X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/5ebe9a46d7f3c846a6d665cb8c6ab8b79508a6df..d52aeae4e9af689aed4ae6af2b7602552c1383e7:/rsyncd.conf.yo diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo index f96fc9e1..49d25226 100644 --- a/rsyncd.conf.yo +++ b/rsyncd.conf.yo @@ -120,6 +120,9 @@ details on some of the options you may be able to set. By default no special socket options are set. These settings can also be specified via the bf(--sockopts) command-line option. +dit(bf(listen backlog)) You can override the default backlog value when the +daemon listens for connections. It defaults to 5. + enddit() manpagesection(MODULE PARAMETERS) @@ -532,13 +535,14 @@ quote(itemization( IP address and maskaddr is the netmask in dotted decimal notation for IPv4, or similar for IPv6, e.g. ffff:ffff:ffff:ffff:: instead of /64. All IP addresses which match the masked IP address will be allowed in. - it() a hostname. The hostname as determined by a reverse lookup will - be matched (case insensitive) against the pattern. Only an exact - match is allowed in. This only works if "reverse lookup" is enabled - (the default). - it() a hostname pattern using wildcards. These are matched using the - same rules as normal unix filename matching. If the pattern matches - then the client is allowed in. + it() a hostname pattern using wildcards. If the hostname of the connecting IP + (as determined by a reverse lookup) matches the wildcarded name (using the + same rules as normal unix filename matching), the client is allowed in. This + only works if "reverse lookup" is enabled (the default). + it() a hostname. A plain hostname is matched against the reverse DNS of the + connecting IP (if "reverse lookup" is enabled), and/or the IP of the given + hostname is matched against the connecting IP (if "forward lookup" is + enabled, as it is by default). Any match will be allowed in. )) Note IPv6 link-local addresses can have a scope in the address specification: @@ -578,6 +582,11 @@ lookup as soon as a client connects, so disabling it for a module will not avoid the lookup. Thus, you probably want to disable it globally and then enable it for modules that need the information. +dit(bf(forward lookup)) Controls whether the daemon performs a forward lookup +on any hostname specified in an hosts allow/deny setting. By default this is +enabled, allowing the use of an explicit hostname that would not be returned +by reverse DNS of the connecting IP. + dit(bf(ignore errors)) This parameter tells rsyncd to ignore I/O errors on the daemon when deciding whether to run the delete phase of the transfer. Normally rsync skips the bf(--delete) step if any @@ -747,7 +756,8 @@ parameters in a module started in another file, can affect the defaults for other files, etc. When an bf(&include) or bf(&merge) directive refers to a directory, it will read -in all the bf(*.conf) files contained inside that directory (without any +in all the bf(*.conf) or bf(*.inc) files (respectively) that are contained inside +that directory (without any recursive scanning), with the files sorted into alpha order. So, if you have a directory named "rsyncd.d" with the files "foo.conf", "bar.conf", and "baz.conf" inside it, this directive: @@ -764,17 +774,25 @@ except that it adjusts as files are added and removed from the directory. The advantage of the bf(&include) directive is that you can define one or more modules in a separate file without worrying about unintended side-effects -between the self-contained module files. For instance, this is a useful -/etc/rsyncd.conf file: +between the self-contained module files. + +The advantage of the bf(&merge) directive is that you can load config snippets +that can be included into multiple module definitions, and you can also set +global values that will affect connections (such as bf(motd file)), or globals +that will affect other include files. + +For example, this is a useful /etc/rsyncd.conf file: verb( port = 873 log file = /var/log/rsync.log pid file = /var/lock/rsync.lock + &merge /etc/rsyncd.d &include /etc/rsyncd.d ) -The advantage of the bf(&merge) directive is that you can load config snippets -that can be included into multiple module definitions. +This would merge any /etc/rsyncd.d/*.inc files (for global values that should +stay in effect), and then include any /etc/rsyncd.d/*.conf files (defining +modules without any global-value cross-talk). manpagesection(AUTHENTICATION STRENGTH)