From 9741cd3b9ee5606f5fdbbb70cd9d951bb94c9b47 Mon Sep 17 00:00:00 2001 From: deajan Date: Sun, 23 Jun 2013 13:53:22 +0200 Subject: [PATCH] ssh commands filter update --- CHANGELOG.md | 2 ++ obackup_ssh_filter.sh | 27 +++++++++++++++++---------- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ed6f879..c9bf89a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ ## Latest changelog +- 23/06/2013 v 1.84 RC1 approaching +- Added ssh commands filter, updated documentation - Rewrote local space check function - Added ability to run another executable than rsync (see documentation on sudo execution) - Added some Rsync argument parameters (preserve ACL, Xattr, and stream compression) diff --git a/obackup_ssh_filter.sh b/obackup_ssh_filter.sh index 12a85da..10fc8e1 100755 --- a/obackup_ssh_filter.sh +++ b/obackup_ssh_filter.sh @@ -2,7 +2,9 @@ ##### Obackup ssh command filter -## Paranoia option. Only change this if you read the documentation and know what you're doing +## If enabled, execution of "sudo" command will be allowed. +SUDO_EXEC=yes +## Paranoia option. Don't change this unless you read the documentation and still feel concerned about security issues. RSYNC_EXECUTABLE=rsync function Go @@ -20,17 +22,22 @@ case ${SSH_ORIGINAL_COMMAND%% *} in "du") Go ;; "sudo") - if [[ "$SSH_ORIGINAL_COMMAND" == "sudo $RSYNC_EXECUTABLE"* ]] + if [ "$SUDO_EXEC" == "yes" ] then - Go - elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo du"* ]] - then - Go - elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo find"* ]] - then - Go + if [[ "$SSH_ORIGINAL_COMMAND" == "sudo $RSYNC_EXECUTABLE"* ]] + then + Go + elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo du"* ]] + then + Go + elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo find"* ]] + then + Go + else + echo "Sudo command not allowed." + fi else - echo "Sudo command not allowed." + echo "Sudo command not enabled." fi ;; *)