Doc.

[rsync/rsync.git] / clientserver.c

diff --git a/clientserver.c b/clientserver.c
index e8dba43..f5a74ee 100644 (file)
--- a/clientserver.c
+++ b/clientserver.c
@@ -45,6 +45,7 @@ int start_socket_client(char *host, char *path, int argc, char *argv[])
        extern char *shell_cmd;
        extern int kludge_around_eof;
        extern char *bind_address;
+       extern int default_af_hint;
        
        if (argc == 0 && !am_sender) {
                extern int list_only;
@@ -78,8 +79,15 @@ int start_socket_client(char *host, char *path, int argc, char *argv[])
        if (!user) user = getenv("USER");
        if (!user) user = getenv("LOGNAME");
 
+       if (verbose >= 2) {
+               /* FIXME: If we're going to use a socket program for
+                * testing, then this message is wrong.  We need to
+                * say something like "(except really using %s)" */
+               rprintf(FINFO, "opening tcp connection to %s port %d\n",
+                       host, rsync_port);
+       }
        fd = open_socket_out_wrapped (host, rsync_port, bind_address,
-                                     global_opts.af_hint);
+                                     default_af_hint);
        if (fd == -1) {
                exit_cleanup(RERR_SOCKETIO);
        }
@@ -126,7 +134,10 @@ int start_socket_client(char *host, char *path, int argc, char *argv[])
 
                if (strcmp(line,"@RSYNCD: EXIT") == 0) exit(0);
 
-               rprintf(FINFO,"%s\n", line);
+               if (strncmp(line, "@ERROR", 6) == 0)
+                       rprintf(FERROR,"%s\n", line);
+               else
+                       rprintf(FINFO,"%s\n", line);
        }
        kludge_around_eof = False;
 
@@ -167,9 +178,9 @@ static int rsync_module(int fd, int i)
 
        if (!allow_access(addr, host, lp_hosts_allow(i), lp_hosts_deny(i))) {
                rprintf(FERROR,"rsync denied on module %s from %s (%s)\n",
-                       name, client_name(fd), client_addr(fd));
+                       name, host, addr);
                io_printf(fd,"@ERROR: access denied to %s from %s (%s)\n",
-                         name, client_name(fd), client_addr(fd));
+                         name, host, addr);
                return -1;
        }
 
@@ -279,6 +290,26 @@ static int rsync_module(int fd, int i)
        }
 
        if (am_root) {
+#ifdef HAVE_SETGROUPS
+               /* Get rid of any supplementary groups this process
+                * might have inheristed. */
+               if (setgroups(0, NULL)) {
+                       rsyserr(FERROR, errno, "setgroups failed");
+                       io_printf(fd, "@ERROR: setgroups failed\n");
+                       return -1;
+               }
+#endif
+
+               /* XXXX: You could argue that if the daemon is started
+                * by a non-root user and they explicitly specify a
+                * gid, then we should try to change to that gid --
+                * this could be possible if it's already in their
+                * supplementary groups. */
+
+               /* TODO: Perhaps we need to document that if rsyncd is
+                * started by somebody other than root it will inherit
+                * all their supplementary groups. */
+
                if (setgid(gid)) {
                        rsyserr(FERROR, errno, "setgid %d failed", (int) gid);
                        io_printf(fd,"@ERROR: setgid failed\n");
@@ -486,6 +517,7 @@ int daemon_main(void)
        extern char *config_file;
        extern int orig_umask;
        char *pid_file;
+       extern int no_detach;
 
        if (is_a_socket(STDIN_FILENO)) {
                int i;
@@ -501,7 +533,8 @@ int daemon_main(void)
                return start_daemon(STDIN_FILENO);
        }
 
-       become_daemon();
+       if (!no_detach)
+           become_daemon();
 
        if (!lp_load(config_file, 1)) {
                exit_cleanup(RERR_SYNTAX);