doublehp
Guru
Joined: 11 Apr 2005
Posts: 473
Location: FRANCE
|
 Posted: Sat May 14, 2005 1:16 pm Post subject: su -c rsync does not use proper SSH profile |
 |
|
pluton is my local box. saturn is a remote server used for backup. 'dhp' is legitimate user on both.
dhp can access ssh on saturn without hitting any password, using RSA authentification.
here is /home/dhp/.rsync.to_saturn.sh :
| Code: | #!/bin/bash
echo $USER
echo $HOME
echo $LOGNAME
echo $OLDPWD
export | grep root
#/usr/bin/rsync -a --delete -z --stats --progress -e ssh /home/dhp/ doublehp.dyndns.org:/home/arch_pluton/user/home/
/usr/bin/rsync -aH --delete -z --stats --progress -e ssh /home/dhp/ saturn.doublehp.org:/home/arch_pluton/user/home/ && echo `date` >> $0.log
/usr/bin/rsync $0.log saturn.doublehp.org:/home/arch_pluton/user/home/
|
when /home/dhp/.rsync.to_saturn.sh runs the script, it performs the archive without prompting anypassword.
if root runs
/bin/su -c '/home/dhp/.rsync.to_saturn.sh' dhp
then rsync asks for a password:
| Quote: | root@mercure:/etc/cron.daily# /bin/su -c '/home/dhp/.rsync.to_saturn.sh' dhp
dhp
/root
dhp
declare -x HOME="/root"
declare -x LYNX_CFG="/root/.lynx.cfg"
declare -x XAUTHORITY="/root/.xauthZlDcMw"
Password:
|
How to make rsync inside su use /home/dhp/.ssh instead of /root/.ssh to access RSA keys ?
Of course I could copy the keys to the root home, but I believe there is a nicer workaround.
Note that forcing $HOME is useless:
| Code: | HOME="/home/dhp"
echo $USER
echo $HOME
echo $LOGNAME
echo $OLDPWD
export | grep root
|
gives
| Quote: | root@mercure:/etc/cron.daily# /bin/su -c '/home/dhp/.rsync.to_saturn.sh' dhp
dhp
/home/dhp
dhp
declare -x LYNX_CFG="/root/.lynx.cfg"
declare -x XAUTHORITY="/root/.xauthZlDcMw"
Password:
|
_________________
DEMAINE Benoît-Pierre (aka DoubleHP ) http://www.demaine.info/
>o_/ Coin coin coin \_o<
to contact me (MSN,ICQ, JABBER, Skype ... ) http://benoit.demaine.info/contact.png |
|
Networking & Security
