--- a/components/rsync/patches/rsyncd.conf.5.patch Tue Jun 18 11:33:50 2013 -0700
+++ b/components/rsync/patches/rsyncd.conf.5.patch Tue Jun 18 13:15:45 2013 -0700
@@ -1,11 +1,13 @@
---- rsync-3.0.8/rsyncd.conf.5.~1~ Sat Mar 26 14:37:52 2011
-+++ rsync-3.0.8/rsyncd.conf.5 Mon Jun 13 22:07:54 2011
-@@ -1,4 +1,4 @@
--.TH "rsyncd.conf" "5" "26 Mar 2011" "" ""
-+.TH "rsyncd.conf" "5" "8 May 2009" "" ""
+--- rsync-3.0.9/rsyncd.conf.5.orig 2011-09-23 09:35:55.000000000 -0700
++++ rsync-3.0.9/rsyncd.conf.5 2013-04-19 14:14:00.357311299 -0700
+@@ -1,6 +1,6 @@
+ .TH "rsyncd.conf" "5" "23 Sep 2011" "" ""
.SH "NAME"
- rsyncd.conf \(em configuration file for rsync in daemon mode
+-rsyncd.conf \- configuration file for rsync in daemon mode
++rsyncd.conf \(em configuration file for rsync in daemon mode
.SH "SYNOPSIS"
+
+ .PP
@@ -20,9 +20,9 @@
.PP
The file consists of modules and parameters. A module begins with the
@@ -88,7 +90,7 @@
.IP
.SH "MODULE PARAMETERS"
-@@ -139,44 +139,44 @@
+@@ -139,50 +139,50 @@
of available modules. The default is no comment.
.IP
.IP "\fBpath\fP"
@@ -97,6 +99,13 @@
filesystem to make available in this module. You must specify this parameter
for each module in \f(CWrsyncd.conf\fP.
.IP
+ It is fine if the path includes internal spaces \-\- they will be retained
+-verbatim (which means that you shouldn\(cq\&t try to escape them). If your final
++verbatim (which means that you shouldn't try to escape them). If your final
+ directory has a trailing space (and this is somehow not something you wish to
+ fix), append a trailing slash to the path to avoid losing the trailing
+ whitespace.
+ .IP
.IP "\fBuse chroot\fP"
-If \(dq\&use chroot\(dq\& is true, the rsync daemon will chroot
-to the \(dq\&path\(dq\& before starting the file transfer with the client. This has
@@ -134,9 +143,10 @@
+default for security reasons (see \(lqmunge symlinks\(rq for a way to turn this
off, but only if you trust your users), (2) substitute leading slashes in
-absolute paths with the module\(cq\&s path (so that options such as
+-\fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as
+-rooted in the module\(cq\&s \(dq\&path\(dq\& dir), and (3) trim \(dq\&..\(dq\& path elements from
+absolute paths with the module's path (so that options such as
- \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc. interpret an absolute path as
--rooted in the module\(cq\&s \(dq\&path\(dq\& dir), and (3) trim \(dq\&..\(dq\& path elements from
++\fB\-\-backup\-dir\fP, \fB\-\-compare-dest\fP, etc. interpret an absolute path as
+rooted in the module's \(lqpath\(rq dir), and (3) trim \(lq..\(rq path elements from
args if rsync believes they would escape the module hierarchy.
-The default for \(dq\&use chroot\(dq\& is true, and is the safer choice (especially
@@ -151,7 +161,7 @@
use the standard library functions for looking up names and IDs (i.e.
\f(CWgetpwuid()\fP
,
-@@ -191,12 +191,12 @@
+@@ -197,12 +197,12 @@
used by these library functions (traditionally /etc/passwd and
/etc/group, but perhaps additional dynamic libraries as well).
.IP
@@ -169,7 +179,7 @@
.IP
Note also that you are free to setup custom user/group information in the
chroot area that is different from your normal system. For example, you
-@@ -205,12 +205,12 @@
+@@ -211,12 +211,12 @@
.IP "\fBnumeric ids\fP"
Enabling this parameter disables the mapping
of users and groups by name for the current daemon module. This prevents
@@ -186,7 +196,7 @@
taken steps to ensure that the module has the necessary resources it needs
to translate names, and that it is not possible for a user to change those
resources.
-@@ -219,52 +219,52 @@
+@@ -225,52 +225,52 @@
This parameter tells rsync to modify
all incoming symlinks in a way that makes them unusable but recoverable
(see below). This should help protect your files from user trickery when
@@ -263,7 +273,7 @@
that this will restrict access to your module to very new rsync clients.
.IP
.IP "\fBmax connections\fP"
-@@ -273,21 +273,21 @@
+@@ -279,21 +279,21 @@
Any clients connecting when the maximum has been reached will receive a
message telling them to try later. The default is 0, which means no limit.
A negative value disables the module.
@@ -290,7 +300,7 @@
.IP
If the daemon fails to open the specified file, it will fall back to
using syslog and output an error about the failure. (Note that the
-@@ -300,19 +300,19 @@
+@@ -306,34 +306,34 @@
defined on your system. Common names are auth, authpriv, cron, daemon,
ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0,
local1, local2, local3, local4, local5, local6 and local7. The default
@@ -314,7 +324,6 @@
locking on this file to ensure that the max connections limit is not
exceeded for the modules sharing the lock file.
The default is \f(CW/var/run/rsyncd.lock\fP.
-@@ -319,15 +319,15 @@
.IP
.IP "\fBread only\fP"
This parameter determines whether clients
@@ -334,7 +343,7 @@
will be possible if file permissions on the daemon side allow them. The
default is for this parameter to be disabled.
.IP
-@@ -340,19 +340,19 @@
+@@ -346,19 +346,19 @@
.IP "\fBuid\fP"
This parameter specifies the user name or user ID that
file transfers to and from that module should take place as when the daemon
@@ -356,11 +365,11 @@
-Setting \(dq\&fake super = yes\(dq\& for a module causes the
-daemon side to behave as if the \fB\-\-fake\-super\fP command\-line option had
+Setting \(lqfake super = yes\(rq for a module causes the
-+daemon side to behave as if the \fB\-\-fake\-user\fP command-line option had
++daemon side to behave as if the \fB\-\-fake\-super\fP command-line option had
been specified. This allows the full attributes of a file to be stored
without having to have the daemon actually running as root.
.IP
-@@ -360,7 +360,7 @@
+@@ -366,69 +366,69 @@
The daemon has its own filter chain that determines what files
it will let the client access. This chain is not sent to the client and is
independent of any filters the client may have specified. Files excluded by
@@ -369,7 +378,6 @@
if the client tries to pull them, are skipped with an error message if the
client tries to push them (triggering exit code 23), and are never deleted from
the module. You can use daemon filters to prevent clients from downloading or
-@@ -367,55 +367,55 @@
tampering with private administrative files, such as files you may add to
support uid/gid name translations.
.IP
@@ -388,9 +396,9 @@
-The \(dq\&filter\(dq\& parameter takes a space\-separated list of daemon filter rules,
+The \(lqfilter\(rq parameter takes a space-separated list of daemon filter rules,
though it is smart enough to know not to split a token at an internal space in
--a rule (e.g. \(dq\&\- /foo \(em /bar\(dq\& is parsed as two rules). You may specify one or
+-a rule (e.g. \(dq\&\- /foo \- /bar\(dq\& is parsed as two rules). You may specify one or
-more merge\-file rules using the normal syntax. Only one \(dq\&filter\(dq\& parameter can
-+a rule (e.g. \(lq\- /foo \(em /bar\(rq is parsed as two rules). You may specify one or
++a rule (e.g. \(lq- /foo \(em /bar\(rq is parsed as two rules). You may specify one or
+more merge-file rules using the normal syntax. Only one \(lqfilter\(rq parameter can
apply to a given module in the config file, so put all the rules you want in a
-single parameter. Note that per\-directory merge\-file rules do not provide as
@@ -449,7 +457,6 @@
client does not specify \fB\-\-perms\fP.
See the description of the \fB\-\-chmod\fP rsync option and the \fBchmod\fP(1)
manpage for information on the format of this string.
-@@ -422,7 +422,7 @@
.IP
.IP "\fBoutgoing chmod\fP"
This parameter allows you to specify a set of
@@ -458,7 +465,7 @@
outgoing files (files that are being sent out from the daemon). These
changes happen first, making the sent permissions appear to be different
than those stored in the filesystem itself. For instance, you could
-@@ -433,41 +433,41 @@
+@@ -439,41 +439,41 @@
.IP
.IP "\fBauth users\fP"
This parameter specifies a comma and
@@ -479,9 +486,9 @@
-See also the section entitled \(dq\&USING RSYNC\-DAEMON FEATURES VIA A REMOTE
-SHELL CONNECTION\(dq\& in \fBrsync\fP(1) for information on how handle an
-rsyncd.conf\-level username that differs from the remote\-shell\-level
-+See also the \(lqCONNECTING TO AN RSYNC DAEMON OVER A REMOTE SHELL
-+PROGRAM\(rq section in \fBrsync\fP(1) for information on how handle an
-+rsyncd.conf\-level username that differs from the remote-shell-level
++See also the section entitled \(lqUSING RSYNC-DAEMON FEATURES VIA A REMOTE
++SHELL CONNECTION\(rq in \fBrsync\fP(1) for information on how handle an
++rsyncd.conf-level username that differs from the remote-shell-level
username when using a remote shell to connect to an rsync daemon.
.IP
.IP "\fBsecrets file\fP"
@@ -514,7 +521,7 @@
false, the check is not performed. The default is true. This parameter
was added to accommodate rsync running on the Windows operating system.
.IP
-@@ -482,7 +482,7 @@
+@@ -488,7 +488,7 @@
.RS
.IP o
a dotted decimal IPv4 address of the form a.b.c.d, or an IPv6 address
@@ -523,7 +530,7 @@
must match exactly.
.IP o
an address/mask in the form ipaddr/n where ipaddr is the IP address
-@@ -504,7 +504,7 @@
+@@ -510,7 +510,7 @@
.RE
.IP
@@ -532,7 +539,7 @@
.IP
.RS
\f(CW fe80::1%link1\fP
-@@ -516,23 +516,23 @@
+@@ -522,23 +522,23 @@
.RE
.IP
@@ -563,7 +570,7 @@
.IP
.IP "\fBignore errors\fP"
This parameter tells rsyncd to
-@@ -546,32 +546,32 @@
+@@ -552,32 +552,32 @@
.IP "\fBignore nonreadable\fP"
This tells the rsync daemon to completely
ignore files that are not readable by the user. This is useful for
@@ -606,7 +613,7 @@
.IP
.RS
.IP o
-@@ -583,9 +583,9 @@
+@@ -589,9 +589,9 @@
.IP o
%c the total size of the block checksums received for the basis file (only when sending)
.IP o
@@ -618,7 +625,7 @@
.IP o
%h the remote host name
.IP o
-@@ -593,15 +593,15 @@
+@@ -599,15 +599,15 @@
.IP o
%l the length of the file in bytes
.IP o
@@ -638,7 +645,7 @@
.IP o
%p the process ID of this rsync session
.IP o
-@@ -615,7 +615,7 @@
+@@ -621,7 +621,7 @@
.RE
.IP
@@ -647,7 +654,7 @@
\fB\-\-itemize\-changes\fP option in the rsync manpage.
.IP
Note that some of the logged output changes when talking with older
-@@ -625,7 +625,7 @@
+@@ -631,17 +631,17 @@
.IP "\fBtimeout\fP"
This parameter allows you to override the
clients choice for I/O timeout for this module. Using this parameter you
@@ -656,7 +663,6 @@
is specified in seconds. A value of zero means no timeout and is the
default. A good choice for anonymous rsync daemons may be 600 (giving
a 10 minute timeout).
-@@ -632,10 +632,10 @@
.IP
.IP "\fBrefuse options\fP"
This parameter allows you to
@@ -670,17 +676,18 @@
For example, this would refuse \fB\-\-checksum\fP (\fB\-c\fP) and all the various
delete options:
.IP
-@@ -646,15 +646,15 @@
+@@ -652,15 +652,15 @@
.IP
The reason the above refuses all delete options is that the options imply
\fB\-\-delete\fP, and implied options are refused just like explicit options.
-As an additional safety feature, the refusal of \(dq\&delete\(dq\& also refuses
-\fBremove\-source\-files\fP when the daemon is the sender; if you want the latter
-without the former, instead refuse \(dq\&delete\-*\(dq\& \-\- that refuses all the
+-delete modes without affecting \fB\-\-remove\-source\-files\fP.
+As an additional safety feature, the refusal of \(lqdelete\(rq also refuses
+\fBremove-source-files\fP when the daemon is the sender; if you want the latter
-+without the former, instead refuse \(lqdelete\-*\(rq \(em that refuses all the
- delete modes without affecting \fB\-\-remove\-source\-files\fP.
++without the former, instead refuse \(lqdelete\-*\(rq \-\- that refuses all the
++delete modes without affecting \fB\-\-remove-source-files\fP.
.IP
When an option is refused, the daemon prints an error message and exits.
To prevent all compression when serving files,
@@ -691,7 +698,7 @@
client that requests compression.
.IP
.IP "\fBdont compress\fP"
-@@ -663,25 +663,25 @@
+@@ -669,25 +669,25 @@
when pulling files from the daemon (no analogous parameter exists to
govern the pushing of files to a daemon).
Compression is expensive in terms of CPU usage, so it
@@ -724,7 +731,7 @@
.IP
.RS
.IP o
-@@ -689,29 +689,29 @@
+@@ -695,29 +695,29 @@
.IP o
\fBRSYNC_MODULE_PATH\fP: The path configured for the module.
.IP o
@@ -763,7 +770,7 @@
\f(CWwaitpid()\fP
\&.
.RE
-@@ -719,7 +719,7 @@
+@@ -725,15 +725,15 @@
.IP
Even though the commands can be associated with a particular module, they
are run using the permissions of the user that started the daemon (not the
@@ -772,7 +779,6 @@
.IP
.SH "AUTHENTICATION STRENGTH"
-@@ -726,8 +726,8 @@
.PP
The authentication protocol used in rsync is a 128 bit MD4 based
challenge response system. This is fairly weak protection, though (with
@@ -783,16 +789,7 @@
rsync over ssh. (Yes, a future version of rsync will switch over to a
stronger hashing method.)
.PP
-@@ -822,7 +822,7 @@
- .SH "VERSION"
-
- .PP
--This man page is current for version 3.0.8 of rsync.
-+This man page is current for version 3.0.6 of rsync.
- .PP
- .SH "CREDITS"
-
-@@ -838,7 +838,7 @@
+@@ -844,7 +844,7 @@
.PP
We would be delighted to hear from you if you like this program.
.PP