special socket options are set. These settings can also be specified
via the bf(--sockopts) command-line option.
+dit(bf(listen backlog)) You can override the default backlog value when the
+daemon listens for connections. It defaults to 5.
+
enddit()
manpagesection(MODULE PARAMETERS)
IP address and maskaddr is the netmask in dotted decimal notation for IPv4,
or similar for IPv6, e.g. ffff:ffff:ffff:ffff:: instead of /64. All IP
addresses which match the masked IP address will be allowed in.
- it() a hostname. The hostname as determined by a reverse lookup will
- be matched (case insensitive) against the pattern. Only an exact
- match is allowed in. This only works if "reverse lookup" is enabled
- (the default).
- it() a hostname pattern using wildcards. These are matched using the
- same rules as normal unix filename matching. If the pattern matches
- then the client is allowed in.
+ it() a hostname pattern using wildcards. If the hostname of the connecting IP
+ (as determined by a reverse lookup) matches the wildcarded name (using the
+ same rules as normal unix filename matching), the client is allowed in. This
+ only works if "reverse lookup" is enabled (the default).
+ it() a hostname. A plain hostname is matched against the reverse DNS of the
+ connecting IP (if "reverse lookup" is enabled), and/or the IP of the given
+ hostname is matched against the connecting IP (if "forward lookup" is
+ enabled, as it is by default). Any match will be allowed in.
))
Note IPv6 link-local addresses can have a scope in the address specification:
avoid the lookup. Thus, you probably want to disable it globally and then
enable it for modules that need the information.
+dit(bf(forward lookup)) Controls whether the daemon performs a forward lookup
+on any hostname specified in an hosts allow/deny setting. By default this is
+enabled, allowing the use of an explicit hostname that would not be returned
+by reverse DNS of the connecting IP.
+
dit(bf(ignore errors)) This parameter tells rsyncd to
ignore I/O errors on the daemon when deciding whether to run the delete
phase of the transfer. Normally rsync skips the bf(--delete) step if any
other files, etc.
When an bf(&include) or bf(&merge) directive refers to a directory, it will read
-in all the bf(*.conf) files contained inside that directory (without any
+in all the bf(*.conf) or bf(*.inc) files (respectively) that are contained inside
+that directory (without any
recursive scanning), with the files sorted into alpha order. So, if you have a
directory named "rsyncd.d" with the files "foo.conf", "bar.conf", and
"baz.conf" inside it, this directive:
The advantage of the bf(&include) directive is that you can define one or more
modules in a separate file without worrying about unintended side-effects
-between the self-contained module files. For instance, this is a useful
-/etc/rsyncd.conf file:
+between the self-contained module files.
+
+The advantage of the bf(&merge) directive is that you can load config snippets
+that can be included into multiple module definitions, and you can also set
+global values that will affect connections (such as bf(motd file)), or globals
+that will affect other include files.
+
+For example, this is a useful /etc/rsyncd.conf file:
verb( port = 873
log file = /var/log/rsync.log
pid file = /var/lock/rsync.lock
+ &merge /etc/rsyncd.d
&include /etc/rsyncd.d )
-The advantage of the bf(&merge) directive is that you can load config snippets
-that can be included into multiple module definitions.
+This would merge any /etc/rsyncd.d/*.inc files (for global values that should
+stay in effect), and then include any /etc/rsyncd.d/*.conf files (defining
+modules without any global-value cross-talk).
manpagesection(AUTHENTICATION STRENGTH)