ansible-role-rssh
Linux - Restricted shell for scp/sftp
Requirements
None
Role Variables
Available variables are listed below, along with default values:
rssh_allowcvs: false
rssh_allowrdist: false
rssh_allowrsync: false
rssh_allowscp: false
rssh_allowsftp: false
rssh_logfacility: LOG_USER
rssh_umask: '022'
rssh_users: []
Additional variables not defined by default:
rssh_chrootpath: /usr/local/chroot
Dependencies
None
Example Playbook
- hosts: servers
roles:
- role: linuxhq.rssh
rssh_allowrsync: true
rssh_allowscp: true
rssh_chrootpath: /usr/local/chroot
rssh_users:
- name: tkimball
access_bits: '00001'
path: /usr/local/chroot
umask: '022'
access_bits
- Five binary digits, which indicate whether the user is allowed to use rsync, rdist, cvs, sftp, and scp, in that order. One means the command is allowed, zero means it is not.
License
Copyright (C) 2018 Taylor Kimball tkimball@linuxhq.org
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.