[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] The Apple Raq

Subject: Re: [cobalt-users] The Apple Raq
From: Bill Campbell <bill@xxxxxxxxxxxxx>
Date: Wed May 22 14:10:16 2002
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Wed, May 22, 2002 at 03:00:03PM -0500, Jay Summers wrote:
>> I also have problems with minor things like Cobalt's setting group write
>> permissions on home directories which prevents ssh authorized_keys
>> authentication.
>
>Tell me about it! This drove me nuts when I was trying to setup Rsync on my
>Raq2's. Do you have a workaround?

Manually chmod the directories after a change.

Rsync's the easiest since we just use rsync in server mode on the Cobalts.
We add a section in /etc/rsyncd.conf for each site, with specific IPs
allowed to access and update.  This allows the site maintainer to use rsync
to update their pages with rsync, but without using ssh.  This also avoids
the tendency of rsync over ssh to hang for no apparent reason.  You need to
make sure rsync is defined in /etc/services, and added to /etc/inetd.conf.
We also use tcp_wrappers to further limit access.

Here is part of one of our /etc/rsyncd.conf files.  This allows us to
update the Seattle Unix Group pages from the staging server using:
	cd $staging_directory
	rsync -var ./ www.seaslug.org::www_seaslug_org_upd

# start /etc/rsyncd.conf
uid = nobody
gid = nobody
max connections = 10
syslog facility = local5
pid file = /var/run/rsyncd.pid

[web2_upd]
	uid = nobody
	gid = site1
	read only = false
	use chroot = false
	path = /home/sites/site1/web
	comment = web2.celestial.com uploads
	hosts allow = 192.136.111.0/24, 192.168.253.0/24
	hosts deny = *

[www_seaslug_org_upd]
	uid = nobody
	gid = site2
	read only = false
	use chroot = false
	path = /home/sites/site2/web
	comment = www.seaslug.org uploads
	hosts allow = 192.136.111.0/24, 192.168.253.0/24
	hosts deny = *
# ... more of the same...

Bill
--
INTERNET:   bill@xxxxxxxxxxxxx  Bill Campbell; Celestial Software LLC
UUCP:               camco!bill  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

``We maintain that the very foundation of our way of life is what we call
free enterprise,'' said Cash McCall, "but when one of our citizens
show enough free enterprise to pile up a little of that profit, we do
our best to make him feel that he ought to be ashamed of himself."
		-- Cameron Hawley

References:
- Re: [cobalt-users] The Apple Raq
  - From: Bill Campbell
- Re: [cobalt-users] The Apple Raq
  - From: Jay Summers

Prev by Date: Re: [cobalt-users] raQ3: wrong disksize af OS restore
Next by Date: RE: [cobalt-users] RE: RAQ4i MX Records
Previous by thread: Re: [cobalt-users] The Apple Raq
Next by thread: Re: [cobalt-users] The Apple Raq

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index