3 BUGS ---------------------------------------------------------------
5 rsync-url barfs on upload
7 rsync foo rsync://localhost/transfer/
12 There seems to be a bug with hardlinks
14 mbp/2 build$ ls -l /tmp/a /tmp/b -i
17 2568307 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
18 2568307 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
19 2568307 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
20 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
21 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
22 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
23 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
24 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
28 2568309 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
29 2568309 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
30 2568309 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
31 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
32 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
33 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
34 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
35 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
36 mbp/2 build$ rm -r /tmp/b && ./rsync -avH /tmp/a/ /tmp/b
37 building file list ... done
38 created directory /tmp/b
44 wrote 350 bytes read 52 bytes 804.00 bytes/sec
45 total size is 232 speedup is 0.58
46 mbp/2 build$ rm -r /tmp/b
47 mbp/2 build$ ls -l /tmp/b
48 ls: /tmp/b: No such file or directory
49 mbp/2 build$ rm -r /tmp/b && ./rsync -avH /tmp/a/ /tmp/b
50 rm: cannot remove `/tmp/b': No such file or directory
51 mbp/2 build$ rm -f -r /tmp/b && ./rsync -avH /tmp/a/ /tmp/b
52 building file list ... done
53 created directory /tmp/b
59 wrote 350 bytes read 52 bytes 804.00 bytes/sec
60 total size is 232 speedup is 0.58
61 mbp/2 build$ ls -l /tmp/b
63 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
64 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
65 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
66 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
67 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
68 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
69 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
70 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
71 mbp/2 build$ ls -l /tmp/a
73 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
74 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
75 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
76 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
77 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
78 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
79 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
80 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
83 Progress indicator can produce corrupt output when transferring directories:
86 main/binary-arm/admin/
88 main/binary-arm/comm/8.56kB/s 0:00:52
89 main/binary-arm/devel/
91 main/binary-arm/editors/
92 main/binary-arm/electronics/s 0:00:53
93 main/binary-arm/games/
94 main/binary-arm/graphics/
95 main/binary-arm/hamradio/
96 main/binary-arm/interpreters/
97 main/binary-arm/libs/6.61kB/s 0:00:54
100 main/binary-arm/misc/
103 I don't think we handle this properly on systems that don't have the
107 Part of the regression suite should be making sure that we don't
108 break backwards compatibility: old clients vs new servers and so
109 on. Ideally we would test the cross product of versions.
111 It might be sufficient to test downloads from well-known public
112 rsync servers running different versions of rsync. This will give
113 some testing and also be the most common case for having different
114 versions and not being able to upgrade.
116 --no-blocking-io might be broken
118 in the same way as --no-whole-file; somebody needs to check.
121 DAEMON --------------------------------------------------------------
123 server-imposed bandwidth limits
127 There are already some patches to do this.
129 BitKeeper uses a server whose login shell is set to bkd. That's
130 probably a reasonable approach.
133 FEATURES ------------------------------------------------------------
136 --dry-run is insufficiently dry
138 Mark Santcroos points out that -n fails to list files which have
139 only metadata changes, though it probably should.
141 There may be a Debian bug about this as well.
146 If the platform doesn't support it, then don't even try.
148 If running as non-root, then don't fail, just give a warning.
149 (There was a thread about this a while ago?)
151 http://lists.samba.org/pipermail/rsync/2001-August/thread.html
152 http://lists.samba.org/pipermail/rsync/2001-September/thread.html
157 Avoids traversal. Better option than a pile of --include statements
158 for people who want to generate the file list using a find(1)
164 Perhaps allow supplementary groups to be specified in rsyncd.conf;
165 then make the first one the primary gid and all the rest be
169 File list structure in memory
171 Rather than one big array, perhaps have a tree in memory mirroring
174 This might make sorting much faster! (I'm not sure it's a big CPU
177 It might also reduce memory use in storing repeated directory names
178 -- again I'm not sure this is a problem.
182 Traverse just one directory at a time. Tridge says it's possible.
184 At the moment rsync reads the whole file list into memory at the
185 start, which makes us use a lot of memory and also not pipeline
186 network access as much as we could.
189 Handling duplicate names
191 We need to be careful of duplicate names getting into the file list.
192 See clean_flist(). This could happen if multiple arguments include
195 I think duplicates are only a problem if they're both flowing
196 through the pipeline at the same time. For example we might have
197 updated the first occurrence after reading the checksums for the
198 second. So possibly we just need to make sure that we don't have
199 both in the pipeline at the same time.
201 Possibly if we did one directory at a time that would be sufficient.
203 Alternatively we could pre-process the arguments to make sure no
204 duplicates will ever be inserted. There could be some bad cases
205 when we're collapsing symlinks.
207 We could have a hash table.
209 The root of the problem is that we do not want more than one file
210 list entry referring to the same file. At first glance there are
211 several ways this could happen: symlinks, hardlinks, and repeated
212 names on the command line.
214 If names are repeated on the command line, they may be present in
215 different forms, perhaps by traversing directory paths in different
216 ways, traversing paths including symlinks. Also we need to allow
217 for expansion of globs by rsync.
219 At the moment, clean_flist() requires having the entire file list in
220 memory. Duplicate names are detected just by a string comparison.
222 We don't need to worry about hard links causing duplicates because
223 files are never updated in place. Similarly for symlinks.
225 I think even if we're using a different symlink mode we don't need
228 Unless we're really clever this will introduce a protocol
229 incompatibility, so we need to be able to accept the old format as
235 At exit, show how much memory was used for the file list, etc.
237 Also we do a wierd exponential-growth allocation in flist.c. I'm
238 not sure this makes sense with modern mallocs. At any rate it will
239 make us allocate a huge amount of memory for large file lists.
244 At the moment hardlink handling is very expensive, so it's off by
245 default. It does not need to be so.
247 Since most of the solutions are rather intertwined with the file
248 list it is probably better to fix that first, although fixing
249 hardlinks is possibly simpler.
251 We can rule out hardlinked directories since they will probably
252 screw us up in all kinds of ways. They simply should not be used.
254 At the moment rsync only cares about hardlinks to regular files. I
255 guess you could also use them for sockets, devices and other beasts,
256 but I have not seen them.
258 When trying to reproduce hard links, we only need to worry about
259 files that have more than one name (nlinks>1 && !S_ISDIR).
261 The basic point of this is to discover alternate names that refer to
262 the same file. All operations, including creating the file and
263 writing modifications to it need only to be done for the first name.
264 For all later names, we just create the link and then leave it
267 If hard links are to be preserved:
269 Before the generator/receiver fork, the list of files is received
270 from the sender (recv_file_list), and a table for detecting hard
273 The generator looks for hard links within the file list and does
274 not send checksums for them, though it does send other metadata.
276 The sender sends the device number and inode with file entries, so
277 that files are uniquely identified.
279 The receiver goes through and creates hard links (do_hard_links)
280 after all data has been written, but before directory permissions
283 At the moment device and inum are sent as 4-byte integers, which
284 will probably cause problems on large filesystems. On Linux the
285 kernel uses 64-bit ino_t's internally, and people will soon have
286 filesystems big enough to use them. We ought to follow NFS4 in
287 using 64-bit device and inode identification, perhaps with a
288 protocol version bump.
290 Once we've seen all the names for a particular file, we no longer
291 need to think about it and we can deallocate the memory.
293 We can also have the case where there are links to a file that are
294 not in the tree being transferred. There's nothing we can do about
295 that. Because we rename the destination into place after writing,
296 any hardlinks to the old file are always going to be orphaned. In
297 fact that is almost necessary because otherwise we'd get really
298 confused if we were generating checksums for one name of a file and
301 At the moment the code seems to make a whole second copy of the file
302 list, which seems unnecessary.
304 We should have a test case that exercises hard links. Since it
305 might be hard to compare ./tls output where the inodes change we
306 might need a little program to check whether several names refer to
311 Put back the old socket code; if on a machine that does not properly
312 support the getaddrinfo API, then use it. This is probably much
313 simpler than reimplementing it. This might get us working again on
314 RedHat 5 and similar systems. Although the Kame patch seems like a
315 good idea, in fact it is a much broader interface than the
316 relatively narrow "open by name", "accept and log" interface that
317 rsync uses internally, and it has the disadvantage of clashing with
318 half-arsed implementations of the API.
320 Implement suggestions from http://www.kame.net/newsletter/19980604/
321 and ftp://ftp.iij.ad.jp/pub/RFC/rfc2553.txt
323 If a host has multiple addresses, then listen try to connect to all
324 in order until we get through. (getaddrinfo may return multiple
325 addresses.) This is kind of implemented already.
327 Possibly also when starting as a server we may need to listen on
328 multiple passive addresses. This might be a bit harder, because we
329 may need to select on all of them. Hm.
331 Define a syntax for IPv6 literal addresses. Since they include
332 colons, they tend to break most naming systems, including ours.
333 Based on the HTTP IPv6 syntax, I think we should use
335 rsync://[::1]/foo/bar
338 which should just take a small change to the parser code.
343 If we hang or get SIGINT, then explain where we were up to. Perhaps
344 have a static buffer that contains the current function name, or
345 some kind of description of what we were trying to do. This is a
346 little easier on people than needing to run strace/truss.
348 "The dungeon collapses! You are killed." Rather than "unexpected
349 eof" give a message that is more detailed if possible and also more
352 If we get an error writing to a socket, then we should perhaps
353 continue trying to read to see if an error message comes across
354 explaining why the socket is closed. I'm not sure if this would
355 work, but it would certainly make our messages more helpful.
357 What happens if a directory is missing -x attributes. Do we lose
358 our load? (Debian #28416) Probably fixed now, but a test case
364 Device major/minor numbers should be at least 32 bits each. See
365 http://lists.samba.org/pipermail/rsync/2001-November/005357.html
367 Transfer ACLs. Need to think of a standard representation.
368 Probably better not to even try to convert between NT and POSIX.
369 Possibly can share some code with Samba.
373 With the current common --include '*/' --exclude '*' pattern, people
374 can end up with many empty directories. We might avoid this by
375 lazily creating such directories.
380 Perhaps don't use our own zlib.
384 - will automatically be up to date with bugfixes in zlib
386 - can leave it out for small rsync on e.g. recovery disks
388 - can use a shared library
390 - avoids people breaking rsync by trying to do this themselves and
393 Should we ship zlib for systems that don't have it, or require
394 people to install it separately?
396 Apparently this will make us incompatible with versions of rsync
397 that use the patched version of rsync. Probably the simplest way to
398 do this is to just disable gzip (with a warning) when talking to old
404 Perhaps flush stdout after each filename, so that people trying to
405 monitor progress in a log file can do so more easily. See
406 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=48108
408 At the connections that just get a list of modules are not logged,
411 If a child of the rsync daemon dies with a signal, we should notice
412 that when we reap it and log a message.
414 Keep stderr and stdout properly separated (Debian #23626)
416 After we get the @RSYNCD greeting from the server, we know it's
417 version but we have not yet sent the command line, so we could just
418 remove the -z option if the server is too old.
420 For ssh invocation it's not so simple, because we actually use the
421 command line to start the remote process. However, we only actually
422 do compression in token.c, and we could therefore once we discover
423 the remote version emit an error if it's too old. I'm not sure if
424 that's a good tradeoff or not.
429 There are already some patches to do this.
433 Allow RSYNC_PROXY to be http://user:pass@proxy.foo:3128/, and do
434 HTTP Basic Proxy-Authentication.
436 Multiple schemes are possible, up to and including the insanity that
437 is NTLM, but Basic probably covers most cases.
441 Add --with-socks, and then perhaps a command-line option to put them
442 on or off. This might be more reliable than LD_PRELOAD hacks.
446 rsync to a FAT partition on a Unix machine doesn't work very well
447 at the moment. I think we get errors about invalid filenames and
448 perhaps also trying to do atomic renames.
450 I guess the code to do this is currently #ifdef'd on Windows; perhaps
451 we ought to intelligently fall back to it on Unix too.
456 <Rasmus> mbp: hey, how about an rsync option that just gives you the
457 summary without the list of files? And perhaps gives more
458 information like the number of new files, number of changed,
460 <mbp> Rasmus: nice idea
461 <mbp> there is --stats
462 <mbp> but at the moment it's very tridge-oriented
463 <mbp> rather than user-friendly
464 <mbp> it would be nice to improve it
465 <mbp> that would also work well with --dryrun
469 Rather than storing the file list in memory, store it in a TDB.
471 This *might* make memory usage lower while building the file list.
473 Hashtable lookup will mean files are not transmitted in order,
476 This would neatly eliminate one of the major post-fork shared data
482 On 12 Mar 2002, Dave Dykstra <dwd@bell-labs.com> wrote:
483 > If we would add an option to do that functionality, I would vote for one
484 > that was more general which could mask off any set of permission bits and
485 > possibly add any set of bits. Perhaps a chmod-like syntax if it could be
486 > implemented simply.
488 I think that would be good too. For example, people uploading files
489 to a web server might like to say
491 rsync -avzP --chmod a+rX ./ sourcefrog.net:/home/www/sourcefrog/
493 Ideally the patch would implement as many of the gnu chmod semantics
494 as possible. I think the mode parser should be a separate function
495 that passes back something like (mask,set) description to the rest of
496 the program. For bonus points there would be a test case for the
504 Allow people to specify the diff command. (Might want to use wdiff,
507 Just diff the temporary file with the destination file, and delete
508 the tmp file rather than moving it into place.
510 Interaction with --partial.
512 Security interactions with daemon mode?
514 (Suggestion from david.e.sewell)
517 Incorrect timestamps (Debian #100295)
519 A bit hard to believe, but apparently it happens.
522 Check "refuse options works"
524 We need a test case for this...
526 Was this broken when we changed to popt?
529 PERFORMANCE ----------------------------------------------------------
533 If we're doing a local transfer, or using -W, then perhaps don't
534 send the file checksum. If we're doing a local transfer, then
535 calculating MD4 checksums uses 90% of CPU and is unlikely to be
538 Indeed for transfers over zlib or ssh we can also rely on the
539 transport to have quite strong protection against corruption.
541 Perhaps we should have an option to disable this, analogous to
542 --whole-file, although it would default to disabled. The file
543 checksum takes up a definite space in the protocol -- we can either
544 set it to 0, or perhaps just leave it out.
548 Perhaps borrow an assembler MD4 from someone?
550 Make sure we call MD4 with properly-sized blocks whenever possible
551 to avoid copying into the residue region?
555 Test whether this is actually faster than just using malloc(). If
556 it's not (anymore), throw it out.
559 PLATFORMS ------------------------------------------------------------
563 Don't detach, because this messes up --srvany.
565 http://sources.redhat.com/ml/cygwin/2001-08/msg00234.html
567 According to "Effective TCP/IP Programming" (??) close() on a socket
568 has incorrect behaviour on Windows -- it sends a RST packet to the
569 other side, which gives a "connection reset by peer" error. On that
570 platform we should probably do shutdown() instead. However, on Unix
571 we are correct to call close(), because shutdown() discards
575 DEVELOPMENT ----------------------------------------------------------
579 Build rsync with SPLINT to try to find security holes. Add
580 annotations as necessary. Keep track of the number of warnings
581 found initially, and see how many of them are real bugs, or real
582 security bugs. Knowing the percentage of likely hits would be
583 really interesting for other projects.
587 Something that just keeps running rsync continuously over a data set
588 likely to generate problems.
592 Run current rsync versions against significant past releases.
596 jra recommends Valgrind:
598 http://devel-home.kde.org/~sewardj/
604 Build tar file; upload
606 Send announcement to mailing list and c.o.l.a.
608 Make freshmeat announcement
614 TESTING --------------------------------------------------------------
618 Part of the regression suite should be making sure that we don't
619 break backwards compatibility: old clients vs new servers and so
620 on. Ideally we would test both up and down from the current release
623 We might need to omit broken old versions, or versions in which
624 particular functionality is broken
626 It might be sufficient to test downloads from well-known public
627 rsync servers running different versions of rsync. This will give
628 some testing and also be the most common case for having different
629 versions and not being able to upgrade.
632 Test on kernel source
634 Download all versions of kernel; unpack, sync between them. Also
635 sync between uncompressed tarballs. Compare directories after
638 Use local mode; ssh; daemon; --whole-file and --no-whole-file.
640 Use awk to pull out the 'speedup' number for each transfer. Make
646 Sparse and non-sparse
650 Insert bytes, delete bytes, swap blocks, ...
652 configure option to enable dangerous tests
654 If tests are skipped, say why.
656 Test daemon feature to disallow particular options.
658 Pipe program that makes slow/jerky connections.
660 Versions of read() and write() that corrupt the stream, or abruptly fail
662 Separate makefile target to run rough tests -- or perhaps just run
665 Test "refuse options" works
667 What about for --recursive?
669 If you specify an unrecognized option here, you should get an error.
672 DOCUMENTATION --------------------------------------------------------
676 Keep list of open issues and todos on the web site
678 Update web site from CVS
681 Perhaps redo manual as SGML
683 The man page is getting rather large, and there is more information
684 that ought to be added.
686 TexInfo source is probably a dying format.
688 Linuxdoc looks like the most likely contender. I know DocBook is
689 favoured by some people, but it's so bloody verbose, even with emacs
693 BUILD FARM -----------------------------------------------------------
697 AMDAHL UTS (Dave Dykstra)
699 Cygwin (on different versions of Win32?)
701 HP-UX variants (via HP?)
706 LOGGING --------------------------------------------------------------
708 Perhaps flush stdout after each filename, so that people trying to
709 monitor progress in a log file can do so more easily. See
710 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=48108
712 At the connections that just get a list of modules are not logged,
715 If a child of the rsync daemon dies with a signal, we should notice
716 that when we reap it and log a message.
718 Keep stderr and stdout properly separated (Debian #23626)
720 Use a separate function for reporting errors; prefix it with
721 "rsync:" or "rsync(remote)", or perhaps even "rsync(local
726 Indicate whether files are new, updated, or deleted
728 At end of transfer, show how many files were or were not transferred
733 Explain *why* every file is transferred or not (e.g. "local mtime
734 123123 newer than 1283198")
739 Add an rsyncd.conf parameter to turn on debugging on the server.
743 NICE -----------------------------------------------------------------
745 --no-detach and --no-fork options
747 Very useful for debugging. Also good when running under a
748 daemon-monitoring process that tries to restart the service when the
751 hang/timeout friendliness
755 Change to using gettext(). Probably need to ship this for platforms
758 Solicit translations.
760 Does anyone care? Before we bother modifying the code, we ought to
761 get the manual translated first, because that's possibly more useful
762 and at any rate demonstrates desire.
766 Write a small emulation of interactive ftp as a Pythonn program
767 that calls rsync. Commands such as "cd", "ls", "ls *.c" etc map
768 fairly directly into rsync commands: it just needs to remember the
769 current host, directory and so on. We can probably even do
770 completion of remote filenames.
773 RELATED PROJECTS -----------------------------------------------------
775 http://rsync.samba.org/rsync-and-debian/
779 Exhaustive, tortuous testing
783 rsyncsplit as alternative to real integration with gzip?
785 reverse rsync over HTTP Range
787 Goswin Brederlow suggested this on Debian; I think tridge and I
788 talked about it previous in relation to rproxy.