Commit | Line | Data |
---|---|---|
46ef7d1d | 1 | -*- indented-text -*- |
a0365806 | 2 | |
46ef7d1d MP |
3 | URGENT --------------------------------------------------------------- |
4 | ||
33d213bb MP |
5 | |
6 | IMPORTANT ------------------------------------------------------------ | |
7 | ||
33d213bb | 8 | |
a2d2e5c0 MP |
9 | use chroot |
10 | ||
11 | If the platform doesn't support it, then don't even try. | |
12 | ||
13 | If running as non-root, then don't fail, just give a warning. | |
14 | (There was a thread about this a while ago?) | |
15 | ||
16 | http://lists.samba.org/pipermail/rsync/2001-August/thread.html | |
17 | http://lists.samba.org/pipermail/rsync/2001-September/thread.html | |
18 | ||
19 | --files-from | |
20 | ||
21 | Avoids traversal. Better option than a pile of --include statements | |
22 | for people who want to generate the file list using a find(1) | |
23 | command or a script. | |
24 | ||
8f4455f2 MP |
25 | File list structure in memory |
26 | ||
27 | Rather than one big array, perhaps have a tree in memory mirroring | |
28 | the directory tree. | |
29 | ||
30 | This might make sorting much faster! (I'm not sure it's a big CPU | |
31 | problem, mind you.) | |
32 | ||
33 | It might also reduce memory use in storing repeated directory names | |
34 | -- again I'm not sure this is a problem. | |
0e5a1f83 | 35 | |
a2d2e5c0 MP |
36 | Performance |
37 | ||
38 | Traverse just one directory at a time. Tridge says it's possible. | |
a6a3c3df MP |
39 | |
40 | At the moment rsync reads the whole file list into memory at the | |
41 | start, which makes us use a lot of memory and also not pipeline | |
42 | network access as much as we could. | |
43 | ||
0e5a1f83 MP |
44 | |
45 | Handling duplicate names | |
46 | ||
b3e6c815 | 47 | We need to be careful of duplicate names getting into the file list. |
d2e9d069 MP |
48 | See clean_flist(). This could happen if multiple arguments include |
49 | the same file. Bad. | |
b3e6c815 MP |
50 | |
51 | I think duplicates are only a problem if they're both flowing | |
52 | through the pipeline at the same time. For example we might have | |
53 | updated the first occurrence after reading the checksums for the | |
54 | second. So possibly we just need to make sure that we don't have | |
55 | both in the pipeline at the same time. | |
56 | ||
57 | Possibly if we did one directory at a time that would be sufficient. | |
58 | ||
59 | Alternatively we could pre-process the arguments to make sure no | |
58379559 MP |
60 | duplicates will ever be inserted. There could be some bad cases |
61 | when we're collapsing symlinks. | |
b3e6c815 MP |
62 | |
63 | We could have a hash table. | |
64 | ||
d2e9d069 MP |
65 | The root of the problem is that we do not want more than one file |
66 | list entry referring to the same file. At first glance there are | |
67 | several ways this could happen: symlinks, hardlinks, and repeated | |
68 | names on the command line. | |
69 | ||
70 | If names are repeated on the command line, they may be present in | |
71 | different forms, perhaps by traversing directory paths in different | |
72 | ways, traversing paths including symlinks. Also we need to allow | |
73 | for expansion of globs by rsync. | |
74 | ||
75 | At the moment, clean_flist() requires having the entire file list in | |
76 | memory. Duplicate names are detected just by a string comparison. | |
77 | ||
78 | We don't need to worry about hard links causing duplicates because | |
79 | files are never updated in place. Similarly for symlinks. | |
80 | ||
81 | I think even if we're using a different symlink mode we don't need | |
82 | to worry. | |
83 | ||
0e5a1f83 MP |
84 | Unless we're really clever this will introduce a protocol |
85 | incompatibility, so we need to be able to accept the old format as | |
86 | well. | |
87 | ||
88 | ||
a6a3c3df MP |
89 | Memory accounting |
90 | ||
91 | At exit, show how much memory was used for the file list, etc. | |
92 | ||
b3e6c815 MP |
93 | Also we do a wierd exponential-growth allocation in flist.c. I'm |
94 | not sure this makes sense with modern mallocs. At any rate it will | |
95 | make us allocate a huge amount of memory for large file lists. | |
96 | ||
0e5a1f83 | 97 | |
a6a3c3df MP |
98 | Hard-link handling |
99 | ||
100 | At the moment hardlink handling is very expensive, so it's off by | |
101 | default. It does not need to be so. | |
102 | ||
0e5a1f83 MP |
103 | Since most of the solutions are rather intertwined with the file |
104 | list it is probably better to fix that first, although fixing | |
105 | hardlinks is possibly simpler. | |
106 | ||
a6a3c3df MP |
107 | We can rule out hardlinked directories since they will probably |
108 | screw us up in all kinds of ways. They simply should not be used. | |
109 | ||
110 | At the moment rsync only cares about hardlinks to regular files. I | |
111 | guess you could also use them for sockets, devices and other beasts, | |
112 | but I have not seen them. | |
113 | ||
114 | When trying to reproduce hard links, we only need to worry about | |
115 | files that have more than one name (nlinks>1 && !S_ISDIR). | |
116 | ||
117 | The basic point of this is to discover alternate names that refer to | |
118 | the same file. All operations, including creating the file and | |
119 | writing modifications to it need only to be done for the first name. | |
120 | For all later names, we just create the link and then leave it | |
121 | alone. | |
122 | ||
123 | If hard links are to be preserved: | |
124 | ||
125 | Before the generator/receiver fork, the list of files is received | |
126 | from the sender (recv_file_list), and a table for detecting hard | |
127 | links is built. | |
128 | ||
129 | The generator looks for hard links within the file list and does | |
130 | not send checksums for them, though it does send other metadata. | |
131 | ||
132 | The sender sends the device number and inode with file entries, so | |
133 | that files are uniquely identified. | |
134 | ||
135 | The receiver goes through and creates hard links (do_hard_links) | |
136 | after all data has been written, but before directory permissions | |
137 | are set. | |
138 | ||
139 | At the moment device and inum are sent as 4-byte integers, which | |
140 | will probably cause problems on large filesystems. On Linux the | |
141 | kernel uses 64-bit ino_t's internally, and people will soon have | |
142 | filesystems big enough to use them. We ought to follow NFS4 in | |
143 | using 64-bit device and inode identification, perhaps with a | |
144 | protocol version bump. | |
145 | ||
146 | Once we've seen all the names for a particular file, we no longer | |
147 | need to think about it and we can deallocate the memory. | |
148 | ||
149 | We can also have the case where there are links to a file that are | |
150 | not in the tree being transferred. There's nothing we can do about | |
151 | that. Because we rename the destination into place after writing, | |
152 | any hardlinks to the old file are always going to be orphaned. In | |
153 | fact that is almost necessary because otherwise we'd get really | |
154 | confused if we were generating checksums for one name of a file and | |
155 | modifying another. | |
156 | ||
157 | At the moment the code seems to make a whole second copy of the file | |
158 | list, which seems unnecessary. | |
159 | ||
160 | We should have a test case that exercises hard links. Since it | |
161 | might be hard to compare ./tls output where the inodes change we | |
162 | might need a little program to check whether several names refer to | |
163 | the same file. | |
a2d2e5c0 MP |
164 | |
165 | IPv6 | |
166 | ||
c33e3e39 MP |
167 | Implement suggestions from http://www.kame.net/newsletter/19980604/ |
168 | and ftp://ftp.iij.ad.jp/pub/RFC/rfc2553.txt | |
169 | ||
170 | If a host has multiple addresses, then listen try to connect to all | |
171 | in order until we get through. (getaddrinfo may return multiple | |
c10b0bdd | 172 | addresses.) This is kind of implemented already. |
c33e3e39 MP |
173 | |
174 | Possibly also when starting as a server we may need to listen on | |
175 | multiple passive addresses. This might be a bit harder, because we | |
176 | may need to select on all of them. Hm. | |
177 | ||
a2d2e5c0 MP |
178 | Define a syntax for IPv6 literal addresses. Since they include |
179 | colons, they tend to break most naming systems, including ours. | |
180 | Based on the HTTP IPv6 syntax, I think we should use | |
181 | ||
182 | rsync://[::1]/foo/bar | |
183 | [::1]::bar | |
184 | ||
185 | which should just take a small change to the parser code. | |
186 | ||
5aafd07b MP |
187 | Errors |
188 | ||
189 | If we hang or get SIGINT, then explain where we were up to. Perhaps | |
190 | have a static buffer that contains the current function name, or | |
191 | some kind of description of what we were trying to do. This is a | |
192 | little easier on people than needing to run strace/truss. | |
193 | ||
194 | "The dungeon collapses! You are killed." Rather than "unexpected | |
195 | eof" give a message that is more detailed if possible and also more | |
196 | helpful. | |
197 | ||
89b0a3d9 MP |
198 | If we get an error writing to a socket, then we should perhaps |
199 | continue trying to read to see if an error message comes across | |
200 | explaining why the socket is closed. I'm not sure if this would | |
201 | work, but it would certainly make our messages more helpful. | |
202 | ||
5575de14 MP |
203 | File attributes |
204 | ||
205 | Device major/minor numbers should be at least 32 bits each. See | |
206 | http://lists.samba.org/pipermail/rsync/2001-November/005357.html | |
207 | ||
208 | Transfer ACLs. Need to think of a standard representation. | |
209 | Probably better not to even try to convert between NT and POSIX. | |
210 | Possibly can share some code with Samba. | |
5aafd07b | 211 | |
28a69e25 MP |
212 | Empty directories |
213 | ||
214 | With the current common --include '*/' --exclude '*' pattern, people | |
215 | can end up with many empty directories. We might avoid this by | |
216 | lazily creating such directories. | |
217 | ||
c6e27b60 | 218 | |
28a69e25 MP |
219 | zlib |
220 | ||
c6e27b60 MP |
221 | Perhaps don't use our own zlib. |
222 | ||
223 | Advantages: | |
224 | ||
225 | - will automatically be up to date with bugfixes in zlib | |
226 | ||
227 | - can leave it out for small rsync on e.g. recovery disks | |
228 | ||
229 | - can use a shared library | |
230 | ||
231 | - avoids people breaking rsync by trying to do this themselves and | |
232 | messing up | |
233 | ||
234 | Should we ship zlib for systems that don't have it, or require | |
235 | people to install it separately? | |
236 | ||
237 | Apparently this will make us incompatible with versions of rsync | |
238 | that use the patched version of rsync. Probably the simplest way to | |
239 | do this is to just disable gzip (with a warning) when talking to old | |
240 | versions. | |
241 | ||
28a69e25 MP |
242 | |
243 | logging | |
244 | ||
245 | Perhaps flush stdout after each filename, so that people trying to | |
246 | monitor progress in a log file can do so more easily. See | |
247 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=48108 | |
248 | ||
430d841a MP |
249 | At the connections that just get a list of modules are not logged, |
250 | but they should be. | |
251 | ||
db1babe6 MP |
252 | If a child of the rsync daemon dies with a signal, we should notice |
253 | that when we reap it and log a message. | |
254 | ||
a5c48193 MP |
255 | Keep stderr and stdout properly separated (Debian #23626) |
256 | ||
db1babe6 | 257 | |
7c583c73 MP |
258 | rsyncd over ssh |
259 | ||
260 | There are already some patches to do this. | |
261 | ||
92325ada MP |
262 | proxy authentication |
263 | ||
264 | Allow RSYNC_PROXY to be http://user:pass@proxy.foo:3128/, and do | |
265 | HTTP Basic Proxy-Authentication. | |
266 | ||
267 | Multiple schemes are possible, up to and including the insanity that | |
268 | is NTLM, but Basic probably covers most cases. | |
269 | ||
270 | SOCKS | |
271 | ||
272 | Add --with-socks, and then perhaps a command-line option to put them | |
273 | on or off. This might be more reliable than LD_PRELOAD hacks. | |
274 | ||
27741d9f MP |
275 | Better statistics: |
276 | ||
277 | <Rasmus> mbp: hey, how about an rsync option that just gives you the | |
278 | summary without the list of files? And perhaps gives more | |
279 | information like the number of new files, number of changed, | |
280 | deleted, etc. ? | |
281 | <mbp> Rasmus: nice idea | |
282 | <mbp> there is --stats | |
283 | <mbp> but at the moment it's very tridge-oriented | |
284 | <mbp> rather than user-friendly | |
285 | <mbp> it would be nice to improve it | |
286 | <mbp> that would also work well with --dryrun | |
287 | ||
e53fe9a2 MP |
288 | TDB: |
289 | ||
290 | Rather than storing the file list in memory, store it in a TDB. | |
291 | ||
292 | This *might* make memory usage lower while building the file list. | |
293 | ||
294 | Hashtable lookup will mean files are not transmitted in order, | |
295 | though... hm. | |
296 | ||
297 | This would neatly eliminate one of the major post-fork shared data | |
298 | structures. | |
299 | ||
300 | ||
97e1254a MP |
301 | chmod: |
302 | ||
303 | On 12 Mar 2002, Dave Dykstra <dwd@bell-labs.com> wrote: | |
304 | > If we would add an option to do that functionality, I would vote for one | |
305 | > that was more general which could mask off any set of permission bits and | |
306 | > possibly add any set of bits. Perhaps a chmod-like syntax if it could be | |
307 | > implemented simply. | |
308 | ||
309 | I think that would be good too. For example, people uploading files | |
310 | to a web server might like to say | |
311 | ||
312 | rsync -avzP --chmod a+rX ./ sourcefrog.net:/home/www/sourcefrog/ | |
313 | ||
314 | Ideally the patch would implement as many of the gnu chmod semantics | |
315 | as possible. I think the mode parser should be a separate function | |
316 | that passes back something like (mask,set) description to the rest of | |
317 | the program. For bonus points there would be a test case for the | |
318 | parser. | |
319 | ||
36692011 MP |
320 | (Debian #23628) |
321 | ||
97e1254a | 322 | |
3c1edccb MP |
323 | --diff |
324 | ||
325 | Allow people to specify the diff command. (Might want to use wdiff, | |
326 | gnudiff, etc.) | |
327 | ||
328 | Just diff the temporary file with the destination file, and delete | |
329 | the tmp file rather than moving it into place. | |
330 | ||
331 | Interaction with --partial. | |
332 | ||
333 | Security interactions with daemon mode? | |
334 | ||
335 | (Suggestion from david.e.sewell) | |
336 | ||
337 | ||
a2d2e5c0 MP |
338 | PLATFORMS ------------------------------------------------------------ |
339 | ||
340 | Win32 | |
341 | ||
342 | Don't detach, because this messes up --srvany. | |
343 | ||
344 | http://sources.redhat.com/ml/cygwin/2001-08/msg00234.html | |
345 | ||
346 | According to "Effective TCP/IP Programming" (??) close() on a socket | |
347 | has incorrect behaviour on Windows -- it sends a RST packet to the | |
348 | other side, which gives a "connection reset by peer" error. On that | |
349 | platform we should probably do shutdown() instead. However, on Unix | |
350 | we are correct to call close(), because shutdown() discards | |
351 | untransmitted data. | |
352 | ||
0e23e41d MP |
353 | DEVELOPMENT ---------------------------------------------------------- |
354 | ||
355 | Splint | |
356 | ||
357 | Build rsync with SPLINT to try to find security holes. Add | |
358 | annotations as necessary. Keep track of the number of warnings | |
359 | found initially, and see how many of them are real bugs, or real | |
360 | security bugs. Knowing the percentage of likely hits would be | |
361 | really interesting for other projects. | |
362 | ||
f5a95bb5 MP |
363 | Torture test |
364 | ||
365 | Something that just keeps running rsync continuously over a data set | |
366 | likely to generate problems. | |
367 | ||
368 | Cross-testing | |
369 | ||
370 | Run current rsync versions against significant past releases. | |
371 | ||
43a4dc10 MP |
372 | Memory debugger |
373 | ||
3a79260d | 374 | jra recommends Valgrind: |
43a4dc10 MP |
375 | |
376 | http://devel-home.kde.org/~sewardj/ | |
377 | ||
e9c4c301 MP |
378 | TESTING -------------------------------------------------------------- |
379 | ||
380 | Cross-test versions | |
381 | ||
382 | Part of the regression suite should be making sure that we don't | |
383 | break backwards compatibility: old clients vs new servers and so | |
384 | on. Ideally we would test the cross product of versions. | |
385 | ||
386 | It might be sufficient to test downloads from well-known public | |
387 | rsync servers running different versions of rsync. This will give | |
388 | some testing and also be the most common case for having different | |
389 | versions and not being able to upgrade. | |
390 | ||
391 | Test large files | |
392 | ||
393 | Sparse and non-sparse | |
394 | ||
395 | Mutator program | |
396 | ||
397 | Insert bytes, delete bytes, swap blocks, ... | |
398 | ||
399 | configure option to enable dangerous tests | |
400 | ||
401 | If tests are skipped, say why. | |
402 | ||
b73b51a9 MP |
403 | Test daemon feature to disallow particular options. |
404 | ||
e9c4c301 | 405 | |
7c583c73 MP |
406 | DOCUMENTATION -------------------------------------------------------- |
407 | ||
408 | Update README | |
409 | ||
b73b51a9 MP |
410 | Keep list of open issues and todos on the web site |
411 | ||
412 | Update web site from CVS | |
413 | ||
a2d2e5c0 MP |
414 | BUILD FARM ----------------------------------------------------------- |
415 | ||
416 | Add machines | |
417 | ||
418 | AMDAHL UTS (Dave Dykstra) | |
419 | ||
420 | Cygwin (on different versions of Win32?) | |
421 | ||
422 | HP-UX variants (via HP?) | |
33d213bb | 423 | |
5aafd07b MP |
424 | SCO |
425 | ||
46ef7d1d MP |
426 | NICE ----------------------------------------------------------------- |
427 | ||
a2d2e5c0 MP |
428 | --no-detach and --no-fork options |
429 | ||
430 | Very useful for debugging. Also good when running under a | |
431 | daemon-monitoring process that tries to restart the service when the | |
432 | parent exits. | |
433 | ||
434 | hang/timeout friendliness | |
435 | ||
50f2f002 MP |
436 | verbose output |
437 | ||
438 | Indicate whether files are new, updated, or deleted | |
439 | ||
d834adc1 MP |
440 | At end of transfer, show how many files were or were not transferred |
441 | correctly. | |
442 | ||
a2d2e5c0 MP |
443 | internationalization |
444 | ||
445 | Change to using gettext(). Probably need to ship this for platforms | |
446 | that don't have it. | |
447 | ||
448 | Solicit translations. | |
449 | ||
450 | Does anyone care? | |
451 | ||
46ef7d1d MP |
452 | rsyncsh |
453 | ||
454 | Write a small emulation of interactive ftp as a Pythonn program | |
455 | that calls rsync. Commands such as "cd", "ls", "ls *.c" etc map | |
456 | fairly directly into rsync commands: it just needs to remember the | |
457 | current host, directory and so on. We can probably even do | |
458 | completion of remote filenames. |