Re: [Bug 12819] [PATCH] sync() on receiving side for data consistency

[Karl O. Pinc via rsync]

On Fri, 16 Jun 2017 12:34:40 +0200
Ben RUBSON via rsync  wrote:

> > On 15 Jun 2017, at 19:29, Karl O. Pinc via rsync
> >  wrote:

> > The problem is that the --server (and, especially,
> > --daemon) documentation has gone away.  Or at least
> > left the man page. (v3.1.1, Debian 8, Jessie)  Except
> > for a hint that --server exists at the bottom.  
> 
> Are you looking for `man rsyncd.conf` ?

No, that tells me what --daemon does; how to run rsync
as a server.  It does not tell me how to invoke rsync at the 
remote end manually without doing server-side things
such as the reading of rsyncd.conf.

What I want documened is how to use a customized
transport that does not allow the client side to
send arbirtrary commands to the remote end.
The sort of thing done when using
ssh with keys and the command= option within an
authorized_keys file.

As mentioned, now I use command="rsync --server --daemon ."
in my authorized_keys file.
I once figured this out from old rsync man pages, but don't
see how to glean this command sequence from a more recent
man page.

Again, I might (eventually) get around to sending
in a man page patch if somebody explains how it's done.

Regards,

Karl 
Free Software:  "You don't pay back, you pay forward."
 -- Robert A. Heinlein

-- 
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html

Re: [Bug 12819] [PATCH] sync() on receiving side for data consistency

[Ben RUBSON via rsync]

> On 15 Jun 2017, at 19:29, Karl O. Pinc via rsync  
> wrote:
> 
> On Thu, 15 Jun 2017 13:23:44 +
> just subscribed for rsync-qa from bugzilla via rsync
>  wrote:
> 
>> https://bugzilla.samba.org/show_bug.cgi?id=12819
>> 
>> --- Comment #7 from Ben RUBSON  ---
> 
>> Note that my patch simply adds a sync() just after recv_files(), so
>> one sync() per connection, not per write operation.
> 
>> But we could make this a rsync option, so that one can enable /
>> disable it on its own.
> 
> I think the "right" rsync option to add (because rsync does
> not have enough options already ;-) is a --hook-post option.
> It would run something (a `sync` in your case) on the
> remote end after finishing.  There are clear security issues
> here.
> 
> Rather than having --hook-post and having to do something
> (a server side config option that says what --hook-post
> can do?) to address the security concerns it seems much
> simpler to improve the rsync documentation regarding running
> the rsync server side.

--daemon (if used) already has post-xfer option, but as explained in
the bug report, could be hard to use when daemon is chrooted.

> I'm still using command="rsync --server --daemon ." in my
> ~/.ssh/authorized_keys file on the remote end.  It'd be simple 
> enough to add, say, a "sync" to the end of this to force a sync
> when rsync finishes.

It would however sync() even if the client only read files.

> The problem is that the --server (and, especially,
> --daemon) documentation has gone away.  Or at least
> left the man page. (v3.1.1, Debian 8, Jessie)  Except
> for a hint that --server exists at the bottom.

Are you looking for `man rsyncd.conf` ?

> If the server side of rsync was better documented then
> perhaps a simple inetd rsync service (or --rsync-path
> or -e value, etc.) would be easy for the end-user to 
> cobble together to meet needs such as this.
> 
> Can somebody please explain --server?  (And --sender, I guess.)
> I might (possibly) be motivated to send in a man page patch.
> 
> Regards,
> 
> Karl 

Thank you for your feedback Karl !

Ben


-- 
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html

Re: [Bug 12819] [PATCH] sync() on receiving side for data consistency

[Karl O. Pinc via rsync]

On Thu, 15 Jun 2017 13:23:44 +
just subscribed for rsync-qa from bugzilla via rsync
 wrote:

> https://bugzilla.samba.org/show_bug.cgi?id=12819
> 
> --- Comment #7 from Ben RUBSON  ---

> Note that my patch simply adds a sync() just after recv_files(), so
> one sync() per connection, not per write operation.

> But we could make this a rsync option, so that one can enable /
> disable it on its own.

I think the "right" rsync option to add (because rsync does
not have enough options already ;-) is a --hook-post option.
It would run something (a `sync` in your case) on the
remote end after finishing.  There are clear security issues
here.

Rather than having --hook-post and having to do something
(a server side config option that says what --hook-post
can do?) to address the security concerns it seems much
simpler to improve the rsync documentation regarding running
the rsync server side.

I'm still using command="rsync --server --daemon ." in my
~/.ssh/authorized_keys file on the remote end.  It'd be simple 
enough to add, say, a "sync" to the end of this to force a sync
when rsync finishes.  The problem is that the --server (and, especially,
--daemon) documentation has gone away.  Or at least
left the man page. (v3.1.1, Debian 8, Jessie)  Except
for a hint that --server exists at the bottom.

If the server side of rsync was better documented then
perhaps a simple inetd rsync service (or --rsync-path
or -e value, etc.) would be easy for the end-user to 
cobble together to meet needs such as this.

Can somebody please explain --server?  (And --sender, I guess.)
I might (possibly) be motivated to send in a man page patch.

Regards,

Karl 
Free Software:  "You don't pay back, you pay forward."
 -- Robert A. Heinlein

-- 
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html