--- a/components/rsync/patches/rsyncd.conf.5.patch Thu Jun 09 17:28:09 2011 -0700
+++ b/components/rsync/patches/rsyncd.conf.5.patch Fri Jun 10 14:01:58 2011 -0700
@@ -1,10 +1,1282 @@
---- rsync-3.0.6.ori/rsyncd.conf.5 Wed May 4 09:58:49 2011
-+++ rsync-3.0.6/rsyncd.conf.5 Thu May 5 10:21:16 2011
-@@ -856,3 +856,7 @@
- .PP
- Mailing lists for support and development are available at
- http://lists.samba.org
-+.SH "NOTES"
-+WARNING: Daemon mode does not participate in the core
-+Solaris security policies, including Authentication, limit
-+of privileges, Audit and Audit of any subprocessing.
+*** rsync-3.0.6/rsyncd.conf.5 Fri May 8 10:41:20 2009
+--- rsync-3.0.8/rsyncd.conf.5 Sat Mar 26 14:37:52 2011
+***************
+*** 1,4 ****
+! .TH "rsyncd.conf" "5" "8 May 2009" "" ""
+ .SH "NAME"
+ rsyncd.conf \(em configuration file for rsync in daemon mode
+ .SH "SYNOPSIS"
+--- 1,4 ----
+! .TH "rsyncd.conf" "5" "26 Mar 2011" "" ""
+ .SH "NAME"
+ rsyncd.conf \(em configuration file for rsync in daemon mode
+ .SH "SYNOPSIS"
+***************
+*** 20,28 ****
+ .PP
+ The file consists of modules and parameters. A module begins with the
+ name of the module in square brackets and continues until the next
+! module begins. Modules contain parameters of the form \(lqname = value\(rq.
+ .PP
+! The file is line-based \(em that is, each newline-terminated line represents
+ either a comment, a module name or a parameter.
+ .PP
+ Only the first equals sign in a parameter is significant. Whitespace before
+--- 20,28 ----
+ .PP
+ The file consists of modules and parameters. A module begins with the
+ name of the module in square brackets and continues until the next
+! module begins. Modules contain parameters of the form \(dq\&name = value\(dq\&.
+ .PP
+! The file is line\-based \-\- that is, each newline\-terminated line represents
+ either a comment, a module name or a parameter.
+ .PP
+ Only the first equals sign in a parameter is significant. Whitespace before
+***************
+*** 34,40 ****
+ Any line beginning with a hash (#) is ignored, as are lines containing
+ only whitespace.
+ .PP
+! Any line ending in a \e is \(lqcontinued\(rq on the next line in the
+ customary UNIX fashion.
+ .PP
+ The values following the equals sign in parameters are all either a string
+--- 34,40 ----
+ Any line beginning with a hash (#) is ignored, as are lines containing
+ only whitespace.
+ .PP
+! Any line ending in a \e is \(dq\&continued\(dq\& on the next line in the
+ customary UNIX fashion.
+ .PP
+ The values following the equals sign in parameters are all either a string
+***************
+*** 53,61 ****
+ file ownership. Otherwise, it must just have permission to read and
+ write the appropriate data, log, and lock files.
+ .PP
+! You can launch it either via inetd, as a stand-alone daemon, or from
+! an rsync client via a remote shell. If run as a stand-alone daemon then
+! just run the command \(lq\fBrsync \-\-daemon\fP\(rq from a suitable startup script.
+ .PP
+ When run via inetd you should add a line like this to /etc/services:
+ .PP
+--- 53,61 ----
+ file ownership. Otherwise, it must just have permission to read and
+ write the appropriate data, log, and lock files.
+ .PP
+! You can launch it either via inetd, as a stand\-alone daemon, or from
+! an rsync client via a remote shell. If run as a stand\-alone daemon then
+! just run the command \(dq\&\fBrsync \-\-daemon\fP\(dq\& from a suitable startup script.
+ .PP
+ When run via inetd you should add a line like this to /etc/services:
+ .PP
+***************
+*** 71,82 ****
+ .fi
+
+ .PP
+! Replace \(lq/usr/bin/rsync\(rq with the path to where you have rsync installed on
+ your system. You will then need to send inetd a HUP signal to tell it to
+ reread its config file.
+ .PP
+ Note that you should \fBnot\fP send the rsync daemon a HUP signal to force
+! it to reread the \f(CWrsyncd.conf\fP file. The file is re-read on each client
+ connection.
+ .PP
+ .SH "GLOBAL PARAMETERS"
+--- 71,82 ----
+ .fi
+
+ .PP
+! Replace \(dq\&/usr/bin/rsync\(dq\& with the path to where you have rsync installed on
+ your system. You will then need to send inetd a HUP signal to tell it to
+ reread its config file.
+ .PP
+ Note that you should \fBnot\fP send the rsync daemon a HUP signal to force
+! it to reread the \f(CWrsyncd.conf\fP file. The file is re\-read on each client
+ connection.
+ .PP
+ .SH "GLOBAL PARAMETERS"
+***************
+*** 91,97 ****
+ .PP
+ .IP "\fBmotd file\fP"
+ This parameter allows you to specify a
+! \(lqmessage of the day\(rq to display to clients on each connect. This
+ usually contains site information and any legal notices. The default
+ is no motd file.
+ .IP
+--- 91,97 ----
+ .PP
+ .IP "\fBmotd file\fP"
+ This parameter allows you to specify a
+! \(dq\&message of the day\(dq\& to display to clients on each connect. This
+ usually contains site information and any legal notices. The default
+ is no motd file.
+ .IP
+***************
+*** 103,114 ****
+ .IP "\fBport\fP"
+ You can override the default port the daemon will listen on
+ by specifying this value (defaults to 873). This is ignored if the daemon
+! is being run by inetd, and is superseded by the \fB\-\-port\fP command-line option.
+ .IP
+ .IP "\fBaddress\fP"
+ You can override the default IP address the daemon
+ will listen on by specifying this value. This is ignored if the daemon is
+! being run by inetd, and is superseded by the \fB\-\-address\fP command-line option.
+ .IP
+ .IP "\fBsocket options\fP"
+ This parameter can provide endless fun for people
+--- 103,114 ----
+ .IP "\fBport\fP"
+ You can override the default port the daemon will listen on
+ by specifying this value (defaults to 873). This is ignored if the daemon
+! is being run by inetd, and is superseded by the \fB\-\-port\fP command\-line option.
+ .IP
+ .IP "\fBaddress\fP"
+ You can override the default IP address the daemon
+ will listen on by specifying this value. This is ignored if the daemon is
+! being run by inetd, and is superseded by the \fB\-\-address\fP command\-line option.
+ .IP
+ .IP "\fBsocket options\fP"
+ This parameter can provide endless fun for people
+***************
+*** 119,125 ****
+ system call for
+ details on some of the options you may be able to set. By default no
+ special socket options are set. These settings can also be specified
+! via the \fB\-\-sockopts\fP command-line option.
+ .IP
+ .SH "MODULE PARAMETERS"
+
+--- 119,125 ----
+ system call for
+ details on some of the options you may be able to set. By default no
+ special socket options are set. These settings can also be specified
+! via the \fB\-\-sockopts\fP command\-line option.
+ .IP
+ .SH "MODULE PARAMETERS"
+
+***************
+*** 139,182 ****
+ of available modules. The default is no comment.
+ .IP
+ .IP "\fBpath\fP"
+! This parameter specifies the directory in the daemon's
+ filesystem to make available in this module. You must specify this parameter
+ for each module in \f(CWrsyncd.conf\fP.
+ .IP
+ .IP "\fBuse chroot\fP"
+! If \(lquse chroot\(rq is true, the rsync daemon will chroot
+! to the \(lqpath\(rq before starting the file transfer with the client. This has
+ the advantage of extra protection against possible implementation security
+! holes, but it has the disadvantages of requiring super-user privileges,
+ of not being able to follow symbolic links that are either absolute or outside
+ of the new root path, and of complicating the preservation of users and groups
+ by name (see below).
+ .IP
+! As an additional safety feature, you can specify a dot-dir in the module's
+! \(lqpath\(rq to indicate the point where the chroot should occur. This allows rsync
+! to run in a chroot with a non\-"/\(rq path for the top of the transfer hierarchy.
+ Doing this guards against unintended library loading (since those absolute
+ paths will not be inside the transfer hierarchy unless you have used an unwise
+ pathname), and lets you setup libraries for the chroot that are outside of the
+! transfer. For example, specifying \(lq/var/rsync/./module1\(rq will chroot to the
+! \(lq/var/rsync\(rq directory and set the inside-chroot path to \(lq/module1\(rq. If you
+! had omitted the dot-dir, the chroot would have used the whole path, and the
+! inside-chroot path would have been \(lq/\(rq.
+ .IP
+! When \(lquse chroot\(rq is false or the inside-chroot path is not \(lq/\(rq, rsync will:
+ (1) munge symlinks by
+! default for security reasons (see \(lqmunge symlinks\(rq for a way to turn this
+ off, but only if you trust your users), (2) substitute leading slashes in
+! absolute paths with the module's path (so that options such as
+ \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as
+! rooted in the module's \(lqpath\(rq dir), and (3) trim \(lq..\(rq path elements from
+ args if rsync believes they would escape the module hierarchy.
+! The default for \(lquse chroot\(rq is true, and is the safer choice (especially
+! if the module is not read-only).
+ .IP
+ When this parameter is enabled, rsync will not attempt to map users and groups
+ by name (by default), but instead copy IDs as though \fB\-\-numeric\-ids\fP had
+! been specified. In order to enable name-mapping, rsync needs to be able to
+ use the standard library functions for looking up names and IDs (i.e.
+ \f(CWgetpwuid()\fP
+ ,
+--- 139,182 ----
+ of available modules. The default is no comment.
+ .IP
+ .IP "\fBpath\fP"
+! This parameter specifies the directory in the daemon\(cq\&s
+ filesystem to make available in this module. You must specify this parameter
+ for each module in \f(CWrsyncd.conf\fP.
+ .IP
+ .IP "\fBuse chroot\fP"
+! If \(dq\&use chroot\(dq\& is true, the rsync daemon will chroot
+! to the \(dq\&path\(dq\& before starting the file transfer with the client. This has
+ the advantage of extra protection against possible implementation security
+! holes, but it has the disadvantages of requiring super\-user privileges,
+ of not being able to follow symbolic links that are either absolute or outside
+ of the new root path, and of complicating the preservation of users and groups
+ by name (see below).
+ .IP
+! As an additional safety feature, you can specify a dot\-dir in the module\(cq\&s
+! \(dq\&path\(dq\& to indicate the point where the chroot should occur. This allows rsync
+! to run in a chroot with a non\-\(dq\&/\(dq\& path for the top of the transfer hierarchy.
+ Doing this guards against unintended library loading (since those absolute
+ paths will not be inside the transfer hierarchy unless you have used an unwise
+ pathname), and lets you setup libraries for the chroot that are outside of the
+! transfer. For example, specifying \(dq\&/var/rsync/./module1\(dq\& will chroot to the
+! \(dq\&/var/rsync\(dq\& directory and set the inside\-chroot path to \(dq\&/module1\(dq\&. If you
+! had omitted the dot\-dir, the chroot would have used the whole path, and the
+! inside\-chroot path would have been \(dq\&/\(dq\&.
+ .IP
+! When \(dq\&use chroot\(dq\& is false or the inside\-chroot path is not \(dq\&/\(dq\&, rsync will:
+ (1) munge symlinks by
+! default for security reasons (see \(dq\&munge symlinks\(dq\& for a way to turn this
+ off, but only if you trust your users), (2) substitute leading slashes in
+! absolute paths with the module\(cq\&s path (so that options such as
+ \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as
+! rooted in the module\(cq\&s \(dq\&path\(dq\& dir), and (3) trim \(dq\&..\(dq\& path elements from
+ args if rsync believes they would escape the module hierarchy.
+! The default for \(dq\&use chroot\(dq\& is true, and is the safer choice (especially
+! if the module is not read\-only).
+ .IP
+ When this parameter is enabled, rsync will not attempt to map users and groups
+ by name (by default), but instead copy IDs as though \fB\-\-numeric\-ids\fP had
+! been specified. In order to enable name\-mapping, rsync needs to be able to
+ use the standard library functions for looking up names and IDs (i.e.
+ \f(CWgetpwuid()\fP
+ ,
+***************
+*** 191,202 ****
+ used by these library functions (traditionally /etc/passwd and
+ /etc/group, but perhaps additional dynamic libraries as well).
+ .IP
+! If you copy the necessary resources into the module's chroot area, you
+! should protect them through your OS's normal user/group or ACL settings (to
+! prevent the rsync module's user from being able to change them), and then
+! hide them from the user's view via \(lqexclude\(rq (see how in the discussion of
+ that parameter). At that point it will be safe to enable the mapping of users
+! and groups by name using the \(lqnumeric ids\(rq daemon parameter (see below).
+ .IP
+ Note also that you are free to setup custom user/group information in the
+ chroot area that is different from your normal system. For example, you
+--- 191,202 ----
+ used by these library functions (traditionally /etc/passwd and
+ /etc/group, but perhaps additional dynamic libraries as well).
+ .IP
+! If you copy the necessary resources into the module\(cq\&s chroot area, you
+! should protect them through your OS\(cq\&s normal user/group or ACL settings (to
+! prevent the rsync module\(cq\&s user from being able to change them), and then
+! hide them from the user\(cq\&s view via \(dq\&exclude\(dq\& (see how in the discussion of
+ that parameter). At that point it will be safe to enable the mapping of users
+! and groups by name using the \(dq\&numeric ids\(dq\& daemon parameter (see below).
+ .IP
+ Note also that you are free to setup custom user/group information in the
+ chroot area that is different from your normal system. For example, you
+***************
+*** 205,216 ****
+ .IP "\fBnumeric ids\fP"
+ Enabling this parameter disables the mapping
+ of users and groups by name for the current daemon module. This prevents
+! the daemon from trying to load any user/group-related files or libraries.
+ This enabling makes the transfer behave as if the client had passed
+! the \fB\-\-numeric\-ids\fP command-line option. By default, this parameter is
+! enabled for chroot modules and disabled for non-chroot modules.
+ .IP
+! A chroot-enabled module should not have this parameter enabled unless you've
+ taken steps to ensure that the module has the necessary resources it needs
+ to translate names, and that it is not possible for a user to change those
+ resources.
+--- 205,216 ----
+ .IP "\fBnumeric ids\fP"
+ Enabling this parameter disables the mapping
+ of users and groups by name for the current daemon module. This prevents
+! the daemon from trying to load any user/group\-related files or libraries.
+ This enabling makes the transfer behave as if the client had passed
+! the \fB\-\-numeric\-ids\fP command\-line option. By default, this parameter is
+! enabled for chroot modules and disabled for non\-chroot modules.
+ .IP
+! A chroot\-enabled module should not have this parameter enabled unless you\(cq\&ve
+ taken steps to ensure that the module has the necessary resources it needs
+ to translate names, and that it is not possible for a user to change those
+ resources.
+***************
+*** 219,270 ****
+ This parameter tells rsync to modify
+ all incoming symlinks in a way that makes them unusable but recoverable
+ (see below). This should help protect your files from user trickery when
+! your daemon module is writable. The default is disabled when \(lquse chroot\(rq
+! is on and the inside-chroot path is \(lq/\(rq, otherwise it is enabled.
+ .IP
+! If you disable this parameter on a daemon that is not read-only, there
+ are tricks that a user can play with uploaded symlinks to access
+! daemon-excluded items (if your module has any), and, if \(lquse chroot\(rq
+ is off, rsync can even be tricked into showing or changing data that
+! is outside the module's path (as access-permissions allow).
+ .IP
+ The way rsync disables the use of symlinks is to prefix each one with
+! the string \(lq/rsyncd-munged/\(rq. This prevents the links from being used
+ as long as that directory does not exist. When this parameter is enabled,
+ rsync will refuse to run if that path is a directory or a symlink to
+! a directory. When using the \(lqmunge symlinks\(rq parameter in a chroot area
+! that has an inside-chroot path of \(lq/\(rq, you should add \(lq/rsyncd-munged/\(rq
+ to the exclude setting for the module so that
+! a user can't try to create it.
+ .IP
+! Note: rsync makes no attempt to verify that any pre-existing symlinks in
+! the module's hierarchy are as safe as you want them to be (unless, of
+ course, it just copied in the whole hierarchy). If you setup an rsync
+ daemon on a new area or locally add symlinks, you can manually protect your
+! symlinks from being abused by prefixing \(lq/rsyncd-munged/\(rq to the start of
+! every symlink's value. There is a perl script in the support directory
+! of the source code named \(lqmunge-symlinks\(rq that can be used to add or remove
+ this prefix from your symlinks.
+ .IP
+! When this parameter is disabled on a writable module and \(lquse chroot\(rq is off
+! (or the inside-chroot path is not \(lq/\(rq),
+! incoming symlinks will be modified to drop a leading slash and to remove \(lq..\(rq
+! path elements that rsync believes will allow a symlink to escape the module's
+ hierarchy. There are tricky ways to work around this, though, so you had
+ better trust your users if you choose this combination of parameters.
+ .IP
+ .IP "\fBcharset\fP"
+ This specifies the name of the character set in which the
+! module's filenames are stored. If the client uses an \fB\-\-iconv\fP option,
+! the daemon will use the value of the \(lqcharset\(rq parameter regardless of the
+ character set the client actually passed. This allows the daemon to
+ support charset conversion in a chroot module without extra files in the
+! chroot area, and also ensures that name-translation is done in a consistent
+! manner. If the \(lqcharset\(rq parameter is not set, the \fB\-\-iconv\fP option is
+! refused, just as if \(lqiconv\(rq had been specified via \(lqrefuse options\(rq.
+ .IP
+ If you wish to force users to always use \fB\-\-iconv\fP for a particular
+! module, add \(lqno-iconv\(rq to the \(lqrefuse options\(rq parameter. Keep in mind
+ that this will restrict access to your module to very new rsync clients.
+ .IP
+ .IP "\fBmax connections\fP"
+--- 219,270 ----
+ This parameter tells rsync to modify
+ all incoming symlinks in a way that makes them unusable but recoverable
+ (see below). This should help protect your files from user trickery when
+! your daemon module is writable. The default is disabled when \(dq\&use chroot\(dq\&
+! is on and the inside\-chroot path is \(dq\&/\(dq\&, otherwise it is enabled.
+ .IP
+! If you disable this parameter on a daemon that is not read\-only, there
+ are tricks that a user can play with uploaded symlinks to access
+! daemon\-excluded items (if your module has any), and, if \(dq\&use chroot\(dq\&
+ is off, rsync can even be tricked into showing or changing data that
+! is outside the module\(cq\&s path (as access\-permissions allow).
+ .IP
+ The way rsync disables the use of symlinks is to prefix each one with
+! the string \(dq\&/rsyncd\-munged/\(dq\&. This prevents the links from being used
+ as long as that directory does not exist. When this parameter is enabled,
+ rsync will refuse to run if that path is a directory or a symlink to
+! a directory. When using the \(dq\&munge symlinks\(dq\& parameter in a chroot area
+! that has an inside\-chroot path of \(dq\&/\(dq\&, you should add \(dq\&/rsyncd\-munged/\(dq\&
+ to the exclude setting for the module so that
+! a user can\(cq\&t try to create it.
+ .IP
+! Note: rsync makes no attempt to verify that any pre\-existing symlinks in
+! the module\(cq\&s hierarchy are as safe as you want them to be (unless, of
+ course, it just copied in the whole hierarchy). If you setup an rsync
+ daemon on a new area or locally add symlinks, you can manually protect your
+! symlinks from being abused by prefixing \(dq\&/rsyncd\-munged/\(dq\& to the start of
+! every symlink\(cq\&s value. There is a perl script in the support directory
+! of the source code named \(dq\&munge\-symlinks\(dq\& that can be used to add or remove
+ this prefix from your symlinks.
+ .IP
+! When this parameter is disabled on a writable module and \(dq\&use chroot\(dq\& is off
+! (or the inside\-chroot path is not \(dq\&/\(dq\&),
+! incoming symlinks will be modified to drop a leading slash and to remove \(dq\&..\(dq\&
+! path elements that rsync believes will allow a symlink to escape the module\(cq\&s
+ hierarchy. There are tricky ways to work around this, though, so you had
+ better trust your users if you choose this combination of parameters.
+ .IP
+ .IP "\fBcharset\fP"
+ This specifies the name of the character set in which the
+! module\(cq\&s filenames are stored. If the client uses an \fB\-\-iconv\fP option,
+! the daemon will use the value of the \(dq\&charset\(dq\& parameter regardless of the
+ character set the client actually passed. This allows the daemon to
+ support charset conversion in a chroot module without extra files in the
+! chroot area, and also ensures that name\-translation is done in a consistent
+! manner. If the \(dq\&charset\(dq\& parameter is not set, the \fB\-\-iconv\fP option is
+! refused, just as if \(dq\&iconv\(dq\& had been specified via \(dq\&refuse options\(dq\&.
+ .IP
+ If you wish to force users to always use \fB\-\-iconv\fP for a particular
+! module, add \(dq\&no\-iconv\(dq\& to the \(dq\&refuse options\(dq\& parameter. Keep in mind
+ that this will restrict access to your module to very new rsync clients.
+ .IP
+ .IP "\fBmax connections\fP"
+***************
+*** 273,293 ****
+ Any clients connecting when the maximum has been reached will receive a
+ message telling them to try later. The default is 0, which means no limit.
+ A negative value disables the module.
+! See also the \(lqlock file\(rq parameter.
+ .IP
+ .IP "\fBlog file\fP"
+! When the \(lqlog file\(rq parameter is set to a non-empty
+ string, the rsync daemon will log messages to the indicated file rather
+ than using syslog. This is particularly useful on systems (such as AIX)
+ where
+ \f(CWsyslog()\fP
+! doesn't work for chrooted programs. The file is
+ opened before
+ \f(CWchroot()\fP
+ is called, allowing it to be placed outside
+! the transfer. If this value is set on a per-module basis instead of
+ globally, the global log will still contain any authorization failures
+! or config-file error messages.
+ .IP
+ If the daemon fails to open the specified file, it will fall back to
+ using syslog and output an error about the failure. (Note that the
+--- 273,293 ----
+ Any clients connecting when the maximum has been reached will receive a
+ message telling them to try later. The default is 0, which means no limit.
+ A negative value disables the module.
+! See also the \(dq\&lock file\(dq\& parameter.
+ .IP
+ .IP "\fBlog file\fP"
+! When the \(dq\&log file\(dq\& parameter is set to a non\-empty
+ string, the rsync daemon will log messages to the indicated file rather
+ than using syslog. This is particularly useful on systems (such as AIX)
+ where
+ \f(CWsyslog()\fP
+! doesn\(cq\&t work for chrooted programs. The file is
+ opened before
+ \f(CWchroot()\fP
+ is called, allowing it to be placed outside
+! the transfer. If this value is set on a per\-module basis instead of
+ globally, the global log will still contain any authorization failures
+! or config\-file error messages.
+ .IP
+ If the daemon fails to open the specified file, it will fall back to
+ using syslog and output an error about the failure. (Note that the
+***************
+*** 300,318 ****
+ defined on your system. Common names are auth, authpriv, cron, daemon,
+ ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0,
+ local1, local2, local3, local4, local5, local6 and local7. The default
+! is daemon. This setting has no effect if the \(lqlog file\(rq setting is a
+! non-empty string (either set in the per-modules settings, or inherited
+ from the global settings).
+ .IP
+ .IP "\fBmax verbosity\fP"
+ This parameter allows you to control
+! the maximum amount of verbose information that you'll allow the daemon to
+ generate (since the information goes into the log file). The default is 1,
+ which allows the client to request one level of verbosity.
+ .IP
+ .IP "\fBlock file\fP"
+ This parameter specifies the file to use to
+! support the \(lqmax connections\(rq parameter. The rsync daemon uses record
+ locking on this file to ensure that the max connections limit is not
+ exceeded for the modules sharing the lock file.
+ The default is \f(CW/var/run/rsyncd.lock\fP.
+--- 300,318 ----
+ defined on your system. Common names are auth, authpriv, cron, daemon,
+ ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0,
+ local1, local2, local3, local4, local5, local6 and local7. The default
+! is daemon. This setting has no effect if the \(dq\&log file\(dq\& setting is a
+! non\-empty string (either set in the per\-modules settings, or inherited
+ from the global settings).
+ .IP
+ .IP "\fBmax verbosity\fP"
+ This parameter allows you to control
+! the maximum amount of verbose information that you\(cq\&ll allow the daemon to
+ generate (since the information goes into the log file). The default is 1,
+ which allows the client to request one level of verbosity.
+ .IP
+ .IP "\fBlock file\fP"
+ This parameter specifies the file to use to
+! support the \(dq\&max connections\(dq\& parameter. The rsync daemon uses record
+ locking on this file to ensure that the max connections limit is not
+ exceeded for the modules sharing the lock file.
+ The default is \f(CW/var/run/rsyncd.lock\fP.
+***************
+*** 319,333 ****
+ .IP
+ .IP "\fBread only\fP"
+ This parameter determines whether clients
+! will be able to upload files or not. If \(lqread only\(rq is true then any
+! attempted uploads will fail. If \(lqread only\(rq is false then uploads will
+ be possible if file permissions on the daemon side allow them. The default
+ is for all modules to be read only.
+ .IP
+ .IP "\fBwrite only\fP"
+ This parameter determines whether clients
+! will be able to download files or not. If \(lqwrite only\(rq is true then any
+! attempted downloads will fail. If \(lqwrite only\(rq is false then downloads
+ will be possible if file permissions on the daemon side allow them. The
+ default is for this parameter to be disabled.
+ .IP
+--- 319,333 ----
+ .IP
+ .IP "\fBread only\fP"
+ This parameter determines whether clients
+! will be able to upload files or not. If \(dq\&read only\(dq\& is true then any
+! attempted uploads will fail. If \(dq\&read only\(dq\& is false then uploads will
+ be possible if file permissions on the daemon side allow them. The default
+ is for all modules to be read only.
+ .IP
+ .IP "\fBwrite only\fP"
+ This parameter determines whether clients
+! will be able to download files or not. If \(dq\&write only\(dq\& is true then any
+! attempted downloads will fail. If \(dq\&write only\(dq\& is false then downloads
+ will be possible if file permissions on the daemon side allow them. The
+ default is for this parameter to be disabled.
+ .IP
+***************
+*** 340,358 ****
+ .IP "\fBuid\fP"
+ This parameter specifies the user name or user ID that
+ file transfers to and from that module should take place as when the daemon
+! was run as root. In combination with the \(lqgid\(rq parameter this determines what
+ file permissions are available. The default is uid \-2, which is normally
+! the user \(lqnobody\(rq.
+ .IP
+ .IP "\fBgid\fP"
+ This parameter specifies the group name or group ID that
+ file transfers to and from that module should take place as when the daemon
+! was run as root. This complements the \(lquid\(rq parameter. The default is gid \-2,
+! which is normally the group \(lqnobody\(rq.
+ .IP
+ .IP "\fBfake super\fP"
+! Setting \(lqfake super = yes\(rq for a module causes the
+! daemon side to behave as if the \fB\-\-fake\-user\fP command-line option had
+ been specified. This allows the full attributes of a file to be stored
+ without having to have the daemon actually running as root.
+ .IP
+--- 340,358 ----
+ .IP "\fBuid\fP"
+ This parameter specifies the user name or user ID that
+ file transfers to and from that module should take place as when the daemon
+! was run as root. In combination with the \(dq\&gid\(dq\& parameter this determines what
+ file permissions are available. The default is uid \-2, which is normally
+! the user \(dq\&nobody\(dq\&.
+ .IP
+ .IP "\fBgid\fP"
+ This parameter specifies the group name or group ID that
+ file transfers to and from that module should take place as when the daemon
+! was run as root. This complements the \(dq\&uid\(dq\& parameter. The default is gid \-2,
+! which is normally the group \(dq\&nobody\(dq\&.
+ .IP
+ .IP "\fBfake super\fP"
+! Setting \(dq\&fake super = yes\(dq\& for a module causes the
+! daemon side to behave as if the \fB\-\-fake\-super\fP command\-line option had
+ been specified. This allows the full attributes of a file to be stored
+ without having to have the daemon actually running as root.
+ .IP
+***************
+*** 360,366 ****
+ The daemon has its own filter chain that determines what files
+ it will let the client access. This chain is not sent to the client and is
+ independent of any filters the client may have specified. Files excluded by
+! the daemon filter chain (\fBdaemon-excluded\fP files) are treated as non-existent
+ if the client tries to pull them, are skipped with an error message if the
+ client tries to push them (triggering exit code 23), and are never deleted from
+ the module. You can use daemon filters to prevent clients from downloading or
+--- 360,366 ----
+ The daemon has its own filter chain that determines what files
+ it will let the client access. This chain is not sent to the client and is
+ independent of any filters the client may have specified. Files excluded by
+! the daemon filter chain (\fBdaemon\-excluded\fP files) are treated as non\-existent
+ if the client tries to pull them, are skipped with an error message if the
+ client tries to push them (triggering exit code 23), and are never deleted from
+ the module. You can use daemon filters to prevent clients from downloading or
+***************
+*** 367,421 ****
+ tampering with private administrative files, such as files you may add to
+ support uid/gid name translations.
+ .IP
+! The daemon filter chain is built from the \(lqfilter\(rq, \(lqinclude from\(rq, \(lqinclude\(rq,
+! \(lqexclude from\(rq, and \(lqexclude\(rq parameters, in that order of priority. Anchored
+ patterns are anchored at the root of the module. To prevent access to an
+! entire subtree, for example, \(lq/secret\(rq, you \fImust\fP exclude everything in the
+! subtree; the easiest way to do this is with a triple-star pattern like
+! \(lq/secret/***\(rq.
+ .IP
+! The \(lqfilter\(rq parameter takes a space-separated list of daemon filter rules,
+ though it is smart enough to know not to split a token at an internal space in
+! a rule (e.g. \(lq\- /foo \(em /bar\(rq is parsed as two rules). You may specify one or
+! more merge-file rules using the normal syntax. Only one \(lqfilter\(rq parameter can
+ apply to a given module in the config file, so put all the rules you want in a
+! single parameter. Note that per-directory merge-file rules do not provide as
+ much protection as global rules, but they can be used to make \fB\-\-delete\fP work
+! better during a client download operation if the per-dir merge files are
+ included in the transfer and the client requests that they be used.
+ .IP
+ .IP "\fBexclude\fP"
+! This parameter takes a space-separated list of daemon
+ exclude patterns. As with the client \fB\-\-exclude\fP option, patterns can be
+! qualified with \(lq\- \(rq or \(lq+ \(rq to explicitly indicate exclude/include. Only one
+! \(lqexclude\(rq parameter can apply to a given module. See the \(lqfilter\(rq parameter
+ for a description of how excluded files affect the daemon.
+ .IP
+ .IP "\fBinclude\fP"
+! Use an \(lqinclude\(rq to override the effects of the \(lqexclude\(rq
+! parameter. Only one \(lqinclude\(rq parameter can apply to a given module. See the
+! \(lqfilter\(rq parameter for a description of how excluded files affect the daemon.
+ .IP
+ .IP "\fBexclude from\fP"
+ This parameter specifies the name of a file
+ on the daemon that contains daemon exclude patterns, one per line. Only one
+! \(lqexclude from\(rq parameter can apply to a given module; if you have multiple
+! exclude-from files, you can specify them as a merge file in the \(lqfilter\(rq
+! parameter. See the \(lqfilter\(rq parameter for a description of how excluded files
+ affect the daemon.
+ .IP
+ .IP "\fBinclude from\fP"
+! Analogue of \(lqexclude from\(rq for a file of daemon include
+! patterns. Only one \(lqinclude from\(rq parameter can apply to a given module. See
+! the \(lqfilter\(rq parameter for a description of how excluded files affect the
+ daemon.
+ .IP
+ .IP "\fBincoming chmod\fP"
+ This parameter allows you to specify a set of
+! comma-separated chmod strings that will affect the permissions of all
+ incoming files (files that are being received by the daemon). These
+ changes happen after all other permission calculations, and this will
+! even override destination-default and/or existing permissions when the
+ client does not specify \fB\-\-perms\fP.
+ See the description of the \fB\-\-chmod\fP rsync option and the \fBchmod\fP(1)
+ manpage for information on the format of this string.
+--- 367,421 ----
+ tampering with private administrative files, such as files you may add to
+ support uid/gid name translations.
+ .IP
+! The daemon filter chain is built from the \(dq\&filter\(dq\&, \(dq\&include from\(dq\&, \(dq\&include\(dq\&,
+! \(dq\&exclude from\(dq\&, and \(dq\&exclude\(dq\& parameters, in that order of priority. Anchored
+ patterns are anchored at the root of the module. To prevent access to an
+! entire subtree, for example, \(dq\&/secret\(dq\&, you \fImust\fP exclude everything in the
+! subtree; the easiest way to do this is with a triple\-star pattern like
+! \(dq\&/secret/***\(dq\&.
+ .IP
+! The \(dq\&filter\(dq\& parameter takes a space\-separated list of daemon filter rules,
+ though it is smart enough to know not to split a token at an internal space in
+! a rule (e.g. \(dq\&\- /foo \(em /bar\(dq\& is parsed as two rules). You may specify one or
+! more merge\-file rules using the normal syntax. Only one \(dq\&filter\(dq\& parameter can
+ apply to a given module in the config file, so put all the rules you want in a
+! single parameter. Note that per\-directory merge\-file rules do not provide as
+ much protection as global rules, but they can be used to make \fB\-\-delete\fP work
+! better during a client download operation if the per\-dir merge files are
+ included in the transfer and the client requests that they be used.
+ .IP
+ .IP "\fBexclude\fP"
+! This parameter takes a space\-separated list of daemon
+ exclude patterns. As with the client \fB\-\-exclude\fP option, patterns can be
+! qualified with \(dq\&\- \(dq\& or \(dq\&+ \(dq\& to explicitly indicate exclude/include. Only one
+! \(dq\&exclude\(dq\& parameter can apply to a given module. See the \(dq\&filter\(dq\& parameter
+ for a description of how excluded files affect the daemon.
+ .IP
+ .IP "\fBinclude\fP"
+! Use an \(dq\&include\(dq\& to override the effects of the \(dq\&exclude\(dq\&
+! parameter. Only one \(dq\&include\(dq\& parameter can apply to a given module. See the
+! \(dq\&filter\(dq\& parameter for a description of how excluded files affect the daemon.
+ .IP
+ .IP "\fBexclude from\fP"
+ This parameter specifies the name of a file
+ on the daemon that contains daemon exclude patterns, one per line. Only one
+! \(dq\&exclude from\(dq\& parameter can apply to a given module; if you have multiple
+! exclude\-from files, you can specify them as a merge file in the \(dq\&filter\(dq\&
+! parameter. See the \(dq\&filter\(dq\& parameter for a description of how excluded files
+ affect the daemon.
+ .IP
+ .IP "\fBinclude from\fP"
+! Analogue of \(dq\&exclude from\(dq\& for a file of daemon include
+! patterns. Only one \(dq\&include from\(dq\& parameter can apply to a given module. See
+! the \(dq\&filter\(dq\& parameter for a description of how excluded files affect the
+ daemon.
+ .IP
+ .IP "\fBincoming chmod\fP"
+ This parameter allows you to specify a set of
+! comma\-separated chmod strings that will affect the permissions of all
+ incoming files (files that are being received by the daemon). These
+ changes happen after all other permission calculations, and this will
+! even override destination\-default and/or existing permissions when the
+ client does not specify \fB\-\-perms\fP.
+ See the description of the \fB\-\-chmod\fP rsync option and the \fBchmod\fP(1)
+ manpage for information on the format of this string.
+***************
+*** 422,428 ****
+ .IP
+ .IP "\fBoutgoing chmod\fP"
+ This parameter allows you to specify a set of
+! comma-separated chmod strings that will affect the permissions of all
+ outgoing files (files that are being sent out from the daemon). These
+ changes happen first, making the sent permissions appear to be different
+ than those stored in the filesystem itself. For instance, you could
+--- 422,428 ----
+ .IP
+ .IP "\fBoutgoing chmod\fP"
+ This parameter allows you to specify a set of
+! comma\-separated chmod strings that will affect the permissions of all
+ outgoing files (files that are being sent out from the daemon). These
+ changes happen first, making the sent permissions appear to be different
+ than those stored in the filesystem itself. For instance, you could
+***************
+*** 433,473 ****
+ .IP
+ .IP "\fBauth users\fP"
+ This parameter specifies a comma and
+! space-separated list of usernames that will be allowed to connect to
+ this module. The usernames do not need to exist on the local
+ system. The usernames may also contain shell wildcard characters. If
+! \(lqauth users\(rq is set then the client will be challenged to supply a
+ username and password to connect to the module. A challenge response
+ authentication protocol is used for this exchange. The plain text
+ usernames and passwords are stored in the file specified by the
+! \(lqsecrets file\(rq parameter. The default is for all users to be able to
+! connect without a password (this is called \(lqanonymous rsync\(rq).
+ .IP
+! See also the \(lqCONNECTING TO AN RSYNC DAEMON OVER A REMOTE SHELL
+! PROGRAM\(rq section in \fBrsync\fP(1) for information on how handle an
+! rsyncd.conf\-level username that differs from the remote-shell-level
+ username when using a remote shell to connect to an rsync daemon.
+ .IP
+ .IP "\fBsecrets file\fP"
+ This parameter specifies the name of
+ a file that contains the username:password pairs used for
+! authenticating this module. This file is only consulted if the \(lqauth
+! users\(rq parameter is specified. The file is line based and contains
+ username:password pairs separated by a single colon. Any line starting
+ with a hash (#) is considered a comment and is skipped. The passwords
+ can contain any characters but be warned that many operating systems
+ limit the length of passwords that can be typed at the client end, so
+! you may find that passwords longer than 8 characters don't work.
+ .IP
+! There is no default for the \(lqsecrets file\(rq parameter, you must choose a name
+ (such as \f(CW/etc/rsyncd.secrets\fP). The file must normally not be readable
+! by \(lqother\(rq; see \(lqstrict modes\(rq.
+ .IP
+ .IP "\fBstrict modes\fP"
+ This parameter determines whether or not
+! the permissions on the secrets file will be checked. If \(lqstrict modes\(rq is
+ true, then the secrets file must not be readable by any user ID other
+! than the one that the rsync daemon is running under. If \(lqstrict modes\(rq is
+ false, the check is not performed. The default is true. This parameter
+ was added to accommodate rsync running on the Windows operating system.
+ .IP
+--- 433,473 ----
+ .IP
+ .IP "\fBauth users\fP"
+ This parameter specifies a comma and
+! space\-separated list of usernames that will be allowed to connect to
+ this module. The usernames do not need to exist on the local
+ system. The usernames may also contain shell wildcard characters. If
+! \(dq\&auth users\(dq\& is set then the client will be challenged to supply a
+ username and password to connect to the module. A challenge response
+ authentication protocol is used for this exchange. The plain text
+ usernames and passwords are stored in the file specified by the
+! \(dq\&secrets file\(dq\& parameter. The default is for all users to be able to
+! connect without a password (this is called \(dq\&anonymous rsync\(dq\&).
+ .IP
+! See also the section entitled \(dq\&USING RSYNC\-DAEMON FEATURES VIA A REMOTE
+! SHELL CONNECTION\(dq\& in \fBrsync\fP(1) for information on how handle an
+! rsyncd.conf\-level username that differs from the remote\-shell\-level
+ username when using a remote shell to connect to an rsync daemon.
+ .IP
+ .IP "\fBsecrets file\fP"
+ This parameter specifies the name of
+ a file that contains the username:password pairs used for
+! authenticating this module. This file is only consulted if the \(dq\&auth
+! users\(dq\& parameter is specified. The file is line based and contains
+ username:password pairs separated by a single colon. Any line starting
+ with a hash (#) is considered a comment and is skipped. The passwords
+ can contain any characters but be warned that many operating systems
+ limit the length of passwords that can be typed at the client end, so
+! you may find that passwords longer than 8 characters don\(cq\&t work.
+ .IP
+! There is no default for the \(dq\&secrets file\(dq\& parameter, you must choose a name
+ (such as \f(CW/etc/rsyncd.secrets\fP). The file must normally not be readable
+! by \(dq\&other\(dq\&; see \(dq\&strict modes\(dq\&.
+ .IP
+ .IP "\fBstrict modes\fP"
+ This parameter determines whether or not
+! the permissions on the secrets file will be checked. If \(dq\&strict modes\(dq\& is
+ true, then the secrets file must not be readable by any user ID other
+! than the one that the rsync daemon is running under. If \(dq\&strict modes\(dq\& is
+ false, the check is not performed. The default is true. This parameter
+ was added to accommodate rsync running on the Windows operating system.
+ .IP
+***************
+*** 482,488 ****
+ .RS
+ .IP o
+ a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address
+! of the form a:b:c::d:e:f. In this case the incoming machine's IP address
+ must match exactly.
+ .IP o
+ an address/mask in the form ipaddr/n where ipaddr is the IP address
+--- 482,488 ----
+ .RS
+ .IP o
+ a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address
+! of the form a:b:c::d:e:f. In this case the incoming machine\(cq\&s IP address
+ must match exactly.
+ .IP o
+ an address/mask in the form ipaddr/n where ipaddr is the IP address
+***************
+*** 504,510 ****
+ .RE
+
+ .IP
+! Note IPv6 link-local addresses can have a scope in the address specification:
+ .IP
+ .RS
+ \f(CW fe80::1%link1\fP
+--- 504,510 ----
+ .RE
+
+ .IP
+! Note IPv6 link\-local addresses can have a scope in the address specification:
+ .IP
+ .RS
+ \f(CW fe80::1%link1\fP
+***************
+*** 516,538 ****
+ .RE
+
+ .IP
+! You can also combine \(lqhosts allow\(rq with a separate \(lqhosts deny\(rq
+! parameter. If both parameters are specified then the \(lqhosts allow\(rq parameter is
+ checked first and a match results in the client being able to
+! connect. The \(lqhosts deny\(rq parameter is then checked and a match means
+ that the host is rejected. If the host does not match either the
+! \(lqhosts allow\(rq or the \(lqhosts deny\(rq patterns then it is allowed to
+ connect.
+ .IP
+! The default is no \(lqhosts allow\(rq parameter, which means all hosts can connect.
+ .IP
+ .IP "\fBhosts deny\fP"
+ This parameter allows you to specify a
+ list of patterns that are matched against a connecting clients
+ hostname and IP address. If the pattern matches then the connection is
+! rejected. See the \(lqhosts allow\(rq parameter for more information.
+ .IP
+! The default is no \(lqhosts deny\(rq parameter, which means all hosts can connect.
+ .IP
+ .IP "\fBignore errors\fP"
+ This parameter tells rsyncd to
+--- 516,538 ----
+ .RE
+
+ .IP
+! You can also combine \(dq\&hosts allow\(dq\& with a separate \(dq\&hosts deny\(dq\&
+! parameter. If both parameters are specified then the \(dq\&hosts allow\(dq\& parameter is
+ checked first and a match results in the client being able to
+! connect. The \(dq\&hosts deny\(dq\& parameter is then checked and a match means
+ that the host is rejected. If the host does not match either the
+! \(dq\&hosts allow\(dq\& or the \(dq\&hosts deny\(dq\& patterns then it is allowed to
+ connect.
+ .IP
+! The default is no \(dq\&hosts allow\(dq\& parameter, which means all hosts can connect.
+ .IP
+ .IP "\fBhosts deny\fP"
+ This parameter allows you to specify a
+ list of patterns that are matched against a connecting clients
+ hostname and IP address. If the pattern matches then the connection is
+! rejected. See the \(dq\&hosts allow\(dq\& parameter for more information.
+ .IP
+! The default is no \(dq\&hosts deny\(dq\& parameter, which means all hosts can connect.
+ .IP
+ .IP "\fBignore errors\fP"
+ This parameter tells rsyncd to
+***************
+*** 546,577 ****
+ .IP "\fBignore nonreadable\fP"
+ This tells the rsync daemon to completely
+ ignore files that are not readable by the user. This is useful for
+! public archives that may have some non-readable files among the
+! directories, and the sysadmin doesn't want those files to be seen at all.
+ .IP
+ .IP "\fBtransfer logging\fP"
+! This parameter enables per-file
+ logging of downloads and uploads in a format somewhat similar to that
+ used by ftp daemons. The daemon always logs the transfer at the end, so
+ if a transfer is aborted, no mention will be made in the log file.
+ .IP
+! If you want to customize the log lines, see the \(lqlog format\(rq parameter.
+ .IP
+ .IP "\fBlog format\fP"
+ This parameter allows you to specify the
+ format used for logging file transfers when transfer logging is enabled.
+! The format is a text string containing embedded single-character escape
+ sequences prefixed with a percent (%) character. An optional numeric
+ field width may also be specified between the percent and the escape
+! letter (e.g. \(lq\fB%\-50n %8l %07p\fP\(rq).
+ .IP
+! The default log format is \(lq%o %h [%a] %m (%u) %f %l\(rq, and a \(lq%t [%p] \(rq
+! is always prefixed when using the \(lqlog file\(rq parameter.
+ (A perl script that will summarize this default log format is included
+! in the rsync source code distribution in the \(lqsupport\(rq subdirectory:
+ rsyncstats.)
+ .IP
+! The single-character escapes that are understood are as follows:
+ .IP
+ .RS
+ .IP o
+--- 546,577 ----
+ .IP "\fBignore nonreadable\fP"
+ This tells the rsync daemon to completely
+ ignore files that are not readable by the user. This is useful for
+! public archives that may have some non\-readable files among the
+! directories, and the sysadmin doesn\(cq\&t want those files to be seen at all.
+ .IP
+ .IP "\fBtransfer logging\fP"
+! This parameter enables per\-file
+ logging of downloads and uploads in a format somewhat similar to that
+ used by ftp daemons. The daemon always logs the transfer at the end, so
+ if a transfer is aborted, no mention will be made in the log file.
+ .IP
+! If you want to customize the log lines, see the \(dq\&log format\(dq\& parameter.
+ .IP
+ .IP "\fBlog format\fP"
+ This parameter allows you to specify the
+ format used for logging file transfers when transfer logging is enabled.
+! The format is a text string containing embedded single\-character escape
+ sequences prefixed with a percent (%) character. An optional numeric
+ field width may also be specified between the percent and the escape
+! letter (e.g. \(dq\&\fB%\-50n %8l %07p\fP\(dq\&).
+ .IP
+! The default log format is \(dq\&%o %h [%a] %m (%u) %f %l\(dq\&, and a \(dq\&%t [%p] \(dq\&
+! is always prefixed when using the \(dq\&log file\(dq\& parameter.
+ (A perl script that will summarize this default log format is included
+! in the rsync source code distribution in the \(dq\&support\(dq\& subdirectory:
+ rsyncstats.)
+ .IP
+! The single\-character escapes that are understood are as follows:
+ .IP
+ .RS
+ .IP o
+***************
+*** 583,591 ****
+ .IP o
+ %c the total size of the block checksums received for the basis file (only when sending)
+ .IP o
+! %f the filename (long form on sender; no trailing \(lq/\(rq)
+ .IP o
+! %G the gid of the file (decimal) or \(lqDEFAULT\(rq
+ .IP o
+ %h the remote host name
+ .IP o
+--- 583,591 ----
+ .IP o
+ %c the total size of the block checksums received for the basis file (only when sending)
+ .IP o
+! %f the filename (long form on sender; no trailing \(dq\&/\(dq\&)
+ .IP o
+! %G the gid of the file (decimal) or \(dq\&DEFAULT\(dq\&
+ .IP o
+ %h the remote host name
+ .IP o
+***************
+*** 593,607 ****
+ .IP o
+ %l the length of the file in bytes
+ .IP o
+! %L the string \(lq \-> SYMLINK\(rq, \(lq => HARDLINK\(rq, or \(lq\(rq (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename)
+ .IP o
+ %m the module name
+ .IP o
+! %M the last-modified time of the file
+ .IP o
+! %n the filename (short form; trailing \(lq/\(rq on dir)
+ .IP o
+! %o the operation, which is \(lqsend\(rq, \(lqrecv\(rq, or \(lqdel.\(rq (the latter includes the trailing period)
+ .IP o
+ %p the process ID of this rsync session
+ .IP o
+--- 593,607 ----
+ .IP o
+ %l the length of the file in bytes
+ .IP o
+! %L the string \(dq\& \-> SYMLINK\(dq\&, \(dq\& => HARDLINK\(dq\&, or \(dq\&\(dq\& (where \fBSYMLINK\fP or \fBHARDLINK\fP is a filename)
+ .IP o
+ %m the module name
+ .IP o
+! %M the last\-modified time of the file
+ .IP o
+! %n the filename (short form; trailing \(dq\&/\(dq\& on dir)
+ .IP o
+! %o the operation, which is \(dq\&send\(dq\&, \(dq\&recv\(dq\&, or \(dq\&del.\(dq\& (the latter includes the trailing period)
+ .IP o
+ %p the process ID of this rsync session
+ .IP o
+***************
+*** 615,621 ****
+ .RE
+
+ .IP
+! For a list of what the characters mean that are output by \(lq%i\(rq, see the
+ \fB\-\-itemize\-changes\fP option in the rsync manpage.
+ .IP
+ Note that some of the logged output changes when talking with older
+--- 615,621 ----
+ .RE
+
+ .IP
+! For a list of what the characters mean that are output by \(dq\&%i\(dq\&, see the
+ \fB\-\-itemize\-changes\fP option in the rsync manpage.
+ .IP
+ Note that some of the logged output changes when talking with older
+***************
+*** 625,631 ****
+ .IP "\fBtimeout\fP"
+ This parameter allows you to override the
+ clients choice for I/O timeout for this module. Using this parameter you
+! can ensure that rsync won't wait on a dead client forever. The timeout
+ is specified in seconds. A value of zero means no timeout and is the
+ default. A good choice for anonymous rsync daemons may be 600 (giving
+ a 10 minute timeout).
+--- 625,631 ----
+ .IP "\fBtimeout\fP"
+ This parameter allows you to override the
+ clients choice for I/O timeout for this module. Using this parameter you
+! can ensure that rsync won\(cq\&t wait on a dead client forever. The timeout
+ is specified in seconds. A value of zero means no timeout and is the
+ default. A good choice for anonymous rsync daemons may be 600 (giving
+ a 10 minute timeout).
+***************
+*** 632,641 ****
+ .IP
+ .IP "\fBrefuse options\fP"
+ This parameter allows you to
+! specify a space-separated list of rsync command line options that will
+ be refused by your rsync daemon.
+! You may specify the full option name, its one-letter abbreviation, or a
+! wild-card string that matches multiple options.
+ For example, this would refuse \fB\-\-checksum\fP (\fB\-c\fP) and all the various
+ delete options:
+ .IP
+--- 632,641 ----
+ .IP
+ .IP "\fBrefuse options\fP"
+ This parameter allows you to
+! specify a space\-separated list of rsync command line options that will
+ be refused by your rsync daemon.
+! You may specify the full option name, its one\-letter abbreviation, or a
+! wild\-card string that matches multiple options.
+ For example, this would refuse \fB\-\-checksum\fP (\fB\-c\fP) and all the various
+ delete options:
+ .IP
+***************
+*** 646,660 ****
+ .IP
+ The reason the above refuses all delete options is that the options imply
+ \fB\-\-delete\fP, and implied options are refused just like explicit options.
+! As an additional safety feature, the refusal of \(lqdelete\(rq also refuses
+! \fBremove-source-files\fP when the daemon is the sender; if you want the latter
+! without the former, instead refuse \(lqdelete\-*\(rq \(em that refuses all the
+ delete modes without affecting \fB\-\-remove\-source\-files\fP.
+ .IP
+ When an option is refused, the daemon prints an error message and exits.
+ To prevent all compression when serving files,
+! you can use \(lqdont compress = *\(rq (see below)
+! instead of \(lqrefuse options = compress\(rq to avoid returning an error to a
+ client that requests compression.
+ .IP
+ .IP "\fBdont compress\fP"
+--- 646,660 ----
+ .IP
+ The reason the above refuses all delete options is that the options imply
+ \fB\-\-delete\fP, and implied options are refused just like explicit options.
+! As an additional safety feature, the refusal of \(dq\&delete\(dq\& also refuses
+! \fBremove\-source\-files\fP when the daemon is the sender; if you want the latter
+! without the former, instead refuse \(dq\&delete\-*\(dq\& \-\- that refuses all the
+ delete modes without affecting \fB\-\-remove\-source\-files\fP.
+ .IP
+ When an option is refused, the daemon prints an error message and exits.
+ To prevent all compression when serving files,
+! you can use \(dq\&dont compress = *\(dq\& (see below)
+! instead of \(dq\&refuse options = compress\(dq\& to avoid returning an error to a
+ client that requests compression.
+ .IP
+ .IP "\fBdont compress\fP"
+***************
+*** 663,687 ****
+ when pulling files from the daemon (no analogous parameter exists to
+ govern the pushing of files to a daemon).
+ Compression is expensive in terms of CPU usage, so it
+! is usually good to not try to compress files that won't compress well,
+ such as already compressed files.
+ .IP
+! The \(lqdont compress\(rq parameter takes a space-separated list of
+! case-insensitive wildcard patterns. Any source filename matching one
+ of the patterns will not be compressed during transfer.
+ .IP
+ See the \fB\-\-skip\-compress\fP parameter in the \fBrsync\fP(1) manpage for the list
+ of file suffixes that are not compressed by default. Specifying a value
+! for the \(lqdont compress\(rq parameter changes the default when the daemon is
+ the sender.
+ .IP
+! .IP "\fBpre-xfer exec\fP, \fBpost-xfer exec\fP"
+ You may specify a command to be run
+! before and/or after the transfer. If the \fBpre-xfer exec\fP command fails, the
+ transfer is aborted before it begins.
+ .IP
+ The following environment variables will be set, though some are
+! specific to the pre-xfer or the post-xfer environment:
+ .IP
+ .RS
+ .IP o
+--- 663,687 ----
+ when pulling files from the daemon (no analogous parameter exists to
+ govern the pushing of files to a daemon).
+ Compression is expensive in terms of CPU usage, so it
+! is usually good to not try to compress files that won\(cq\&t compress well,
+ such as already compressed files.
+ .IP
+! The \(dq\&dont compress\(dq\& parameter takes a space\-separated list of
+! case\-insensitive wildcard patterns. Any source filename matching one
+ of the patterns will not be compressed during transfer.
+ .IP
+ See the \fB\-\-skip\-compress\fP parameter in the \fBrsync\fP(1) manpage for the list
+ of file suffixes that are not compressed by default. Specifying a value
+! for the \(dq\&dont compress\(dq\& parameter changes the default when the daemon is
+ the sender.
+ .IP
+! .IP "\fBpre\-xfer exec\fP, \fBpost\-xfer exec\fP"
+ You may specify a command to be run
+! before and/or after the transfer. If the \fBpre\-xfer exec\fP command fails, the
+ transfer is aborted before it begins.
+ .IP
+ The following environment variables will be set, though some are
+! specific to the pre\-xfer or the post\-xfer environment:
+ .IP
+ .RS
+ .IP o
+***************
+*** 689,717 ****
+ .IP o
+ \fBRSYNC_MODULE_PATH\fP: The path configured for the module.
+ .IP o
+! \fBRSYNC_HOST_ADDR\fP: The accessing host's IP address.
+ .IP o
+! \fBRSYNC_HOST_NAME\fP: The accessing host's name.
+ .IP o
+! \fBRSYNC_USER_NAME\fP: The accessing user's name (empty if no user).
+ .IP o
+ \fBRSYNC_PID\fP: A unique number for this transfer.
+ .IP o
+! \fBRSYNC_REQUEST\fP: (pre-xfer only) The module/path info specified
+ by the user (note that the user can specify multiple source files,
+! so the request can be something like \(lqmod/path1 mod/path2\(rq, etc.).
+ .IP o
+! \fBRSYNC_ARG#\fP: (pre-xfer only) The pre-request arguments are set
+! in these numbered values. RSYNC_ARG0 is always \(lqrsyncd\(rq, and the last
+ value contains a single period.
+ .IP o
+! \fBRSYNC_EXIT_STATUS\fP: (post-xfer only) the server side's exit value.
+ This will be 0 for a successful run, a positive value for an error that the
+ server generated, or a \-1 if rsync failed to exit properly. Note that an
+ error that occurs on the client side does not currently get sent to the
+ server side, so this is not the final exit status for the whole transfer.
+ .IP o
+! \fBRSYNC_RAW_STATUS\fP: (post-xfer only) the raw exit value from
+ \f(CWwaitpid()\fP
+ \&.
+ .RE
+--- 689,717 ----
+ .IP o
+ \fBRSYNC_MODULE_PATH\fP: The path configured for the module.
+ .IP o
+! \fBRSYNC_HOST_ADDR\fP: The accessing host\(cq\&s IP address.
+ .IP o
+! \fBRSYNC_HOST_NAME\fP: The accessing host\(cq\&s name.
+ .IP o
+! \fBRSYNC_USER_NAME\fP: The accessing user\(cq\&s name (empty if no user).
+ .IP o
+ \fBRSYNC_PID\fP: A unique number for this transfer.
+ .IP o
+! \fBRSYNC_REQUEST\fP: (pre\-xfer only) The module/path info specified
+ by the user (note that the user can specify multiple source files,
+! so the request can be something like \(dq\&mod/path1 mod/path2\(dq\&, etc.).
+ .IP o
+! \fBRSYNC_ARG#\fP: (pre\-xfer only) The pre\-request arguments are set
+! in these numbered values. RSYNC_ARG0 is always \(dq\&rsyncd\(dq\&, and the last
+ value contains a single period.
+ .IP o
+! \fBRSYNC_EXIT_STATUS\fP: (post\-xfer only) the server side\(cq\&s exit value.
+ This will be 0 for a successful run, a positive value for an error that the
+ server generated, or a \-1 if rsync failed to exit properly. Note that an
+ error that occurs on the client side does not currently get sent to the
+ server side, so this is not the final exit status for the whole transfer.
+ .IP o
+! \fBRSYNC_RAW_STATUS\fP: (post\-xfer only) the raw exit value from
+ \f(CWwaitpid()\fP
+ \&.
+ .RE
+***************
+*** 719,725 ****
+ .IP
+ Even though the commands can be associated with a particular module, they
+ are run using the permissions of the user that started the daemon (not the
+! module's uid/gid setting) without any chroot restrictions.
+ .IP
+ .SH "AUTHENTICATION STRENGTH"
+
+--- 719,725 ----
+ .IP
+ Even though the commands can be associated with a particular module, they
+ are run using the permissions of the user that started the daemon (not the
+! module\(cq\&s uid/gid setting) without any chroot restrictions.
+ .IP
+ .SH "AUTHENTICATION STRENGTH"
+
+***************
+*** 726,733 ****
+ .PP
+ The authentication protocol used in rsync is a 128 bit MD4 based
+ challenge response system. This is fairly weak protection, though (with
+! at least one brute-force hash-finding algorithm publicly available), so
+! if you want really top-quality security, then I recommend that you run
+ rsync over ssh. (Yes, a future version of rsync will switch over to a
+ stronger hashing method.)
+ .PP
+--- 726,733 ----
+ .PP
+ The authentication protocol used in rsync is a 128 bit MD4 based
+ challenge response system. This is fairly weak protection, though (with
+! at least one brute\-force hash\-finding algorithm publicly available), so
+! if you want really top\-quality security, then I recommend that you run
+ rsync over ssh. (Yes, a future version of rsync will switch over to a
+ stronger hashing method.)
+ .PP
+***************
+*** 822,828 ****
+ .SH "VERSION"
+
+ .PP
+! This man page is current for version 3.0.6 of rsync.
+ .PP
+ .SH "CREDITS"
+
+--- 822,828 ----
+ .SH "VERSION"
+
+ .PP
+! This man page is current for version 3.0.8 of rsync.
+ .PP
+ .SH "CREDITS"
+
+***************
+*** 838,844 ****
+ .PP
+ We would be delighted to hear from you if you like this program.
+ .PP
+! This program uses the zlib compression library written by Jean-loup
+ Gailly and Mark Adler.
+ .PP
+ .SH "THANKS"
+--- 838,844 ----
+ .PP
+ We would be delighted to hear from you if you like this program.
+ .PP
+! This program uses the zlib compression library written by Jean\-loup
+ Gailly and Mark Adler.
+ .PP
+ .SH "THANKS"