[OpenIndiana-discuss] Root as role vs. user and rsync

Ignacio Marambio Catán darkjoker at gmail.com
Mon May 7 02:01:44 UTC 2012


There is one other option. Use ssh public key authentication to bypass
the whole PAM/role nonsense and restrict what the user can do with the
command option. See sshd(8) in its AUTHORIZED_KEYS FILE FORMAT section

On Sun, May 6, 2012 at 10:37 PM, Dave Pooser <dave-oi at pooserville.com> wrote:
> On 5/6/12 8:04 AM, "Jeppe Toustrup" <openindiana at tenzer.dk> wrote:
>
>>2. SSH in as dedicated unprivileged user, which then have permissions
>>to run rsync with root permissions though sudo.
>
> This is how I do it, which also has the advantage of letting me give sudo
> permissions to run specific scripts that (for example) quiesce a database,
> snapshot the filesystem, reactivate the database, mount the snapshot, and
> then perform further operations on the snapshot while the database is
> humming along. Makes backup windows much more manageable....
> --
> Dave Pooser
> Cat-Herder-in-Chief, Pooserville.com
> "...Life is not a journey to the grave with the intention of arriving
> safely in one pretty and well-preserved piece, but to slide across the
> finish line broadside, thoroughly used up, worn out, leaking oil, and
> shouting GERONIMO!!!" -- Bill McKenna
>
>
>
>
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss



More information about the OpenIndiana-discuss mailing list