-lookup the IDs using getpuid() and getpgid(). This means that the chroot
-area will need to have copies of your user/group information (edited, if
-desired) inside the chroot tree for rsync to use (the traditional files
-are /etc/passwd and /etc/group). If the needed files are not available,
-rsync will only be able to copy the IDs, just as if the --numeric-ids
-option had been specified.
+use the standard library functions for looking up names and IDs (i.e.
+getpwuid(), getgrgid(), getpwname(), and getgrnam()). This means a
+process in the chroot namespace will need to have access to the resources
+used by these library functions (traditionally /etc/passwd and
+/etc/group). If these resources are not available, rsync will only be
+able to copy the IDs, just as if the bf(--numeric-ids) option had been
+specified.
+
+Note that you are free to setup user/group information in the chroot area
+differently from your normal system. For example, you could abbreviate
+the list of users and groups. Also, you can protect this information from
+being downloaded/uploaded by adding an exclude rule to the rsync.conf file
+(e.g. "exclude = /etc/**"). Note that having the exclusion affect uploads
+is a relatively new feature in rsync, so make sure your server is running
+at least 2.6.3 to effect this. Also note that it is safest to exclude a
+directory and all its contents combining the rule "/some/dir/" with the
+rule "/some/dir/**" just to be sure that rsync will not allow deeper
+access to some of the excluded files inside the directory (rsync tries to
+do this automatically, but you might as well specify both to be extra
+sure).