+holes, but it has the disadvantages of requiring super-user privileges,
+of not being able to follow symbolic links outside of the new root path
+when reading, and of complicating the preservation of usernames and groups
+(see below). When "use chroot" is false, for security reasons,
+symlinks may only be relative paths pointing to other files within the root
+path, and leading slashes are removed from most absolute paths (options
+such as --backup-dir, --compare-dest, etc. interpret an absolute path as
+rooted in the module's "path" dir, just as if chroot was specified).
+The default for "use chroot" is true.
+
+In order to preserve usernames and groupnames, rsync needs to be able to
+use the standard library functions for looking up names and IDs (i.e.
+getpwuid(), getgrgid(), getpwname(), and getgrnam()). This means a
+process in the chroot namespace will need to have access to the resources
+used by these library functions (traditionally /etc/passwd and
+/etc/group). If these resources are not available, rsync will only be
+able to copy the IDs, just as if the --numeric-ids option had been
+specified.
+
+Note that you are free to setup user/group information in the chroot area
+differently from your normal system. For example, you could abbreviate
+the list of users and groups. Also, you can protect this information
+from being downloaded by adding an exclude rule to the rsync.conf file
+(e.g. "exclude = /etc/"). To protect it from being changed by an upload
+(if the module is not read only), be sure to set the permissions (or
+owner) on the files and/or parent directories so that they cannot be
+written by the daemon.
+
+dit(bf(max connections)) The "max connections" option allows you to
+specify the maximum number of simultaneous connections you will allow.
+Any clients connecting when the maximum has been reached will receive a
+message telling them to try later. The default is 0 which means no limit.
+See also the "lock file" option.
+
+dit(bf(lock file)) The "lock file" option specifies the file to use to
+support the "max connections" option. The rsync server uses record
+locking on this file to ensure that the max connections limit is not
+exceeded for the modules sharing the lock file.
+The default is tt(/var/run/rsyncd.lock).