Copiying /etc/shadow with sudo and rsync

[jnsc]

Hi,

I have a little problem, and at the first look it might look easy, but it's not, or at least I did not find an easy solution. I have 2 server, which must rsync some files, including /etc/passwd and /etc/shadow. Everything was working fine until we decided to forbid rootlogin on the server, and use sudo for the sync. My problem is that /etc/shadow has a file permission of 400, so the non privilegd user can not read it, so I can use a command like this

Code:

rsync  --rsync-path='sudo rsync' --rsh='/usr/bin/ssh -x' --archive /etc/shadow user@server2:/etc/shadow

because user is not authorised to read /etc/shadow, so I tried this

Code:

rsync  --rsync-path='sudo rsync' --rsh='/usr/bin/ssh -x' --archive user@localhost:/etc/shadow user@server2:/etc/shadow

so that it uses sudo twice, but I get this error

Code:

rsync: mkstemp "/home/user/user@server2:/etc/.shadow.wBWPkX" failed: No such file or directory (2)
rsync error: some files could not be transferred (code 23) at main.c(1146)

So does somebody know an easy and Secure solution?

Thanks

[falko]

No, unfortunately not.

[jnsc]

Thanks falko for your reply, as it was not an easy question, I was not expecting a magical solution, but I tough that maybe somebody already had this problem. Maybe I will try to ask on a sudo mailing list.