older version of scponly, to one that's using the
latest. Everything is setup identically, except for the following:

Old home directory:	/home/websites/matter

New passwd file entry:	/home/websites/matter//website
New home directory:	/home/websites/matter/website
chroot directory:	/home/websites/matter

	His new home directory has the .ssh directory with empty
known_hosts file, with permissions and ownership as on the old system. He
can use sftp for access, and everything works. He cannot use the same
rsync command as before without getting errors:

> Command for old site was:
>   rsync -vturzn  \
>             -e 'ssh -v' \
>             ~/site/*
>             matter at www.materialisations.com:/website
>
> The -v argument to rsync, and the -v argument to ssh are just
> to increase verbosity.  The -n argument to rsync, tells it this is
> just a dry run (show what would be done).  The above command
> worked with the old site.  For the new site, the www becomes
> www2, and '/website' becomes just '/'.

	Here's the results:

Sep 15 16:35:33 nylon sshd(pam_unix)[2522]: session opened for user matter by (uid=0)
Sep 15 16:35:33 nylon [2523]: chrooted binary in place, will chroot()
Sep 15 16:35:33 nylon [2523]: 3 arguments in total.
Sep 15 16:35:33 nylon [2523]:   arg 0 is scponlyc
Sep 15 16:35:33 nylon [2523]:   arg 1 is -c
Sep 15 16:35:33 nylon [2523]:   arg 2 is rsync --server -vuntrz . /website
Sep 15 16:35:33 nylon [2523]: opened log at LOG_AUTHPRIV, opts 0x00000009
Sep 15 16:35:33 nylon [2523]: retrieved home directory of "/home/websites/matter//website" for user "matter"
Sep 15 16:35:33 nylon [2523]: chrooting to dir: "/home/websites/matter"
Sep 15 16:35:33 nylon [2523]: chdiring to dir: "/website"
Sep 15 16:35:33 nylon [2523]: setting uid to 512
Sep 15 16:35:33 nylon [2523]: processing request: "rsync --server -vuntrz . /website"
Sep 15 16:35:33 nylon [2523]: denied request: rsync --server -vuntrz . /website [username: matter(512), IP/port: 78.148.200.126 60463 22]
Sep 15 16:35:33 nylon sshd(pam_unix)[2522]: session closed for user matter

	Is there some special setup that must be used that's different
from what was previously required?

	Thanks.

-- 
Roger Walker
"HIS Pain - OUR Gain"

More information about the scponly mailing list