Setting Up Google 2F Authentication for Automated (Crontab) rsync
Dear All,
I have Google Two Factor (2F) Authentication enabled for sshd on most of my Linux servers. This works well and I highly recommend it.
My question is:
Has anyone set this up for rsync which runs in a crontab?
For example, supposed we have this simple crontab script:
This works fine, of course, when syncing some backup files across the net without 2FA; but I want to do the same thing using Google Authenticator for 2FA.
OK I have been working on this simple action for a while and I cannot get it to work.
First off im new to the linux command line world. I feel like I am missing something simple.
What I am trying to achieve is that I want this command:
tcpdump -s2000 -w'flowroute-%H%M.pcap' -G900 -W36 &to... (13 Replies)
Hi All,
I have created crontab using following steps-
1) crontab -e
(edited the file with) 0 10 * * 1-5 /home/user01/exercise/cron.sh
2) then saved this file with :wq
3) cron.sh contains the code-
#!/bin/bash
DAY=`date +%a`
mkdir abc_${DAY}
4) done the execut permision... (3 Replies)
I need to "sync" a directory from a prod server to a test server. Rsync is working but it prompts for a password and I'd like to automate the process. The directory on the prod/source server is owned by root, and some subdirectories are only readable by root. On the test/destination servers, I can... (1 Reply)
hi All,
i have implemented Rsync in my source and destination server. while running through command prompt it is working fine:
ksh rsync_bravo_db.ksh usa0300uz1252.apps.mc.xerox.com /uv1402/u207/home/bravodba/bin/rsync-3.0.9/config/mrsx_rsync.cfg
but later on i created a another ksh and... (4 Replies)
Hi Team,
Please help me to set one script in crontab.
I have one script and inside script, its creating one log file for saving ouptut of script. i have to out that script in crontab. When i put the script in cronatab, it executed and log file created but no data in log.
like this i put in... (3 Replies)
Hey guys!
So I decided to set up some basic user authentication on my apache2 server, and I am running into some problems. I followed the documentation provided by apache on their website, but I cant create the password file for some reason. I did a little trouble shooting myself, and found... (40 Replies)
Hi All,
Can anyone tell me how to schedule the dbshell.sh script to run on sunday.
I have scheduled as 1 19 7 * * /home/svr/dbshell.sh. kindly confirm confirm whether coded "7" or it should set to '0'.
unix:$ crontab -l
0 19 6 * * /home/svr/dbemail.sh
1 19 7 * * /home/svr/dbshell.sh (2 Replies)
Dear all,
I noticed in syslog that i receive authentication failure from cron:
Mar 11 23:19:01 s1 CRON28789]: Authentication failure
Mar 11 23:19:01 s1 cron: Authentication failure
Mar 11 23:19:01 s1 cron: Authentication failure
Mar 11 23:19:01 s1 CRON: Authentication failure
Mar 11... (3 Replies)
Discussion started by: mydove
3 Replies
LEARN ABOUT OPENSOLARIS
rsync_selinux
rsync_selinux(8) rsync Selinux Policy documentation rsync_selinux(8)NAME
rsync_selinux - Security Enhanced Linux Policy for the rsync daemon
DESCRIPTION
Security-Enhanced Linux secures the rsync server via flexible mandatory access control.
FILE_CONTEXTS
SELinux requires files to have an extended attribute to define the file type. Policy governs the access daemons have to these files. If
you want to share files using the rsync daemon, you must label the files and directories public_content_t. So if you created a special
directory /var/rsync, you would need to label the directory with the chcon tool.
chcon -t public_content_t /var/rsync
To make this change permanent (survive a relabel), use the semanage command to add the change to file context configuration:
semanage fcontext -a -t public_content_t "/var/rsync(/.*)?"
This command adds the following entry to /etc/selinux/POLICYTYPE/contexts/files/file_contexts.local:
/var/rsync(/.*)? system_u:object_r:publix_content_t:s0
Run the restorecon command to apply the changes:
restorecon -R -v /var/rsync/
SHARING FILES
If you want to share files with multiple domains (Apache, FTP, rsync, Samba), you can set a file context of public_content_t and pub-
lic_content_rw_t. These context allow any of the above domains to read the content. If you want a particular domain to write to the pub-
lic_content_rw_t domain, you must set the appropriate boolean. allow_DOMAIN_anon_write. So for rsync you would execute:
setsebool -P allow_rsync_anon_write=1
BOOLEANS
system-config-selinux is a GUI tool available to customize SELinux policy settings.
AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO selinux(8), rsync(1), chcon(1), setsebool(8), semanage(8)dwalsh@redhat.com 17 Jan 2005 rsync_selinux(8)