rsync using sudo.

gary artim gartim at gmail.com
Sun Feb 1 05:37:08 UTC 2009 

On Sat, Jan 31, 2009 at 9:27 PM, gary artim <gartim at gmail.com> wrote:
> On Sat, Jan 31, 2009 at 8:43 PM, gary artim <gartim at gmail.com> wrote:
>> On Sat, Jan 31, 2009 at 5:54 PM, Mikkel L. Ellertson
>> <mikkel at infinity-ltd.com> wrote:
>>> gary artim wrote:
>>>> /usr/bin/rsync --stats -ae "ssh" --rsync-path="sudo /usr/bin/rsync"
>>>> /my  rsync at host1:/backup/my
>>>>
>>>> I'm running the above command as user rsync (on both the local and
>>>> remote system). Both rsync
>>>> users are in /etc/sudoers and permitted to run the command as root
>>>> /usr/bin/rsync and I have
>>>> ssh-kegen stuff setup correctly.  tested aka: ssh host1 who (no passwd
>>>> asked for)
>>>>
>>>> The problem: the local files get permission denied on root owned files
>>>> subdirs. If I add
>>>> sudo /usr/bin/rsync --stats -ae "ssh" --rsync-path="sudo
>>>> /usr/bin/rsync" /my  rsync at host1:/backup/my
>>>>
>>>> I get prompted for a ssh passwd. Has anyone solved or done this?
>>>>
>>>> Any help would be great!
>>>>
>>>> -- Gary
>>>>
>>> You could try the -E option of sudo when using the second form.
>>>
>>> -E  The -E (preserve environment) option will override the env_reset
>>> option in sudoers(5)). It is only available when either the matching
>>> command has the SETENV tag or the setenv option is set in sudoers(5).
>>>
>>> This should preserve your ssh=agent settings. Now, if you are using
>>> a private key without a password, you can add the key to roots
>>> secure keyring. Then you should not need the -E option...
>>>
>>> Mikkel
>>
>> Thanks much I'll try it out and report back...Gary
>>
>
> Hi Mikkel --
>
> tried:
> sudo -E /usr/bin/rsync --stats -ae "ssh" --rsync-path="sudo
> /usr/bin/rsync" /my  rsync at genepinfs:/backup/my
>
> after added to /etc/sudoers:
> rsync   ALL=(ALL)       NOPASSWD: SETENV: /usr/bin/rsync
>
> still get a prompt for a password for the remote machine. If I remove
> the 'sudo -E' in the
> beginning it doesn't ask for a password on the remote machine, but
> authorization on the local machine
> doesn't work (as root), if the rsync user has permissions all is well
> on both ends.
>
>  Is this the correct way to set setenv?
>
> Thanks for the help,
> -- Gary
>

if I do:

/usr/bin/rsync --stats -ae  /my  /tmp

All power is given to the rsync user as root. Many of the files are
owned by root in /my


Just more info...Gary

More information about the fedora-list mailing list