Rsyncd.secrets文件linux权限:不应该被组和其他人读取
[英]Rsyncd.secrets file linux permission: should not be read by group and others
问题描述
In my rsync server /etc/rsyncd.conf file, I have "secrets file = /etc/rsyncd.secrets". 
在我的rsync服务器/etc/rsyncd.conf文件中,我有“secrets file = /etc/rsyncd.secrets”。
If I change file permission with "chmod 600 /etc/rsyncd.secrets", after I ran rsync command on my client to the server, every thing work fine. 如果我使用“chmod 600 /etc/rsyncd.secrets”更改文件权限,在我将客户端上的rsync命令运行到服务器之后,每件事都可以正常工作。 If it's "chmod 644 /etc/rsyncd.secrets", however, my client end up with "@ERROR: auth failed on module www_cn_mad rsync error: error starting client-server protocol (code 5) at main.c(1534) [sender=3.0.9]" I don't know why 644 permission matters.. 但是,如果它是“chmod 644 /etc/rsyncd.secrets”,我的客户端最终会出现“@ERROR:auth在模块www_cn_mad rsync错误上失败:在main.c启动客户端 - 服务器协议(代码5)时出错(1534)[ sender = 3.0.9]“我不知道为什么644许可很重要..
1 个解决方案
解决方案1
3 2015-01-08 02:11:50
In Rsync, there is a parameter called "strict modes" that can be set in /etc/rsyncd.conf. 在Rsync中,有一个名为“strict modes”的参数可以在/etc/rsyncd.conf中设置。 By default, this parameter is true even if it is not set in the configuration file. 默认情况下,即使未在配置文件中设置此参数,也会为true。 "strict modes" runs a check on the secrets file to determine if it is readable by any other user id than what rsync is running under. “严格模式”运行对秘密文件的检查,以确定它是否可由任何其他用户ID读取,而不是rsync运行的用户ID。 This is good to have as a check that your secrets file is not visible to the world. 这可以作为检查您的秘密文件对世界不可见。 If you want to use 644 permissions on the secrets file, you'll need to add the line 如果要对秘密文件使用644权限,则需要添加该行
stricts modes = no stricts modes = no
to your rsyncd configuration file to disable the check. 到您的rsyncd配置文件以禁用检查。 I'd recommend you set 600 permissions and leave strict modes enabled for security. 我建议您设置600权限并启用严格模式以确保安全性。
-TW - TW
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.