1 *** rsync-3.0.6/rsyncd.conf.5 Fri May 8 10:41:20 2009 |
1 --- rsync-3.0.8/rsyncd.conf.5.~1~ Sat Mar 26 14:37:52 2011 |
2 --- rsync-3.0.8/rsyncd.conf.5 Sat Mar 26 14:37:52 2011 |
2 +++ rsync-3.0.8/rsyncd.conf.5 Mon Jun 13 22:07:54 2011 |
3 *************** |
3 @@ -1,4 +1,4 @@ |
4 *** 1,4 **** |
4 -.TH "rsyncd.conf" "5" "26 Mar 2011" "" "" |
5 ! .TH "rsyncd.conf" "5" "8 May 2009" "" "" |
5 +.TH "rsyncd.conf" "5" "8 May 2009" "" "" |
6 .SH "NAME" |
6 .SH "NAME" |
7 rsyncd.conf \(em configuration file for rsync in daemon mode |
7 rsyncd.conf \(em configuration file for rsync in daemon mode |
8 .SH "SYNOPSIS" |
8 .SH "SYNOPSIS" |
9 --- 1,4 ---- |
9 @@ -20,9 +20,9 @@ |
10 ! .TH "rsyncd.conf" "5" "26 Mar 2011" "" "" |
10 .PP |
11 .SH "NAME" |
11 The file consists of modules and parameters. A module begins with the |
12 rsyncd.conf \(em configuration file for rsync in daemon mode |
12 name of the module in square brackets and continues until the next |
13 .SH "SYNOPSIS" |
13 -module begins. Modules contain parameters of the form \(dq\&name = value\(dq\&. |
14 *************** |
14 +module begins. Modules contain parameters of the form \(lqname = value\(rq. |
15 *** 20,28 **** |
15 .PP |
16 .PP |
16 -The file is line\-based \-\- that is, each newline\-terminated line represents |
17 The file consists of modules and parameters. A module begins with the |
17 +The file is line-based \(em that is, each newline-terminated line represents |
18 name of the module in square brackets and continues until the next |
18 either a comment, a module name or a parameter. |
19 ! module begins. Modules contain parameters of the form \(lqname = value\(rq. |
19 .PP |
20 .PP |
20 Only the first equals sign in a parameter is significant. Whitespace before |
21 ! The file is line-based \(em that is, each newline-terminated line represents |
21 @@ -34,7 +34,7 @@ |
22 either a comment, a module name or a parameter. |
22 Any line beginning with a hash (#) is ignored, as are lines containing |
23 .PP |
23 only whitespace. |
24 Only the first equals sign in a parameter is significant. Whitespace before |
24 .PP |
25 --- 20,28 ---- |
25 -Any line ending in a \e is \(dq\&continued\(dq\& on the next line in the |
26 .PP |
26 +Any line ending in a \e is \(lqcontinued\(rq on the next line in the |
27 The file consists of modules and parameters. A module begins with the |
27 customary UNIX fashion. |
28 name of the module in square brackets and continues until the next |
28 .PP |
29 ! module begins. Modules contain parameters of the form \(dq\&name = value\(dq\&. |
29 The values following the equals sign in parameters are all either a string |
30 .PP |
30 @@ -53,9 +53,9 @@ |
31 ! The file is line\-based \-\- that is, each newline\-terminated line represents |
31 file ownership. Otherwise, it must just have permission to read and |
32 either a comment, a module name or a parameter. |
32 write the appropriate data, log, and lock files. |
33 .PP |
33 .PP |
34 Only the first equals sign in a parameter is significant. Whitespace before |
34 -You can launch it either via inetd, as a stand\-alone daemon, or from |
35 *************** |
35 -an rsync client via a remote shell. If run as a stand\-alone daemon then |
36 *** 34,40 **** |
36 -just run the command \(dq\&\fBrsync \-\-daemon\fP\(dq\& from a suitable startup script. |
37 Any line beginning with a hash (#) is ignored, as are lines containing |
37 +You can launch it either via inetd, as a stand-alone daemon, or from |
38 only whitespace. |
38 +an rsync client via a remote shell. If run as a stand-alone daemon then |
39 .PP |
39 +just run the command \(lq\fBrsync \-\-daemon\fP\(rq from a suitable startup script. |
40 ! Any line ending in a \e is \(lqcontinued\(rq on the next line in the |
40 .PP |
41 customary UNIX fashion. |
41 When run via inetd you should add a line like this to /etc/services: |
42 .PP |
42 .PP |
43 The values following the equals sign in parameters are all either a string |
43 @@ -71,12 +71,12 @@ |
44 --- 34,40 ---- |
44 .fi |
45 Any line beginning with a hash (#) is ignored, as are lines containing |
45 |
46 only whitespace. |
46 .PP |
47 .PP |
47 -Replace \(dq\&/usr/bin/rsync\(dq\& with the path to where you have rsync installed on |
48 ! Any line ending in a \e is \(dq\&continued\(dq\& on the next line in the |
48 +Replace \(lq/usr/bin/rsync\(rq with the path to where you have rsync installed on |
49 customary UNIX fashion. |
49 your system. You will then need to send inetd a HUP signal to tell it to |
50 .PP |
50 reread its config file. |
51 The values following the equals sign in parameters are all either a string |
51 .PP |
52 *************** |
52 Note that you should \fBnot\fP send the rsync daemon a HUP signal to force |
53 *** 53,61 **** |
53 -it to reread the \f(CWrsyncd.conf\fP file. The file is re\-read on each client |
54 file ownership. Otherwise, it must just have permission to read and |
54 +it to reread the \f(CWrsyncd.conf\fP file. The file is re-read on each client |
55 write the appropriate data, log, and lock files. |
55 connection. |
56 .PP |
56 .PP |
57 ! You can launch it either via inetd, as a stand-alone daemon, or from |
57 .SH "GLOBAL PARAMETERS" |
58 ! an rsync client via a remote shell. If run as a stand-alone daemon then |
58 @@ -91,7 +91,7 @@ |
59 ! just run the command \(lq\fBrsync \-\-daemon\fP\(rq from a suitable startup script. |
59 .PP |
60 .PP |
60 .IP "\fBmotd file\fP" |
61 When run via inetd you should add a line like this to /etc/services: |
61 This parameter allows you to specify a |
62 .PP |
62 -\(dq\&message of the day\(dq\& to display to clients on each connect. This |
63 --- 53,61 ---- |
63 +\(lqmessage of the day\(rq to display to clients on each connect. This |
64 file ownership. Otherwise, it must just have permission to read and |
64 usually contains site information and any legal notices. The default |
65 write the appropriate data, log, and lock files. |
65 is no motd file. |
66 .PP |
66 .IP |
67 ! You can launch it either via inetd, as a stand\-alone daemon, or from |
67 @@ -103,12 +103,12 @@ |
68 ! an rsync client via a remote shell. If run as a stand\-alone daemon then |
68 .IP "\fBport\fP" |
69 ! just run the command \(dq\&\fBrsync \-\-daemon\fP\(dq\& from a suitable startup script. |
69 You can override the default port the daemon will listen on |
70 .PP |
70 by specifying this value (defaults to 873). This is ignored if the daemon |
71 When run via inetd you should add a line like this to /etc/services: |
71 -is being run by inetd, and is superseded by the \fB\-\-port\fP command\-line option. |
72 .PP |
72 +is being run by inetd, and is superseded by the \fB\-\-port\fP command-line option. |
73 *************** |
73 .IP |
74 *** 71,82 **** |
74 .IP "\fBaddress\fP" |
75 .fi |
75 You can override the default IP address the daemon |
76 |
76 will listen on by specifying this value. This is ignored if the daemon is |
77 .PP |
77 -being run by inetd, and is superseded by the \fB\-\-address\fP command\-line option. |
78 ! Replace \(lq/usr/bin/rsync\(rq with the path to where you have rsync installed on |
78 +being run by inetd, and is superseded by the \fB\-\-address\fP command-line option. |
79 your system. You will then need to send inetd a HUP signal to tell it to |
79 .IP |
80 reread its config file. |
80 .IP "\fBsocket options\fP" |
81 .PP |
81 This parameter can provide endless fun for people |
82 Note that you should \fBnot\fP send the rsync daemon a HUP signal to force |
82 @@ -119,7 +119,7 @@ |
83 ! it to reread the \f(CWrsyncd.conf\fP file. The file is re-read on each client |
83 system call for |
84 connection. |
84 details on some of the options you may be able to set. By default no |
85 .PP |
85 special socket options are set. These settings can also be specified |
86 .SH "GLOBAL PARAMETERS" |
86 -via the \fB\-\-sockopts\fP command\-line option. |
87 --- 71,82 ---- |
87 +via the \fB\-\-sockopts\fP command-line option. |
88 .fi |
88 .IP |
89 |
89 .SH "MODULE PARAMETERS" |
90 .PP |
90 |
91 ! Replace \(dq\&/usr/bin/rsync\(dq\& with the path to where you have rsync installed on |
91 @@ -139,44 +139,44 @@ |
92 your system. You will then need to send inetd a HUP signal to tell it to |
92 of available modules. The default is no comment. |
93 reread its config file. |
93 .IP |
94 .PP |
94 .IP "\fBpath\fP" |
95 Note that you should \fBnot\fP send the rsync daemon a HUP signal to force |
95 -This parameter specifies the directory in the daemon\(cq\&s |
96 ! it to reread the \f(CWrsyncd.conf\fP file. The file is re\-read on each client |
96 +This parameter specifies the directory in the daemon's |
97 connection. |
97 filesystem to make available in this module. You must specify this parameter |
98 .PP |
98 for each module in \f(CWrsyncd.conf\fP. |
99 .SH "GLOBAL PARAMETERS" |
99 .IP |
100 *************** |
100 .IP "\fBuse chroot\fP" |
101 *** 91,97 **** |
101 -If \(dq\&use chroot\(dq\& is true, the rsync daemon will chroot |
102 .PP |
102 -to the \(dq\&path\(dq\& before starting the file transfer with the client. This has |
103 .IP "\fBmotd file\fP" |
103 +If \(lquse chroot\(rq is true, the rsync daemon will chroot |
104 This parameter allows you to specify a |
104 +to the \(lqpath\(rq before starting the file transfer with the client. This has |
105 ! \(lqmessage of the day\(rq to display to clients on each connect. This |
105 the advantage of extra protection against possible implementation security |
106 usually contains site information and any legal notices. The default |
106 -holes, but it has the disadvantages of requiring super\-user privileges, |
107 is no motd file. |
107 +holes, but it has the disadvantages of requiring super-user privileges, |
108 .IP |
108 of not being able to follow symbolic links that are either absolute or outside |
109 --- 91,97 ---- |
109 of the new root path, and of complicating the preservation of users and groups |
110 .PP |
110 by name (see below). |
111 .IP "\fBmotd file\fP" |
111 .IP |
112 This parameter allows you to specify a |
112 -As an additional safety feature, you can specify a dot\-dir in the module\(cq\&s |
113 ! \(dq\&message of the day\(dq\& to display to clients on each connect. This |
113 -\(dq\&path\(dq\& to indicate the point where the chroot should occur. This allows rsync |
114 usually contains site information and any legal notices. The default |
114 -to run in a chroot with a non\-\(dq\&/\(dq\& path for the top of the transfer hierarchy. |
115 is no motd file. |
115 +As an additional safety feature, you can specify a dot-dir in the module's |
116 .IP |
116 +\(lqpath\(rq to indicate the point where the chroot should occur. This allows rsync |
117 *************** |
117 +to run in a chroot with a non\-"/\(rq path for the top of the transfer hierarchy. |
118 *** 103,114 **** |
118 Doing this guards against unintended library loading (since those absolute |
119 .IP "\fBport\fP" |
119 paths will not be inside the transfer hierarchy unless you have used an unwise |
120 You can override the default port the daemon will listen on |
120 pathname), and lets you setup libraries for the chroot that are outside of the |
121 by specifying this value (defaults to 873). This is ignored if the daemon |
121 -transfer. For example, specifying \(dq\&/var/rsync/./module1\(dq\& will chroot to the |
122 ! is being run by inetd, and is superseded by the \fB\-\-port\fP command-line option. |
122 -\(dq\&/var/rsync\(dq\& directory and set the inside\-chroot path to \(dq\&/module1\(dq\&. If you |
123 .IP |
123 -had omitted the dot\-dir, the chroot would have used the whole path, and the |
124 .IP "\fBaddress\fP" |
124 -inside\-chroot path would have been \(dq\&/\(dq\&. |
125 You can override the default IP address the daemon |
125 +transfer. For example, specifying \(lq/var/rsync/./module1\(rq will chroot to the |
126 will listen on by specifying this value. This is ignored if the daemon is |
126 +\(lq/var/rsync\(rq directory and set the inside-chroot path to \(lq/module1\(rq. If you |
127 ! being run by inetd, and is superseded by the \fB\-\-address\fP command-line option. |
127 +had omitted the dot-dir, the chroot would have used the whole path, and the |
128 .IP |
128 +inside-chroot path would have been \(lq/\(rq. |
129 .IP "\fBsocket options\fP" |
129 .IP |
130 This parameter can provide endless fun for people |
130 -When \(dq\&use chroot\(dq\& is false or the inside\-chroot path is not \(dq\&/\(dq\&, rsync will: |
131 --- 103,114 ---- |
131 +When \(lquse chroot\(rq is false or the inside-chroot path is not \(lq/\(rq, rsync will: |
132 .IP "\fBport\fP" |
132 (1) munge symlinks by |
133 You can override the default port the daemon will listen on |
133 -default for security reasons (see \(dq\&munge symlinks\(dq\& for a way to turn this |
134 by specifying this value (defaults to 873). This is ignored if the daemon |
134 +default for security reasons (see \(lqmunge symlinks\(rq for a way to turn this |
135 ! is being run by inetd, and is superseded by the \fB\-\-port\fP command\-line option. |
135 off, but only if you trust your users), (2) substitute leading slashes in |
136 .IP |
136 -absolute paths with the module\(cq\&s path (so that options such as |
137 .IP "\fBaddress\fP" |
137 +absolute paths with the module's path (so that options such as |
138 You can override the default IP address the daemon |
138 \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as |
139 will listen on by specifying this value. This is ignored if the daemon is |
139 -rooted in the module\(cq\&s \(dq\&path\(dq\& dir), and (3) trim \(dq\&..\(dq\& path elements from |
140 ! being run by inetd, and is superseded by the \fB\-\-address\fP command\-line option. |
140 +rooted in the module's \(lqpath\(rq dir), and (3) trim \(lq..\(rq path elements from |
141 .IP |
141 args if rsync believes they would escape the module hierarchy. |
142 .IP "\fBsocket options\fP" |
142 -The default for \(dq\&use chroot\(dq\& is true, and is the safer choice (especially |
143 This parameter can provide endless fun for people |
143 -if the module is not read\-only). |
144 *************** |
144 +The default for \(lquse chroot\(rq is true, and is the safer choice (especially |
145 *** 119,125 **** |
145 +if the module is not read-only). |
146 system call for |
146 .IP |
147 details on some of the options you may be able to set. By default no |
147 When this parameter is enabled, rsync will not attempt to map users and groups |
148 special socket options are set. These settings can also be specified |
148 by name (by default), but instead copy IDs as though \fB\-\-numeric\-ids\fP had |
149 ! via the \fB\-\-sockopts\fP command-line option. |
149 -been specified. In order to enable name\-mapping, rsync needs to be able to |
150 .IP |
150 +been specified. In order to enable name-mapping, rsync needs to be able to |
151 .SH "MODULE PARAMETERS" |
151 use the standard library functions for looking up names and IDs (i.e. |
152 |
152 \f(CWgetpwuid()\fP |
153 --- 119,125 ---- |
153 , |
154 system call for |
154 @@ -191,12 +191,12 @@ |
155 details on some of the options you may be able to set. By default no |
155 used by these library functions (traditionally /etc/passwd and |
156 special socket options are set. These settings can also be specified |
156 /etc/group, but perhaps additional dynamic libraries as well). |
157 ! via the \fB\-\-sockopts\fP command\-line option. |
157 .IP |
158 .IP |
158 -If you copy the necessary resources into the module\(cq\&s chroot area, you |
159 .SH "MODULE PARAMETERS" |
159 -should protect them through your OS\(cq\&s normal user/group or ACL settings (to |
160 |
160 -prevent the rsync module\(cq\&s user from being able to change them), and then |
161 *************** |
161 -hide them from the user\(cq\&s view via \(dq\&exclude\(dq\& (see how in the discussion of |
162 *** 139,182 **** |
162 +If you copy the necessary resources into the module's chroot area, you |
163 of available modules. The default is no comment. |
163 +should protect them through your OS's normal user/group or ACL settings (to |
164 .IP |
164 +prevent the rsync module's user from being able to change them), and then |
165 .IP "\fBpath\fP" |
165 +hide them from the user's view via \(lqexclude\(rq (see how in the discussion of |
166 ! This parameter specifies the directory in the daemon's |
166 that parameter). At that point it will be safe to enable the mapping of users |
167 filesystem to make available in this module. You must specify this parameter |
167 -and groups by name using the \(dq\&numeric ids\(dq\& daemon parameter (see below). |
168 for each module in \f(CWrsyncd.conf\fP. |
168 +and groups by name using the \(lqnumeric ids\(rq daemon parameter (see below). |
169 .IP |
169 .IP |
170 .IP "\fBuse chroot\fP" |
170 Note also that you are free to setup custom user/group information in the |
171 ! If \(lquse chroot\(rq is true, the rsync daemon will chroot |
171 chroot area that is different from your normal system. For example, you |
172 ! to the \(lqpath\(rq before starting the file transfer with the client. This has |
172 @@ -205,12 +205,12 @@ |
173 the advantage of extra protection against possible implementation security |
173 .IP "\fBnumeric ids\fP" |
174 ! holes, but it has the disadvantages of requiring super-user privileges, |
174 Enabling this parameter disables the mapping |
175 of not being able to follow symbolic links that are either absolute or outside |
175 of users and groups by name for the current daemon module. This prevents |
176 of the new root path, and of complicating the preservation of users and groups |
176 -the daemon from trying to load any user/group\-related files or libraries. |
177 by name (see below). |
177 +the daemon from trying to load any user/group-related files or libraries. |
178 .IP |
178 This enabling makes the transfer behave as if the client had passed |
179 ! As an additional safety feature, you can specify a dot-dir in the module's |
179 -the \fB\-\-numeric\-ids\fP command\-line option. By default, this parameter is |
180 ! \(lqpath\(rq to indicate the point where the chroot should occur. This allows rsync |
180 -enabled for chroot modules and disabled for non\-chroot modules. |
181 ! to run in a chroot with a non\-"/\(rq path for the top of the transfer hierarchy. |
181 +the \fB\-\-numeric\-ids\fP command-line option. By default, this parameter is |
182 Doing this guards against unintended library loading (since those absolute |
182 +enabled for chroot modules and disabled for non-chroot modules. |
183 paths will not be inside the transfer hierarchy unless you have used an unwise |
183 .IP |
184 pathname), and lets you setup libraries for the chroot that are outside of the |
184 -A chroot\-enabled module should not have this parameter enabled unless you\(cq\&ve |
185 ! transfer. For example, specifying \(lq/var/rsync/./module1\(rq will chroot to the |
185 +A chroot-enabled module should not have this parameter enabled unless you've |
186 ! \(lq/var/rsync\(rq directory and set the inside-chroot path to \(lq/module1\(rq. If you |
186 taken steps to ensure that the module has the necessary resources it needs |
187 ! had omitted the dot-dir, the chroot would have used the whole path, and the |
187 to translate names, and that it is not possible for a user to change those |
188 ! inside-chroot path would have been \(lq/\(rq. |
188 resources. |
189 .IP |
189 @@ -219,52 +219,52 @@ |
190 ! When \(lquse chroot\(rq is false or the inside-chroot path is not \(lq/\(rq, rsync will: |
190 This parameter tells rsync to modify |
191 (1) munge symlinks by |
191 all incoming symlinks in a way that makes them unusable but recoverable |
192 ! default for security reasons (see \(lqmunge symlinks\(rq for a way to turn this |
192 (see below). This should help protect your files from user trickery when |
193 off, but only if you trust your users), (2) substitute leading slashes in |
193 -your daemon module is writable. The default is disabled when \(dq\&use chroot\(dq\& |
194 ! absolute paths with the module's path (so that options such as |
194 -is on and the inside\-chroot path is \(dq\&/\(dq\&, otherwise it is enabled. |
195 \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as |
195 +your daemon module is writable. The default is disabled when \(lquse chroot\(rq |
196 ! rooted in the module's \(lqpath\(rq dir), and (3) trim \(lq..\(rq path elements from |
196 +is on and the inside-chroot path is \(lq/\(rq, otherwise it is enabled. |
197 args if rsync believes they would escape the module hierarchy. |
197 .IP |
198 ! The default for \(lquse chroot\(rq is true, and is the safer choice (especially |
198 -If you disable this parameter on a daemon that is not read\-only, there |
199 ! if the module is not read-only). |
199 +If you disable this parameter on a daemon that is not read-only, there |
200 .IP |
200 are tricks that a user can play with uploaded symlinks to access |
201 When this parameter is enabled, rsync will not attempt to map users and groups |
201 -daemon\-excluded items (if your module has any), and, if \(dq\&use chroot\(dq\& |
202 by name (by default), but instead copy IDs as though \fB\-\-numeric\-ids\fP had |
202 +daemon-excluded items (if your module has any), and, if \(lquse chroot\(rq |
203 ! been specified. In order to enable name-mapping, rsync needs to be able to |
203 is off, rsync can even be tricked into showing or changing data that |
204 use the standard library functions for looking up names and IDs (i.e. |
204 -is outside the module\(cq\&s path (as access\-permissions allow). |
205 \f(CWgetpwuid()\fP |
205 +is outside the module's path (as access-permissions allow). |
206 , |
206 .IP |
207 --- 139,182 ---- |
207 The way rsync disables the use of symlinks is to prefix each one with |
208 of available modules. The default is no comment. |
208 -the string \(dq\&/rsyncd\-munged/\(dq\&. This prevents the links from being used |
209 .IP |
209 +the string \(lq/rsyncd-munged/\(rq. This prevents the links from being used |
210 .IP "\fBpath\fP" |
210 as long as that directory does not exist. When this parameter is enabled, |
211 ! This parameter specifies the directory in the daemon\(cq\&s |
211 rsync will refuse to run if that path is a directory or a symlink to |
212 filesystem to make available in this module. You must specify this parameter |
212 -a directory. When using the \(dq\&munge symlinks\(dq\& parameter in a chroot area |
213 for each module in \f(CWrsyncd.conf\fP. |
213 -that has an inside\-chroot path of \(dq\&/\(dq\&, you should add \(dq\&/rsyncd\-munged/\(dq\& |
214 .IP |
214 +a directory. When using the \(lqmunge symlinks\(rq parameter in a chroot area |
215 .IP "\fBuse chroot\fP" |
215 +that has an inside-chroot path of \(lq/\(rq, you should add \(lq/rsyncd-munged/\(rq |
216 ! If \(dq\&use chroot\(dq\& is true, the rsync daemon will chroot |
216 to the exclude setting for the module so that |
217 ! to the \(dq\&path\(dq\& before starting the file transfer with the client. This has |
217 -a user can\(cq\&t try to create it. |
218 the advantage of extra protection against possible implementation security |
218 +a user can't try to create it. |
219 ! holes, but it has the disadvantages of requiring super\-user privileges, |
219 .IP |
220 of not being able to follow symbolic links that are either absolute or outside |
220 -Note: rsync makes no attempt to verify that any pre\-existing symlinks in |
221 of the new root path, and of complicating the preservation of users and groups |
221 -the module\(cq\&s hierarchy are as safe as you want them to be (unless, of |
222 by name (see below). |
222 +Note: rsync makes no attempt to verify that any pre-existing symlinks in |
223 .IP |
223 +the module's hierarchy are as safe as you want them to be (unless, of |
224 ! As an additional safety feature, you can specify a dot\-dir in the module\(cq\&s |
224 course, it just copied in the whole hierarchy). If you setup an rsync |
225 ! \(dq\&path\(dq\& to indicate the point where the chroot should occur. This allows rsync |
225 daemon on a new area or locally add symlinks, you can manually protect your |
226 ! to run in a chroot with a non\-\(dq\&/\(dq\& path for the top of the transfer hierarchy. |
226 -symlinks from being abused by prefixing \(dq\&/rsyncd\-munged/\(dq\& to the start of |
227 Doing this guards against unintended library loading (since those absolute |
227 -every symlink\(cq\&s value. There is a perl script in the support directory |
228 paths will not be inside the transfer hierarchy unless you have used an unwise |
228 -of the source code named \(dq\&munge\-symlinks\(dq\& that can be used to add or remove |
229 pathname), and lets you setup libraries for the chroot that are outside of the |
229 +symlinks from being abused by prefixing \(lq/rsyncd-munged/\(rq to the start of |
230 ! transfer. For example, specifying \(dq\&/var/rsync/./module1\(dq\& will chroot to the |
230 +every symlink's value. There is a perl script in the support directory |
231 ! \(dq\&/var/rsync\(dq\& directory and set the inside\-chroot path to \(dq\&/module1\(dq\&. If you |
231 +of the source code named \(lqmunge-symlinks\(rq that can be used to add or remove |
232 ! had omitted the dot\-dir, the chroot would have used the whole path, and the |
232 this prefix from your symlinks. |
233 ! inside\-chroot path would have been \(dq\&/\(dq\&. |
233 .IP |
234 .IP |
234 -When this parameter is disabled on a writable module and \(dq\&use chroot\(dq\& is off |
235 ! When \(dq\&use chroot\(dq\& is false or the inside\-chroot path is not \(dq\&/\(dq\&, rsync will: |
235 -(or the inside\-chroot path is not \(dq\&/\(dq\&), |
236 (1) munge symlinks by |
236 -incoming symlinks will be modified to drop a leading slash and to remove \(dq\&..\(dq\& |
237 ! default for security reasons (see \(dq\&munge symlinks\(dq\& for a way to turn this |
237 -path elements that rsync believes will allow a symlink to escape the module\(cq\&s |
238 off, but only if you trust your users), (2) substitute leading slashes in |
238 +When this parameter is disabled on a writable module and \(lquse chroot\(rq is off |
239 ! absolute paths with the module\(cq\&s path (so that options such as |
239 +(or the inside-chroot path is not \(lq/\(rq), |
240 \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as |
240 +incoming symlinks will be modified to drop a leading slash and to remove \(lq..\(rq |
241 ! rooted in the module\(cq\&s \(dq\&path\(dq\& dir), and (3) trim \(dq\&..\(dq\& path elements from |
241 +path elements that rsync believes will allow a symlink to escape the module's |
242 args if rsync believes they would escape the module hierarchy. |
242 hierarchy. There are tricky ways to work around this, though, so you had |
243 ! The default for \(dq\&use chroot\(dq\& is true, and is the safer choice (especially |
243 better trust your users if you choose this combination of parameters. |
244 ! if the module is not read\-only). |
244 .IP |
245 .IP |
245 .IP "\fBcharset\fP" |
246 When this parameter is enabled, rsync will not attempt to map users and groups |
246 This specifies the name of the character set in which the |
247 by name (by default), but instead copy IDs as though \fB\-\-numeric\-ids\fP had |
247 -module\(cq\&s filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
248 ! been specified. In order to enable name\-mapping, rsync needs to be able to |
248 -the daemon will use the value of the \(dq\&charset\(dq\& parameter regardless of the |
249 use the standard library functions for looking up names and IDs (i.e. |
249 +module's filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
250 \f(CWgetpwuid()\fP |
250 +the daemon will use the value of the \(lqcharset\(rq parameter regardless of the |
251 , |
251 character set the client actually passed. This allows the daemon to |
252 *************** |
252 support charset conversion in a chroot module without extra files in the |
253 *** 191,202 **** |
253 -chroot area, and also ensures that name\-translation is done in a consistent |
254 used by these library functions (traditionally /etc/passwd and |
254 -manner. If the \(dq\&charset\(dq\& parameter is not set, the \fB\-\-iconv\fP option is |
255 /etc/group, but perhaps additional dynamic libraries as well). |
255 -refused, just as if \(dq\&iconv\(dq\& had been specified via \(dq\&refuse options\(dq\&. |
256 .IP |
256 +chroot area, and also ensures that name-translation is done in a consistent |
257 ! If you copy the necessary resources into the module's chroot area, you |
257 +manner. If the \(lqcharset\(rq parameter is not set, the \fB\-\-iconv\fP option is |
258 ! should protect them through your OS's normal user/group or ACL settings (to |
258 +refused, just as if \(lqiconv\(rq had been specified via \(lqrefuse options\(rq. |
259 ! prevent the rsync module's user from being able to change them), and then |
259 .IP |
260 ! hide them from the user's view via \(lqexclude\(rq (see how in the discussion of |
260 If you wish to force users to always use \fB\-\-iconv\fP for a particular |
261 that parameter). At that point it will be safe to enable the mapping of users |
261 -module, add \(dq\&no\-iconv\(dq\& to the \(dq\&refuse options\(dq\& parameter. Keep in mind |
262 ! and groups by name using the \(lqnumeric ids\(rq daemon parameter (see below). |
262 +module, add \(lqno-iconv\(rq to the \(lqrefuse options\(rq parameter. Keep in mind |
263 .IP |
263 that this will restrict access to your module to very new rsync clients. |
264 Note also that you are free to setup custom user/group information in the |
264 .IP |
265 chroot area that is different from your normal system. For example, you |
265 .IP "\fBmax connections\fP" |
266 --- 191,202 ---- |
266 @@ -273,21 +273,21 @@ |
267 used by these library functions (traditionally /etc/passwd and |
267 Any clients connecting when the maximum has been reached will receive a |
268 /etc/group, but perhaps additional dynamic libraries as well). |
268 message telling them to try later. The default is 0, which means no limit. |
269 .IP |
269 A negative value disables the module. |
270 ! If you copy the necessary resources into the module\(cq\&s chroot area, you |
270 -See also the \(dq\&lock file\(dq\& parameter. |
271 ! should protect them through your OS\(cq\&s normal user/group or ACL settings (to |
271 +See also the \(lqlock file\(rq parameter. |
272 ! prevent the rsync module\(cq\&s user from being able to change them), and then |
272 .IP |
273 ! hide them from the user\(cq\&s view via \(dq\&exclude\(dq\& (see how in the discussion of |
273 .IP "\fBlog file\fP" |
274 that parameter). At that point it will be safe to enable the mapping of users |
274 -When the \(dq\&log file\(dq\& parameter is set to a non\-empty |
275 ! and groups by name using the \(dq\&numeric ids\(dq\& daemon parameter (see below). |
275 +When the \(lqlog file\(rq parameter is set to a non-empty |
276 .IP |
276 string, the rsync daemon will log messages to the indicated file rather |
277 Note also that you are free to setup custom user/group information in the |
277 than using syslog. This is particularly useful on systems (such as AIX) |
278 chroot area that is different from your normal system. For example, you |
278 where |
279 *************** |
279 \f(CWsyslog()\fP |
280 *** 205,216 **** |
280 -doesn\(cq\&t work for chrooted programs. The file is |
281 .IP "\fBnumeric ids\fP" |
281 +doesn't work for chrooted programs. The file is |
282 Enabling this parameter disables the mapping |
282 opened before |
283 of users and groups by name for the current daemon module. This prevents |
283 \f(CWchroot()\fP |
284 ! the daemon from trying to load any user/group-related files or libraries. |
284 is called, allowing it to be placed outside |
285 This enabling makes the transfer behave as if the client had passed |
285 -the transfer. If this value is set on a per\-module basis instead of |
286 ! the \fB\-\-numeric\-ids\fP command-line option. By default, this parameter is |
286 +the transfer. If this value is set on a per-module basis instead of |
287 ! enabled for chroot modules and disabled for non-chroot modules. |
287 globally, the global log will still contain any authorization failures |
288 .IP |
288 -or config\-file error messages. |
289 ! A chroot-enabled module should not have this parameter enabled unless you've |
289 +or config-file error messages. |
290 taken steps to ensure that the module has the necessary resources it needs |
290 .IP |
291 to translate names, and that it is not possible for a user to change those |
291 If the daemon fails to open the specified file, it will fall back to |
292 resources. |
292 using syslog and output an error about the failure. (Note that the |
293 --- 205,216 ---- |
293 @@ -300,19 +300,19 @@ |
294 .IP "\fBnumeric ids\fP" |
294 defined on your system. Common names are auth, authpriv, cron, daemon, |
295 Enabling this parameter disables the mapping |
295 ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0, |
296 of users and groups by name for the current daemon module. This prevents |
296 local1, local2, local3, local4, local5, local6 and local7. The default |
297 ! the daemon from trying to load any user/group\-related files or libraries. |
297 -is daemon. This setting has no effect if the \(dq\&log file\(dq\& setting is a |
298 This enabling makes the transfer behave as if the client had passed |
298 -non\-empty string (either set in the per\-modules settings, or inherited |
299 ! the \fB\-\-numeric\-ids\fP command\-line option. By default, this parameter is |
299 +is daemon. This setting has no effect if the \(lqlog file\(rq setting is a |
300 ! enabled for chroot modules and disabled for non\-chroot modules. |
300 +non-empty string (either set in the per-modules settings, or inherited |
301 .IP |
301 from the global settings). |
302 ! A chroot\-enabled module should not have this parameter enabled unless you\(cq\&ve |
302 .IP |
303 taken steps to ensure that the module has the necessary resources it needs |
303 .IP "\fBmax verbosity\fP" |
304 to translate names, and that it is not possible for a user to change those |
304 This parameter allows you to control |
305 resources. |
305 -the maximum amount of verbose information that you\(cq\&ll allow the daemon to |
306 *************** |
306 +the maximum amount of verbose information that you'll allow the daemon to |
307 *** 219,270 **** |
307 generate (since the information goes into the log file). The default is 1, |
308 This parameter tells rsync to modify |
308 which allows the client to request one level of verbosity. |
309 all incoming symlinks in a way that makes them unusable but recoverable |
309 .IP |
310 (see below). This should help protect your files from user trickery when |
310 .IP "\fBlock file\fP" |
311 ! your daemon module is writable. The default is disabled when \(lquse chroot\(rq |
311 This parameter specifies the file to use to |
312 ! is on and the inside-chroot path is \(lq/\(rq, otherwise it is enabled. |
312 -support the \(dq\&max connections\(dq\& parameter. The rsync daemon uses record |
313 .IP |
313 +support the \(lqmax connections\(rq parameter. The rsync daemon uses record |
314 ! If you disable this parameter on a daemon that is not read-only, there |
314 locking on this file to ensure that the max connections limit is not |
315 are tricks that a user can play with uploaded symlinks to access |
315 exceeded for the modules sharing the lock file. |
316 ! daemon-excluded items (if your module has any), and, if \(lquse chroot\(rq |
316 The default is \f(CW/var/run/rsyncd.lock\fP. |
317 is off, rsync can even be tricked into showing or changing data that |
317 @@ -319,15 +319,15 @@ |
318 ! is outside the module's path (as access-permissions allow). |
318 .IP |
319 .IP |
319 .IP "\fBread only\fP" |
320 The way rsync disables the use of symlinks is to prefix each one with |
320 This parameter determines whether clients |
321 ! the string \(lq/rsyncd-munged/\(rq. This prevents the links from being used |
321 -will be able to upload files or not. If \(dq\&read only\(dq\& is true then any |
322 as long as that directory does not exist. When this parameter is enabled, |
322 -attempted uploads will fail. If \(dq\&read only\(dq\& is false then uploads will |
323 rsync will refuse to run if that path is a directory or a symlink to |
323 +will be able to upload files or not. If \(lqread only\(rq is true then any |
324 ! a directory. When using the \(lqmunge symlinks\(rq parameter in a chroot area |
324 +attempted uploads will fail. If \(lqread only\(rq is false then uploads will |
325 ! that has an inside-chroot path of \(lq/\(rq, you should add \(lq/rsyncd-munged/\(rq |
325 be possible if file permissions on the daemon side allow them. The default |
326 to the exclude setting for the module so that |
326 is for all modules to be read only. |
327 ! a user can't try to create it. |
327 .IP |
328 .IP |
328 .IP "\fBwrite only\fP" |
329 ! Note: rsync makes no attempt to verify that any pre-existing symlinks in |
329 This parameter determines whether clients |
330 ! the module's hierarchy are as safe as you want them to be (unless, of |
330 -will be able to download files or not. If \(dq\&write only\(dq\& is true then any |
331 course, it just copied in the whole hierarchy). If you setup an rsync |
331 -attempted downloads will fail. If \(dq\&write only\(dq\& is false then downloads |
332 daemon on a new area or locally add symlinks, you can manually protect your |
332 +will be able to download files or not. If \(lqwrite only\(rq is true then any |
333 ! symlinks from being abused by prefixing \(lq/rsyncd-munged/\(rq to the start of |
333 +attempted downloads will fail. If \(lqwrite only\(rq is false then downloads |
334 ! every symlink's value. There is a perl script in the support directory |
334 will be possible if file permissions on the daemon side allow them. The |
335 ! of the source code named \(lqmunge-symlinks\(rq that can be used to add or remove |
335 default is for this parameter to be disabled. |
336 this prefix from your symlinks. |
336 .IP |
337 .IP |
337 @@ -340,19 +340,19 @@ |
338 ! When this parameter is disabled on a writable module and \(lquse chroot\(rq is off |
338 .IP "\fBuid\fP" |
339 ! (or the inside-chroot path is not \(lq/\(rq), |
339 This parameter specifies the user name or user ID that |
340 ! incoming symlinks will be modified to drop a leading slash and to remove \(lq..\(rq |
340 file transfers to and from that module should take place as when the daemon |
341 ! path elements that rsync believes will allow a symlink to escape the module's |
341 -was run as root. In combination with the \(dq\&gid\(dq\& parameter this determines what |
342 hierarchy. There are tricky ways to work around this, though, so you had |
342 +was run as root. In combination with the \(lqgid\(rq parameter this determines what |
343 better trust your users if you choose this combination of parameters. |
343 file permissions are available. The default is uid \-2, which is normally |
344 .IP |
344 -the user \(dq\&nobody\(dq\&. |
345 .IP "\fBcharset\fP" |
345 +the user \(lqnobody\(rq. |
346 This specifies the name of the character set in which the |
346 .IP |
347 ! module's filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
347 .IP "\fBgid\fP" |
348 ! the daemon will use the value of the \(lqcharset\(rq parameter regardless of the |
348 This parameter specifies the group name or group ID that |
349 character set the client actually passed. This allows the daemon to |
349 file transfers to and from that module should take place as when the daemon |
350 support charset conversion in a chroot module without extra files in the |
350 -was run as root. This complements the \(dq\&uid\(dq\& parameter. The default is gid \-2, |
351 ! chroot area, and also ensures that name-translation is done in a consistent |
351 -which is normally the group \(dq\&nobody\(dq\&. |
352 ! manner. If the \(lqcharset\(rq parameter is not set, the \fB\-\-iconv\fP option is |
352 +was run as root. This complements the \(lquid\(rq parameter. The default is gid \-2, |
353 ! refused, just as if \(lqiconv\(rq had been specified via \(lqrefuse options\(rq. |
353 +which is normally the group \(lqnobody\(rq. |
354 .IP |
354 .IP |
355 If you wish to force users to always use \fB\-\-iconv\fP for a particular |
355 .IP "\fBfake super\fP" |
356 ! module, add \(lqno-iconv\(rq to the \(lqrefuse options\(rq parameter. Keep in mind |
356 -Setting \(dq\&fake super = yes\(dq\& for a module causes the |
357 that this will restrict access to your module to very new rsync clients. |
357 -daemon side to behave as if the \fB\-\-fake\-super\fP command\-line option had |
358 .IP |
358 +Setting \(lqfake super = yes\(rq for a module causes the |
359 .IP "\fBmax connections\fP" |
359 +daemon side to behave as if the \fB\-\-fake\-user\fP command-line option had |
360 --- 219,270 ---- |
360 been specified. This allows the full attributes of a file to be stored |
361 This parameter tells rsync to modify |
361 without having to have the daemon actually running as root. |
362 all incoming symlinks in a way that makes them unusable but recoverable |
362 .IP |
363 (see below). This should help protect your files from user trickery when |
363 @@ -360,7 +360,7 @@ |
364 ! your daemon module is writable. The default is disabled when \(dq\&use chroot\(dq\& |
364 The daemon has its own filter chain that determines what files |
365 ! is on and the inside\-chroot path is \(dq\&/\(dq\&, otherwise it is enabled. |
365 it will let the client access. This chain is not sent to the client and is |
366 .IP |
366 independent of any filters the client may have specified. Files excluded by |
367 ! If you disable this parameter on a daemon that is not read\-only, there |
367 -the daemon filter chain (\fBdaemon\-excluded\fP files) are treated as non\-existent |
368 are tricks that a user can play with uploaded symlinks to access |
368 +the daemon filter chain (\fBdaemon-excluded\fP files) are treated as non-existent |
369 ! daemon\-excluded items (if your module has any), and, if \(dq\&use chroot\(dq\& |
369 if the client tries to pull them, are skipped with an error message if the |
370 is off, rsync can even be tricked into showing or changing data that |
370 client tries to push them (triggering exit code 23), and are never deleted from |
371 ! is outside the module\(cq\&s path (as access\-permissions allow). |
371 the module. You can use daemon filters to prevent clients from downloading or |
372 .IP |
372 @@ -367,55 +367,55 @@ |
373 The way rsync disables the use of symlinks is to prefix each one with |
373 tampering with private administrative files, such as files you may add to |
374 ! the string \(dq\&/rsyncd\-munged/\(dq\&. This prevents the links from being used |
374 support uid/gid name translations. |
375 as long as that directory does not exist. When this parameter is enabled, |
375 .IP |
376 rsync will refuse to run if that path is a directory or a symlink to |
376 -The daemon filter chain is built from the \(dq\&filter\(dq\&, \(dq\&include from\(dq\&, \(dq\&include\(dq\&, |
377 ! a directory. When using the \(dq\&munge symlinks\(dq\& parameter in a chroot area |
377 -\(dq\&exclude from\(dq\&, and \(dq\&exclude\(dq\& parameters, in that order of priority. Anchored |
378 ! that has an inside\-chroot path of \(dq\&/\(dq\&, you should add \(dq\&/rsyncd\-munged/\(dq\& |
378 +The daemon filter chain is built from the \(lqfilter\(rq, \(lqinclude from\(rq, \(lqinclude\(rq, |
379 to the exclude setting for the module so that |
379 +\(lqexclude from\(rq, and \(lqexclude\(rq parameters, in that order of priority. Anchored |
380 ! a user can\(cq\&t try to create it. |
380 patterns are anchored at the root of the module. To prevent access to an |
381 .IP |
381 -entire subtree, for example, \(dq\&/secret\(dq\&, you \fImust\fP exclude everything in the |
382 ! Note: rsync makes no attempt to verify that any pre\-existing symlinks in |
382 -subtree; the easiest way to do this is with a triple\-star pattern like |
383 ! the module\(cq\&s hierarchy are as safe as you want them to be (unless, of |
383 -\(dq\&/secret/***\(dq\&. |
384 course, it just copied in the whole hierarchy). If you setup an rsync |
384 +entire subtree, for example, \(lq/secret\(rq, you \fImust\fP exclude everything in the |
385 daemon on a new area or locally add symlinks, you can manually protect your |
385 +subtree; the easiest way to do this is with a triple-star pattern like |
386 ! symlinks from being abused by prefixing \(dq\&/rsyncd\-munged/\(dq\& to the start of |
386 +\(lq/secret/***\(rq. |
387 ! every symlink\(cq\&s value. There is a perl script in the support directory |
387 .IP |
388 ! of the source code named \(dq\&munge\-symlinks\(dq\& that can be used to add or remove |
388 -The \(dq\&filter\(dq\& parameter takes a space\-separated list of daemon filter rules, |
389 this prefix from your symlinks. |
389 +The \(lqfilter\(rq parameter takes a space-separated list of daemon filter rules, |
390 .IP |
390 though it is smart enough to know not to split a token at an internal space in |
391 ! When this parameter is disabled on a writable module and \(dq\&use chroot\(dq\& is off |
391 -a rule (e.g. \(dq\&\- /foo \(em /bar\(dq\& is parsed as two rules). You may specify one or |
392 ! (or the inside\-chroot path is not \(dq\&/\(dq\&), |
392 -more merge\-file rules using the normal syntax. Only one \(dq\&filter\(dq\& parameter can |
393 ! incoming symlinks will be modified to drop a leading slash and to remove \(dq\&..\(dq\& |
393 +a rule (e.g. \(lq\- /foo \(em /bar\(rq is parsed as two rules). You may specify one or |
394 ! path elements that rsync believes will allow a symlink to escape the module\(cq\&s |
394 +more merge-file rules using the normal syntax. Only one \(lqfilter\(rq parameter can |
395 hierarchy. There are tricky ways to work around this, though, so you had |
395 apply to a given module in the config file, so put all the rules you want in a |
396 better trust your users if you choose this combination of parameters. |
396 -single parameter. Note that per\-directory merge\-file rules do not provide as |
397 .IP |
397 +single parameter. Note that per-directory merge-file rules do not provide as |
398 .IP "\fBcharset\fP" |
398 much protection as global rules, but they can be used to make \fB\-\-delete\fP work |
399 This specifies the name of the character set in which the |
399 -better during a client download operation if the per\-dir merge files are |
400 ! module\(cq\&s filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
400 +better during a client download operation if the per-dir merge files are |
401 ! the daemon will use the value of the \(dq\&charset\(dq\& parameter regardless of the |
401 included in the transfer and the client requests that they be used. |
402 character set the client actually passed. This allows the daemon to |
402 .IP |
403 support charset conversion in a chroot module without extra files in the |
403 .IP "\fBexclude\fP" |
404 ! chroot area, and also ensures that name\-translation is done in a consistent |
404 -This parameter takes a space\-separated list of daemon |
405 ! manner. If the \(dq\&charset\(dq\& parameter is not set, the \fB\-\-iconv\fP option is |
405 +This parameter takes a space-separated list of daemon |
406 ! refused, just as if \(dq\&iconv\(dq\& had been specified via \(dq\&refuse options\(dq\&. |
406 exclude patterns. As with the client \fB\-\-exclude\fP option, patterns can be |
407 .IP |
407 -qualified with \(dq\&\- \(dq\& or \(dq\&+ \(dq\& to explicitly indicate exclude/include. Only one |
408 If you wish to force users to always use \fB\-\-iconv\fP for a particular |
408 -\(dq\&exclude\(dq\& parameter can apply to a given module. See the \(dq\&filter\(dq\& parameter |
409 ! module, add \(dq\&no\-iconv\(dq\& to the \(dq\&refuse options\(dq\& parameter. Keep in mind |
409 +qualified with \(lq\- \(rq or \(lq+ \(rq to explicitly indicate exclude/include. Only one |
410 that this will restrict access to your module to very new rsync clients. |
410 +\(lqexclude\(rq parameter can apply to a given module. See the \(lqfilter\(rq parameter |
411 .IP |
411 for a description of how excluded files affect the daemon. |
412 .IP "\fBmax connections\fP" |
412 .IP |
413 *************** |
413 .IP "\fBinclude\fP" |
414 *** 273,293 **** |
414 -Use an \(dq\&include\(dq\& to override the effects of the \(dq\&exclude\(dq\& |
415 Any clients connecting when the maximum has been reached will receive a |
415 -parameter. Only one \(dq\&include\(dq\& parameter can apply to a given module. See the |
416 message telling them to try later. The default is 0, which means no limit. |
416 -\(dq\&filter\(dq\& parameter for a description of how excluded files affect the daemon. |
417 A negative value disables the module. |
417 +Use an \(lqinclude\(rq to override the effects of the \(lqexclude\(rq |
418 ! See also the \(lqlock file\(rq parameter. |
418 +parameter. Only one \(lqinclude\(rq parameter can apply to a given module. See the |
419 .IP |
419 +\(lqfilter\(rq parameter for a description of how excluded files affect the daemon. |
420 .IP "\fBlog file\fP" |
420 .IP |
421 ! When the \(lqlog file\(rq parameter is set to a non-empty |
421 .IP "\fBexclude from\fP" |
422 string, the rsync daemon will log messages to the indicated file rather |
422 This parameter specifies the name of a file |
423 than using syslog. This is particularly useful on systems (such as AIX) |
423 on the daemon that contains daemon exclude patterns, one per line. Only one |
424 where |
424 -\(dq\&exclude from\(dq\& parameter can apply to a given module; if you have multiple |
425 \f(CWsyslog()\fP |
425 -exclude\-from files, you can specify them as a merge file in the \(dq\&filter\(dq\& |
426 ! doesn't work for chrooted programs. The file is |
426 -parameter. See the \(dq\&filter\(dq\& parameter for a description of how excluded files |
427 opened before |
427 +\(lqexclude from\(rq parameter can apply to a given module; if you have multiple |
428 \f(CWchroot()\fP |
428 +exclude-from files, you can specify them as a merge file in the \(lqfilter\(rq |
429 is called, allowing it to be placed outside |
429 +parameter. See the \(lqfilter\(rq parameter for a description of how excluded files |
430 ! the transfer. If this value is set on a per-module basis instead of |
430 affect the daemon. |
431 globally, the global log will still contain any authorization failures |
431 .IP |
432 ! or config-file error messages. |
432 .IP "\fBinclude from\fP" |
433 .IP |
433 -Analogue of \(dq\&exclude from\(dq\& for a file of daemon include |
434 If the daemon fails to open the specified file, it will fall back to |
434 -patterns. Only one \(dq\&include from\(dq\& parameter can apply to a given module. See |
435 using syslog and output an error about the failure. (Note that the |
435 -the \(dq\&filter\(dq\& parameter for a description of how excluded files affect the |
436 --- 273,293 ---- |
436 +Analogue of \(lqexclude from\(rq for a file of daemon include |
437 Any clients connecting when the maximum has been reached will receive a |
437 +patterns. Only one \(lqinclude from\(rq parameter can apply to a given module. See |
438 message telling them to try later. The default is 0, which means no limit. |
438 +the \(lqfilter\(rq parameter for a description of how excluded files affect the |
439 A negative value disables the module. |
439 daemon. |
440 ! See also the \(dq\&lock file\(dq\& parameter. |
440 .IP |
441 .IP |
441 .IP "\fBincoming chmod\fP" |
442 .IP "\fBlog file\fP" |
442 This parameter allows you to specify a set of |
443 ! When the \(dq\&log file\(dq\& parameter is set to a non\-empty |
443 -comma\-separated chmod strings that will affect the permissions of all |
444 string, the rsync daemon will log messages to the indicated file rather |
444 +comma-separated chmod strings that will affect the permissions of all |
445 than using syslog. This is particularly useful on systems (such as AIX) |
445 incoming files (files that are being received by the daemon). These |
446 where |
446 changes happen after all other permission calculations, and this will |
447 \f(CWsyslog()\fP |
447 -even override destination\-default and/or existing permissions when the |
448 ! doesn\(cq\&t work for chrooted programs. The file is |
448 +even override destination-default and/or existing permissions when the |
449 opened before |
449 client does not specify \fB\-\-perms\fP. |
450 \f(CWchroot()\fP |
450 See the description of the \fB\-\-chmod\fP rsync option and the \fBchmod\fP(1) |
451 is called, allowing it to be placed outside |
451 manpage for information on the format of this string. |
452 ! the transfer. If this value is set on a per\-module basis instead of |
452 @@ -422,7 +422,7 @@ |
453 globally, the global log will still contain any authorization failures |
453 .IP |
454 ! or config\-file error messages. |
454 .IP "\fBoutgoing chmod\fP" |
455 .IP |
455 This parameter allows you to specify a set of |
456 If the daemon fails to open the specified file, it will fall back to |
456 -comma\-separated chmod strings that will affect the permissions of all |
457 using syslog and output an error about the failure. (Note that the |
457 +comma-separated chmod strings that will affect the permissions of all |
458 *************** |
458 outgoing files (files that are being sent out from the daemon). These |
459 *** 300,318 **** |
459 changes happen first, making the sent permissions appear to be different |
460 defined on your system. Common names are auth, authpriv, cron, daemon, |
460 than those stored in the filesystem itself. For instance, you could |
461 ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0, |
461 @@ -433,41 +433,41 @@ |
462 local1, local2, local3, local4, local5, local6 and local7. The default |
462 .IP |
463 ! is daemon. This setting has no effect if the \(lqlog file\(rq setting is a |
463 .IP "\fBauth users\fP" |
464 ! non-empty string (either set in the per-modules settings, or inherited |
464 This parameter specifies a comma and |
465 from the global settings). |
465 -space\-separated list of usernames that will be allowed to connect to |
466 .IP |
466 +space-separated list of usernames that will be allowed to connect to |
467 .IP "\fBmax verbosity\fP" |
467 this module. The usernames do not need to exist on the local |
468 This parameter allows you to control |
468 system. The usernames may also contain shell wildcard characters. If |
469 ! the maximum amount of verbose information that you'll allow the daemon to |
469 -\(dq\&auth users\(dq\& is set then the client will be challenged to supply a |
470 generate (since the information goes into the log file). The default is 1, |
470 +\(lqauth users\(rq is set then the client will be challenged to supply a |
471 which allows the client to request one level of verbosity. |
471 username and password to connect to the module. A challenge response |
472 .IP |
472 authentication protocol is used for this exchange. The plain text |
473 .IP "\fBlock file\fP" |
473 usernames and passwords are stored in the file specified by the |
474 This parameter specifies the file to use to |
474 -\(dq\&secrets file\(dq\& parameter. The default is for all users to be able to |
475 ! support the \(lqmax connections\(rq parameter. The rsync daemon uses record |
475 -connect without a password (this is called \(dq\&anonymous rsync\(dq\&). |
476 locking on this file to ensure that the max connections limit is not |
476 +\(lqsecrets file\(rq parameter. The default is for all users to be able to |
477 exceeded for the modules sharing the lock file. |
477 +connect without a password (this is called \(lqanonymous rsync\(rq). |
478 The default is \f(CW/var/run/rsyncd.lock\fP. |
478 .IP |
479 --- 300,318 ---- |
479 -See also the section entitled \(dq\&USING RSYNC\-DAEMON FEATURES VIA A REMOTE |
480 defined on your system. Common names are auth, authpriv, cron, daemon, |
480 -SHELL CONNECTION\(dq\& in \fBrsync\fP(1) for information on how handle an |
481 ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0, |
481 -rsyncd.conf\-level username that differs from the remote\-shell\-level |
482 local1, local2, local3, local4, local5, local6 and local7. The default |
482 +See also the \(lqCONNECTING TO AN RSYNC DAEMON OVER A REMOTE SHELL |
483 ! is daemon. This setting has no effect if the \(dq\&log file\(dq\& setting is a |
483 +PROGRAM\(rq section in \fBrsync\fP(1) for information on how handle an |
484 ! non\-empty string (either set in the per\-modules settings, or inherited |
484 +rsyncd.conf\-level username that differs from the remote-shell-level |
485 from the global settings). |
485 username when using a remote shell to connect to an rsync daemon. |
486 .IP |
486 .IP |
487 .IP "\fBmax verbosity\fP" |
487 .IP "\fBsecrets file\fP" |
488 This parameter allows you to control |
488 This parameter specifies the name of |
489 ! the maximum amount of verbose information that you\(cq\&ll allow the daemon to |
489 a file that contains the username:password pairs used for |
490 generate (since the information goes into the log file). The default is 1, |
490 -authenticating this module. This file is only consulted if the \(dq\&auth |
491 which allows the client to request one level of verbosity. |
491 -users\(dq\& parameter is specified. The file is line based and contains |
492 .IP |
492 +authenticating this module. This file is only consulted if the \(lqauth |
493 .IP "\fBlock file\fP" |
493 +users\(rq parameter is specified. The file is line based and contains |
494 This parameter specifies the file to use to |
494 username:password pairs separated by a single colon. Any line starting |
495 ! support the \(dq\&max connections\(dq\& parameter. The rsync daemon uses record |
495 with a hash (#) is considered a comment and is skipped. The passwords |
496 locking on this file to ensure that the max connections limit is not |
496 can contain any characters but be warned that many operating systems |
497 exceeded for the modules sharing the lock file. |
497 limit the length of passwords that can be typed at the client end, so |
498 The default is \f(CW/var/run/rsyncd.lock\fP. |
498 -you may find that passwords longer than 8 characters don\(cq\&t work. |
499 *************** |
499 +you may find that passwords longer than 8 characters don't work. |
500 *** 319,333 **** |
500 .IP |
501 .IP |
501 -There is no default for the \(dq\&secrets file\(dq\& parameter, you must choose a name |
502 .IP "\fBread only\fP" |
502 +There is no default for the \(lqsecrets file\(rq parameter, you must choose a name |
503 This parameter determines whether clients |
503 (such as \f(CW/etc/rsyncd.secrets\fP). The file must normally not be readable |
504 ! will be able to upload files or not. If \(lqread only\(rq is true then any |
504 -by \(dq\&other\(dq\&; see \(dq\&strict modes\(dq\&. |
505 ! attempted uploads will fail. If \(lqread only\(rq is false then uploads will |
505 +by \(lqother\(rq; see \(lqstrict modes\(rq. |
506 be possible if file permissions on the daemon side allow them. The default |
506 .IP |
507 is for all modules to be read only. |
507 .IP "\fBstrict modes\fP" |
508 .IP |
508 This parameter determines whether or not |
509 .IP "\fBwrite only\fP" |
509 -the permissions on the secrets file will be checked. If \(dq\&strict modes\(dq\& is |
510 This parameter determines whether clients |
510 +the permissions on the secrets file will be checked. If \(lqstrict modes\(rq is |
511 ! will be able to download files or not. If \(lqwrite only\(rq is true then any |
511 true, then the secrets file must not be readable by any user ID other |
512 ! attempted downloads will fail. If \(lqwrite only\(rq is false then downloads |
512 -than the one that the rsync daemon is running under. If \(dq\&strict modes\(dq\& is |
513 will be possible if file permissions on the daemon side allow them. The |
513 +than the one that the rsync daemon is running under. If \(lqstrict modes\(rq is |
514 default is for this parameter to be disabled. |
514 false, the check is not performed. The default is true. This parameter |
515 .IP |
515 was added to accommodate rsync running on the Windows operating system. |
516 --- 319,333 ---- |
516 .IP |
517 .IP |
517 @@ -482,7 +482,7 @@ |
518 .IP "\fBread only\fP" |
518 .RS |
519 This parameter determines whether clients |
519 .IP o |
520 ! will be able to upload files or not. If \(dq\&read only\(dq\& is true then any |
520 a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address |
521 ! attempted uploads will fail. If \(dq\&read only\(dq\& is false then uploads will |
521 -of the form a:b:c::d:e:f. In this case the incoming machine\(cq\&s IP address |
522 be possible if file permissions on the daemon side allow them. The default |
522 +of the form a:b:c::d:e:f. In this case the incoming machine's IP address |
523 is for all modules to be read only. |
523 must match exactly. |
524 .IP |
524 .IP o |
525 .IP "\fBwrite only\fP" |
525 an address/mask in the form ipaddr/n where ipaddr is the IP address |
526 This parameter determines whether clients |
526 @@ -504,7 +504,7 @@ |
527 ! will be able to download files or not. If \(dq\&write only\(dq\& is true then any |
527 .RE |
528 ! attempted downloads will fail. If \(dq\&write only\(dq\& is false then downloads |
528 |
529 will be possible if file permissions on the daemon side allow them. The |
529 .IP |
530 default is for this parameter to be disabled. |
530 -Note IPv6 link\-local addresses can have a scope in the address specification: |
531 .IP |
531 +Note IPv6 link-local addresses can have a scope in the address specification: |
532 *************** |
532 .IP |
533 *** 340,358 **** |
533 .RS |
534 .IP "\fBuid\fP" |
534 \f(CW fe80::1%link1\fP |
535 This parameter specifies the user name or user ID that |
535 @@ -516,23 +516,23 @@ |
536 file transfers to and from that module should take place as when the daemon |
536 .RE |
537 ! was run as root. In combination with the \(lqgid\(rq parameter this determines what |
537 |
538 file permissions are available. The default is uid \-2, which is normally |
538 .IP |
539 ! the user \(lqnobody\(rq. |
539 -You can also combine \(dq\&hosts allow\(dq\& with a separate \(dq\&hosts deny\(dq\& |
540 .IP |
540 -parameter. If both parameters are specified then the \(dq\&hosts allow\(dq\& parameter is |
541 .IP "\fBgid\fP" |
541 +You can also combine \(lqhosts allow\(rq with a separate \(lqhosts deny\(rq |
542 This parameter specifies the group name or group ID that |
542 +parameter. If both parameters are specified then the \(lqhosts allow\(rq parameter is |
543 file transfers to and from that module should take place as when the daemon |
543 checked first and a match results in the client being able to |
544 ! was run as root. This complements the \(lquid\(rq parameter. The default is gid \-2, |
544 -connect. The \(dq\&hosts deny\(dq\& parameter is then checked and a match means |
545 ! which is normally the group \(lqnobody\(rq. |
545 +connect. The \(lqhosts deny\(rq parameter is then checked and a match means |
546 .IP |
546 that the host is rejected. If the host does not match either the |
547 .IP "\fBfake super\fP" |
547 -\(dq\&hosts allow\(dq\& or the \(dq\&hosts deny\(dq\& patterns then it is allowed to |
548 ! Setting \(lqfake super = yes\(rq for a module causes the |
548 +\(lqhosts allow\(rq or the \(lqhosts deny\(rq patterns then it is allowed to |
549 ! daemon side to behave as if the \fB\-\-fake\-user\fP command-line option had |
549 connect. |
550 been specified. This allows the full attributes of a file to be stored |
550 .IP |
551 without having to have the daemon actually running as root. |
551 -The default is no \(dq\&hosts allow\(dq\& parameter, which means all hosts can connect. |
552 .IP |
552 +The default is no \(lqhosts allow\(rq parameter, which means all hosts can connect. |
553 --- 340,358 ---- |
553 .IP |
554 .IP "\fBuid\fP" |
554 .IP "\fBhosts deny\fP" |
555 This parameter specifies the user name or user ID that |
555 This parameter allows you to specify a |
556 file transfers to and from that module should take place as when the daemon |
556 list of patterns that are matched against a connecting clients |
557 ! was run as root. In combination with the \(dq\&gid\(dq\& parameter this determines what |
557 hostname and IP address. If the pattern matches then the connection is |
558 file permissions are available. The default is uid \-2, which is normally |
558 -rejected. See the \(dq\&hosts allow\(dq\& parameter for more information. |
559 ! the user \(dq\&nobody\(dq\&. |
559 +rejected. See the \(lqhosts allow\(rq parameter for more information. |
560 .IP |
560 .IP |
561 .IP "\fBgid\fP" |
561 -The default is no \(dq\&hosts deny\(dq\& parameter, which means all hosts can connect. |
562 This parameter specifies the group name or group ID that |
562 +The default is no \(lqhosts deny\(rq parameter, which means all hosts can connect. |
563 file transfers to and from that module should take place as when the daemon |
563 .IP |
564 ! was run as root. This complements the \(dq\&uid\(dq\& parameter. The default is gid \-2, |
564 .IP "\fBignore errors\fP" |
565 ! which is normally the group \(dq\&nobody\(dq\&. |
565 This parameter tells rsyncd to |
566 .IP |
566 @@ -546,32 +546,32 @@ |
567 .IP "\fBfake super\fP" |
567 .IP "\fBignore nonreadable\fP" |
568 ! Setting \(dq\&fake super = yes\(dq\& for a module causes the |
568 This tells the rsync daemon to completely |
569 ! daemon side to behave as if the \fB\-\-fake\-super\fP command\-line option had |
569 ignore files that are not readable by the user. This is useful for |
570 been specified. This allows the full attributes of a file to be stored |
570 -public archives that may have some non\-readable files among the |
571 without having to have the daemon actually running as root. |
571 -directories, and the sysadmin doesn\(cq\&t want those files to be seen at all. |
572 .IP |
572 +public archives that may have some non-readable files among the |
573 *************** |
573 +directories, and the sysadmin doesn't want those files to be seen at all. |
574 *** 360,366 **** |
574 .IP |
575 The daemon has its own filter chain that determines what files |
575 .IP "\fBtransfer logging\fP" |
576 it will let the client access. This chain is not sent to the client and is |
576 -This parameter enables per\-file |
577 independent of any filters the client may have specified. Files excluded by |
577 +This parameter enables per-file |
578 ! the daemon filter chain (\fBdaemon-excluded\fP files) are treated as non-existent |
578 logging of downloads and uploads in a format somewhat similar to that |
579 if the client tries to pull them, are skipped with an error message if the |
579 used by ftp daemons. The daemon always logs the transfer at the end, so |
580 client tries to push them (triggering exit code 23), and are never deleted from |
580 if a transfer is aborted, no mention will be made in the log file. |
581 the module. You can use daemon filters to prevent clients from downloading or |
581 .IP |
582 --- 360,366 ---- |
582 -If you want to customize the log lines, see the \(dq\&log format\(dq\& parameter. |
583 The daemon has its own filter chain that determines what files |
583 +If you want to customize the log lines, see the \(lqlog format\(rq parameter. |
584 it will let the client access. This chain is not sent to the client and is |
584 .IP |
585 independent of any filters the client may have specified. Files excluded by |
585 .IP "\fBlog format\fP" |
586 ! the daemon filter chain (\fBdaemon\-excluded\fP files) are treated as non\-existent |
586 This parameter allows you to specify the |
587 if the client tries to pull them, are skipped with an error message if the |
587 format used for logging file transfers when transfer logging is enabled. |
588 client tries to push them (triggering exit code 23), and are never deleted from |
588 -The format is a text string containing embedded single\-character escape |
589 the module. You can use daemon filters to prevent clients from downloading or |
589 +The format is a text string containing embedded single-character escape |
590 *************** |
590 sequences prefixed with a percent (%) character. An optional numeric |
591 *** 367,421 **** |
591 field width may also be specified between the percent and the escape |
592 tampering with private administrative files, such as files you may add to |
592 -letter (e.g. \(dq\&\fB%\-50n %8l %07p\fP\(dq\&). |
593 support uid/gid name translations. |
593 +letter (e.g. \(lq\fB%\-50n %8l %07p\fP\(rq). |
594 .IP |
594 .IP |
595 ! The daemon filter chain is built from the \(lqfilter\(rq, \(lqinclude from\(rq, \(lqinclude\(rq, |
595 -The default log format is \(dq\&%o %h [%a] %m (%u) %f %l\(dq\&, and a \(dq\&%t [%p] \(dq\& |
596 ! \(lqexclude from\(rq, and \(lqexclude\(rq parameters, in that order of priority. Anchored |
596 -is always prefixed when using the \(dq\&log file\(dq\& parameter. |
597 patterns are anchored at the root of the module. To prevent access to an |
597 +The default log format is \(lq%o %h [%a] %m (%u) %f %l\(rq, and a \(lq%t [%p] \(rq |
598 ! entire subtree, for example, \(lq/secret\(rq, you \fImust\fP exclude everything in the |
598 +is always prefixed when using the \(lqlog file\(rq parameter. |
599 ! subtree; the easiest way to do this is with a triple-star pattern like |
599 (A perl script that will summarize this default log format is included |
600 ! \(lq/secret/***\(rq. |
600 -in the rsync source code distribution in the \(dq\&support\(dq\& subdirectory: |
601 .IP |
601 +in the rsync source code distribution in the \(lqsupport\(rq subdirectory: |
602 ! The \(lqfilter\(rq parameter takes a space-separated list of daemon filter rules, |
602 rsyncstats.) |
603 though it is smart enough to know not to split a token at an internal space in |
603 .IP |
604 ! a rule (e.g. \(lq\- /foo \(em /bar\(rq is parsed as two rules). You may specify one or |
604 -The single\-character escapes that are understood are as follows: |
605 ! more merge-file rules using the normal syntax. Only one \(lqfilter\(rq parameter can |
605 +The single-character escapes that are understood are as follows: |
606 apply to a given module in the config file, so put all the rules you want in a |
606 .IP |
607 ! single parameter. Note that per-directory merge-file rules do not provide as |
607 .RS |
608 much protection as global rules, but they can be used to make \fB\-\-delete\fP work |
608 .IP o |
609 ! better during a client download operation if the per-dir merge files are |
609 @@ -583,9 +583,9 @@ |
610 included in the transfer and the client requests that they be used. |
610 .IP o |
611 .IP |
611 %c the total size of the block checksums received for the basis file (only when sending) |
612 .IP "\fBexclude\fP" |
612 .IP o |
613 ! This parameter takes a space-separated list of daemon |
613 -%f the filename (long form on sender; no trailing \(dq\&/\(dq\&) |
614 exclude patterns. As with the client \fB\-\-exclude\fP option, patterns can be |
614 +%f the filename (long form on sender; no trailing \(lq/\(rq) |
615 ! qualified with \(lq\- \(rq or \(lq+ \(rq to explicitly indicate exclude/include. Only one |
615 .IP o |
616 ! \(lqexclude\(rq parameter can apply to a given module. See the \(lqfilter\(rq parameter |
616 -%G the gid of the file (decimal) or \(dq\&DEFAULT\(dq\& |
617 for a description of how excluded files affect the daemon. |
617 +%G the gid of the file (decimal) or \(lqDEFAULT\(rq |
618 .IP |
618 .IP o |
619 .IP "\fBinclude\fP" |
619 %h the remote host name |
620 ! Use an \(lqinclude\(rq to override the effects of the \(lqexclude\(rq |
620 .IP o |
621 ! parameter. Only one \(lqinclude\(rq parameter can apply to a given module. See the |
621 @@ -593,15 +593,15 @@ |
622 ! \(lqfilter\(rq parameter for a description of how excluded files affect the daemon. |
622 .IP o |
623 .IP |
623 %l the length of the file in bytes |
624 .IP "\fBexclude from\fP" |
624 .IP o |
625 This parameter specifies the name of a file |
625 -%L the string \(dq\& \-> SYMLINK\(dq\&, \(dq\& => HARDLINK\(dq\&, or \(dq\&\(dq\& (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
626 on the daemon that contains daemon exclude patterns, one per line. Only one |
626 +%L the string \(lq \-> SYMLINK\(rq, \(lq => HARDLINK\(rq, or \(lq\(rq (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
627 ! \(lqexclude from\(rq parameter can apply to a given module; if you have multiple |
627 .IP o |
628 ! exclude-from files, you can specify them as a merge file in the \(lqfilter\(rq |
628 %m the module name |
629 ! parameter. See the \(lqfilter\(rq parameter for a description of how excluded files |
629 .IP o |
630 affect the daemon. |
630 -%M the last\-modified time of the file |
631 .IP |
631 +%M the last-modified time of the file |
632 .IP "\fBinclude from\fP" |
632 .IP o |
633 ! Analogue of \(lqexclude from\(rq for a file of daemon include |
633 -%n the filename (short form; trailing \(dq\&/\(dq\& on dir) |
634 ! patterns. Only one \(lqinclude from\(rq parameter can apply to a given module. See |
634 +%n the filename (short form; trailing \(lq/\(rq on dir) |
635 ! the \(lqfilter\(rq parameter for a description of how excluded files affect the |
635 .IP o |
636 daemon. |
636 -%o the operation, which is \(dq\&send\(dq\&, \(dq\&recv\(dq\&, or \(dq\&del.\(dq\& (the latter includes the trailing period) |
637 .IP |
637 +%o the operation, which is \(lqsend\(rq, \(lqrecv\(rq, or \(lqdel.\(rq (the latter includes the trailing period) |
638 .IP "\fBincoming chmod\fP" |
638 .IP o |
639 This parameter allows you to specify a set of |
639 %p the process ID of this rsync session |
640 ! comma-separated chmod strings that will affect the permissions of all |
640 .IP o |
641 incoming files (files that are being received by the daemon). These |
641 @@ -615,7 +615,7 @@ |
642 changes happen after all other permission calculations, and this will |
642 .RE |
643 ! even override destination-default and/or existing permissions when the |
643 |
644 client does not specify \fB\-\-perms\fP. |
644 .IP |
645 See the description of the \fB\-\-chmod\fP rsync option and the \fBchmod\fP(1) |
645 -For a list of what the characters mean that are output by \(dq\&%i\(dq\&, see the |
646 manpage for information on the format of this string. |
646 +For a list of what the characters mean that are output by \(lq%i\(rq, see the |
647 --- 367,421 ---- |
647 \fB\-\-itemize\-changes\fP option in the rsync manpage. |
648 tampering with private administrative files, such as files you may add to |
648 .IP |
649 support uid/gid name translations. |
649 Note that some of the logged output changes when talking with older |
650 .IP |
650 @@ -625,7 +625,7 @@ |
651 ! The daemon filter chain is built from the \(dq\&filter\(dq\&, \(dq\&include from\(dq\&, \(dq\&include\(dq\&, |
651 .IP "\fBtimeout\fP" |
652 ! \(dq\&exclude from\(dq\&, and \(dq\&exclude\(dq\& parameters, in that order of priority. Anchored |
652 This parameter allows you to override the |
653 patterns are anchored at the root of the module. To prevent access to an |
653 clients choice for I/O timeout for this module. Using this parameter you |
654 ! entire subtree, for example, \(dq\&/secret\(dq\&, you \fImust\fP exclude everything in the |
654 -can ensure that rsync won\(cq\&t wait on a dead client forever. The timeout |
655 ! subtree; the easiest way to do this is with a triple\-star pattern like |
655 +can ensure that rsync won't wait on a dead client forever. The timeout |
656 ! \(dq\&/secret/***\(dq\&. |
656 is specified in seconds. A value of zero means no timeout and is the |
657 .IP |
657 default. A good choice for anonymous rsync daemons may be 600 (giving |
658 ! The \(dq\&filter\(dq\& parameter takes a space\-separated list of daemon filter rules, |
658 a 10 minute timeout). |
659 though it is smart enough to know not to split a token at an internal space in |
659 @@ -632,10 +632,10 @@ |
660 ! a rule (e.g. \(dq\&\- /foo \(em /bar\(dq\& is parsed as two rules). You may specify one or |
660 .IP |
661 ! more merge\-file rules using the normal syntax. Only one \(dq\&filter\(dq\& parameter can |
661 .IP "\fBrefuse options\fP" |
662 apply to a given module in the config file, so put all the rules you want in a |
662 This parameter allows you to |
663 ! single parameter. Note that per\-directory merge\-file rules do not provide as |
663 -specify a space\-separated list of rsync command line options that will |
664 much protection as global rules, but they can be used to make \fB\-\-delete\fP work |
664 +specify a space-separated list of rsync command line options that will |
665 ! better during a client download operation if the per\-dir merge files are |
665 be refused by your rsync daemon. |
666 included in the transfer and the client requests that they be used. |
666 -You may specify the full option name, its one\-letter abbreviation, or a |
667 .IP |
667 -wild\-card string that matches multiple options. |
668 .IP "\fBexclude\fP" |
668 +You may specify the full option name, its one-letter abbreviation, or a |
669 ! This parameter takes a space\-separated list of daemon |
669 +wild-card string that matches multiple options. |
670 exclude patterns. As with the client \fB\-\-exclude\fP option, patterns can be |
670 For example, this would refuse \fB\-\-checksum\fP (\fB\-c\fP) and all the various |
671 ! qualified with \(dq\&\- \(dq\& or \(dq\&+ \(dq\& to explicitly indicate exclude/include. Only one |
671 delete options: |
672 ! \(dq\&exclude\(dq\& parameter can apply to a given module. See the \(dq\&filter\(dq\& parameter |
672 .IP |
673 for a description of how excluded files affect the daemon. |
673 @@ -646,15 +646,15 @@ |
674 .IP |
674 .IP |
675 .IP "\fBinclude\fP" |
675 The reason the above refuses all delete options is that the options imply |
676 ! Use an \(dq\&include\(dq\& to override the effects of the \(dq\&exclude\(dq\& |
676 \fB\-\-delete\fP, and implied options are refused just like explicit options. |
677 ! parameter. Only one \(dq\&include\(dq\& parameter can apply to a given module. See the |
677 -As an additional safety feature, the refusal of \(dq\&delete\(dq\& also refuses |
678 ! \(dq\&filter\(dq\& parameter for a description of how excluded files affect the daemon. |
678 -\fBremove\-source\-files\fP when the daemon is the sender; if you want the latter |
679 .IP |
679 -without the former, instead refuse \(dq\&delete\-*\(dq\& \-\- that refuses all the |
680 .IP "\fBexclude from\fP" |
680 +As an additional safety feature, the refusal of \(lqdelete\(rq also refuses |
681 This parameter specifies the name of a file |
681 +\fBremove-source-files\fP when the daemon is the sender; if you want the latter |
682 on the daemon that contains daemon exclude patterns, one per line. Only one |
682 +without the former, instead refuse \(lqdelete\-*\(rq \(em that refuses all the |
683 ! \(dq\&exclude from\(dq\& parameter can apply to a given module; if you have multiple |
683 delete modes without affecting \fB\-\-remove\-source\-files\fP. |
684 ! exclude\-from files, you can specify them as a merge file in the \(dq\&filter\(dq\& |
684 .IP |
685 ! parameter. See the \(dq\&filter\(dq\& parameter for a description of how excluded files |
685 When an option is refused, the daemon prints an error message and exits. |
686 affect the daemon. |
686 To prevent all compression when serving files, |
687 .IP |
687 -you can use \(dq\&dont compress = *\(dq\& (see below) |
688 .IP "\fBinclude from\fP" |
688 -instead of \(dq\&refuse options = compress\(dq\& to avoid returning an error to a |
689 ! Analogue of \(dq\&exclude from\(dq\& for a file of daemon include |
689 +you can use \(lqdont compress = *\(rq (see below) |
690 ! patterns. Only one \(dq\&include from\(dq\& parameter can apply to a given module. See |
690 +instead of \(lqrefuse options = compress\(rq to avoid returning an error to a |
691 ! the \(dq\&filter\(dq\& parameter for a description of how excluded files affect the |
691 client that requests compression. |
692 daemon. |
692 .IP |
693 .IP |
693 .IP "\fBdont compress\fP" |
694 .IP "\fBincoming chmod\fP" |
694 @@ -663,25 +663,25 @@ |
695 This parameter allows you to specify a set of |
695 when pulling files from the daemon (no analogous parameter exists to |
696 ! comma\-separated chmod strings that will affect the permissions of all |
696 govern the pushing of files to a daemon). |
697 incoming files (files that are being received by the daemon). These |
697 Compression is expensive in terms of CPU usage, so it |
698 changes happen after all other permission calculations, and this will |
698 -is usually good to not try to compress files that won\(cq\&t compress well, |
699 ! even override destination\-default and/or existing permissions when the |
699 +is usually good to not try to compress files that won't compress well, |
700 client does not specify \fB\-\-perms\fP. |
700 such as already compressed files. |
701 See the description of the \fB\-\-chmod\fP rsync option and the \fBchmod\fP(1) |
701 .IP |
702 manpage for information on the format of this string. |
702 -The \(dq\&dont compress\(dq\& parameter takes a space\-separated list of |
703 *************** |
703 -case\-insensitive wildcard patterns. Any source filename matching one |
704 *** 422,428 **** |
704 +The \(lqdont compress\(rq parameter takes a space-separated list of |
705 .IP |
705 +case-insensitive wildcard patterns. Any source filename matching one |
706 .IP "\fBoutgoing chmod\fP" |
706 of the patterns will not be compressed during transfer. |
707 This parameter allows you to specify a set of |
707 .IP |
708 ! comma-separated chmod strings that will affect the permissions of all |
708 See the \fB\-\-skip\-compress\fP parameter in the \fBrsync\fP(1) manpage for the list |
709 outgoing files (files that are being sent out from the daemon). These |
709 of file suffixes that are not compressed by default. Specifying a value |
710 changes happen first, making the sent permissions appear to be different |
710 -for the \(dq\&dont compress\(dq\& parameter changes the default when the daemon is |
711 than those stored in the filesystem itself. For instance, you could |
711 +for the \(lqdont compress\(rq parameter changes the default when the daemon is |
712 --- 422,428 ---- |
712 the sender. |
713 .IP |
713 .IP |
714 .IP "\fBoutgoing chmod\fP" |
714 -.IP "\fBpre\-xfer exec\fP, \fBpost\-xfer exec\fP" |
715 This parameter allows you to specify a set of |
715 +.IP "\fBpre-xfer exec\fP, \fBpost-xfer exec\fP" |
716 ! comma\-separated chmod strings that will affect the permissions of all |
716 You may specify a command to be run |
717 outgoing files (files that are being sent out from the daemon). These |
717 -before and/or after the transfer. If the \fBpre\-xfer exec\fP command fails, the |
718 changes happen first, making the sent permissions appear to be different |
718 +before and/or after the transfer. If the \fBpre-xfer exec\fP command fails, the |
719 than those stored in the filesystem itself. For instance, you could |
719 transfer is aborted before it begins. |
720 *************** |
720 .IP |
721 *** 433,473 **** |
721 The following environment variables will be set, though some are |
722 .IP |
722 -specific to the pre\-xfer or the post\-xfer environment: |
723 .IP "\fBauth users\fP" |
723 +specific to the pre-xfer or the post-xfer environment: |
724 This parameter specifies a comma and |
724 .IP |
725 ! space-separated list of usernames that will be allowed to connect to |
725 .RS |
726 this module. The usernames do not need to exist on the local |
726 .IP o |
727 system. The usernames may also contain shell wildcard characters. If |
727 @@ -689,29 +689,29 @@ |
728 ! \(lqauth users\(rq is set then the client will be challenged to supply a |
728 .IP o |
729 username and password to connect to the module. A challenge response |
729 \fBRSYNC_MODULE_PATH\fP: The path configured for the module. |
730 authentication protocol is used for this exchange. The plain text |
730 .IP o |
731 usernames and passwords are stored in the file specified by the |
731 -\fBRSYNC_HOST_ADDR\fP: The accessing host\(cq\&s IP address. |
732 ! \(lqsecrets file\(rq parameter. The default is for all users to be able to |
732 +\fBRSYNC_HOST_ADDR\fP: The accessing host's IP address. |
733 ! connect without a password (this is called \(lqanonymous rsync\(rq). |
733 .IP o |
734 .IP |
734 -\fBRSYNC_HOST_NAME\fP: The accessing host\(cq\&s name. |
735 ! See also the \(lqCONNECTING TO AN RSYNC DAEMON OVER A REMOTE SHELL |
735 +\fBRSYNC_HOST_NAME\fP: The accessing host's name. |
736 ! PROGRAM\(rq section in \fBrsync\fP(1) for information on how handle an |
736 .IP o |
737 ! rsyncd.conf\-level username that differs from the remote-shell-level |
737 -\fBRSYNC_USER_NAME\fP: The accessing user\(cq\&s name (empty if no user). |
738 username when using a remote shell to connect to an rsync daemon. |
738 +\fBRSYNC_USER_NAME\fP: The accessing user's name (empty if no user). |
739 .IP |
739 .IP o |
740 .IP "\fBsecrets file\fP" |
740 \fBRSYNC_PID\fP: A unique number for this transfer. |
741 This parameter specifies the name of |
741 .IP o |
742 a file that contains the username:password pairs used for |
742 -\fBRSYNC_REQUEST\fP: (pre\-xfer only) The module/path info specified |
743 ! authenticating this module. This file is only consulted if the \(lqauth |
743 +\fBRSYNC_REQUEST\fP: (pre-xfer only) The module/path info specified |
744 ! users\(rq parameter is specified. The file is line based and contains |
744 by the user (note that the user can specify multiple source files, |
745 username:password pairs separated by a single colon. Any line starting |
745 -so the request can be something like \(dq\&mod/path1 mod/path2\(dq\&, etc.). |
746 with a hash (#) is considered a comment and is skipped. The passwords |
746 +so the request can be something like \(lqmod/path1 mod/path2\(rq, etc.). |
747 can contain any characters but be warned that many operating systems |
747 .IP o |
748 limit the length of passwords that can be typed at the client end, so |
748 -\fBRSYNC_ARG#\fP: (pre\-xfer only) The pre\-request arguments are set |
749 ! you may find that passwords longer than 8 characters don't work. |
749 -in these numbered values. RSYNC_ARG0 is always \(dq\&rsyncd\(dq\&, and the last |
750 .IP |
750 +\fBRSYNC_ARG#\fP: (pre-xfer only) The pre-request arguments are set |
751 ! There is no default for the \(lqsecrets file\(rq parameter, you must choose a name |
751 +in these numbered values. RSYNC_ARG0 is always \(lqrsyncd\(rq, and the last |
752 (such as \f(CW/etc/rsyncd.secrets\fP). The file must normally not be readable |
752 value contains a single period. |
753 ! by \(lqother\(rq; see \(lqstrict modes\(rq. |
753 .IP o |
754 .IP |
754 -\fBRSYNC_EXIT_STATUS\fP: (post\-xfer only) the server side\(cq\&s exit value. |
755 .IP "\fBstrict modes\fP" |
755 +\fBRSYNC_EXIT_STATUS\fP: (post-xfer only) the server side's exit value. |
756 This parameter determines whether or not |
756 This will be 0 for a successful run, a positive value for an error that the |
757 ! the permissions on the secrets file will be checked. If \(lqstrict modes\(rq is |
757 server generated, or a \-1 if rsync failed to exit properly. Note that an |
758 true, then the secrets file must not be readable by any user ID other |
758 error that occurs on the client side does not currently get sent to the |
759 ! than the one that the rsync daemon is running under. If \(lqstrict modes\(rq is |
759 server side, so this is not the final exit status for the whole transfer. |
760 false, the check is not performed. The default is true. This parameter |
760 .IP o |
761 was added to accommodate rsync running on the Windows operating system. |
761 -\fBRSYNC_RAW_STATUS\fP: (post\-xfer only) the raw exit value from |
762 .IP |
762 +\fBRSYNC_RAW_STATUS\fP: (post-xfer only) the raw exit value from |
763 --- 433,473 ---- |
763 \f(CWwaitpid()\fP |
764 .IP |
764 \&. |
765 .IP "\fBauth users\fP" |
765 .RE |
766 This parameter specifies a comma and |
766 @@ -719,7 +719,7 @@ |
767 ! space\-separated list of usernames that will be allowed to connect to |
767 .IP |
768 this module. The usernames do not need to exist on the local |
768 Even though the commands can be associated with a particular module, they |
769 system. The usernames may also contain shell wildcard characters. If |
769 are run using the permissions of the user that started the daemon (not the |
770 ! \(dq\&auth users\(dq\& is set then the client will be challenged to supply a |
770 -module\(cq\&s uid/gid setting) without any chroot restrictions. |
771 username and password to connect to the module. A challenge response |
771 +module's uid/gid setting) without any chroot restrictions. |
772 authentication protocol is used for this exchange. The plain text |
772 .IP |
773 usernames and passwords are stored in the file specified by the |
773 .SH "AUTHENTICATION STRENGTH" |
774 ! \(dq\&secrets file\(dq\& parameter. The default is for all users to be able to |
774 |
775 ! connect without a password (this is called \(dq\&anonymous rsync\(dq\&). |
775 @@ -726,8 +726,8 @@ |
776 .IP |
776 .PP |
777 ! See also the section entitled \(dq\&USING RSYNC\-DAEMON FEATURES VIA A REMOTE |
777 The authentication protocol used in rsync is a 128 bit MD4 based |
778 ! SHELL CONNECTION\(dq\& in \fBrsync\fP(1) for information on how handle an |
778 challenge response system. This is fairly weak protection, though (with |
779 ! rsyncd.conf\-level username that differs from the remote\-shell\-level |
779 -at least one brute\-force hash\-finding algorithm publicly available), so |
780 username when using a remote shell to connect to an rsync daemon. |
780 -if you want really top\-quality security, then I recommend that you run |
781 .IP |
781 +at least one brute-force hash-finding algorithm publicly available), so |
782 .IP "\fBsecrets file\fP" |
782 +if you want really top-quality security, then I recommend that you run |
783 This parameter specifies the name of |
783 rsync over ssh. (Yes, a future version of rsync will switch over to a |
784 a file that contains the username:password pairs used for |
784 stronger hashing method.) |
785 ! authenticating this module. This file is only consulted if the \(dq\&auth |
785 .PP |
786 ! users\(dq\& parameter is specified. The file is line based and contains |
786 @@ -822,7 +822,7 @@ |
787 username:password pairs separated by a single colon. Any line starting |
787 .SH "VERSION" |
788 with a hash (#) is considered a comment and is skipped. The passwords |
788 |
789 can contain any characters but be warned that many operating systems |
789 .PP |
790 limit the length of passwords that can be typed at the client end, so |
790 -This man page is current for version 3.0.8 of rsync. |
791 ! you may find that passwords longer than 8 characters don\(cq\&t work. |
791 +This man page is current for version 3.0.6 of rsync. |
792 .IP |
792 .PP |
793 ! There is no default for the \(dq\&secrets file\(dq\& parameter, you must choose a name |
793 .SH "CREDITS" |
794 (such as \f(CW/etc/rsyncd.secrets\fP). The file must normally not be readable |
794 |
795 ! by \(dq\&other\(dq\&; see \(dq\&strict modes\(dq\&. |
795 @@ -838,7 +838,7 @@ |
796 .IP |
796 .PP |
797 .IP "\fBstrict modes\fP" |
797 We would be delighted to hear from you if you like this program. |
798 This parameter determines whether or not |
798 .PP |
799 ! the permissions on the secrets file will be checked. If \(dq\&strict modes\(dq\& is |
799 -This program uses the zlib compression library written by Jean\-loup |
800 true, then the secrets file must not be readable by any user ID other |
800 +This program uses the zlib compression library written by Jean-loup |
801 ! than the one that the rsync daemon is running under. If \(dq\&strict modes\(dq\& is |
801 Gailly and Mark Adler. |
802 false, the check is not performed. The default is true. This parameter |
802 .PP |
803 was added to accommodate rsync running on the Windows operating system. |
803 .SH "THANKS" |
804 .IP |
|
805 *************** |
|
806 *** 482,488 **** |
|
807 .RS |
|
808 .IP o |
|
809 a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address |
|
810 ! of the form a:b:c::d:e:f. In this case the incoming machine's IP address |
|
811 must match exactly. |
|
812 .IP o |
|
813 an address/mask in the form ipaddr/n where ipaddr is the IP address |
|
814 --- 482,488 ---- |
|
815 .RS |
|
816 .IP o |
|
817 a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address |
|
818 ! of the form a:b:c::d:e:f. In this case the incoming machine\(cq\&s IP address |
|
819 must match exactly. |
|
820 .IP o |
|
821 an address/mask in the form ipaddr/n where ipaddr is the IP address |
|
822 *************** |
|
823 *** 504,510 **** |
|
824 .RE |
|
825 |
|
826 .IP |
|
827 ! Note IPv6 link-local addresses can have a scope in the address specification: |
|
828 .IP |
|
829 .RS |
|
830 \f(CW fe80::1%link1\fP |
|
831 --- 504,510 ---- |
|
832 .RE |
|
833 |
|
834 .IP |
|
835 ! Note IPv6 link\-local addresses can have a scope in the address specification: |
|
836 .IP |
|
837 .RS |
|
838 \f(CW fe80::1%link1\fP |
|
839 *************** |
|
840 *** 516,538 **** |
|
841 .RE |
|
842 |
|
843 .IP |
|
844 ! You can also combine \(lqhosts allow\(rq with a separate \(lqhosts deny\(rq |
|
845 ! parameter. If both parameters are specified then the \(lqhosts allow\(rq parameter is |
|
846 checked first and a match results in the client being able to |
|
847 ! connect. The \(lqhosts deny\(rq parameter is then checked and a match means |
|
848 that the host is rejected. If the host does not match either the |
|
849 ! \(lqhosts allow\(rq or the \(lqhosts deny\(rq patterns then it is allowed to |
|
850 connect. |
|
851 .IP |
|
852 ! The default is no \(lqhosts allow\(rq parameter, which means all hosts can connect. |
|
853 .IP |
|
854 .IP "\fBhosts deny\fP" |
|
855 This parameter allows you to specify a |
|
856 list of patterns that are matched against a connecting clients |
|
857 hostname and IP address. If the pattern matches then the connection is |
|
858 ! rejected. See the \(lqhosts allow\(rq parameter for more information. |
|
859 .IP |
|
860 ! The default is no \(lqhosts deny\(rq parameter, which means all hosts can connect. |
|
861 .IP |
|
862 .IP "\fBignore errors\fP" |
|
863 This parameter tells rsyncd to |
|
864 --- 516,538 ---- |
|
865 .RE |
|
866 |
|
867 .IP |
|
868 ! You can also combine \(dq\&hosts allow\(dq\& with a separate \(dq\&hosts deny\(dq\& |
|
869 ! parameter. If both parameters are specified then the \(dq\&hosts allow\(dq\& parameter is |
|
870 checked first and a match results in the client being able to |
|
871 ! connect. The \(dq\&hosts deny\(dq\& parameter is then checked and a match means |
|
872 that the host is rejected. If the host does not match either the |
|
873 ! \(dq\&hosts allow\(dq\& or the \(dq\&hosts deny\(dq\& patterns then it is allowed to |
|
874 connect. |
|
875 .IP |
|
876 ! The default is no \(dq\&hosts allow\(dq\& parameter, which means all hosts can connect. |
|
877 .IP |
|
878 .IP "\fBhosts deny\fP" |
|
879 This parameter allows you to specify a |
|
880 list of patterns that are matched against a connecting clients |
|
881 hostname and IP address. If the pattern matches then the connection is |
|
882 ! rejected. See the \(dq\&hosts allow\(dq\& parameter for more information. |
|
883 .IP |
|
884 ! The default is no \(dq\&hosts deny\(dq\& parameter, which means all hosts can connect. |
|
885 .IP |
|
886 .IP "\fBignore errors\fP" |
|
887 This parameter tells rsyncd to |
|
888 *************** |
|
889 *** 546,577 **** |
|
890 .IP "\fBignore nonreadable\fP" |
|
891 This tells the rsync daemon to completely |
|
892 ignore files that are not readable by the user. This is useful for |
|
893 ! public archives that may have some non-readable files among the |
|
894 ! directories, and the sysadmin doesn't want those files to be seen at all. |
|
895 .IP |
|
896 .IP "\fBtransfer logging\fP" |
|
897 ! This parameter enables per-file |
|
898 logging of downloads and uploads in a format somewhat similar to that |
|
899 used by ftp daemons. The daemon always logs the transfer at the end, so |
|
900 if a transfer is aborted, no mention will be made in the log file. |
|
901 .IP |
|
902 ! If you want to customize the log lines, see the \(lqlog format\(rq parameter. |
|
903 .IP |
|
904 .IP "\fBlog format\fP" |
|
905 This parameter allows you to specify the |
|
906 format used for logging file transfers when transfer logging is enabled. |
|
907 ! The format is a text string containing embedded single-character escape |
|
908 sequences prefixed with a percent (%) character. An optional numeric |
|
909 field width may also be specified between the percent and the escape |
|
910 ! letter (e.g. \(lq\fB%\-50n %8l %07p\fP\(rq). |
|
911 .IP |
|
912 ! The default log format is \(lq%o %h [%a] %m (%u) %f %l\(rq, and a \(lq%t [%p] \(rq |
|
913 ! is always prefixed when using the \(lqlog file\(rq parameter. |
|
914 (A perl script that will summarize this default log format is included |
|
915 ! in the rsync source code distribution in the \(lqsupport\(rq subdirectory: |
|
916 rsyncstats.) |
|
917 .IP |
|
918 ! The single-character escapes that are understood are as follows: |
|
919 .IP |
|
920 .RS |
|
921 .IP o |
|
922 --- 546,577 ---- |
|
923 .IP "\fBignore nonreadable\fP" |
|
924 This tells the rsync daemon to completely |
|
925 ignore files that are not readable by the user. This is useful for |
|
926 ! public archives that may have some non\-readable files among the |
|
927 ! directories, and the sysadmin doesn\(cq\&t want those files to be seen at all. |
|
928 .IP |
|
929 .IP "\fBtransfer logging\fP" |
|
930 ! This parameter enables per\-file |
|
931 logging of downloads and uploads in a format somewhat similar to that |
|
932 used by ftp daemons. The daemon always logs the transfer at the end, so |
|
933 if a transfer is aborted, no mention will be made in the log file. |
|
934 .IP |
|
935 ! If you want to customize the log lines, see the \(dq\&log format\(dq\& parameter. |
|
936 .IP |
|
937 .IP "\fBlog format\fP" |
|
938 This parameter allows you to specify the |
|
939 format used for logging file transfers when transfer logging is enabled. |
|
940 ! The format is a text string containing embedded single\-character escape |
|
941 sequences prefixed with a percent (%) character. An optional numeric |
|
942 field width may also be specified between the percent and the escape |
|
943 ! letter (e.g. \(dq\&\fB%\-50n %8l %07p\fP\(dq\&). |
|
944 .IP |
|
945 ! The default log format is \(dq\&%o %h [%a] %m (%u) %f %l\(dq\&, and a \(dq\&%t [%p] \(dq\& |
|
946 ! is always prefixed when using the \(dq\&log file\(dq\& parameter. |
|
947 (A perl script that will summarize this default log format is included |
|
948 ! in the rsync source code distribution in the \(dq\&support\(dq\& subdirectory: |
|
949 rsyncstats.) |
|
950 .IP |
|
951 ! The single\-character escapes that are understood are as follows: |
|
952 .IP |
|
953 .RS |
|
954 .IP o |
|
955 *************** |
|
956 *** 583,591 **** |
|
957 .IP o |
|
958 %c the total size of the block checksums received for the basis file (only when sending) |
|
959 .IP o |
|
960 ! %f the filename (long form on sender; no trailing \(lq/\(rq) |
|
961 .IP o |
|
962 ! %G the gid of the file (decimal) or \(lqDEFAULT\(rq |
|
963 .IP o |
|
964 %h the remote host name |
|
965 .IP o |
|
966 --- 583,591 ---- |
|
967 .IP o |
|
968 %c the total size of the block checksums received for the basis file (only when sending) |
|
969 .IP o |
|
970 ! %f the filename (long form on sender; no trailing \(dq\&/\(dq\&) |
|
971 .IP o |
|
972 ! %G the gid of the file (decimal) or \(dq\&DEFAULT\(dq\& |
|
973 .IP o |
|
974 %h the remote host name |
|
975 .IP o |
|
976 *************** |
|
977 *** 593,607 **** |
|
978 .IP o |
|
979 %l the length of the file in bytes |
|
980 .IP o |
|
981 ! %L the string \(lq \-> SYMLINK\(rq, \(lq => HARDLINK\(rq, or \(lq\(rq (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
|
982 .IP o |
|
983 %m the module name |
|
984 .IP o |
|
985 ! %M the last-modified time of the file |
|
986 .IP o |
|
987 ! %n the filename (short form; trailing \(lq/\(rq on dir) |
|
988 .IP o |
|
989 ! %o the operation, which is \(lqsend\(rq, \(lqrecv\(rq, or \(lqdel.\(rq (the latter includes the trailing period) |
|
990 .IP o |
|
991 %p the process ID of this rsync session |
|
992 .IP o |
|
993 --- 593,607 ---- |
|
994 .IP o |
|
995 %l the length of the file in bytes |
|
996 .IP o |
|
997 ! %L the string \(dq\& \-> SYMLINK\(dq\&, \(dq\& => HARDLINK\(dq\&, or \(dq\&\(dq\& (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
|
998 .IP o |
|
999 %m the module name |
|
1000 .IP o |
|
1001 ! %M the last\-modified time of the file |
|
1002 .IP o |
|
1003 ! %n the filename (short form; trailing \(dq\&/\(dq\& on dir) |
|
1004 .IP o |
|
1005 ! %o the operation, which is \(dq\&send\(dq\&, \(dq\&recv\(dq\&, or \(dq\&del.\(dq\& (the latter includes the trailing period) |
|
1006 .IP o |
|
1007 %p the process ID of this rsync session |
|
1008 .IP o |
|
1009 *************** |
|
1010 *** 615,621 **** |
|
1011 .RE |
|
1012 |
|
1013 .IP |
|
1014 ! For a list of what the characters mean that are output by \(lq%i\(rq, see the |
|
1015 \fB\-\-itemize\-changes\fP option in the rsync manpage. |
|
1016 .IP |
|
1017 Note that some of the logged output changes when talking with older |
|
1018 --- 615,621 ---- |
|
1019 .RE |
|
1020 |
|
1021 .IP |
|
1022 ! For a list of what the characters mean that are output by \(dq\&%i\(dq\&, see the |
|
1023 \fB\-\-itemize\-changes\fP option in the rsync manpage. |
|
1024 .IP |
|
1025 Note that some of the logged output changes when talking with older |
|
1026 *************** |
|
1027 *** 625,631 **** |
|
1028 .IP "\fBtimeout\fP" |
|
1029 This parameter allows you to override the |
|
1030 clients choice for I/O timeout for this module. Using this parameter you |
|
1031 ! can ensure that rsync won't wait on a dead client forever. The timeout |
|
1032 is specified in seconds. A value of zero means no timeout and is the |
|
1033 default. A good choice for anonymous rsync daemons may be 600 (giving |
|
1034 a 10 minute timeout). |
|
1035 --- 625,631 ---- |
|
1036 .IP "\fBtimeout\fP" |
|
1037 This parameter allows you to override the |
|
1038 clients choice for I/O timeout for this module. Using this parameter you |
|
1039 ! can ensure that rsync won\(cq\&t wait on a dead client forever. The timeout |
|
1040 is specified in seconds. A value of zero means no timeout and is the |
|
1041 default. A good choice for anonymous rsync daemons may be 600 (giving |
|
1042 a 10 minute timeout). |
|
1043 *************** |
|
1044 *** 632,641 **** |
|
1045 .IP |
|
1046 .IP "\fBrefuse options\fP" |
|
1047 This parameter allows you to |
|
1048 ! specify a space-separated list of rsync command line options that will |
|
1049 be refused by your rsync daemon. |
|
1050 ! You may specify the full option name, its one-letter abbreviation, or a |
|
1051 ! wild-card string that matches multiple options. |
|
1052 For example, this would refuse \fB\-\-checksum\fP (\fB\-c\fP) and all the various |
|
1053 delete options: |
|
1054 .IP |
|
1055 --- 632,641 ---- |
|
1056 .IP |
|
1057 .IP "\fBrefuse options\fP" |
|
1058 This parameter allows you to |
|
1059 ! specify a space\-separated list of rsync command line options that will |
|
1060 be refused by your rsync daemon. |
|
1061 ! You may specify the full option name, its one\-letter abbreviation, or a |
|
1062 ! wild\-card string that matches multiple options. |
|
1063 For example, this would refuse \fB\-\-checksum\fP (\fB\-c\fP) and all the various |
|
1064 delete options: |
|
1065 .IP |
|
1066 *************** |
|
1067 *** 646,660 **** |
|
1068 .IP |
|
1069 The reason the above refuses all delete options is that the options imply |
|
1070 \fB\-\-delete\fP, and implied options are refused just like explicit options. |
|
1071 ! As an additional safety feature, the refusal of \(lqdelete\(rq also refuses |
|
1072 ! \fBremove-source-files\fP when the daemon is the sender; if you want the latter |
|
1073 ! without the former, instead refuse \(lqdelete\-*\(rq \(em that refuses all the |
|
1074 delete modes without affecting \fB\-\-remove\-source\-files\fP. |
|
1075 .IP |
|
1076 When an option is refused, the daemon prints an error message and exits. |
|
1077 To prevent all compression when serving files, |
|
1078 ! you can use \(lqdont compress = *\(rq (see below) |
|
1079 ! instead of \(lqrefuse options = compress\(rq to avoid returning an error to a |
|
1080 client that requests compression. |
|
1081 .IP |
|
1082 .IP "\fBdont compress\fP" |
|
1083 --- 646,660 ---- |
|
1084 .IP |
|
1085 The reason the above refuses all delete options is that the options imply |
|
1086 \fB\-\-delete\fP, and implied options are refused just like explicit options. |
|
1087 ! As an additional safety feature, the refusal of \(dq\&delete\(dq\& also refuses |
|
1088 ! \fBremove\-source\-files\fP when the daemon is the sender; if you want the latter |
|
1089 ! without the former, instead refuse \(dq\&delete\-*\(dq\& \-\- that refuses all the |
|
1090 delete modes without affecting \fB\-\-remove\-source\-files\fP. |
|
1091 .IP |
|
1092 When an option is refused, the daemon prints an error message and exits. |
|
1093 To prevent all compression when serving files, |
|
1094 ! you can use \(dq\&dont compress = *\(dq\& (see below) |
|
1095 ! instead of \(dq\&refuse options = compress\(dq\& to avoid returning an error to a |
|
1096 client that requests compression. |
|
1097 .IP |
|
1098 .IP "\fBdont compress\fP" |
|
1099 *************** |
|
1100 *** 663,687 **** |
|
1101 when pulling files from the daemon (no analogous parameter exists to |
|
1102 govern the pushing of files to a daemon). |
|
1103 Compression is expensive in terms of CPU usage, so it |
|
1104 ! is usually good to not try to compress files that won't compress well, |
|
1105 such as already compressed files. |
|
1106 .IP |
|
1107 ! The \(lqdont compress\(rq parameter takes a space-separated list of |
|
1108 ! case-insensitive wildcard patterns. Any source filename matching one |
|
1109 of the patterns will not be compressed during transfer. |
|
1110 .IP |
|
1111 See the \fB\-\-skip\-compress\fP parameter in the \fBrsync\fP(1) manpage for the list |
|
1112 of file suffixes that are not compressed by default. Specifying a value |
|
1113 ! for the \(lqdont compress\(rq parameter changes the default when the daemon is |
|
1114 the sender. |
|
1115 .IP |
|
1116 ! .IP "\fBpre-xfer exec\fP, \fBpost-xfer exec\fP" |
|
1117 You may specify a command to be run |
|
1118 ! before and/or after the transfer. If the \fBpre-xfer exec\fP command fails, the |
|
1119 transfer is aborted before it begins. |
|
1120 .IP |
|
1121 The following environment variables will be set, though some are |
|
1122 ! specific to the pre-xfer or the post-xfer environment: |
|
1123 .IP |
|
1124 .RS |
|
1125 .IP o |
|
1126 --- 663,687 ---- |
|
1127 when pulling files from the daemon (no analogous parameter exists to |
|
1128 govern the pushing of files to a daemon). |
|
1129 Compression is expensive in terms of CPU usage, so it |
|
1130 ! is usually good to not try to compress files that won\(cq\&t compress well, |
|
1131 such as already compressed files. |
|
1132 .IP |
|
1133 ! The \(dq\&dont compress\(dq\& parameter takes a space\-separated list of |
|
1134 ! case\-insensitive wildcard patterns. Any source filename matching one |
|
1135 of the patterns will not be compressed during transfer. |
|
1136 .IP |
|
1137 See the \fB\-\-skip\-compress\fP parameter in the \fBrsync\fP(1) manpage for the list |
|
1138 of file suffixes that are not compressed by default. Specifying a value |
|
1139 ! for the \(dq\&dont compress\(dq\& parameter changes the default when the daemon is |
|
1140 the sender. |
|
1141 .IP |
|
1142 ! .IP "\fBpre\-xfer exec\fP, \fBpost\-xfer exec\fP" |
|
1143 You may specify a command to be run |
|
1144 ! before and/or after the transfer. If the \fBpre\-xfer exec\fP command fails, the |
|
1145 transfer is aborted before it begins. |
|
1146 .IP |
|
1147 The following environment variables will be set, though some are |
|
1148 ! specific to the pre\-xfer or the post\-xfer environment: |
|
1149 .IP |
|
1150 .RS |
|
1151 .IP o |
|
1152 *************** |
|
1153 *** 689,717 **** |
|
1154 .IP o |
|
1155 \fBRSYNC_MODULE_PATH\fP: The path configured for the module. |
|
1156 .IP o |
|
1157 ! \fBRSYNC_HOST_ADDR\fP: The accessing host's IP address. |
|
1158 .IP o |
|
1159 ! \fBRSYNC_HOST_NAME\fP: The accessing host's name. |
|
1160 .IP o |
|
1161 ! \fBRSYNC_USER_NAME\fP: The accessing user's name (empty if no user). |
|
1162 .IP o |
|
1163 \fBRSYNC_PID\fP: A unique number for this transfer. |
|
1164 .IP o |
|
1165 ! \fBRSYNC_REQUEST\fP: (pre-xfer only) The module/path info specified |
|
1166 by the user (note that the user can specify multiple source files, |
|
1167 ! so the request can be something like \(lqmod/path1 mod/path2\(rq, etc.). |
|
1168 .IP o |
|
1169 ! \fBRSYNC_ARG#\fP: (pre-xfer only) The pre-request arguments are set |
|
1170 ! in these numbered values. RSYNC_ARG0 is always \(lqrsyncd\(rq, and the last |
|
1171 value contains a single period. |
|
1172 .IP o |
|
1173 ! \fBRSYNC_EXIT_STATUS\fP: (post-xfer only) the server side's exit value. |
|
1174 This will be 0 for a successful run, a positive value for an error that the |
|
1175 server generated, or a \-1 if rsync failed to exit properly. Note that an |
|
1176 error that occurs on the client side does not currently get sent to the |
|
1177 server side, so this is not the final exit status for the whole transfer. |
|
1178 .IP o |
|
1179 ! \fBRSYNC_RAW_STATUS\fP: (post-xfer only) the raw exit value from |
|
1180 \f(CWwaitpid()\fP |
|
1181 \&. |
|
1182 .RE |
|
1183 --- 689,717 ---- |
|
1184 .IP o |
|
1185 \fBRSYNC_MODULE_PATH\fP: The path configured for the module. |
|
1186 .IP o |
|
1187 ! \fBRSYNC_HOST_ADDR\fP: The accessing host\(cq\&s IP address. |
|
1188 .IP o |
|
1189 ! \fBRSYNC_HOST_NAME\fP: The accessing host\(cq\&s name. |
|
1190 .IP o |
|
1191 ! \fBRSYNC_USER_NAME\fP: The accessing user\(cq\&s name (empty if no user). |
|
1192 .IP o |
|
1193 \fBRSYNC_PID\fP: A unique number for this transfer. |
|
1194 .IP o |
|
1195 ! \fBRSYNC_REQUEST\fP: (pre\-xfer only) The module/path info specified |
|
1196 by the user (note that the user can specify multiple source files, |
|
1197 ! so the request can be something like \(dq\&mod/path1 mod/path2\(dq\&, etc.). |
|
1198 .IP o |
|
1199 ! \fBRSYNC_ARG#\fP: (pre\-xfer only) The pre\-request arguments are set |
|
1200 ! in these numbered values. RSYNC_ARG0 is always \(dq\&rsyncd\(dq\&, and the last |
|
1201 value contains a single period. |
|
1202 .IP o |
|
1203 ! \fBRSYNC_EXIT_STATUS\fP: (post\-xfer only) the server side\(cq\&s exit value. |
|
1204 This will be 0 for a successful run, a positive value for an error that the |
|
1205 server generated, or a \-1 if rsync failed to exit properly. Note that an |
|
1206 error that occurs on the client side does not currently get sent to the |
|
1207 server side, so this is not the final exit status for the whole transfer. |
|
1208 .IP o |
|
1209 ! \fBRSYNC_RAW_STATUS\fP: (post\-xfer only) the raw exit value from |
|
1210 \f(CWwaitpid()\fP |
|
1211 \&. |
|
1212 .RE |
|
1213 *************** |
|
1214 *** 719,725 **** |
|
1215 .IP |
|
1216 Even though the commands can be associated with a particular module, they |
|
1217 are run using the permissions of the user that started the daemon (not the |
|
1218 ! module's uid/gid setting) without any chroot restrictions. |
|
1219 .IP |
|
1220 .SH "AUTHENTICATION STRENGTH" |
|
1221 |
|
1222 --- 719,725 ---- |
|
1223 .IP |
|
1224 Even though the commands can be associated with a particular module, they |
|
1225 are run using the permissions of the user that started the daemon (not the |
|
1226 ! module\(cq\&s uid/gid setting) without any chroot restrictions. |
|
1227 .IP |
|
1228 .SH "AUTHENTICATION STRENGTH" |
|
1229 |
|
1230 *************** |
|
1231 *** 726,733 **** |
|
1232 .PP |
|
1233 The authentication protocol used in rsync is a 128 bit MD4 based |
|
1234 challenge response system. This is fairly weak protection, though (with |
|
1235 ! at least one brute-force hash-finding algorithm publicly available), so |
|
1236 ! if you want really top-quality security, then I recommend that you run |
|
1237 rsync over ssh. (Yes, a future version of rsync will switch over to a |
|
1238 stronger hashing method.) |
|
1239 .PP |
|
1240 --- 726,733 ---- |
|
1241 .PP |
|
1242 The authentication protocol used in rsync is a 128 bit MD4 based |
|
1243 challenge response system. This is fairly weak protection, though (with |
|
1244 ! at least one brute\-force hash\-finding algorithm publicly available), so |
|
1245 ! if you want really top\-quality security, then I recommend that you run |
|
1246 rsync over ssh. (Yes, a future version of rsync will switch over to a |
|
1247 stronger hashing method.) |
|
1248 .PP |
|
1249 *************** |
|
1250 *** 822,828 **** |
|
1251 .SH "VERSION" |
|
1252 |
|
1253 .PP |
|
1254 ! This man page is current for version 3.0.6 of rsync. |
|
1255 .PP |
|
1256 .SH "CREDITS" |
|
1257 |
|
1258 --- 822,828 ---- |
|
1259 .SH "VERSION" |
|
1260 |
|
1261 .PP |
|
1262 ! This man page is current for version 3.0.8 of rsync. |
|
1263 .PP |
|
1264 .SH "CREDITS" |
|
1265 |
|
1266 *************** |
|
1267 *** 838,844 **** |
|
1268 .PP |
|
1269 We would be delighted to hear from you if you like this program. |
|
1270 .PP |
|
1271 ! This program uses the zlib compression library written by Jean-loup |
|
1272 Gailly and Mark Adler. |
|
1273 .PP |
|
1274 .SH "THANKS" |
|
1275 --- 838,844 ---- |
|
1276 .PP |
|
1277 We would be delighted to hear from you if you like this program. |
|
1278 .PP |
|
1279 ! This program uses the zlib compression library written by Jean\-loup |
|
1280 Gailly and Mark Adler. |
|
1281 .PP |
|
1282 .SH "THANKS" |
|