mirror-stream over ssh w/o 'root' privs

Bill Hacker wbh at conducive.org
Sun Feb 22 13:51:06 PST 2009


Solved: (For now .. 'BFBI' method)

- the permissions problem that seemed to require enabling 'root' login 
on the target.

CAVEAT_1: At the present state, this will most likely create new PFS 
directly under '/' (presuming all else is already PFS-mounted).

CAVEAT_2: Security still not optimal. Hopefully a better way can be 
found, but this works 'for further tests'.

Givens:

1) an appropriate hammerfs 'master' on a source server, per man (5) hammer.

2) The modification I posted earlier to fake a 'yes' to creating target 
slave pfs with compatible shared_uuid where none previously exists. The 
new hammer binary so compiled should exist on both source and target.

On (at least) the target server:

Create a bespoke group, and make 'root' a member of that group.

Create a bespoke 'special user', member of that group, AND NO OTHER group.

chown root:<bespoke group> /sbin/hammer

chmod 6664 /sbin/hammer



More information about the Users mailing list