107 whitespace. |
81 whitespace. |
108 .IP |
82 .IP |
109 .IP "\fBuse chroot\fP" |
83 .IP "\fBuse chroot\fP" |
110 -If \(dq\&use chroot\(dq\& is true, the rsync daemon will chroot |
84 -If \(dq\&use chroot\(dq\& is true, the rsync daemon will chroot |
111 -to the \(dq\&path\(dq\& before starting the file transfer with the client. This has |
85 -to the \(dq\&path\(dq\& before starting the file transfer with the client. This has |
112 +If \(lquse chroot\(rq is true, the rsync daemon will chroot |
86 +If "use chroot" is true, the rsync daemon will chroot |
113 +to the \(lqpath\(rq before starting the file transfer with the client. This has |
87 +to the "path" before starting the file transfer with the client. This has |
114 the advantage of extra protection against possible implementation security |
88 the advantage of extra protection against possible implementation security |
115 -holes, but it has the disadvantages of requiring super\-user privileges, |
89 holes, but it has the disadvantages of requiring super\-user privileges, |
116 +holes, but it has the disadvantages of requiring super-user privileges, |
|
117 of not being able to follow symbolic links that are either absolute or outside |
90 of not being able to follow symbolic links that are either absolute or outside |
|
91 @@ -192,26 +192,26 @@ |
118 of the new root path, and of complicating the preservation of users and groups |
92 of the new root path, and of complicating the preservation of users and groups |
119 by name (see below). |
93 by name (see below). |
120 .IP |
94 .IP |
121 -As an additional safety feature, you can specify a dot\-dir in the module\(cq\&s |
95 -As an additional safety feature, you can specify a dot\-dir in the module\(cq\&s |
122 -\(dq\&path\(dq\& to indicate the point where the chroot should occur. This allows rsync |
96 -\(dq\&path\(dq\& to indicate the point where the chroot should occur. This allows rsync |
123 -to run in a chroot with a non\-\(dq\&/\(dq\& path for the top of the transfer hierarchy. |
97 -to run in a chroot with a non\-\(dq\&/\(dq\& path for the top of the transfer hierarchy. |
124 +As an additional safety feature, you can specify a dot-dir in the module's |
98 +As an additional safety feature, you can specify a dot\-dir in the module's |
125 +\(lqpath\(rq to indicate the point where the chroot should occur. This allows rsync |
99 +"path" to indicate the point where the chroot should occur. This allows rsync |
126 +to run in a chroot with a non\-"/\(rq path for the top of the transfer hierarchy. |
100 +to run in a chroot with a non\-"/" path for the top of the transfer hierarchy. |
127 Doing this guards against unintended library loading (since those absolute |
101 Doing this guards against unintended library loading (since those absolute |
128 paths will not be inside the transfer hierarchy unless you have used an unwise |
102 paths will not be inside the transfer hierarchy unless you have used an unwise |
129 pathname), and lets you setup libraries for the chroot that are outside of the |
103 pathname), and lets you setup libraries for the chroot that are outside of the |
130 -transfer. For example, specifying \(dq\&/var/rsync/./module1\(dq\& will chroot to the |
104 -transfer. For example, specifying \(dq\&/var/rsync/./module1\(dq\& will chroot to the |
131 -\(dq\&/var/rsync\(dq\& directory and set the inside\-chroot path to \(dq\&/module1\(dq\&. If you |
105 -\(dq\&/var/rsync\(dq\& directory and set the inside\-chroot path to \(dq\&/module1\(dq\&. If you |
132 -had omitted the dot\-dir, the chroot would have used the whole path, and the |
106 +transfer. For example, specifying "/var/rsync/./module1" will chroot to the |
|
107 +"/var/rsync" directory and set the inside\-chroot path to "/module1". If you |
|
108 had omitted the dot\-dir, the chroot would have used the whole path, and the |
133 -inside\-chroot path would have been \(dq\&/\(dq\&. |
109 -inside\-chroot path would have been \(dq\&/\(dq\&. |
134 +transfer. For example, specifying \(lq/var/rsync/./module1\(rq will chroot to the |
110 +inside\-chroot path would have been "/". |
135 +\(lq/var/rsync\(rq directory and set the inside-chroot path to \(lq/module1\(rq. If you |
|
136 +had omitted the dot-dir, the chroot would have used the whole path, and the |
|
137 +inside-chroot path would have been \(lq/\(rq. |
|
138 .IP |
111 .IP |
139 -When \(dq\&use chroot\(dq\& is false or the inside\-chroot path is not \(dq\&/\(dq\&, rsync will: |
112 -When \(dq\&use chroot\(dq\& is false or the inside\-chroot path is not \(dq\&/\(dq\&, rsync will: |
140 +When \(lquse chroot\(rq is false or the inside-chroot path is not \(lq/\(rq, rsync will: |
113 +When "use chroot" is false or the inside\-chroot path is not "/", rsync will: |
141 (1) munge symlinks by |
114 (1) munge symlinks by |
142 -default for security reasons (see \(dq\&munge symlinks\(dq\& for a way to turn this |
115 -default for security reasons (see \(dq\&munge symlinks\(dq\& for a way to turn this |
143 +default for security reasons (see \(lqmunge symlinks\(rq for a way to turn this |
116 +default for security reasons (see "munge symlinks" for a way to turn this |
144 off, but only if you trust your users), (2) substitute leading slashes in |
117 off, but only if you trust your users), (2) substitute leading slashes in |
145 -absolute paths with the module\(cq\&s path (so that options such as |
118 -absolute paths with the module\(cq\&s path (so that options such as |
146 -\fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as |
119 +absolute paths with the module's path (so that options such as |
|
120 \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as |
147 -rooted in the module\(cq\&s \(dq\&path\(dq\& dir), and (3) trim \(dq\&..\(dq\& path elements from |
121 -rooted in the module\(cq\&s \(dq\&path\(dq\& dir), and (3) trim \(dq\&..\(dq\& path elements from |
148 +absolute paths with the module's path (so that options such as |
122 +rooted in the module's "path" dir), and (3) trim ".." path elements from |
149 +\fB\-\-backup\-dir\fP, \fB\-\-compare-dest\fP, etc. interpret an absolute path as |
|
150 +rooted in the module's \(lqpath\(rq dir), and (3) trim \(lq..\(rq path elements from |
|
151 args if rsync believes they would escape the module hierarchy. |
123 args if rsync believes they would escape the module hierarchy. |
152 -The default for \(dq\&use chroot\(dq\& is true, and is the safer choice (especially |
124 -The default for \(dq\&use chroot\(dq\& is true, and is the safer choice (especially |
153 -if the module is not read\-only). |
125 +The default for "use chroot" is true, and is the safer choice (especially |
154 +The default for \(lquse chroot\(rq is true, and is the safer choice (especially |
126 if the module is not read\-only). |
155 +if the module is not read-only). |
|
156 .IP |
127 .IP |
157 When this parameter is enabled, rsync will not attempt to map users and groups |
128 When this parameter is enabled, rsync will not attempt to map users and groups |
158 by name (by default), but instead copy IDs as though \fB\-\-numeric\-ids\fP had |
129 @@ -231,12 +231,12 @@ |
159 -been specified. In order to enable name\-mapping, rsync needs to be able to |
|
160 +been specified. In order to enable name-mapping, rsync needs to be able to |
|
161 use the standard library functions for looking up names and IDs (i.e. |
|
162 \f(CWgetpwuid()\fP |
|
163 , |
|
164 @@ -197,12 +197,12 @@ |
|
165 used by these library functions (traditionally /etc/passwd and |
130 used by these library functions (traditionally /etc/passwd and |
166 /etc/group, but perhaps additional dynamic libraries as well). |
131 /etc/group, but perhaps additional dynamic libraries as well). |
167 .IP |
132 .IP |
168 -If you copy the necessary resources into the module\(cq\&s chroot area, you |
133 -If you copy the necessary resources into the module\(cq\&s chroot area, you |
169 -should protect them through your OS\(cq\&s normal user/group or ACL settings (to |
134 -should protect them through your OS\(cq\&s normal user/group or ACL settings (to |
170 -prevent the rsync module\(cq\&s user from being able to change them), and then |
135 -prevent the rsync module\(cq\&s user from being able to change them), and then |
171 -hide them from the user\(cq\&s view via \(dq\&exclude\(dq\& (see how in the discussion of |
136 -hide them from the user\(cq\&s view via \(dq\&exclude\(dq\& (see how in the discussion of |
172 +If you copy the necessary resources into the module's chroot area, you |
137 +If you copy the necessary resources into the module's chroot area, you |
173 +should protect them through your OS's normal user/group or ACL settings (to |
138 +should protect them through your OS's normal user/group or ACL settings (to |
174 +prevent the rsync module's user from being able to change them), and then |
139 +prevent the rsync module's user from being able to change them), and then |
175 +hide them from the user's view via \(lqexclude\(rq (see how in the discussion of |
140 +hide them from the user's view via "exclude" (see how in the discussion of |
176 that parameter). At that point it will be safe to enable the mapping of users |
141 that parameter). At that point it will be safe to enable the mapping of users |
177 -and groups by name using the \(dq\&numeric ids\(dq\& daemon parameter (see below). |
142 -and groups by name using the \(dq\&numeric ids\(dq\& daemon parameter (see below). |
178 +and groups by name using the \(lqnumeric ids\(rq daemon parameter (see below). |
143 +and groups by name using the "numeric ids" daemon parameter (see below). |
179 .IP |
144 .IP |
180 Note also that you are free to setup custom user/group information in the |
145 Note also that you are free to setup custom user/group information in the |
181 chroot area that is different from your normal system. For example, you |
146 chroot area that is different from your normal system. For example, you |
182 @@ -211,12 +211,12 @@ |
147 @@ -250,7 +250,7 @@ |
183 .IP "\fBnumeric ids\fP" |
148 the \fB\-\-numeric\-ids\fP command\-line option. By default, this parameter is |
184 Enabling this parameter disables the mapping |
149 enabled for chroot modules and disabled for non\-chroot modules. |
185 of users and groups by name for the current daemon module. This prevents |
|
186 -the daemon from trying to load any user/group\-related files or libraries. |
|
187 +the daemon from trying to load any user/group-related files or libraries. |
|
188 This enabling makes the transfer behave as if the client had passed |
|
189 -the \fB\-\-numeric\-ids\fP command\-line option. By default, this parameter is |
|
190 -enabled for chroot modules and disabled for non\-chroot modules. |
|
191 +the \fB\-\-numeric\-ids\fP command-line option. By default, this parameter is |
|
192 +enabled for chroot modules and disabled for non-chroot modules. |
|
193 .IP |
150 .IP |
194 -A chroot\-enabled module should not have this parameter enabled unless you\(cq\&ve |
151 -A chroot\-enabled module should not have this parameter enabled unless you\(cq\&ve |
195 +A chroot-enabled module should not have this parameter enabled unless you've |
152 +A chroot\-enabled module should not have this parameter enabled unless you've |
196 taken steps to ensure that the module has the necessary resources it needs |
153 taken steps to ensure that the module has the necessary resources it needs |
197 to translate names, and that it is not possible for a user to change those |
154 to translate names, and that it is not possible for a user to change those |
198 resources. |
155 resources. |
199 @@ -225,52 +225,52 @@ |
156 @@ -260,52 +260,52 @@ |
200 This parameter tells rsync to modify |
157 all symlinks in the same way as the (non\-daemon\-affecting) |
201 all incoming symlinks in a way that makes them unusable but recoverable |
158 \fB\-\-munge\-links\fP command\-line option (using a method described below). |
202 (see below). This should help protect your files from user trickery when |
159 This should help protect your files from user trickery when |
203 -your daemon module is writable. The default is disabled when \(dq\&use chroot\(dq\& |
160 -your daemon module is writable. The default is disabled when \(dq\&use chroot\(dq\& |
204 -is on and the inside\-chroot path is \(dq\&/\(dq\&, otherwise it is enabled. |
161 -is on and the inside\-chroot path is \(dq\&/\(dq\&, otherwise it is enabled. |
205 +your daemon module is writable. The default is disabled when \(lquse chroot\(rq |
162 +your daemon module is writable. The default is disabled when "use chroot" |
206 +is on and the inside-chroot path is \(lq/\(rq, otherwise it is enabled. |
163 +is on and the inside\-chroot path is "/", otherwise it is enabled. |
207 .IP |
164 .IP |
208 -If you disable this parameter on a daemon that is not read\-only, there |
165 If you disable this parameter on a daemon that is not read\-only, there |
209 +If you disable this parameter on a daemon that is not read-only, there |
|
210 are tricks that a user can play with uploaded symlinks to access |
166 are tricks that a user can play with uploaded symlinks to access |
211 -daemon\-excluded items (if your module has any), and, if \(dq\&use chroot\(dq\& |
167 -daemon\-excluded items (if your module has any), and, if \(dq\&use chroot\(dq\& |
212 +daemon-excluded items (if your module has any), and, if \(lquse chroot\(rq |
168 +daemon\-excluded items (if your module has any), and, if "use chroot" |
213 is off, rsync can even be tricked into showing or changing data that |
169 is off, rsync can even be tricked into showing or changing data that |
214 -is outside the module\(cq\&s path (as access\-permissions allow). |
170 -is outside the module\(cq\&s path (as access\-permissions allow). |
215 +is outside the module's path (as access-permissions allow). |
171 +is outside the module's path (as access\-permissions allow). |
216 .IP |
172 .IP |
217 The way rsync disables the use of symlinks is to prefix each one with |
173 The way rsync disables the use of symlinks is to prefix each one with |
218 -the string \(dq\&/rsyncd\-munged/\(dq\&. This prevents the links from being used |
174 -the string \(dq\&/rsyncd\-munged/\(dq\&. This prevents the links from being used |
219 +the string \(lq/rsyncd-munged/\(rq. This prevents the links from being used |
175 +the string "/rsyncd\-munged/". This prevents the links from being used |
220 as long as that directory does not exist. When this parameter is enabled, |
176 as long as that directory does not exist. When this parameter is enabled, |
221 rsync will refuse to run if that path is a directory or a symlink to |
177 rsync will refuse to run if that path is a directory or a symlink to |
222 -a directory. When using the \(dq\&munge symlinks\(dq\& parameter in a chroot area |
178 -a directory. When using the \(dq\&munge symlinks\(dq\& parameter in a chroot area |
223 -that has an inside\-chroot path of \(dq\&/\(dq\&, you should add \(dq\&/rsyncd\-munged/\(dq\& |
179 -that has an inside\-chroot path of \(dq\&/\(dq\&, you should add \(dq\&/rsyncd\-munged/\(dq\& |
224 +a directory. When using the \(lqmunge symlinks\(rq parameter in a chroot area |
180 +a directory. When using the "munge symlinks" parameter in a chroot area |
225 +that has an inside-chroot path of \(lq/\(rq, you should add \(lq/rsyncd-munged/\(rq |
181 +that has an inside\-chroot path of "/", you should add "/rsyncd\-munged/" |
226 to the exclude setting for the module so that |
182 to the exclude setting for the module so that |
227 -a user can\(cq\&t try to create it. |
183 -a user can\(cq\&t try to create it. |
228 +a user can't try to create it. |
184 +a user can't try to create it. |
229 .IP |
185 .IP |
230 -Note: rsync makes no attempt to verify that any pre\-existing symlinks in |
186 Note: rsync makes no attempt to verify that any pre\-existing symlinks in |
231 -the module\(cq\&s hierarchy are as safe as you want them to be (unless, of |
187 -the module\(cq\&s hierarchy are as safe as you want them to be (unless, of |
232 +Note: rsync makes no attempt to verify that any pre-existing symlinks in |
|
233 +the module's hierarchy are as safe as you want them to be (unless, of |
188 +the module's hierarchy are as safe as you want them to be (unless, of |
234 course, it just copied in the whole hierarchy). If you setup an rsync |
189 course, it just copied in the whole hierarchy). If you setup an rsync |
235 daemon on a new area or locally add symlinks, you can manually protect your |
190 daemon on a new area or locally add symlinks, you can manually protect your |
236 -symlinks from being abused by prefixing \(dq\&/rsyncd\-munged/\(dq\& to the start of |
191 -symlinks from being abused by prefixing \(dq\&/rsyncd\-munged/\(dq\& to the start of |
237 -every symlink\(cq\&s value. There is a perl script in the support directory |
192 -every symlink\(cq\&s value. There is a perl script in the support directory |
238 -of the source code named \(dq\&munge\-symlinks\(dq\& that can be used to add or remove |
193 -of the source code named \(dq\&munge\-symlinks\(dq\& that can be used to add or remove |
239 +symlinks from being abused by prefixing \(lq/rsyncd-munged/\(rq to the start of |
194 +symlinks from being abused by prefixing "/rsyncd\-munged/" to the start of |
240 +every symlink's value. There is a perl script in the support directory |
195 +every symlink's value. There is a perl script in the support directory |
241 +of the source code named \(lqmunge-symlinks\(rq that can be used to add or remove |
196 +of the source code named "munge\-symlinks" that can be used to add or remove |
242 this prefix from your symlinks. |
197 this prefix from your symlinks. |
243 .IP |
198 .IP |
244 -When this parameter is disabled on a writable module and \(dq\&use chroot\(dq\& is off |
199 -When this parameter is disabled on a writable module and \(dq\&use chroot\(dq\& is off |
245 -(or the inside\-chroot path is not \(dq\&/\(dq\&), |
200 -(or the inside\-chroot path is not \(dq\&/\(dq\&), |
246 -incoming symlinks will be modified to drop a leading slash and to remove \(dq\&..\(dq\& |
201 -incoming symlinks will be modified to drop a leading slash and to remove \(dq\&..\(dq\& |
247 -path elements that rsync believes will allow a symlink to escape the module\(cq\&s |
202 -path elements that rsync believes will allow a symlink to escape the module\(cq\&s |
248 +When this parameter is disabled on a writable module and \(lquse chroot\(rq is off |
203 +When this parameter is disabled on a writable module and "use chroot" is off |
249 +(or the inside-chroot path is not \(lq/\(rq), |
204 +(or the inside\-chroot path is not "/"), |
250 +incoming symlinks will be modified to drop a leading slash and to remove \(lq..\(rq |
205 +incoming symlinks will be modified to drop a leading slash and to remove ".." |
251 +path elements that rsync believes will allow a symlink to escape the module's |
206 +path elements that rsync believes will allow a symlink to escape the module's |
252 hierarchy. There are tricky ways to work around this, though, so you had |
207 hierarchy. There are tricky ways to work around this, though, so you had |
253 better trust your users if you choose this combination of parameters. |
208 better trust your users if you choose this combination of parameters. |
254 .IP |
209 .IP |
255 .IP "\fBcharset\fP" |
210 .IP "\fBcharset\fP" |
256 This specifies the name of the character set in which the |
211 This specifies the name of the character set in which the |
257 -module\(cq\&s filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
212 -module\(cq\&s filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
258 -the daemon will use the value of the \(dq\&charset\(dq\& parameter regardless of the |
213 -the daemon will use the value of the \(dq\&charset\(dq\& parameter regardless of the |
259 +module's filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
214 +module's filenames are stored. If the client uses an \fB\-\-iconv\fP option, |
260 +the daemon will use the value of the \(lqcharset\(rq parameter regardless of the |
215 +the daemon will use the value of the "charset" parameter regardless of the |
261 character set the client actually passed. This allows the daemon to |
216 character set the client actually passed. This allows the daemon to |
262 support charset conversion in a chroot module without extra files in the |
217 support charset conversion in a chroot module without extra files in the |
263 -chroot area, and also ensures that name\-translation is done in a consistent |
218 chroot area, and also ensures that name\-translation is done in a consistent |
264 -manner. If the \(dq\&charset\(dq\& parameter is not set, the \fB\-\-iconv\fP option is |
219 -manner. If the \(dq\&charset\(dq\& parameter is not set, the \fB\-\-iconv\fP option is |
265 -refused, just as if \(dq\&iconv\(dq\& had been specified via \(dq\&refuse options\(dq\&. |
220 -refused, just as if \(dq\&iconv\(dq\& had been specified via \(dq\&refuse options\(dq\&. |
266 +chroot area, and also ensures that name-translation is done in a consistent |
221 +manner. If the "charset" parameter is not set, the \fB\-\-iconv\fP option is |
267 +manner. If the \(lqcharset\(rq parameter is not set, the \fB\-\-iconv\fP option is |
222 +refused, just as if "iconv" had been specified via "refuse options". |
268 +refused, just as if \(lqiconv\(rq had been specified via \(lqrefuse options\(rq. |
|
269 .IP |
223 .IP |
270 If you wish to force users to always use \fB\-\-iconv\fP for a particular |
224 If you wish to force users to always use \fB\-\-iconv\fP for a particular |
271 -module, add \(dq\&no\-iconv\(dq\& to the \(dq\&refuse options\(dq\& parameter. Keep in mind |
225 -module, add \(dq\&no\-iconv\(dq\& to the \(dq\&refuse options\(dq\& parameter. Keep in mind |
272 +module, add \(lqno-iconv\(rq to the \(lqrefuse options\(rq parameter. Keep in mind |
226 +module, add "no\-iconv" to the "refuse options" parameter. Keep in mind |
273 that this will restrict access to your module to very new rsync clients. |
227 that this will restrict access to your module to very new rsync clients. |
274 .IP |
228 .IP |
275 .IP "\fBmax connections\fP" |
229 .IP "\fBmax connections\fP" |
276 @@ -279,21 +279,21 @@ |
230 @@ -314,15 +314,15 @@ |
277 Any clients connecting when the maximum has been reached will receive a |
231 Any clients connecting when the maximum has been reached will receive a |
278 message telling them to try later. The default is 0, which means no limit. |
232 message telling them to try later. The default is 0, which means no limit. |
279 A negative value disables the module. |
233 A negative value disables the module. |
280 -See also the \(dq\&lock file\(dq\& parameter. |
234 -See also the \(dq\&lock file\(dq\& parameter. |
281 +See also the \(lqlock file\(rq parameter. |
235 +See also the "lock file" parameter. |
282 .IP |
236 .IP |
283 .IP "\fBlog file\fP" |
237 .IP "\fBlog file\fP" |
284 -When the \(dq\&log file\(dq\& parameter is set to a non\-empty |
238 -When the \(dq\&log file\(dq\& parameter is set to a non\-empty |
285 +When the \(lqlog file\(rq parameter is set to a non-empty |
239 +When the "log file" parameter is set to a non\-empty |
286 string, the rsync daemon will log messages to the indicated file rather |
240 string, the rsync daemon will log messages to the indicated file rather |
287 than using syslog. This is particularly useful on systems (such as AIX) |
241 than using syslog. This is particularly useful on systems (such as AIX) |
288 where |
242 where |
289 \f(CWsyslog()\fP |
243 \f(CWsyslog()\fP |
290 -doesn\(cq\&t work for chrooted programs. The file is |
244 -doesn\(cq\&t work for chrooted programs. The file is |
291 +doesn't work for chrooted programs. The file is |
245 +doesn't work for chrooted programs. The file is |
292 opened before |
246 opened before |
293 \f(CWchroot()\fP |
247 \f(CWchroot()\fP |
294 is called, allowing it to be placed outside |
248 is called, allowing it to be placed outside |
295 -the transfer. If this value is set on a per\-module basis instead of |
249 @@ -337,7 +337,7 @@ |
296 +the transfer. If this value is set on a per-module basis instead of |
250 This setting can be overridden by using the \fB\-\-log\-file=FILE\fP or |
297 globally, the global log will still contain any authorization failures |
251 \fB\-\-dparam=logfile=FILE\fP command\-line options. The former overrides |
298 -or config\-file error messages. |
252 all the log\-file parameters of the daemon and all module settings. |
299 +or config-file error messages. |
253 -The latter sets the daemon\(cq\&s log file and the default for all the |
300 .IP |
254 +The latter sets the daemon's log file and the default for all the |
301 If the daemon fails to open the specified file, it will fall back to |
255 modules, which still allows modules to override the default setting. |
302 using syslog and output an error about the failure. (Note that the |
256 .IP |
303 @@ -306,34 +306,34 @@ |
257 .IP "\fBsyslog facility\fP" |
|
258 @@ -347,19 +347,19 @@ |
304 defined on your system. Common names are auth, authpriv, cron, daemon, |
259 defined on your system. Common names are auth, authpriv, cron, daemon, |
305 ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0, |
260 ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0, |
306 local1, local2, local3, local4, local5, local6 and local7. The default |
261 local1, local2, local3, local4, local5, local6 and local7. The default |
307 -is daemon. This setting has no effect if the \(dq\&log file\(dq\& setting is a |
262 -is daemon. This setting has no effect if the \(dq\&log file\(dq\& setting is a |
308 -non\-empty string (either set in the per\-modules settings, or inherited |
263 +is daemon. This setting has no effect if the "log file" setting is a |
309 +is daemon. This setting has no effect if the \(lqlog file\(rq setting is a |
264 non\-empty string (either set in the per\-modules settings, or inherited |
310 +non-empty string (either set in the per-modules settings, or inherited |
|
311 from the global settings). |
265 from the global settings). |
312 .IP |
266 .IP |
313 .IP "\fBmax verbosity\fP" |
267 .IP "\fBmax verbosity\fP" |
314 This parameter allows you to control |
268 This parameter allows you to control |
315 -the maximum amount of verbose information that you\(cq\&ll allow the daemon to |
269 -the maximum amount of verbose information that you\(cq\&ll allow the daemon to |
318 which allows the client to request one level of verbosity. |
272 which allows the client to request one level of verbosity. |
319 .IP |
273 .IP |
320 .IP "\fBlock file\fP" |
274 .IP "\fBlock file\fP" |
321 This parameter specifies the file to use to |
275 This parameter specifies the file to use to |
322 -support the \(dq\&max connections\(dq\& parameter. The rsync daemon uses record |
276 -support the \(dq\&max connections\(dq\& parameter. The rsync daemon uses record |
323 +support the \(lqmax connections\(rq parameter. The rsync daemon uses record |
277 +support the "max connections" parameter. The rsync daemon uses record |
324 locking on this file to ensure that the max connections limit is not |
278 locking on this file to ensure that the max connections limit is not |
325 exceeded for the modules sharing the lock file. |
279 exceeded for the modules sharing the lock file. |
326 The default is \f(CW/var/run/rsyncd.lock\fP. |
280 The default is \f(CW/var/run/rsyncd.lock\fP. |
|
281 @@ -366,17 +366,17 @@ |
327 .IP |
282 .IP |
328 .IP "\fBread only\fP" |
283 .IP "\fBread only\fP" |
329 This parameter determines whether clients |
284 This parameter determines whether clients |
330 -will be able to upload files or not. If \(dq\&read only\(dq\& is true then any |
285 -will be able to upload files or not. If \(dq\&read only\(dq\& is true then any |
331 -attempted uploads will fail. If \(dq\&read only\(dq\& is false then uploads will |
286 -attempted uploads will fail. If \(dq\&read only\(dq\& is false then uploads will |
332 +will be able to upload files or not. If \(lqread only\(rq is true then any |
287 +will be able to upload files or not. If "read only" is true then any |
333 +attempted uploads will fail. If \(lqread only\(rq is false then uploads will |
288 +attempted uploads will fail. If "read only" is false then uploads will |
334 be possible if file permissions on the daemon side allow them. The default |
289 be possible if file permissions on the daemon side allow them. The default |
335 is for all modules to be read only. |
290 is for all modules to be read only. |
|
291 .IP |
|
292 -Note that \(dq\&auth users\(dq\& can override this setting on a per\-user basis. |
|
293 +Note that "auth users" can override this setting on a per\-user basis. |
336 .IP |
294 .IP |
337 .IP "\fBwrite only\fP" |
295 .IP "\fBwrite only\fP" |
338 This parameter determines whether clients |
296 This parameter determines whether clients |
339 -will be able to download files or not. If \(dq\&write only\(dq\& is true then any |
297 -will be able to download files or not. If \(dq\&write only\(dq\& is true then any |
340 -attempted downloads will fail. If \(dq\&write only\(dq\& is false then downloads |
298 -attempted downloads will fail. If \(dq\&write only\(dq\& is false then downloads |
341 +will be able to download files or not. If \(lqwrite only\(rq is true then any |
299 +will be able to download files or not. If "write only" is true then any |
342 +attempted downloads will fail. If \(lqwrite only\(rq is false then downloads |
300 +attempted downloads will fail. If "write only" is false then downloads |
343 will be possible if file permissions on the daemon side allow them. The |
301 will be possible if file permissions on the daemon side allow them. The |
344 default is for this parameter to be disabled. |
302 default is for this parameter to be disabled. |
345 .IP |
303 .IP |
346 @@ -346,19 +346,19 @@ |
304 @@ -384,8 +384,8 @@ |
|
305 This parameter determines whether this module is |
|
306 listed when the client asks for a listing of available modules. In addition, |
|
307 if this is false, the daemon will pretend the module does not exist |
|
308 -when a client denied by \(dq\&hosts allow\(dq\& or \(dq\&hosts deny\(dq\& attempts to access it. |
|
309 -Realize that if \(dq\&reverse lookup\(dq\& is disabled globally but enabled for the |
|
310 +when a client denied by "hosts allow" or "hosts deny" attempts to access it. |
|
311 +Realize that if "reverse lookup" is disabled globally but enabled for the |
|
312 module, the resulting reverse lookup to a potentially client\-controlled DNS |
|
313 server may still reveal to the client that it hit an existing module. |
|
314 The default is for modules to be listable. |
|
315 @@ -393,10 +393,10 @@ |
347 .IP "\fBuid\fP" |
316 .IP "\fBuid\fP" |
348 This parameter specifies the user name or user ID that |
317 This parameter specifies the user name or user ID that |
349 file transfers to and from that module should take place as when the daemon |
318 file transfers to and from that module should take place as when the daemon |
350 -was run as root. In combination with the \(dq\&gid\(dq\& parameter this determines what |
319 -was run as root. In combination with the \(dq\&gid\(dq\& parameter this determines what |
351 +was run as root. In combination with the \(lqgid\(rq parameter this determines what |
320 +was run as root. In combination with the "gid" parameter this determines what |
352 file permissions are available. The default is uid \-2, which is normally |
321 file permissions are available. The default when run by a super\-user is to |
353 -the user \(dq\&nobody\(dq\&. |
322 -switch to the system\(cq\&s \(dq\&nobody\(dq\& user. The default for a non\-super\-user is to |
354 +the user \(lqnobody\(rq. |
323 -not try to change the user. See also the \(dq\&gid\(dq\& parameter. |
355 .IP |
324 +switch to the system's "nobody" user. The default for a non\-super\-user is to |
|
325 +not try to change the user. See also the "gid" parameter. |
|
326 .IP |
|
327 The RSYNC_USER_NAME environment variable may be used to request that rsync run |
|
328 as the authorizing user. For example, if you want a rsync to run as the same |
|
329 @@ -411,16 +411,16 @@ |
356 .IP "\fBgid\fP" |
330 .IP "\fBgid\fP" |
357 This parameter specifies the group name or group ID that |
331 This parameter specifies one or more group names/IDs that will be |
358 file transfers to and from that module should take place as when the daemon |
332 used when accessing the module. The first one will be the default group, and |
359 -was run as root. This complements the \(dq\&uid\(dq\& parameter. The default is gid \-2, |
333 -any extra ones be set as supplemental groups. You may also specify a \(dq\&*\(dq\& as |
360 -which is normally the group \(dq\&nobody\(dq\&. |
334 +any extra ones be set as supplemental groups. You may also specify a "*" as |
361 +was run as root. This complements the \(lquid\(rq parameter. The default is gid \-2, |
335 the first gid in the list, which will be replaced by all the normal groups for |
362 +which is normally the group \(lqnobody\(rq. |
336 -the transfer\(cq\&s user (see \(dq\&uid\(dq\&). The default when run by a super\-user is to |
|
337 -switch to your OS\(cq\&s \(dq\&nobody\(dq\& (or perhaps \(dq\&nogroup\(dq\&) group with no other |
|
338 +the transfer's user (see "uid"). The default when run by a super\-user is to |
|
339 +switch to your OS's "nobody" (or perhaps "nogroup") group with no other |
|
340 supplementary groups. The default for a non\-super\-user is to not change any |
|
341 group attributes (and indeed, your OS may not allow a non\-super\-user to try to |
|
342 change their group settings). |
363 .IP |
343 .IP |
364 .IP "\fBfake super\fP" |
344 .IP "\fBfake super\fP" |
365 -Setting \(dq\&fake super = yes\(dq\& for a module causes the |
345 -Setting \(dq\&fake super = yes\(dq\& for a module causes the |
366 -daemon side to behave as if the \fB\-\-fake\-super\fP command\-line option had |
346 +Setting "fake super = yes" for a module causes the |
367 +Setting \(lqfake super = yes\(rq for a module causes the |
347 daemon side to behave as if the \fB\-\-fake\-super\fP command\-line option had |
368 +daemon side to behave as if the \fB\-\-fake\-super\fP command-line option had |
|
369 been specified. This allows the full attributes of a file to be stored |
348 been specified. This allows the full attributes of a file to be stored |
370 without having to have the daemon actually running as root. |
349 without having to have the daemon actually running as root. |
371 .IP |
350 @@ -436,17 +436,17 @@ |
372 @@ -366,69 +366,69 @@ |
|
373 The daemon has its own filter chain that determines what files |
|
374 it will let the client access. This chain is not sent to the client and is |
|
375 independent of any filters the client may have specified. Files excluded by |
|
376 -the daemon filter chain (\fBdaemon\-excluded\fP files) are treated as non\-existent |
|
377 +the daemon filter chain (\fBdaemon-excluded\fP files) are treated as non-existent |
|
378 if the client tries to pull them, are skipped with an error message if the |
|
379 client tries to push them (triggering exit code 23), and are never deleted from |
|
380 the module. You can use daemon filters to prevent clients from downloading or |
|
381 tampering with private administrative files, such as files you may add to |
351 tampering with private administrative files, such as files you may add to |
382 support uid/gid name translations. |
352 support uid/gid name translations. |
383 .IP |
353 .IP |
384 -The daemon filter chain is built from the \(dq\&filter\(dq\&, \(dq\&include from\(dq\&, \(dq\&include\(dq\&, |
354 -The daemon filter chain is built from the \(dq\&filter\(dq\&, \(dq\&include from\(dq\&, \(dq\&include\(dq\&, |
385 -\(dq\&exclude from\(dq\&, and \(dq\&exclude\(dq\& parameters, in that order of priority. Anchored |
355 -\(dq\&exclude from\(dq\&, and \(dq\&exclude\(dq\& parameters, in that order of priority. Anchored |
386 +The daemon filter chain is built from the \(lqfilter\(rq, \(lqinclude from\(rq, \(lqinclude\(rq, |
356 +The daemon filter chain is built from the "filter", "include from", "include", |
387 +\(lqexclude from\(rq, and \(lqexclude\(rq parameters, in that order of priority. Anchored |
357 +"exclude from", and "exclude" parameters, in that order of priority. Anchored |
388 patterns are anchored at the root of the module. To prevent access to an |
358 patterns are anchored at the root of the module. To prevent access to an |
389 -entire subtree, for example, \(dq\&/secret\(dq\&, you \fImust\fP exclude everything in the |
359 -entire subtree, for example, \(dq\&/secret\(dq\&, you \fImust\fP exclude everything in the |
390 -subtree; the easiest way to do this is with a triple\-star pattern like |
360 +entire subtree, for example, "/secret", you \fImust\fP exclude everything in the |
|
361 subtree; the easiest way to do this is with a triple\-star pattern like |
391 -\(dq\&/secret/***\(dq\&. |
362 -\(dq\&/secret/***\(dq\&. |
392 +entire subtree, for example, \(lq/secret\(rq, you \fImust\fP exclude everything in the |
363 +"/secret/***". |
393 +subtree; the easiest way to do this is with a triple-star pattern like |
|
394 +\(lq/secret/***\(rq. |
|
395 .IP |
364 .IP |
396 -The \(dq\&filter\(dq\& parameter takes a space\-separated list of daemon filter rules, |
365 -The \(dq\&filter\(dq\& parameter takes a space\-separated list of daemon filter rules, |
397 +The \(lqfilter\(rq parameter takes a space-separated list of daemon filter rules, |
366 +The "filter" parameter takes a space\-separated list of daemon filter rules, |
398 though it is smart enough to know not to split a token at an internal space in |
367 though it is smart enough to know not to split a token at an internal space in |
399 -a rule (e.g. \(dq\&\- /foo \- /bar\(dq\& is parsed as two rules). You may specify one or |
368 -a rule (e.g. \(dq\&\- /foo \- /bar\(dq\& is parsed as two rules). You may specify one or |
400 -more merge\-file rules using the normal syntax. Only one \(dq\&filter\(dq\& parameter can |
369 -more merge\-file rules using the normal syntax. Only one \(dq\&filter\(dq\& parameter can |
401 +a rule (e.g. \(lq- /foo \(em /bar\(rq is parsed as two rules). You may specify one or |
370 +a rule (e.g. "\- /foo \- /bar" is parsed as two rules). You may specify one or |
402 +more merge-file rules using the normal syntax. Only one \(lqfilter\(rq parameter can |
371 +more merge\-file rules using the normal syntax. Only one "filter" parameter can |
403 apply to a given module in the config file, so put all the rules you want in a |
372 apply to a given module in the config file, so put all the rules you want in a |
404 -single parameter. Note that per\-directory merge\-file rules do not provide as |
373 single parameter. Note that per\-directory merge\-file rules do not provide as |
405 +single parameter. Note that per-directory merge-file rules do not provide as |
|
406 much protection as global rules, but they can be used to make \fB\-\-delete\fP work |
374 much protection as global rules, but they can be used to make \fB\-\-delete\fP work |
407 -better during a client download operation if the per\-dir merge files are |
375 @@ -456,27 +456,27 @@ |
408 +better during a client download operation if the per-dir merge files are |
|
409 included in the transfer and the client requests that they be used. |
|
410 .IP |
|
411 .IP "\fBexclude\fP" |
376 .IP "\fBexclude\fP" |
412 -This parameter takes a space\-separated list of daemon |
377 This parameter takes a space\-separated list of daemon |
413 +This parameter takes a space-separated list of daemon |
|
414 exclude patterns. As with the client \fB\-\-exclude\fP option, patterns can be |
378 exclude patterns. As with the client \fB\-\-exclude\fP option, patterns can be |
415 -qualified with \(dq\&\- \(dq\& or \(dq\&+ \(dq\& to explicitly indicate exclude/include. Only one |
379 -qualified with \(dq\&\- \(dq\& or \(dq\&+ \(dq\& to explicitly indicate exclude/include. Only one |
416 -\(dq\&exclude\(dq\& parameter can apply to a given module. See the \(dq\&filter\(dq\& parameter |
380 -\(dq\&exclude\(dq\& parameter can apply to a given module. See the \(dq\&filter\(dq\& parameter |
417 +qualified with \(lq\- \(rq or \(lq+ \(rq to explicitly indicate exclude/include. Only one |
381 +qualified with "\- " or "+ " to explicitly indicate exclude/include. Only one |
418 +\(lqexclude\(rq parameter can apply to a given module. See the \(lqfilter\(rq parameter |
382 +"exclude" parameter can apply to a given module. See the "filter" parameter |
419 for a description of how excluded files affect the daemon. |
383 for a description of how excluded files affect the daemon. |
420 .IP |
384 .IP |
421 .IP "\fBinclude\fP" |
385 .IP "\fBinclude\fP" |
422 -Use an \(dq\&include\(dq\& to override the effects of the \(dq\&exclude\(dq\& |
386 -Use an \(dq\&include\(dq\& to override the effects of the \(dq\&exclude\(dq\& |
423 -parameter. Only one \(dq\&include\(dq\& parameter can apply to a given module. See the |
387 -parameter. Only one \(dq\&include\(dq\& parameter can apply to a given module. See the |
424 -\(dq\&filter\(dq\& parameter for a description of how excluded files affect the daemon. |
388 -\(dq\&filter\(dq\& parameter for a description of how excluded files affect the daemon. |
425 +Use an \(lqinclude\(rq to override the effects of the \(lqexclude\(rq |
389 +Use an "include" to override the effects of the "exclude" |
426 +parameter. Only one \(lqinclude\(rq parameter can apply to a given module. See the |
390 +parameter. Only one "include" parameter can apply to a given module. See the |
427 +\(lqfilter\(rq parameter for a description of how excluded files affect the daemon. |
391 +"filter" parameter for a description of how excluded files affect the daemon. |
428 .IP |
392 .IP |
429 .IP "\fBexclude from\fP" |
393 .IP "\fBexclude from\fP" |
430 This parameter specifies the name of a file |
394 This parameter specifies the name of a file |
431 on the daemon that contains daemon exclude patterns, one per line. Only one |
395 on the daemon that contains daemon exclude patterns, one per line. Only one |
432 -\(dq\&exclude from\(dq\& parameter can apply to a given module; if you have multiple |
396 -\(dq\&exclude from\(dq\& parameter can apply to a given module; if you have multiple |
433 -exclude\-from files, you can specify them as a merge file in the \(dq\&filter\(dq\& |
397 -exclude\-from files, you can specify them as a merge file in the \(dq\&filter\(dq\& |
434 -parameter. See the \(dq\&filter\(dq\& parameter for a description of how excluded files |
398 -parameter. See the \(dq\&filter\(dq\& parameter for a description of how excluded files |
435 +\(lqexclude from\(rq parameter can apply to a given module; if you have multiple |
399 +"exclude from" parameter can apply to a given module; if you have multiple |
436 +exclude-from files, you can specify them as a merge file in the \(lqfilter\(rq |
400 +exclude\-from files, you can specify them as a merge file in the "filter" |
437 +parameter. See the \(lqfilter\(rq parameter for a description of how excluded files |
401 +parameter. See the "filter" parameter for a description of how excluded files |
438 affect the daemon. |
402 affect the daemon. |
439 .IP |
403 .IP |
440 .IP "\fBinclude from\fP" |
404 .IP "\fBinclude from\fP" |
441 -Analogue of \(dq\&exclude from\(dq\& for a file of daemon include |
405 -Analogue of \(dq\&exclude from\(dq\& for a file of daemon include |
442 -patterns. Only one \(dq\&include from\(dq\& parameter can apply to a given module. See |
406 -patterns. Only one \(dq\&include from\(dq\& parameter can apply to a given module. See |
443 -the \(dq\&filter\(dq\& parameter for a description of how excluded files affect the |
407 -the \(dq\&filter\(dq\& parameter for a description of how excluded files affect the |
444 +Analogue of \(lqexclude from\(rq for a file of daemon include |
408 +Analogue of "exclude from" for a file of daemon include |
445 +patterns. Only one \(lqinclude from\(rq parameter can apply to a given module. See |
409 +patterns. Only one "include from" parameter can apply to a given module. See |
446 +the \(lqfilter\(rq parameter for a description of how excluded files affect the |
410 +the "filter" parameter for a description of how excluded files affect the |
447 daemon. |
411 daemon. |
448 .IP |
412 .IP |
449 .IP "\fBincoming chmod\fP" |
413 .IP "\fBincoming chmod\fP" |
450 This parameter allows you to specify a set of |
414 @@ -507,23 +507,23 @@ |
451 -comma\-separated chmod strings that will affect the permissions of all |
|
452 +comma-separated chmod strings that will affect the permissions of all |
|
453 incoming files (files that are being received by the daemon). These |
|
454 changes happen after all other permission calculations, and this will |
|
455 -even override destination\-default and/or existing permissions when the |
|
456 +even override destination-default and/or existing permissions when the |
|
457 client does not specify \fB\-\-perms\fP. |
|
458 See the description of the \fB\-\-chmod\fP rsync option and the \fBchmod\fP(1) |
|
459 manpage for information on the format of this string. |
|
460 .IP |
|
461 .IP "\fBoutgoing chmod\fP" |
|
462 This parameter allows you to specify a set of |
|
463 -comma\-separated chmod strings that will affect the permissions of all |
|
464 +comma-separated chmod strings that will affect the permissions of all |
|
465 outgoing files (files that are being sent out from the daemon). These |
|
466 changes happen first, making the sent permissions appear to be different |
|
467 than those stored in the filesystem itself. For instance, you could |
|
468 @@ -439,41 +439,41 @@ |
|
469 .IP |
|
470 .IP "\fBauth users\fP" |
|
471 This parameter specifies a comma and |
|
472 -space\-separated list of usernames that will be allowed to connect to |
|
473 +space-separated list of usernames that will be allowed to connect to |
|
474 this module. The usernames do not need to exist on the local |
415 this module. The usernames do not need to exist on the local |
475 system. The usernames may also contain shell wildcard characters. If |
416 system. The rules may contain shell wildcard characters that will be matched |
|
417 against the username provided by the client for authentication. If |
476 -\(dq\&auth users\(dq\& is set then the client will be challenged to supply a |
418 -\(dq\&auth users\(dq\& is set then the client will be challenged to supply a |
477 +\(lqauth users\(rq is set then the client will be challenged to supply a |
419 +"auth users" is set then the client will be challenged to supply a |
478 username and password to connect to the module. A challenge response |
420 username and password to connect to the module. A challenge response |
479 authentication protocol is used for this exchange. The plain text |
421 authentication protocol is used for this exchange. The plain text |
480 usernames and passwords are stored in the file specified by the |
422 usernames and passwords are stored in the file specified by the |
481 -\(dq\&secrets file\(dq\& parameter. The default is for all users to be able to |
423 -\(dq\&secrets file\(dq\& parameter. The default is for all users to be able to |
482 -connect without a password (this is called \(dq\&anonymous rsync\(dq\&). |
424 -connect without a password (this is called \(dq\&anonymous rsync\(dq\&). |
483 +\(lqsecrets file\(rq parameter. The default is for all users to be able to |
425 +"secrets file" parameter. The default is for all users to be able to |
484 +connect without a password (this is called \(lqanonymous rsync\(rq). |
426 +connect without a password (this is called "anonymous rsync"). |
|
427 .IP |
|
428 -In addition to username matching, you can specify groupname matching via a \(cq\&@\(cq\& |
|
429 +In addition to username matching, you can specify groupname matching via a '@' |
|
430 prefix. When using groupname matching, the authenticating username must be a |
|
431 real user on the system, or it will be assumed to be a member of no groups. |
|
432 -For example, specifying \(dq\&@rsync\(dq\& will match the authenticating user if the |
|
433 +For example, specifying "@rsync" will match the authenticating user if the |
|
434 named user is a member of the rsync group. |
|
435 .IP |
|
436 Finally, options may be specified after a colon (:). The options allow you to |
|
437 -\(dq\&deny\(dq\& a user or a group, set the access to \(dq\&ro\(dq\& (read\-only), or set the access |
|
438 -to \(dq\&rw\(dq\& (read/write). Setting an auth\-rule\-specific ro/rw setting overrides |
|
439 -the module\(cq\&s \(dq\&read only\(dq\& setting. |
|
440 +"deny" a user or a group, set the access to "ro" (read\-only), or set the access |
|
441 +to "rw" (read/write). Setting an auth\-rule\-specific ro/rw setting overrides |
|
442 +the module's "read only" setting. |
|
443 .IP |
|
444 Be sure to put the rules in the order you want them to be matched, because the |
|
445 checking stops at the first matching user or group, and that is the only auth |
|
446 @@ -535,12 +535,12 @@ |
|
447 |
|
448 .IP |
|
449 In the above rule, user joe will be denied access no matter what. Any user |
|
450 -that is in the group \(dq\&guest\(dq\& is also denied access. The user \(dq\&admin\(dq\& gets |
|
451 -access in read/write mode, but only if the admin user is not in group \(dq\&guest\(dq\& |
|
452 +that is in the group "guest" is also denied access. The user "admin" gets |
|
453 +access in read/write mode, but only if the admin user is not in group "guest" |
|
454 (because the admin user\-matching rule would never be reached if the user is in |
|
455 -group \(dq\&guest\(dq\&). Any other user who is in group \(dq\&rsync\(dq\& will get read\-only |
|
456 +group "guest"). Any other user who is in group "rsync" will get read\-only |
|
457 access. Finally, users susan, joe, and sam get the ro/rw setting of the |
|
458 -module, but only if the user didn\(cq\&t match an earlier group\-matching rule. |
|
459 +module, but only if the user didn't match an earlier group\-matching rule. |
|
460 .IP |
|
461 See the description of the secrets file for how you can have per\-user passwords |
|
462 as well as per\-group passwords. It also explains how a user can authenticate |
|
463 @@ -547,8 +547,8 @@ |
|
464 using their user password or (when applicable) a group password, depending on |
|
465 what rule is being authenticated. |
485 .IP |
466 .IP |
486 -See also the section entitled \(dq\&USING RSYNC\-DAEMON FEATURES VIA A REMOTE |
467 -See also the section entitled \(dq\&USING RSYNC\-DAEMON FEATURES VIA A REMOTE |
487 -SHELL CONNECTION\(dq\& in \fBrsync\fP(1) for information on how handle an |
468 -SHELL CONNECTION\(dq\& in \fBrsync\fP(1) for information on how handle an |
488 -rsyncd.conf\-level username that differs from the remote\-shell\-level |
469 +See also the section entitled "USING RSYNC\-DAEMON FEATURES VIA A REMOTE |
489 +See also the section entitled \(lqUSING RSYNC-DAEMON FEATURES VIA A REMOTE |
470 +SHELL CONNECTION" in \fBrsync\fP(1) for information on how handle an |
490 +SHELL CONNECTION\(rq in \fBrsync\fP(1) for information on how handle an |
471 rsyncd.conf\-level username that differs from the remote\-shell\-level |
491 +rsyncd.conf-level username that differs from the remote-shell-level |
|
492 username when using a remote shell to connect to an rsync daemon. |
472 username when using a remote shell to connect to an rsync daemon. |
493 .IP |
473 .IP |
|
474 @@ -555,34 +555,34 @@ |
494 .IP "\fBsecrets file\fP" |
475 .IP "\fBsecrets file\fP" |
495 This parameter specifies the name of |
476 This parameter specifies the name of a file that contains |
496 a file that contains the username:password pairs used for |
477 the username:password and/or @groupname:password pairs used for authenticating |
497 -authenticating this module. This file is only consulted if the \(dq\&auth |
478 -this module. This file is only consulted if the \(dq\&auth users\(dq\& parameter is |
498 -users\(dq\& parameter is specified. The file is line based and contains |
479 +this module. This file is only consulted if the "auth users" parameter is |
499 +authenticating this module. This file is only consulted if the \(lqauth |
480 specified. The file is line\-based and contains one name:password pair per |
500 +users\(rq parameter is specified. The file is line based and contains |
481 line. Any line has a hash (#) as the very first character on the line is |
501 username:password pairs separated by a single colon. Any line starting |
482 considered a comment and is skipped. The passwords can contain any characters |
502 with a hash (#) is considered a comment and is skipped. The passwords |
483 but be warned that many operating systems limit the length of passwords that |
503 can contain any characters but be warned that many operating systems |
484 can be typed at the client end, so you may find that passwords longer than 8 |
504 limit the length of passwords that can be typed at the client end, so |
485 -characters don\(cq\&t work. |
505 -you may find that passwords longer than 8 characters don\(cq\&t work. |
486 +characters don't work. |
506 +you may find that passwords longer than 8 characters don't work. |
487 .IP |
|
488 The use of group\-specific lines are only relevant when the module is being |
|
489 -authorized using a matching \(dq\&@groupname\(dq\& rule. When that happens, the user |
|
490 -can be authorized via either their \(dq\&username:password\(dq\& line or the |
|
491 -\(dq\&@groupname:password\(dq\& line for the group that triggered the authentication. |
|
492 +authorized using a matching "@groupname" rule. When that happens, the user |
|
493 +can be authorized via either their "username:password" line or the |
|
494 +"@groupname:password" line for the group that triggered the authentication. |
|
495 .IP |
|
496 It is up to you what kind of password entries you want to include, either |
|
497 -users, groups, or both. The use of group rules in \(dq\&auth users\(dq\& does not |
|
498 +users, groups, or both. The use of group rules in "auth users" does not |
|
499 require that you specify a group password if you do not want to use shared |
|
500 passwords. |
507 .IP |
501 .IP |
508 -There is no default for the \(dq\&secrets file\(dq\& parameter, you must choose a name |
502 -There is no default for the \(dq\&secrets file\(dq\& parameter, you must choose a name |
509 +There is no default for the \(lqsecrets file\(rq parameter, you must choose a name |
503 +There is no default for the "secrets file" parameter, you must choose a name |
510 (such as \f(CW/etc/rsyncd.secrets\fP). The file must normally not be readable |
504 (such as \f(CW/etc/rsyncd.secrets\fP). The file must normally not be readable |
511 -by \(dq\&other\(dq\&; see \(dq\&strict modes\(dq\&. |
505 -by \(dq\&other\(dq\&; see \(dq\&strict modes\(dq\&. If the file is not found or is rejected, no |
512 +by \(lqother\(rq; see \(lqstrict modes\(rq. |
506 -logins for a \(dq\&user auth\(dq\& module will be possible. |
|
507 +by "other"; see "strict modes". If the file is not found or is rejected, no |
|
508 +logins for a "user auth" module will be possible. |
513 .IP |
509 .IP |
514 .IP "\fBstrict modes\fP" |
510 .IP "\fBstrict modes\fP" |
515 This parameter determines whether or not |
511 This parameter determines whether or not |
516 -the permissions on the secrets file will be checked. If \(dq\&strict modes\(dq\& is |
512 -the permissions on the secrets file will be checked. If \(dq\&strict modes\(dq\& is |
517 +the permissions on the secrets file will be checked. If \(lqstrict modes\(rq is |
513 +the permissions on the secrets file will be checked. If "strict modes" is |
518 true, then the secrets file must not be readable by any user ID other |
514 true, then the secrets file must not be readable by any user ID other |
519 -than the one that the rsync daemon is running under. If \(dq\&strict modes\(dq\& is |
515 -than the one that the rsync daemon is running under. If \(dq\&strict modes\(dq\& is |
520 +than the one that the rsync daemon is running under. If \(lqstrict modes\(rq is |
516 +than the one that the rsync daemon is running under. If "strict modes" is |
521 false, the check is not performed. The default is true. This parameter |
517 false, the check is not performed. The default is true. This parameter |
522 was added to accommodate rsync running on the Windows operating system. |
518 was added to accommodate rsync running on the Windows operating system. |
523 .IP |
519 .IP |
524 @@ -488,7 +488,7 @@ |
520 @@ -597,7 +597,7 @@ |
525 .RS |
521 .RS |
526 .IP o |
522 .IP o |
527 a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address |
523 a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address |
528 -of the form a:b:c::d:e:f. In this case the incoming machine\(cq\&s IP address |
524 -of the form a:b:c::d:e:f. In this case the incoming machine\(cq\&s IP address |
529 +of the form a:b:c::d:e:f. In this case the incoming machine's IP address |
525 +of the form a:b:c::d:e:f. In this case the incoming machine's IP address |
530 must match exactly. |
526 must match exactly. |
531 .IP o |
527 .IP o |
532 an address/mask in the form ipaddr/n where ipaddr is the IP address |
528 an address/mask in the form ipaddr/n where ipaddr is the IP address |
533 @@ -510,7 +510,7 @@ |
529 @@ -612,11 +612,11 @@ |
|
530 a hostname pattern using wildcards. If the hostname of the connecting IP |
|
531 (as determined by a reverse lookup) matches the wildcarded name (using the |
|
532 same rules as normal unix filename matching), the client is allowed in. This |
|
533 -only works if \(dq\&reverse lookup\(dq\& is enabled (the default). |
|
534 +only works if "reverse lookup" is enabled (the default). |
|
535 .IP o |
|
536 a hostname. A plain hostname is matched against the reverse DNS of the |
|
537 -connecting IP (if \(dq\&reverse lookup\(dq\& is enabled), and/or the IP of the given |
|
538 -hostname is matched against the connecting IP (if \(dq\&forward lookup\(dq\& is |
|
539 +connecting IP (if "reverse lookup" is enabled), and/or the IP of the given |
|
540 +hostname is matched against the connecting IP (if "forward lookup" is |
|
541 enabled, as it is by default). Any match will be allowed in. |
534 .RE |
542 .RE |
535 |
543 |
536 .IP |
544 @@ -633,31 +633,31 @@ |
537 -Note IPv6 link\-local addresses can have a scope in the address specification: |
|
538 +Note IPv6 link-local addresses can have a scope in the address specification: |
|
539 .IP |
|
540 .RS |
|
541 \f(CW fe80::1%link1\fP |
|
542 @@ -522,23 +522,23 @@ |
|
543 .RE |
545 .RE |
544 |
546 |
545 .IP |
547 .IP |
546 -You can also combine \(dq\&hosts allow\(dq\& with a separate \(dq\&hosts deny\(dq\& |
548 -You can also combine \(dq\&hosts allow\(dq\& with a separate \(dq\&hosts deny\(dq\& |
547 -parameter. If both parameters are specified then the \(dq\&hosts allow\(dq\& parameter is |
549 -parameter. If both parameters are specified then the \(dq\&hosts allow\(dq\& parameter is |
548 +You can also combine \(lqhosts allow\(rq with a separate \(lqhosts deny\(rq |
550 +You can also combine "hosts allow" with a separate "hosts deny" |
549 +parameter. If both parameters are specified then the \(lqhosts allow\(rq parameter is |
551 +parameter. If both parameters are specified then the "hosts allow" parameter is |
550 checked first and a match results in the client being able to |
552 checked first and a match results in the client being able to |
551 -connect. The \(dq\&hosts deny\(dq\& parameter is then checked and a match means |
553 -connect. The \(dq\&hosts deny\(dq\& parameter is then checked and a match means |
552 +connect. The \(lqhosts deny\(rq parameter is then checked and a match means |
554 +connect. The "hosts deny" parameter is then checked and a match means |
553 that the host is rejected. If the host does not match either the |
555 that the host is rejected. If the host does not match either the |
554 -\(dq\&hosts allow\(dq\& or the \(dq\&hosts deny\(dq\& patterns then it is allowed to |
556 -\(dq\&hosts allow\(dq\& or the \(dq\&hosts deny\(dq\& patterns then it is allowed to |
555 +\(lqhosts allow\(rq or the \(lqhosts deny\(rq patterns then it is allowed to |
557 +"hosts allow" or the "hosts deny" patterns then it is allowed to |
556 connect. |
558 connect. |
557 .IP |
559 .IP |
558 -The default is no \(dq\&hosts allow\(dq\& parameter, which means all hosts can connect. |
560 -The default is no \(dq\&hosts allow\(dq\& parameter, which means all hosts can connect. |
559 +The default is no \(lqhosts allow\(rq parameter, which means all hosts can connect. |
561 +The default is no "hosts allow" parameter, which means all hosts can connect. |
560 .IP |
562 .IP |
561 .IP "\fBhosts deny\fP" |
563 .IP "\fBhosts deny\fP" |
562 This parameter allows you to specify a |
564 This parameter allows you to specify a |
563 list of patterns that are matched against a connecting clients |
565 list of patterns that are matched against a connecting clients |
564 hostname and IP address. If the pattern matches then the connection is |
566 hostname and IP address. If the pattern matches then the connection is |
565 -rejected. See the \(dq\&hosts allow\(dq\& parameter for more information. |
567 -rejected. See the \(dq\&hosts allow\(dq\& parameter for more information. |
566 +rejected. See the \(lqhosts allow\(rq parameter for more information. |
568 +rejected. See the "hosts allow" parameter for more information. |
567 .IP |
569 .IP |
568 -The default is no \(dq\&hosts deny\(dq\& parameter, which means all hosts can connect. |
570 -The default is no \(dq\&hosts deny\(dq\& parameter, which means all hosts can connect. |
569 +The default is no \(lqhosts deny\(rq parameter, which means all hosts can connect. |
571 +The default is no "hosts deny" parameter, which means all hosts can connect. |
570 .IP |
572 .IP |
571 .IP "\fBignore errors\fP" |
573 .IP "\fBreverse lookup\fP" |
572 This parameter tells rsyncd to |
574 Controls whether the daemon performs a reverse lookup |
573 @@ -552,32 +552,32 @@ |
575 -on the client\(cq\&s IP address to determine its hostname, which is used for |
574 .IP "\fBignore nonreadable\fP" |
576 -\(dq\&hosts allow\(dq\&/\(dq\&hosts deny\(dq\& checks and the \(dq\&%h\(dq\& log escape. This is enabled by |
|
577 +on the client's IP address to determine its hostname, which is used for |
|
578 +"hosts allow"/"hosts deny" checks and the "%h" log escape. This is enabled by |
|
579 default, but you may wish to disable it to save time if you know the lookup will |
|
580 not return a useful result, in which case the daemon will use the name |
|
581 -\(dq\&UNDETERMINED\(dq\& instead. |
|
582 +"UNDETERMINED" instead. |
|
583 .IP |
|
584 If this parameter is enabled globally (even by default), rsync performs the |
|
585 lookup as soon as a client connects, so disabling it for a module will not |
|
586 @@ -683,7 +683,7 @@ |
575 This tells the rsync daemon to completely |
587 This tells the rsync daemon to completely |
576 ignore files that are not readable by the user. This is useful for |
588 ignore files that are not readable by the user. This is useful for |
577 -public archives that may have some non\-readable files among the |
589 public archives that may have some non\-readable files among the |
578 -directories, and the sysadmin doesn\(cq\&t want those files to be seen at all. |
590 -directories, and the sysadmin doesn\(cq\&t want those files to be seen at all. |
579 +public archives that may have some non-readable files among the |
|
580 +directories, and the sysadmin doesn't want those files to be seen at all. |
591 +directories, and the sysadmin doesn't want those files to be seen at all. |
581 .IP |
592 .IP |
582 .IP "\fBtransfer logging\fP" |
593 .IP "\fBtransfer logging\fP" |
583 -This parameter enables per\-file |
594 This parameter enables per\-file |
584 +This parameter enables per-file |
595 @@ -691,7 +691,7 @@ |
585 logging of downloads and uploads in a format somewhat similar to that |
|
586 used by ftp daemons. The daemon always logs the transfer at the end, so |
596 used by ftp daemons. The daemon always logs the transfer at the end, so |
587 if a transfer is aborted, no mention will be made in the log file. |
597 if a transfer is aborted, no mention will be made in the log file. |
588 .IP |
598 .IP |
589 -If you want to customize the log lines, see the \(dq\&log format\(dq\& parameter. |
599 -If you want to customize the log lines, see the \(dq\&log format\(dq\& parameter. |
590 +If you want to customize the log lines, see the \(lqlog format\(rq parameter. |
600 +If you want to customize the log lines, see the "log format" parameter. |
591 .IP |
601 .IP |
592 .IP "\fBlog format\fP" |
602 .IP "\fBlog format\fP" |
593 This parameter allows you to specify the |
603 This parameter allows you to specify the |
594 format used for logging file transfers when transfer logging is enabled. |
604 @@ -699,17 +699,17 @@ |
595 -The format is a text string containing embedded single\-character escape |
605 The format is a text string containing embedded single\-character escape |
596 +The format is a text string containing embedded single-character escape |
|
597 sequences prefixed with a percent (%) character. An optional numeric |
606 sequences prefixed with a percent (%) character. An optional numeric |
598 field width may also be specified between the percent and the escape |
607 field width may also be specified between the percent and the escape |
599 -letter (e.g. \(dq\&\fB%\-50n %8l %07p\fP\(dq\&). |
608 -letter (e.g. \(dq\&\fB%\-50n %8l %07p\fP\(dq\&). |
600 +letter (e.g. \(lq\fB%\-50n %8l %07p\fP\(rq). |
609 +letter (e.g. "\fB%\-50n %8l %07p\fP"). |
|
610 In addition, one or more apostrophes may be specified prior to a numerical |
|
611 escape to indicate that the numerical value should be made more human\-readable. |
|
612 The 3 supported levels are the same as for the \fB\-\-human\-readable\fP |
|
613 command\-line option, though the default is for human\-readability to be off. |
|
614 -Each added apostrophe increases the level (e.g. \(dq\&\fB%'\&'\&l %'\&b %f\fP\(dq\&). |
|
615 +Each added apostrophe increases the level (e.g. "\fB%''l %'b %f\fP"). |
601 .IP |
616 .IP |
602 -The default log format is \(dq\&%o %h [%a] %m (%u) %f %l\(dq\&, and a \(dq\&%t [%p] \(dq\& |
617 -The default log format is \(dq\&%o %h [%a] %m (%u) %f %l\(dq\&, and a \(dq\&%t [%p] \(dq\& |
603 -is always prefixed when using the \(dq\&log file\(dq\& parameter. |
618 -is always prefixed when using the \(dq\&log file\(dq\& parameter. |
604 +The default log format is \(lq%o %h [%a] %m (%u) %f %l\(rq, and a \(lq%t [%p] \(rq |
619 +The default log format is "%o %h [%a] %m (%u) %f %l", and a "%t [%p] " |
605 +is always prefixed when using the \(lqlog file\(rq parameter. |
620 +is always prefixed when using the "log file" parameter. |
606 (A perl script that will summarize this default log format is included |
621 (A perl script that will summarize this default log format is included |
607 -in the rsync source code distribution in the \(dq\&support\(dq\& subdirectory: |
622 -in the rsync source code distribution in the \(dq\&support\(dq\& subdirectory: |
608 +in the rsync source code distribution in the \(lqsupport\(rq subdirectory: |
623 +in the rsync source code distribution in the "support" subdirectory: |
609 rsyncstats.) |
624 rsyncstats.) |
610 .IP |
625 .IP |
611 -The single\-character escapes that are understood are as follows: |
626 The single\-character escapes that are understood are as follows: |
612 +The single-character escapes that are understood are as follows: |
627 @@ -726,9 +726,9 @@ |
613 .IP |
628 .IP o |
614 .RS |
629 %C the full\-file MD5 checksum if \fB\-\-checksum\fP is enabled or a file was transferred (only for protocol 30 or above). |
615 .IP o |
|
616 @@ -589,9 +589,9 @@ |
|
617 .IP o |
|
618 %c the total size of the block checksums received for the basis file (only when sending) |
|
619 .IP o |
630 .IP o |
620 -%f the filename (long form on sender; no trailing \(dq\&/\(dq\&) |
631 -%f the filename (long form on sender; no trailing \(dq\&/\(dq\&) |
621 +%f the filename (long form on sender; no trailing \(lq/\(rq) |
632 +%f the filename (long form on sender; no trailing "/") |
622 .IP o |
633 .IP o |
623 -%G the gid of the file (decimal) or \(dq\&DEFAULT\(dq\& |
634 -%G the gid of the file (decimal) or \(dq\&DEFAULT\(dq\& |
624 +%G the gid of the file (decimal) or \(lqDEFAULT\(rq |
635 +%G the gid of the file (decimal) or "DEFAULT" |
625 .IP o |
636 .IP o |
626 %h the remote host name |
637 %h the remote host name (only available for a daemon) |
627 .IP o |
638 .IP o |
628 @@ -599,15 +599,15 @@ |
639 @@ -736,15 +736,15 @@ |
629 .IP o |
640 .IP o |
630 %l the length of the file in bytes |
641 %l the length of the file in bytes |
631 .IP o |
642 .IP o |
632 -%L the string \(dq\& \-> SYMLINK\(dq\&, \(dq\& => HARDLINK\(dq\&, or \(dq\&\(dq\& (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
643 -%L the string \(dq\& \-> SYMLINK\(dq\&, \(dq\& => HARDLINK\(dq\&, or \(dq\&\(dq\& (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
633 +%L the string \(lq \-> SYMLINK\(rq, \(lq => HARDLINK\(rq, or \(lq\(rq (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
644 +%L the string " \-> SYMLINK", " => HARDLINK", or "" (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename) |
634 .IP o |
645 .IP o |
635 %m the module name |
646 %m the module name |
636 .IP o |
647 .IP o |
637 -%M the last\-modified time of the file |
648 %M the last\-modified time of the file |
638 +%M the last-modified time of the file |
|
639 .IP o |
649 .IP o |
640 -%n the filename (short form; trailing \(dq\&/\(dq\& on dir) |
650 -%n the filename (short form; trailing \(dq\&/\(dq\& on dir) |
641 +%n the filename (short form; trailing \(lq/\(rq on dir) |
651 +%n the filename (short form; trailing "/" on dir) |
642 .IP o |
652 .IP o |
643 -%o the operation, which is \(dq\&send\(dq\&, \(dq\&recv\(dq\&, or \(dq\&del.\(dq\& (the latter includes the trailing period) |
653 -%o the operation, which is \(dq\&send\(dq\&, \(dq\&recv\(dq\&, or \(dq\&del.\(dq\& (the latter includes the trailing period) |
644 +%o the operation, which is \(lqsend\(rq, \(lqrecv\(rq, or \(lqdel.\(rq (the latter includes the trailing period) |
654 +%o the operation, which is "send", "recv", or "del." (the latter includes the trailing period) |
645 .IP o |
655 .IP o |
646 %p the process ID of this rsync session |
656 %p the process ID of this rsync session |
647 .IP o |
657 .IP o |
648 @@ -621,7 +621,7 @@ |
658 @@ -758,7 +758,7 @@ |
649 .RE |
659 .RE |
650 |
660 |
651 .IP |
661 .IP |
652 -For a list of what the characters mean that are output by \(dq\&%i\(dq\&, see the |
662 -For a list of what the characters mean that are output by \(dq\&%i\(dq\&, see the |
653 +For a list of what the characters mean that are output by \(lq%i\(rq, see the |
663 +For a list of what the characters mean that are output by "%i", see the |
654 \fB\-\-itemize\-changes\fP option in the rsync manpage. |
664 \fB\-\-itemize\-changes\fP option in the rsync manpage. |
655 .IP |
665 .IP |
656 Note that some of the logged output changes when talking with older |
666 Note that some of the logged output changes when talking with older |
657 @@ -631,17 +631,17 @@ |
667 @@ -768,7 +768,7 @@ |
658 .IP "\fBtimeout\fP" |
668 .IP "\fBtimeout\fP" |
659 This parameter allows you to override the |
669 This parameter allows you to override the |
660 clients choice for I/O timeout for this module. Using this parameter you |
670 clients choice for I/O timeout for this module. Using this parameter you |
661 -can ensure that rsync won\(cq\&t wait on a dead client forever. The timeout |
671 -can ensure that rsync won\(cq\&t wait on a dead client forever. The timeout |
662 +can ensure that rsync won't wait on a dead client forever. The timeout |
672 +can ensure that rsync won't wait on a dead client forever. The timeout |
663 is specified in seconds. A value of zero means no timeout and is the |
673 is specified in seconds. A value of zero means no timeout and is the |
664 default. A good choice for anonymous rsync daemons may be 600 (giving |
674 default. A good choice for anonymous rsync daemons may be 600 (giving |
665 a 10 minute timeout). |
675 a 10 minute timeout). |
666 .IP |
676 @@ -789,15 +789,15 @@ |
667 .IP "\fBrefuse options\fP" |
|
668 This parameter allows you to |
|
669 -specify a space\-separated list of rsync command line options that will |
|
670 +specify a space-separated list of rsync command line options that will |
|
671 be refused by your rsync daemon. |
|
672 -You may specify the full option name, its one\-letter abbreviation, or a |
|
673 -wild\-card string that matches multiple options. |
|
674 +You may specify the full option name, its one-letter abbreviation, or a |
|
675 +wild-card string that matches multiple options. |
|
676 For example, this would refuse \fB\-\-checksum\fP (\fB\-c\fP) and all the various |
|
677 delete options: |
|
678 .IP |
|
679 @@ -652,15 +652,15 @@ |
|
680 .IP |
677 .IP |
681 The reason the above refuses all delete options is that the options imply |
678 The reason the above refuses all delete options is that the options imply |
682 \fB\-\-delete\fP, and implied options are refused just like explicit options. |
679 \fB\-\-delete\fP, and implied options are refused just like explicit options. |
683 -As an additional safety feature, the refusal of \(dq\&delete\(dq\& also refuses |
680 -As an additional safety feature, the refusal of \(dq\&delete\(dq\& also refuses |
684 -\fBremove\-source\-files\fP when the daemon is the sender; if you want the latter |
681 +As an additional safety feature, the refusal of "delete" also refuses |
|
682 \fBremove\-source\-files\fP when the daemon is the sender; if you want the latter |
685 -without the former, instead refuse \(dq\&delete\-*\(dq\& \-\- that refuses all the |
683 -without the former, instead refuse \(dq\&delete\-*\(dq\& \-\- that refuses all the |
686 -delete modes without affecting \fB\-\-remove\-source\-files\fP. |
684 +without the former, instead refuse "delete\-*" \-\- that refuses all the |
687 +As an additional safety feature, the refusal of \(lqdelete\(rq also refuses |
685 delete modes without affecting \fB\-\-remove\-source\-files\fP. |
688 +\fBremove-source-files\fP when the daemon is the sender; if you want the latter |
|
689 +without the former, instead refuse \(lqdelete\-*\(rq \-\- that refuses all the |
|
690 +delete modes without affecting \fB\-\-remove-source-files\fP. |
|
691 .IP |
686 .IP |
692 When an option is refused, the daemon prints an error message and exits. |
687 When an option is refused, the daemon prints an error message and exits. |
693 To prevent all compression when serving files, |
688 To prevent all compression when serving files, |
694 -you can use \(dq\&dont compress = *\(dq\& (see below) |
689 -you can use \(dq\&dont compress = *\(dq\& (see below) |
695 -instead of \(dq\&refuse options = compress\(dq\& to avoid returning an error to a |
690 -instead of \(dq\&refuse options = compress\(dq\& to avoid returning an error to a |
696 +you can use \(lqdont compress = *\(rq (see below) |
691 +you can use "dont compress = *" (see below) |
697 +instead of \(lqrefuse options = compress\(rq to avoid returning an error to a |
692 +instead of "refuse options = compress" to avoid returning an error to a |
698 client that requests compression. |
693 client that requests compression. |
699 .IP |
694 .IP |
700 .IP "\fBdont compress\fP" |
695 .IP "\fBdont compress\fP" |
701 @@ -669,25 +669,25 @@ |
696 @@ -806,16 +806,16 @@ |
702 when pulling files from the daemon (no analogous parameter exists to |
697 when pulling files from the daemon (no analogous parameter exists to |
703 govern the pushing of files to a daemon). |
698 govern the pushing of files to a daemon). |
704 Compression is expensive in terms of CPU usage, so it |
699 Compression is expensive in terms of CPU usage, so it |
705 -is usually good to not try to compress files that won\(cq\&t compress well, |
700 -is usually good to not try to compress files that won\(cq\&t compress well, |
706 +is usually good to not try to compress files that won't compress well, |
701 +is usually good to not try to compress files that won't compress well, |
707 such as already compressed files. |
702 such as already compressed files. |
708 .IP |
703 .IP |
709 -The \(dq\&dont compress\(dq\& parameter takes a space\-separated list of |
704 -The \(dq\&dont compress\(dq\& parameter takes a space\-separated list of |
710 -case\-insensitive wildcard patterns. Any source filename matching one |
705 +The "dont compress" parameter takes a space\-separated list of |
711 +The \(lqdont compress\(rq parameter takes a space-separated list of |
706 case\-insensitive wildcard patterns. Any source filename matching one |
712 +case-insensitive wildcard patterns. Any source filename matching one |
|
713 of the patterns will not be compressed during transfer. |
707 of the patterns will not be compressed during transfer. |
714 .IP |
708 .IP |
715 See the \fB\-\-skip\-compress\fP parameter in the \fBrsync\fP(1) manpage for the list |
709 See the \fB\-\-skip\-compress\fP parameter in the \fBrsync\fP(1) manpage for the list |
716 of file suffixes that are not compressed by default. Specifying a value |
710 of file suffixes that are not compressed by default. Specifying a value |
717 -for the \(dq\&dont compress\(dq\& parameter changes the default when the daemon is |
711 -for the \(dq\&dont compress\(dq\& parameter changes the default when the daemon is |
718 +for the \(lqdont compress\(rq parameter changes the default when the daemon is |
712 +for the "dont compress" parameter changes the default when the daemon is |
719 the sender. |
713 the sender. |
720 .IP |
714 .IP |
721 -.IP "\fBpre\-xfer exec\fP, \fBpost\-xfer exec\fP" |
715 .IP "\fBpre\-xfer exec\fP, \fBpost\-xfer exec\fP" |
722 +.IP "\fBpre-xfer exec\fP, \fBpost-xfer exec\fP" |
716 @@ -824,7 +824,7 @@ |
723 You may specify a command to be run |
717 transfer is aborted before it begins. Any output from the script on stdout (up |
724 -before and/or after the transfer. If the \fBpre\-xfer exec\fP command fails, the |
718 to several KB) will be displayed to the user when aborting, but is NOT |
725 +before and/or after the transfer. If the \fBpre-xfer exec\fP command fails, the |
719 displayed if the script returns success. Any output from the script on stderr |
726 transfer is aborted before it begins. |
720 -goes to the daemon\(cq\&s stderr, which is typically discarded (though see |
727 .IP |
721 +goes to the daemon's stderr, which is typically discarded (though see |
728 The following environment variables will be set, though some are |
722 \-\-no\-detatch option for a way to see the stderr output, which can assist with |
729 -specific to the pre\-xfer or the post\-xfer environment: |
723 debugging). |
730 +specific to the pre-xfer or the post-xfer environment: |
724 .IP |
731 .IP |
725 @@ -837,26 +837,26 @@ |
732 .RS |
|
733 .IP o |
|
734 @@ -695,29 +695,29 @@ |
|
735 .IP o |
726 .IP o |
736 \fBRSYNC_MODULE_PATH\fP: The path configured for the module. |
727 \fBRSYNC_MODULE_PATH\fP: The path configured for the module. |
737 .IP o |
728 .IP o |
738 -\fBRSYNC_HOST_ADDR\fP: The accessing host\(cq\&s IP address. |
729 -\fBRSYNC_HOST_ADDR\fP: The accessing host\(cq\&s IP address. |
739 +\fBRSYNC_HOST_ADDR\fP: The accessing host's IP address. |
730 +\fBRSYNC_HOST_ADDR\fP: The accessing host's IP address. |