forked from kristapsdz/openrsync
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rsyncd.conf.5
539 lines (536 loc) · 15.1 KB
/
rsyncd.conf.5
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
.\"
.\" Copyright (c) 2024 Klara, Inc.
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate$
.Dt RSYNCD.CONF 5
.Os
.Sh NAME
.Nm rsyncd.conf
.Nd configuration format for the rsync daemon
.Sh DESCRIPTION
When the
.Xr rsync 1
.Fl -daemon
mode starts up, it first reads its global configuration from a file located by
default at
.Pa /etc/rsyncd.conf ,
unless the
.Fl -config
option is specified to direct
.Xr rsync 1
to look elsewhere.
In this first pass of reading
.Nm ,
only the leading global configuration is read.
.Nm
is read once again when a client connects to the daemon, this time loading
module parameters specified later in the file.
.Ss FILE FORMAT
.Nm
files bare close resemblance to the commonly-found INI file format.
Unless otherwise noted, leading whitespace on lines is not significant and will
be ignored.
.Pp
Comments are supported on their own lines, and begin with a
.Sq #
character.
.Pp
A line containing a declaration like
.Dq [module]
indicates that the following lines belong to the module named between the
square brackets.
Leading and trailing whitespace in the module name are stripped.
Internal whitespace is collapsed down to or transformed into a single space
character.
Multiple sections for a module are merged together as one would expect.
.Pp
Assignments are lines that look like
.Dq key = value ,
where the key is everything before a
.Sq = ,
and the value may contain spaces or
.Sq =
characters unescaped.
Quotation marks are used literally in the value configured, not interpreted in
any special way.
The value may span multiple lines by "escaping" the newline with a \\
character at the end.
.Pp
Value assignments that occur before any module section are global options, which
may influence how the
.Xr rsync 1
starts up or provide default values for module parameters described later.
.Nm
supports sections named
.Dq global ,
which may also provide default values for module parameters.
.Ss GLOBAL OPTIONS
The following keys may be assigned before any module sections, and will
influence
.Xr rsync 1
daemon startup:
.Bl -tag -width Ds
.It Dq address
Provides an address to bind the listening socket to, if not otherwise specified
by the
.Fl -address
option to
.Xr rsync 1 .
By default,
.Xr rsync 1
will bind to any address on the system.
.It Dq motd file
Names a file containing a MOTD that will be printed to clients as they connect
to the
.Xr rsync 1
daemon.
This file will be read every time a client is connected, so a daemon restart is
not required to update the MOTD.
.It Dq pid file
Names a file to write the
.Xr rsync 1
pid to.
This file will be locked while the daemon is still running, preventing other
daemons configured to use the same pid file from starting.
.It Dq port
Provides a port to bind the listening socket to, if not otherwise specified by
the
.Fl -port
option to
.Xr rsync 1 .
By default,
.Xr rsync 1
will bind to the
.Dq rsync
port as described in
.Pa /etc/services ,
which is traditionally port 873.
.It Dq socket options
Defines socket options to set on both the listening socket and accepted client
sockets, unless overridden by the
.Fl -sockopts
option to
.Xr rsync 1 .
.El
.Ss MODULE PARAMETERS
The following keys may be assigned within module sections declared in
.Nm :
.Bl -tag -width Ds
.It Dq auth users
Names the users and/or groups authorized to authenticate and use the module,
along with an optional policy option per entry.
If a name entry begins with a
.Dq @ ,
then the entry describes a group and the username presented must be a member of
the named group on the system.
An optional policy option may be specified by appending a
.Dq ":"
followed by one of
.Dq deny ,
.Dq rw ,
or
.Dq ro .
The latter two options will override the
.Dq read only
option described later, if specified.
The first rule matched is used, so care must be taken to ensure that entries
appear in the order of desired precedence.
.Pp
When a username is presented, the
.Dq secrets file
is consulted for the secret to authenticate with.
.It Dq comment
Comment to use when a module listing is requested.
.It Dq dont compress
This option is accepted for compatibility with the reference rsync, but it has
no effect in openrsync.
Traditionally, the value of
.Dq dont compress
is a space delimited list of patterns describing filenames that should not be
compressed.
.Pp
In earlier versions of rsync, only zlib is supported for compression and
per-file compression levels cannot be set.
The first file matching a pattern in this list could inadvertently disable
compression for the entire transfer rather than just the already-compressed
files.
This implementation chose to favor lower bandwidth over potentially wasted
CPU cycles for the time being.
.It Do exclude Dc , Do exclude from Dc , Do filter Dc , Do include Dc , \
Do include from Dc
These options correspond to the
.Xr rsync
command-line option equivalents.
The
.Dq exclude ,
.Dq filter ,
and
.Dq include
values are space-separated, and may contain a leading
.Dq "- "
or
.Dq "+ "
to specify the rule and, e.g., get rule ordering correct.
These rules take precedence over any client-specified rules.
.It Do gid Dc , Do uid Dc
The group and user names or IDs to use for transfer processes.
Once a client connected, privileges are dropped as soon as we possibly can
before the transfer begins.
.It Do hosts allow Dc , Do hosts deny Dc
Specifies a list of host patterns that are either allowed or denied from using
the module.
Incoming connections must match at least one of the
.Dq hosts allow
patterns, if specified.
Conversely, incoming connections must not match any
.Dq hosts deny
pattern, if specified.
If both options are specified, then the
.Dq hosts allow
rule is processed first, followed by a potential rejection if the allowed host
matches one of the
.Dq hosts deny
patterns.
.Pp
The pattern may be:
.Bl -bullet
.It
A single IPv4 or IPv6 address
.It
address/<mask> or address/<mask address> notation
.It
Hostname with optional wildcards, which are processed with the internal pattern
matching engine that functions much like
.Xr fnmatch 3 .
Hostnames are matched against a reverse lookup of the client when it initially
connects.
.El
.It Dq ignore errors
Functionally equivalent to the
.Fl -ignore-errors
option to
.Xr rsync 1 .
.It Dq ignore nonreadable
Instructs
.Xr rsync 1
to completely ignore files that it can't read from the module path.
This may be useful for, e.g., a public archive that has mixed ownership.
.It Do incoming chmod Dc , Do outgoing chmod Dc
Functionally equivalent to splitting the
.Fl -chmod
option to
.Xr rsync 1
into sender and receiver chmod options.
Resulting incoming or outgoing files are given the requested mode.
.It Dq list
Indicates if the module will be named when a listing is requested.
This defaults to true, making all modules visible to any connected rsync client
that requests a listing.
.It Dq lock file
Names the path on the filesystem that
.Xr rsync 1
will use for counting connections towards the
.It Dq log file
Names a path on the filesystem to use instead of syslog for logging.
If the value is not set, empty, or we fail to open the logfile, then
.Xr rsync 1
will fallback to using syslog anyways.
.It Dq log format
Functionally equivalent to the
.Fl -out-format
option to
.Xr rsync 1 .
.Dq max connections
limit.
Segments of this file will be rangelocked with
.Xr fcntl 2
.Va F_SETLK
as needed to determine if we have any connection slots left open to grant.
.It Dq max connections
Limit number of connections to the module at any given time to the named
number.
This is enforced using a range lock on the
.Dq lock file .
.It Dq max verbosity
Specifies the max amount of verbosity that a client can request when it
connects.
Defaults to 1, to allow at most a single
.Fl v .
.It Dq munge symlinks
Munges symlinks received or sent by the daemon as appropriate to render them
safe to follow.
If this option is enabled, then
.Xr rsync 1
will prepend
.Pa /rsyncd-munge/
to the target of any symlink received.
For symlinks sent, it will strip the
.Pa /rsyncd-munge/
prefix to restore the symlink's target.
.Pp
If this option is disabled and
.Dq chroot
is also disabled, then symlinks may be irreversibly damaged to render them safe
for the daemon.
Notably, any path components that may cause
.Xr rsync 1
to traverse outside of the module path will be stripped.
.Pp
This option is enabled by default when
.Dq chroot
is disabled.
.It Dq numeric ids
Nearly functionally equivalent to the
.Fl -numeric-ids
option to
.Xr rsync 1 .
When operating in a chroot,
.Dq numeric ids
will be silently enabled on the daemon-side.
.It Dq path
Names the path on the filesystem that
.Xr rsync 1
will serve files for this module from.
.It Do pre-xfer exec Dc , Dq post-xfer exec
Commands to execute before and after the transfer.
.Xr rsync 1
will not do any word-splitting of these options.
The following environment variables will be available to the execution
environment:
.Bl -tag -width Ds
.It Ev RSYNC_MODULE_NAME
The name of the requested module.
.It Ev RSYNC_MODULE_PATH
The
.Dq path
for the requested module.
.It Ev RSYNC_HOST_ADDR
The client's network address.
.It Ev RSYNC_HOST_NAME
The client's host name, as determined from a reverse DNS lookup.
.It Ev RSYNC_USER_NAME
The username the client has sent along for authentication purposes.
.It Ev RSYNC_PID
The PID of the process that will be handling or did handle the transfer.
.It Ev RSYNC_ARG#
Only available for
.Dq pre-xfer exec ,
each of the arguments provided by the client are passed in via the environment.
.Ev RSYNC_ARG0
will be set to
.Dq rsyncd
by convention.
Options are terminated by a single
.Dq . ,
after which paths will be present.
Paths will have the module/ part stripped.
.It Ev RSYNC_REQUEST
Only available for
.Dq pre-xfer exec ,
this essentially contains the entirety of the path portion of the arguments as
they were sent by the client, with the module/ prefix left intact if provided.
.It Ev RSYNC_RAW_STATUS
Only available for
.Dq post-xfer exec ,
the raw numeric exit status of the process that handled the transfer.
This includes any flag bits set that may indicate, e.g., that the process was
terminated by signal.
.It Ev RSYNC_EXIT_STATUS
Only available for
.Dq post-xfer exec ,
this is the exit status of the child if it did terminate normally.
For abnormal termination,
.Dv -1
will be passed as the exit status.
.El
.It Dq read only
Indicates whether the module is read only or not.
This is only checked when a client attempts to send a file to the
.Xr rsync 1
daemon.
This is enabled by default.
.It Dq refuse options
Options to refuse from the client, if provided.
Refused options cause the
.Xr rsync 1
daemon to abort the operation before any files are transferred.
Options are provided as a space delimited list of patterns to refuse.
These patterns, like those used in filter rules and the above
.Dq hosts allow
and
.Dq hosts deny ,
are simple patterns that support globbing as in
.Xr fnmatch 3 .
The pattern may match either the short option name or the long option name for a
given option
.Pp
Refusing the
.Fl a
option will refuse all of the options that make up the
.Fl a
option, unless the option is matched by wildcard.
Refusing any component of
.Fl a
will also refuse the
.Fl a
option.
.Pp
Refusing
.Dq delete
will also implicitly refuse
.Fl -remove-source-files .
.It Dq secrets file
Names the path on the filesystem that
.Xr rsync 1
will use to authenticate users if
.Dq auth users
is set.
The secrets file consists of
.Dq username:password
pairs, one per line, and supports comments on lines starting with
.Dq "#" .
The
.Va username
specified in the secrets file may also start with a
.Dq @
to name a group.
.Pp
Note that
.Xr rsync 1
will ensure that the file is not other-readable, unless
.Dq strict modes
is disabled.
Strict mode violations, along with syntax errors, will effectively disable a
module that has set
.Dq auth users .
.It Dq strict modes
Instructs
.Xr rsync 1
to enforce stricter modes on the secrets file.
Namely, the secrets file must not be other-readable.
This is enabled by default.
.It Dq syslog facility
The syslog facility to use when
.Xr rsync 1
writes to the syslog.
Defaults to
.Dq daemon .
.It Dq timeout
Functionally equivalent to the
.Fl -timeout
option to
.Xr rsync 1 .
.It Dq transfer logging
Enable FTP-style logging of the transactions that take place during this
transfer.
The relevant log lines honor the format specified by the
.Dq log format
option, which defaults to
.Dq %o %h [%a] %m (%u) %f %l
for
.Dq transfer logging
purposes.
.Pp
This option is disabled by default.
.It Dq use chroot
Boolean value describing whether
.Xr rsync 1
should
.Xr chroot 2
itself into the named
.Dq path .
By default,
.Xr rsync 1
will attempt to
.Xr chroot 2 ,
but if it fails due to
.Er EPERM
then it will proceed anyways.
This fallback does not happen if
.Dq use chroot
is explicitly set to true
in
.Nm .
.It Dq write only
Indicates whether the module is write only or not.
This is only checked when a client attempts to send a file to the
.Xr rsync 1
daemon.
This is disabled by default.
.El
.Pp
.Dq path
is the only required field for a module.
.Sh EXAMPLES
A basic configuration for the
.Xr rsync 1
daemon to listen on *:9998 serving files out of /var/ftp/pub:
.Bd -literal
# These settings affect rsync(1) startup
port = 9998
motd file = /etc/rsync.motd
[ftp]
# This is only used when the 'ftp' module is requested
path = /var/ftp/pub
.Ed
.Pp
Listen on the usual port, serving files out of the same directory as above:
.Bd -literal
# This also affects all modules
use chroot = yes
# Alternative spelling of the above:
#[global]
# use chroot = yes
[ftp]
path = /var/ftp/pub
.Ed
.Sh BUGS
Syntax errors in
.Nm
that occur at or after the first module declaration will not be detected until
a client has attempted to connect.
.Pp
Module names are case sensitive when requested by the client, but are not case
sensitive when specified in
.Nm .
The client may request a module by the casing used in the first appearance of
the module, not by any casing used in subsequent sections describing the same
module.
.Pp
Line continuation escapes using \\ at the end of a line are only recognized as
continuations if they occur in the middle of a value assignment.
.Pp
Leading whitespace in a value is insignificant as long as it occurs on the same
line as the =.
Whitespace on the next line, whether a significant character in the value was
written on the previous line or not, is significant and will appear in the
value.
.Pp
.Nm
supports sections named
.Dq global
to define global defaults for some values, but this name is somewhat misleading
as they are not read in for
.Xr rsync 1
daemon startup.
As such, global options like
.Dq port
or
.Dq pid file
appearing in a
.Dq [global]
section will not affect the
.Xr rsync 1
daemon startup.