You can give the "dummy" user
sudo permissions for just the exact
rsync command (including all args) that needs to be run and nothing else. To allow the command to be run from a
cron job, you would also need the "!requiretty" and probably "!lecture" options, as well as "NOPASSWD" for that
rsync command. For example:
Code:
Defaults: dummyuser !lecture, !requiretty
dummyuser localhost = NOPASSWD: /usr/bin/rsync -av somehost:/some/directory/ /dest/directory
That allows
dummyuser to run exactly "sudo /usr/bin/rsync -av somehost:/some/directory/ /dest/directory" and no variation of that
rsync command.