mirror-stream over ssh w/o 'root' privs
Bill Hacker
wbh at conducive.org
Sun Feb 22 13:51:06 PST 2009
Solved: (For now .. 'BFBI' method)
- the permissions problem that seemed to require enabling 'root' login
on the target.
CAVEAT_1: At the present state, this will most likely create new PFS
directly under '/' (presuming all else is already PFS-mounted).
CAVEAT_2: Security still not optimal. Hopefully a better way can be
found, but this works 'for further tests'.
Givens:
1) an appropriate hammerfs 'master' on a source server, per man (5) hammer.
2) The modification I posted earlier to fake a 'yes' to creating target
slave pfs with compatible shared_uuid where none previously exists. The
new hammer binary so compiled should exist on both source and target.
On (at least) the target server:
Create a bespoke group, and make 'root' a member of that group.
Create a bespoke 'special user', member of that group, AND NO OTHER group.
chown root:<bespoke group> /sbin/hammer
chmod 6664 /sbin/hammer
More information about the Users
mailing list