aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Reeve <matt@mreeve.com>2021-05-12 14:28:22 +0100
committerPolynomdivision <vincent@systemli.org>2021-05-14 18:45:03 +0200
commit081229aa09e28435d3d8802ce053a5d4eee8978a (patch)
treea3a44879544148acc310d0e7b58dd5e8da33811e
parent59f8342dae29532ae3d4357754a085d107112f80 (diff)
rsync: Add rrsync script
Rrsync is a perl script that is supplied as an extra with the rsync program. It must be used in conjunction with openssh-server or openssh-server-pam as it requires ~/.ssh/authorized_keys which is not supported by dropbear. Rrsync allows selective access to subdirectories in either read-only, write-only or read-write, depending on settings in authorized_keys. This allows for safe, restrictive access. It's particularly useful for automated backup purposes. An example usage would be this entry: command="/usr/bin/rrsync -ro /home" <public key here> This would allow a system connecting with this public key to be able to rsync FROM the /home directory tree only. It could not write to this directory, nor read from any other directory. Signed-off-by: Matt Reeve <matt@mreeve.com>
Diffstat
-rw-r--r--net/rsync/Makefile21
1 files changed, 21 insertions, 0 deletions
diff --git a/net/rsync/Makefile b/net/rsync/Makefile
index 5d3235a69..ca5257d03 100644
--- a/net/rsync/Makefile
+++ b/net/rsync/Makefile
@@ -69,6 +69,15 @@ define Package/rsyncd
URL:=https://rsync.samba.org/
endef
+define Package/rrsync
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=File Transfer
+ TITLE:=Restricted rsync script
+ DEPENDS:=+rsync +perlbase-file +perl @(PACKAGE_openssh-server||PACKAGE_openssh-server-pam)
+ URL:=https://www.samba.org/ftp/unpacked/rsync/support/rrsync
+endef
+
define Package/rsync/description
rsync is a program that allows files to be copied to and from remote machines
in much the same way as rcp. It has many more options than rcp, and uses the
@@ -100,5 +109,17 @@ define Package/rsyncd/install
$(INSTALL_BIN) ./files/rsyncd.init $(1)/etc/init.d/rsyncd
endef
+define Package/rrsync/description
+ rrsync is a script which wraps around rsync to restrict its permission to a
+ particular subdirectory via ~/.ssh/authorized_keys and/or to read-only
+ or write-only mode
+endef
+
+define Package/rrsync/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/support/rrsync $(1)/usr/bin
+endef
+
$(eval $(call BuildPackage,rsync))
$(eval $(call BuildPackage,rsyncd))
+$(eval $(call BuildPackage,rrsync))
Powered by cgit, Themed by Ted Yin.