Hello again,
On Thu, 9 Apr 2026, Kevin Korb via rsync wrote:
On 2026-04-09 10:29, G.W. Haywood via rsync wrote:
> On Thu, 9 Apr 2026, RolandK via rsync wrote:
>
> > ...
> > ...
> > wouldn't it be an interesting idea to have some feature/switch in
> > rsync, which can globally (on a per host basis) turn rsync
> > into "read-only" mode, i.e. which makes rsync binary drop any
> > capability of using write/modify/delete syscalls ?
> > ...
> > ...
>
> 1. Does the (default) "read only" module parameter not suffice?
>
> 2. Isn't the usual way to achieve the same global effect simply to run
> the utlilty under a UID that has no write permissions?
>
Rsync doesn't have a read-only mode. Rsyncd does but almost nobody
uses that.
Curious that almost nobody should be using it, it's in pretty much
all of my rsyncd.conf files. Is there any particular reason why it
should be so little used? Would you also conclude that almost nobody
would use rsync's new --readonly switch?
This person is specifically using rsync over ssh not rsyncd.
Yes, I noticed that. I almost never use rsync over ssh. If it's a
remote connection I rely on OpenVPN. The encryption overhead can be
off-loaded to other boxes that way too.
Yes, running as a user that can only read files is an excellent
solution. However, this is about full system backups which likely
contain files that only root can read. Sure, some --fake-super
trickery could be done but rrsync -ro is easier.
3. mount -o bind,ro / /mnt/fake-readonly-root
?
Just trying to help. :)
--
73,
Ged.
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
