Added 3-clause BSD Licence plus ssh_filter.sh
This commit is contained in:
parent
50c4fe50e1
commit
354464495b
|
@ -4,6 +4,8 @@ FUTURE IMPROVEMENTS
|
|||
- Sync function merge (master and slave functions are more more or less the same)
|
||||
- Tree function merge (current and after tree functions are the same except for output filename and logging)
|
||||
- Tree functions execute piped commands (grep, awk) on master when launched on remote slave which can cause more bandwith usage
|
||||
- Exit trap function must also kill child processes
|
||||
- Make osync run on Cygwin for Windows compatibility
|
||||
|
||||
KNOWN ISSUES
|
||||
------------
|
||||
|
@ -13,6 +15,8 @@ KNOWN ISSUES
|
|||
RECENT CHANGES
|
||||
--------------
|
||||
|
||||
- Fixed various typos
|
||||
- Enforced CheckConnectivityRemoteHost and CheckConnectivity3rdPartyHosts checks (if one of these fails, osync is stopped)
|
||||
- 18 Aug. 2013: Osync 0.99 RC1
|
||||
- Added possibility to change default logfile
|
||||
- Fixed a possible error upon master replica lock check
|
||||
|
@ -64,5 +68,6 @@ RECENT CHANGES
|
|||
- Added master/slave conflict prevalance option
|
||||
- Added soft-deleted items
|
||||
- Added backup items in case of conflict
|
||||
19 Jun. 2013: Project begin
|
||||
|
||||
19 Jun. 2013: Project begin as Obackup fork
|
||||
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
Copyright (c) 2013, Orsiris "Ozy" de Jong. ozy@netpower.fr
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are met:
|
||||
* Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
* Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
* Neither the name of the author nor the
|
||||
names of its contributors may be used to endorse or promote products
|
||||
derived from this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY
|
||||
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
||||
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
@ -23,6 +23,8 @@ Osync uses a master / slave sync schema. It can sync local or remote directories
|
|||
Also, osync uses pidlocks to prevent multiple concurrent sync processes on/to the same master / slave replica. Be sure a sync process is finished before launching next one.
|
||||
You may launch concurrent sync processes on the same system but only for different master replicas.
|
||||
|
||||
Currently, it has been tested on CentOS 5, CentOS 6, Debian 6.0.7, Linux Mint 14 and Ubuntu 12.
|
||||
|
||||
## Installation
|
||||
|
||||
Osync developpment is still not finished. It's currently at beta stage. Please read CHANGELOG.md for a list of known bugs.
|
||||
|
|
|
@ -0,0 +1,103 @@
|
|||
#!/bin/bash
|
||||
|
||||
##### Obackup & Osync ssh command filter build 2408201301
|
||||
##### This script should be located in /usr/local/bin in the remote system to sync / backup
|
||||
##### It will filter the commands that can be run remotely via ssh.
|
||||
##### Please chmod 755 and chown root:root this file
|
||||
|
||||
##### Obackup needed commands: rsync find du mysql mysqldump (sudo)
|
||||
##### Osync needed commands: rsync find du echo mkdir rm if df (sudo)
|
||||
|
||||
## If enabled, execution of "sudo" command will be allowed.
|
||||
SUDO_EXEC=yes
|
||||
## Paranoia option. Don't change this unless you read the documentation and still feel concerned about security issues.
|
||||
RSYNC_EXECUTABLE=rsync
|
||||
## Enable other commands, useful for remote execution hooks like remotely creating snapshots.
|
||||
CMD1=
|
||||
CMD2=
|
||||
CMD3=
|
||||
|
||||
LOG_FILE=~/.ssh/ssh_filter.log
|
||||
|
||||
function Log
|
||||
{
|
||||
DATE=$(date)
|
||||
echo "$DATE - $1" >> $LOG_FILE
|
||||
}
|
||||
|
||||
function Go
|
||||
{
|
||||
eval $SSH_ORIGINAL_COMMAND
|
||||
}
|
||||
|
||||
case ${SSH_ORIGINAL_COMMAND%% *} in
|
||||
"$RSYNC_EXECUTABLE")
|
||||
Go ;;
|
||||
"mysqldump")
|
||||
Go ;;
|
||||
"mysql")
|
||||
Go ;;
|
||||
"echo")
|
||||
Go ;;
|
||||
"find")
|
||||
Go ;;
|
||||
"du")
|
||||
Go ;;
|
||||
"mkdir")
|
||||
Go ;;
|
||||
"rm")
|
||||
Go ;;
|
||||
"df")
|
||||
Go ;;
|
||||
"$CMD1")
|
||||
Go ;;
|
||||
"$CMD2")
|
||||
Go ;;
|
||||
"$CMD3")
|
||||
Go ;;
|
||||
"sudo")
|
||||
if [ "$SUDO_EXEC" == "yes" ]
|
||||
then
|
||||
if [[ "$SSH_ORIGINAL_COMMAND" == "sudo $RSYNC_EXECUTABLE"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo du"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo find"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo mkdir"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo rm"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo echo"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo df"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD1"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD2"* ]]
|
||||
then
|
||||
Go
|
||||
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD3"* ]]
|
||||
then
|
||||
Go
|
||||
else
|
||||
Log "Command [$SSH_ORIGINAL_COMMAND] not allowed."
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
Log "Command [$SSH_ORIGINAL_COMMAND] not allowed. sudo not enabled."
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
Log "Command [$SSH_ORIGINAL_COMMAND] not allowed."
|
||||
exit 1
|
||||
esac
|
Loading…
Reference in New Issue