the advantage of extra protection against possible implementation security
holes, but it has the disadvantages of requiring super-user privileges and
of not being able to follow symbolic links outside of the new root path
-when reading. For writing when "use chroot" is false, for security reasons
+when reading. When "use chroot" is false, for security reasons
symlinks may only be relative paths pointing to other files within the
root path, and leading slashes are removed from absolute paths. The
default for "use chroot" is true.
which is normally the group "nobody".
dit(bf(exclude)) The "exclude" option allows you to specify a space
-separated list of patterns to add to the exclude list. This is
-equivalent to the client specifying these patterns with the --exclude
-option except that the exclude list is not passed to the client and
-thus only apply on the server. Only one "exclude" option may be
-specified, but you can use "-" and "+" before patterns to specify
-exclude/include.
+separated list of patterns to add to the exclude list. This is equivalent
+to the client specifying these patterns with the --exclude option, except
+that the exclude list is not passed to the client and thus only applies on
+the server: that is, it excludes files received by a client when receiving
+from a server and files deleted on a server when sending to a server, but
+it doesn't exclude files sent from a client when sending to a server or
+files deleted on a client when receiving from a server.
+Only one "exclude" option may be specified, but
+you can use "-" and "+" before patterns to specify exclude/include.
Note that this option is not designed with strong security in
mind, it is quite possible that a client may find a way to bypass this
dit(bf(exclude from)) The "exclude from" option specifies a filename
on the server that contains exclude patterns, one per line. This is
equivalent to the client specifying the --exclude-from option with a
-equivalent file except that the resulting exclude patterns are not
-passed to the client and thus only apply on the server. See also the
-note about security for the exclude option above.
+equivalent file except that it applies only on the server. See also
+the "exclude" option above.
dit(bf(include)) The "include" option allows you to specify a space
separated list of patterns which rsync should not exclude. This is
equivalent to the client specifying these patterns with the --include
-option. This is useful as it allows you to build up quite complex
-exclude/include rules. Only one "include" option may be specified, but you
-can use "+" and "-" before patterns to switch include/exclude.
-
-See the section of exclude patterns in the rsync man page for information
-on the syntax of this option.
+option except that it applies only on the server. This is useful as it
+allows you to build up quite complex exclude/include rules. Only one
+"include" option may be specified, but you can use "+" and "-" before
+patterns to switch include/exclude. See also the "exclude" option above.
dit(bf(include from)) The "include from" option specifies a filename
on the server that contains include patterns, one per line. This is
equivalent to the client specifying the --include-from option with a
-equivalent file.
+equivalent file except that it applies only on the server. See also
+the "exclude" option above.
dit(bf(auth users)) The "auth users" option specifies a comma and
space separated list of usernames that will be allowed to connect to
Matt McCutchen's Web Site / rsync / rsync.git / blobdiff