sudo can be configured to let some user run a command with fixed arguments as root. Use that feature to allow the user to run just the specific rsync command you need (in order to see the rsync command Net::OpenSSH is running under the hood you can set $Net::OpenSSH::debug=-1).
By default, Net::OpenSSH uses a different name for the control socket used to communicate with the OpenSSH client every time and that means passing a different argument to rsync also every time, but you can fix that argument telling the module the control path location to use with the ctl_path option when the object is constructed. For instance:
And add an entry on the sudoers file allowing to run as root without password the following command:my $ctl_path = '/home/user/.myapp/ssh_ctl_path'; unlink $ctl_path; # just in case it has been left behind in a previous + run of the script. my $ssh = Net::OpenSSH->new(... ctl_path => $ctl_path); $ssh->die_on_error; system('sudo', 'rsync','-e',"ssh -S $ctl_path",'--blocking-io','-q','- +-','host:/remote/directory','/local/directory') and die "rsync command failed: $?";
You may need to mangle it in some way as I am not sure of the way sudo handles arguments with spaces... in any case, don't use willcards as it is almost impossible to do so in a secure fashion.rsync -e ssh -S /home/user/.myapp/ssh_ctl_path --blocking-io -q -- hos +t:/remote/directory /local/directory
In reply to Re^5: How do I allow my test script to get rsync to archive file ownership?
by salva
in thread How do I allow my test script to get rsync to archive file ownership?
by nysus
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |