[Dirvish] Re: ssh as root going away

Loren M. Lang lorenl at alzatex.com
Mon Oct 9 14:06:15 PDT 2006


IT Dept. Schaeffer AG wrote:
>> Make a user account on the client called "backup", with UID/GID 0 .
>> Give it an alternate home directory,  restricted shell and environment
>> so it can only run rsync (but still reach the files it needs to back
>> up, perhaps via some symlinks.   Invoke it with:
> 
> some years ago we made this option on solaris. On solaris its works
> great. A second unofficial root :-)
> 
> I died that some days ago on debian. The result was that all files owned by
> root now owned by the user "backup". I deleted the user and has to restart
> the nscd daemon ;-) to go back! Maybee I made sometings wrong ...

Remember, files are not owned by root or backup, they are owned by user
id 0.  When you do a reverse lookup on uid 0, you get root and backup,
when one that appears in the ls listing is whatever one comes back
first.  If the data comes from a file like /etc/passwd, it will usually
be which one occurs first, but if the files come from a B-Tree berkeley
database back-end to an OpenLDAP server, it could change everytime the
tree is rebalanced.  Nothing is really wrong, but it can confuse users
when they sometimes see files owned by root and sometimes backup.

> 
> Its possible to use dirbish without ssh login root at localhost?
> I know that is not an SSH Mailinglist: but its possible to run two
> different
> SSHD with two different configs on two different ports? That can be a great
> sollution. One SSH Daemon for dirvish and one for the rest of the world.
> 
> 
> nice day :)
> Manuel
> 
> _______________________________________________
> Dirvish mailing list
> Dirvish at dirvish.org
> http://www.dirvish.org/mailman/listinfo/dirvish
> 


-- 
Loren M. Lang
lorenl at alzatex.com
http://www.alzatex.com/


Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc
Fingerprint: CEE1 AAE2 F66C 59B5 34CA  C415 6D35 E847 0118 A3D2


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://www.dirvish.org/pipermail/dirvish/attachments/20061009/05661301/signature.bin


More information about the Dirvish mailing list