I am at my limits on this one, so I welcome any and all suggestions.

My group has a working data tree that needs to be sync'd to another
site. woot rsync. The data needs to be read-only, owned by a single
user on the other end.

Right now I have a source account "rsyncA" at siteA and a destination
account "rsyncB" at siteB. The rsyncA user is placed in the .rhosts of
rsyncB and rsync -rsh=rsh is happy running as rsyncA.

Now, however, I need to allow other users access to initiate this
transfer and I'm running into authentication problems. My first stab
was a setuid C wrapper with the setuid bit set. If I watch the rsync
process it is being run as rsyncA, but rsh is still run as the original
uid (preventing the remote rsync server from starting). Probably
something to do with the privledged ports maybe? I dunno.

My next thought was to try using SSH as the remote shell agent but I'm
running into similar issues - and even then the public keys are all
tied to specific machine/user combos instead of just users.

Maintaining a .rhosts file at the remote end is out of the queston - I
don't want to grant general login access, just access to the rsync
script.

Is there any solution for this?

Thanks,

Eric