At 05:46 AM 7/12/98 +0800, FTP Administration wrote:
>How about using hard links on the main site, and then we can use the
>-H option with rsync? Then we'd have none of this worrying about bad
>symlinks. <smile>
>
>Seriously though ... on the "how to mirror" page, the instructions are
>to use only the -rtvz flags. For those of us with existing mirrors,
>then our symlinks will already be okay. However, if someone was
>starting up a fresh one, or the main site changes their symlinks, then
>that rsync command will not produce a faithful mirror of the site.
"from-cvs" changes on a daily basis and is somewhat silly to pull down
anyways, so don't worry about that one.
"sinix_5.4 -> reliantunix_5.4" isn't a big deal if it's missing.
I'll ask the perl and java folks to make their stuff not use symlinks. As
far as I can tell they've done it just as a convenience. I'll remind them
that a benefit of not doing that is that all of the sudden they have 178
mirror sites of their content they can point to :)
>We're not running hundreds of mirrors, but we do have a few. wu-ftpd
>is chrooted, which is fine, and we also serve the files by http, using
>Apache. I followed the advice on Apache's "Security Tips" page, and
>did a <Directory /> directive, making / unavailable, and then turning
>access back on for the anonymous ftp directory. This way, a symlink
>to / might be visible, and FollowSymLinks might be on, but the server
>should not be able to read what the symlink points to.
>
>I strongly advise other people to do the same if they haven't done so
>already. Read "docs/misc/security_tips.html" in your mirror for more
>info. :)
Yes, smart to do this. This is also now the default config distributed
with Apache.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
pure chewing satisfaction [EMAIL PROTECTED]
[EMAIL PROTECTED]
