X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/2907884f940e3e053f9cacc336dc6ae902585ef8..2b7e12924d91ce2470b0fefb20fe409ce090b3e7:/rsyncd.conf.yo diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo index 54827294..3b05a3e2 100644 --- a/rsyncd.conf.yo +++ b/rsyncd.conf.yo @@ -1,5 +1,5 @@ mailto(rsync-bugs@samba.org) -manpage(rsyncd.conf)(5)(7 Jul 2005)()() +manpage(rsyncd.conf)(5)(28 Jul 2005)()() manpagename(rsyncd.conf)(configuration file for rsync in daemon mode) manpagesynopsis() @@ -52,9 +52,6 @@ write the appropriate data, log, and lock files. You can launch it either via inetd, as a stand-alone daemon, or from an rsync client via a remote shell. If run as a stand-alone daemon then just run the command "bf(rsync --daemon)" from a suitable startup script. -If run from an rsync client via a remote shell (by specifying both the -bf(--rsh) (bf(-e)) option and daemon mode with "::" or "rsync://"), the bf(--daemon) -option is automatically passed to the remote side. When run via inetd you should add a line like this to /etc/services: @@ -272,7 +269,7 @@ system. The usernames may also contain shell wildcard characters. If "auth users" is set then the client will be challenged to supply a username and password to connect to the module. A challenge response authentication protocol is used for this exchange. The plain text -usernames are passwords are stored in the file specified by the +usernames and passwords are stored in the file specified by the "secrets file" option. The default is for all users to be able to connect without a password (this is called "anonymous rsync"). @@ -457,16 +454,42 @@ of the patterns will not be compressed during transfer. The default setting is tt(*.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz) +dit(bf(pre-xfer exec), bf(post-xfer exec)) You may specify a command to be run +before and/or after the transfer. If the bf(pre-xfer exec) command fails, the +transfer is aborted before it begins. + +The following environment variables will be set, though some are +specific to the pre-xfer or the post-xfer environment: + +quote(itemize( + it() bf(RSYNC_MODULE_NAME): The name of the module being accessed. + it() bf(RSYNC_MODULE_PATH): The path configured for the module. + it() bf(RSYNC_HOST_ADDR): The accessing host's IP address. + it() bf(RSYNC_HOST_NAME): The accessing host's name. + it() bf(RSYNC_USER_NAME): The accessing user's name (empty if no user). + it() bf(RSYNC_REQUEST): (pre-xfer only) The module/path info specified + by the user (note that the user can specify multiple source files, + so the request can be something like "mod/path1 mod/path2", etc.). + it() bf(RSYNC_EXIT_STATUS): (post-xfer only) rsync's exit value. This will be 0 for a + successful run, a positive value for an error that rsync returned + (e.g. 23=partial xfer), or a -1 if rsync failed to exit properly. + it() bf(RSYNC_RAW_STATUS): (post-xfer only) the raw exit value from waitpid(). +)) + +Even though the commands can be associated with a particular module, they +are run using the permissions of the user that started the daemon (not the +module's uid/gid setting) without any chroot restrictions. + enddit() manpagesection(AUTHENTICATION STRENGTH) The authentication protocol used in rsync is a 128 bit MD4 based -challenge response system. Although I believe that no one has ever -demonstrated a brute-force break of this sort of system you should -realize that this is not a "military strength" authentication system. -It should be good enough for most purposes but if you want really top -quality security then I recommend that you run rsync over ssh. +challenge response system. This is fairly weak protection, though (with +at least one brute-force hash-finding algorithm publicly available), so +if you want really top-quality security, then I recommend that you run +rsync over ssh. (Yes, a future version of rsync will switch over to a +stronger hashing method.) Also note that the rsync daemon protocol does not currently provide any encryption of the data that is transferred over the connection. Only @@ -544,7 +567,7 @@ url(http://rsync.samba.org/)(http://rsync.samba.org/) manpagesection(VERSION) -This man page is current for version 2.6.6pre1 of rsync. +This man page is current for version 2.6.6 of rsync. manpagesection(CREDITS)