Created attachment 363270 [details, diff] rsync3 fix from debian Basically net-misc/rsync>=3 uses the -e option to transfer protocol parameter, but rssh thinks this is an insecure option. One can use rsync --protocol=29 to workaround that, but it would be nice to support rsync>=3 by default. This issue is known for a couple of years, but upstream is not willing to fix it: <https://bugzilla.redhat.com/show_bug.cgi?id=485946> So fedora, debian and possible other distributions added a patch to support this (see url and attachment). Seeing the fact how long this patch is in debian already, I think it can be considered safe! Debian also include some other fixes (buffer overflow fail log message) and new features like subversion support. It might be worth adding those (or adding a vanilla use flag to switch). @Marios: I would be happy to maintain this package together with you!
Glad to hear that there are more people looking over rssh! Unfortunately I don't use it anymore, so I can't comment on your patch. I am subscribed to the mailing list though, to make sure that should any security threat appear, I will inform Gentoo devs and will try to provide an ebuild with the fix.
Lemme chime in here. I'm glad other people are interested in enhancing this package as well. I've already taken some of debian's patchsets and added them in my local overlay[1]. Currently I'm working on getting svn and git support into the package by merging two patches... Any chance this could make it into portage?
Oh, forgot the link :) [1] https://www.gentoofan.org/gentoo/poly-c_overlay/app-shells/rssh/
(In reply to Marios Andreopoulos from comment #1) > Unfortunately I don't use it anymore, so I can't comment on your patch. > I am subscribed to the mailing list though, to make sure that should any > security threat appear, I will inform Gentoo devs and will try to provide an > ebuild with the fix. Are you fine with me/us co-maintaining the package? (In reply to Lars Wendler (Polynomial-C) from comment #2) > Currently I'm working on getting svn and git support into the package by > merging two patches... > Any chance this could make it into portage? I would be ok with merging the svn feature as it was used in Debian for years, but for git I am a bit skeptical. It's dev-vcs/gitolite the saver way to support git over restrict ssh? Also in general, I don't like the fact that rssh.conf needs update, it would be much nicer if missing bits would set to zero (feature off).
(In reply to Christoph Junghans from comment #4) > Are you fine with me/us co-maintaining the package? Of course! You are both active users of the package and gentoo developers. You are already trying to add new features whilst I just made sure that there aren't security problems and that it can compile. I can't help much with the new features though. If you want keep me in the maintainers list and I'll try to help with bugs.
(In reply to Marios Andreopoulos from comment #5) > I can't help much with the new features though. If you want keep me in the > maintainers list and I'll try to help with bugs. Great, these are the users we like most ;-) I will try to push a revision, which includes the debian fixes (not features) to gx86 soon.
Please have a look at app-shells/rssh-~2.3.4_p3::cj-overlay <https://code.google.com/p/cj-overlay/source/browse/#hg%2Fapp-shells%2Frssh>
@polynomial-c: why not git-shell? <http://git-scm.com/docs/git-shell.html> The only point of adding git support to rssh is that you could use the same user account for git/cvs/scp etc or is there another reason?
Added optional subversion support in cj-overlay. Any comments?
+*rssh-2.3.4_p3 (19 Nov 2013) + + 19 Nov 2013; Christoph Junghans <ottxor@gentoo.org> + +files/rssh-2.3.4_p3-autotools.patch, +rssh-2.3.4_p3.ebuild, metadata.xml: + added support for rsync>=3 (bug #491258) +
